feat(backend): add ETH/SOL public-key-to-address encoders#13166
Draft
AntonioVentilii wants to merge 2 commits into
Draft
feat(backend): add ETH/SOL public-key-to-address encoders#13166AntonioVentilii wants to merge 2 commits into
AntonioVentilii wants to merge 2 commits into
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Prep for closing the OnRamper signing oracle (spec:
docs/ai/spec-driven-development/specs/2026-06-22-fix-onramper-signing-oracle.md, draft PR #13164). To sign only the caller's own wallet addresses, the backend must derive them from the caller principal — which needs a way to turn a threshold public key into an Ethereum and a Solana address. The backend already does this for Bitcoin (btc_principal_to_p2wpkh_address) but had no ETH/SOL equivalent.This is the first, additive PR in a 2-PR stack. It adds the pure pubkey→address encoders (no inter-canister calls), fully unit-tested in isolation. The follow-up PR wires the management-canister public-key reads and the endpoint rewrite, where integration tests prove end-to-end derivation parity against the signer.
Changes
tiny-keccak(Keccak-256 — Ethereum's hash, distinct from NIST SHA-3) andbs58as backend dependencies. Both were already in the lockfile;tiny-keccakis the crate used elsewhere in the dfinity Ethereum stack.src/backend/src/signer/service.rs:eth_address_from_ecdsa_pubkey— EIP-55-checksummed Ethereum address from a SEC1 secp256k1 public key (keccak256 of the 64-byte uncompressed key, last 20 bytes, checksummed).sol_address_from_ed25519_pubkey— Solana address (base58 of the 32-byte Ed25519 public key).keccak256andto_eip55_checksum.#[cfg_attr(not(test), expect(dead_code, ...))]until the stacked follow-up PR wires them intosign_onramper_widget_url.Tests
New unit tests in
signer::service::tests(all passing):1(0x7E5F4552091A69125d5DfCb7b8C2659029395Bdf), proving both keccak derivation and EIP-55 checksum; compressed/uncompressed pubkey inputs agree; invalid pubkey rejected.Local gates:
cargo fmt,./scripts/lint.rust.sh(wasm + native), targetedcargo testall pass.