feat(walletconnect): walletconnect integration #2223
Conversation
mm2src/coins_activation/src/tendermint_with_assets_activation.rs
Outdated
Show resolved
Hide resolved
| /// Activation via WalletConnect | ||
| WalletConnect, |
There was a problem hiding this comment.
Could you add some info about why we don't take public key similar to how it's done with WithPubkey variant?
Also, I'm curious why WithPubkey mode doesn’t work here. Doesn’t WalletConnect already provide the public key via an API? WithPubkey mode was intended to support any type of external wallet as it only requires the public key and doesn’t depend on the wallet’s internal logic.
There was a problem hiding this comment.
WalletConnect doesn’t directly provide the public key as part of the initial session information. Instead, it only returns the account address, methods and the chains the user can interact with. To obtain the public key, a separate request is required for the specific account
https://specs.walletconnect.com/2.0/specs/clients/sign/rpc-methods#wc_sessionsettle
https://specs.walletconnect.com/2.0/specs/clients/sign/session-proposal
There was a problem hiding this comment.
I would have done it in a way where some library/crate (or even GUI side) handles this and then utilizes with_pubkey on core KDF side to have single entrypoint for any external wallet, so the complexity remains constant for N external wallet types.
There was a problem hiding this comment.
this is like dividing this implementation into two (manages connection from GUI while kdf manages request handling ) or leaving everything entirely to GUI which is not what we wanted from the beginning.
So the thing is whoever wishes to use any wallet pubkey via WalletConnect needs to make an additional request which can't really be avoided.
There was a problem hiding this comment.
What I mean was, we could handle that connection part and the extra request part (for getting pubkey) in a separate crate and utilize the with_pubkey mode. I mean, we have an abstraction layer for external wallets, so why not using it?
There was a problem hiding this comment.
we could handle that connection part and the extra request part (for getting pubkey) in a separate crate
how do you plan to do this? since, we either ways we still need to request for pubkey meanwhile with_pubkey params requires pubkey in activation params itself. There's a kdf_walletconnect crate that handles all WC logic By the way,.
WalletConnect coin activation mode lets the activation logic handle the session and fetch the key directly, setting it in TendermintActivationPolicy::PublicKey—keeping things simple without needing an abstraction layer.
Also, the current external wallet implementation for tendermint uses SSE, in the case of Keplr, we need to send request to GUI then to Keplr wallet if I'm correct, so it can't directly work with WalletConnect. The current activation logic is quite easy to understand and scale(when integrating KDF as Wallet in the future)
There was a problem hiding this comment.
how do you plan to do this? since, we either ways we still need to request for pubkey meanwhile with_pubkey params requires pubkey in activation params itself. There's a kdf_walletconnect crate that handles all WC logic By the way,.
User sends the activation request for WC -> KDF takes the request and runs the logic where it reads Pubkey from WC -> Uses that Pubkey to run KDF as an external wallet (just like any other wallet).
Is that not possible?
Also, the current external wallet implementation for tendermint uses SSE, in the case of Keplr, we need to send request to GUI then to Keplr wallet if I'm correct, so it can't directly work with WalletConnect. The current activation logic is quite easy to understand and scale(when integrating KDF as Wallet in the future)
Yeah, for Keplr, GUI side triggers the Keplr events which when required. But it doesn't have to be the same way for WalletConnect.
There was a problem hiding this comment.
User sends the activation request for WC -> KDF takes the request and runs the logic where it reads Pubkey from WC -> Uses that Pubkey to run KDF as an external wallet (just like any other wallet).
that's how the current flow works.. or am getting something wrong..
User request coin activation, logic checks if TendermintPubkeyActivationParams::WalletConnect( we can't use WithPubkey, since we don't have the pubkey at start)
then KDF takes the request and runs the logic where it reads Pubkey from WC( maybe this function should have a different naming)
Uses that Pubkey to run KDF as an external wallet (just like any other wallet).
| @@ -276,6 +279,7 @@ impl TendermintActivationPolicy { | |||
|
|
|||
| #[cfg(target_arch = "wasm32")] | |||
| PrivKeyPolicy::Metamask(_) => unreachable!(), | |||
| PrivKeyPolicy::WalletConnect { .. } => unreachable!(), | |||
There was a problem hiding this comment.
