commit 35196247fa1e894304fba8640c20f3a0aa9ca714 · edouard.paris/did-method-plc

+46 -12
packages/lib/tests/recovery.test.ts
···

       1
       1
       -
       import { check, cidForCbor, DAY, HOUR } from '@atproto/common'

     

       1
       1
       +
       import { cidForCbor, DAY, HOUR } from '@atproto/common'

     

       2
       2
        
       import { EcdsaKeypair, Keypair, Secp256k1Keypair } from '@atproto/crypto'

     

       3
       3
       -
       import { create } from 'domain'

     

       4
       3
        
       import { CID } from 'multiformats/cid'

     

       5
       5
       -
       import {

     

       6
       6
       -
         GenesisHashError,

     

       7
       7
       -
         ImproperOperationError,

     

       8
       8
       -
         InvalidSignatureError,

     

       9
       9
       -
         MisorderedOperationError,

     

       10
       10
       -
       } from '../src'

     

       4
       4
       +
       import { InvalidSignatureError, LateRecoveryError } from '../src'

     

       11
       5
        
       import * as data from '../src/data'

     

       12
       6
        
       import * as operations from '../src/operations'

     

       13
       7
        
       import * as t from '../src/types'

     
···

       18
       12
        
         let rotationKey2: EcdsaKeypair

     

       19
       13
        
         let rotationKey3: EcdsaKeypair

     

       20
       14
        
         let did: string

     

       21
       21
       -
         let handle = 'alice.example.com'

     

       22
       22
       -
         let atpPds = 'https://example.com'

     

       15
       15
       +
         const handle = 'alice.example.com'

     

       16
       16
       +
         const atpPds = 'https://example.com'

     

       23
       17
        
       

     

       24
       18
        
         let log: t.IndexedOperation[] = []

     

       25
       19
        
       

     

       26
       20
        
         let createCid: CID

     

       27
       27
       -
         const key3AttackCids: CID[] = []

     

       28
       28
       -
         const key2AttackCid: CID[] = []

     

       29
       21
        
       

     

       30
       22
        
         beforeAll(async () => {

     

       31
       23
        
           signingKey = await Secp256k1Keypair.create()

     
···

       119
       111
        
           await expect(data.assureValidNextOp(did, log, rotate.op)).rejects.toThrow(

     

       120
       112
        
             InvalidSignatureError,

     

       121
       113
        
           )

     

       114
       114
       +
         })

     

       115
       115
       +
       

     

       116
       116
       +
         it('allows a rotation key with even higher authority to rewrite history', async () => {

     

       117
       117
       +
           const rotate = await signOpForKeys([rotationKey1], createCid, rotationKey1)

     

       118
       118
       +
       

     

       119
       119
       +
           const res = await data.assureValidNextOp(did, log, rotate.op)

     

       120
       120
       +
           expect(res.nullified.length).toBe(1)

     

       121
       121
       +
           expect(res.nullified[0].equals(log[1].cid))

     

       122
       122
       +
           expect(res.prev?.equals(createCid))

     

       123
       123
       +
       

     

       124
       124
       +
           log = [log[0], rotate.indexed]

     

       125
       125
       +
         })

     

       126
       126
       +
       

     

       127
       127
       +
         it('does not allow the either invalidated key to take control back', async () => {

     

       128
       128
       +
           const rotate1 = await signOpForKeys([rotationKey3], createCid, rotationKey3)

     

       129
       129
       +
           await expect(data.assureValidNextOp(did, log, rotate1.op)).rejects.toThrow(

     

       130
       130
       +
             InvalidSignatureError,

     

       131
       131
       +
           )

     

       132
       132
       +
       

     

       133
       133
       +
           const rotate2 = await signOpForKeys([rotationKey2], createCid, rotationKey2)

     

       134
       134
       +
           await expect(data.assureValidNextOp(did, log, rotate2.op)).rejects.toThrow(

     

       135
       135
       +
             InvalidSignatureError,

     

       136
       136
       +
           )

     

       137
       137
       +
         })

     

       138
       138
       +
       

     

       139
       139
       +
         it('does not allow recovery outside of 72 hrs', async () => {

     

       140
       140
       +
           const rotate = await signOpForKeys([rotationKey3], createCid, rotationKey3)

     

       141
       141
       +
           const timeOutOps = [

     

       142
       142
       +
             log[0],

     

       143
       143
       +
             {

     

       144
       144
       +
               ...rotate.indexed,

     

       145
       145
       +
               createdAt: new Date(Date.now() - 4 * DAY),

     

       146
       146
       +
             },

     

       147
       147
       +
           ]

     

       148
       148
       +
           const rotateBack = await signOpForKeys(

     

       149
       149
       +
             [rotationKey2],

     

       150
       150
       +
             createCid,

     

       151
       151
       +
             rotationKey2,

     

       152
       152
       +
           )

     

       153
       153
       +
           await expect(

     

       154
       154
       +
             data.assureValidNextOp(did, timeOutOps, rotateBack.op),

     

       155
       155
       +
           ).rejects.toThrow(LateRecoveryError)

     

       122
       156
        
         })

     

       123
       157
        
       })