bingen
/
frame-decryption-tool
Seguir 1
Destacar 0
Fork 0
Código Incidencias 0 Pull Requests 0 Lanzamientos 0 Wiki Actividad
Tool to recover seeds stored in [Frame](https://frame.sh/)
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
1 Commit
1 Rama
Árbol: ca178511c7
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'ca178511c7'
${ noResults }
frame-decryption-tool/HotSigner/worker.js

135 líneas
4.6KB
Original Blame Histórico 

  1. const crypto = require('crypto')

  2. const { signTypedData } = require('@metamask/eth-sig-util')

  3. const { TransactionFactory } = require('@ethereumjs/tx')

  4. const { Common } = require('@ethereumjs/common')

  5. const {

  6.   hashPersonalMessage,

  7.   toBuffer,

  8.   ecsign,

  9.   addHexPrefix,

  10.   pubToAddress,

  11.   ecrecover

  12. } = require('@ethereumjs/util')

  13. 

  14. function chainConfig(chain, hardfork) {

  15.   const chainId = BigInt(chain)

  16. 

  17.   return Common.isSupportedChainId(chainId)

  18.     ? new Common({ chain: chainId, hardfork })

  19.     : Common.custom({ chainId: chainId }, { baseChain: 'mainnet', hardfork })

  20. }

  21. 

  22. class HotSignerWorker {

  23.   constructor() {

  24.     this.token = crypto.randomBytes(32).toString('hex')

  25.     //process.send({ type: 'token', token: this.token })

  26.   }

  27. 

  28.   handleMessage({ id, method, params, token }) {

  29.     // Define (pseudo) callback

  30.     const pseudoCallback = (error, result) => {

  31.       // Add correlation id to response

  32.       const response = { id, error, result, type: 'rpc' }

  33.       // Send response to parent process

  34.       process.send(response)

  35.     }

  36.     // Verify token

  37.     if (!crypto.timingSafeEqual(Buffer.from(token), Buffer.from(this.token)))

  38.       return pseudoCallback('Invalid token')

  39.     // If method exists -> execute

  40.     if (this[method]) return this[method](params, pseudoCallback)

  41.     // Else return error

  42.     pseudoCallback(`Invalid method: '${method}'`)

  43.   }

  44. 

  45.   signMessage(key, message, pseudoCallback) {

  46.     // Hash message

  47.     const hash = hashPersonalMessage(toBuffer(message))

  48. 

  49.     // Sign message

  50.     const signed = ecsign(hash, key)

  51. 

  52.     // Return serialized signed message

  53.     const hex = Buffer.concat([signed.r, signed.s, Buffer.from([Number(signed.v)])]).toString('hex')

  54. 

  55.     pseudoCallback(null, addHexPrefix(hex))

  56.   }

  57. 

  58.   signTypedData(key, typedMessage, pseudoCallback) {

  59.     try {

  60.       const { data, version } = typedMessage

  61.       const signature = signTypedData({ privateKey: key, data, version })

  62.       pseudoCallback(null, signature)

  63.     } catch (e) {

  64.       pseudoCallback(e.message)

  65.     }

  66.   }

  67. 

  68.   signTransaction(key, rawTx, pseudoCallback) {

  69.     if (!rawTx.chainId) {

  70.       console.error(`invalid chain id ${rawTx.chainId} for transaction`)

  71.       return pseudoCallback('could not determine chain id for transaction')

  72.     }

  73. 

  74.     const chainId = parseInt(rawTx.chainId, 16)

  75.     const hardfork = parseInt(rawTx.type) === 2 ? 'london' : 'berlin'

  76.     const common = chainConfig(chainId, hardfork)

  77. 

  78.     const tx = TransactionFactory.fromTxData(rawTx, { common })

  79.     const signedTx = tx.sign(key)

  80.     const serialized = signedTx.serialize().toString('hex')

  81. 

  82.     pseudoCallback(null, addHexPrefix(serialized))

  83.   }

  84. 

  85.   verifyAddress({ index, address }, pseudoCallback) {

  86.     const message = '0x' + crypto.randomBytes(32).toString('hex')

  87.     this.signMessage({ index, message }, (err, signedMessage) => {

  88.       // Handle signing errors

  89.       if (err) return pseudoCallback(err)

  90.       // Signature -> buffer

  91.       const signature = Buffer.from(signedMessage.replace('0x', ''), 'hex')

  92.       // Ensure correct length

  93.       if (signature.length !== 65)

  94.         return pseudoCallback(new Error('Frame verifyAddress signature has incorrect length'))

  95.       // Verify address

  96.       let v = signature[64]

  97.       v = BigInt(v === 0 || v === 1 ? v + 27 : v)

  98.       const r = toBuffer(signature.slice(0, 32))

  99.       const s = toBuffer(signature.slice(32, 64))

  100.       const hash = hashPersonalMessage(toBuffer(message))

  101.       const verifiedAddress = '0x' + pubToAddress(ecrecover(hash, v, r, s)).toString('hex')

  102.       // Return result

  103.       pseudoCallback(null, verifiedAddress.toLowerCase() === address.toLowerCase())

  104.     })

  105.   }

  106. 

  107.   _encrypt(string, password) {

  108.     const salt = crypto.randomBytes(16)

  109.     const iv = crypto.randomBytes(16)

  110.     const cipher = crypto.createCipheriv('aes-256-cbc', this._hashPassword(password, salt), iv)

  111.     const encrypted = Buffer.concat([cipher.update(string), cipher.final()])

  112.     return salt.toString('hex') + ':' + iv.toString('hex') + ':' + encrypted.toString('hex')

  113.   }

  114. 

  115.   _decrypt(string, password) {

  116.     const parts = string.split(':')

  117.     const salt = Buffer.from(parts.shift(), 'hex')

  118.     const iv = Buffer.from(parts.shift(), 'hex')

  119.     const decipher = crypto.createDecipheriv('aes-256-cbc', this._hashPassword(password, salt), iv)

  120.     const encryptedString = Buffer.from(parts.join(':'), 'hex')

  121.     const decrypted = Buffer.concat([decipher.update(encryptedString), decipher.final()])

  122.     return decrypted.toString()

  123.   }

  124. 

  125.   _hashPassword(password, salt) {

  126.     try {

  127.       return crypto.scryptSync(password, salt, 32, { N: 32768, r: 8, p: 1, maxmem: 36000000 })

  128.     } catch (e) {

  129.       console.error('Error during hashPassword', e) // TODO: Handle Error

  130.     }

  131.   }

  132. }

  133. 

  134. module.exports = HotSignerWorker