Remove ton (#49)

nervosnetwork · May 14, 2024 · a2f85a3 · a2f85a3
1 parent 0298159
commit a2f85a3
Show file tree

Hide file tree

Showing 6 changed files with 2 additions and 203 deletions.
diff --git a/c/auth.c b/c/auth.c
@@ -51,16 +51,6 @@
 #define SOLANA_BLOCKHASH_SIZE 32
 #define SOLANA_MESSAGE_HEADER_SIZE 3
 
-#define TONCOIN_PUBKEY_SIZE 32
-#define TONCOIN_SIGNATURE_SIZE 64
-#define TONCOIN_WRAPPED_SIGNATURE_SIZE 512
-#define TONCOIN_UNWRAPPED_SIGNATURE_SIZE 510
-#define TONCOIN_BLOCKHASH_SIZE 32
-#define TONCOIN_MESSAGE_PREFIX_SIZE 18
-#define TONCOIN_MAX_PREIMAGE_SIZE 512
-#define TONCOIN_MESSAGE_PREFIX2_SIZE 11
-#define TONCOIN_PREIMAGE2_SIZE (2 + TONCOIN_MESSAGE_PREFIX2_SIZE + 32)
-
 #define MESSAGE_HEX_LEN 64
 #define ED25519_SIGNATURE_SIZE 64
 #define ED25519_PUBKEY_SIZE 32
@@ -622,85 +612,6 @@ int validate_signature_solana(uint8_t *prefilled_data, uint8_t algorithm_id,
     return 0;
 }
 
-// Ton uses ed25519 to sign messages. The message to be signed is
-// message = utf8_encode("ton-proof-item-v2/") ++
-//           Address ++
-//           AppDomain ++
-//           Timestamp ++
-//           Payload
-// signature = Ed25519Sign(privkey, sha256(0xffff ++ utf8_encode("ton-connect")
-// ++ sha256(message))) where Prefix = 18 bytes "ton-proof-item-v2/" without
-// trailing null Address = Big endian work chain (uint32) + address (32 bytes)
-// AppDomain = Little endian domain length (uint32) + domain (string without
-// trailling null) Timestamp = Epoch seconds Little endian uint64 Payload =
-// Arbitrary bytes, we use block hash here See ton official document on
-// ton-proof https://docs.ton.org/develop/dapps/ton-connect/sign
-int get_toncoin_message(const uint8_t *signed_msg, size_t signed_msg_len,
-                        const uint8_t *blockhash, uint8_t output[32]) {
-    int err = 0;
-    uint8_t preimage1[TONCOIN_MAX_PREIMAGE_SIZE];
-    uint8_t preimage2[TONCOIN_PREIMAGE2_SIZE];
-
-    int preimage1_size =
-        signed_msg_len + TONCOIN_MESSAGE_PREFIX_SIZE + TONCOIN_BLOCKHASH_SIZE;
-    CHECK2(preimage1_size <= TONCOIN_MAX_PREIMAGE_SIZE, ERROR_INVALID_ARG);
-
-    const mbedtls_md_info_t *md_info =
-        mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
-
-    memcpy(preimage1, "ton-proof-item-v2/", TONCOIN_MESSAGE_PREFIX_SIZE);
-    memcpy(preimage1 + TONCOIN_MESSAGE_PREFIX_SIZE, signed_msg, signed_msg_len);
-    memcpy(preimage1 + TONCOIN_MESSAGE_PREFIX_SIZE + signed_msg_len, blockhash,
-           TONCOIN_BLOCKHASH_SIZE);
-    preimage2[0] = 0xff;
-    preimage2[1] = 0xff;
-    memcpy(preimage2 + 2, "ton-connect", TONCOIN_MESSAGE_PREFIX2_SIZE);
-
-    CHECK(md_string(md_info, preimage1, preimage1_size,
-                    preimage2 + 2 + TONCOIN_MESSAGE_PREFIX2_SIZE));
-    CHECK(md_string(md_info, preimage2, TONCOIN_PREIMAGE2_SIZE, output));
-exit:
-    return err;
-}
-
-int validate_signature_toncoin(uint8_t *prefilled_data, uint8_t algorithm_id,
-                               const uint8_t *sig, size_t sig_len,
-                               const uint8_t *msg, size_t msg_len,
-                               uint8_t *out_pubkey_hash,
-                               size_t pubkey_hash_len) {
-    int err = 0;
-
-    CHECK2(sig_len == TONCOIN_WRAPPED_SIGNATURE_SIZE, ERROR_INVALID_ARG);
-    CHECK2(msg_len == TONCOIN_BLOCKHASH_SIZE, ERROR_INVALID_ARG);
-    sig_len = (size_t)sig[0] | ((size_t)sig[1] << 8);
-    CHECK2(sig_len <= TONCOIN_UNWRAPPED_SIGNATURE_SIZE, ERROR_INVALID_ARG);
-    const uint8_t *signature_ptr = sig + 2;
-    const uint8_t *pub_key_ptr = signature_ptr + TONCOIN_SIGNATURE_SIZE;
-    const uint8_t *signed_msg_ptr =
-        signature_ptr + TONCOIN_SIGNATURE_SIZE + TONCOIN_PUBKEY_SIZE;
-    size_t signed_msg_len =
-        sig_len - TONCOIN_SIGNATURE_SIZE - TONCOIN_PUBKEY_SIZE;
-
-    uint8_t message[32];
-    CHECK(get_toncoin_message(signed_msg_ptr, signed_msg_len, msg, message));
-
-    int suc =
-        ed25519_verify(signature_ptr, message, sizeof(message), pub_key_ptr);
-    CHECK2(suc == 1, ERROR_WRONG_STATE);
-
-    blake2b_state ctx;
-    uint8_t pubkey_hash[BLAKE2B_BLOCK_SIZE] = {0};
-    blake2b_init(&ctx, BLAKE2B_BLOCK_SIZE);
-    blake2b_update(&ctx, pub_key_ptr, TONCOIN_PUBKEY_SIZE);
-    blake2b_final(&ctx, pubkey_hash, sizeof(pubkey_hash));
-
-    uint8_t test_pubkey_hash[AUTH160_SIZE] = {0};
-    // memcpy(output, pubkey_hash, AUTH160_SIZE);
-    memcpy(out_pubkey_hash, test_pubkey_hash, AUTH160_SIZE);
-exit:
-    return err;
-}
-
 int convert_copy(const uint8_t *msg, size_t msg_len, uint8_t *new_msg,
                  size_t new_msg_len) {
     if (msg_len != new_msg_len || msg_len != BLAKE2B_BLOCK_SIZE)
@@ -1092,9 +1003,6 @@ __attribute__((visibility("default"))) int ckb_auth_validate(
         err = verify(&validator, validate_signature_ripple,
                      convert_ripple_message);
         CHECK(err);
-    } else if (algorithm_id == AuthAlgorithmIdToncoin) {
-        err = verify(&validator, validate_signature_toncoin, convert_copy);
-        CHECK(err);
     } else if (algorithm_id == AuthAlgorithmIdOwnerLock) {
         CHECK2(is_lock_script_hash_present(pubkey_hash), ERROR_MISMATCHED);
         err = 0;

