From 34f01f52f6b5b07bef666891f3f05386c8839101 Mon Sep 17 00:00:00 2001 From: coodos Date: Wed, 11 Mar 2026 18:54:37 +0530 Subject: [PATCH 1/4] chore: fix binding bug --- .../gen/android/key-shitore.properties | 3 -- .../eid-wallet/src/lib/utils/socialBinding.ts | 10 ++++++ .../src/routes/(app)/scan-qr/scanLogic.ts | 15 ++++++++ .../src/services/BindingDocumentService.ts | 35 +++++++++++++++++-- 4 files changed, 58 insertions(+), 5 deletions(-) delete mode 100644 infrastructure/eid-wallet/src-tauri/gen/android/key-shitore.properties diff --git a/infrastructure/eid-wallet/src-tauri/gen/android/key-shitore.properties b/infrastructure/eid-wallet/src-tauri/gen/android/key-shitore.properties deleted file mode 100644 index 7ebcd924..00000000 --- a/infrastructure/eid-wallet/src-tauri/gen/android/key-shitore.properties +++ /dev/null @@ -1,3 +0,0 @@ -password=$th3r3a1m3ru1 -keyAlias=key0 -storeFile=/home/merul/Stuff/msf-android-keys/Untitled diff --git a/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts b/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts index c99d85ff..8418507c 100644 --- a/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts +++ b/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts @@ -304,6 +304,16 @@ export async function createSocialConnectionDoc( ? signerEname : `@${signerEname}`; + console.log("[SocialBinding] createSocialConnectionDoc sending to backend:", { + normalizedSubject, + normalizedSigner, + subjectName, + parties: parties.map((p) => (p.startsWith("@") ? p : `@${p}`)), + relationDescription, + signaturePrefix: signatureHash.substring(0, 40) + "...", + signatureLength: signatureHash.length, + }); + const result = await vaultGqlRequest( targetGqlUrl, vaultOwnerEname, diff --git a/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts b/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts index 0d7c529e..05cd62c8 100644 --- a/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts +++ b/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts @@ -726,12 +726,27 @@ export function createScanLogic({ } as Record, }; const payload = getCanonicalBindingDocString(doc); + + console.log("[SocialBinding] signing payload:", { + doc, + canonicalPayload: payload, + signerEname, + requesterEname, + requesterName, + relationDescription, + }); + const sig = await globalState.walletSdkAdapter.signPayload( "default", "default", payload, ); + console.log("[SocialBinding] signature produced:", { + signaturePrefix: sig.substring(0, 40) + "...", + signatureLength: sig.length, + }); + await createSocialConnectionDoc( requesterGqlUrl, requesterEname, diff --git a/infrastructure/evault-core/src/services/BindingDocumentService.ts b/infrastructure/evault-core/src/services/BindingDocumentService.ts index 6bac1cf0..e26a6f72 100644 --- a/infrastructure/evault-core/src/services/BindingDocumentService.ts +++ b/infrastructure/evault-core/src/services/BindingDocumentService.ts @@ -127,17 +127,28 @@ export class BindingDocumentService { signature: string, doc: { subject: string; type: BindingDocumentType; data: BindingDocumentData }, ): Promise { - if (!this.registryUrl) return false; + if (!this.registryUrl) { + console.warn("[BindingDoc] verifyUserSignature: no registryUrl configured"); + return false; + } try { const payload = getCanonicalBindingDocumentString(doc); + console.log("[BindingDoc] verifyUserSignature:", { + signer, + signaturePrefix: signature.substring(0, 40) + "...", + payload: payload.substring(0, 200), + registryBaseUrl: this.registryUrl, + }); const result = await verifySignature({ eName: signer, signature, payload, registryBaseUrl: this.registryUrl, }); + console.log("[BindingDoc] verifyUserSignature result:", result); return result.valid; - } catch { + } catch (err) { + console.error("[BindingDoc] verifyUserSignature threw:", err); return false; } } @@ -220,6 +231,19 @@ export class BindingDocumentService { const expectedHash = computeBindingDocumentHash(docToVerify); const hasLegacyHashSignature = input.ownerSignature.signature === expectedHash; const isProvisionerSigner = /^https?:\/\//.test(input.ownerSignature.signer); + + console.log("[BindingDoc] createBindingDocument signature check:", { + signer: input.ownerSignature.signer, + signaturePrefix: input.ownerSignature.signature.substring(0, 