-
-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Custom wallet #106
Custom wallet #106
Conversation
src/components/Example/Example.tsx
Outdated
|
||
const forSigning = Buffer.from( | ||
this.algosdk.encodeObj({ | ||
txn: unsignedTxn.get_obj_for_encoding() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had a look at get_obj_for_encoding
and it looks to me that it doesn't spit out the transaction in a format that is ready to be encoded + hashed + signed other than in goal (i.e cold vault system, hsm, hashicorp vault, raw EdDSA tool, etc)
get_obj_for_encoding
returns the tx object with public keys instead of the addresses; which is what you would expect in a properly "ready-to-encode-and-sign" message. I think there's a goal
bias here.
Wondering if anyone has ran into issues related to this and if we should rely algosdk.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In your implementation could you create the tx object using get_obj_for_encoding()
then replace the public key with the address before encoding? algosdk.encodeAddress(new Uint8Array(Buffer.from(tx.snd, 'base64')))
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would there be a way to satisfy both the goal
and non-goal
use cases? If not, as an example I'd imagine goal
is the easiest way to demo the provider. An alternative solution could be added to the documentation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For non-goal signing... Maybe we could use algosdk#Transaction::bytesToSign() instead? Those can be "raw" signed by any system that can do EdDSA and produce a valid signature. We would then need non-goal instructions to add the signature. I can prep something.
What do you think @drichar ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds good! If you can provide an example that works for you, we can add a new Storybook story that demonstrates EdDSA signing.
Re: bytesToSign()
though, doesn't that also rely on get_obj_for_encoding()
and return the public key?
https://github.com/algorand/js-algorand-sdk/blob/develop/src/transaction.ts#L1116
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @drichar it does; but bytesToSign()
knows how to perform all the rights tricks and conversions to spit out the raw data to perform EdDSA on.
I think i found the one flow to conquer it all :
- Return the result of bytesToSign() instead of get_obj_for_encoding()
- update the instructions to use the
rawsend
method ongoal
. - An alternative to goal could be the raw REST endpoint to post to any node described here: https://developer.algorand.org/docs/rest-apis/algod/#post-v2transactions
That should cover any situation where someone is signing with whatever (libsodium, tweenacl, HSM, Hashicorp Vault, Copper, anything that supports Ed25519 / EdDSA).
Thoughts?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CC: @robdmoore
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Love it! Thanks for investigating. Will make this change when I come back to the PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unfortunately, when trying this out it's not possible to get goal to rawsign, you can only rawsend, which can't work with this provider since we don't want goal to actually send the transaction :/
My suggestion would be that the wallet provider implementation that supports both has a tab/button to select between goal and non-goal signing and provides a different base64 to copy/paste.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @robdmoore for your contribution!
I tested the demo in Storybook using goal
and it works as expected. I left a few comments; the requested change is to move the provider class to its own file. Everything else looks great.
Usually I would ask for the documentation to be updated when adding a new feature, but I still need to add KMD
and MNEMONIC
documentation anyway... I can also add a section for the CUSTOM
provider. I might have you take a look at that when it's ready if you don't mind.
Edit: We're thrilled to see use-wallet on the XGov site! I'll add it to the "Used By" section of the README 🙌
Minor comment but I noticed you mentioned updating Prettier config to support auto-save, but I didn't see it in the changes. Locally I have a It probably does make sense to include it in version control though. |
@robdmoore I think using What are your thoughts @aorumbayev? (We were discussing this on Discord) |
@drichar yes perhaps Manual, Airgap or Offline might be a bit better? |
Hey, busy week so it'll take me a few days to reply properly and adjust the PR, but I will do. Re: custom vs manual etc. I specifically designed this wallet to allow for an app to develop a custom wallet as an extensibility hook. We could totally simplify it to instead be manual wallet only, but the way you display it ideally needs to be specific to the app e.g. look at what I did for voting app: https://github.com/algorandfoundation/nft_voting_tool/blob/main/src/xgov-dapp/src/features/wallet/ManualWallet.tsx |
No worries @robdmoore! If it's easier I could move the Thanks for explaining your reasoning behind the |
Just letting you know I haven't forgotten this and I will still be coming back and fixing it up ready for merge. Apologies for the delay thusfar. |
Added that in |
I'm not sure where the documentation should go for this? It doesn't feel like a standard use case so probably warrants its own section? |
Also made the clipboard code more robust
I think this PR is good to go, the only thing left is the documentation. Potentially we could write some automated tests too, but I suspect they may be of limited value in this case. |
Thanks @robdmoore for making these changes! This looks great. I'll take a stab at the documentation. I agree it warrants its own section. If you don't mind, I might ask you or @aorumbayev to give it a read before shipping it. FYI, just today I was thinking I may utilize the custom provider for something new we're cooking up. I really like the flexibility this feature introduces to the library. Appreciate your work on this. |
If you'd like to handle the documentation, go for it! I probably won't get to this until tomorrow. Let me know if you would like to write it instead. |
Feel free I’m happy to review!On 26 Sep 2023, at 6:43 am, Doug Richar ***@***.***> wrote:
I'm not sure where the documentation should go for this? It doesn't feel like a standard use case so probably warrants its own section?
If you'd like to handle the documentation, go for it! I probably won't get to this until tomorrow. Let me know if you would like to write it instead.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: ***@***.***>
|
Description
rm -rf
withrimraf
Checklist
I didn't add test or README yet since I wanted to first raise this for comment.
If you want to see an example of the initial wallet in action, check out https://testnet.xgov.algorand.foundation/. Note: at the moment the copy/paste is a bit intermittent, but I'm working to fix that.