Merge pull request #76 from onflow/add-ecreover

feat: add ecRecover

Author: lmcmz

Android/wallet/src/androidTest/java/com/flow/wallet/wallet/EthereumWalletTests.kt

@@ -18,6 +18,7 @@ import org.junit.Assert
 import com.flow.wallet.errors.WalletError
 import com.google.protobuf.ByteString
 import wallet.core.jni.EthereumAbi
+import java.math.BigInteger
 
 class EthereumWalletTests {
 
@@ -167,6 +168,24 @@ class EthereumWalletTests {
             "f86c098504a817c800825208943535353535353535353535353535353535353535880de0b6b3a76400008025a028ef61340bd939bc2195fe537567866003e1a15d3c71ff63e1590620aa636276a067cbe9d8997f761aecb703304b3800ccf555c9f3dc64214b297fb1966a3b6d83",
             output.encoded.toByteArray().toHexString()
         )
+        val expectedHash = HasherImpl.keccak256(output.encoded.toByteArray()).toHexString()
+        assertEquals(expectedHash, output.preHash.toByteArray().toHexString())
+        assertEquals(expectedHash, output.txId().toHexString())
+    }
+
+    @Test
+    fun walletEcRecoverReturnsExpectedAddress() = runBlocking {
+        val storage = InMemoryStorage()
+        val privateKey = TWPrivateKey(privateKeyHex.hexToByteArray())
+        val key = PrivateKey(privateKey, storage)
+        val wallet = TestWallet(key, storage)
+
+        val signature = "a77836f00d36b5cd16c17bb26f23cdc78db7928b8d1d1341bd3f11cc279b60a508b80e01992cb0ad9a6c2212177dd84a43535e3bf29794c1dc13d17a59c2d98c1b".hexToByteArray()
+        val message = "Hello, Flow EVM!".toByteArray()
+
+        val recovered = wallet.ethRecoverAddress(signature, message)
+
+        assertEquals("0xe513e4f52f76c9bd3db2474e885b8e7e814ea516", recovered.lowercase())
     }
 
     @Test
@@ -264,10 +283,27 @@ class EthereumWalletTests {
     }
 
     private fun String.hexToByteArray(): ByteArray {
+        var clean = removePrefix("0x")
+        if (clean.isEmpty()) return byteArrayOf()
+        if (clean.length % 2 != 0) {
+            clean = "0$clean"
+        }
+        val lower = clean.lowercase()
+        return ByteArray(lower.length / 2) { index ->
+            lower.substring(index * 2, index * 2 + 2).toInt(16).toByte()
+        }
+    }
+
+    private fun String.hexToMinimalByteArray(): ByteArray {
         val clean = removePrefix("0x")
-        require(clean.length % 2 == 0) { "Hex string must have even length" }
-        return ByteArray(clean.length / 2) { index ->
-            clean.substring(index * 2, index * 2 + 2).toInt(16).toByte()
+        if (clean.isEmpty()) return byteArrayOf()
+        val value = BigInteger(clean, 16)
+        if (value == BigInteger.ZERO) return byteArrayOf()
+        val bytes = value.toByteArray()
+        return if (bytes.isNotEmpty() && bytes[0] == 0.toByte()) {
+            bytes.copyOfRange(1, bytes.size)
+        } else {
+            bytes
         }
     }
 

Android/wallet/src/main/java/com/flow/wallet/wallet/BaseWallet.kt

@@ -4,6 +4,7 @@ import com.flow.wallet.account.Account
 import com.flow.wallet.crypto.HasherImpl
 import com.flow.wallet.errors.WalletError
 import com.flow.wallet.keys.EthereumKeyProtocol
+import com.flow.wallet.keys.EthereumSignatureUtils
 import com.flow.wallet.keys.KeyProtocol
 import com.flow.wallet.security.SecurityCheckDelegate
 import com.flow.wallet.storage.StorageProtocol
@@ -21,7 +22,9 @@ import kotlin.text.Charsets
 import wallet.core.java.AnySigner
 import wallet.core.jni.CoinType
 import wallet.core.jni.EthereumAbi
+import wallet.core.jni.PublicKey
 import wallet.core.jni.proto.Ethereum
+import java.util.Locale
 import org.onflow.flow.models.Account as FlowAccount
 
