feat!: lsig delegation refactor

Author: joe-p

packages/transact/src/logicsig.spec.ts

@@ -1,4 +1,4 @@
-import { encodeMsgpack } from '@algorandfoundation/algokit-common'
+import { Address, encodeMsgpack } from '@algorandfoundation/algokit-common'
 import { describe, expect, test } from 'vitest'
 import { LogicSigAccount } from './logicsig'
 import { LogicSignature } from './transactions/signed-transaction'
@@ -15,7 +15,7 @@ describe('logicsig', () => {
       } satisfies LogicSignature
       const encoded = encodeMsgpack(logicSignatureCodec.encode(logicSignature, 'msgpack'))
 
-      const decoded = LogicSigAccount.fromBytes(encoded)
+      const decoded = LogicSigAccount.fromBytes(encoded, Address.zeroAddress())
 
       expect(decoded.logic).toEqual(logicSignature.logic)
       expect(decoded.sig).toEqual(signature)

packages/transact/src/logicsig.ts

@@ -1,6 +1,6 @@
-import { Address, concatArrays, decodeMsgpack, hash } from '@algorandfoundation/algokit-common'
+import { Address, Addressable, concatArrays, decodeMsgpack, hash } from '@algorandfoundation/algokit-common'
 import { MultisigAccount } from './multisig'
-import { TransactionSigner } from './signer'
+import { AddressWithDelegatedLsigSigner, TransactionSigner } from './signer'
 import { LogicSignature, MultisigSignature, SignedTransaction, encodeSignedTransaction } from './transactions/signed-transaction'
 import { Transaction } from './transactions/transaction'
 import { logicSignatureCodec } from './transactions/signed-transaction-meta'
@@ -9,43 +9,118 @@ const PROGRAM_TAG = new TextEncoder().encode('Program')
 const MSIG_PROGRAM_TAG = new TextEncoder().encode('MsigProgram')
 const SIGN_PROGRAM_DATA_PREFIX = new TextEncoder().encode('ProgData')
 
-/** Function for signing logic signatures for delegation */
-export type DelegatedLsigSigner = (lsig: LogicSigAccount, msig?: MultisigAccount) => Promise<Uint8Array>
+/** Function for signing logic signatures for delegation
+ *  @param lsig - The logic signature that is being signed for delegation
+ *  @param msig - Optional multisig account that should be set when a public key is signing as a subsigner of a multisig
+ *  @returns The address of the delegator
+ * */
+export type DelegatedLsigSigner = (
+  lsig: LogicSigAccount,
+  msig?: MultisigAccount,
+) => Promise<{ addr: Address } & ({ sig?: Uint8Array } | { lmsig?: MultisigSignature })>
 
 /** Function for signing program data for a logic signature */
-export type ProgramDataSigner = (data: Uint8Array, lsig: LogicSigAccount) => Promise<Uint8Array>
+export type ProgramDataSigner = (data: Uint8Array, lsig: LogicSig) => Promise<Uint8Array>
 
-export class LogicSigAccount {
+export class LogicSig implements Addressable {
   logic: Uint8Array
   args: Uint8Array[]
+  protected _addr: Address
+
+  constructor(program: Uint8Array, programArgs?: Array<Uint8Array>) {
+    this.logic = program
+    this.args = programArgs?.map((arg) => new Uint8Array(arg)) ?? []
+    this._addr = this.address()
+    const toBeSigned = concatArrays(PROGRAM_TAG, this.logic)
+    const h = hash(toBeSigned)
+    this._addr = new Address(h)
+  }
+
+  static fromSignature(signature: LogicSignature): LogicSig {
+    return new LogicSig(signature.logic, signature.args || [])
+  }
+
+  static fromBytes(encodedLsig: Uint8Array): LogicSig {
+    const decoded = decodeMsgpack(encodedLsig)
+    const lsigSignature = logicSignatureCodec.decode(decoded, 'msgpack')
+    return LogicSig.fromSignature(lsigSignature)
+  }
+
+  address(): Address {
+    return this._addr
+  }
+
+  get addr(): Address {
+    return this._addr
+  }
+
+  bytesToSignForDelegation(msig?: MultisigAccount): Uint8Array {
+    if (msig) {
+      return concatArrays(MSIG_PROGRAM_TAG, msig.addr.publicKey, this.logic)
+    } else {
+      return concatArrays(PROGRAM_TAG, this.logic)
+    }
+  }
+
+  signProgramData(data: Uint8Array, signer: ProgramDataSigner): Promise<Uint8Array> {
+    return signer(data, this)
+  }
+
+  programDataToSign(data: Uint8Array): Uint8Array {
+    return concatArrays(SIGN_PROGRAM_DATA_PREFIX, this.address().publicKey, data)
+  }
+
+  account(): LogicSigAccount {
+    return new LogicSigAccount(this.logic, this.args)
+  }
+
+  delegatedAccount(delegator: Address): LogicSigAccount {
+    return new LogicSigAccount(this.logic, this.args, delegator)
+  }
+}
+
+export class LogicSigAccount extends LogicSig {
   sig?: Uint8Array
   msig?: MultisigSignature
   lmsig?: MultisigSignature
 
-  static fromSignature(signature: LogicSignature): LogicSigAccount {
-    const lsigAccount = new LogicSigAccount(signature.logic, signature.args || [])
-    lsigAccount.sig = signature.sig
-    lsigAccount.msig = signature.msig
-    lsigAccount.lmsig = signature.lmsig
+  static fromSignature(signature: LogicSignature, delegator?: Address): LogicSigAccount {
+    if (signature.lmsig || signature.msig) {
+      const msigAddr = MultisigAccount.fromSignature((signature.lmsig || signature.msig)!).addr
+
+      if (delegator && !msigAddr.equals(delegator)) {
+        throw new Error('Provided delegator address does not match multisig address')
+      }
+
+      const lsig = new LogicSigAccount(signature.logic, signature.args || [], msigAddr)
+      lsig.lmsig = signature.lmsig
+      lsig.msig = signature.msig
+      return lsig
+    }
+
+    const lsigAccount = new LogicSigAccount(signature.logic, signature.args || [], delegator)
+
+    if (signature.sig && delegator === undefined) {
+      throw new Error('Delegated address must be provided when logic sig has a signature')
+    }
+
+    if (signature.sig) {
+      lsigAccount.sig = signature.sig
+      return lsigAccount
+    }
+
     return lsigAccount
   }
 
-  static fromBytes(encodedLsig: Uint8Array): LogicSigAccount {
+  static fromBytes(encodedLsig: Uint8Array, delegator?: Address): LogicSigAccount {
     const decoded = decodeMsgpack(encodedLsig)
     const lsigSignature = logicSignatureCodec.decode(decoded, 'msgpack')
-    return LogicSigAccount.fromSignature(lsigSignature)
+    return LogicSigAccount.fromSignature(lsigSignature, delegator)
   }
 
-  constructor(program: Uint8Array, programArgs?: Array<Uint8Array> | null) {
-    if (programArgs && (!Array.isArray(programArgs) || !programArgs.every((arg) => arg.constructor === Uint8Array))) {
-      throw new TypeError('Invalid arguments')
-    }
-
-    let args: Uint8Array[] = []
-    if (programArgs != null) args = programArgs.map((arg) => new Uint8Array(arg))
-
-    this.logic = program
-    this.args = args
+  constructor(program: Uint8Array, programArgs?: Array<Uint8Array> | null, delegator?: Address) {
+    super(program, programArgs ?? undefined)
+    this._addr = delegator ?? this._addr
   }
 
   get signer(): TransactionSigner {
@@ -59,60 +134,32 @@ export class LogicSigAccount {
           lsig: { logic: this.logic, args: this.args, msig: this.msig, lmsig: this.lmsig, sig: this.sig },
         }
 
+        if (!stxn.txn.sender.equals(this.addr)) {
+          stxn.authAddress = this.addr
+        }
+
         signedTxns.push(encodeSignedTransaction(stxn))
       }
 
       return signedTxns
     }
   }
 
-  get addr(): Address {
-    return this.address()
-  }
-
-  /**
-   * Compute hash of the logic sig program (that is the same as escrow account address) as string address
-   * @returns String representation of the address
-   */
-  address(): Address {
-    const toBeSigned = concatArrays(PROGRAM_TAG, this.logic)
-    const h = hash(toBeSigned)
-    return new Address(h)
-  }
-
-  async delegate(signer: DelegatedLsigSigner) {
-    this.sig = await signer(this)
-  }
-
-  async delegateMultisig(msig: MultisigAccount) {
-    if (this.lmsig == undefined) {
-      this.lmsig = {
-        subsigs: [],
-        version: msig.params.version,
-        threshold: msig.params.threshold,
-      }
-    }
-    for (const addrWithSigner of msig.subSigners) {
-      const { lsigSigner, addr } = addrWithSigner
-      const signature = await lsigSigner(this, msig)
+  async signForDelegation(delegator: AddressWithDelegatedLsigSigner) {
+    const result = await delegator.lsigSigner(this)
 
-      this.lmsig.subsigs.push({ publicKey: addr.publicKey, sig: signature })
+    if (!result.addr.equals(this._addr)) {
+      throw new Error(
+        `Delagator address from signer does not match expected delegator address. Expected: ${this._addr.toString()}, got: ${result.addr.toString()}`,
+      )
     }
-  }
 
