Custom Auth EIP-1271 example

.gitmodules

@@ -1,3 +1,6 @@
+[submodule "eip-1271/contracts/lib/forge-std"]
+	path = eip-1271/contracts/lib/forge-std
+	url = https://github.com/foundry-rs/forge-std
 [submodule "custom-auth-telegram-example"]
 	path = custom-auth-telegram-example
 	url = https://github.com/LIT-Protocol/custom-auth-telegram-example.git

eip-1271/contracts/.gitignore

@@ -0,0 +1,14 @@
+# Compiler files
+cache/
+out/
+
+# Ignores development broadcast logs
+!/broadcast
+/broadcast/*/31337/
+/broadcast/**/dry-run/
+
+# Docs
+docs/
+
+# Dotenv file
+.env

eip-1271/contracts/README.md

@@ -0,0 +1,66 @@
+## Foundry
+
+**Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.**
+
+Foundry consists of:
+
+-   **Forge**: Ethereum testing framework (like Truffle, Hardhat and DappTools).
+-   **Cast**: Swiss army knife for interacting with EVM smart contracts, sending transactions and getting chain data.
+-   **Anvil**: Local Ethereum node, akin to Ganache, Hardhat Network.
+-   **Chisel**: Fast, utilitarian, and verbose solidity REPL.
+
+## Documentation
+
+https://book.getfoundry.sh/
+
+## Usage
+
+### Build
+
+```shell
+$ forge build
+```
+
+### Test
+
+```shell
+$ forge test
+```
+
+### Format
+
+```shell
+$ forge fmt
+```
+
+### Gas Snapshots
+
+```shell
+$ forge snapshot
+```
+
+### Anvil
+
+```shell
+$ anvil
+```
+
+### Deploy
+
+```shell
+$ forge script script/Counter.s.sol:CounterScript --rpc-url <your_rpc_url> --private-key <your_private_key>
+```
+
+### Cast
+
+```shell
+$ cast <subcommand>
+```
+
+### Help
+
+```shell
+$ forge --help
+$ anvil --help
+$ cast --help
+```

eip-1271/contracts/foundry.toml

@@ -0,0 +1,6 @@
+[profile.default]
+src = "src"
+out = "out"
+libs = ["lib"]
+
+# See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options

eip-1271/contracts/script/WhitelistEIP1271.s.sol

@@ -0,0 +1,28 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+import "forge-std/Script.sol";
+import "../src/WhitelistEIP1271.sol";
+
+contract DeployWhitelistEIP1271 is Script {
+    function run() external {
+        uint256 deployerPrivateKey = vm.envUint("PRIVATE_KEY");
+        vm.startBroadcast(deployerPrivateKey);
+
+        // Sample whitelist addresses (replace with actual addresses if needed)
+        address[] memory whitelistedAddresses = new address[](3);
+        whitelistedAddresses[0] = 0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266;
+        whitelistedAddresses[1] = 0x70997970C51812dc3A010C7d01b50e0d17dc79C8;
+        whitelistedAddresses[2] = 0x3C44CdDdB6a900fa2b585dd299e03d12FA4293BC;
+
+        // Set the signature threshold
+        uint256 signatureThreshold = 2;
+
+        // Deploy the contract
+        WhitelistEIP1271 whitelistContract = new WhitelistEIP1271(whitelistedAddresses, signatureThreshold);
+
+        console.log("WhitelistEIP1271 deployed at:", address(whitelistContract));
+
+        vm.stopBroadcast();
+    }
+}

eip-1271/contracts/src/WhitelistEIP1271.sol

@@ -0,0 +1,95 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity ^0.8.13;
+
+contract WhitelistEIP1271 {
+    mapping(address => bool) public whitelist;
+    address[] public whitelistedAddresses;
+    mapping(bytes32 => bytes) public signatures;
+    uint256 public immutable SIGNATURE_THRESHOLD;
+
+    constructor(address[] memory _addresses, uint256 _threshold) {
+        for (uint256 i = 0; i < _addresses.length; i++) {
+            whitelist[_addresses[i]] = true;
+            whitelistedAddresses.push(_addresses[i]);
+        }
+        SIGNATURE_THRESHOLD = _threshold;
+    }
+
+    function isWhitelisted(address _address) public view returns (bool) {
+        return whitelist[_address];
+    }
+
+    function getWhitelistedAddresses() public view returns (address[] memory) {
+        return whitelistedAddresses;
+    }
+
+    function signTx(bytes32 _txHash, bytes memory _signature) public returns (bool) {
+        require(_signature.length == 65, "Invalid signature length");
+
+        bytes32 r;
+        bytes32 s;
+        uint8 v;
+
+        assembly {
+            r := mload(add(_signature, 32))
+            s := mload(add(_signature, 64))
+            v := byte(0, mload(add(_signature, 96)))
+        }
+
+        if (v < 27) {
+            v += 27;
+        }
+
+        address signer = ecrecover(_txHash, v, r, s);
+        require(signer != address(0), "ECDSA: invalid signature");
+        require(whitelist[signer], "Signer not whitelisted");
+
+        if (signatures[_txHash].length == 0) {
+            signatures[_txHash] = _signature;
+        } else {
+            signatures[_txHash] = abi.encodePacked(signatures[_txHash], _signature);
+        }
+
+        return true;
+    }
+
+    function isValidSignature(bytes32 _hash, bytes memory _signatures) public view returns (bytes4) {
+        if (_signatures.length == 0) {
+            return 0xffffffff; // No signatures provided
+        }
+
+        if (_signatures.length % 65 != 0) {
+            return 0xffffffff; // Invalid signatures length
+        }
+
+        uint256 signatureCount = _signatures.length / 65;
+        uint256 whitelistedSignerCount = 0;
+
+        for (uint256 i = 0; i < signatureCount; i++) {
+            bytes32 r;
+            bytes32 s;
+            uint8 v;
+
+            assembly {
+                r := mload(add(_signatures, add(32, mul(i, 65))))
+                s := mload(add(_signatures, add(64, mul(i, 65))))
+                v := byte(0, mload(add(_signatures, add(96, mul(i, 65)))))
+            }
+
+            if (v < 27) {
+                v += 27;
+            }
+
+            address signer = ecrecover(_hash, v, r, s);
+            if (signer != address(0) && whitelist[signer]) {
+                whitelistedSignerCount++;
+            }
+        }
+
+        if (whitelistedSignerCount >= SIGNATURE_THRESHOLD) {
+            return 0x1626ba7e; // bytes4(keccak256("isValidSignature(bytes32,bytes)")
+        } else {
+            return 0xffffffff; // Not enough valid signatures
+        }
+    }
+}

