onflow · lealobanov · Oct 9, 2025 · Oct 20, 2025 · Oct 20, 2025 · Oct 21, 2025
@@ -2,9 +2,11 @@ package com.flowfoundation.wallet
 
 import android.util.Log
 import androidx.test.ext.junit.runners.AndroidJUnit4
+import com.flowfoundation.wallet.firebase.auth.getFirebaseJwt
 import com.flowfoundation.wallet.manager.account.DeviceInfoManager
 import com.flowfoundation.wallet.network.ApiService
 import com.flowfoundation.wallet.network.model.AccountKey
+import com.flowfoundation.wallet.network.model.FlowAccountInfo
 import com.flowfoundation.wallet.network.model.RegisterRequest
 import com.flowfoundation.wallet.network.retrofit
 import org.onflow.flow.models.bytesToHex
@@ -18,6 +20,7 @@ import wallet.core.jni.HDWallet
 import com.flow.wallet.keys.PrivateKey
 import com.flow.wallet.storage.FileSystemStorage
 import com.flowfoundation.wallet.utils.Env
+import org.onflow.flow.models.HashingAlgorithm
 import org.onflow.flow.models.SigningAlgorithm
 import java.io.File
 
@@ -33,10 +36,22 @@ class TestApi {
 
             val deviceInfoRequest = DeviceInfoManager.getDeviceInfoRequest()
             val service = retrofit().create(ApiService::class.java)
+
+            // Get Firebase JWT for signing (v4 requires signature verification)
+            val firebaseJwt = getFirebaseJwt()
+
+            // Sign the Firebase JWT (for test, using a placeholder signature)
+            // In real usage, this should be signed with the private key
+            val testSignature = "test_signature_placeholder"
+
+            val flowAccountInfo = FlowAccountInfo(
+                accountKey = AccountKey(publicKey = publicKey),
+                signature = testSignature
+            )
             val user = service.register(
                 RegisterRequest(
+                    flowAccountInfo = flowAccountInfo,
                     username = "ttt",
-                    accountKey = AccountKey(publicKey = publicKey),
                     deviceInfo = deviceInfoRequest
                 )
             )
@@ -58,12 +73,25 @@ class TestApi {
             val privateKey = PrivateKey.create(storage)
             val publicKeyBytes = privateKey.publicKey(SigningAlgorithm.ECDSA_P256)
             val publicKey = publicKeyBytes?.bytesToHex()?.removePrefix("04") ?: ""
+
+            // Get Firebase JWT for signing (v4 requires signature verification)
+            val firebaseJwt = getFirebaseJwt()
+
+            // Sign the Firebase JWT with the private key
+            val jwtBytes = firebaseJwt.toByteArray(Charsets.UTF_8)
+            val signatureBytes = privateKey.sign(jwtBytes, SigningAlgorithm.ECDSA_P256, HashingAlgorithm.SHA2_256)
+            val hexSignature = signatureBytes?.joinToString("") { "%02x".format(it) } ?: ""
+
+            val flowAccountInfo = FlowAccountInfo(
+                accountKey = AccountKey(publicKey = publicKey),
+                signature = hexSignature
+            )
 
             val service = retrofit().create(ApiService::class.java)
             val user = service.register(
                 RegisterRequest(
+                    flowAccountInfo = flowAccountInfo,
                     username = "ttt",
-                    accountKey = AccountKey(publicKey = publicKey),
                     deviceInfo = deviceInfoRequest
                 )
             )

@@ -8,7 +8,7 @@ import retrofit2.http.Path
 
 interface ApiService {
 
-    @POST("/v3/register")
+    @POST("/v4/register")
     suspend fun register(@Body param: RegisterRequest): RegisterResponse
 
     @POST("/v1/user/address")

@@ -31,9 +31,11 @@ import com.flowfoundation.wallet.manager.walletdata.FlowWallet
 import com.flowfoundation.wallet.mixpanel.AccountCreateKeyType
 import com.flowfoundation.wallet.mixpanel.MixpanelManager
 import com.flowfoundation.wallet.network.model.AccountKey
+import com.flowfoundation.wallet.network.model.EvmAccountInfo
 import com.flowfoundation.wallet.network.model.LoginRequest
 import com.flowfoundation.wallet.network.model.RegisterRequest
 import com.flowfoundation.wallet.network.model.RegisterResponse
+import wallet.core.jni.Hash
 import com.flowfoundation.wallet.page.walletrestore.firebaseLogin
 import com.flowfoundation.wallet.utils.Env
 import com.flowfoundation.wallet.utils.NETWORK_MAINNET
@@ -60,6 +62,8 @@ import com.google.gson.Gson
 import com.google.gson.reflect.TypeToken
 import kotlinx.coroutines.delay
 import org.onflow.flow.ChainId
+import org.onflow.flow.models.DomainTag
+import org.onflow.flow.models.HashingAlgorithm
 import org.onflow.flow.models.SigningAlgorithm
 import java.io.File
 import java.security.MessageDigest
@@ -549,7 +553,7 @@ private fun registerFirebase(user: RegisterResponse, callback: (isSuccess: Boole
 }
 
