From a22c5b16bcb5ac208a8b2f609cc1eff9e202f665 Mon Sep 17 00:00:00 2001 From: jxom <7336481+jxom@users.noreply.github.com> Date: Fri, 22 Nov 2024 07:18:07 +1100 Subject: [PATCH] feat: export `setSignEntropy` --- .changeset/ninety-suits-invite.md | 4 ++-- src/accounts/index.test.ts | 1 + src/accounts/index.ts | 1 + src/accounts/utils/sign.ts | 9 ++++++--- test/setup.ts | 3 --- vectors/src/transaction.vectors.test.ts | 3 --- 6 files changed, 10 insertions(+), 11 deletions(-) diff --git a/.changeset/ninety-suits-invite.md b/.changeset/ninety-suits-invite.md index 87ede0700a..21e0bda48e 100644 --- a/.changeset/ninety-suits-invite.md +++ b/.changeset/ninety-suits-invite.md @@ -1,5 +1,5 @@ --- -"viem": minor +"viem": patch --- -Improved security of signature generation. Resolves #3028. +Added `setSignEntropy` export to improve security of signature generation. diff --git a/src/accounts/index.test.ts b/src/accounts/index.test.ts index bb3be338d6..ae4076eb7d 100644 --- a/src/accounts/index.test.ts +++ b/src/accounts/index.test.ts @@ -22,6 +22,7 @@ test('exports utils', () => { "mnemonicToAccount", "privateKeyToAccount", "toAccount", + "setSignEntropy", "sign", "signatureToHex", "serializeSignature", diff --git a/src/accounts/index.ts b/src/accounts/index.ts index 05506a7c11..8569fc061e 100644 --- a/src/accounts/index.ts +++ b/src/accounts/index.ts @@ -55,6 +55,7 @@ export { type SignErrorType, type SignParameters, type SignReturnType, + setSignEntropy, sign, } from './utils/sign.js' export { diff --git a/src/accounts/utils/sign.ts b/src/accounts/utils/sign.ts index 311170f462..c43db3b0a1 100644 --- a/src/accounts/utils/sign.ts +++ b/src/accounts/utils/sign.ts @@ -25,10 +25,13 @@ export type SignReturnType = export type SignErrorType = NumberToHexErrorType | ErrorType -let extraEntropy: Hex | boolean = true +let extraEntropy: Hex | boolean = false -/** @internal */ -export function setSignEntropy(entropy: Hex | boolean) { +/** + * Sets extra entropy for signing functions. + */ +export function setSignEntropy(entropy: true | Hex) { + if (!entropy) throw new Error('must be a `true` or a hex value.') extraEntropy = entropy } diff --git a/test/setup.ts b/test/setup.ts index 68648b37ab..3b551fbc17 100644 --- a/test/setup.ts +++ b/test/setup.ts @@ -5,14 +5,11 @@ import { cleanupCache, listenersCache } from '~viem/utils/observe.js' import { promiseCache, responseCache } from '~viem/utils/promise/withCache.js' import { socketClientCache } from '~viem/utils/rpc/socket.js' -import { setSignEntropy } from '../src/accounts/utils/sign.js' import { setErrorConfig } from '../src/errors/base.js' import * as instances from './src/anvil.js' const client = instances.anvilMainnet.getClient() -setSignEntropy(false) - beforeAll(() => { setErrorConfig({ getDocsUrl({ docsBaseUrl, docsPath }) { diff --git a/vectors/src/transaction.vectors.test.ts b/vectors/src/transaction.vectors.test.ts index b500e97a81..0acb44ce34 100644 --- a/vectors/src/transaction.vectors.test.ts +++ b/vectors/src/transaction.vectors.test.ts @@ -7,9 +7,6 @@ import { signTransaction } from '../../src/accounts/utils/signTransaction.js' import { parseTransaction } from '../../src/index.js' import { serializeTransaction } from '../../src/utils/transaction/serializeTransaction.js' import { readGzippedJson } from '../utils.js' -import { setSignEntropy } from '../../src/accounts/utils/sign.js' - -setSignEntropy(false) const transactions_ = await readGzippedJson( join(import.meta.dir, './transaction.json.gz'),