diff --git a/keyserver/src/creators/account-creator.js b/keyserver/src/creators/account-creator.js --- a/keyserver/src/creators/account-creator.js +++ b/keyserver/src/creators/account-creator.js @@ -22,6 +22,7 @@ } from 'lib/types/device-types.js'; import type { CalendarQuery } from 'lib/types/entry-types.js'; import { messageTypes } from 'lib/types/message-types'; +import type { SIWESocialProof } from 'lib/types/siwe-types.js'; import { threadTypes } from 'lib/types/thread-types'; import { ServerError } from 'lib/utils/errors'; import { values } from 'lib/utils/objects'; @@ -208,6 +209,7 @@ +deviceTokenUpdateRequest?: ?DeviceTokenUpdateRequest, +platformDetails: PlatformDetails, +primaryIdentityPublicKey: ?string, + +socialProof: SIWESocialProof, }; // Note: `processSIWEAccountCreation(...)` assumes that the validity of // `ProcessSIWEAccountCreationRequest` was checked at call site. @@ -237,6 +239,7 @@ platformDetails: request.platformDetails, deviceToken, primaryIdentityPublicKey: request.primaryIdentityPublicKey, + socialProof: request.socialProof, }), deleteCookie(viewer.cookieID), dbQuery(newUserQuery), diff --git a/keyserver/src/responders/user-responders.js b/keyserver/src/responders/user-responders.js --- a/keyserver/src/responders/user-responders.js +++ b/keyserver/src/responders/user-responders.js @@ -26,7 +26,11 @@ } from 'lib/types/account-types'; import type { CalendarQuery } from 'lib/types/entry-types.js'; import { defaultNumberPerThread } from 'lib/types/message-types'; -import type { SIWEAuthRequest, SIWEMessage } from 'lib/types/siwe-types.js'; +import type { + SIWEAuthRequest, + SIWEMessage, + SIWESocialProof, +} from 'lib/types/siwe-types.js'; import type { SubscriptionUpdateRequest, SubscriptionUpdateResponse, @@ -204,6 +208,7 @@ userID: string, calendarQuery: ?CalendarQuery, primaryIdentityPublicKey?: ?string, + socialProof?: ?string, ): Promise { const request: LogInRequest = input; const newServerTime = Date.now(); @@ -215,6 +220,7 @@ platformDetails: request.platformDetails, deviceToken, primaryIdentityPublicKey, + socialProof, }), deleteCookie(viewer.cookieID), ]); @@ -383,7 +389,14 @@ ? getPublicKeyFromSIWEStatement(statement) : null; - // 5. Create account with call to `processSIWEAccountCreation(...)` + // 5. Construct `SIWESocialProof` object with the stringified + // SIWEMessage and the corresponding signature. + const socialProof: SIWESocialProof = { + siweMessage: siweMessage.toMessage(), + siweMessageSignature: signature, + }; + + // 6. Create account with call to `processSIWEAccountCreation(...)` // if address does not correspond to an existing user. let userID = await fetchUserIDForEthereumAddress(siweMessage.address); if (!userID) { @@ -392,6 +405,7 @@ deviceTokenUpdateRequest: deviceTokenUpdateRequest, platformDetails, primaryIdentityPublicKey: primaryIdentityPublicKey, + socialProof: socialProof, }; userID = await processSIWEAccountCreation( viewer, @@ -399,13 +413,14 @@ ); } - // 6. Complete login with call to `processSuccessfulLogin(...)`. + // 7. Complete login with call to `processSuccessfulLogin(...)`. return await processSuccessfulLogin( viewer, input, userID, calendarQuery, primaryIdentityPublicKey, + socialProof, ); } diff --git a/keyserver/src/session/cookies.js b/keyserver/src/session/cookies.js --- a/keyserver/src/session/cookies.js +++ b/keyserver/src/session/cookies.js @@ -19,6 +19,7 @@ sessionIdentifierTypes, type SessionIdentifierType, } from 'lib/types/session-types'; +import type { SIWESocialProof } from 'lib/types/siwe-types.js'; import type { InitialClientSocketMessage } from 'lib/types/socket-types'; import type { UserInfo } from 'lib/types/user-types'; import { values } from 'lib/utils/objects'; @@ -645,6 +646,7 @@ platformDetails: PlatformDetails, deviceToken?: ?string, primaryIdentityPublicKey?: ?string, + socialProof?: ?SIWESocialProof, }; // The result of this function should never be passed directly to the Viewer @@ -658,7 +660,12 @@ userID: string, params: UserCookieCreationParams, ): Promise { - const { platformDetails, deviceToken, primaryIdentityPublicKey } = params; + const { + platformDetails, + deviceToken, + primaryIdentityPublicKey, + socialProof, + } = params; const { platform, ...versions } = platformDetails || defaultPlatformDetails; const versionsString = Object.keys(versions).length > 0 ? JSON.stringify(versions) : null; @@ -681,10 +688,11 @@ deviceToken, versionsString, primaryIdentityPublicKey, + JSON.stringify(socialProof), ]; const query = SQL` INSERT INTO cookies(id, hash, user, platform, creation_time, last_used, - device_token, versions, public_key) + device_token, versions, public_key, social_proof) VALUES ${[cookieRow]} `; await dbQuery(query); diff --git a/lib/types/siwe-types.js b/lib/types/siwe-types.js --- a/lib/types/siwe-types.js +++ b/lib/types/siwe-types.js @@ -26,6 +26,11 @@ ...LogInExtraInfo, }; +export type SIWESocialProof = { + siweMessage: string, + siweMessageSignature: string, +}; + // This is a message that the rendered webpage (landing/siwe.react.js) uses to // communicate back to the React Native WebView that is rendering it // (native/account/siwe-panel.react.js) @@ -106,4 +111,5 @@ // message version. +type?: 'Personal signature', +validate: (signature: string, provider?: any) => Promise, + +toMessage: () => string, };