Q: Is it really impossible to get the public key from WalletConnect?
There was a problem hiding this comment.
you mean privateKey?, No
There was a problem hiding this comment.
this method gets the pubkey though.
if i understand correctly this is marked as unreachable as we convert walletconnect variants to pubkey-only.
can we return an error here instead?
| @@ -2,7 +2,7 @@ | |||
| JEMALLOC_SYS_WITH_MALLOC_CONF = "background_thread:true,narenas:1,tcache:false,dirty_decay_ms:0,muzzy_decay_ms:0,metadata_thp:auto" | |||
|
|
|||
| [target.'cfg(all())'] | |||
| rustflags = [ "-Zshare-generics=y" ] | |||
| rustflags = [ "-Zshare-generics=y", '--cfg=curve25519_dalek_backend="fiat"' ] | |||
There was a problem hiding this comment.
Q: what is that for?
There was a problem hiding this comment.
selecting the backend for compiling curve25519-dalek. This is explicitly needed because I updated the lib which now supports different backends for compilation
https://crates.io/crates/curve25519-dalek/4.1.3#simd-backend
| [patch.crates-io] | ||
| rand_core = { version = "0.6.2", package = "bip39" } |
There was a problem hiding this comment.
Q: can't understand this patch. why doesn't it have a url/git? could you explain how/what this does.
There was a problem hiding this comment.
Yeah, I'm forcing bip39 to depend on rand_core 0.6.2 since the lib is selecting the least supported version(0.4.2) in kdf even tho the version isn't really compatible with the latest version of bip39
https://crates.io/crates/bip39/2.1.0/dependencies, I mean the feature of bip39 we using in kdf requires rand_core 0.6.2 or greater
The lib is configured to select any version from 0.4.2==0.7
There was a problem hiding this comment.
another short iteration. i think i will focus solely on the new crate in the next iteration since the rest looks good.
the new crate i think is very well organized and easy to traverse. could make use of excessive spamy detailed (doc) comments though. this way others who didn't review it could still understand and change it.
| @@ -276,6 +279,7 @@ impl TendermintActivationPolicy { | |||
|
|
|||
| #[cfg(target_arch = "wasm32")] | |||
| PrivKeyPolicy::Metamask(_) => unreachable!(), | |||
| PrivKeyPolicy::WalletConnect { .. } => unreachable!(), | |||
There was a problem hiding this comment.
this method gets the pubkey though.
if i understand correctly this is marked as unreachable as we convert walletconnect variants to pubkey-only.
can we return an error here instead?
| let mut vec = Vec::new(); | ||
| for i in 0..map.len() { | ||
| if let Some(Value::Number(num)) = map.get(&i.to_string()) { | ||
| if let Some(byte) = num.as_u64() { | ||
| vec.push(byte as u8); | ||
| } else { | ||
| return Err(serde::de::Error::custom("Invalid byte value")); | ||
| } | ||
| } else { | ||
| return Err(serde::de::Error::custom("Invalid format")); | ||
| } | ||
| } | ||
| Ok(vec) |
There was a problem hiding this comment.
nit suggestion:
map.values()
.map(|v| {
v.as_u64()
.map(|v| v as u8)
.ok_or_else(|| serde::de::Error::custom("Invalid byte value"))
})
.collect()There was a problem hiding this comment.
these aren't equivalent
There was a problem hiding this comment.
only diff i think is Some(Value::Number(num)) = map.get() to check if the value is a number? right?
I don't think that's really important to set one error message for numbers vs non-numbers bad bytes. also we should do the same for conversion from u64 to u8.
mm2src/mm2_main/src/rpc.rs
Outdated
| @@ -205,7 +205,7 @@ async fn process_single_request(ctx: MmArc, req: Json, client: SocketAddr) -> Re | |||
|
|
|||
| #[cfg(not(target_arch = "wasm32"))] | |||
| async fn rpc_service(req: Request<Body>, ctx_h: u32, client: SocketAddr) -> Response<Body> { | |||
| const NON_ALLOWED_CHARS: &[char] = &['<', '>', '&']; | |||
| const NON_ALLOWED_CHARS: &[char] = &['Ò']; | |||
There was a problem hiding this comment.
what's that char and why is it disallowed? if it's a place holder we could instead remove this validation all together.
| }; | ||
|
|
||
| let mut public = Public::default(); | ||
| public.as_mut().copy_from_slice(&uncompressed[1..65]); |
There was a problem hiding this comment.
ummm, looks like we skip the first 8bits of the H520, thus rendering it essentially an H512. maybe we could return a Public = H512 instead of PublicKey = H520 from recover().
that's just an early suggestion, i will want to check what these trimmed 8bits actually for first.
