Smart wallet contract

Kizito · July 18, 2024, 12:23pm

Hello,
I have some questions regarding the smart wallet contract methods. For the transfer parameters, I just need some clarification on what the service_fee_recipient, will that be an account address or a public key? Also, regarding the signature, I understand that it will be obtained by signing a message with a private key. Could you shed more light on that too? Thanks

Doris · July 18, 2024, 3:12pm

The service_fee_recipient is an ed25519 public key.

github.com

Concordium/concordium-rust-smart-contracts/blob/main/examples/cis5-smart-contract-wallet/src/lib.rs#L560


      
          #[derive(Serialize, Clone, SchemaType)]
          #[cfg_attr(feature = "serde", derive(SerdeSerialize, SerdeDeserialize))]
          pub struct WithdrawMessage<T: SigningAmount> {
              /// The entry_point that the signature is intended for.
              pub entry_point:           OwnedEntrypointName,
              /// A timestamp to make the signatures expire.
              pub expiry_time:           Timestamp,
              /// A nonce to prevent replay attacks.
              pub nonce:                 u64,
              /// The recipient public key of the service fee.
              pub service_fee_recipient: PublicKeyEd25519,
              /// The amount of CCD or tokens to be received as a service fee.
              pub service_fee_amount:    T,
              /// List of withdrawals.
              #[concordium(size_length = 2)]
              pub simple_withdraws:      Vec<Withdraw<T>>,
          }
          
          impl<T: SigningAmount> IsMessage for WithdrawMessage<T> {
              fn expiry_time(&self) -> Timestamp { self.expiry_time }

The smart contract verifies your signature using ed25519 signature protocol.

github.com

Concordium/concordium-rust-smart-contracts/blob/main/examples/cis5-smart-contract-wallet/src/lib.rs#L654


      
              let mut entry = host.state_mut().nonces_registry.entry(signer).or_insert_with(|| 0);
          
              // Check the nonce to prevent replay attacks.
              ensure_eq!(message.nonce(), *entry, CustomContractError::NonceMismatch);
          
              // Bump the nonce.
              *entry += 1;
          
              // Check the signature.
              let valid_signature =
                  crypto_primitives.verify_ed25519_signature(signer, signature, &message_hash);
              ensure!(valid_signature, CustomContractError::WrongSignature);
          
              Ok(())
          }
          
          /// Helper function to calculate the `WithdrawMessageHash` for a CCD amount.
          #[receive(
              contract = "smart_contract_wallet",
              name = "getCcdWithdrawMessageHash",
              parameter = "WithdrawMessage<Amount>",

The flow will be:

Generate a private-public key pair generated with the ed25519 schema.
Generate the message hash to be signed (either by implementing the same logic for generating the message hash off-chain or by calling e.g. the getCcdTransferMessageHash method in the smart contract)
Signe the message hash off-chain using the ed25519 schema.
Submit your signature to the smart contract (with the other input parameters) to authorize the action.

Kizito · July 19, 2024, 3:39pm

Hello,
i used tweetnacl to generate keypairs and signed the message

        const message = {
            entry_point: "transferCcd",
            expiry_time: await this.getExpiryTime(),
            nonce: 0,
            service_fee_amount: new CcdAmount(0),
            service_fee_recipient: "577f47c193a11f205b1a3df9bae544d67f861dcf7955af8bd947f3062ea9d690",
            simple_transfers: [
              {
                to: "fac4c397e3c1b2fd3f68184207216ec5840ba2ba71e4aa1998ba6211db6cc495",
                transfer_amount: new CcdAmount(amount)
              }
            ]
        }

Using the hash generated from getCcdTransferMessageHash with the private to get the signature using this payload as param for the transferCcd

        {
          message,
          signature,
          signer: "6dd51b106da4d55c1fa1647464e88d007d5ef940178c3869413a0f97ba047df5"
        }

I still get rejectReason: -6, which is Wrong signature despite verifying off-chain

Doris · July 22, 2024, 9:23am

Hi Kizito,
were you able to verify the signature by now? This error often occurs if the hash from the object signed is slightly different from the input parameter you provide to the smart contract function. Could it be that your this.getExpiryTime() is different from the value signed vs the value provided as an input parameter to the smart contract?