feat: added secp256k1-2020 context

hypersign-protocol · Sep 25, 2023 · c4f2a40 · c4f2a40
1 parent f0d4995
commit c4f2a40
Show file tree

Hide file tree

Showing 11 changed files with 275 additions and 47 deletions.
diff --git a/cmd/hid-noded/cmd/debug_extensions.go b/cmd/hid-noded/cmd/debug_extensions.go
@@ -337,8 +337,8 @@ func signSchemaDocCmd() *cobra.Command {
 				if err != nil {
 					return err
 				}
-			case "recover-eth":
-				signature, err = hidnodecli.GetEthRecoverySignature(argPrivateKey, schemaDocBytes)
+			case types.EcdsaSecp256k1RecoverySignature2020:
+				signature, err = hidnodecli.GetEcdsaSecp256k1RecoverySignature2020(argPrivateKey, schemaDocBytes)
 				if err != nil {
 					return err
 				}
@@ -399,8 +399,8 @@ func signCredStatusDocCmd() *cobra.Command {
 				if err != nil {
 					return err
 				}
-			case "recover-eth":
-				signature, err = hidnodecli.GetEthRecoverySignature(argPrivateKey, credStatusDocBytes)
+			case types.EcdsaSecp256k1RecoverySignature2020:
+				signature, err = hidnodecli.GetEcdsaSecp256k1RecoverySignature2020(argPrivateKey, credStatusDocBytes)
 				if err != nil {
 					return err
 				}
@@ -443,14 +443,14 @@ func ed25519RandomCmd() *cobra.Command {
 			publicKeyWithHeader = append(publicKeyWithHeader, append([]byte{0xed, 0x01}, pubKey...)...)
 
 			keyInfo := struct {
-				PubKeyMultibase string `json:"pub_key_multibase"`
-				PrivKeyMultibase   string `json:"priv_key_base_64"`
+				PubKeyMultibase  string `json:"pub_key_multibase"`
+				PrivKeyMultibase string `json:"priv_key_base_64"`
 			}{
 				PubKeyMultibase: "z" + base58.Encode(publicKeyWithHeader),
 				// W3C's Ed25519VerificationKey2020 Specification has not explicitly mentioned about the encoding of the private key
 				// or whether it should be prefixed similar to the public key. For now, the encoding of private key remains Base64
-				// with no prefix 
-				PrivKeyMultibase:   base64.StdEncoding.EncodeToString(privKey),
+				// with no prefix
+				PrivKeyMultibase: base64.StdEncoding.EncodeToString(privKey),
 			}
 
 			keyInfoJson, err := json.Marshal(keyInfo)

diff --git a/tests/e2e/ssi_tests/e2e_tests.py b/tests/e2e/ssi_tests/e2e_tests.py
@@ -154,24 +154,24 @@ def key_agrement_test():
 def unique_wallet_address_test():
     print("\n---1. FAIL: Alice Creates a DID Doc. Bob attempts to create a DID Document by adding one of Alice's VM.---\n")
 
-    kp_alice = generate_key_pair("recover-eth")
+    kp_alice = generate_key_pair("EcdsaSecp256k1RecoverySignature2020")
     signers = []
-    did_doc_string = generate_did_document(kp_alice, "recover-eth")
+    did_doc_string = generate_did_document(kp_alice, "EcdsaSecp256k1RecoverySignature2020")
     did_doc_alice = did_doc_string["id"]
     did_doc_alice_vm = did_doc_string["verificationMethod"][0]
     signPair_alice = {
         "kp": kp_alice,
         "verificationMethodId": did_doc_string["verificationMethod"][0]["id"],
-        "signing_algo": "recover-eth"
+        "signing_algo": "EcdsaSecp256k1RecoverySignature2020"
     }
     signers.append(signPair_alice)
     create_tx_cmd = form_did_create_tx_multisig(did_doc_string, signers, DEFAULT_BLOCKCHAIN_ACCOUNT_NAME)
     run_blockchain_command(create_tx_cmd, f"Registering Alice's DID with Id: {did_doc_alice}")
 
