Add support for sign messages

narval-xyz · Feb 27, 2024 · 2421728 · 2421728
1 parent bd13b97
commit 2421728
Show file tree

Hide file tree

Showing 8 changed files with 1,502 additions and 1,434 deletions.
diff --git a/apps/policy-engine/src/opa/rego/generated/d7bd819a-c94c-413a-ab32-b537ae0a6bc9.rego b/apps/policy-engine/src/opa/rego/generated/d7bd819a-c94c-413a-ab32-b537ae0a6bc9.rego
diff --git a/apps/policy-engine/src/opa/rego/generated/e34d408a-53c2-4dd4-a5bb-073a3aeb2c41.rego b/apps/policy-engine/src/opa/rego/generated/e34d408a-53c2-4dd4-a5bb-073a3aeb2c41.rego
diff --git a/apps/policy-engine/src/opa/script/evaluate-legacy-policy.script.ts b/apps/policy-engine/src/opa/script/evaluate-legacy-policy.script.ts
@@ -73,6 +73,63 @@ export const run = async () => {
       }
     }
 
+    if (request.action === Action.SIGN_MESSAGE) {
+      const intentResult = safeDecode({
+        input: {
+          type: InputType.MESSAGE,
+          payload: request.message
+        }
+      })
+
+      if (intentResult?.success === false) {
+        console.log(`Could not decode intent: ${intentResult.error.message}`, JSON.stringify(request.message, null, 2))
+        continue
+      }
+
+      input = {
+        action: request.action,
+        intent: intentResult?.intent,
+        principal: {
+          uid: initiator_user_id,
+          userId: initiator_user_id,
+          alg: 'ES256K',
+          pubKey: ''
+        },
+        resource: request.resourceId ? { uid: request.resourceId } : undefined,
+        approvals: []
+      }
+    }
+
+    if (request.action === Action.SIGN_TYPED_DATA) {
+      const intentResult = safeDecode({
+        input: {
+          type: InputType.TYPED_DATA,
+          typedData: JSON.parse(request.typedData)
+        }
+      })
+
+      if (intentResult?.success === false) {
+        console.log(
+          `Could not decode intent: ${intentResult.error.message}`,
+          JSON.stringify(request.typedData, null, 2)
+        )
+        continue
+      }
+
+      input = {
+        action: request.action,
+        intent: intentResult?.intent,
+        principal: {
+          uid: initiator_user_id,
+          userId: initiator_user_id,
+          alg: 'ES256K',
+          pubKey: ''
+        },
+        resource: request.resourceId ? { uid: request.resourceId } : undefined,
+        approvals: []
+      }
+    }
+
     const OPA_WASM_PATH = path.join(process.cwd(), './rego-build/policy.wasm')
     const policyWasm = readFileSync(OPA_WASM_PATH)
     const opaEngine = await loadPolicy(policyWasm, undefined, { 'time.now_ns': () => new Date().getTime() * 1000000 })
@@ -81,16 +138,16 @@ export const run = async () => {
     const evalResult: { result: OpaResult }[] = await opaEngine.evaluate(input, 'main/evaluate')
     const results = evalResult.map(({ result }) => result)
 
-    // if (request.action === Action.SIGN_TRANSACTION && status == 'denied' && results[0].permit) {
+    // if (status == 'denied' && results[0].permit) {
     //   // console.log({ id: results[0].reasons.map((reason) => reason.policyName), status, result: results[0].permit })
     //   if ((input.intent as any).type.includes('transfer')) {
     //     console.log({ intent: input.intent, initiator_user_id, status, result: results[0].permit })
     //   }
     // }
 
-    if (request.action === Action.SIGN_TRANSACTION && status == 'completed' && !results[0].permit) {
-      console.log({ id: results[0].reasons.map((reason) => reason.policyName), status, result: results[0].permit })
-    }
+    // if (status == 'completed' && !results[0].permit) {
+    //   console.log({ id: results[0].reasons.map((reason) => reason.policyName), status, result: results[0].permit })
+    // }
   }
 }
 

diff --git a/apps/policy-engine/src/opa/script/requests/legacy-requests.json b/apps/policy-engine/src/opa/script/requests/legacy-requests.json
diff --git a/packages/policy-engine-shared/src/lib/type/action.type.ts b/packages/policy-engine-shared/src/lib/type/action.type.ts
@@ -97,6 +97,12 @@ export type SignMessageAction = BaseAction & {
   message: string
 }
 
+export type SignTypedDataAction = BaseAction & {
+  action: typeof Action.SIGN_TYPED_DATA
+  resourceId: string
+  typedData: string
+}
+
 export type CreateOrganizationAction = BaseAction & {
   action: typeof Action.CREATE_ORGANIZATION
   organization: {

diff --git a/packages/policy-engine-shared/src/lib/type/domain.type.ts b/packages/policy-engine-shared/src/lib/type/domain.type.ts
@@ -1,5 +1,11 @@
 import { AssetId } from '../util/caip.util'
-import { CreateOrganizationAction, SignMessageAction, SignTransactionAction, Signature } from './action.type'
+import {
+  CreateOrganizationAction,
+  SignMessageAction,
+  SignTransactionAction,
+  SignTypedDataAction,
+  Signature
+} from './action.type'
 
 export enum Decision {
   PERMIT = 'Permit',
@@ -88,7 +94,7 @@ export type HistoricalTransfer = {
  */
 export type Prices = Record<AssetId, Record<string, number>>
 
-export type Request = SignTransactionAction | SignMessageAction | CreateOrganizationAction
+export type Request = SignTransactionAction | SignMessageAction | SignTypedDataAction | CreateOrganizationAction
 
 /**
  * The feeds represent arbitrary data collected by the Armory and

diff --git a/packages/transaction-request-intent/src/lib/decoders/decode.ts b/packages/transaction-request-intent/src/lib/decoders/decode.ts
@@ -153,7 +153,7 @@ const decode = ({ input, config = defaultConfig }: { input: DecodeInput; config?
       return {
         type: Intents.SIGN_RAW,
         algorithm: input.raw.algorithm,
-        payload: input.raw.rawData
+        payload: input.raw.payload
       }
     default:
       throw new DecoderError({ message: 'Invalid input type', status: 400 })

diff --git a/packages/transaction-request-intent/src/lib/domain.ts b/packages/transaction-request-intent/src/lib/domain.ts
@@ -11,7 +11,7 @@ export type Eip712Domain = {
 }
 
 export type Raw = {
-  rawData: string
+  payload: string
   algorithm: Alg
 }