-  bytesToSignForDelegation(msig?: MultisigAccount): Uint8Array {
-    if (msig) {
-      return concatArrays(MSIG_PROGRAM_TAG, msig.addr.publicKey, this.logic)
+    if ('sig' in result && result.sig) {
+      this.sig = result.sig
+    } else if ('lmsig' in result && result.lmsig) {
+      this.lmsig = result.lmsig
     } else {
-      return concatArrays(PROGRAM_TAG, this.logic)
+      throw new Error('Delegated lsig signer must return either a sig or lmsig')
     }
   }
-
-  signProgramData(data: Uint8Array, signer: ProgramDataSigner): Promise<Uint8Array> {
-    return signer(data, this)
-  }
-
-  programDataToSign(data: Uint8Array): Uint8Array {
-    return concatArrays(SIGN_PROGRAM_DATA_PREFIX, this.address().publicKey, data)
-  }
 }

packages/transact/src/multisig.ts

@@ -17,6 +17,7 @@ import {
   SignedTransaction,
 } from './transactions/signed-transaction'
 import { Transaction } from './transactions/transaction'
+import { DelegatedLsigSigner } from './logicsig'
 
 const toPublicKeys = (addrs: Array<string | Address>): Uint8Array[] => addrs.map((addr) => getAddress(addr).publicKey)
 
@@ -382,11 +383,12 @@ export interface MultisigMetadata {
 }
 
 /** Account wrapper that supports partial or full multisig signing. */
-export class MultisigAccount implements AddressWithTransactionSigner {
+export class MultisigAccount implements AddressWithTransactionSigner, AddressWithDelegatedLsigSigner {
   _params: MultisigMetadata
   _subSigners: (AddressWithTransactionSigner & AddressWithDelegatedLsigSigner)[]
   _addr: Address
   _signer: TransactionSigner
+  _lsigSigner: DelegatedLsigSigner
 
   /** The parameters for the multisig account */
   get params(): Readonly<MultisigMetadata> {
@@ -408,6 +410,10 @@ export class MultisigAccount implements AddressWithTransactionSigner {
     return this._signer
   }
 
+  get lsigSigner(): DelegatedLsigSigner {
+    return this._lsigSigner
+  }
+
   static fromSignature(signature: MultisigSignature): MultisigAccount {
     const params: MultisigMetadata = {
       version: signature.version,
@@ -447,6 +453,25 @@ export class MultisigAccount implements AddressWithTransactionSigner {
 
       return signedMsigTxns.map(encodeSignedTransaction)
     }
+
+    this._lsigSigner = async (lsig, _) => {
+      let lmsig = lsig.lmsig ?? this.createMultisigSignature()
+
+      for (const addrWithSigner of this.subSigners) {
+        const { lsigSigner, addr } = addrWithSigner
+        const result = await lsigSigner(lsig, this)
+        if (!('sig' in result) || !result.sig) {
+          console.debug(result)
+          throw new Error(
+            `Signer for address ${addr.toString()} did not produce a valid signature when signing logic sig for multisig account ${this._addr.toString()}`,
+          )
+        }
+
+        lmsig = this.applySignature(lmsig, addr.publicKey, result.sig)
+      }
+
+      return { addr: this.addr, lmsig }
+    }
   }
 
   createMultisigTransaction(txn: Transaction): SignedTransaction {

packages/transact/src/signer.ts

@@ -75,7 +75,8 @@ export function generateAddressWithSigners(args: {
 
   const lsigSigner: DelegatedLsigSigner = async (lsig, msig) => {
     const bytesToSign = lsig.bytesToSignForDelegation(msig)
-    return await rawEd25519Signer(bytesToSign)
+    const sig = await rawEd25519Signer(bytesToSign)
+    return { sig, addr: sendingAddress }
   }
 
   const programDataSigner: ProgramDataSigner = async (data, lsig) => {

src/testing/account.ts

@@ -1,6 +1,13 @@
 import { AlgodClient } from '@algorandfoundation/algokit-algod-client'
 import { Address } from '@algorandfoundation/algokit-common'
-import { AddressWithSigners, AddressWithTransactionSigner } from '@algorandfoundation/algokit-transact'
+import {
+  AddressWithSigners,
+  AddressWithTransactionSigner,
+  DelegatedLsigSigner,
+  MxBytesSigner,
+  ProgramDataSigner,
+  TransactionSigner,
+} from '@algorandfoundation/algokit-transact'
 import { KmdClient } from '@algorandfoundation/algokit-kmd-client'
 import { AlgorandClient, Config } from '../'
 import { GetTestAccountParams } from '../types/testing'
@@ -36,7 +43,7 @@ export async function getTestAccount(
   { suppressLog, initialFunds, accountGetter }: GetTestAccountParams,
   algodOrAlgorandClient: AlgodClient | AlgorandClient,
   kmd?: KmdClient,
-): Promise<Address & AddressWithTransactionSigner> {
+): Promise<Address & AddressWithSigners> {
   const algorand =
     algodOrAlgorandClient instanceof AlgorandClient
       ? algodOrAlgorandClient
@@ -65,10 +72,13 @@ export async function getTestAccount(
 
   algorand.setSignerFromAccount(account)
 
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  const address = Address.fromString(account.addr.toString()) as any
-  address.addr = account.addr
-  address.signer = algorand.account.getSigner(address)
+  const address = Address.fromString(account.addr.toString()) as Address & AddressWithSigners
+  for (const key of Object.keys(account as AddressWithSigners)) {
+    if (!(key in address)) {
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      ;(address as any)[key] = (account as any)[key]
+    }
+  }
 
   return address
 }