fix: Agent.createNewPrismDID to use derivationPath (#158)

hyperledger · May 2, 2024 · 18cd084 · 18cd084
1 parent 08097b6
commit 18cd084
Show file tree

Hide file tree

Showing 17 changed files with 558 additions and 102 deletions.
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -25,6 +25,7 @@
       "request": "launch",
       "program": "${workspaceRoot}/node_modules/jest/bin/jest.js",
       "args": [
+        "${fileBasenameNoExtension}",
         "--colors",
         "--workerThreads",
         "--maxWorkers",

diff --git a/src/apollo/Apollo.ts b/src/apollo/Apollo.ts
@@ -31,6 +31,7 @@ import { Ed25519PublicKey } from "./utils/Ed25519PublicKey";
 import { X25519PublicKey } from "./utils/X25519PublicKey";
 
 import ApolloPKG from "@atala/apollo";
+import { DerivationPath } from "./utils/derivation/DerivationPath";
 
 const ApolloSDK = ApolloPKG.io.iohk.atala.prism.apollo;
 const Mnemonic = ApolloSDK.derivation.Mnemonic.Companion;
@@ -285,43 +286,35 @@ export default class Apollo implements ApolloInterface, KeyRestoration {
           return new Secp256k1PrivateKey(keyData);
         }
 
-        const derivationPathStr = parameters[KeyProperties.derivationPath]
-          ? Buffer.from(parameters[KeyProperties.derivationPath]).toString("hex")
-          : Buffer.from(`m/0'/0'/0'`).toString("hex");
+        const seedHex = parameters[KeyProperties.seed];
+        if (!seedHex) {
+          throw new ApolloError.MissingKeyParameters([KeyProperties.seed]);
+        }
 
-        const seedStr = parameters[KeyProperties.seed];
+        const seed = Buffer.from(seedHex, "hex");
+        const hdKey = HDKey.InitFromSeed(Int8Array.from(seed), 0, BigIntegerWrapper.initFromInt(0));
 
-        if (!derivationPathStr) {
-          throw new ApolloError.MissingKeyParameters([
-            KeyProperties.derivationPath,
-          ]);
+        if (hdKey.privateKey == null) {
+          throw new ApolloError.MissingPrivateKey();
         }
 
-        if (!seedStr) {
-          throw new ApolloError.MissingKeyParameters([KeyProperties.seed]);
+        if (hdKey.chainCode == null) {
+          throw new ApolloError.MissingChainCode();
         }
 
-        const seed = Buffer.from(seedStr, "hex");
+        const baseKey = new Secp256k1PrivateKey(Buffer.from(hdKey.privateKey));
+        baseKey.keySpecification.set(KeyProperties.chainCode, Buffer.from(hdKey.chainCode).toString("hex"));
+        baseKey.keySpecification.set(KeyProperties.derivationPath, Buffer.from(`m/0'/0'/0'`).toString("hex"));
+        baseKey.keySpecification.set(KeyProperties.index, "0");
 
-        const newExtendedKey = HDKey.InitFromSeed(
-          Int8Array.from(seed),
-          0,
-          BigIntegerWrapper.initFromInt(0)
-        ).derive(Buffer.from(derivationPathStr, "hex").toString());
-
-        const newExtendedPrivateKey = new Secp256k1PrivateKey(
-          // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-          Uint8Array.from(newExtendedKey.privateKey!)
-        );
-
-        newExtendedPrivateKey.keySpecification.set(KeyProperties.seed, seedStr);
-        newExtendedPrivateKey.keySpecification.set(
-          KeyProperties.derivationPath,
-          derivationPathStr
-        );
-        newExtendedPrivateKey.keySpecification.set(KeyProperties.index, "0");
+        const derivationParam = parameters[KeyProperties.derivationPath];
+        if (derivationParam) {
+          const derivationPath = DerivationPath.from(derivationParam);
+          const privateKey = baseKey.derive(derivationPath);
+          return privateKey;
+        }
 
