feat: implement EIP-4361 support with SIWS message handling and verif…

…ication
supabase · Jan 17, 2025 · 9e42bb2 · 9e42bb2
1 parent a4c692f
commit 9e42bb2
Show file tree

Hide file tree

Showing 22 changed files with 1,092 additions and 9 deletions.
diff --git a/example.env b/example.env
@@ -168,6 +168,17 @@ GOTRUE_EXTERNAL_ZOOM_CLIENT_ID=""
 GOTRUE_EXTERNAL_ZOOM_SECRET=""
 GOTRUE_EXTERNAL_ZOOM_REDIRECT_URI="http://localhost:9999/callback"
 
+# EIP-4361 OAuth config
+GOTRUE_EXTERNAL_EIP4361_ENABLED="true"
+GOTRUE_EXTERNAL_EIP4361_STATEMENT="Sign this message to verify your identity"
+GOTRUE_EXTERNAL_EIP4361_VERSION="1"
+GOTRUE_EXTERNAL_EIP4361_TIMEOUT="300s"
+GOTRUE_EXTERNAL_EIP4361_DOMAIN="localhost:9999"
+
+# Supported Chains Configuration
+GOTRUE_EXTERNAL_EIP4361_SUPPORTED_CHAINS="ethereum:1,ethereum:137,solana:mainnet,solana:devnet"
+GOTRUE_EXTERNAL_EIP4361_DEFAULT_CHAIN="ethereum:1"
+
 # Anonymous auth config
 GOTRUE_EXTERNAL_ANONYMOUS_USERS_ENABLED="false"
 

diff --git a/external_eip4361_siws_example.go b/external_eip4361_siws_example.go
@@ -0,0 +1,75 @@
+package main
+
+import (
+	"crypto/ed25519"
+	"crypto/rand"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"time"
+
+	"github.com/btcsuite/btcutil/base58"
+	siws "github.com/supabase/auth/internal/utilities/siws"
+)
+
+func LogSIWSExample() {
+	// Configuration
+	domain := "localhost:9999"
+	statement := "Sign in with your Solana account"
+	version := "1"
+	chain := "solana:mainnet"
+
+	// Generate keys
+	pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
+	if err != nil {
+		fmt.Println("Error generating keys:", err)
+		return
+	}
+	pubKeyBase58 := base58.Encode(pubKey)
+
+	// Generate nonce
+	nonce, err := siws.GenerateNonce()
+	if err != nil {
+		fmt.Println("Error generating nonce:", err)
+		return
+	}
+
+	// Create SIWS message
+	msg := siws.SIWSMessage{
+		Domain:    domain,
+		Address:   pubKeyBase58,
+		Statement: statement,
+		URI:       "https://example.com",
+		Version:   version,
+		Nonce:     nonce,
+		IssuedAt:  time.Now().UTC(),
+	}
+
+	rawMessage := siws.ConstructMessage(msg)
+
+	// Sign the message
+	signature := ed25519.Sign(privKey, []byte(rawMessage))
+	signatureBase64 := base64.StdEncoding.EncodeToString(signature)
+
+	// Generate JSON payload
+	payload := map[string]string{
+		"grant_type": "eip4361",
+		"message":    rawMessage,
+		"signature":  signatureBase64,
+		"address":    pubKeyBase58,
+		"chain":      chain,
+	}
+
+	payloadJSON, err := json.Marshal(payload)
+	if err != nil {
+		fmt.Println("Error generating payload JSON:", err)
+		return
+	}
+
+	// Print JavaScript fetch code
+	fmt.Println(string(payloadJSON))
+}
+
+// func main() {
+// 	LogSIWSExample()
+// }
diff --git a/go.mod b/go.mod
@@ -34,14 +34,17 @@ require (
 )
 
 require (
-	github.com/bits-and-blooms/bitset v1.10.0 // indirect
+	github.com/bits-and-blooms/bitset v1.13.0 // indirect
+	github.com/btcsuite/btcutil v1.0.2 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect
+	github.com/ethereum/go-ethereum v1.14.12 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
 	github.com/go-webauthn/x v0.1.12 // indirect
 	github.com/gobuffalo/nulls v0.4.2 // indirect
 	github.com/goccy/go-json v0.10.3 // indirect
 	github.com/google/go-tpm v0.9.1 // indirect
+	github.com/holiman/uint256 v1.3.1 // indirect
 	github.com/jackc/pgx/v4 v4.18.2 // indirect
 	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
 	github.com/lestrrat-go/httpcc v1.0.1 // indirect
@@ -98,10 +101,10 @@ require (
 	github.com/beevik/etree v1.1.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/crewjam/httperr v0.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/fatih/color v1.13.0 // indirect
+	github.com/fatih/color v1.16.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
@@ -130,7 +133,7 @@ require (
 	github.com/luna-duclos/instrumentedsql v1.1.3 // indirect
 	github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.16 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-sqlite3 v2.0.3+incompatible // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
@@ -146,15 +149,15 @@ require (
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	go.opentelemetry.io/proto/otlp v1.2.0 // indirect
-	golang.org/x/exp v0.0.0-20230213192124-5e25df0256eb
-	golang.org/x/net v0.23.0 // indirect
+	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
+	golang.org/x/net v0.24.0 // indirect
 	golang.org/x/sync v0.10.0
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
-	golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect
+	golang.org/x/time v0.5.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/grpc v1.63.2 // indirect
-	google.golang.org/protobuf v1.33.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect