Merge branch 'polygon-prototype-staging' into 216-monitor-the-funding…

…-account-of-vortex

.prettierignore

@@ -9,14 +9,23 @@ docs/
 .lighthouseci/
 **/coins/*
 *.yml
+*.sol
 
 package-lock.json
 package.json
 yarn.lock
 favicon.png
-.prettierignore 
+.prettierignore
 
 CHANGELOG.md
 **/*.svg
 .prettierignore
-.gitignore
+.gitignore
+*.png
+*.svg
+*.webp
+*.jpg
+*.jpeg
+*.gif
+_redirects
+LICENSE

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Pendulum Chain / SatoshiPay
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,10 +1,11 @@
 # Vortex
 
-[![Netlify Status](https://api.netlify.com/api/v1/badges/aa69406a-f4a1-4693-aed0-8478f1d1fabd/deploy-status)](https://app.netlify.com/sites/pendulum-portal-alpha/deploys)
-  ![TypeScript](https://img.shields.io/badge/-TypeSript-05122A?style=flat&logo=typescript) 
+[![Netlify Status](https://api.netlify.com/api/v1/badges/27783b79-512d-4205-89c1-d3ead6e3ed46/deploy-status)](https://app.netlify.com/sites/pendulum-pay/deploys) 
+![TypeScript](https://img.shields.io/badge/-TypeSript-05122A?style=flat&logo=typescript) 
 ![Preact](https://img.shields.io/badge/-Preact-05122A?style=flat&logo=preact) 
 ![Vite](https://img.shields.io/badge/-Vite-05122A?style=flat&logo=vite) 
 ![Polkadot](https://img.shields.io/badge/-Polkadot-05122A?style=flat&logo=polkadot) 
+![Ethereum](https://img.shields.io/badge/-Ethereum-05122A?style=flat&logo=ethereum) 
 
 ---
 
@@ -37,10 +38,15 @@ matter what URL the browser requests.
 
 ## Env Variables
 
-- `VITE_SIGNING_SERVICE_URL`: Optional variable to point to a specific signing backend service URL. If undefined, it
+- `VITE_SIGNING_SERVICE_PATH`: Optional variable to point to a specific signing backend service URL. If undefined, it
   will default to either:
-  - http://localhost:3000 (if in development mode)
-  - https://prototype-signer-service-polygon.pendulumchain.tech (if in production mode)
+  - `http://localhost:3000` (if in development mode)
+  - `/api/production` (if in production mode)
+    - this will use the `_redirects` file to direct Netlify to proxy all requests to `/api/production` to
+      `https://prototype-signer-service-polygon.pendulumchain.tech`
+  - `/api/staging` (if in staging mode)
+    - this will use the `_redirects` file to direct Netlify to proxy all requests to `/api/staging` to
+      `https://prototype-signer-service-polygon-staging.pendulumchain.tech`
 - `VITE_ALCHEMY_API_KEY`: Optional variable to set the Alchemy API key for the custom RPC provider. If undefined, it
   will use dhe default endpoint.
 

mooncontracts/baseline.sol

@@ -8,6 +8,9 @@ contract ReceiveCrossChainXToken {
 
     address constant public axlUSDCAddress = 0xCa01a1D0993565291051daFF390892518ACfAD3A;
     IERC20 constant axlUSDC = IERC20(axlUSDCAddress);
+
+    address constant public squidRouterMultiCallContract = 0xaD6Cea45f98444a922a2b4fE96b8C90F0862D2F4;
+
     Xtokens constant xt = Xtokens(0x0000000000000000000000000000000000000804);
 
     event ReceiveBalance(uint256 balance);
@@ -38,7 +41,7 @@ contract ReceiveCrossChainXToken {
 
     function transferApprovedTokensToSelf(uint256 amount) internal {
         IERC20 token = IERC20(axlUSDCAddress);
-        bool success = token.transferFrom(0xEa749Fd6bA492dbc14c24FE8A3d08769229b896c, address(this), amount);
+        bool success = token.transferFrom(squidRouterMultiCallContract, address(this), amount);
         require(success, "Transfer failed");
     }
 }

