def test_transacting_power_sign_message(testerchain):
# Manually create a TransactingPower
eth_address = testerchain.etherbase_account
power = TransactingPower(password=INSECURE_DEVELOPMENT_PASSWORD,
signer=Web3Signer(testerchain.client),
account=eth_address)
# Manually unlock
power.unlock(password=INSECURE_DEVELOPMENT_PASSWORD)
# Sign
data_to_sign = b'Premium Select Luxury Pencil Holder'
signature = power.sign_message(message=data_to_sign)
# Verify
is_verified = verify_eip_191(address=eth_address,
message=data_to_sign,
signature=signature)
assert is_verified is True
# Test invalid address/pubkey pair
is_verified = verify_eip_191(address=testerchain.client.accounts[1],
message=data_to_sign,
signature=signature)
assert is_verified is False
def test_character_blockchain_power(testerchain, three_agents):
# TODO: Handle multiple providers
eth_address = testerchain.interface.w3.eth.accounts[0]
sig_privkey = testerchain.interface.provider.ethereum_tester.backend._key_lookup[
eth_utils.to_canonical_address(eth_address)]
sig_pubkey = sig_privkey.public_key
signer = Character(is_me=True, checksum_address=eth_address)
signer._crypto_power.consume_power_up(BlockchainPower(testerchain, eth_address))
# Due to testing backend, the account is already unlocked.
power = signer._crypto_power.power_ups(BlockchainPower)
power.is_unlocked = True
# power.unlock_account('this-is-not-a-secure-password')
data_to_sign = b'What does Ursula look like?!?'
sig = power.sign_message(data_to_sign)
is_verified = verify_eip_191(address=eth_address, message=data_to_sign, signature=sig)
assert is_verified is True
# Test a bad address/pubkey pair
is_verified = verify_eip_191(address=testerchain.interface.w3.eth.accounts[1],
message=data_to_sign,
signature=sig)
assert is_verified is False
# Test a signature without unlocking the account
power.is_unlocked = False
with pytest.raises(PowerUpError):
power.sign_message(b'test')
# Test lockAccount call
del power
def _stamp_has_valid_wallet_signature(self) -> bool:
"""Off-chain Signature Verification of ethereum client signature of stamp"""
if self.__decentralized_identity_evidence is NOT_SIGNED:
return False
signature_is_valid = verify_eip_191(
message=bytes(self.stamp),
signature=self.__decentralized_identity_evidence,
address=self.checksum_address)
return signature_is_valid
def test_blockchain_ursula_substantiates_stamp(blockchain_ursulas):
first_ursula = list(blockchain_ursulas)[0]
signature_as_bytes = first_ursula.decentralized_identity_evidence
signature_as_bytes = to_standard_signature_bytes(signature_as_bytes)
assert verify_eip_191(address=first_ursula.worker_address,
message=bytes(first_ursula.stamp),
signature=signature_as_bytes)
# This method is a shortcut for the above.
assert first_ursula._stamp_has_valid_signature_by_worker()
def test_character_transacting_power_signing(testerchain, agency,
test_registry):
# Pretend to be a character.
eth_address = testerchain.etherbase_account
signer = Character(is_me=True,
registry=test_registry,
checksum_address=eth_address)
# Manually consume the power up
transacting_power = TransactingPower(
password=INSECURE_DEVELOPMENT_PASSWORD,
signer=Web3Signer(testerchain.client),
account=eth_address)
signer._crypto_power.consume_power_up(transacting_power)
# Retrieve the power up
power = signer._crypto_power.power_ups(TransactingPower)
assert power == transacting_power
assert testerchain.transacting_power == power
assert power.is_active is True
assert power.is_unlocked is True
assert testerchain.transacting_power.is_unlocked is True
# Sign Message
data_to_sign = b'Premium Select Luxury Pencil Holder'
signature = power.sign_message(message=data_to_sign)
is_verified = verify_eip_191(address=eth_address,
message=data_to_sign,
signature=signature)
assert is_verified is True
# Sign Transaction
transaction_dict = {
'nonce': testerchain.client.w3.eth.getTransactionCount(eth_address),
'gasPrice': testerchain.client.w3.eth.gasPrice,
'gas': 100000,
'from': eth_address,
'to': testerchain.unassigned_accounts[1],
'value': 1,
'data': b''
}
signed_transaction = power.sign_transaction(
transaction_dict=transaction_dict)
# Demonstrate that the transaction is valid RLP encoded.
restored_transaction = Transaction.from_bytes(
serialized_bytes=signed_transaction)
restored_dict = restored_transaction.as_dict()
assert to_checksum_address(restored_dict['to']) == transaction_dict['to']
def test_transacting_power_sign_message(testerchain):
# Manually create a TransactingPower
testerchain.connect()
eth_address = testerchain.etherbase_account
power = TransactingPower(blockchain=testerchain,
password=INSECURE_DEVELOPMENT_PASSWORD,
account=eth_address)
