[Polkadot] Ss58 decoding\encoding support

Resolves brave/brave-browser#44748

Author: cypt4

components/brave_wallet/common/encoding_utils.cc

@@ -6,18 +6,23 @@
 #include "brave/components/brave_wallet/common/encoding_utils.h"
 
 #include "base/containers/span.h"
+#include "base/containers/span_writer.h"
 #include "base/containers/to_vector.h"
 #include "brave/components/brave_wallet/common/hash_utils.h"
 #include "brave/third_party/bitcoin-core/src/src/base58.h"
 
 namespace brave_wallet {
 
 namespace {
-constexpr char kSs58HashPersonalizer[] = "SS58PRE";
-}
+constexpr char kSs58HashPrefix[] = "SS58PRE";
+constexpr size_t kSs58HashPrefixSize = 7u;
+constexpr size_t kSs58HashChecksumSize = 2u;
+}  // namespace
 
 Ss58Address::Ss58Address() = default;
 Ss58Address::~Ss58Address() = default;
+Ss58Address::Ss58Address(Ss58Address&& addr) = default;
+Ss58Address& Ss58Address::operator=(Ss58Address&& addr) = default;
 
 std::string Base58EncodeWithCheck(const std::vector<uint8_t>& bytes) {
   auto with_checksum = bytes;
@@ -51,185 +56,95 @@ std::string Base58Encode(base::span<const uint8_t> bytes) {
   return EncodeBase58(bytes);
 }
 
-// let prefix = address.prefix
-//              assert(Number.isInteger(prefix) && prefix >= 0 && prefix < 16384, 'invalid prefix')
-//              let len = address.bytes.length
-//                        let hashLen: number
-//                                      switch(len) {
-//                                        case 1:
-//                                            case 2:
-//                                                case 4:
-//                                                    case 8:
-//                                                        hashLen = 1
-//                                        break
-//                                        case 32:
-//                                            case 33:
-//                                                hashLen = 2
-//                                        break
-//                                        default:
-//                                            assert(false, 'invalid address length')
-//                                      }
-//                                      let buf
-//                                      let offset
-//                                      if (prefix < 64) {
-//   buf = Buffer.allocUnsafe(1 + hashLen + len)
-//         buf[0] = prefix
-//       offset = 1
-// } else {
-//     buf = Buffer.allocUnsafe(2 + hashLen + len)
-//           buf[0] = ((prefix & 0b1111_1100) >> 2) | 0b01000000
-//                    buf[1] = (prefix >> 8) | ((prefix & 0b11) << 6)
-//                             offset = 2
-// }
-// buf.set(address.bytes, offset)
-//     computeHash(buf, hashLen)
-//     for (let i = 0; i < hashLen; i++) {
-//   buf[offset + len + i] = HASH_BUF[i]
-// }
-// return base58.encode(buf)
-
+// Reference implementation
+// https://github.com/gear-tech/gear/blob/7d481fed39e7b0633ca9afeed8ce1b3cbb636f3e/utils/ss58/src/lib.rs#L295
 std::optional<std::string> Ss58Encode(const Ss58Address& addr) {
   uint16_t prefix = addr.prefix;
-  if (prefix > 16384) {
-    return std::nullopt;
-  }
-  size_t hash_len = 0;
-  size_t len = addr.public_key.size();
-  if (len <= 8) {
-    hash_len = 1;
-  } else if (len <= 33) {
-    hash_len = 2;
-  } else {
+  if (prefix > 16383) {
     return std::nullopt;
   }
 