mooncontracts/splitReceiver.sol

@@ -8,6 +8,9 @@ contract ReceiveCrossChainXToken {
 
     address constant public axlUSDCAddress = 0xCa01a1D0993565291051daFF390892518ACfAD3A;
     IERC20 constant axlUSDC = IERC20(axlUSDCAddress);
+
+    address constant public squidRouterMultiCallContract = 0xaD6Cea45f98444a922a2b4fE96b8C90F0862D2F4;
+
     Xtokens constant xt = Xtokens(0x0000000000000000000000000000000000000804);
 
     event ReceiveBalance(uint256 balance);
@@ -22,7 +25,7 @@ contract ReceiveCrossChainXToken {
     ) public {
         require(amount > 0, "Amount cannot be zero");
         require(xcmDataMapping[hash] == 0, "Hash already used");
-        
+
         xcmDataMapping[hash] = amount;
 
         transferApprovedTokensToSelf(amount);
@@ -52,7 +55,7 @@ contract ReceiveCrossChainXToken {
 
     function transferApprovedTokensToSelf(uint256 amount) internal {
         IERC20 token = IERC20(axlUSDCAddress);
-        bool success = token.transferFrom(0xEa749Fd6bA492dbc14c24FE8A3d08769229b896c, address(this), amount);
+        bool success = token.transferFrom(squidRouterMultiCallContract, address(this), amount);
         require(success, "Transfer failed");
     }
 }

package.json

@@ -5,8 +5,8 @@
   "type": "module",
   "packageManager": "yarn@4.5.0+sha512.837566d24eec14ec0f5f1411adb544e892b3454255e61fdef8fd05f3429480102806bac7446bc9daff3896b01ae4b62d00096c7e989f1596f2af10b927532f39",
   "scripts": {
-    "dev": "vite",
-    "build": "tsc && vite build && cp -R src/assets/coins dist/assets/coins && echo '/* /index.html 200' | cat > dist/_redirects",
+    "dev": "vite --host",
+    "build": "tsc && NODE_OPTIONS='--max_old_space_size=8192' vite build && cp -R src/assets/coins dist/assets/coins && cp _redirects dist/_redirects",
     "preview": "vite preview",
     "lint": "eslint . --ext .ts,.tsx",
     "lint:fix": "eslint . --ext .ts,.tsx --fix",
@@ -34,20 +34,22 @@
     "@polkadot/types": "^13.2.1",
     "@polkadot/util": "^13.1.1",
     "@polkadot/util-crypto": "^13.1.1",
-    "@rainbow-me/rainbowkit": "^2.1.7",
+    "@reown/appkit": "^1.3.1",
+    "@reown/appkit-adapter-wagmi": "^1.3.1",
     "@sentry/react": "^8.36.0",
     "@sentry/vite-plugin": "^2.22.6",
     "@slack/web-api": "^7.7.0",
-    "@talismn/connect-components": "^1.1.8",
+    "@talismn/connect-components": "^1.1.9",
     "@talismn/connect-wallets": "^1.2.5",
-    "@tanstack/react-query": "^5.45.1",
+    "@tanstack/react-query": "^5.61.0",
     "@walletconnect/modal": "^2.6.2",
     "@walletconnect/universal-provider": "^2.12.2",
     "autoprefixer": "^10.4.19",
     "big.js": "^6.2.1",
     "bn.js": "^5.2.1",
     "buffer": "^6.0.3",
     "daisyui": "^4.11.1",
+    "ethers": "^6.13.4",
     "framer-motion": "^11.2.14",
     "postcss": "^8.4.38",
     "preact": "^10.12.1",
@@ -56,7 +58,8 @@
     "react-dom": "npm:@preact/compat@18.3.1",
     "react-hook-form": "^7.51.5",
     "react-router-dom": "^6.8.1",
-    "react-toastify": "^10.0.5",
+    "react-toastify": "^10.0.6",
+    "siwe": "^2.3.2",
     "stellar-base": "^11.0.1",
     "stellar-sdk": "^11.3.0",
     "tailwind": "^4.0.0",

