[WIP] [HELP NEEDED] Attempt to support secp256r1 to enable passkey #1877
Conversation
dev8723
changed the title
|
The biggest blocker in this PR now is I don't know how to test it, I tried to follow the test for secp256k1 and apply it to secp256r1 but i don't know how to create the right the signature, i found this tool but it needs both private key and pub key to create signature. If someone can point me some directions I can try finish this PR, as the blockers (e.g. Normalize NistP256 signature) mentioned in the original PR is already solved by p256 crate, now should be a good time to do this. |
| const COSMOS_SECP256R1_PUBKEY_HEX: &str = | ||
| "049a2c7b27b132246e170dfb9167db5c5bd302033dbece2bc3f2541a6cd11851821a775f1fc6c4f89e0d019888057f0d574f1c4eb1f90a7a41c4ea9b99b538d932"; | ||
|
|
||
| const COSMOS_SECP256R1_MSG_HEX1: &str = "6265206b696e64"; | ||
| const COSMOS_SECP256R1_MSG_HEX2: &str = "6265206b696e64"; | ||
| const COSMOS_SECP256R1_MSG_HEX3: &str = "6265206b696e64"; | ||
|
|
||
| const COSMOS_SECP256R1_SIGNATURE_HEX1: &str = "453020029250fb9eb22b21b881319a123244e463a329356b75ce804fc2dda174e715104621028d009abee7d523894b425d974bc38cfae5d05cdf5a550c8eceae1f20f0c9913f0038"; | ||
| const COSMOS_SECP256R1_SIGNATURE_HEX2: &str = "30450220658fc9271b09bd53edf3a5bd31b7bd99bd3c3de7859cd8dd1133e76ed44fcb580221009e43d091911de0fc90d22960517211f5cf6c624b326759e219326f3af807ac31"; | ||
| const COSMOS_SECP256R1_SIGNATURE_HEX3: &str = "30450220658fc9271b09bd53edf3a5bd31b7bd99bd3c3de7859cd8dd1133e76ed44fcb580221009e43d091911de0fc90d22960517211f5cf6c624b326759e219326f3af807ac31"; | ||
|
|
||
| // Test data originally from https://github.com/cosmos/cosmjs/blob/v0.24.0-alpha.22/packages/crypto/src/secp256k1.spec.ts#L195-L394 | ||
| const COSMOS_SECP256R1_TESTS_JSON: &str = "./testdata/secp256r1_tests.json"; |
There was a problem hiding this comment.
Test data needs to be changed accordingly, but i don't know how to do that. Looked into secp256r1 test in cosmos sdk, but i didn't find any hardcoded test case.
There was a problem hiding this comment.
Just seen this. Remember I scoured the web at the time to find good test data for secp256k1, and ended up using that ref.
dev8723
changed the title
Basically i start from #1083 and resolve all the error due to version change, now i can only pass the basic test case The test was not working in #1083 , original author just copy the test data from secp256k1 without modifying it. |
|
See #2001 for secp256r1 tracking. We can do this right after 2.0 🐎 |
|
Done in #1983 |
Summary
@webmaster128 please advice
This PR tries to add secp256r1 verification in cosmwasm, secp256r1 is already supported in cosmos sdk and enabled.
This PR is based on #1083.
I didn't implement recover function that exists in secp256k1 (
secp256k1_recover_pubkey) because i think the only reason recover is implemented in secp256k1 because we want to supports ethereum signature, but ethereum never support secp256r1, so no ethereum compatibility issue here.Background
secp256r1 is required in order to support passkey so we can use passkey to control wallet (imagine only use biometric info to control keplr mobile, users don't need to know seed phrase unless they want to export).
Historical work in Cosmos
cosmos/cosmjs#413
#1058
A very interested project on hackwasm 2023 by nymlab that tries to create a workaround solution using passkey without secp256r1
Related work in Ethereum
https://ethresear.ch/t/passkey-based-account-abstraction-signer-for-smart-contract-wallets/15856
WIP EIP to support secp256r1: https://eips.ethereum.org/EIPS/eip-7212
Community project: https://github.com/itsobvioustech/aa-passkeys-wallet
Some user facing examples of using passkey on other chains:
joyid on EVM
bunkr on Solana
Path to unblock wallet to support passkey