-  size_t offset = 0;
   std::vector<uint8_t> buff;
-  if (prefix < 64) {
-    buff.reserve(1 + hash_len + len);
-    buff.push_back(prefix);
-    offset = 1;
+  size_t offset = prefix < 64 ? 1 : 2;
+  buff.resize(offset + kSs58PublicKeySize + kSs58HashChecksumSize);
+  auto output_span_writer = base::SpanWriter(base::span(buff));
+
+  if (offset == 1) {
+    output_span_writer.WriteU8BigEndian(prefix);
   } else {
-    buff.reserve(2 + hash_len + len);
-    buff.push_back(((prefix & 0b11111100) >> 2) | 0b01000000);
-    buff.push_back((prefix >> 8) | ((prefix & 0b11) << 6));
-    offset = 2;
+    output_span_writer.WriteU8BigEndian(((prefix & 0b11111100) >> 2) | 0b01000000);
+    output_span_writer.WriteU8BigEndian((prefix >> 8) | ((prefix & 0b11) << 6));
   }
 
-  std::ranges::insert(buff, addr.public_key);
-  std::array<uint8_t, 64> hash;
-  Blake2bHash(
-      buff,
-      hash,
-      base::byte_span_from_cstring(kSs58HashPersonalizer));
+  output_span_writer.Write(base::span(addr.public_key));
+  DCHECK_EQ(output_span_writer.remaining(), kSs58HashChecksumSize);
+  DCHECK_EQ(buff.size(), offset + kSs58PublicKeySize + kSs58HashChecksumSize);
 
-  // if (!hash) {
-  //   return std::nullopt;
-  // }
+  std::vector<uint8_t> hash_input(kSs58HashPrefixSize + buff.size() - kSs58HashChecksumSize);
+  auto hash_input_writer = base::SpanWriter(base::span(hash_input));
+  hash_input_writer.Write(base::byte_span_from_cstring(kSs58HashPrefix));
+  hash_input_writer.Write(base::span(buff).subspan(0u, buff.size() - kSs58HashChecksumSize));
+  DCHECK_EQ(hash_input_writer.remaining(), 0u);
+  auto hash = Blake2bHash<64>(base::span(hash_input));
 
-  for (size_t i = 0; i < hash_len; i++) {
-    buff.push_back(hash[i]);
-  }
+  output_span_writer.Write(base::span(hash).subspan(0u, kSs58HashChecksumSize));
 
   return Base58Encode(buff);
 }
 
 
-// export function decode(s: string): Address {
-//   let buf = base58.decodeUnsafe(s)
-//             if (buf == null || buf.length < 3) throw invalidAddress(s)
-//             let b0 = buf[0]
-//       let offset
-//           let prefix
-//       if (b0 < 64) {
-//     prefix = b0
-//         offset = 1
-//   } else if (b0 < 128) {
-//     let b1 = buf[1]
-//         let lower = ((b0 << 2) | (b1 >> 6)) & 0b11111111
-//         let upper = b1 & 0b00111111
-//         prefix = lower | (upper << 8)
-//                  offset = 2
-//   } else {
-//       throw invalidAddress(s)
-//   }
-//   let hashLen: number
-//                 switch(buf.length - offset) {
-//                   case 34:
-//                       case 35:
-//                           hashLen = 2
-//                   break
-//                   case 9:
-//                       case 5:
-//                           case 3:
-//                               case 2:
-//                                   hashLen = 1
-//                   break
-//                   default:
-//                       throw invalidAddress(s)
-//                 }
-//                 computeHash(buf, hashLen)
-//                 for (let i = 0; i < hashLen; i++) {
-//     if (HASH_BUF[i] != buf[buf.length - hashLen + i]) {
-//       throw invalidAddress(s)
-//     }
-//   }
-//   return {
-//     prefix,
-//         bytes: buf.subarray(offset, buf.length - hashLen)
-//   }
-// }
+// Reference implementation
+// https://github.com/gear-tech/gear/blob/7d481fed39e7b0633ca9afeed8ce1b3cbb636f3e/utils/ss58/src/lib.rs#L243
 std::optional<Ss58Address> Ss58Decode(const std::string& str) {
-  auto result = Base58Decode(str, &result, 0, false);
-  if (!result || result->length < 3) {
+  auto result = Base58Decode(str, 36, false);
+  if (!result || result->size() < kSs58HashChecksumSize + kSs58PublicKeySize + 1) {
     return std::nullopt;
   }
   uint8_t offset = 0;
-  uint8_t address_type = result[0];
+  uint8_t address_type = (*result)[0];
   uint16_t prefix = 0;
   if (address_type < 64) {
     offset = 1;
     prefix = address_type;
   } else if (address_type < 128) {
     offset = 2;
-    uint8_t address_type_1 = result[1];
+    uint8_t address_type_1 = (*result)[1];
     uint8_t lower = ((address_type << 2) | (address_type_1 >> 6)) & 0b11111111;
     uint8_t upper = address_type_1 & 0b00111111;
     prefix = lower | (upper << 8);
   } else {
     return std::nullopt;
   }
 
