diff --git a/keyserver/package.json b/keyserver/package.json
--- a/keyserver/package.json
+++ b/keyserver/package.json
@@ -83,7 +83,7 @@
"rereadable-stream": "^1.4.5",
"rust-node-addon": "0.0.1",
"sharp": "^0.30.5",
- "siwe": "^1.1.6",
+ "siwe": "^2.1.4",
"sql-template-strings": "^2.2.2",
"tcomb": "^3.2.29",
"twin-bcrypt": "^2.1.1",
diff --git a/keyserver/src/responders/user-responders.js b/keyserver/src/responders/user-responders.js
--- a/keyserver/src/responders/user-responders.js
+++ b/keyserver/src/responders/user-responders.js
@@ -3,7 +3,7 @@
import type { Utility as OlmUtility } from '@commapp/olm';
import invariant from 'invariant';
import { getRustAPI } from 'rust-node-addon';
-import { ErrorTypes, SiweMessage } from 'siwe';
+import { SiweErrorType, SiweMessage } from 'siwe';
import t, { type TInterface, type TUnion, type TEnums } from 'tcomb';
import bcrypt from 'twin-bcrypt';
@@ -606,17 +606,14 @@
// 4. Validate SIWEMessage signature and handle possible errors.
try {
- await siweMessage.validate(signature);
+ await siweMessage.verify({ signature });
} catch (error) {
- if (error === ErrorTypes.EXPIRED_MESSAGE) {
+ if (error === SiweErrorType.EXPIRED_MESSAGE) {
// Thrown when the `expirationTime` is present and in the past.
throw new ServerError('expired_message');
- } else if (error === ErrorTypes.INVALID_SIGNATURE) {
+ } else if (error === SiweErrorType.INVALID_SIGNATURE) {
// Thrown when the `validate()` function can't verify the message.
throw new ServerError('invalid_signature');
- } else if (error === ErrorTypes.MALFORMED_SESSION) {
- // Thrown when some required field is missing.
- throw new ServerError('malformed_session');
} else {
throw new ServerError('unknown_error');
}
diff --git a/lib/package.json b/lib/package.json
--- a/lib/package.json
+++ b/lib/package.json
@@ -56,7 +56,7 @@
"reselect": "^4.0.0",
"reselect-map": "^1.0.5",
"simple-markdown": "^0.7.2",
- "siwe": "^1.1.6",
+ "siwe": "^2.1.4",
"string-hash": "^1.1.3",
"tcomb": "^3.2.29",
"tinycolor2": "^1.4.1",
diff --git a/lib/types/siwe-types.js b/lib/types/siwe-types.js
--- a/lib/types/siwe-types.js
+++ b/lib/types/siwe-types.js
@@ -120,7 +120,7 @@
// This field will be removed in future releases and will rely on the
// message version.
