-
Notifications
You must be signed in to change notification settings - Fork 44
/
Copy pathmain.go
281 lines (245 loc) · 7.4 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
package main
import (
"bytes"
"crypto/ecdsa"
"encoding/hex"
"flag"
"fmt"
"io"
"log"
"os"
"os/exec"
"strings"
"github.com/base-org/eip712sign/usbwallet"
"github.com/decred/dcrd/hdkeychain/v3"
"github.com/ethereum/go-ethereum/accounts"
"github.com/ethereum/go-ethereum/common"
"github.com/ethereum/go-ethereum/crypto"
"github.com/tyler-smith/go-bip39"
"golang.org/x/exp/slices"
)
func main() {
var privateKey string
var ledger bool
var index int
var address bool
var mnemonic string
var hdPath string
var data string
var prefix string
var suffix string
var workdir string
var skipSender bool
flag.StringVar(&privateKey, "private-key", "", "Private key to use for signing")
flag.BoolVar(&ledger, "ledger", false, "Use ledger device for signing")
flag.IntVar(&index, "index", 0, "Index of the ledger to use")
flag.BoolVar(&address, "address", false, "Print address of signer and exit")
flag.StringVar(&mnemonic, "mnemonic", "", "Mnemonic to use for signing")
flag.StringVar(&hdPath, "hd-paths", "m/44'/60'/0'/0/0", "Hierarchical deterministic derivation path for mnemonic or ledger")
flag.StringVar(&data, "data", "", "Data to be signed")
flag.StringVar(&prefix, "prefix", "vvvvvvvv", "String that prefixes the data to be signed")
flag.StringVar(&suffix, "suffix", "^^^^^^^^", "String that suffixes the data to be signed")
flag.StringVar(&workdir, "workdir", ".", "Directory in which to run the subprocess")
flag.BoolVar(&skipSender, "skip-sender", false, "Skip adding the --sender flag to forge script commands")
flag.Parse()
options := 0
if privateKey != "" {
options++
}
if ledger {
options++
}
if mnemonic != "" {
options++
}
if options != 1 {
log.Fatalf("One (and only one) of --private-key, --ledger, --mnemonic must be set")
}
// signer creation error is handled later, allowing the command that generates the signable
// data to run without a key / ledger, which is useful for simulation purposes
s, signerErr := createSigner(privateKey, mnemonic, hdPath, index)
if signerErr != nil {
if address {
log.Fatalf("Error creating signer: %v", signerErr)
}
log.Printf("Warning: signer creation failed: %v", signerErr)
}
if address {
fmt.Printf("Signer: %s\n", s.address().String())
os.Exit(0)
}
var input []byte
var err error
if data != "" {
input = []byte(data)
} else if flag.NArg() == 0 {
input, err = io.ReadAll(os.Stdin)
if err != nil {
log.Fatalf("Error reading from stdin: %v", err)
}
} else {
args := flag.Args()
if !skipSender && args[0] == "forge" && args[1] == "script" && !slices.Contains(args, "--sender") && s != nil {
args = append(args, "--sender", s.address().String())
}
fmt.Printf("Running '%s\n", strings.Join(args, " "))
input, err = run(workdir, args[0], args[1:]...)
if err != nil {
log.Fatalf("Error running process: %v", err)
}
fmt.Printf("\n%s exited with code 0\n", flag.Arg(0))
}
if index := strings.Index(string(input), prefix); prefix != "" && index >= 0 {
input = input[index+len(prefix):]
}
if index := strings.Index(string(input), suffix); suffix != "" && index >= 0 {
input = input[:index]
}
fmt.Println()
hash := common.FromHex(strings.TrimSpace(string(input)))
if len(hash) != 66 {
log.Fatalf("Expected EIP-712 hex string with 66 bytes, got %d bytes, value: %s", len(input), string(input))
}
domainHash := hash[2:34]
messageHash := hash[34:66]
fmt.Printf("Domain hash: 0x%s\n", hex.EncodeToString(domainHash))
fmt.Printf("Message hash: 0x%s\n", hex.EncodeToString(messageHash))
if signerErr != nil {
log.Fatalf("Error creating signer: %v", signerErr)
}
fmt.Printf("Signing as: %s\n\n", s.address().String())
if ledger {
fmt.Printf("Data sent to ledger, awaiting signature...")
