search

LIT-Protocol / Issues-and-Reports

For bug reports, feature requests, and implementation questions related to Lit Protocol and use of the Lit SDK.
0 stars 0 forks source link

[Discord] Making Encryption Requests with sessionSigs - decrypt got: `Wallet Signature not in JSON format` #42

Open spacesailor24 opened 4 weeks ago

spacesailor24 commented 4 weeks ago

Description of the issue

with v3 and cayenne network, i following instruction here, for Making Encryption Requests, and get this errors when do decrypt with decryptToString:

errConstructorFunc {
  message: 'Wallet Signature not in JSON format',
  errorCode: 'NodeWalletSignatureJSONError',
  errorKind: 'Parser',
  status: 502,
  details: [
    'parser error: Signed session key does not match the one we verified above',
    'Signed session key does not match the one we verified above'
  ],
  requestId: '26dd63928586a'
}

here's function that do encrypt and decrypt:

async encdec(userSessionSigs: any) {
    if (!this.litNodeClient) {
      await this.connect();
    }

    const acc = generateAccessControlConditions(
      process.env.LIT_ACTION_CODE_URL,
      ["12345", ":userAddress"]
    );

    // encrypt
    const { ciphertext, dataToEncryptHash } = await LitJsSdk.encryptString(
      {
        accessControlConditions: acc,
        chain: "ethereum",
        sessionSigs: userSessionSigs,
        dataToEncrypt: "this is a secret message",
      },
      this.litNodeClient
    );

    // decrypt
    const decryptedString = await LitJsSdk.decryptToString(
      {
        ciphertext,
        dataToEncryptHash,
        sessionSigs: userSessionSigs,
        accessControlConditions: acc,
        chain,
      },
      this.litNodeClient
    );

    return { ciphertext, dataToEncryptHash, decryptedString };
  }

encryptString with the sessionSigs works fine, but when want to decrypt with same sessionSigs in decryptToString got 502 errors like above.

here's my function to get sessionSigs:

async getUserPKPAndSessionSigs(method: string, authMethod: AuthMethod) {
    // get provider
    let provider: BaseProvider;
    if (method === "email") {
      provider = this.litAuthClient.getProvider(
        ProviderType.StytchEmailFactorOtp
      );
    } else {
      provider = this.litAuthClient.getProvider(
        ProviderType.StytchSmsFactorOtp
      );
    }

    // Fetch PKPs associated with the authenticated social account
    const pkps = await provider.fetchPKPsThroughRelayer(authMethod);

    const sessionSigs = await provider.getSessionSigs({
      authMethod,
      pkpPublicKey: pkps[0].publicKey,
      sessionSigsParams: {
        chain: "ethereum",
        resourceAbilityRequests: [],
      },
    });

    // The first PKP
    const pkp = pkps[0];

    return { pkp, sessionSigs };
  }

here's code on the github

Additional context

No response

spacesailor24 commented 4 weeks ago

From another user:

I am getting this error as well, also during string decryption. Encryption and decryption the same way as @octoberak; sessionsSigs generated a bit differently though:

const createDelegateAuthSig = async (client, address) => {
  const walletWithCapacityNFT = new Wallet(
    String(process.env.CAPACITY_WALLET_PRIVATE_KEY)
  );

  try {
    const { capacityDelegationAuthSig } =
      await client.createCapacityDelegationAuthSig({
        uses: "1",
        dAppOwnerWallet: walletWithCapacityNFT,
        capacityTokenId: CAPACITY_TOKEN_ID,
        delegateeAddresses: [address],
      });

    return capacityDelegationAuthSig;
  } catch (e) {
    console.error("Error creating delegate auth sig", e);

    return Promise.reject(e);
  }
};

const generateSessionSigs = async (client, authSig) => {
  const litResource = new LitActionResource("*");

  try {
    const capacityDelegationAuthSig = await createDelegateAuthSig(
      client,
      authSig.address
    );

    console.log("delegation auth sig", capacityDelegationAuthSig);

    return await client.getSessionSigs({
      chain,
      resourceAbilityRequests: [
        {
          resource: litResource,
          ability: LitAbility.AccessControlConditionDecryption,
        },
      ],
      capacityDelegationAuthSig,
      authNeededCallback: async () => {
        return authSig;
      },
    });
  } catch (e) {
    return Promise.reject(e);
  }
};

I suspect it might have to do with incorrectly setting the uri parameter for the SIWE message.

I modified my createAuthSig function to look like this:

export const createAuthSig = async (params, wallet, litClient) => {
    const sessionCapabilityObject = newSessionCapabilityObject();
    const litResource = new LitAccessControlConditionResource("*");

    sessionCapabilityObject.addCapabilityForResource(
      litResource,
      LitAbility.AccessControlConditionDecryption
    );
    sessionCapabilityObject.addCapabilityForResource(
      litResource,
      LitAbility.AccessControlConditionSigning
    );

    let siweMessage = new SiweMessage({
      expirationTime: params.expiration,
      address: wallet.address,
      nonce: await litClient.getLatestBlockhash(),
      statement:
        params.statement,
      chainId: 1,
      uri: "https://example.com"
      domain: "example.com",
      version: "1",
    });

    siweMessage = sessionCapabilityObject.addToSiweMessage(siweMessage);

    const preparedMessage = siweMessage.prepareMessage();

    let signature;

    if ("signMessage" in wallet) {
      signature = await wallet.signMessage(preparedMessage);
    } else if ("sign" in wallet) {
      signature = await wallet.sign(preparedMessage);
    }

    return {
      sig: signature,
      derivedVia: "ethereum.web3.auth",
      signedMessage: preparedMessage,
      address: wallet.address,
    };
  }
};

I'm passing in a regular URL when creating the SIWE message. This is the only real difference between this version of the function and the one in my gist.

Is there a way to correctly generate the URI (it should look like lit:session:sdj3nonkdfsf...) so I can test if this is the case?