eip-1271/contracts/test/WhitelistEIP1271.t.sol

@@ -0,0 +1,94 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+import "forge-std/Test.sol";
+import "../src/WhitelistEIP1271.sol";
+
+contract WhitelistEIP1271Test is Test {
+    WhitelistEIP1271 public whitelistContract;
+    uint256 constant SIGNATURE_THRESHOLD = 2;
+    address[] whitelistedAddresses;
+    uint256[] privateKeys;
+
+    function setUp() public {
+        // Generate some test addresses and their private keys
+        for (uint i = 0; i < 3; i++) {
+            uint256 privateKey = uint256(keccak256(abi.encodePacked("test key", i)));
+            address addr = vm.addr(privateKey);
+            whitelistedAddresses.push(addr);
+            privateKeys.push(privateKey);
+        }
+
+        whitelistContract = new WhitelistEIP1271(whitelistedAddresses, SIGNATURE_THRESHOLD);
+    }
+
+    function testWhitelisting() public {
+        for (uint i = 0; i < whitelistedAddresses.length; i++) {
+            assertTrue(whitelistContract.isWhitelisted(whitelistedAddresses[i]));
+        }
+        assertFalse(whitelistContract.isWhitelisted(address(0xdead)));
+    }
+
+    function testGetWhitelistedAddresses() public {
+        address[] memory returnedAddresses = whitelistContract.getWhitelistedAddresses();
+        assertEq(returnedAddresses.length, whitelistedAddresses.length);
+        for (uint i = 0; i < whitelistedAddresses.length; i++) {
+            assertEq(returnedAddresses[i], whitelistedAddresses[i]);
+        }
+    }
+
+    function testIsValidSignature() public {
+        // Create a sample transaction
+        address to = address(0x1234567890123456789012345678901234567890);
+        uint256 value = 1 ether;
+        bytes memory data = abi.encodeWithSignature("transfer(address,uint256)", address(0xdead), 100);
+        uint256 nonce = 1;
+        uint256 gasPrice = 20 gwei;
+        uint256 gasLimit = 21000;
+        uint256 chainId = 1;
+
+        // Serialize the transaction
+        bytes memory serializedTx = abi.encode(
+            to,
+            value,
+            data,
+            nonce,
+            gasPrice,
+            gasLimit,
+            chainId
+        );
+
+        // Hash the serialized transaction
+        bytes32 txHash = keccak256(serializedTx);
+
+        bytes memory signatures = new bytes(0);
+
+        // Test with no signatures
+        assertEq(whitelistContract.isValidSignature(txHash, signatures), bytes4(0xffffffff));
+
+        // Test with one signature (below threshold)
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(privateKeys[0], txHash);
+        signatures = abi.encodePacked(r, s, v);
+        assertEq(whitelistContract.isValidSignature(txHash, signatures), bytes4(0xffffffff));
+
+        // Test with two signatures (at threshold)
+        (v, r, s) = vm.sign(privateKeys[1], txHash);
+        signatures = abi.encodePacked(signatures, r, s, v);
+        assertEq(whitelistContract.isValidSignature(txHash, signatures), bytes4(0x1626ba7e));
+
+        // Test with three signatures (above threshold)
+        (v, r, s) = vm.sign(privateKeys[2], txHash);
+        signatures = abi.encodePacked(signatures, r, s, v);
+        assertEq(whitelistContract.isValidSignature(txHash, signatures), bytes4(0x1626ba7e));
+    }
+
+    function testInvalidSignature() public {
+        bytes32 messageHash = keccak256("Hello, World!");
+        uint256 nonWhitelistedPrivateKey = uint256(keccak256(abi.encodePacked("non-whitelisted key")));
+
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(nonWhitelistedPrivateKey, messageHash);
+        bytes memory signatures = abi.encodePacked(r, s, v);
+
+        assertEq(whitelistContract.isValidSignature(messageHash, signatures), bytes4(0xffffffff));
+    }
+}

eip-1271/nodejs/.env.example

@@ -0,0 +1,8 @@
+ETHEREUM_PRIVATE_KEY=
+
+LIT_CAPACITY_CREDIT_TOKEN_ID=
+
+ANVIL_PRIVATE_KEY_1=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
+ANVIL_PRIVATE_KEY_2=0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d
+
+DEPLOYED_EIP1271_WHITELIST_CONTRACT=0x54a772813Df0E75f20A0984f31D1400991eD6a33

eip-1271/nodejs/.mocharc.json

@@ -0,0 +1,4 @@
+{
+  "$schema": "https://json.schemastore.org/mocharc.json",
+  "require": "tsx"
+}