add functions to sign the new TransactionMessage type (#2387)

* add a new ITransactionWithSignatures and IFullySignedTransaction type

* remove the OrderedMap class and use native objects

* rename new transaction/fully signed transaction types

* refactor to sign a NewTransaction and not a TransactionMessage

* refactor to always compute a new signature and replace if changed (or null)

* throw an error if partialSign is called with a keypair that is not expected to sign the transaction

* refactor new-signatures unit tests to use await expect

Author: mcintyre94

packages/errors/README.md

@@ -39,7 +39,7 @@ npx @solana/errors decode -- 123
 
 1. Add a new exported error code constant to `src/codes.ts`.
 2. Add that new constant to the `SolanaErrorCode` union in `src/codes.ts`.
-3. If you would like the new error to encapsulate context about the error itself (eg. the public keys for which a transaction is missing signatures) define the shape of that context in `src/details.ts`.
+3. If you would like the new error to encapsulate context about the error itself (eg. the public keys for which a transaction is missing signatures) define the shape of that context in `src/context.ts`.
 4. Add the error's message to `src/messages.ts`. Any context values that you defined above will be interpolated into the message wherever you write `$key`, where `key` is the index of a value in the context (eg. ``'Missing a signature for account `$address`'``).
 5. Publish a new version of `@solana/errors`.
 6. Bump the version of `@solana/errors` in the package from which the error is thrown.

packages/errors/src/codes.ts

@@ -199,6 +199,7 @@ export const SOLANA_ERROR__TRANSACTION__FEE_PAYER_SIGNATURE_MISSING = 5663012 as
 export const SOLANA_ERROR__TRANSACTION__INVALID_NONCE_TRANSACTION_INSTRUCTIONS_MISSING = 5663013 as const;
 export const SOLANA_ERROR__TRANSACTION__INVALID_NONCE_TRANSACTION_FIRST_INSTRUCTION_MUST_BE_ADVANCE_NONCE =
     5663014 as const;
+export const SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION = 5663015 as const;
 
 // Transaction errors.
 // Reserve error codes starting with [7050000-7050999] for the Rust enum `TransactionError`.
@@ -467,6 +468,7 @@ export type SolanaErrorCode =
     | typeof SOLANA_ERROR__SUBTLE_CRYPTO__VERIFY_FUNCTION_UNIMPLEMENTED
     | typeof SOLANA_ERROR__TIMESTAMP_OUT_OF_RANGE
     | typeof SOLANA_ERROR__TRANSACTION__ADDRESS_MISSING
+    | typeof SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION
     | typeof SOLANA_ERROR__TRANSACTION__EXPECTED_BLOCKHASH_LIFETIME
     | typeof SOLANA_ERROR__TRANSACTION__EXPECTED_NONCE_LIFETIME
     | typeof SOLANA_ERROR__TRANSACTION__FAILED_TO_DECOMPILE_ADDRESS_LOOKUP_TABLE_CONTENTS_MISSING

packages/errors/src/context.ts

@@ -131,6 +131,7 @@ import {
     SOLANA_ERROR__SIGNER__EXPECTED_TRANSACTION_SIGNER,
     SOLANA_ERROR__TIMESTAMP_OUT_OF_RANGE,
     SOLANA_ERROR__TRANSACTION__ADDRESS_MISSING,
+    SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION,
     SOLANA_ERROR__TRANSACTION__FAILED_TO_DECOMPILE_ADDRESS_LOOKUP_TABLE_CONTENTS_MISSING,
     SOLANA_ERROR__TRANSACTION__FAILED_TO_DECOMPILE_ADDRESS_LOOKUP_TABLE_INDEX_OUT_OF_RANGE,
     SOLANA_ERROR__TRANSACTION__FAILED_TO_DECOMPILE_INSTRUCTION_PROGRAM_ADDRESS_NOT_FOUND,
@@ -523,6 +524,10 @@ export type SolanaErrorContext = DefaultUnspecifiedErrorContextToUndefined<
             errorName: string;
             transactionErrorContext?: unknown;
         };
+        [SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION]: {
+            expectedAddresses: string[];
+            unexpectedAddresses: string[];
+        };
         [SOLANA_ERROR__TRANSACTION__ADDRESS_MISSING]: {
             index: number;
         };

