feat: support solana customs

Author: shenao78

Cargo.lock

@@ -34,8 +34,8 @@ ic-agent = "0.39"
 ic-cdk = "0.17"
 ic-canister-log = "0.2"
 ic-canisters-http-types = { git = "https://github.com/dfinity/ic", package = "ic-canisters-http-types" }
-ic-crypto-ed25519 = { git = "https://github.com/dfinity/ic", package = "ic-crypto-ed25519" }
-ic-management-canister-types = { git = "https://github.com/dfinity/ic", package = "ic-management-canister-types" }
+ic-crypto-ed25519 = { package = "ic-ed25519", version = "0.2.0"}
+ic-management-canister-types = "0.1.0"
 ic-test-utilities-load-wasm = { git = "https://github.com/dfinity/ic", rev = "release-2024-09-26_01-31-base" }
 ic-metrics-encoder = "1"
 ic-stable-structures = "0.6"

Cargo.toml

@@ -1,11 +1,16 @@
 {
   "canisters": {
-    "solana_rpc": {
-      "type": "custom",
+    "ic_solana_rpc": {
+      "gzip": true,
       "candid": "src/ic-solana-rpc/ic-solana-rpc.did",
-      "wasm": "ic-solana-rpc.wasm.gz",
-      "init_arg": "(record {})",
-      "gzip": true
+      "package": "ic-solana-rpc",
+      "type": "custom",
+      "wasm": "target/wasm32-unknown-unknown/release/ic-solana-rpc.wasm",
+      "metadata": [
+        {
+          "name": "candid:service"
+        }
+      ]
     },
     "solana_rpc_demo": {
       "type": "custom",

dfx.json

@@ -118,12 +118,18 @@ pub fn serve_logs(request: HttpRequest) -> HttpResponse {
 
     match request.raw_query_param("priority").map(Priority::from_str) {
         Some(Ok(priority)) => match priority {
-            Priority::Info => log.push_logs(Priority::Info),
-            Priority::Debug => log.push_logs(Priority::Debug),
+            Priority::INFO => log.push_logs(Priority::INFO),
+            Priority::DEBUG => log.push_logs(Priority::DEBUG),
+            Priority::WARNING => log.push_logs(Priority::WARNING),
+            Priority::ERROR => log.push_logs(Priority::ERROR),
+            Priority::CRITICAL => log.push_logs(Priority::CRITICAL),
         },
         _ => {
-            log.push_logs(Priority::Info);
-            log.push_logs(Priority::Debug);
+            log.push_logs(Priority::INFO);
+            log.push_logs(Priority::DEBUG);
+            log.push_logs(Priority::WARNING);
+            log.push_logs(Priority::ERROR);
+            log.push_logs(Priority::CRITICAL);
         }
     }
 

src/ic-solana-rpc/src/http.rs

@@ -5,8 +5,8 @@ use std::{
 
 use candid::{CandidType, Principal};
 use ic_management_canister_types::{
-    DerivationPath, SchnorrAlgorithm, SchnorrKeyId, SchnorrPublicKeyArgs, SchnorrPublicKeyResponse,
-    SignWithSchnorrArgs, SignWithSchnorrReply,
+    SchnorrAlgorithm, SchnorrKeyId, SchnorrPublicKeyArgs, SchnorrPublicKeyResult, SignWithSchnorrArgs,
+    SignWithSchnorrResult,
 };
 use serde::{Deserialize, Serialize};
 use serde_bytes::ByteBuf;
@@ -49,12 +49,12 @@ impl FromStr for SchnorrKey {
 
 /// Fetches the ed25519 public key from the schnorr canister.
 pub async fn eddsa_public_key(key: SchnorrKey, derivation_path: Vec<ByteBuf>) -> Vec<u8> {
-    let res: Result<(SchnorrPublicKeyResponse,), _> = ic_cdk::call(
+    let res: Result<(SchnorrPublicKeyResult,), _> = ic_cdk::call(
         Principal::management_canister(),
         "schnorr_public_key",
         (SchnorrPublicKeyArgs {
             canister_id: None,
-            derivation_path: DerivationPath::new(derivation_path),
+            derivation_path: derivation_path.iter().map(|p| p.to_vec()).collect(),
             key_id: SchnorrKeyId {
                 algorithm: SchnorrAlgorithm::Ed25519,
                 name: key.to_string(),
@@ -70,12 +70,12 @@ pub async fn eddsa_public_key(key: SchnorrKey, derivation_path: Vec<ByteBuf>) ->
 pub async fn sign_with_eddsa(key: SchnorrKey, derivation_path: Vec<ByteBuf>, message: Vec<u8>) -> Vec<u8> {
     ic_cdk::api::call::msg_cycles_accept128(EDDSA_SIGN_COST);
 