     # Create Bob's DID with Alice's VM
-    kp_bob = generate_key_pair("recover-eth")
+    kp_bob = generate_key_pair("EcdsaSecp256k1RecoverySignature2020")
     signers = []
-    did_doc_string = generate_did_document(kp_bob, "recover-eth")
+    did_doc_string = generate_did_document(kp_bob, "EcdsaSecp256k1RecoverySignature2020")
     did_doc_bob = did_doc_string["id"]
     did_doc_string["controller"] = [did_doc_alice]
     did_doc_string["verificationMethod"] = [did_doc_alice_vm]
@@ -181,15 +181,15 @@ def unique_wallet_address_test():
 
     print("\n---2. FAIL: Charlie creates a DID Document. After that, Charlie attempts to update its DID Document by adding one of Alice's VM for which valid signature is passed.---\n")
 
-    kp_charlie = generate_key_pair("recover-eth")
+    kp_charlie = generate_key_pair("EcdsaSecp256k1RecoverySignature2020")
     signers = []
-    did_doc_string_charlie = generate_did_document(kp_charlie, "recover-eth")
+    did_doc_string_charlie = generate_did_document(kp_charlie, "EcdsaSecp256k1RecoverySignature2020")
     did_doc_charlie_id = did_doc_string_charlie["id"]
     did_doc_charlie_vm = did_doc_string_charlie["verificationMethod"][0]
     signPair_charlie = {
         "kp": kp_charlie,
         "verificationMethodId": did_doc_string_charlie["verificationMethod"][0]["id"],
-        "signing_algo": "recover-eth"
+        "signing_algo": "EcdsaSecp256k1RecoverySignature2020"
     }
     signers.append(signPair_charlie)
     create_tx_cmd = form_did_create_tx_multisig(did_doc_string_charlie, signers, DEFAULT_BLOCKCHAIN_ACCOUNT_NAME)
@@ -219,15 +219,15 @@ def unique_wallet_address_test():
     print("\n---4. PASS: Charlie removes one of its Verification Methods. George creates a didDoc for himself. He then proceed to update his DID Document by adding the Verification method removed by Charlie---\n")
 
     # Create George's DIDDoc
-    kp_george = generate_key_pair("recover-eth")
+    kp_george = generate_key_pair("EcdsaSecp256k1RecoverySignature2020")
     signers = []
-    did_doc_string_george = generate_did_document(kp_george, "recover-eth")
+    did_doc_string_george = generate_did_document(kp_george, "EcdsaSecp256k1RecoverySignature2020")
     did_doc_george_id = did_doc_string_george["id"]
     did_doc_george_vm = did_doc_string_george["verificationMethod"][0]
     signPair_george = {
         "kp": kp_george,
         "verificationMethodId": did_doc_string_george["verificationMethod"][0]["id"],
-        "signing_algo": "recover-eth"
+        "signing_algo": "EcdsaSecp256k1RecoverySignature2020"
     }
     signers.append(signPair_george)
     create_tx_cmd = form_did_create_tx_multisig(did_doc_string_george, signers, DEFAULT_BLOCKCHAIN_ACCOUNT_NAME)
@@ -301,8 +301,8 @@ def create_did_test():
     run_blockchain_command(create_tx_cmd, f"Registering DID with Id: {did_doc_org}")
 
     #Alice creates a DID where the controller only has Alice's DID and the verfication method has two ETH wallets added. Signature of all hot wallets are passed
-    kp_hot_wallet_1 = generate_key_pair("recover-eth")
-    kp_hot_wallet_2 = generate_key_pair("recover-eth")
+    kp_hot_wallet_1 = generate_key_pair("EcdsaSecp256k1RecoverySignature2020")
+    kp_hot_wallet_2 = generate_key_pair("EcdsaSecp256k1RecoverySignature2020")
     kp_org = generate_key_pair()
 
     did_doc_string = generate_did_document(kp_org)
@@ -326,12 +326,12 @@ def create_did_test():
     signPair_hotWallet1 = {
         "kp": kp_hot_wallet_1,
         "verificationMethodId": did_doc_string["verificationMethod"][0]["id"],
-        "signing_algo": "recover-eth"
+        "signing_algo": "EcdsaSecp256k1RecoverySignature2020"
     }
     signPair_hotWallet2 = {
         "kp": kp_hot_wallet_2,
         "verificationMethodId": did_doc_string["verificationMethod"][1]["id"],
-        "signing_algo": "recover-eth"
+        "signing_algo": "EcdsaSecp256k1RecoverySignature2020"
     }
 