packages/errors/src/messages.ts

@@ -160,6 +160,7 @@ import {
     SOLANA_ERROR__SUBTLE_CRYPTO__VERIFY_FUNCTION_UNIMPLEMENTED,
     SOLANA_ERROR__TIMESTAMP_OUT_OF_RANGE,
     SOLANA_ERROR__TRANSACTION__ADDRESS_MISSING,
+    SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION,
     SOLANA_ERROR__TRANSACTION__EXPECTED_BLOCKHASH_LIFETIME,
     SOLANA_ERROR__TRANSACTION__EXPECTED_NONCE_LIFETIME,
     SOLANA_ERROR__TRANSACTION__FAILED_TO_DECOMPILE_ADDRESS_LOOKUP_TABLE_CONTENTS_MISSING,
@@ -542,6 +543,8 @@ export const SolanaErrorMessages: Readonly<{
     [SOLANA_ERROR__TRANSACTION_ERROR__WOULD_EXCEED_MAX_BLOCK_COST_LIMIT]:
         'Transaction would exceed max Block Cost Limit',
     [SOLANA_ERROR__TRANSACTION_ERROR__WOULD_EXCEED_MAX_VOTE_COST_LIMIT]: 'Transaction would exceed max Vote Cost Limit',
+    [SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION]:
+        'Attempted to sign a transaction with an address that is not a signer for it',
     [SOLANA_ERROR__TRANSACTION__ADDRESS_MISSING]: 'Transaction is missing an address at index: $index.',
     [SOLANA_ERROR__TRANSACTION__EXPECTED_BLOCKHASH_LIFETIME]: 'Transaction does not have a blockhash lifetime',
     [SOLANA_ERROR__TRANSACTION__EXPECTED_NONCE_LIFETIME]: 'Transaction is not a durable nonce transaction',

packages/transactions/src/__tests__/new-signatures-test.ts

@@ -7,6 +7,7 @@ export * from './fee-payer';
 export * from './instructions';
 export * from './message';
 export * from './new-compile-transaction';
+export * from './new-signatures';
 export * from './serializers';
 export * from './signatures';
 export * from './types';