-    let res: Result<(SignWithSchnorrReply,), _> = ic_cdk::api::call::call_with_payment(
+    let res: Result<(SignWithSchnorrResult,), _> = ic_cdk::api::call::call_with_payment(
         Principal::management_canister(),
         "sign_with_schnorr",
         (SignWithSchnorrArgs {
             message,
-            derivation_path: DerivationPath::new(derivation_path),
+            derivation_path: derivation_path.iter().map(|p| p.to_vec()).collect(),
             key_id: SchnorrKeyId {
                 algorithm: SchnorrAlgorithm::Ed25519,
                 name: key.to_string(),

src/ic-solana-wallet/src/eddsa.rs

@@ -9,24 +9,33 @@ license = { workspace = true }
 edition = { workspace = true }
 
 [dependencies]
+bip32 = { version = "0.5.1", features = ["k256"] }
 base64 = { workspace = true }
 bincode = "1.3.3"
 bs58 = "0.5.1"
+curve25519-dalek = "4.1.3"
 candid = { workspace = true }
+ed25519-dalek = "2.1"
 flate2 = "1.0"
 futures = { workspace = true }
 getrandom = { version = "0.2", features = ["custom"] }
+hex = "0.4"
 ic-canister-log = { workspace = true }
+ic-canisters-http-types = { workspace = true }
+ic-management-canister-types = { workspace = true }
 ic-cdk = { workspace = true }
 ic-crypto-ed25519 = { workspace = true }
 ic-metrics-encoder = { workspace = true }
 ic-sha3 = "1"
 serde = { workspace = true }
+serde_derive = "1.0.208"
 serde_json = { workspace = true }
 serde_bytes = { workspace = true }
 serde-big-array = "0.5.1"
+sha2 = "0.10.8"
 thiserror = { workspace = true }
 url = { workspace = true }
+time = "0.3.36"
 
 [dev-dependencies]
 proptest = { workspace = true }

src/ic-solana/Cargo.toml

@@ -40,3 +40,6 @@ pub const GET_VOTE_ACCOUNTS_SIZE_ESTIMATE: u64 = 10000;
 
 pub const MAX_GET_BLOCKS_RANGE: u64 = 500_000;
 pub const MAX_GET_SLOT_LEADERS: u64 = 5000;
+// https://internetcomputer.org/docs/current/references/t-sigs-how-it-works/#fees-for-the-t-schnorr-production-key
+// pub const EDDSA_SIGN_COST: u128 = 26_153_846_153;
+pub const ECDSA_SIGN_COST: u128 = 26_200_000_000;