diff --git a/c/ckb_auth.h b/c/ckb_auth.h
@@ -85,7 +85,7 @@ enum AuthAlgorithmIdType {
     AuthAlgorithmIdSolana = 13,
     AuthAlgorithmIdRipple = 14,
     AuthAlgorithmIdSecp256R1 = 15,
-    AuthAlgorithmIdToncoin = 16,
+    // AuthAlgorithmIdToncoin = 16,
     AuthAlgorithmIdSecp256R1Raw = 17,
     AuthAlgorithmIdOwnerLock = 0xFC,
 };

diff --git a/ckb-auth-rs/src/lib.rs b/ckb-auth-rs/src/lib.rs
@@ -44,7 +44,7 @@ pub enum AuthAlgorithmIdType {
     Solana = 13,
     Ripple = 14,
     Secp256r1 = 15,
-    Toncoin = 16,
+    // Toncoin = 16,
     Secp256r1Raw = 17,
     OwnerLock = 0xFC,
 }

diff --git a/docs/auth.md b/docs/auth.md
@@ -146,15 +146,6 @@ Key parameters:
 - pubkey: 32 compressed pubkey.
 - pubkey hash: sha256 and ripemd160 of pubkey, refer to [ckb-auth-cli ripple parse](../tools/ckb-auth-cli/src/ripple.rs).
 
-#### Toncoin (algorithm_id=16)
-The witness of a valid toncoin transaction should be a sequence of the following data.
-The whole length of the witness must be exactly 512. If there are any space left, pad it with zero.
-
-- size of the following data combined (little-endian `uint16_t`)
-- signature
-- public key
-- the message without prefix and payload
-
 ### Low Level APIs
 
 We define some low level APIs to auth libraries, which can be also used for other purposes.

diff --git a/docs/toncoin.md b/docs/toncoin.md
diff --git a/tests/auth-c-tests/src/lib.rs b/tests/auth-c-tests/src/lib.rs
@@ -867,7 +867,6 @@ pub fn auth_builder(t: AuthAlgorithmIdType, official: bool) -> result::Result<Bo
         AuthAlgorithmIdType::Secp256r1 => {
             return Ok(Secp256r1Auth::new());
         }
-        AuthAlgorithmIdType::Toncoin => todo!("Toncoin tests currectly unimplemented"),
         AuthAlgorithmIdType::Secp256r1Raw => {
             return Ok(Secp256r1RawAuth::new());
         }