33// import { AddressType, InMemoryKeyAgent } from '@cardano-sdk/key-management'
44import { createWebExtHandler , webExtensionLink } from '@status-im/trpc-webext'
55import { createTRPCClient } from '@trpc/client'
6- import { initTRPC } from '@trpc/server'
6+ import { initTRPC , TRPCError } from '@trpc/server'
77import superjson from 'superjson'
88import { browser } from 'wxt/browser'
99import { z } from 'zod'
@@ -19,6 +19,7 @@ import {
1919} from './wallet'
2020import { runtimePortToClientContextType } from './webext'
2121
22+ import type { ValidPasswordContext } from './trpc/middlewares/password-auth'
2223import type { CreateWebExtContextOptions } from '@status-im/trpc-webext/adapter'
2324
2425const createContext = async ( webextOpts ?: CreateWebExtContextOptions ) => {
@@ -33,7 +34,7 @@ const createContext = async (webextOpts?: CreateWebExtContextOptions) => {
3334 }
3435}
3536
36- type Context = Awaited < ReturnType < typeof createContext > >
37+ type Context = Awaited < ReturnType < typeof createContext > > & ValidPasswordContext
3738
3839const passwordAuthPlugin = createPasswordAuthPlugin < Context > ( )
3940
@@ -46,7 +47,12 @@ const t = initTRPC.context<Context>().create({
4647 allowOutsideOfServer : true ,
4748} )
4849
49- const publicProcedure = t . procedure . concat ( passwordAuthPlugin )
50+ const trpcGlobalPlugins = [ passwordAuthPlugin ]
51+
52+ const publicProcedure = trpcGlobalPlugins . reduce (
53+ ( procedure , plugin ) => procedure . concat ( plugin ) ,
54+ t . procedure ,
55+ )
5056
5157const { createCallerFactory, router } = t
5258
@@ -74,7 +80,6 @@ const apiRouter = router({
7480 )
7581 . mutation ( async ( { input, ctx } ) => {
7682 const { walletCore, keyStore } = ctx
77- console . log ( 'ctx = ' , ctx )
7883
7984 const wallet = walletCore . HDWallet . create ( 128 , input . password )
8085 const mnemonic = wallet . mnemonic ( )
@@ -127,10 +132,16 @@ const apiRouter = router({
127132
128133 const wallet = await keyStore . load ( input . walletId )
129134
135+ if ( ! ctx . validPassword )
136+ throw new TRPCError ( {
137+ message : 'Invalid password' ,
138+ code : 'UNAUTHORIZED' ,
139+ } )
140+
130141 return {
131142 id : wallet . id ,
132143 name : wallet . name ,
133- mnemonic : await keyStore . exportMnemonic ( wallet . id , input . password ) ,
144+ mnemonic : await keyStore . exportMnemonic ( wallet . id , ctx . validPassword ) ,
134145 }
135146 } ) ,
136147
@@ -213,18 +224,24 @@ const apiRouter = router({
213224 . mutation ( async ( { input, ctx } ) => {
214225 const { keyStore, walletCore } = ctx
215226
227+ if ( ! ctx . validPassword )
228+ throw new TRPCError ( {
229+ message : 'Invalid password' ,
230+ code : 'UNAUTHORIZED' ,
231+ } )
232+
216233 const wallet = await keyStore . load ( input . walletId )
217234
218235 // todo!: test calling multiple times
219236 // const { id } = await keyStore.addAccounts(
220237 // wallet.id,
221- // input.password ,
238+ // ctx.validPassword ,
222239 // [walletCore.CoinType.ethereum],
223240 // )
224241
225242 const { id } = await keyStore . addAccountsWithDerivations (
226243 wallet . id ,
227- input . password ,
244+ ctx . validPassword ,
228245 [
229246 {
230247 // coin: wallet.activeAccounts[0].coin,
@@ -237,7 +254,7 @@ const apiRouter = router({
237254 // note: add account with custom derivation path
238255 // const mnemonic = (await keyStore.export(
239256 // wallet.id,
240- // input.password ,
257+ // ctx.validPassword ,
241258 // )) as string
242259 // // fixme: calculate index based on last account
243260 // const index = 0
@@ -246,19 +263,19 @@ const apiRouter = router({
246263 // const key = walletCore.StoredKey.importHDWallet(
247264 // mnemonic,
248265 // input.name,
249- // Buffer.from(input.password ),
266+ // Buffer.from(ctx.validPassword ),
250267 // walletCore.CoinType.ethereum,
251268 // )
252269
253270 // const privateKey = key
254- // .wallet(Buffer.from(input.password ))
271+ // .wallet(Buffer.from(ctx.validPassword ))
255272 // .getKey(walletCore.CoinType.ethereum, derivationPath)