# The default state of the account is locked.
# Test a signature without unlocking the account
with pytest.raises(PowerUpError):
power.sign_message(message=b'test')
# Manually unlock
power.unlock_account(password=INSECURE_DEVELOPMENT_PASSWORD)
# Sign
data_to_sign = b'Premium Select Luxury Pencil Holder'
signature = power.sign_message(message=data_to_sign)
# Verify
is_verified = verify_eip_191(address=eth_address,
message=data_to_sign,
signature=signature)
assert is_verified is True
# Test invalid address/pubkey pair
is_verified = verify_eip_191(address=testerchain.client.accounts[1],
message=data_to_sign,
signature=signature)
assert is_verified is False
# Test lockAccount call
power.lock_account()
# Test a signature without unlocking the account
with pytest.raises(PowerUpError):
power.sign_message(message=b'test')
del power # Locks account
def test_geth_EIP_191_client_signature_integration(geth_dev_node):
if 'CIRCLECI' in os.environ:
pytest.skip("Do not run Geth nodes in CI")
# Start a geth process
blockchain = BlockchainInterface(provider_process=geth_dev_node, sync_now=False)
# Sign a message (RPC) and verify it.
etherbase = blockchain.client.accounts[0]
stamp = b'STAMP-' + os.urandom(64)
signature = blockchain.client.sign_message(account=etherbase, message=stamp)
is_valid = verify_eip_191(address=etherbase,
signature=signature,
message=stamp)
assert is_valid
def test_geth_EIP_191_client_signature_integration(instant_geth_dev_node):
# Start a geth process
blockchain = BlockchainInterface(provider_process=instant_geth_dev_node,
poa=True)
blockchain.connect()
# Sign a message (RPC) and verify it.
etherbase = blockchain.client.accounts[0]
stamp = b'STAMP-' + os.urandom(64)
signature = blockchain.client.sign_message(account=etherbase,
message=stamp)
is_valid = verify_eip_191(address=etherbase,
signature=signature,
message=stamp)
assert is_valid
def verify_blockchain_signature(self, checksum_address):
self._set_payload()
return verify_eip_191(message=self._payload,
signature=self._blockchain_signature,
address=checksum_address)
def test_verify_eip191(testerchain, signature_verifier):
message = os.urandom(100)
# Generate Umbral key
umbral_privkey = SecretKey.random()
umbral_pubkey = umbral_privkey.public_key()
umbral_pubkey_bytes = pubkey_as_uncompressed_bytes(umbral_pubkey)
#
# Check EIP191 signatures: Version E
#
# Produce EIP191 signature (version E)
signable_message = encode_defunct(primitive=message)
signature = Account.sign_message(signable_message=signable_message,
private_key=bytes(umbral_privkey))
signature = bytes(signature.signature)
# Off-chain verify, just in case
checksum_address = to_checksum_address(
canonical_address_from_umbral_key(umbral_pubkey))
assert verify_eip_191(address=checksum_address,
message=message,
signature=signature)
# Verify signature on-chain
version_E = b'E'
assert signature_verifier.functions.verifyEIP191(message, signature,
umbral_pubkey_bytes,
version_E).call()
# Of course, it'll fail if we try using version 0
version_0 = b'\x00'
assert not signature_verifier.functions.verifyEIP191(
message, signature, umbral_pubkey_bytes, version_0).call()
# Check that the hash-based method also works independently
hash = signature_verifier.functions.hashEIP191(message, version_E).call()
eip191_header = "\x19Ethereum Signed Message:\n" + str(len(message))
assert hash == keccak_digest(eip191_header.encode() + message)
address = signature_verifier.functions.recover(hash, signature).call()
assert address == checksum_address
#
# Check EIP191 signatures: Version 0
#
# Produce EIP191 signature (version 0)
validator = to_canonical_address(signature_verifier.address)
signable_message = SignableMessage(version=HexBytes(version_0),
header=HexBytes(validator),
body=HexBytes(message))
signature = Account.sign_message(signable_message=signable_message,
private_key=bytes(umbral_privkey))
signature = bytes(signature.signature)
# Off-chain verify, just in case
checksum_address = to_checksum_address(
canonical_address_from_umbral_key(umbral_pubkey))
assert checksum_address == Account.recover_message(
signable_message=signable_message, signature=signature)
# On chain verify signature
assert signature_verifier.functions.verifyEIP191(message, signature,
umbral_pubkey_bytes,
version_0).call()
# Of course, now it fails if we try with version E
assert not signature_verifier.functions.verifyEIP191(
message, signature, umbral_pubkey_bytes, version_E).call()
# Check that the hash-based method also works independently
hash = signature_verifier.functions.hashEIP191(message, version_0).call()
eip191_header = b"\x19\x00" + validator
assert hash == keccak_digest(eip191_header + message)
address = signature_verifier.functions.recover(hash, signature).call()
assert address == checksum_address