signer-service/package.json

@@ -26,9 +26,11 @@
     "big.js": "^6.2.1",
     "body-parser": "^1.17.0",
     "compression": "^1.6.2",
+    "cookie-parser": "^1.4.7",
     "cors": "^2.8.3",
     "cross-env": "^7.0.3",
     "dotenv": "^16.4.5",
+    "ethers": "^6.13.4",
     "express": "^5.0.1",
     "express-rate-limit": "^6.7.0",
     "express-validation": "^1.0.2",
@@ -40,6 +42,7 @@
     "method-override": "^3.0.0",
     "mongoose": "^5.2.17",
     "morgan": "^1.8.1",
+    "siwe": "^2.3.2",
     "stellar-sdk": "^11.3.0",
     "viem": "^2.21.3",
     "winston": "^3.1.0"

signer-service/src/api/controllers/quote.controller.js

@@ -6,7 +6,7 @@ const moonpayService = require('../services/moonpay.service');
 
 exports.SUPPORTED_PROVIDERS = ['alchemypay', 'moonpay', 'transak'];
 
-exports.SUPPORTED_CRYPTO_CURRENCIES = ['usdc', 'usdce', 'usdc.e'];
+exports.SUPPORTED_CRYPTO_CURRENCIES = ['usdc', 'usdce', 'usdc.e', 'usdt'];
 
 exports.SUPPORTED_FIAT_CURRENCIES = ['eur', 'ars'];
 

signer-service/src/api/controllers/siwe.controller.js

@@ -0,0 +1,44 @@
+const { createAndSendNonce, verifyAndStoreSiweMessage } = require('../services/siwe.service');
+const { DEFAULT_LOGIN_EXPIRATION_TIME_HOURS } = require('../../constants/constants');
+
+exports.sendSiweMessage = async (req, res) => {
+  const { walletAddress } = req.body;
+  try {
+    const { nonce } = await createAndSendNonce(walletAddress);
+    return res.json({
+      nonce,
+    });
+  } catch (e) {
+    console.error(e);
+    return res.status(500).json({ error: 'Error while generating nonce' });
+  }
+};
+
+exports.validateSiweSignature = async (req, res) => {
+  const { nonce, signature, siweMessage } = req.body;
+  try {
+    await verifyAndStoreSiweMessage(nonce, signature, siweMessage);
+
+    const token = {
+      nonce,
+      signature,
+    };
+
+    res.cookie('authToken', token, {
+      httpOnly: true,
+      secure: true,
+      sameSite: 'Strict',
+      maxAge: DEFAULT_LOGIN_EXPIRATION_TIME_HOURS * 60 * 60 * 1000,
+    });
+
+    return res.status(200).json({ message: 'Signature is valid' });
+  } catch (e) {
+    console.error(e);
+
+    if (e.name === 'SiweValidationError') {
+      return res.status(401).json({ error: `Siwe validation error: ${e.message}` });
+    }
+
+    return res.status(500).json({ error: `Could not validate signature: ${e.message}` });
+  }
+};

signer-service/src/api/controllers/stellar.controller.js

@@ -1,7 +1,7 @@
 require('dotenv').config();
 
 const { Keypair } = require('stellar-sdk');
-const { FUNDING_SECRET } = require('../../constants/constants');
+const { FUNDING_SECRET, SEP10_MASTER_SECRET } = require('../../constants/constants');
 