 /**
@@ -61,6 +64,7 @@ interface Wallet {
     suspend fun ethSignPersonalData(data: ByteArray, index: Int = 0): ByteArray
     suspend fun ethSignTypedData(json: String, index: Int = 0): ByteArray
     suspend fun ethSignTransaction(input: Ethereum.SigningInput, index: Int = 0): Ethereum.SigningOutput
+    suspend fun ethRecoverAddress(signature: ByteArray, message: ByteArray): String
 }
 
 /**
@@ -326,20 +330,43 @@ abstract class BaseWallet(
         return ethSignDigest(digest, index)
     }
 
-    override suspend fun ethSignTransaction(input: Ethereum.SigningInput, index: Int): Ethereum.SigningOutput {
+    override suspend fun ethSignTransaction(
+        input: Ethereum.SigningInput,
+        index: Int
+    ): Ethereum.SigningOutput {
         ensureSecurityCheck()
         val key = resolveEthereumKey()
         val privateKey = key.ethPrivateKey(index)
         val builder = input.toBuilder()
         builder.privateKey = ByteString.copyFrom(privateKey)
-        return try {
+        return  try {
             AnySigner.sign(builder.build(), CoinType.ETHEREUM, Ethereum.SigningOutput.parser())
         } finally {
             builder.clearPrivateKey()
             privateKey.fill(0)
         }
     }
 
+    override suspend fun ethRecoverAddress(
+        signature: ByteArray,
+        message: ByteArray
+    ): String {
+        if (signature.size != 65) {
+            throw WalletError.InvalidEthereumSignature
+        }
+        val normalizedSignature = EthereumSignatureUtils.normalize(signature)
+        val prefix = "\u0019Ethereum Signed Message:\n${message.size}".toByteArray(Charsets.UTF_8)
+        val payload = prefix + message
+        val digest = HasherImpl.keccak256(payload)
+        val publicKey = runCatching {
+            PublicKey.recover(normalizedSignature, digest)
+        }.getOrElse {
+            throw WalletError.InvalidEthereumSignature
+        }
+        val address = CoinType.ETHEREUM.deriveAddressFromPublicKey(publicKey)
+        return address
+    }
+
     private suspend fun ensureSecurityCheck() {
         securityDelegate?.let {
             val passed = it.verify()

Android/wallet/src/main/java/com/flow/wallet/wallet/EthereumSigningOutputExtensions.kt

@@ -0,0 +1,16 @@
+package com.flow.wallet.wallet
+
+import com.flow.wallet.crypto.HasherImpl
+import wallet.core.jni.proto.Ethereum
+
+/**
+ * Utilities for extracting transaction hash information from Ethereum signing outputs.
+ */
+fun Ethereum.SigningOutput.txId(): ByteArray {
+    val existing = preHash.toByteArray()
+    if (existing.isNotEmpty()) {
+        return existing
+    }
+    val computed = HasherImpl.keccak256(encoded.toByteArray())
+    return computed
+}

iOS/FlowWalletKit/Sources/Wallet/EthereumSigningOutput+TxID.swift

@@ -0,0 +1,25 @@
+//
+//  EthereumSigningOutput+TxID.swift
+//  FlowWalletKit
+//
+
+import Foundation
+import WalletCore
+
+public extension EthereumSigningOutput {
+    /// Returns the transaction hash (txid) for the signed payload.
+    func txId() -> Data {
+        if !preHash.isEmpty {
+            return preHash
+        }
+        return Hash.keccak256(data: encoded)
+    }
+
+    /// Returns the transaction hash (txid) as a hex string with 0x prefix.
+    func txIdHex() -> String {
+        let hash = txId()
+        guard hash.isEmpty == false else { return "0x" }
+        return "0x" + hash.hexString
+    }
+}
+

iOS/FlowWalletKit/Sources/Wallet/Wallet+EOA.swift

@@ -58,16 +58,37 @@ extension Wallet {
         return try key.ethSign(digest: digest, index: index)
     }
 