 private suspend fun registerServer(username: String, prefix: String): RegisterResponse {
-  logd(TAG, "Starting server registration for username: $username")
+  logd(TAG, "Starting server registration for username: $username (using v4 API)")
   val deviceInfoRequest = DeviceInfoManager.getDeviceInfoRequest()
   val service = retrofit().create(ApiService::class.java)
   val baseDir = File(Env.getApp().filesDir, "wallet")
@@ -603,17 +607,78 @@ private suspend fun registerServer(username: String, prefix: String): RegisterRe
     }
     logd(TAG, "Formatted public key: $hexPublicKey (${hexPublicKey.length} chars)")
 
-    // Create registration request with correct algorithm parameters
-    val request = RegisterRequest(
-      username = username,
+    // Get Firebase JWT for signing (v4 requires signature verification)
+    val firebaseJwt = getFirebaseJwt()
+    logd(TAG, "Got Firebase JWT for signing")
+
+    // Sign the Firebase JWT with the private key
+    // Important: Prepend DomainTag.User.bytes to match what backend expects
+    val dataToSign = DomainTag.User.bytes + firebaseJwt.toByteArray(Charsets.UTF_8)
+    logd(TAG, "Signing data with DomainTag.User prefix, total size: ${dataToSign.size}")
+
+    val signatureBytes = privateKey.sign(dataToSign, SigningAlgorithm.ECDSA_P256, HashingAlgorithm.SHA2_256)
+    if (signatureBytes == null) {
+      logd(TAG, "Failed to sign Firebase JWT")
+      throw IllegalStateException("Failed to sign Firebase JWT")
+    }
+
+    val hexSignature = signatureBytes.joinToString("") { "%02x".format(it) }
+    logd(TAG, "Signed Firebase JWT, signature length: ${hexSignature.length} chars (${signatureBytes.size} bytes)")
+
+    // Create v4 registration request with FlowAccountInfo containing signature
+    val flowAccountInfo = com.flowfoundation.wallet.network.model.FlowAccountInfo(
       accountKey = AccountKey(
         publicKey = hexPublicKey
         // Using default values: ECDSA_P256 and SHA2_256
       ),
+      signature = hexSignature
+    )
+
+    // Create EVMAccountInfo for registration
+    val evmAccountInfo = try {
+      // Get secp256k1 public key for EVM address derivation
+      val evmPublicKeyBytes = privateKey.publicKey(SigningAlgorithm.ECDSA_secp256k1)
+      if (evmPublicKeyBytes != null) {
+        // Derive EVM address from public key using Keccak256
+        val publicKeyForHash = if (evmPublicKeyBytes.size == 65 && evmPublicKeyBytes[0] == 0x04.toByte()) {
+          evmPublicKeyBytes.copyOfRange(1, evmPublicKeyBytes.size)
+        } else {
+          evmPublicKeyBytes
+        }
+        val addressHash = Hash.keccak256(publicKeyForHash)
+        val evmAddress = "0x" + addressHash.copyOfRange(12, 32).joinToString("") { "%02x".format(it) }
+        logd(TAG, "Derived EVM address: $evmAddress")
+
+        // Sign Firebase JWT for EVM with secp256k1 key
+        val evmSignatureBytes = privateKey.sign(dataToSign, SigningAlgorithm.ECDSA_secp256k1, HashingAlgorithm.SHA2_256)
+        if (evmSignatureBytes != null) {
+          val evmSignature = evmSignatureBytes.joinToString("") { "%02x".format(it) }
+          logd(TAG, "Generated EVM signature, length: ${evmSignature.length}")
+          EvmAccountInfo(
+            eoaAddress = evmAddress,
+            signature = evmSignature
+          )
+        } else {
+          logd(TAG, "Could not sign with secp256k1, skipping EVM account")
+          null
+        }
+      } else {
+        logd(TAG, "Could not derive secp256k1 public key, skipping EVM account")
+        null
+      }
+    } catch (e: Exception) {
+      logd(TAG, "Error creating EVM account info: ${e.message}")
+      null
+    }
+
+    val request = RegisterRequest(
+      flowAccountInfo = flowAccountInfo,
+      evmAccountInfo = evmAccountInfo,
+      username = username,
       deviceInfo = deviceInfoRequest
     )
 
