feat: challenge-response cryptographic handshake auth hook (#4)#89
Merged
elizabetheonoja-art merged 1 commit intoJun 26, 2026
Merged
Conversation
…rotocol#4) Replaces the insecure auth hook (plaintext secret in localStorage, no signature verification, no expiry) with a proper challenge-response handshake. - utils/web3Auth.ts: generateChallenge (random challenge + nonce), handshake message, signMessage, verifyHandshake (against the public key), performHandshake (sign → verify → session token, throws if verification fails), isSessionValid, and token-only persistence (saveSession strips any secret; loadSession purges expired/corrupt tokens; clearSession also removes the legacy secret key) - hooks/useWeb3Auth.ts: keypair (secret) lives ONLY in a useRef and is never serialized; connect runs the verified handshake and stores only {address, network, signature, expiresAt}; a timer expires the session at CHALLENGE_DURATION_MS (30 min); signChallenge requires a live keypair and surfaces needsReChallenge after a reload; disconnect wipes context + storage. Preserves the existing account/isConnected/connect/disconnect surface - tests: real ed25519 handshake/verify/persistence (node env, since jsdom's Uint8Array realm breaks Keypair.random) + hook orchestration (jsdom, util mocked); guards tests/setup.ts window access for node-env suites
elizabetheonoja-art
approved these changes
Jun 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Challenge-Response Cryptographic Handshake Hook Lifecycle (#4)
Closes #4
Changes
src/utils/web3Auth.ts(new)generateChallenge(random challenge + nonce),handshakeMessage,signMessage,verifyHandshake(against the public key),performHandshake(sign → verify → session token; throws on verification failure),isSessionValid, and token-only persistence:saveSessionstrips any secret,loadSessionpurges expired/corrupt tokens,clearSessionalso removes the legacy secret key.src/hooks/useWeb3Auth.ts(rewritten)useRefand is never serialized.connectruns the verified handshake and persists only{address, network, signature, expiresAt}. A timer force-expires the session atCHALLENGE_DURATION_MS(30 min).signChallengerequires a live keypair and the hook exposesneedsReChallengeafter a reload (token restored, but signing needs a fresh handshake).disconnectwipes context + storage. The existingaccount/isConnected/connect/disconnectsurface is preserved.tests/unit/web3Auth.test.tstests/hooks/useWeb3Auth.test.tstests/setup.tswindowaccess so node-env suites can run.