+    /// Recovers the Ethereum address from a personal-sign style signature.
+    static public func ethRecoverAddress(signature: Data, message: Data) throws -> String {
+        let normalizedSignature = try normalizeEthereumSignature(signature)
+        let prefixString = "\u{19}Ethereum Signed Message:\n\(message.count)"
+        guard let prefix = prefixString.data(using: .utf8) else {
+            throw FWKError.invalidEthereumMessage
+        }
+        var payload = Data()
+        payload.append(prefix)
+        payload.append(message)
+        let digest = Hash.keccak256(data: payload)
+        guard let publicKey = PublicKey.recover(signature: normalizedSignature, message: digest) else {
+            throw FWKError.invalidEthereumSignature
+        }
+		let address = AnyAddress(publicKey: publicKey, coin: .ethereum)
+        return address.description
+    }
+    
     /// Signs an Ethereum transaction using WalletCore's AnySigner pipeline.
     public func ethSignTransaction(_ input: EthereumSigningInput, index: UInt32 = 0) throws -> EthereumSigningOutput {
         let key = try resolveEthereumKey()
         var signingInput = input
         signingInput.privateKey = try key.ethPrivateKey(index: index)
         defer { signingInput.privateKey = Data() }
-        return AnySigner.sign(input: signingInput, coin: .ethereum)
+	    var output: EthereumSigningOutput = AnySigner.sign(input: signingInput, coin: .ethereum)
+        let transactionHash = Hash.keccak256(data: output.encoded)
+        output.preHash = transactionHash
+        return output
     }
 
-    func refreshEOAAddresses() {
+    public func refreshEOAAddresses() {
         guard let key = try? resolveEthereumKey() else {
             eoaAddress = nil
             return

iOS/FlowWalletKit/Tests/FlowWalletKitTests/EOATests.swift

@@ -102,53 +102,53 @@ final class EOATests: XCTestCase {
         let wallet = Wallet(type: .key(key), networks: [.testnet], cacheStorage: storage)
 
         let typedData = """
-        {
-            "types": {
-                "EIP712Domain": [
-                    {"name": "name", "type": "string"},
-                    {"name": "version", "type": "string"},
-                    {"name": "chainId", "type": "uint256"},
-                    {"name": "verifyingContract", "type": "address"}
-                ],
-                "Person": [
-                    {"name": "name", "type": "string"},
-                    {"name": "wallets", "type": "address[]"}
-                ],
-                "Mail": [
-                    {"name": "from", "type": "Person"},
-                    {"name": "to", "type": "Person[]"},
-                    {"name": "contents", "type": "string"}
+{
+    "types": {
+        "EIP712Domain": [
+            {"name": "name", "type": "string"},
+            {"name": "version", "type": "string"},
+            {"name": "chainId", "type": "uint256"},
+            {"name": "verifyingContract", "type": "address"}
+        ],
+        "Person": [
+            {"name": "name", "type": "string"},
+            {"name": "wallets", "type": "address[]"}
+        ],
+        "Mail": [
+            {"name": "from", "type": "Person"},
+            {"name": "to", "type": "Person[]"},
+            {"name": "contents", "type": "string"}
+        ]
+    },
+    "primaryType": "Mail",
+    "domain": {
+        "name": "Ether Mail",
+        "version": "1",
+        "chainId": 1,
+        "verifyingContract": "0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC"
+    },
+    "message": {
+        "from": {
+            "name": "Cow",
+            "wallets": [
+                "CD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826",
+                "DeaDbeefdEAdbeefdEadbEEFdeadbeEFdEaDbeeF"
+            ]
+        },
+        "to": [
+            {
+                "name": "Bob",
+                "wallets": [
+                    "bBbBBBBbbBBBbbbBbbBbbbbBBbBbbbbBbBbbBBbB",
+                    "B0BdaBea57B0BDABeA57b0bdABEA57b0BDabEa57",
+                    "B0B0b0b0b0b0B000000000000000000000000000"
                 ]
-            },
-            "primaryType": "Mail",
-            "domain": {
-                "name": "Ether Mail",
-                "version": "1",
-                "chainId": 1,
-                "verifyingContract": "0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC"
-            },
-            "message": {
-                "from": {
-                    "name": "Cow",
-                    "wallets": [
-                        "CD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826",
-                        "DeaDbeefdEAdbeefdEadbEEFdeadbeEFdEaDbeeF"
-                    ]
-                },
-                "to": [
-                    {
-                        "name": "Bob",
-                        "wallets": [
-                            "bBbBBBBbbBBBbbbBbbBbbbbBBbBbbbbBbBbbBBbB",
-                            "B0BdaBea57B0BDABeA57b0bdABEA57b0BDabEa57",
-                            "B0B0b0b0b0b0B000000000000000000000000000"
-                        ]
-                    }
-                ],
-                "contents": "Hello, Bob!"
             }
-        }
-        """
+        ],
+        "contents": "Hello, Bob!"
+    }
+}
+"""
 