-        return newExtendedPrivateKey;
+        return baseKey;
       }
     }
 

diff --git a/src/apollo/utils/Secp256k1PrivateKey.ts b/src/apollo/utils/Secp256k1PrivateKey.ts
@@ -4,18 +4,15 @@ import BN from "bn.js";
 import * as ECConfig from "../../config/ECConfig";
 import { Secp256k1PublicKey } from "./Secp256k1PublicKey";
 import { DerivationPath } from "./derivation/DerivationPath";
+import { ApolloError, Curve, KeyTypes, KeyProperties, } from "../../domain";
 import {
-  ApolloError,
-  Curve,
+  PrivateKey,
   DerivableKey,
   ExportableKey,
   ImportableKey,
-  KeyTypes,
-  KeyProperties,
-  PrivateKey,
   SignableKey,
-  StorableKey
-} from "../../domain";
+  StorableKey,
+} from "../../domain/models/keyManagement";
 
 const Apollo = ApolloPkg.io.iohk.atala.prism.apollo;
 const HDKey = Apollo.derivation.HDKey;
@@ -55,35 +52,40 @@ export class Secp256k1PrivateKey
     this.size = this.raw.length;
   }
 
-  derive(derivationPath: DerivationPath): PrivateKey {
-    const seedHex = this.getProperty(KeyProperties.seed);
+  derive(derivationPath: DerivationPath): Secp256k1PrivateKey {
+    const chainCodeHex = this.getProperty(KeyProperties.chainCode);
 
-    if (!seedHex) {
-      throw new Error("Seed not found");
+    if (!chainCodeHex) {
+      throw new ApolloError.MissingKeyParameters([KeyProperties.chainCode]);
     }
 
-    const seed = Buffer.from(seedHex, "hex");
+    const chaincode = Buffer.from(chainCodeHex, "hex");
     const derivationPathStr = derivationPath.toString();
 
-    const newExtendedKey = HDKey.InitFromSeed(
-      Int8Array.from(seed),
+    const hdKey = new HDKey(
+      Int8Array.from(this.raw),
+      null,
+      Int8Array.from(chaincode),
       0,
-      BigIntegerWrapper.initFromInt(0)
-    ).derive(derivationPathStr);
-
-    const newExtendedPrivateKey = new Secp256k1PrivateKey(
-      // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-      Uint8Array.from(newExtendedKey.privateKey!)
+      BigIntegerWrapper.initFromInt(this.index ?? 0)
     );
 
-    newExtendedPrivateKey.keySpecification.set(KeyProperties.seed, seedHex);
-    newExtendedPrivateKey.keySpecification.set(
-      KeyProperties.derivationPath,
-      Buffer.from(derivationPathStr).toString("hex")
-    );
-    newExtendedPrivateKey.keySpecification.set(KeyProperties.index, "0");
+    const derivedKey = hdKey.derive(derivationPathStr);
+
+    if (derivedKey.privateKey == null) {
+      throw new ApolloError.MissingPrivateKey();
+    }
+
+    const privateKey = new Secp256k1PrivateKey(Buffer.from(derivedKey.privateKey));
+    // TODO(BR) dont keep derivationPath as hex 
+    privateKey.keySpecification.set(KeyProperties.derivationPath, Buffer.from(derivationPathStr).toString("hex"));
+    privateKey.keySpecification.set(KeyProperties.index, `${derivationPath.index}`);
+
+    if (derivedKey.chainCode) {
+      privateKey.keySpecification.set(KeyProperties.chainCode, Buffer.from(derivedKey.chainCode).toString("hex"));
+    }
 
