d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix wallet connect signature mismatch on mobile and desktop.
Some checks failed
Deploy Explorer Live / deploy (push) Failing after 14s
Details
Validate Explorer / frontend (push) Successful in 1m26s
Details
Validate Explorer / smoke-e2e (push) Failing after 2m19s
Details

Browse Source 
Align backend EIP-191 auth message with the DBIS Explorer text the frontend and legacy SPA already sign, instead of the stale SolaceScan string.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
defiQUG
2026-05-22 22:01:11 -07:00
parent 8a61b1bde2
commit 567b4647c0
3 changed files with 41 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
backend/auth/wallet_auth.go
View File

@@ -110,6 +110,12 @@ type WalletAuthResponse struct {
InstitutionName string `json:"institution_name,omitempty"`
}
// walletAuthSignMessage returns the EIP-191 plaintext users sign during wallet login.
// Must stay in sync with frontend buildWalletMessage() in access.ts and explorer-spa.js.
func walletAuthSignMessage(nonce string) string {
return fmt.Sprintf("Sign this message to authenticate with DBIS Explorer.\n\nNonce: %s", nonce)
}
// GenerateNonce generates a random nonce for wallet authentication
func (w *WalletAuth) GenerateNonce(ctx context.Context, address string) (*NonceResponse, error) {
// Validate address format
@@ -184,7 +190,7 @@ func (w *WalletAuth) AuthenticateWallet(ctx context.Context, req *WalletAuthRequ
}
// Verify signature
message := fmt.Sprintf("Sign this message to authenticate with SolaceScan.\n\nNonce: %s", req.Nonce)
message := walletAuthSignMessage(req.Nonce)
messageHash := accounts.TextHash([]byte(message))
sigBytes, err := decodeWalletSignature(req.Signature)

33
backend/auth/wallet_auth_test.go
View File

@@ -5,9 +5,42 @@ import (
"testing"
"time"
"github.com/ethereum/go-ethereum/accounts"
"github.com/ethereum/go-ethereum/crypto"
"github.com/stretchr/testify/require"
)
func TestWalletAuthSignMessageMatchesFrontend(t *testing.T) {
nonce := "abc123def456"
require.Equal(
t,
"Sign this message to authenticate with DBIS Explorer.\n\nNonce: abc123def456",
walletAuthSignMessage(nonce),
)
}
func TestAuthenticateWalletRecoversSignerFromFrontendMessage(t *testing.T) {
privateKey, err := crypto.GenerateKey()
require.NoError(t, err)
address := crypto.PubkeyToAddress(privateKey.PublicKey).Hex()
nonce := "test-nonce-001"
message := walletAuthSignMessage(nonce)
messageHash := accounts.TextHash([]byte(message))
signature, err := crypto.Sign(messageHash, privateKey)
require.NoError(t, err)
signature[64] += 27
sigBytes := make([]byte, len(signature))
copy(sigBytes, signature)
if sigBytes[64] >= 27 {
sigBytes[64] -= 27
}
pubKey, err := crypto.SigToPub(messageHash, sigBytes)
require.NoError(t, err)
require.Equal(t, address, crypto.PubkeyToAddress(*pubKey).Hex())
}
func TestDecodeWalletSignatureRejectsMalformedValues(t *testing.T) {
_, err := decodeWalletSignature("deadbeef")
require.ErrorContains(t, err, "signature must start with 0x")