         let typedDataHash = EthereumAbi.encodeTyped(messageJson: typedData)
         XCTAssertEqual(typedDataHash.hexString, "a85c2e2b118698e88db68a8105b794a8cc7cec074e89ef991cb4f5f533819cc2")
@@ -185,6 +185,22 @@ final class EOATests: XCTestCase {
 
         let output = try wallet.ethSignTransaction(input)
         XCTAssertEqual(output.encoded.hexString, "f86c098504a817c800825208943535353535353535353535353535353535353535880de0b6b3a76400008025a028ef61340bd939bc2195fe537567866003e1a15d3c71ff63e1590620aa636276a067cbe9d8997f761aecb703304b3800ccf555c9f3dc64214b297fb1966a3b6d83")
+        let expectedHash = Hash.keccak256(data: output.encoded)
+        XCTAssertEqual(output.preHash.hexString, expectedHash.hexString)
+        XCTAssertEqual(output.txId().hexString, expectedHash.hexString)
+        XCTAssertEqual(output.txIdHex(), "0x" + expectedHash.hexString)
+    }
+
+    func testEcRecoverReturnsExpectedAddress() throws {
+        guard let signature = Data(hexString: "0xa77836f00d36b5cd16c17bb26f23cdc78db7928b8d1d1341bd3f11cc279b60a508b80e01992cb0ad9a6c2212177dd84a43535e3bf29794c1dc13d17a59c2d98c1b") else {
+            XCTFail("Failed to decode signature")
+            return
+        }
+        let message = Data("Hello, Flow EVM!".utf8)
+
+        let recovered = try Wallet.ethRecoverAddress(signature: signature, message: message)
+
+		XCTAssertEqual(recovered.lowercased(), "0xe513e4f52f76c9bd3db2474e885b8e7e814ea516")
     }
 
     func testInvalidTypedDataThrows() throws {
@@ -241,3 +257,23 @@ private extension Data {
         self = result
     }
 }
+
+private func dataFromHexMinimal(_ hex: String, paddedTo length: Int = 32) -> Data {
+    var cleaned = hex.lowercased().hasPrefix("0x") ? String(hex.dropFirst(2)) : hex
+    cleaned = cleaned.trimmingCharacters(in: CharacterSet(charactersIn: "0"))
+    if cleaned.isEmpty {
+        return Data(count: length)
+    }
+    if cleaned.count % 2 != 0 {
+        cleaned = "0" + cleaned
+    }
+    guard let value = Data(hexString: "0x" + cleaned) else {
+        return Data(count: length)
+    }
+    if value.count >= length {
+        return Data(value.suffix(length))
+    }
+    var padded = Data(count: length - value.count)
+    padded.append(value)
+    return padded
+}