+type?: 'Personal signature',
- +validate: (signature: string, provider?: any) => Promise<SIWEMessage>,
+ +verify: ({ +signature: string, ... }) => Promise<mixed>,
+toMessage: () => string,
};
diff --git a/patches/siwe+2.1.4.patch b/patches/siwe+2.1.4.patch
new file mode 100644
--- /dev/null
+++ b/patches/siwe+2.1.4.patch
@@ -0,0 +1,27 @@
+diff --git a/node_modules/siwe/dist/utils.js b/node_modules/siwe/dist/utils.js
+index 6f6e67b..e721d44 100644
+--- a/node_modules/siwe/dist/utils.js
++++ b/node_modules/siwe/dist/utils.js
+@@ -15,7 +15,7 @@ const ethers_1 = require("ethers");
+ const ethersCompat_1 = require("./ethersCompat");
+ const EIP1271_ABI = ["function isValidSignature(bytes32 _message, bytes _signature) public view returns (bytes4)"];
+ const EIP1271_MAGICVALUE = "0x1626ba7e";
+-const ISO8601 = /^(?<date>[0-9]{4}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01]))[Tt]([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9]|60)(.[0-9]+)?(([Zz])|([+|-]([01][0-9]|2[0-3]):[0-5][0-9]))$/;
++const ISO8601 = /^([0-9]{4}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01]))[Tt]([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9]|60)(.[0-9]+)?(([Zz])|([+|-]([01][0-9]|2[0-3]):[0-5][0-9]))$/;
+ /**
+ * This method calls the EIP-1271 method for Smart Contract wallets
+ * @param message The EIP-4361 parsed message
+@@ -66,11 +66,11 @@ const isValidISO8601Date = (inputDate) => {
+ return false;
+ }
+ /* Creates a date object with input date to parse for invalid days e.g. Feb, 30 -> Mar, 01 */
+- const inputDateParsed = new Date(inputMatch.groups.date).toISOString();
++ const inputDateParsed = new Date(inputMatch[1]).toISOString();
+ /* Get groups from new parsed date to compare with the original input */
+ const parsedInputMatch = ISO8601.exec(inputDateParsed);
+ /* Compare remaining fields */
+- return inputMatch.groups.date === parsedInputMatch.groups.date;
++ return inputMatch[1] === parsedInputMatch[1];
+ };
+ exports.isValidISO8601Date = isValidISO8601Date;
+ const checkInvalidKeys = (obj, keys) => {
diff --git a/web/package.json b/web/package.json
--- a/web/package.json
+++ b/web/package.json
@@ -96,7 +96,6 @@
"redux-thunk": "^2.2.0",
"reselect": "^4.0.0",
"simple-markdown": "^0.7.2",
- "siwe": "^1.1.6",
"thumbhash": "^0.1.1",
"tinycolor2": "^1.4.1",
"uuid": "^3.4.0",
diff --git a/yarn.lock b/yarn.lock
--- a/yarn.lock
+++ b/yarn.lock
@@ -4575,13 +4575,6 @@
uri-js "^4.4.1"
valid-url "^1.0.9"
-"@spruceid/siwe-parser@^1.1.3":
- version "1.1.3"
- resolved "https://registry.yarnpkg.com/@spruceid/siwe-parser/-/siwe-parser-1.1.3.tgz#0eebe8bbd63c6de89cb44c06b6329b00b305df65"
- integrity sha512-oQ8PcwDqjGWJvLmvAF2yzd6iniiWxK0Qtz+Dw+gLD/W5zOQJiKIUXwslHOm8VB8OOOKW9vfR3dnPBhHaZDvRsw==
- dependencies:
- apg-js "^4.1.1"
-
"@stablelib/aead@^1.0.1":
version "1.0.1"
resolved "https://registry.yarnpkg.com/@stablelib/aead/-/aead-1.0.1.tgz#c4b1106df9c23d1b867eb9b276d8f42d5fc4c0c3"
@@ -21949,15 +21942,6 @@
resolved "https://registry.yarnpkg.com/sisteransi/-/sisteransi-1.0.5.tgz#134d681297756437cc05ca01370d3a7a571075ed"
integrity sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==
-siwe@^1.1.6:
- version "1.1.6"
- resolved "https://registry.yarnpkg.com/siwe/-/siwe-1.1.6.tgz#b4b4fe7814654d5ea529171b2ede15f7ef7ef1ae"
- integrity sha512-3WRdEil32Tc2vuNzqJ2/Z/MIvsvy0Nkzc2ov+QujmpHO7tM83dgcb47z0Pu236T4JQkOQCqQkq3AJ/rVIezniA==
- dependencies:
- "@spruceid/siwe-parser" "^1.1.3"
- "@stablelib/random" "^1.0.1"
- apg-js "^4.1.1"
-
siwe@^2.1.4:
version "2.1.4"
resolved "https://registry.yarnpkg.com/siwe/-/siwe-2.1.4.tgz#005a8be3e61224a86bd3457f60fdaab626f2d1d4"