File tree 10 files changed +28
-20
lines changed
backend/src/api/resources
ui/components/UserProfile
10 files changed +28
-20
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ " @clerk/clerk-js " minor
3+ " @clerk/backend " minor
4+ " @clerk/types " minor
5+ ---
6+
7+ Use EIP-4361 message spec for Web3 wallets sign in signature requests
Original file line number Diff line number Diff line change @@ -326,6 +326,7 @@ export interface VerificationJSON extends ClerkResourceJSON {
326326 verified_at_client ?: string ;
327327 external_verification_redirect_url ?: string | null ;
328328 nonce ?: string | null ;
329+ message ?: string | null ;
329330}
330331
331332export interface Web3WalletJSON extends ClerkResourceJSON {
Original file line number Diff line number Diff line change @@ -10,6 +10,7 @@ export class Verification {
1010 readonly attempts : number | null = null ,
1111 readonly expireAt : number | null = null ,
1212 readonly nonce : string | null = null ,
13+ readonly message : string | null = null ,
1314 ) { }
1415
1516 static fromJSON ( data : VerificationJSON ) : Verification {
Original file line number Diff line number Diff line change @@ -250,14 +250,14 @@ export class SignIn extends BaseResource implements SignInResource {
250250
251251 await this . prepareFirstFactor ( web3FirstFactor ) ;
252252
253- const { nonce } = this . firstFactorVerification ;
254- if ( ! nonce ) {
253+ const { message } = this . firstFactorVerification ;
254+ if ( ! message ) {
255255 clerkVerifyWeb3WalletCalledBeforeCreate ( 'SignIn' ) ;
256256 }
257257
258258 let signature : string ;
259259 try {
260- signature = await generateSignature ( { identifier, nonce, provider } ) ;
260+ signature = await generateSignature ( { identifier, nonce : message , provider } ) ;
261261 } catch ( err ) {
262262 // There is a chance that as a user when you try to setup and use the Coinbase Wallet with an existing
263263 // Passkey in order to authenticate, the initial generate signature request to be rejected. For this
@@ -266,7 +266,7 @@ export class SignIn extends BaseResource implements SignInResource {
266266 // error code 4001 means the user rejected the request
267267 // Reference: https://docs.cdp.coinbase.com/wallet-sdk/docs/errors
268268 if ( provider === 'coinbase_wallet' && err . code === 4001 ) {
269- signature = await generateSignature ( { identifier, nonce, provider } ) ;
269+ signature = await generateSignature ( { identifier, nonce : message , provider } ) ;
270270 } else {
271271 throw err ;
272272 }
Original file line number Diff line number Diff line change @@ -203,14 +203,14 @@ export class SignUp extends BaseResource implements SignUpResource {
203203 await this . create ( { web3Wallet, unsafeMetadata } ) ;
204204 await this . prepareWeb3WalletVerification ( { strategy } ) ;
205205
206- const { nonce } = this . verifications . web3Wallet ;
207- if ( ! nonce ) {
206+ const { message } = this . verifications . web3Wallet ;
207+ if ( ! message ) {
208208 clerkVerifyWeb3WalletCalledBeforeCreate ( 'SignUp' ) ;
209209 }
210210
211211 let signature : string ;
212212 try {
213- signature = await generateSignature ( { identifier, nonce, provider } ) ;
213+ signature = await generateSignature ( { identifier, nonce : message , provider } ) ;
214214 } catch ( err ) {
215215 // There is a chance that as a first time visitor when you try to setup and use the
216216 // Coinbase Wallet from scratch in order to authenticate, the initial generate
@@ -220,7 +220,7 @@ export class SignUp extends BaseResource implements SignUpResource {
220220 // error code 4001 means the user rejected the request
221221 // Reference: https://docs.cdp.coinbase.com/wallet-sdk/docs/errors
222222 if ( provider === 'coinbase_wallet' && err . code === 4001 ) {
223- signature = await generateSignature ( { identifier, nonce, provider } ) ;
223+ signature = await generateSignature ( { identifier, nonce : message , provider } ) ;
224224 } else {
225225 throw err ;