packages/transactions/src/index.ts

@@ -0,0 +1,120 @@
+import { Address, getAddressFromPublicKey } from '@solana/addresses';
+import { Decoder } from '@solana/codecs-core';
+import { getBase58Decoder } from '@solana/codecs-strings';
+import {
+    SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION,
+    SOLANA_ERROR__TRANSACTION__FEE_PAYER_SIGNATURE_MISSING,
+    SOLANA_ERROR__TRANSACTION__SIGNATURES_MISSING,
+    SolanaError,
+} from '@solana/errors';
+import { Signature, SignatureBytes, signBytes } from '@solana/keys';
+
+import { NewTransaction } from './new-compile-transaction';
+
+export interface FullySignedTransaction extends NewTransaction {
+    readonly __brand: unique symbol;
+}
+
+let base58Decoder: Decoder<string> | undefined;
+
+export function newGetSignatureFromTransaction(transaction: NewTransaction): Signature {
+    if (!base58Decoder) base58Decoder = getBase58Decoder();
+
+    // We have ordered signatures from the compiled message accounts
+    // first signature is the fee payer
+    const signatureBytes = Object.values(transaction.signatures)[0];
+    if (!signatureBytes) {
+        throw new SolanaError(SOLANA_ERROR__TRANSACTION__FEE_PAYER_SIGNATURE_MISSING);
+    }
+    const transactionSignature = base58Decoder.decode(signatureBytes);
+    return transactionSignature as Signature;
+}
+
+function uint8ArraysEqual(arr1: Uint8Array, arr2: Uint8Array) {
+    return arr1.length === arr2.length && arr1.every((value, index) => value === arr2[index]);
+}
+
+export async function newPartiallySignTransaction(
+    keyPairs: CryptoKeyPair[],
+    transaction: NewTransaction,
+): Promise<NewTransaction> {
+    let newSignatures: Record<Address, SignatureBytes> | undefined;
+    let unexpectedSigners: Set<Address> | undefined;
+
+    await Promise.all(
+        keyPairs.map(async keyPair => {
+            const address = await getAddressFromPublicKey(keyPair.publicKey);
+            const existingSignature = transaction.signatures[address];
+
+            // Check if the address is expected to sign the transaction
+            if (existingSignature === undefined) {
+                // address is not an expected signer for this transaction
+                unexpectedSigners ||= new Set();
+                unexpectedSigners.add(address);
+                return;
+            }
+
+            // Return if there are any unexpected signers already since we won't be using signatures
+            if (unexpectedSigners) {
+                return;
+            }
+
+            const newSignature = await signBytes(keyPair.privateKey, transaction.messageBytes);
+
+            if (existingSignature !== null && uint8ArraysEqual(newSignature, existingSignature)) {
+                // already have the same signature set
+                return;
+            }
+
+            newSignatures ||= {};
+            newSignatures[address] = newSignature;
+        }),
+    );
+
+    if (unexpectedSigners && unexpectedSigners.size > 0) {
+        const expectedSigners = Object.keys(transaction.signatures);
+        throw new SolanaError(SOLANA_ERROR__TRANSACTION__ADDRESSES_CANNOT_SIGN_TRANSACTION, {
+            expectedAddresses: expectedSigners,
+            unexpectedAddresses: [...unexpectedSigners],
+        });
+    }
+
+    if (!newSignatures) {
+        return transaction;
+    }
+
+    return Object.freeze({
+        ...transaction,
+        signatures: Object.freeze({
+            ...transaction.signatures,
+            ...newSignatures,
+        }),
+    });
+}
+
+export async function newSignTransaction(
+    keyPairs: CryptoKeyPair[],
+    transaction: NewTransaction,
+): Promise<FullySignedTransaction> {
+    const out = await newPartiallySignTransaction(keyPairs, transaction);
+    newAssertTransactionIsFullySigned(out);
+    Object.freeze(out);
+    return out;
+}
+
+export function newAssertTransactionIsFullySigned(
+    transaction: NewTransaction,
+): asserts transaction is FullySignedTransaction {
+    const missingSigs: Address[] = [];
+    Object.entries(transaction.signatures).forEach(([address, signatureBytes]) => {
+        if (!signatureBytes) {
+            missingSigs.push(address as Address);
+        }
+    });
+
+    if (missingSigs.length > 0) {
+        throw new SolanaError(SOLANA_ERROR__TRANSACTION__SIGNATURES_MISSING, {
+            addresses: missingSigs,
+        });
+    }
+}

packages/transactions/src/new-signatures.ts

@@ -46,10 +46,7 @@ export async function partiallySignTransaction<TTransaction extends CompilableTr
     const wireMessageBytes = getCompiledMessageEncoder().encode(compiledMessage);
     const publicKeySignaturePairs = await Promise.all(
         keyPairs.map(keyPair =>
-            Promise.all([
-                getAddressFromPublicKey(keyPair.publicKey),
-                signBytes(keyPair.privateKey, wireMessageBytes as Uint8Array),
-            ]),
+            Promise.all([getAddressFromPublicKey(keyPair.publicKey), signBytes(keyPair.privateKey, wireMessageBytes)]),
         ),
     );
     for (const [signerPublicKey, signature] of publicKeySignaturePairs) {