feat: port high-level DApp crypto utilities from wallet plugin#37
Merged
gmesika-coti merged 11 commits intoJun 14, 2026
Merged
Conversation
plucena-coti
force-pushed
the
feat/dapp-crypto-utils-fork-base
branch
from
94a976f to
15f0465
Compare
plucena-coti
force-pushed
the
feat/dapp-crypto-utils-fork-base
branch
from
15f0465 to
1d84b64
Compare
Contributor
Author
|
@gmesika-coti please approve gh pr edit 37 --repo coti-io/coti-sdk-typescript --add-reviewer gmesika-coti |
…ing sign() in buildItSignature - Removed signDigest() and normalizeSignature() which duplicated logic already available via the existing sign() utility. - Simplified buildItSignature() to call sign() directly and wrap with hexlify(). - Removed unused 'concat' import from ethers.
Contributor
Author
|
Updated: Removed redundant |
- Introduced buildItMessageHash() as a shared helper that computes the solidityPackedKeccak256 digest used by both signInputText and buildItSignature. - Eliminates duplicated hash construction across the two signing paths.
- normalizeAesKey: prefix stripping, lowercasing, length and hex validation - validateAesKey: null/empty guards and normalization propagation - isInsaneDecryptedValue: threshold logic, custom base, decimal clamping - decryptCtUint64: zero passthrough, round-trip, invalid key handling, sanity check - buildItSignature: 65-byte output, signer recovery, parity with signInputText
… throw on invalid keys - normalizeAesKey now only accepts 32-char hex strings (128-bit) since COTI exclusively uses AES-128; 256-bit keys are no longer silently accepted. - decryptCtUint64 removes the try/catch wrapper — invalid keys now throw directly instead of being swallowed and returning null. - Updated tests to reflect the stricter validation behavior.
- normalizeDecimals now throws on invalid input (negative, >36, non-integer, non-finite) instead of silently clamping. - isZeroValue simplified to only handle bigint (matching ctUint type). - buildItSignature validates that signerAddress matches the privateKey-derived address before signing. - Improved JSDoc across all wallet plugin additions. - Consistent code style (4-space indent, no semicolons). - Tests updated: added cases for decimal validation throws and signer mismatch.
…idation - Replaced direct address derivation with a Wallet instance for improved clarity. - Simplified the signature generation process by utilizing signInputText. - Maintained existing validation to ensure signerAddress matches the derived address from the privateKey.
…CtUint64 and validateAesKey - Merged validateAesKey logic into normalizeAesKey (now accepts null/undefined). - Pushed zero-ciphertext short-circuit and key normalization into decryptUint directly, eliminating the need for the decryptCtUint64 wrapper. - Removed decryptCtUint64, validateAesKey, isZeroValue, and DecryptionOptions as they are no longer needed. - Fixed stringCrypt test to convert generateRandomAesKeySizeNumber() output from binary to hex (matching the SDK's documented 32-char format). - Updated error.handling tests to assert decryptUint now throws on invalid keys instead of silently producing incorrect results. - All 366 tests passing.
…ment - Moved normalizeAesKey call into encodeKey so every encrypt/decrypt path validates the key consistently at the lowest level. - Removed the duplicate normalizeAesKey call from decryptUint (now handled by encodeKey). - Updated error.handling and integration/validation tests: encodeKey, prepareIT, and decryptUint256 now throw on malformed keys instead of silently producing incorrect results. - All 358 tests passing.
|
gmesika-coti
approved these changes
Jun 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR merges the robust logic originally wrapped in the wallet-plugin down into
crypto_utils.ts, bringing strict AES key validationnormalizeAesKey, balance threshold sanity checks indecryptCtUint64, signature V-byte mapping innormalizeSignatureandbuildItSignatureto the TypeScript SDK