}
signature, err := s.sign(hash)
if err == accounts.ErrWalletClosed {
// ledger is flaky sometimes, recreate and retry
fmt.Printf("failed with %s, retrying...", err.Error())
s, err = createSigner(privateKey, mnemonic, hdPath, index)
if err != nil {
log.Fatalf("Error creating signer: %v", err)
}
signature, err = s.sign(hash)
}
if ledger {
fmt.Println("done")
}
if err != nil {
log.Fatalf("Error signing data: %v", err)
}
fmt.Printf("\nData: 0x%s\n", hex.EncodeToString(hash))
fmt.Printf("Signer: %s\n", s.address().String())
fmt.Printf("Signature: %s\n", hex.EncodeToString(signature))
}
func run(workdir, name string, args ...string) ([]byte, error) {
cmd := exec.Command(name, args...)
cmd.Dir = workdir
var buffer bytes.Buffer
cmd.Stdout = io.MultiWriter(os.Stdout, &buffer)
cmd.Stderr = os.Stderr
err := cmd.Run()
return buffer.Bytes(), err
}
func createSigner(privateKey, mnemonic, hdPath string, index int) (signer, error) {
path, err := accounts.ParseDerivationPath(hdPath)
if err != nil {
return nil, err
}
if privateKey != "" {
key, err := crypto.HexToECDSA(privateKey)
if err != nil {
return nil, fmt.Errorf("error parsing private key: %w", err)
}
return &ecdsaSigner{key}, nil
}
if mnemonic != "" {
key, err := derivePrivateKey(mnemonic, path)
if err != nil {
return nil, fmt.Errorf("error deriving key from mnemonic: %w", err)
}
return &ecdsaSigner{key}, nil
}
// assume using a ledger
ledgerHub, err := usbwallet.NewLedgerHub()
if err != nil {
return nil, fmt.Errorf("error starting ledger: %w", err)
}
wallets := ledgerHub.Wallets()
if len(wallets) == 0 {
return nil, fmt.Errorf("no ledgers found, please connect your ledger")
} else if len(wallets) > 1 {
fmt.Printf("Found %d ledgers, using index %d\n", len(wallets), index)
}
if index < 0 || index >= len(wallets) {
return nil, fmt.Errorf("ledger index out of range")
}
wallet := wallets[index]
if err := wallet.Open(""); err != nil {
return nil, fmt.Errorf("error opening ledger: %w", err)
}
account, err := wallet.Derive(path, true)
if err != nil {
return nil, fmt.Errorf("error deriving ledger account (please unlock and open the Ethereum app): %w", err)
}
return &walletSigner{
wallet: wallet,
account: account,
}, nil
}
type signer interface {
address() common.Address
sign([]byte) ([]byte, error)
}
type ecdsaSigner struct {
*ecdsa.PrivateKey
}
func (s *ecdsaSigner) address() common.Address {
return crypto.PubkeyToAddress(s.PublicKey)
}
func (s *ecdsaSigner) sign(data []byte) ([]byte, error) {
sig, err := crypto.Sign(crypto.Keccak256(data), s.PrivateKey)
if err != nil {
return nil, err
}
sig[crypto.RecoveryIDOffset] += 27
return sig, err
}
type walletSigner struct {
wallet accounts.Wallet
account accounts.Account
}
func (s *walletSigner) address() common.Address {
return s.account.Address
}
func (s *walletSigner) sign(data []byte) ([]byte, error) {
return s.wallet.SignData(s.account, accounts.MimetypeTypedData, data)
}
func derivePrivateKey(mnemonic string, path accounts.DerivationPath) (*ecdsa.PrivateKey, error) {
// Parse the seed string into the master BIP32 key.
seed, err := bip39.NewSeedWithErrorChecking(mnemonic, "")
if err != nil {
return nil, err
}
privKey, err := hdkeychain.NewMaster(seed, fakeNetworkParams{})
if err != nil {
return nil, err
}
for _, child := range path {
privKey, err = privKey.Child(child)
if err != nil {
return nil, err
}
}
rawPrivKey, err := privKey.SerializedPrivKey()
if err != nil {
return nil, err
}
return crypto.ToECDSA(rawPrivKey)
}
type fakeNetworkParams struct{}
func (f fakeNetworkParams) HDPrivKeyVersion() [4]byte {
return [4]byte{}
}
func (f fakeNetworkParams) HDPubKeyVersion() [4]byte {
return [4]byte{}
}