     print("4. FAIL: Alice has a registered DID Document where Alice is the controller. Alice tries to register an Org DID Document where Alice is the sole controller, and there are two verification Methods, of type EcdsaSecp256k1RecoveryMethod2020, and Alice is the controller for each one of them. Signature is provided by only one of the VMs.\n")
@@ -882,7 +882,7 @@ def credential_status_test():
 
 def caip10_ethereum_support_test():
     print("\n--- CAIP-10 Test: Ethereum Chains ---\n")
-    kp_algo = "recover-eth"
+    kp_algo = "EcdsaSecp256k1RecoverySignature2020"
 
     # Invalid blockchain Account Ids
     invalid_blockchain_account_ids = [
@@ -1257,7 +1257,7 @@ def vm_type_test():
 
     # EcdsaSecp256k1RecoveryMethod2020
     print("7. FAIL: Registering DID Document with a verification method of type EcdsaSecp256k1RecoveryMethod2020. Only publicKeyMultibase is passed.")
-    kp_algo = "recover-eth"
+    kp_algo = "EcdsaSecp256k1RecoverySignature2020"
     kp = generate_key_pair(algo=kp_algo)
     did_doc_string = generate_did_document(kp, kp_algo)
     did_doc_id = did_doc_string["id"]
@@ -1274,7 +1274,7 @@ def vm_type_test():
     run_blockchain_command(create_tx_cmd, f"Registering DID with Id: {did_doc_id}", True, True)
 
     print("8. FAIL: Registering DID Document with a verification method of type EcdsaSecp256k1RecoveryMethod2020. Both publicKeyMultibase and blockchainAccountId is passed.")
-    kp_algo = "recover-eth"
+    kp_algo = "EcdsaSecp256k1RecoverySignature2020"
     kp = generate_key_pair(algo=kp_algo)
     did_doc_string = generate_did_document(kp, kp_algo)
     did_doc_id = did_doc_string["id"]
@@ -1290,7 +1290,7 @@ def vm_type_test():
     run_blockchain_command(create_tx_cmd, f"Registering DID with Id: {did_doc_id}", True, True)
 
     print("9. PASS: Registering DID Document with a verification method of type EcdsaSecp256k1RecoveryMethod2020. Only blockchainAccountId is passed.")
-    kp_algo = "recover-eth"
+    kp_algo = "EcdsaSecp256k1RecoverySignature2020"
     kp = generate_key_pair(algo=kp_algo)
     did_doc_string = generate_did_document(kp, kp_algo)
     did_doc_id = did_doc_string["id"]

diff --git a/tests/e2e/ssi_tests/generate_doc.py b/tests/e2e/ssi_tests/generate_doc.py
@@ -8,6 +8,7 @@
 
 ED25519_CONTEXT = "https://w3id.org/security/suites/ed25519-2020/v1"
 DID_CONTEXT = "https://www.w3.org/ns/did/v1"
+SECP256K1_RECOVERY_CONTEXT = "https://ns.did.ai/suites/secp256k1-2020/v1"
 
 def generate_did_document(key_pair, algo="Ed25519Signature2020", bech32prefix="hid", is_uuid=False):
     base_document = {
@@ -21,6 +22,8 @@ def generate_did_document(key_pair, algo="Ed25519Signature2020", bech32prefix="h
     }
     if algo == "Ed25519Signature2020":
         base_document["context"].append(ED25519_CONTEXT)
+    if algo == "EcdsaSecp256k1RecoverySignature2020":
+        base_document["context"].append(SECP256K1_RECOVERY_CONTEXT)
 
     did_id = generate_document_id("did", key_pair, algo, is_uuid)
 