226226 }
Original file line number Diff line number Diff line change @@ -23,6 +23,7 @@ export class Verification extends BaseResource implements VerificationResource {
2323 status : VerificationStatus | null = null ;
2424 strategy : string | null = null ;
2525 nonce : string | null = null ;
26+ message : string | null = null ;
2627 externalVerificationRedirectURL : URL | null = null ;
2728 attempts : number | null = null ;
2829 expireAt : Date | null = null ;
@@ -44,6 +45,7 @@ export class Verification extends BaseResource implements VerificationResource {
4445 this . verifiedAtClient = data . verified_at_client ;
4546 this . strategy = data . strategy ;
4647 this . nonce = data . nonce || null ;
48+ this . message = data . message || null ;
4749 if ( data . external_verification_redirect_url ) {
4850 this . externalVerificationRedirectURL = new URL ( data . external_verification_redirect_url ) ;
4951 } else {
Original file line number Diff line number Diff line change @@ -31,8 +31,8 @@ export const AddWeb3WalletActionMenu = withCardStateProvider(() => {
3131
3232 let web3Wallet = await user . createWeb3Wallet ( { web3Wallet : identifier } ) ;
3333 web3Wallet = await web3Wallet . prepareVerification ( { strategy } ) ;
34- const nonce = web3Wallet . verification . nonce as string ;
35- const signature = await generateWeb3Signature ( { identifier, nonce, provider } ) ;
34+ const message = web3Wallet . verification . message as string ;
35+ const signature = await generateWeb3Signature ( { identifier, nonce : message , provider } ) ;
3636 await web3Wallet . attemptVerification ( { signature } ) ;
3737 card . setIdle ( ) ;
3838 } catch ( err ) {
Original file line number Diff line number Diff line change @@ -21,9 +21,7 @@ export async function getWeb3Identifier(params: GetWeb3IdentifierParams): Promis
2121 return ( identifiers && identifiers [ 0 ] ) || '' ;
2222}
2323
24- type GenerateWeb3SignatureParams = {
25- identifier : string ;
26- nonce : string ;
24+ type GenerateWeb3SignatureParams = GenerateSignatureParams & {
2725 provider : Web3Provider ;
2826} ;
2927
@@ -55,15 +53,12 @@ type GenerateSignatureParams = {
5553 nonce : string ;
5654} ;
5755
58- export async function generateSignatureWithMetamask ( { identifier , nonce } : GenerateSignatureParams ) : Promise < string > {
59- return await generateWeb3Signature ( { identifier , nonce , provider : 'metamask' } ) ;
56+ export async function generateSignatureWithMetamask ( params : GenerateSignatureParams ) : Promise < string > {
57+ return await generateWeb3Signature ( { ... params , provider : 'metamask' } ) ;
6058}
6159
62- export async function generateSignatureWithCoinbaseWallet ( {
63- identifier,
64- nonce,
65- } : GenerateSignatureParams ) : Promise < string > {
66- return await generateWeb3Signature ( { identifier, nonce, provider : 'coinbase_wallet' } ) ;
60+ export async function generateSignatureWithCoinbaseWallet ( params : GenerateSignatureParams ) : Promise < string > {
61+ return await generateWeb3Signature ( { ...params , provider : 'coinbase_wallet' } ) ;
6762}
6863
6964async function getEthereumProvider ( provider : Web3Provider ) {
Original file line number Diff line number Diff line change @@ -261,6 +261,7 @@ export interface VerificationJSON extends ClerkResourceJSON {
261261 verified_at_client : string ;
262262 strategy : string ;
263263 nonce ?: string ;
264+ message ?: string ;
264265 external_verification_redirect_url ?: string ;
265266 attempts : number ;
266267 expire_at : number ;
Original file line number Diff line number Diff line change @@ -8,6 +8,7 @@ export interface VerificationResource extends ClerkResource {
88 expireAt : Date | null ;
99 externalVerificationRedirectURL : URL | null ;
1010 nonce : string | null ;
11+ message : string | null ;
1112 status : VerificationStatus | null ;
1213 strategy : string | null ;
1314 verifiedAtClient : string | null ;
You can’t perform that action at this time.
0 commit comments