refactor!: migrate HdKeyring to typescript

[mikesposito]

The @metamask/eth-hd-keyring is being migrated to Typescript.

The changes applied can be seen as diff in this commit: bc89c46

This package migration can be tested on this extension PR: MetaMask/metamask-extension#29961

---

There is no consumer-facing change, besides this one:

• BREAKING: Added types to HdKeyring
  • All methods on HdKeyring retain their existing signatures, but now have types.

---

Fixes: #92

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@metamask/[email protected] 🔁 npm/@metamask/[email protected]	None	+39	6.05 MB	gudahtt

View full report↗︎

[mikesposito]

In the original implementation privKey was passed to getEncryptionPublicKey directly:

const publicKey = getEncryptionPublicKey(privKey);

Though, the addition of types evidenced that getEncryptionPublicKey only accept hex strings, hence the conversion with bytesToHex

[mikesposito]

This internal method is overloaded because the objects returned can vary significantly based on whether an app key origin is specified (i.e. a Buffer keypair is returned instead of an entire HDKey instance).

The actual signature of the implementation is left unchanged.

[mikesposito]

This package used for testing backward compatibility was overwriting the current version of @metamask/eth-hd-keyring, causing TS to apply the same types of the new package. With this line we can import the package with a different name.

The version 4.0.1 was pinned, but yarn lint was failing and I guess that ^4.0.1 serves the same purpose

[mikesposito]

There should be no functional change in these test cases, besides the ones to make TS happy

[mikesposito]

@metamaskbot publish-preview

[github-actions]

Preview builds have been published. See these instructions (from the core monorepo) for more information about preview builds.

Expand for full list of packages and versions.

{
  "@metamask-previews/keyring-api": "15.0.0-15c90e6",
  "@metamask-previews/eth-hd-keyring": "9.0.1-15c90e6",
  "@metamask-previews/eth-ledger-bridge-keyring": "8.0.3-15c90e6",
  "@metamask-previews/eth-simple-keyring": "8.0.1-15c90e6",
  "@metamask-previews/eth-trezor-keyring": "6.0.1-15c90e6",
  "@metamask-previews/keyring-internal-api": "3.0.0-15c90e6",
  "@metamask-previews/keyring-internal-snap-client": "3.0.1-15c90e6",
  "@metamask-previews/eth-snap-keyring": "9.0.0-15c90e6",
  "@metamask-previews/keyring-snap-client": "3.0.1-15c90e6",
  "@metamask-previews/keyring-snap-sdk": "2.1.0-15c90e6",
  "@metamask-previews/keyring-utils": "1.3.0-15c90e6"
}

[mikesposito]

It looks like @metamask/eth-sig-util only accepts a Buffer here, while msgSig.v seems to be a bigint

[mcmire]

Hmm, does that cause an issue? A bigint is not a Buffer.

[mikesposito]

The implementation is unchanged and is the same that is in prod already:

accounts/packages/keyring-eth-hd/src/index.js

Line 185 in 3111c56

const rawMsgSig = concatSig(msgSig.v, msgSig.r, msgSig.s);

- bigint is not a Buffer but that's what we have always passed to concatSig (which expects a Buffer)

Though now the same code is throwing a type error. I think I left that // WARN there to come back at this and see if we can apply a conversion without breaking things

[mcmire]

Ah, strange, okay.

[mikesposito]

getAccounts() was awaited everywhere in the tests, but the function implementation was not marked as async

[mikesposito]

we can change the tests here, and then change them back along with fixing the implementation when HDKeyring will implement the Keyring type

[mcmire]

Looks like a good conversion overall, just had some questions on specific lines.

[mcmire]

Why do we have to make this type assertion?

[mcmire]

Should we simply throw an error instead of using assert? Otherwise this library is Node-only (or else, assert needs to be polyfilled). Unless it's already Node-only?

Suggested change

	assert(wallet.publicKey, 'Expected public key to be set');
	if (wallet.publicKey === undefined) {
	throw new Error('Expected public key to be set');
	}

[mikesposito]

Hmm, this assert comes from @metamask/utils instead of the built-in Node.js' assert. Looking at its implementation it seems to be compatible with a browser environment as well: https://github.com/MetaMask/utils/blob/90837bad1d85277aa5b8f16fe40beb81e0a1e09d/src/assert.ts#L81

Having this in mind, do you still think we should substitute these with explicit if undefined ?

[mcmire]

Similar as above?

Suggested change

	assert(wallet.publicKey, 'Expected public key to be set');
	if (wallet.publicKey === undefined) {
	throw new Error('Expected public key to be set');
	}

[mcmire]

Another case where we could possibly throw an error manually instead of using assert? (You get the idea)

[mcmire]

Curious, why do we need to make a type assertion here? I think you answered this question above

[mcmire]

It looks like we are converting privateKey to a Buffer when we weren't before. Is this a breaking change or was this supposed to be this way all along?

[mikesposito]

Since #getPrivateKeyFor returns a Uint8Array or a Buffer depending on whether we are passing { withAppKeyOrigin: string } as opts, signTypedData could receive something that is not a Buffer.

This is to say that it was supposed to be this way all along. Using Buffer.from(privateKey) should convert the Uint8Array to a Buffer or just return another Buffer with the same content as the original privateKey

[mcmire]

This explanation sounds a bit vague to me. What does it mean to cast a buffer into a JS object? Are we trying to serialize the buffer? I guess we could leave this comment here for now but I'm curious if there is a more descriptive name for this function.

[mikesposito]

The comment is left unchanged from the original repo, though I think that it is referring to the output of buffer.toJSON() which returns an object with this shape:

{
  type: 'Buffer',
  data: [
     71, 101, 101, 107,
    115, 102, 111, 114,
     71, 101, 101, 107,
    115
  ]
}

Perhaps we can change it to be something like this:

Suggested change

	// when encrypted/decrypted, buffers get cast into js object with a property type set to buffer
	// When using Buffer.toJSON(), the Buffer is serialized into an object
	// with the structure `{ type: 'Buffer', data: [...] }`

[mcmire]

Does it make sense for this return type to be Hex? Or does that screw things up elsewhere?

(I think we have a function in @metamask/utils that we can use instead of bufferToHex which already returns a Hex, so if we want to / plan on using that later, that's fine, too.)

[mikesposito]

I changed all types related to addresses from string to Hex. I guess you were referring to add0x which is now used to normalize addresses when needed (added HdKeyring.#normalizeAddress): 4d86d8e

[mikesposito]

The following extension PR is using a package preview from this PR, which appears to be working fine: MetaMask/metamask-extension#29961