There was a problem hiding this comment.
why is this changed needed ? I think its more appropriate to return Seckp2561 pubkey here
komodo-defi-framework/mm2src/coins/eth/wallet_connect.rs
Lines 211 to 222 in 0d3fdfe
There was a problem hiding this comment.
not really needed. but I'm trying to understand why we have two different pubkey types and making them into one if possible.
will dig more into it.
There was a problem hiding this comment.
looks like the first octet (byte/8-bits) is a flag to signify that the pubkey is uncompressed (even though one would usually know from the pubkey length, but i guess this is the standard anyways).
0x04 -> uncompressed
0x02 -> compressed with even y co-ordinate
0x03 -> compressed with odd y co-ordinate
https://www.rfc-editor.org/rfc/rfc5480#section-2.2
we can leave a little note saying that the first bit is not part of the uncomprssed key but rather just part of the encoding.
mm2src/kdf_walletconnect/src/lib.rs
Outdated
| pub struct WalletConnectCtx { | ||
| pub(crate) client: Client, | ||
| pub(crate) pairing: PairingClient, | ||
| pub session: SessionManager, |
There was a problem hiding this comment.
i think we want to rename this field to session_manager. it makes more sense to call session_manager.get_sessions() instead of session.get_sessions(). also might be confusing as this session field has sessions inside it.
There was a problem hiding this comment.
make sense. thanks
done
| Some(value) => Some(serde_json::from_value(value)?), | ||
| None => None, | ||
| }; | ||
| let (topic, url) = self.pairing.create(self.metadata.clone(), None)?; |
There was a problem hiding this comment.
what if we fail to subscribe within attempts or send proposal? the pairing will persist here forever?
There was a problem hiding this comment.
if subscription fails, pairing will expire after 5 mins and becomes unusable. The only option is to resend a new_connection request. Actually pairing is only needed to initiate a session connection
| /// Internal implementation of session management. | ||
| struct SessionManagerImpl { | ||
| /// The currently active session topic. | ||
| active_topic: Mutex<Option<Topic>>, |
There was a problem hiding this comment.
looks like this is an async mutex. i skimmed quickly over the usages of it and i think we don't need it async.
we should always prefer sync mutex unless there is a reason not to use them.
There was a problem hiding this comment.
not totally, we should prefer async mutex over sync mutex in async environment. The compiler won't even allow you use sync mutex while holding the lock over an await.
There was a problem hiding this comment.
not really. one should prefer sync mutexes even in async contexts. sync mutexes are faster and lighter.
async mutexes on the other hand are packed with capabilities to make them able to lock across await points when the execution is handed some where else.
if the sync mutex doesn't get locked for so long (so locking the mutex and executing a long op while the mutex is locked) then it's perfectly fine to use it in async context it won't degrade (but actually boost) perf.
imagine a mutex that's available to lock nearly 99.99% of the time, it's easy to acquire, and if it ever blocked you only wait for a couple of micro seconds at max as we don't hold the mutex and execute some long op.
There was a problem hiding this comment.
https://stackoverflow.com/a/73840831, so it all boils down to how long the lock will be held for I guess
upd: updated to sync mutex 31c9594
| let session_proposal = RequestParams::SessionPropose(SessionProposeRequest { | ||
| relays: vec![ctx.relay.clone()], | ||
| proposer, | ||
| required_namespaces: namespaces.unwrap_or_else(build_default_required_namespaces), |
There was a problem hiding this comment.
why we default to build_default_required_namespaces? why not default to no namespaces? or otherwise force the user to provide name spaces and not make it optional?