src/ic-solana/src/constants.rs

@@ -0,0 +1,192 @@
+use std::vec;
+
+use crate::constants::ECDSA_SIGN_COST;
+
+use bip32::Seed;
+use candid::Principal;
+use candid::{CandidType, Deserialize};
+use ic_management_canister_types::{
+    SchnorrAlgorithm, SchnorrKeyId, SchnorrPublicKeyArgs, SchnorrPublicKeyResult,
+    SignWithSchnorrArgs, SignWithSchnorrResult,
+};
+use serde::Serialize;
+use serde_bytes::ByteBuf;
+use sha2::Digest;
+#[derive(CandidType, Deserialize, Serialize, Debug, Clone, PartialEq, Eq)]
+pub enum KeyType {
+    ChainKey,
+    Native(Vec<u8>),
+}
+
+/// Fetches the ed25519 public key from the schnorr canister.
+pub async fn eddsa_public_key(
+    key_type: KeyType,
+    key_name: String,
+    derivation_path: Vec<ByteBuf>,
+) -> Vec<u8> {
+    match key_type {
+        KeyType::ChainKey => {
+            let res: Result<(SchnorrPublicKeyResult,), _> = ic_cdk::call(
+                Principal::management_canister(),
+                "schnorr_public_key",
+                (SchnorrPublicKeyArgs {
+                    canister_id: None,
+                    derivation_path: derivation_path
+                        .iter()
+                        .map(|p| p.clone().into_vec())
+                        .collect(),
+                    key_id: SchnorrKeyId {
+                        algorithm: SchnorrAlgorithm::Ed25519,
+                        name: key_name,
+                    },
+                },),
+            )
+            .await;
+
+            res.unwrap().0.public_key
+        }
+        KeyType::Native(seed) => {
+            let derivation_path = derivation_path_ed25519(&ic_cdk::api::id(), &derivation_path);
+            native_public_key_ed25519(Seed::new(seed.try_into().unwrap()), derivation_path)
+        }
+    }
+}
+
+fn native_public_key_ed25519(
+    seed: Seed,
+    derivation_path: ic_crypto_ed25519::DerivationPath,
+) -> Vec<u8> {
+    let seed_32_bytes =
+        <[u8; 32]>::try_from(&seed.as_bytes()[0..32]).expect("seed should be >= 32 bytes");
+    let master_secret = ic_crypto_ed25519::PrivateKey::deserialize_raw_32(&seed_32_bytes);
+    let (derived_secret, _) = master_secret.derive_subkey(&derivation_path);
+    let public_key = derived_secret.public_key();
+    public_key.serialize_raw().to_vec()
+}
+
+fn derivation_path_ed25519(
+    canister_id: &Principal,
+    derivation_path: &Vec<ByteBuf>,
+) -> ic_crypto_ed25519::DerivationPath {
+    let mut path = vec![];
+    let derivation_index = ic_crypto_ed25519::DerivationIndex(canister_id.as_slice().to_vec());
+    path.push(derivation_index);
+
+    for index in derivation_path {
+        path.push(ic_crypto_ed25519::DerivationIndex(index.to_vec()));
+    }
+    ic_crypto_ed25519::DerivationPath::new(path)
+}
+
+/// Signs a message with an ed25519 key.
+pub async fn sign_with_eddsa(
+    key_type: &KeyType,
+    key_name: String,
+    derivation_path: Vec<ByteBuf>,
+    message: Vec<u8>,
+) -> Vec<u8> {
+    match key_type {
+        KeyType::ChainKey => {
+            let res: Result<(SignWithSchnorrResult,), _> = ic_cdk::api::call::call_with_payment(
+                Principal::management_canister(),
+                "sign_with_schnorr",
+                (SignWithSchnorrArgs {
+                    message,
+                    derivation_path: derivation_path
+                        .iter()
+                        .map(|p| p.clone().into_vec())
+                        .collect(),
+                    key_id: SchnorrKeyId {
+                        name: key_name,
+                        algorithm: SchnorrAlgorithm::Ed25519,
+                    },
+                },),
+                // https://internetcomputer.org/docs/current/references/t-sigs-how-it-works/#fees-for-the-t-schnorr-production-key
+                // 26_153_846_153,
+                ECDSA_SIGN_COST as u64,
+            )
+            .await;
+
+            res.unwrap().0.signature
+        }
+        KeyType::Native(seed) => {
+            let derivation_path = derivation_path_ed25519(&ic_cdk::api::id(), &derivation_path);
+            sign_with_native_ed25519(
+                &Seed::new(seed.as_slice().try_into().unwrap()),
+                derivation_path,
+                ByteBuf::from(message),
+            )
+        }
+    }
+}
+
+fn sign_with_native_ed25519(
+    seed: &Seed,
+    derivation_path: ic_crypto_ed25519::DerivationPath,
+    message: ByteBuf,
+) -> Vec<u8> {
+    let seed_32_bytes =
+        <[u8; 32]>::try_from(&seed.as_bytes()[0..32]).expect("seed should be >= 32 bytes");
+    let master_secret = ic_crypto_ed25519::PrivateKey::deserialize_raw_32(&seed_32_bytes);
+    let (derived_secret, _chain_code) = master_secret.derive_subkey(&derivation_path);
+    derived_secret.sign_message(&message).to_vec()
+}
+
+pub fn sha256(input: &[u8]) -> [u8; 32] {
+    let mut hasher = sha2::Sha256::new();
+    hasher.update(input);
+    hasher.finalize().into()
+}
+
+pub fn hash_with_sha256(input: &str) -> String {
+    let value = sha256(input.as_bytes());
+    hex::encode(value)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::types::Pubkey;
+
+    #[test]
+    fn test_sign_and_verify_native_schnorr_ed25519() {
+        use ed25519_dalek::{Signature, Verifier, VerifyingKey};
+
+        // Setup for signing
+        let test_seed = [1u8; 64];
+        // Example derivation path for signing
+        let derivation_path = [vec![1u8; 4]]
+            .iter()
+            .map(|v| ByteBuf::from(v.clone()))
+            .collect();
+        let derivation_path = derivation_path_ed25519(&Principal::anonymous(), &derivation_path);
+
+        let message = b"Test message";
+
+        // Call the sign function
+        let sign_reply = sign_with_native_ed25519(
+            &Seed::new(test_seed),
+            derivation_path.clone(),
+            ByteBuf::from(message.to_vec()),
+        );
+
+        // Setup for verification
+        let signature = Signature::from_slice(&sign_reply).expect("Invalid signature format");
+        println!("signature: {:?}", signature);
+        let public_key_reply = native_public_key_ed25519(Seed::new(test_seed), derivation_path);
+        let pk = Pubkey::try_from(public_key_reply.to_owned().as_slice())
+            .map_err(|e| e.to_string())
+            .unwrap();
+        println!("public_key: {:?}", pk.to_string());
+
+        let raw_public_key = public_key_reply.as_slice();
+        assert_eq!(raw_public_key.len(), 32);
+        let mut public_key = [0u8; 32];
+        public_key.copy_from_slice(raw_public_key);
+
+        let public_key = VerifyingKey::from_bytes(&public_key).unwrap();
+
+        // Verify the signature
+        assert!(public_key.verify(message, &signature).is_ok());
+    }
+}

src/ic-solana/src/eddsa.rs

@@ -1,4 +1,5 @@
 pub mod constants;
+pub mod eddsa;
 pub mod logs;
 pub mod metrics;
 pub mod request;