From 745ac7097748c6ff0247b7549d3ac23332e2d43c Mon Sep 17 00:00:00 2001 From: redDwarf03 Date: Fri, 13 Dec 2024 12:55:15 +0100 Subject: [PATCH] feat: :sparkles: Improve security : encrypt the secret with aeWallet --- .../usecases/bridge_evm_to_ae.usecase.dart | 81 +++++++++++++++++-- lib/l10n/intl_en.arb | 1 + pubspec.lock | 62 ++++++++------ pubspec.yaml | 26 +++--- 4 files changed, 127 insertions(+), 43 deletions(-) diff --git a/lib/domain/usecases/bridge_evm_to_ae.usecase.dart b/lib/domain/usecases/bridge_evm_to_ae.usecase.dart index 706fa274..3d729477 100644 --- a/lib/domain/usecases/bridge_evm_to_ae.usecase.dart +++ b/lib/domain/usecases/bridge_evm_to_ae.usecase.dart @@ -13,6 +13,7 @@ import 'package:aebridge/util/faucet_util.dart'; import 'package:archethic_dapp_framework_flutter/archethic_dapp_framework_flutter.dart' as aedappfm; import 'package:archethic_lib_dart/archethic_lib_dart.dart'; +import 'package:archethic_wallet_client/archethic_wallet_client.dart' as awc; import 'package:crypto/crypto.dart'; import 'package:flutter/foundation.dart'; import 'package:flutter_gen/gen_l10n/localizations.dart'; @@ -38,16 +39,82 @@ class BridgeEVMToArchethicUseCase final session = ref.read(sessionNotifierProvider); await bridgeNotifier.setCurrentStep(0); - Uint8List? secret; - if (recoverySecret != null) { - secret = Uint8List.fromList(recoverySecret); - } else { - secret = generateRandomSecret(); - await bridgeNotifier.setSecret(secret.toList()); + late Uint8List secret; + try { + final dappClient = await aedappfm.sl.getAsync(); + final walletTo = session.walletTo; + if (recoverySecret != null) { + final encryptedSecret = Uint8List.fromList(recoverySecret); + + final decryptedPayloadsResult = await dappClient.decryptPayloads( + awc.DecryptPayloadRequest( + serviceName: + Uri.encodeFull('archethic-wallet-${walletTo!.nameAccount}'), + payloads: [ + awc.DecryptPayloadRequestData( + payload: uint8ListToHex(encryptedSecret), + isHexa: true, + ), + ], + description: { + 'en': localizations.aeDecryptSecret, + }, + ), + ); + await decryptedPayloadsResult.when( + success: (decryptedPayloads) { + secret = hexToUint8List( + decryptedPayloads.decryptedPayloads[0].decryptedPayload, + ); + }, + failure: (failure) async { + await bridgeNotifier + .setFailure(const aedappfm.Failure.connectivityArchethic()); + await bridgeNotifier.setTransferInProgress(false); + throw Exception(); + }, + ); + } else { + secret = generateRandomSecret(); + + final encryptedPayloadsResult = await dappClient.encryptPayloads( + awc.EncryptPayloadRequest( + serviceName: + Uri.encodeFull('archethic-wallet-${walletTo!.nameAccount}'), + payloads: [ + awc.EncryptPayloadRequestData( + payload: uint8ListToHex(secret), + isHexa: true, + ), + ], + ), + ); + await encryptedPayloadsResult.when( + success: (encryptedPayload) async { + await bridgeNotifier.setSecret( + hexToUint8List( + encryptedPayload.encryptedPayloads[0].encryptedPayload, + ), + ); + }, + failure: (failure) async { + await bridgeNotifier + .setFailure(const aedappfm.Failure.connectivityArchethic()); + await bridgeNotifier.setTransferInProgress(false); + throw Exception(); + }, + ); + } + } catch (e) { + await bridgeNotifier.setFailure( + aedappfm.Failure.other(cause: '$e'), + ); + await bridgeNotifier.setTransferInProgress(false); + throw Exception(); } final secretHash = sha256.convert( - secret, + secret.toList(), ); String? htlcEVMAddress; diff --git a/lib/l10n/intl_en.arb b/lib/l10n/intl_en.arb index 74c50724..12c2e86c 100644 --- a/lib/l10n/intl_en.arb +++ b/lib/l10n/intl_en.arb @@ -210,6 +210,7 @@ "aeSignTxDesc3": "This action reveals the secret required to securely unlock funds on both chains, ensuring the finality and symmetry of the bridge.", "aeSignTxDesc4": "This action allows funds to be sent to the smart contract, enabling its execution and ensuring the secure processing of the bridge", "aeSignTxDesc5": "This action allows you to execute the refund of your funds.", + "aeDecryptSecret": "This action allows to decrypt the secret required to secure the bridge between the 2 blockchains.", "aeBridgeProvidedBy": "Bridge provided by", "trustWalletWarning": "Trust Wallet users, please check that the \"Authorize eth_sign\" option is ticked in your application's security menu before processing." } \ No newline at end of file diff --git a/pubspec.lock b/pubspec.lock index 55be4b7d..aaa091b0 100644 --- a/pubspec.lock +++ b/pubspec.lock @@ -41,27 +41,30 @@ packages: archethic_dapp_framework_flutter: dependency: "direct main" description: - name: archethic_dapp_framework_flutter - sha256: "71ae3c60cb11dc63651e3f114e2c23752b9505abf5679b023b41aaf872c4150d" - url: "https://pub.dev" - source: hosted - version: "3.0.3" + path: "." + ref: "41-rpc---add-encrypt-and-decrypt-methods" + resolved-ref: "2a2115006b49fc8e42cb503de0ec4ff5ea810488" + url: "https://github.com/archethic-foundation/archethic-dapp-framework-flutter.git" + source: git + version: "3.2.4" archethic_lib_dart: dependency: "direct main" description: - name: archethic_lib_dart - sha256: "741e01c105feea9e49da15ee8742fa1a831bcdb371adb623b49516034520ee1c" - url: "https://pub.dev" - source: hosted + path: "." + ref: upgrade_graqhql + resolved-ref: "9b2f293359595cf498d4c33074327d93233486dd" + url: "https://github.com/archethic-foundation/libdart.git" + source: git version: "4.0.0" archethic_wallet_client: dependency: "direct main" description: - name: archethic_wallet_client - sha256: "692f87f11d4515e9fb8d74b37a2d7da01674f1f9fc95b487b835fb647538a2a6" - url: "https://pub.dev" - source: hosted - version: "2.1.5" + path: "." + ref: "70-add-encrypt-and-decrypt-methods" + resolved-ref: a495d795b690c945513138355443c35f1cdecaf1 + url: "https://github.com/archethic-foundation/archethic-wallet-client-dart.git" + source: git + version: "2.2.0" archive: dependency: transitive description: @@ -656,11 +659,12 @@ packages: graphql: dependency: transitive description: - name: graphql - sha256: d066e53446166c12537458386b507f7426f2b8801ebafc184576aab3cbc64d56 - url: "https://pub.dev" - source: hosted - version: "5.2.0-beta.7" + path: "packages/graphql" + ref: hagen00-upgrade-packages + resolved-ref: "3d4ef96def5234adcd5c41af281c84a8a6ed7850" + url: "https://github.com/hagen00/graphql-flutter.git" + source: git + version: "5.2.0-beta.9" graphs: dependency: transitive description: @@ -1073,10 +1077,10 @@ packages: dependency: transitive description: name: phoenix_socket - sha256: "2d56ffde59875673bffdabd1f709307ab34b317bd868402e3d3a61c23c333b1b" + sha256: "6f1a355177eb1bf61b388407cf18f200fdf06bc5c1d9d05ac87cdd8a27d3ddd6" url: "https://pub.dev" source: hosted - version: "0.7.4" + version: "0.7.6" pinenacl: dependency: transitive description: @@ -1638,18 +1642,26 @@ packages: dependency: transitive description: name: web - sha256: "97da13628db363c635202ad97068d47c5b8aa555808e7a9411963c533b449b27" + sha256: cd3543bd5798f6ad290ea73d210f423502e71900302dde696f8bff84bf89a1cb url: "https://pub.dev" source: hosted - version: "0.5.1" + version: "1.1.0" + web_socket: + dependency: transitive + description: + name: web_socket + sha256: "3c12d96c0c9a4eec095246debcea7b86c0324f22df69893d538fcc6f1b8cce83" + url: "https://pub.dev" + source: hosted + version: "0.1.6" web_socket_channel: dependency: transitive description: name: web_socket_channel - sha256: "58c6666b342a38816b2e7e50ed0f1e261959630becd4c879c4f26bfa14aa5a42" + sha256: "9f187088ed104edd8662ca07af4b124465893caf063ba29758f97af57e61da8f" url: "https://pub.dev" source: hosted - version: "2.4.5" + version: "3.0.1" webkit_inspection_protocol: dependency: transitive description: diff --git a/pubspec.yaml b/pubspec.yaml index 6c81a1f3..ededd88c 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -8,25 +8,29 @@ environment: sdk: ">=3.3.0 <4.0.0" dependencies: - archethic_dapp_framework_flutter: ^3.0.3 - #archethic_dapp_framework_flutter: - # git: - # url: https://github.com/archethic-foundation/archethic-dapp-framework-flutter.git - # ref: 20-add-btc-in-fetch-price-method + #archethic_dapp_framework_flutter: ^3.0.3 + archethic_dapp_framework_flutter: + git: + url: https://github.com/archethic-foundation/archethic-dapp-framework-flutter.git + ref: 41-rpc---add-encrypt-and-decrypt-methods #archethic_dapp_framework_flutter: # path: ../archethic-dapp-framework-flutter # Archethic dart library for Flutter - archethic_lib_dart: ^4.0.0 + #archethic_lib_dart: ^4.0.0 + archethic_lib_dart: + git: # TODO Waiting for https://github.com/zino-hofmann/graphql-flutter/issues/1460 resolution to use stable versions. + url: https://github.com/archethic-foundation/libdart.git + ref: upgrade_graqhql # archethic_lib_dart: # path: ../../packages/libdart # A client dart library to interact with Archethic Wallet RPC API. - archethic_wallet_client: ^2.1.5 - #archethic_wallet_client: - # git: - # url: https://github.com/archethic-foundation/archethic-wallet-client-dart.git - # ref: dev + #archethic_wallet_client: ^2.1.5 + archethic_wallet_client: + git: + url: https://github.com/archethic-foundation/archethic-wallet-client-dart.git + ref: 70-add-encrypt-and-decrypt-methods # archethic_wallet_client: # path: ../../packages/archethic-wallet-client-dart