256273
257274 // // note!: would be categorized separatley from mnemonic wallet and as as private key, so if used instead of adding accounts add private keys from the start
258275 // const { id } = await keyStore.importKey(
259276 // privateKey.data(),
260277 // 'untitled',
261- // input.password ,
278+ // ctx.validPassword ,
262279 // walletCore.CoinType.ethereum,
263280 // walletCore.StoredKeyEncryption.aes256Ctr,
264281 // )
@@ -296,25 +313,31 @@ const apiRouter = router({
296313 throw new Error ( 'From address not found' )
297314 }
298315
316+ if ( ! ctx . validPassword )
317+ throw new TRPCError ( {
318+ message : 'Invalid password' ,
319+ code : 'UNAUTHORIZED' ,
320+ } )
321+
299322 // const mnemonic = (await keyStore.export(
300323 // wallet.id,
301- // input.password ,
324+ // ctx.validPassword ,
302325 // )) as string
303326
304327 // const key = walletCore.StoredKey.importHDWallet(
305328 // mnemonic,
306329 // wallet.name,
307- // Buffer.from(input.password ),
330+ // Buffer.from(ctx.validPassword ),
308331 // walletCore.CoinType.ethereum,
309332 // )
310333
311334 // const privateKey = key
312- // .wallet(Buffer.from(input.password ))
335+ // .wallet(Buffer.from(ctx.validPassword ))
313336 // .getKey(walletCore.CoinType.ethereum, account.derivationPath)
314337
315338 const privateKey = await keyStore . getKey (
316339 wallet . id ,
317- input . password ,
340+ ctx . validPassword ,
318341 account ,
319342 )
320343
@@ -350,9 +373,15 @@ const apiRouter = router({
350373
351374 const wallet = await keyStore . load ( input . walletId )
352375
376+ if ( ! ctx . validPassword )
377+ throw new TRPCError ( {
378+ message : 'Invalid password' ,
379+ code : 'UNAUTHORIZED' ,
380+ } )
381+
353382 const { id } = await keyStore . addAccountsWithDerivations (
354383 wallet . id ,
355- input . password ,
384+ ctx . validPassword ,
356385 [
357386 {
358387 coin : walletCore . CoinType . bitcoin ,
@@ -381,7 +410,7 @@ const apiRouter = router({
381410 // note!: second default derivation; does not add new account
382411 // await keyStore.addAccountsWithDerivations(
383412 // wallet.id,
384- // input.password ,
413+ // ctx.validPassword ,
385414 // [
386415 // {
387416 // coin: walletCore.CoinType.bitcoin,
@@ -419,9 +448,15 @@ const apiRouter = router({
419448 throw new Error ( 'From address not found' )
420449 }
421450
451+ if ( ! ctx . validPassword )
452+ throw new TRPCError ( {
453+ message : 'Invalid password' ,
454+ code : 'UNAUTHORIZED' ,
455+ } )
456+
422457 const privateKey = await keyStore . getKey (
423458 wallet . id ,
424- input . password ,
459+ ctx . validPassword ,
425460 account ,
426461 )
427462
@@ -452,9 +487,15 @@ const apiRouter = router({
452487
453488 const wallet = await keyStore . load ( input . walletId )
454489
490+ if ( ! ctx . validPassword )
491+ throw new TRPCError ( {
492+ message : 'Invalid password' ,
493+ code : 'UNAUTHORIZED' ,
494+ } )
495+
455496 const { id } = await keyStore . addAccounts (
456497 wallet . id ,
457- input . password ,
498+ ctx . validPassword ,
458499 [ walletCore . CoinType . solana ] ,
459500 )
460501
@@ -487,9 +528,15 @@ const apiRouter = router({
487528 throw new Error ( 'From address not found' )
488529 }
489530
531+ if ( ! ctx . validPassword )
532+ throw new TRPCError ( {
533+ message : 'Invalid password' ,
534+ code : 'UNAUTHORIZED' ,
535+ } )
536+
490537 const privateKey = await keyStore . getKey (
491538 wallet . id ,
492- input . password ,
539+ ctx . validPassword ,
493540 account ,
494541 )
495542
@@ -520,9 +567,15 @@ const apiRouter = router({
520567
521568 const wallet = await keyStore . load ( input . walletId )
522569
570+ if ( ! ctx . validPassword )
571+ throw new TRPCError ( {
572+ message : 'Invalid password' ,
573+ code : 'UNAUTHORIZED' ,
574+ } )
575+
523576 const { id } = await keyStore . addAccounts (
524577 wallet . id ,
525- input . password ,
578+ ctx . validPassword ,
526579 [ walletCore . CoinType . cardano ] ,
527580 )
528581
0 commit comments