@@ -30,7 +33,7 @@ def generate_did_document(key_pair, algo="Ed25519Signature2020", bech32prefix="h
         vm_type = "Ed25519VerificationKey2020"
     elif algo == "secp256k1":
         vm_type = "EcdsaSecp256k1VerificationKey2019"
-    elif algo == "recover-eth":
+    elif algo == "EcdsaSecp256k1RecoverySignature2020":
         vm_type = "EcdsaSecp256k1RecoveryMethod2020"
     elif algo == "bbs":
         vm_type = "Bls12381G2Key2020"
@@ -40,7 +43,7 @@ def generate_did_document(key_pair, algo="Ed25519Signature2020", bech32prefix="h
         raise Exception("unknown signing algorithm: " + key_pair)
 
     verification_method = {}
-    if algo == "recover-eth":
+    if algo == "EcdsaSecp256k1RecoverySignature2020":
         verification_method = {
             "id": "",
             "type": "",
@@ -55,7 +58,7 @@ def generate_did_document(key_pair, algo="Ed25519Signature2020", bech32prefix="h
             "publicKeyMultibase": ""
         }
 
-    if algo == "recover-eth":
+    if algo == "EcdsaSecp256k1RecoverySignature2020":
         verification_method["blockchainAccountId"] = "eip155:1:" + key_pair["ethereum_address"]
     elif algo == "secp256k1":
 
@@ -107,7 +110,7 @@ def generate_schema_document(key_pair, schema_author, vm, signature=None, algo="
         proof_type = "Ed25519Signature2020"
     elif algo == "secp256k1":
         proof_type = "EcdsaSecp256k1Signature2019"
-    elif algo == "recover-eth":
+    elif algo == "EcdsaSecp256k1RecoverySignature2020":
         proof_type = "EcdsaSecp256k1RecoverySignature2020"
     elif algo == "bbs":
         proof_type = "BbsBlsSignature2020"
@@ -155,7 +158,7 @@ def generate_cred_status_document(key_pair, cred_author, vm, signature=None, alg
         proof_type = "Ed25519Signature2020"
     elif algo == "secp256k1":
         proof_type = "EcdsaSecp256k1Signature2019"
-    elif algo == "recover-eth":
+    elif algo == "EcdsaSecp256k1RecoverySignature2020":
         proof_type = "EcdsaSecp256k1RecoverySignature2020"
     elif algo == "bbs":
         proof_type = "BbsBlsSignature2020"

diff --git a/tests/e2e/ssi_tests/transactions.py b/tests/e2e/ssi_tests/transactions.py
@@ -17,7 +17,7 @@ def form_did_create_tx_multisig(diddoc, signPairs, blockchain_account):
         vmId = signPair["verificationMethodId"]
         signAlgo = signPair["signing_algo"]
 
-        if signAlgo in ["recover-eth", "bjj"]:
+        if signAlgo in ["EcdsaSecp256k1RecoverySignature2020", "bjj"]:
             private_key = signPair["kp"]["priv_key_hex"]
         else:
             private_key = signPair["kp"]["priv_key_base_64"]
@@ -35,7 +35,7 @@ def form_did_update_tx_multisig(diddoc, signPairs, blockchain_account):
         vmId = signPair["verificationMethodId"]
         signAlgo = signPair["signing_algo"]
 
-        if signAlgo in ["recover-eth", "bjj"]:
+        if signAlgo in ["EcdsaSecp256k1RecoverySignature2020", "bjj"]:
             private_key = signPair["kp"]["priv_key_hex"]
         else:
             private_key = signPair["kp"]["priv_key_base_64"]
@@ -54,7 +54,7 @@ def form_did_deactivate_tx_multisig(didId, signPairs, blockchain_account):
         vmId = signPair["verificationMethodId"]
         signAlgo = signPair["signing_algo"]
 
-        if signAlgo in ["recover-eth", "bjj"]:
+        if signAlgo in ["EcdsaSecp256k1RecoverySignature2020", "bjj"]:
             private_key = signPair["kp"]["priv_key_hex"]
         else:
             private_key = signPair["kp"]["priv_key_base_64"]
@@ -66,7 +66,7 @@ def form_did_deactivate_tx_multisig(didId, signPairs, blockchain_account):
     return cmd_string
 
 def form_did_create_tx(did_doc, kp, blockchain_account, verificationMethodId=None, signing_algo="ed25519"):
-    if signing_algo in ["recover-eth", "bjj"]:
+    if signing_algo in ["EcdsaSecp256k1RecoverySignature2020", "bjj"]:
         private_key = kp["priv_key_hex"]
     else:
         private_key = kp["priv_key_base_64"]
@@ -86,7 +86,7 @@ def form_create_cred_status_tx(cred_msg, cred_proof, blockchain_account):
     return cmd_string
 
