feat: implement ERC1271 signature validation for one-time safe->derived account link

kyrers · kyrers · commit 8124634cb912 · 2025-08-07T23:00:40.000+01:00
diff --git a/src/global/user-settings.js b/src/global/user-settings.js
@@ -2,6 +2,26 @@ const _web3 = require('../utils/web3')
 const dynamoDB = require('../utils/dynamo-db')
 const whitelist = require('../utils/whitelist')
 
+// Safe helpers
+const ERC1271_ABI = [
+  { type: 'function', name: 'isValidSignature', stateMutability: 'view',
+    inputs: [
+      { name: '_hash',      type: 'bytes32', internalType: 'bytes32' },
+      { name: '_signature', type: 'bytes',   internalType: 'bytes'   }
+    ],
+    outputs: [
+      { name: 'magicValue', type: 'bytes4',  internalType: 'bytes4'  }
+    ]
+  }
+]
+const MAGIC_VALUE = '0x1626ba7e'
+const DERIVED_ACCOUNT_KEY =
+  'To keep your data safe and to use certain features of Kleros, we ask that you sign these messages to create a secret key for your account. This key is unrelated from your main Ethereum account and will not be able to send any transactions.'
+
+const buildDigest = (web3, msg) =>
+  web3.utils.keccak256("\x19Ethereum Signed Message:\n" + msg.length + msg)
+//-----------------------------------------------------
+
 module.exports.get = async (event, _context, callback) => {
   // Initialize web3
   const web3 = await _web3()
@@ -56,21 +76,35 @@ module.exports.patch = async (event, _context, callback) => {
 
   // Validate signature
   const payload = JSON.parse(event.body).payload
+  const isSafeLink = !!payload.isSafeLink
+
   try {
-    const account = await web3.eth.accounts.recover(
-      JSON.stringify(payload.settings),
-      payload.signature
-    )
-    if (
-      account !== payload.address &&
-      account !==
-        (await dynamoDB.getItem({
-          Key: { address: { S: payload.address } },
-          TableName: 'user-settings',
-          ProjectionExpression: 'derivedAccountAddress'
-        })).Item.derivedAccountAddress.S
-    )
-      throw new Error('Signature does not match supplied address.')
+    if (isSafeLink) {
+      // One-time link call must be signed by the Safe itself
+      const valid = await new web3.eth.Contract(ERC1271_ABI, payload.address)
+        .methods.isValidSignature(
+          buildDigest(web3, DERIVED_ACCOUNT_KEY),
+          payload.signature
+        )
+        .call()
+      if (valid !== MAGIC_VALUE)
+        throw new Error('Initial link must be signed by Safe.')
+    } else {
+      const account = await web3.eth.accounts.recover(
+        JSON.stringify(payload.settings),
+        payload.signature
+      )
+      if (
+        account !== payload.address &&
+        account !==
+          (await dynamoDB.getItem({
+            Key: { address: { S: payload.address } },
+            TableName: 'user-settings',
+            ProjectionExpression: 'derivedAccountAddress'
+          })).Item.derivedAccountAddress.S
+      )
+        throw new Error('Signature does not match supplied address.')
+    }
   } catch (err) {
     console.error(err)
     return callback(null, {
@@ -104,4 +138,4 @@ module.exports.patch = async (event, _context, callback) => {
       }
     })
   })
-}
+}