 const { buildCreationStellarTx, buildPaymentAndMergeTx, sendStatusWithPk } = require('../services/stellar.service');
 const { signSep10Challenge } = require('../services/sep10.service');
@@ -27,6 +27,7 @@ exports.createStellarTransaction = async (req, res, next) => {
       req.body.accountId,
       req.body.maxTime,
       req.body.assetCode,
+      req.body.baseFee,
     );
     return res.json({ signature, sequence, public: FUNDING_PUBLIC_KEY });
   } catch (error) {
@@ -44,6 +45,7 @@ exports.changeOpTransaction = async (req, res, next) => {
       req.body.paymentData,
       req.body.maxTime,
       req.body.assetCode,
+      req.body.baseFee,
     );
     return res.json({ signature, public: FUNDING_PUBLIC_KEY });
   } catch (error) {
@@ -54,12 +56,45 @@ exports.changeOpTransaction = async (req, res, next) => {
 
 exports.signSep10Challenge = async (req, res, next) => {
   try {
-    let { clientSignature, clientPublic } = await signSep10Challenge(
+    let maybeChallengeSignature;
+    let maybeNonce;
+    if (req.cookies?.authToken) {
+      maybeChallengeSignature = req.cookies.authToken.signature;
+      maybeNonce = req.cookies.authToken.nonce;
+    }
+
+    if (Boolean(req.body.memo) && (!maybeChallengeSignature || !maybeNonce)) {
+      return res.status(401).json({
+        error: 'Missing signature or nonce',
+      });
+    }
+
+    let { masterClientSignature, masterClientPublic, clientSignature, clientPublic } = await signSep10Challenge(
       req.body.challengeXDR,
       req.body.outToken,
       req.body.clientPublicKey,
+      maybeChallengeSignature,
+      maybeNonce,
     );
-    return res.json({ clientSignature, clientPublic });
+    return res.json({ masterClientSignature, masterClientPublic, clientSignature, clientPublic });
+  } catch (error) {
+    if (error.message.includes('Could not verify signature')) {
+      // Distinguish between failed signature check and other errors.
+      return res.status(401).json({
+        error: 'Signature validation failed.',
+        details: error.message,
+      });
+    }
+
+    console.error('Error in signSep10Challenge:', error);
+    return res.status(500).json({ error: 'Failed to sign challenge', details: error.message });
+  }
+};
+
+exports.getSep10MasterPK = async (req, res, next) => {
+  try {
+    const masterSep10Public = Keypair.fromSecret(SEP10_MASTER_SECRET).publicKey();
+    return res.json({ masterSep10Public });
   } catch (error) {
     console.error('Error in signSep10Challenge:', error);
     return res.status(500).json({ error: 'Failed to sign challenge', details: error.message });

signer-service/src/api/controllers/subsidize.controller.js

@@ -6,14 +6,12 @@ const { PENDULUM_WSS, PENDULUM_FUNDING_SEED } = require('../../constants/constan
 
 const { TOKEN_CONFIG, getPaddedAssetCode } = require('../../constants/tokenConfig');
 
-const TOKEN_TO_SWAP = 'usdc.axl';
-
 exports.subsidizePreSwap = async (req, res) => {
   try {
-    const { pendulumCurrencyId, maximumSubsidyAmountRaw } = TOKEN_CONFIG[TOKEN_TO_SWAP];
+    const { address, amountRaw, tokenToSubsidize } = req.body;
+    console.log('Subsidize pre swap', address, amountRaw, tokenToSubsidize);
 
-    const { address, amountRaw } = req.body;
-    console.log('Subsidize pre swap', address, amountRaw);
+    const { pendulumCurrencyId, maximumSubsidyAmountRaw } = TOKEN_CONFIG[tokenToSubsidize.toLowerCase()];
 
     if (Big(amountRaw).gt(Big(maximumSubsidyAmountRaw))) {
       throw new Error('Amount exceeds maximum subsidy amount');
@@ -25,7 +23,6 @@ exports.subsidizePreSwap = async (req, res) => {
     const wsProvider = new WsProvider(PENDULUM_WSS);
     const api = await ApiPromise.create({ provider: wsProvider });
     await api.isReady;
-
     await api.tx.tokens.transfer(address, pendulumCurrencyId, amountRaw).signAndSend(fundingAccountKeypair);
 
     return res.status(200).json({ message: 'Subsidy transferred successfully' });