-    return newExtendedPrivateKey;
+    return privateKey;
   }
 
   publicKey() {
@@ -105,6 +107,7 @@ export class Secp256k1PrivateKey
     );
   }
 
+  // ?? move to `from` property
   static secp256k1FromBigInteger(bigInteger: BN): Secp256k1PrivateKey {
     return new Secp256k1PrivateKey(Uint8Array.from(bigInteger.toArray()));
   }

diff --git a/src/apollo/utils/Secp256k1PublicKey.ts b/src/apollo/utils/Secp256k1PublicKey.ts
@@ -4,25 +4,21 @@ import BigInteger from "bn.js";
 
 import * as ECConfig from "../../config/ECConfig";
 import { ECPoint } from "./ec/ECPoint";
+import { ApolloError, Curve, KeyProperties, KeyTypes, } from "../../domain";
 import {
-  ApolloError,
-  Curve,
+  PublicKey,
   ExportableKey,
   ImportableKey,
-  KeyProperties,
-  KeyTypes,
-  PublicKey,
   StorableKey,
   VerifiableKey
-} from "../../domain";
+} from "../../domain/models/keyManagement";
 
 /**
  * @ignore
  */
 export class Secp256k1PublicKey extends PublicKey implements StorableKey, ExportableKey, VerifiableKey {
   public readonly recoveryId = StorableKey.recoveryId("secp256k1", "pub");
 
-
   public keySpecification: Map<KeyProperties | string, string> = new Map();
   public size: number;
   public raw: Uint8Array;

diff --git a/src/apollo/utils/derivation/DerivationPath.ts b/src/apollo/utils/derivation/DerivationPath.ts
@@ -7,6 +7,18 @@ export class DerivationPath {
     this.axes = axes;
   }
 
+  /**
+   * get the index at depth 0.
+   * default to 0 if no value found
+   * 
+   * @returns {number} - the value at depth 0
+   */
+  get index(): number {
+    const first = this.axes.at(0);
+    const index = first?.number ?? 0;
+    return index;
+  }
+
   /**
    * Creates child derivation path for given index, hardened or not
    */
@@ -22,6 +34,51 @@ export class DerivationPath {
     return new DerivationPath([]);
   }
 
+  /**
+   * Attempt to create a DerivationPath from a value
+   * 
+   * @param value 
+   * @returns {DerivationPath}
+   * @throws - if the value cannot be converted to a DerivationPath
+   */
+  static from(value: unknown): DerivationPath {
+    if (value instanceof DerivationPath) {
+      return value;
+    }
+
+    if (typeof value === "string") {
+      if (value.at(0) === "m") {
+        return DerivationPath.fromPath(value);
+      }
+    }
+
+    if (typeof value === "number") {
+      return DerivationPath.fromIndex(value);
+    }
+
+    throw new Error(`DerivationPath value not valid [${value}]`);
+  }
+
+
+  /**
+   * Create a DerivationPath from an index
+   * 
+   * index is hardened and used at depth 1, with two subsequent hardened 0s
+   * Example: index: 3 = DerivationPath: `m/3'/0'/0'`
+   * 
+   * equivalent of Swift DerivableKey.keyPathString
+   * 
+   * @param index - hardened index for depth 1
+   * @returns {DerivationPath}
+   */
+  static fromIndex(index: number): DerivationPath {
+    return new DerivationPath([
+      DerivationAxis.hardened(index),
+      DerivationAxis.hardened(0),
+      DerivationAxis.hardened(0),
+    ]);
+  }
+
   /**
    * Parses string representation of derivation path
    *

diff --git a/src/domain/models/KeyProperties.ts b/src/domain/models/KeyProperties.ts
@@ -14,6 +14,16 @@ export enum KeyProperties {
    */
   seed = "seed",
 
+  /**
+   * The 'chainCode' used for key derivation.
+   * hex encoded value.
+   * 
+   * ```ts
+   * const chainCode = Buffer.from(props[KeyProperties.chainCode], "hex");
+   * ```
+   */
+  chainCode = "chainCode",
+
   /**
    * The 'rawKey' refers to the raw binary form of the key.
    */

diff --git a/src/domain/models/errors/Apollo.ts b/src/domain/models/errors/Apollo.ts
@@ -61,3 +61,6 @@ export class KeyRestoratonFailed extends Error {
     super(`Key Restoration Failed: [${key?.recoveryId}]`);
   }
 }
+
+export class MissingPrivateKey extends Error {}
+export class MissingChainCode extends Error {}
diff --git a/src/pluto/repositories/KeyRepository.ts b/src/pluto/repositories/KeyRepository.ts
@@ -16,6 +16,11 @@ export class KeyRepository extends MapperRepository<Models.Key, Domain.PrivateKe
       ...model,
       raw: Buffer.from(model.rawHex, "hex")
     });
+
+    if (model.index != undefined) {
+      domain.keySpecification.set(Domain.KeyProperties.index, model.index.toString());
+    }
+
     return this.withId(domain, model.uuid);
   }
 