There was a problem hiding this comment.
you can't send a proposal with an empty namespaces. atleast one is required.
otherwise force the user to provide name spaces
yeah better, bdf9636
|
|
||
| async fn save_session(&self, session: &Session) -> MmResult<(), Self::Error> { | ||
| debug!("[{}] Saving WalletConnect session to storage", session.topic); | ||
| validate_table_name(SESSION_TABLE_NAME).map_err(AsyncConnError::from)?; |
There was a problem hiding this comment.
i think it's enough to validate the table name on initialization
mm2src/kdf_walletconnect/src/lib.rs
Outdated
| let wallet_connect = WalletConnectCtx::from_ctx(ctx)?; | ||
| // WalletConnectCtx is initialized, now we can connect to relayer client and spawn a watcher | ||
| // loop for disconnection. | ||
| ctx.spawner().spawn(initialize_connection(wallet_connect.clone())); |
There was a problem hiding this comment.
could we cover this inside WalletConnectCtx::try_init, so try_init would return a complete functional WC context.
i think we also might want to use our spawning system and hand WCCtx a subsystem of its own to run these long lived futures in.
right now we use ctx to spawn this future, we use ctx for another future below, and use spawn_aboratable for one future spawned inside the try_init.
There was a problem hiding this comment.
hmm yeah thanks a lot.. going to try this path
upd: done
mm2src/kdf_walletconnect/src/lib.rs
Outdated
|
|
||
| // spawn message handler event loop | ||
| ctx.spawner().spawn(async move { | ||
| let mut recv = wallet_connect.inbound_message_rx.lock().await; |
There was a problem hiding this comment.
feels like inbound_message_rx shouldn't have been stored inside the context in the first place?
mm2src/kdf_walletconnect/src/lib.rs
Outdated
| }; | ||
| let (inbound_message_tx, inbound_message_rx) = unbounded(); | ||
| let (conn_live_sender, conn_live_receiver) = unbounded(); | ||
| let (message_tx, session_request_receiver) = unbounded(); |
There was a problem hiding this comment.
let's rename session_request_receiver to message_rx or rename message_tx to session_request_sender.
that aside, it feels wrong holding two ends of the channel in the same struct. you want to have one end given to another party!
There was a problem hiding this comment.
it feels wrong holding two ends of the channel in the same struct
why??
There was a problem hiding this comment.
upd: used weak spawner so this has been refactored.
There was a problem hiding this comment.
nope, we still hold both ends of the channel.
what about passing message_tx to handle_published_message so not to have to store the send end of the channel in the context. it's only used by process_inbound_response.
| self.publish_request(&active_topic, request).await?; | ||
|
|
||
| if let Ok(Some(resp)) = self.message_rx.lock().await.next().timeout_secs(ttl as f64).await { |
There was a problem hiding this comment.
now after we publish our request, are we really sure that the next response we get from the message_rx was really intended for us?
what if there is another thread that sent a request at around the same time? how do we gaurantee each thread gets the resposne message it should be expecting?
There was a problem hiding this comment.
Yes, since WalletConnect connected wallets processes only one request at a time and responds in the same order (FIFO)
borngraced
force-pushed
the
wc-integration
branch
from
27eadff
to
bdf9636
Compare
mm2src/kdf_walletconnect/src/lib.rs
Outdated
| }; | ||
| let (inbound_message_tx, inbound_message_rx) = unbounded(); | ||
| let (conn_live_sender, conn_live_receiver) = unbounded(); | ||
| let (message_tx, session_request_receiver) = unbounded(); |
There was a problem hiding this comment.
nope, we still hold both ends of the channel.
what about passing message_tx to handle_published_message so not to have to store the send end of the channel in the context. it's only used by process_inbound_response.
mm2src/kdf_walletconnect/src/lib.rs
Outdated
|
|
||
| impl WalletConnectCtx { | ||
| pub fn try_init(ctx: &MmArc) -> MmResult<Self, WalletConnectError> { | ||
| let abortable_system = ctx.abortable_system.create_subsystem::<AbortableQueue>().unwrap(); |
There was a problem hiding this comment.
in a normal state this shouldn't really trigger any panic, but could we still have this return error instead? just in case
mm2src/kdf_walletconnect/src/lib.rs
Outdated
| relay: Relay, | ||
| metadata: Metadata, | ||
| message_tx: UnboundedSender<SessionMessageType>, | ||
| message_rx: Arc<Mutex<UnboundedReceiver<SessionMessageType>>>, |
There was a problem hiding this comment.