-  size_t hash_len = 0;
-  switch (result->size() - offset) {
-    case 34:
-    case 35:
-      hash_len = 2;
-      break;
-    case 9:
-    case 5:
-    case 3:
-    case 2:
-      hash_len = 1;
-      break;
-    default:
-      return std::nullopt;
+  if (result->size() != offset + kSs58HashChecksumSize + kSs58PublicKeySize) {
+    return std::nullopt;
   }
 
-  auto hash = Blake2bHash<64>(
-      base::span(*result).subspan(result->length() - hash_len),
-      base::byte_span_from_cstring(kSs58HashPersonalizer));
-
-  for (size_t i = 0; i < hash_len; i++) {
-    if (hash[i] != *result[result->length() - hash_len + i]) {
+  // Prepare input to calculate checksum
+  std::vector<uint8_t> hash_input(kSs58HashPrefixSize + result->size() -
+                                  kSs58HashChecksumSize);
+  auto hash_input_writer = base::SpanWriter(base::span(hash_input));
+  hash_input_writer.Write(base::byte_span_from_cstring(kSs58HashPrefix));
+  hash_input_writer.Write(
+      base::span(*result).subspan(0u, result->size() - kSs58HashChecksumSize));
+  DCHECK_EQ(hash_input_writer.remaining(), 0u);
+  auto hash = Blake2bHash<64>(base::span(hash_input));
+
+  // Verify checksum
+  for (size_t i = 0; i < kSs58HashChecksumSize; i++) {
+    if (hash[i] != (*result)[result->size() - kSs58HashChecksumSize + i]) {
       return std::nullopt;
     }
   }
 
-  return Ss58Address{
-    prefix,
-    base::ToVector(base::span(*result)).subspan(offset, result->size() - hash_len)
-  };
+  // Prepare output
+  Ss58Address result_addr;
+  result_addr.prefix = prefix;
+  auto public_key_span_writer = base::SpanWriter(base::span(result_addr.public_key));
+  public_key_span_writer.Write(base::span(*result).subspan(
+      offset, result->size() - kSs58HashChecksumSize - offset));
+  DCHECK_EQ(public_key_span_writer.remaining(), 0u);
+  return std::move(result_addr);
 }
 
 }  // namespace brave_wallet

components/brave_wallet/common/encoding_utils.h

@@ -13,11 +13,18 @@
 
 namespace brave_wallet {
 
+constexpr size_t kSs58PublicKeySize = 32;
+
 struct Ss58Address {
   Ss58Address();
   ~Ss58Address();
+  Ss58Address(Ss58Address& addr) = delete;
+  Ss58Address& operator=(const Ss58Address& addr) = delete;
+  Ss58Address(Ss58Address&& addr);
+  Ss58Address& operator=(Ss58Address&& addr);
   uint16_t prefix;
-  std::vector<uint8_t> public_key;
+  // ed25519 or sr25519 public key.
+  std::array<uint8_t, kSs58PublicKeySize> public_key;
 };
 
 // A bridge function to call DecodeBase58 in bitcoin-core.