40) + "...", + expectedHash, + hasLegacyHashSignature, + isProvisionerSigner, + normalizedSubject, + inputType: input.type, + validatedDataKeys: Object.keys(validatedData), + canonicalPayload: getCanonicalBindingDocumentString(docToVerify).substring(0, 300), + }); + const hasValidUserSignature = !hasLegacyHashSignature && !isProvisionerSigner && @@ -228,6 +252,13 @@ export class BindingDocumentService { input.ownerSignature.signature, docToVerify, )); + + console.log("[BindingDoc] createBindingDocument final verdict:", { + hasLegacyHashSignature, + isProvisionerSigner, + hasValidUserSignature, + }); + if (!hasLegacyHashSignature && !isProvisionerSigner && !hasValidUserSignature) { throw new ValidationError("Invalid owner signature"); } From ca2740ce63b031fde8855607af55504e51889513 Mon Sep 17 00:00:00 2001 From: coodos Date: Wed, 11 Mar 2026 18:56:48 +0530 Subject: [PATCH 2/4] chore: remove debug section --- .../src/routes/(auth)/onboarding/+page.svelte | 26 ------------------- 1 file changed, 26 deletions(-) diff --git a/infrastructure/eid-wallet/src/routes/(auth)/onboarding/+page.svelte b/infrastructure/eid-wallet/src/routes/(auth)/onboarding/+page.svelte index c4a4ba69..f2ab9513 100644 --- a/infrastructure/eid-wallet/src/routes/(auth)/onboarding/+page.svelte +++ b/infrastructure/eid-wallet/src/routes/(auth)/onboarding/+page.svelte @@ -8,7 +8,6 @@ import { } from "$env/static/public"; import { Hero } from "$lib/fragments"; import { GlobalState } from "$lib/global"; -import NotificationService from "$lib/services/NotificationService"; import { pendingRecovery } from "$lib/stores/pendingRecovery"; import { ButtonAction } from "$lib/ui"; import { capitalize, getCanonicalBindingDocString } from "$lib/utils"; @@ -19,9 +18,6 @@ import { Shadow } from "svelte-loading-spinners"; import { v4 as uuidv4 } from "uuid"; import { provision } from "wallet-sdk"; -let pushToken = $state(undefined); -let pushTokenError = $state(undefined); -let pushTokenLoading = $state(true); const ANONYMOUS_VERIFICATION_CODE = "d66b7138-538a-465f-a6ce-f6985854c3f4"; const KEY_ID = "default"; @@ -735,18 +731,6 @@ const handleEnamePassphraseRecovery = async () => { }; onMount(async () => { - // Fetch push notification token for display (Android/iOS) - try { - pushToken = await NotificationService.getInstance().getPushToken(); - if (!pushToken) - pushTokenError = "No token (desktop or permission denied)"; - } catch (e) { - pushTokenError = - e instanceof Error ? e.message : "Failed to get push token"; - } finally { - pushTokenLoading = false; - } - // Detect upgrade mode from query param const url = new URL(window.location.href); if (url.searchParams.get("upgrade") === "1") { @@ -762,16 +746,6 @@ onMount(async () => { class="min-h-svh px-[5vw] flex flex-col justify-between" style="padding-top: max(4svh, env(safe-area-inset-top)); padding-bottom: max(16px, env(safe-area-inset-bottom));" > -
-

Push token (FCM/APNs):

- {#if pushTokenLoading} - Loading... - {:else if pushToken} - {pushToken} - {:else} - {pushTokenError ?? "—"} - {/if} -
Date: Wed, 11 Mar 2026 19:00:16 +0530 Subject: [PATCH 3/4] chore: format --- .../eid-wallet/src/lib/utils/socialBinding.ts | 21 +++++++++++-------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts b/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts index 8418507c..22f3a1fb 100644 --- a/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts +++ b/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts @@ -304,15 +304,18 @@ export async function createSocialConnectionDoc( ? signerEname : `@${signerEname}`; - console.log("[SocialBinding] createSocialConnectionDoc sending to backend:", { - normalizedSubject, - normalizedSigner, - subjectName, - parties: parties.map((p) => (p.startsWith("@") ? p : `@${p}`)), - relationDescription, - signaturePrefix: signatureHash.substring(0, 40) + "...", - signatureLength: signatureHash.length, - }); + console.log( + "[SocialBinding] createSocialConnectionDoc sending to backend:", + { + normalizedSubject, + normalizedSigner, + subjectName, + parties: parties.map((p) => (p.startsWith("@") ? p : `@${p}`)), + relationDescription, + signaturePrefix: signatureHash.substring(0, 40) + "...", + signatureLength: signatureHash.length, + }, + ); const result = await vaultGqlRequest( targetGqlUrl, From bc5c0a735ae1661a54bc83ea6c8d49d328a640ff Mon Sep 17 00:00:00 2001 From: coodos Date: Wed, 11 Mar 