fix(proof): fix issue where proof was not handled correctly

.devcontainer/devcontainer.json

@@ -1,18 +1,16 @@
 {
-    "name": "seda-sdk",
-    "build": {
-        "dockerfile": "Dockerfile",
-        "args": {
-            "VARIANT": "1.1.26"
-        }
-    },
-    "customizations": {
-        "vscode": {
-            "settings": {},
-            "extensions": [
-                "EditorConfig.EditorConfig"
-            ]
-        }
-    },
-    "postCreateCommand": "bun install"
-}
+	"name": "seda-sdk",
+	"build": {
+		"dockerfile": "Dockerfile",
+		"args": {
+			"VARIANT": "1.1.26"
+		}
+	},
+	"customizations": {
+		"vscode": {
+			"settings": {},
+			"extensions": ["EditorConfig.EditorConfig"]
+		}
+	},
+	"postCreateCommand": "bun install"
+}

workspace/data-proxy-sdk/src/data-proxy.ts

@@ -1,8 +1,8 @@
 import { CosmWasmClient } from "@cosmjs/cosmwasm-stargate";
 import { keccak256 } from "@cosmjs/crypto";
 import { ecdsaSign, publicKeyCreate } from "secp256k1";
-import { Maybe, Result, ResultNS, type Unit } from "true-myth";
-import { tryAsync, trySync } from "../../data-proxy/src/utils/try";
+import { Maybe, Result } from "true-myth";
+import { tryAsync } from "../../data-proxy/src/utils/try";
 import {
 	type DataProxyOptions,
 	type Environment,
@@ -95,8 +95,7 @@ export class DataProxy {
 	 * proof is given by the executor through the header x-proof
 	 * @param payload
 	 */
-	async verify(proof: string): Promise<Result<Unit, string>> {
-		// TODO: Get Data Request by Id
+	async verify(proof: string): Promise<Result<boolean, string>> {
 		// Verify if eligible (right now is this one staked or not)
 		const client = await this.getCosmWasmClient();
 		if (client.isErr) {
@@ -113,7 +112,7 @@ export class DataProxy {
 		const result = await tryAsync(async () =>
 			client.value.queryContractSmart(coreContractAddress.value, {
 				is_executor_eligible: {
-					proof,
+					data: proof,
 				},
 			}),
 		);
@@ -126,14 +125,31 @@ export class DataProxy {
 	 *
 	 * @param data
 	 */
-	signData(data: string): SignedData {
-		const signResult = this.sign(Buffer.from(data));
+	async signData(
+		requestUrl: string,
+		requestMethod: string,
+		requestBody: Buffer,
+		responseBody: string,
+	): Promise<Result<SignedData, string>> {
+		const requestUrlHash = keccak256(Buffer.from(requestUrl));
+		const requestMethodHash = keccak256(Buffer.from(requestMethod));
+		const requestBodyHash = keccak256(requestBody);
+		const responseBodyHash = keccak256(Buffer.from(responseBody));
+
+		const signResult = this.sign(
+			Buffer.concat([
+				requestUrlHash,
+				requestMethodHash,
+				requestBodyHash,
+				responseBodyHash,
+			]),
+		);
 
-		return {
+		return Result.ok({
 			publicKey: this.publicKey.toString("hex"),
 			signature: Buffer.from(signResult.signature).toString("hex"),
 			recId: signResult.recid,
-		};
+		});
 	}
 
 	sign(data: Buffer) {

workspace/data-proxy/src/cli/run.ts

@@ -84,6 +84,12 @@ export const runCommand = new Command("run")
 			coreContract: options.coreContractAddress,
 		});
 
+		if (options.disableProof) {
+			logger.warn(
+				"Data Proxy will run without checking proofs, this is for development and testing only. Do not use in production",
+			);
+		}
+
 		startProxyServer(config.value, dataProxy, {
 			port: Number(options.port ?? SERVER_PORT),
 			disableProof: options.disableProof,

workspace/data-proxy/src/cli/utils/private-key.ts

@@ -48,15 +48,13 @@ export async function loadPrivateKey(
 	);
 
 	if (parsedPrivateKeyFile.isErr) {
-		let resultError = '';
+		let resultError = "";
 
 		for (const error of parsedPrivateKeyFile.error) {
 			resultError += `${error.message} on config property "${error.path?.[0].key}" \n`;
 		}
 
-		return Result.err(
-			`Failed to parse private key file: \n ${resultError}`,
-		);
+		return Result.err(`Failed to parse private key file: \n ${resultError}`);
 	}
 
 	return Result.ok(Buffer.from(parsedPrivateKeyFile.value.privkey, "hex"));

workspace/data-proxy/src/proxy-server.test.ts

@@ -111,8 +111,8 @@ describe("proxy server", () => {
 		);
 
 		const response = await fetch(proxyUrl);
-
 		const result = await response.json();
+
 		expect(result).toEqual({
 			receivedParams: {},
 		});

workspace/data-proxy/src/proxy-server.ts

@@ -48,7 +48,10 @@ export function startProxyServer(
 				app.route(
 					routeMethod,
 					route.path,
-					async ({ headers, params, body, query }) => {
+					async ({ headers, params, body, query, path, request }) => {
+						// requestBody is now always a string because of the parse function in this route
+						const requestBody = Maybe.of(body as string | undefined);
+
 						// Verification with the SEDA chain that the overlay node is eligible
 						if (!serverOptions.disableProof) {
 							const proofHeader = Maybe.of(headers[PROOF_HEADER_KEY]);
@@ -60,11 +63,11 @@ export function startProxyServer(
 								);
 							}
 
-							const verification = await dataProxy.verify(proofHeader.value);
+							const isValid = await dataProxy.verify(proofHeader.value);
 
-							if (verification.isErr) {
+							if (isValid.isErr || !isValid.value) {
 								return createErrorResponse(
-									`Invalid proof: ${verification.error}`,
+									`Invalid proof ${isValid.isErr ? isValid.error : ""}`,
 									401,
 								);
 							}
@@ -160,7 +163,17 @@ export function startProxyServer(
 							responseData = JSON.stringify(data.value);
 						}
 
-						const signature = dataProxy.signData(responseData);
+						const signature = await dataProxy.signData(
+							request.url,
+							request.method,
+							Buffer.from(requestBody.isJust ? requestBody.value : "", "utf-8"),
+							responseData,
+						);
+
+						if (signature.isErr) {
+							return createErrorResponse(signature.error, 500);
+						}
+
 						const responseHeaders = new Headers();
 
 						// Forward all headers that are configured in the config.json
@@ -174,7 +187,10 @@ export function startProxyServer(
 						}
 
 						return new Response(responseData, {
-							headers: createSignedResponseHeaders(signature, responseHeaders),
+							headers: createSignedResponseHeaders(
+								signature.value,
+								responseHeaders,
+							),
 						});
 					},
 					{