 def form_did_update_tx(did_doc, kp, blockchain_account, verificationMethodId=None, signing_algo="ed25519"):
-    if signing_algo in ["recover-eth", "bjj"]:
+    if signing_algo in ["EcdsaSecp256k1RecoverySignature2020", "bjj"]:
         private_key = kp["priv_key_hex"]
     else:
         private_key = kp["priv_key_base_64"]
@@ -98,7 +98,7 @@ def form_did_update_tx(did_doc, kp, blockchain_account, verificationMethodId=Non
     return cmd_string
 
 def form_did_deactivate_tx(did_doc_id, kp, blockchain_account, verificationMethodId=None, signing_algo="ed25519"):
-    if signing_algo in ["recover-eth", "hex"]:
+    if signing_algo in ["EcdsaSecp256k1RecoverySignature2020", "hex"]:
         private_key = kp["priv_key_hex"]
     else:
         private_key = kp["priv_key_base_64"]

diff --git a/tests/e2e/ssi_tests/utils.py b/tests/e2e/ssi_tests/utils.py
@@ -51,7 +51,7 @@ def generate_key_pair(algo="Ed25519Signature2020"):
         cmd = "hid-noded debug ed25519 random"
     elif algo == "secp256k1":
         cmd = "hid-noded debug secp256k1 random"
-    elif algo == "recover-eth":
+    elif algo == "EcdsaSecp256k1RecoverySignature2020":
         cmd = "hid-noded debug secp256k1 eth-hex-random"
     elif algo == "bbs":
         cmd = "hid-noded debug bbs random"
@@ -84,7 +84,7 @@ def generate_document_id(doc_type: str, kp: dict = None, algo: str = "Ed25519Sig
     if is_uuid:
         method_specific_id = str(uuid.uuid4())
     else:
-        if algo in ["recover-eth"]:
+        if algo in ["EcdsaSecp256k1RecoverySignature2020"]:
             method_specific_id = kp["ethereum_address"]
         else:
             method_specific_id = kp["pub_key_multibase"]
@@ -109,7 +109,7 @@ def is_blockchain_active(rpc_port):
         assert s.connect_ex(('localhost', rpc_port)) == 0, f"hid-noded is not running"
 
 def get_document_signature(doc: dict, doc_type: str, key_pair: dict, algo: str = "ed25519"):
-    if algo in ["recover-eth", "bjj"]:
+    if algo in ["EcdsaSecp256k1RecoverySignature2020", "bjj"]:
         private_key = key_pair["priv_key_hex"]
     else:
         private_key = key_pair["priv_key_base_64"]

diff --git a/x/ssi/client/cli/tx_utils.go b/x/ssi/client/cli/tx_utils.go
@@ -93,7 +93,7 @@ func GetBJJSignature(privateKey string, message []byte) (string, error) {
 	return signatureHex, nil
 }
 
-func GetEthRecoverySignature(privateKey string, message []byte) (string, error) {
+func GetEcdsaSecp256k1RecoverySignature2020(privateKey string, message []byte) (string, error) {
 	// Decode key into bytes
 	privKeyBytes, err := hex.DecodeString(privateKey)
 	if err != nil {
@@ -179,8 +179,13 @@ func getSignatures(cmd *cobra.Command, didDoc *types.Did, cmdArgs []string) ([]*
 			if err != nil {
 				return nil, err
 			}
-		case "recover-eth":
-			signInfoList[i].Signature, err = GetEthRecoverySignature(didSigningElementsList[i].SignKey, didDoc.GetSignBytes())
+		case types.EcdsaSecp256k1RecoverySignature2020:
+			didDocBytes, err := ldcontext.EcdsaSecp256k1RecoverySignature2020Canonize(didDoc)
+			if err != nil {
+				return nil, err
+			}
+
+			signInfoList[i].Signature, err = GetEcdsaSecp256k1RecoverySignature2020(didSigningElementsList[i].SignKey, didDocBytes)
 			if err != nil {
 				return nil, err
 			}