(WIP) ethereum authentication

package.json

@@ -9,6 +9,7 @@
     "history": "^4.7.2",
     "ipfs": "~0.28.2",
     "libp2p-crypto": "^0.10.3",
+    "peer-pad-ethereum-signature": "^1.0.4",
     "pify": "^3.0.0",
     "prop-types": "^15.6.0",
     "quill": "^1.3.3",

src/backend/auth-token.js

@@ -1,8 +1,12 @@
 'use strict'
 
 const waterfall = require('async/waterfall')
+var peerPadEthereumSignature = require('peer-pad-ethereum-signature')
 
-module.exports = async function authTokenFromIpfsId (ipfs, keys) {
+// exports.verifyIpfsIdSignature = function (ipfs, from, signature) {
+// exports.signIpfsId = function (ipfs) {
+
+module.exports = async function authTokenFromIpfsId (ipfs, keys, ethereumWalletInfo) {
   return new Promise((resolve, reject) => {
     waterfall(
       [
@@ -17,8 +21,24 @@ module.exports = async function authTokenFromIpfsId (ipfs, keys) {
             keys.write.sign(Buffer.from(nodeId), cb)
           }
         },
-        (token, cb) => {
-          cb(null, token && token.toString('base64'))
+        (ipfsToken, cb) => {
+          ipfsToken = ipfsToken && ipfsToken.toString('base64')
+          const token = {
+            token: ipfsToken
+          }
+          if (window.web3) {
+            const did = window.localStorage.getItem('DID')
+            if (did) {
+              peerPadEthereumSignature.signIpfsId(ipfs, did).then(signatureData => {
+                token.ethereumWalletInfo = JSON.stringify(signatureData).toString('base64')
+                cb(null, token)
+              })
+            } else {
+              cb(null, token)
+            }
+          } else {
+            cb(null, token)
+          }
         }
       ],
       (err, token) => {

src/backend/auth.js

@@ -1,5 +1,5 @@
 'use strict'
-
+var peerPadEthereumSignature = require('peer-pad-ethereum-signature')
 const EventEmitter = require('events')
 
 module.exports = function Auth (keys, roomEmitter) {
@@ -14,6 +14,7 @@ module.exports = function Auth (keys, roomEmitter) {
 
   roomEmitter.on('peer left', (peerId) => {
     delete capabilitiesByPeer[peerId]
+    // step1 : emitir evento
     auth.emit('change', peerId, null)
   })
 
@@ -57,8 +58,11 @@ module.exports = function Auth (keys, roomEmitter) {
     const capabilities = capabilitiesByPeer[peerId] || {}
     return Object.keys(capabilities).filter((capability) => capabilities[capability] === true)
   }
-
+//
   function verifySignature (peer, payload, signature, callback) {
+    // payload = authtoken
+    // payload = Buffer.from(JSON.parse(payload.toString()).token, 'base64')
+
     const capabilities = capabilitiesByPeer[peer]
     if (!signature) {
       if (capabilities && capabilities.read && !capabilities.write) {
@@ -71,7 +75,39 @@ module.exports = function Auth (keys, roomEmitter) {
     }
   }
 
+  function checkEthereumSignature (ethereumWalletInfo, sender) {
+    return peerPadEthereumSignature.verifyIpfsIdSignature(sender, ethereumWalletInfo)
+  }
+
   function checkAuth (authToken, y, sender) {
+    return new Promise(function (resolve, reject) {
+      if (!authToken) {
+        return resolve('read')
+      }
+      // authToken = JSON.parse(Buffer.from(authToken))
+      console.log('authToken:', authToken)
+      const ethereumSignatureCheck = authToken.ethereumWalletInfo && checkEthereumSignature(JSON.parse(authToken.ethereumWalletInfo), sender)
+
+      const token = authToken.token
+      const verifications = [checkIpfsIdAuth(token, y, sender)]
+      if (ethereumSignatureCheck) {
+        verifications.push(ethereumSignatureCheck)
+      }
+
+      Promise.all(verifications)
+        .then(([ipfsVerResult, ethVerResult]) => {
+          console.log('ethVerResult:', ethVerResult)
+          if (ethereumSignatureCheck) {
+            auth.emit('authenticatedEthereum', sender, ethVerResult)
+          }
+
+          return ipfsVerResult ? resolve('write') : reject(new Error('bad signature'))
+        }
+      )
+    })
+  }
+
+  function checkIpfsIdAuth (authToken, y, sender) {
     return new Promise((resolve, reject) => {
       if (!authToken) {
         // TODO: is this correct?

src/backend/index.js

@@ -45,7 +45,7 @@ class Backend extends EventEmitter {
     // ---- initialize keys
     this._keys = await parseKeys(b58Decode(options.readKey), options.writeKey && b58Decode(options.writeKey))
 
-    const token = await authToken(this.ipfs, this._keys)
+    const token = await authToken(this.ipfs, this._keys) // ethereum wallet
     this.auth = Auth(this._keys, this.room)
     this.crdt = await CRDT(this._options.name, token, this._keys, this.ipfs, this.room, this.auth)
     this.crdt.share.access.observeDeep(this.auth.observer())

src/peers.js

@@ -24,6 +24,12 @@ class Peers extends EventEmitter {
         this._roomChanged()
       })
 
+      backend.auth.on('authenticatedEthereum', (peerId, ethereumInfo) => {
+        const peer = this._ensurePeer(peerId)
+        peer.ethereumInfo = ethereumInfo
+        this._roomChanged()
+      })
+
       backend.crdt.share.peerAliases.observe((event) => {
         const peerName = event.name
         if (['update', 'insert', 'add'].indexOf(event.type) >= 0) {
@@ -57,6 +63,7 @@ class Peers extends EventEmitter {
   }
 
   _roomChanged () {
+    console.log('room changed:', this.all())
     this.emit('change')
   }