2026 19:06:24 +0530 Subject: [PATCH 4/4] chore: remove debug logs from social binding flow --- .../eid-wallet/src/lib/utils/socialBinding.ts | 13 -------- .../src/routes/(app)/scan-qr/scanLogic.ts | 15 --------- .../src/services/BindingDocumentService.ts | 33 ++----------------- 3 files changed, 2 insertions(+), 59 deletions(-) diff --git a/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts b/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts index 22f3a1fb..c99d85ff 100644 --- a/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts +++ b/infrastructure/eid-wallet/src/lib/utils/socialBinding.ts @@ -304,19 +304,6 @@ export async function createSocialConnectionDoc( ? signerEname : `@${signerEname}`; - console.log( - "[SocialBinding] createSocialConnectionDoc sending to backend:", - { - normalizedSubject, - normalizedSigner, - subjectName, - parties: parties.map((p) => (p.startsWith("@") ? p : `@${p}`)), - relationDescription, - signaturePrefix: signatureHash.substring(0, 40) + "...", - signatureLength: signatureHash.length, - }, - ); - const result = await vaultGqlRequest( targetGqlUrl, vaultOwnerEname, diff --git a/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts b/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts index 05cd62c8..0d7c529e 100644 --- a/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts +++ b/infrastructure/eid-wallet/src/routes/(app)/scan-qr/scanLogic.ts @@ -726,27 +726,12 @@ export function createScanLogic({ } as Record, }; const payload = getCanonicalBindingDocString(doc); - - console.log("[SocialBinding] signing payload:", { - doc, - canonicalPayload: payload, - signerEname, - requesterEname, - requesterName, - relationDescription, - }); - const sig = await globalState.walletSdkAdapter.signPayload( "default", "default", payload, ); - console.log("[SocialBinding] signature produced:", { - signaturePrefix: sig.substring(0, 40) + "...", - signatureLength: sig.length, - }); - await createSocialConnectionDoc( requesterGqlUrl, requesterEname, diff --git a/infrastructure/evault-core/src/services/BindingDocumentService.ts b/infrastructure/evault-core/src/services/BindingDocumentService.ts index e26a6f72..45e99c54 100644 --- a/infrastructure/evault-core/src/services/BindingDocumentService.ts +++ b/infrastructure/evault-core/src/services/BindingDocumentService.ts @@ -127,28 +127,17 @@ export class BindingDocumentService { signature: string, doc: { subject: string; type: BindingDocumentType; data: BindingDocumentData }, ): Promise { - if (!this.registryUrl) { - console.warn("[BindingDoc] verifyUserSignature: no registryUrl configured"); - return false; - } + if (!this.registryUrl) return false; try { const payload = getCanonicalBindingDocumentString(doc); - console.log("[BindingDoc] verifyUserSignature:", { - signer, - signaturePrefix: signature.substring(0, 40) + "...", - payload: payload.substring(0, 200), - registryBaseUrl: this.registryUrl, - }); const result = await verifySignature({ eName: signer, signature, payload, registryBaseUrl: this.registryUrl, }); - console.log("[BindingDoc] verifyUserSignature result:", result); return result.valid; - } catch (err) { - console.error("[BindingDoc] verifyUserSignature threw:", err); + } catch { return false; } } @@ -232,18 +221,6 @@ export class BindingDocumentService { const hasLegacyHashSignature = input.ownerSignature.signature === expectedHash; const isProvisionerSigner = /^https?:\/\//.test(input.ownerSignature.signer); - console.log("[BindingDoc] createBindingDocument signature check:", { - signer: input.ownerSignature.signer, - signaturePrefix: input.ownerSignature.signature.substring(0, 40) + "...", - expectedHash, - hasLegacyHashSignature, - isProvisionerSigner, - normalizedSubject, - inputType: input.type, - validatedDataKeys: Object.keys(validatedData), - canonicalPayload: getCanonicalBindingDocumentString(docToVerify).substring(0, 300), - }); - const hasValidUserSignature = !hasLegacyHashSignature && !isProvisionerSigner && @@ -253,12 +230,6 @@ export class BindingDocumentService { docToVerify, )); - console.log("[BindingDoc] createBindingDocument final verdict:", { - hasLegacyHashSignature, - isProvisionerSigner, - hasValidUserSignature, - }); - if (!hasLegacyHashSignature && !isProvisionerSigner && !hasValidUserSignature) { throw new ValidationError("Invalid owner signature"); }