-    logd(TAG, "Sending registration request: $request")
+    logd(TAG, "Sending v4 registration request for username: $username")
     try {
       val user = service.register(request)
       logd(TAG, "Registration response: $user")

@@ -2,13 +2,44 @@ package com.flowfoundation.wallet.network.model
 
 import com.google.gson.annotations.SerializedName
 
+/**
+ * Flow account information for v4 registration
+ * Contains account key and signature (signature of Firebase JWT)
+ */
+data class FlowAccountInfo(
+    @SerializedName("account_key")
+    val accountKey: AccountKey,
+
+    @SerializedName("signature")
+    val signature: String
+)
+
+/**
+ * EVM account information for v4 registration (optional)
+ * Contains EOA address and signature
+ */
+data class EvmAccountInfo(
+    @SerializedName("eoa_address")
+    val eoaAddress: String,
+
+    @SerializedName("signature")
+    val signature: String
+)
+
+/**
+ * V4 Register request
+ * Uses /v4/register endpoint with signature verification
+ */
 data class RegisterRequest(
+    @SerializedName("flow_account_info")
+    val flowAccountInfo: FlowAccountInfo,
+
+    @SerializedName("evm_account_info")
+    val evmAccountInfo: EvmAccountInfo? = null,
+
     @SerializedName("username")
     val username: String,
 
-    @SerializedName("account_key")
-    val accountKey: AccountKey,
-
     @SerializedName("device_info")
-    val deviceInfo: DeviceInfoRequest?
+    val deviceInfo: DeviceInfoRequest? = null
 )
@@ -25,7 +25,6 @@ class ProfileFragment : Fragment() {
         presenter = ProfileFragmentPresenter(this, binding)
         viewModel = ViewModelProvider(this)[ProfileFragmentViewModel::class.java].apply {
             profileLiveData.observe(viewLifecycleOwner) { presenter.bind(ProfileFragmentModel(userInfo = it)) }
-            inboxCountLiveData.observe(viewLifecycleOwner) { presenter.bind(ProfileFragmentModel(inboxCount = it)) }
         }
     }
 

@@ -130,19 +130,9 @@ class PrivateKeyStoreCryptoProvider(private val keystoreInfo: String) : CryptoPr
         val signatureBytes = privateKey.sign(data, signingAlgorithm, getHashAlgorithm())
         logd(TAG, "Raw signature from privateKey.sign(): size=${signatureBytes.size} bytes")
 
-        // Recovery ID trimming - ensure consistency with account switching flow
-        // Remove recovery ID if present (Flow expects 64-byte signatures, not 65-byte with recovery ID)
-        val finalSignature = if (signatureBytes.size == 65) {
-            logd(TAG, "Trimming recovery ID from 65-byte signature for $signingAlgorithm")
-            signatureBytes.copyOfRange(0, 64) // Remove the last byte (recovery ID)
-        } else {
-            logd(TAG, "Using signature as-is (${signatureBytes.size} bytes)")
-            signatureBytes
-        }
-
-        val hexSignature = finalSignature.joinToString("") { String.format("%02x", it) }
+        val hexSignature = signatureBytes.joinToString("") { String.format("%02x", it) }
         logd(TAG, "Final signature generated: $hexSignature")
-        logd(TAG, "Final signature length: ${hexSignature.length} chars (${finalSignature.size} bytes)")
+        logd(TAG, "Final signature length: ${hexSignature.length} chars (${signatureBytes.size} bytes)")
         return hexSignature
     }
 
@@ -152,19 +142,8 @@ class PrivateKeyStoreCryptoProvider(private val keystoreInfo: String) : CryptoPr
         logd(TAG, "[KEYSTORE] Using signAlgo: $signingAlgorithm, hashAlgo: ${getHashAlgorithm()}")
 
         val result = privateKey.sign(data, signingAlgorithm, getHashAlgorithm())
-
-        // Recovery ID trimming - ensure consistency with account switching flow
-        // Remove recovery ID if present (Flow expects 64-byte signatures, not 65-byte with recovery ID)
-        val finalResult = if (result.size == 65) {
-            logd(TAG, "[KEYSTORE] Trimming recovery ID from 65-byte signature for $signingAlgorithm")
-            result.copyOfRange(0, 64) // Remove the last byte (recovery ID)
-        } else {
-            logd(TAG, "[KEYSTORE] Using signature as-is (${result.size} bytes)")
-            result
-        }
-
-        logd(TAG, "[KEYSTORE] sign() result (${finalResult.size} bytes): ${finalResult.toHexString()}")
-        return finalResult
+        logd(TAG, "[KEYSTORE] sign() result (${result.size} bytes): ${result.toHexString()}")
+        return result
     }
 
     override fun getSigner(hashingAlgorithm: HashingAlgorithm): org.onflow.flow.models.Signer {