diff --git a/src/prism-agent/Agent.DIDHigherFunctions.ts b/src/prism-agent/Agent.DIDHigherFunctions.ts
@@ -2,6 +2,7 @@ import {
   Curve,
   DID,
   KeyProperties,
+  KeyTypes,
   PublicKey,
   Seed,
   Service,
@@ -12,13 +13,13 @@ import { Apollo } from "../domain/buildingBlocks/Apollo";
 import { Castor } from "../domain/buildingBlocks/Castor";
 import { Pluto } from "../domain/buildingBlocks/Pluto";
 import { AgentError } from "../domain/models/Errors";
-import { KeyTypes } from "../domain/models";
 import {
   AgentDIDHigherFunctions as AgentDIDHigherFunctionsClass,
   ConnectionsManager,
   MediatorHandler,
 } from "./types";
 import { PrismKeyPathIndexTask } from "./Agent.PrismKeyPathIndexTask";
+import { DerivationPath } from "../apollo/utils/derivation/DerivationPath";
 
 /**
  * An extension for the Edge agent that groups some DID related operations mainly used to expose the create did functionality
@@ -141,12 +142,13 @@ export class AgentDIDHigherFunctions implements AgentDIDHigherFunctionsClass {
     services: Service[],
     keyPathIndex?: number
   ): Promise<DID> {
-    const index = keyPathIndex ?? this.getNextKeyPathIndex();
-
+    const index = keyPathIndex ?? await this.getNextKeyPathIndex();
+    const derivationPath = DerivationPath.fromIndex(index);
     const privateKey = this.apollo.createPrivateKey({
-      type: KeyTypes.EC,
-      curve: Curve.SECP256K1,
-      seed: Buffer.from(this.seed.value).toString("hex"),
+      [KeyProperties.type]: KeyTypes.EC,
+      [KeyProperties.curve]: Curve.SECP256K1,
+      [KeyProperties.seed]: Buffer.from(this.seed.value).toString("hex"),
+      [KeyProperties.derivationPath]: derivationPath,
     });
 
     const publicKey = privateKey.publicKey();
@@ -158,7 +160,12 @@ export class AgentDIDHigherFunctions implements AgentDIDHigherFunctionsClass {
     return did;
   }
 
-  private async getNextKeyPathIndex() {
+  /**
+   * Determine the Index for the subsequent Key
+   * 
+   * @returns {number}
+   */
+  private async getNextKeyPathIndex(): Promise<number> {
     const getIndexTask = new PrismKeyPathIndexTask(this.pluto);
     const index = await getIndexTask.run();
     const next = index + 1;

diff --git a/src/prism-agent/Agent.PrismKeyPathIndexTask.ts b/src/prism-agent/Agent.PrismKeyPathIndexTask.ts
@@ -18,4 +18,4 @@ export class PrismKeyPathIndexTask {
 
     return keyPathIndex;
   }
-}
+}
diff --git a/src/prism-agent/Agent.ts b/src/prism-agent/Agent.ts
@@ -160,7 +160,7 @@ export default class Agent
 
     const store = new PublicMediatorStore(pluto);
     const handler = new BasicMediatorHandler(mediatorDID, mercury, store);
-    const pollux = new Pollux(castor)
+    const pollux = new Pollux(castor);
     const seed = params.seed ?? apollo.createRandomSeed().seed;
 
     const agentCredentials = new AgentCredentials(
@@ -169,7 +169,7 @@ export default class Agent
       pluto,
       pollux,
       seed
-    )
+    );
     const manager = new ConnectionsManager(castor, mercury, pluto, agentCredentials, handler);
 
     const agent = new Agent(