i think we can free this out of Arc
mm2src/kdf_walletconnect/src/lib.rs
Outdated
| }; | ||
| let (topic, url) = self.pairing.create(self.metadata.clone(), None)?; | ||
|
|
||
| info!("[topic] Subscribing to topic"); |
There was a problem hiding this comment.
u probably meant to print the topic in this info!?
mm2src/kdf_walletconnect/src/lib.rs
Outdated
| .await | ||
| { | ||
| Ok(Ok(_)) => { | ||
| info!("[topic] Subscribed to topic"); |
| fn disconnected(&mut self, frame: Option<CloseFrame<'static>>) { | ||
| debug!("[{}] connection closed: frame={frame:?}", self.name); | ||
|
|
||
| if let Err(e) = self.conn_live_sender.start_send(frame.map(|f| f.to_string())) { |
There was a problem hiding this comment.
looks like this does the exact job as unbounded_send, could we use that one instead to avoid confusion.
also for the other occurrences.
There was a problem hiding this comment.
I don't get this comment. unbounded_send
There was a problem hiding this comment.
sorry. i meant replacing start_send with unbounded_send.
we usually exclusively only use .send and .unbounded_send for channels. so these are the more familiar ones.
|
|
||
| fn inbound_error(&mut self, error: ClientError) { | ||
| debug!("[{}] inbound error: {error}", self.name); | ||
| if let Err(e) = self.conn_live_sender.start_send(Some(error.to_string())) { |
There was a problem hiding this comment.
are these errors considered a disconnection?
the connection loop doesn't seem disconnected when firing them.
There was a problem hiding this comment.
websocket errors like connection drop can be returned from inbound_error or outbound error which requires a reconnect(no other workaround). I think it's better to reconnect on connection errors for WS too
| }; | ||
| } | ||
|
|
||
| let param = ResponseParamsSuccess::PairingPing(true); |
There was a problem hiding this comment.
this should return pairing extend message? no?
| /// Information about the controlling party (typically a wallet). | ||
| pub controller: Controller, | ||
| /// Information about the proposing party (typically a dApp). | ||
| pub proposer: Proposer, |
There was a problem hiding this comment.
this doesn't seem to be ever used?
also why we even have info about both proposer & controller at the same time (so 2 fields)? why not have an enum store info for the opposite party.
There was a problem hiding this comment.
It's good to save this information, should be useful in the GUI
| pub(crate) async fn add_session(&self, session: Session) { | ||
| // set active session topic. | ||
| *self.0.active_topic.lock().await = Some(session.topic.clone()); | ||
| *self.0.active_topic.lock().unwrap() = Some(session.topic.clone()); |
There was a problem hiding this comment.
such funcs were made async exclusively because of the async lock. we can make them sync now.
This PR introduces the integration of WalletConnect into the Komodo DeFi Framework (KDF), enabling secure wallet connections for Cosmos and EVM-based chains. KDF acts as the DApp(in this PR), allowing users to initiate and manage transactions securely with external wallets e.g via Metamask.
Key changes include:
TendermintandEVM.TendermintandEVMhttps://specs.walletconnect.com/2.0/specs/clients/sign/
https://specs.walletconnect.com/2.0/specs/clients/core/pairing/
https://specs.walletconnect.com/2.0/specs/clients/core/crypto/
https://specs.walletconnect.com/2.0/specs/servers/relay/
https://docs.reown.com/advanced/multichain/rpc-reference/ethereum-rpc
Additional improvements include cleanup of unused dependencies, minor code refinements, and WASM compatibility
Updated deps:
Added deps:
Removed deps:
How to test using EVM coin e.g
ETH(Native && WASM)cargo run){ "method": "wc_new_connection", "userpass": "{{ _.userpass }}", "mmrpc": "2.0", "params": { "required_namespaces": { "eip155": { "chains": ["eip155:1"] "methods": [ "eth_sendTransaction", "eth_signTransaction", "personal_sign" ], "events": [ "accountsChanged", "chainChanged" ] } } } }ETHcoin (set"priv_key_policy": "WalletConnect",in activation params).Note: To add more
eip155chains, modify the chains array like this:["eip155:1", "eip155:250"]