From 7a92aae5c8c4678612d8e48ca3aaf6daccd43d5d Mon Sep 17 00:00:00 2001 From: Sid Vishnoi <8426945+sidvishnoi@users.noreply.github.com> Date: Tue, 30 Sep 2025 15:16:39 +0530 Subject: [PATCH 1/2] chore(deps): update `@noble/ed25519` to v3 --- package.json | 2 +- pnpm-lock.yaml | 10 +++++----- src/background/services/openPayments.ts | 2 +- src/shared/crypto.ts | 14 ++------------ 4 files changed, 9 insertions(+), 19 deletions(-) diff --git a/package.json b/package.json index ffe6e8eb8..cf441625b 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ }, "dependencies": { "@interledger/open-payments": "^7.1.3", - "@noble/ed25519": "^2.3.0", + "@noble/ed25519": "^3.0.0", "@noble/hashes": "^2.0.1", "@radix-ui/react-tabs": "^1.1.13", "awilix": "^12.0.5", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index adfb4f12a..bab1e97f0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -19,8 +19,8 @@ importers: specifier: ^7.1.3 version: 7.1.3 '@noble/ed25519': - specifier: ^2.3.0 - version: 2.3.0 + specifier: ^3.0.0 + version: 3.0.0 '@noble/hashes': specifier: ^2.0.1 version: 2.0.1 @@ -821,8 +821,8 @@ packages: '@napi-rs/wasm-runtime@0.2.11': resolution: {integrity: sha512-9DPkXtvHydrcOsopiYpUgPHpmj0HWZKMUnL2dZqpvC42lsratuBG06V5ipyno0fUek5VlFsNQ+AcFATSrJXgMA==} - '@noble/ed25519@2.3.0': - resolution: {integrity: sha512-M7dvXL2B92/M7dw9+gzuydL8qn/jiqNHaoR3Q+cb1q1GHV7uwE17WCyFMG+Y+TZb5izcaXk5TdJRrDUxHXL78A==} + '@noble/ed25519@3.0.0': + resolution: {integrity: sha512-QyteqMNm0GLqfa5SoYbSC3+Pvykwpn95Zgth4MFVSMKBB75ELl9tX1LAVsN4c3HXOrakHsF2gL4zWDAYCcsnzg==} '@noble/hashes@2.0.1': resolution: {integrity: sha512-XlOlEbQcE9fmuXxrVTXCTlG2nlRXa9Rj3rr5Ue/+tX+nmkgbX720YHh0VR3hBF9xDvwnb8D2shVGOwNx+ulArw==} @@ -4251,7 +4251,7 @@ snapshots: '@tybys/wasm-util': 0.9.0 optional: true - '@noble/ed25519@2.3.0': {} + '@noble/ed25519@3.0.0': {} '@noble/hashes@2.0.1': {} diff --git a/src/background/services/openPayments.ts b/src/background/services/openPayments.ts index a16eafd93..2888cd7ae 100644 --- a/src/background/services/openPayments.ts +++ b/src/background/services/openPayments.ts @@ -98,7 +98,7 @@ export class OpenPaymentsService { id: keyId, alg: 'ed25519', async sign(data: Uint8Array) { - return Buffer.from(await ed.signAsync(data, key.slice(16))); + return Buffer.from(await ed.signAsync(data, key)); }, }; } diff --git a/src/shared/crypto.ts b/src/shared/crypto.ts index de2456bb6..ffcd63fd7 100644 --- a/src/shared/crypto.ts +++ b/src/shared/crypto.ts @@ -1,18 +1,8 @@ import * as ed from '@noble/ed25519'; export async function generateEd25519KeyPair() { - const rawPrivateKey = ed.utils.randomPrivateKey(); - // PKCS#8 format (version + algorithm) - // Adding these values upfront solves the future import of the key using - // `crypto.subtle.importKey` once the WebCrypto API supports the Ed25519 algorithm. - // biome-ignore format: inline array looks cleaner - const privateKey = new Uint8Array([ - 48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32, - ...rawPrivateKey, - ]) - const publicKey = await ed.getPublicKeyAsync(rawPrivateKey); - - return { privateKey, publicKey }; + const keyPair = await ed.keygenAsync(); + return { privateKey: keyPair.secretKey, publicKey: keyPair.publicKey }; } export function exportJWK(key: Uint8Array, kid: string) { From 76a7981181bccd687f81476c87658973427055fd Mon Sep 17 00:00:00 2001 From: Sid Vishnoi <8426945+sidvishnoi@users.noreply.github.com> Date: Tue, 30 Sep 2025 16:33:45 +0530 Subject: [PATCH 2/2] ensure older keys continue to work nit: improve imports --- src/background/services/openPayments.ts | 14 ++++++++++---- src/shared/crypto.ts | 4 ++-- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/src/background/services/openPayments.ts b/src/background/services/openPayments.ts index 2888cd7ae..ada9da6eb 100644 --- a/src/background/services/openPayments.ts +++ b/src/background/services/openPayments.ts @@ -4,7 +4,8 @@ import { createAuthenticatedClient, OpenPaymentsClientError, } from '@interledger/open-payments/dist/client'; -import * as ed from '@noble/ed25519'; +import { signAsync } from '@noble/ed25519'; +import { hexToBytes } from '@noble/hashes/utils.js'; import type { Request } from 'http-message-signatures'; import { signMessage } from 'http-message-signatures/lib/httpbis'; import { createContentDigestHeader } from 'httpbis-digest-headers'; @@ -98,7 +99,7 @@ export class OpenPaymentsService { id: keyId, alg: 'ed25519', async sign(data: Uint8Array) { - return Buffer.from(await ed.signAsync(data, key)); + return Buffer.from(await signAsync(data, key)); }, }; } @@ -162,7 +163,12 @@ export class OpenPaymentsService { async initClient(walletAddressUrl: string) { const { privateKey, keyId } = await this.getPrivateKeyInformation(); - + let privateKeyBytes = hexToBytes(privateKey); + if (privateKeyBytes.length === 48) { + // For keys generated before https://github.com/interledger/web-monetization-extension/pull/1192 + // biome-ignore format: inline array looks cleaner + privateKeyBytes = privateKeyBytes.slice(16) + } this.client = await createAuthenticatedClient({ validateResponses: false, requestTimeoutMs: 10_000, @@ -185,7 +191,7 @@ export class OpenPaymentsService { ? JSON.stringify(await request.json()) : undefined, }, - privateKey: ed.etc.hexToBytes(privateKey), + privateKey: privateKeyBytes, keyId, }); diff --git a/src/shared/crypto.ts b/src/shared/crypto.ts index ffcd63fd7..7f80499ec 100644 --- a/src/shared/crypto.ts +++ b/src/shared/crypto.ts @@ -1,7 +1,7 @@ -import * as ed from '@noble/ed25519'; +import { keygenAsync } from '@noble/ed25519'; export async function generateEd25519KeyPair() { - const keyPair = await ed.keygenAsync(); + const keyPair = await keygenAsync(); return { privateKey: keyPair.secretKey, publicKey: keyPair.publicKey }; }