chore: start #https://github.com/ubiquity-os/permit-generation/issues/71

[kingsley-einstein]

Resolves #71

[github-actions]

Unused files (4)

src/plugin.ts, src/worker.ts, src/helpers/signature.ts, src/types/webhook-payload.ts

Unused dependencies (1)

Filename	dependencies
package.json	typebox-validators

Unused devDependencies (2)

Filename	devDependencies
package.json	@types/blake2b supabase

[ubiquity-os-beta]

@kingsley-einstein, this task has been idle for a while. Please provide an update.

[kingsley-einstein]

@kingsley-einstein, this task has been idle for a while. Please provide an update.

On it

[ubiquity-os-beta]

@kingsley-einstein, this task has been idle for a while. Please provide an update.

[kingsley-einstein]

It was difficult testing this with a Cloudflare worker, as wasm and asm failed to load, and the fallback was not used. I decided to use tweetnacl and tweetnacl-util for the decryption processes. The private key must be encrypted with a URL-safe base64 nonce with its padding pruned out. This nonce should be available in the environment as X25519_NONCE. I took a look at the implementation here https://github.com/ubq-testing/permit-generation/blob/feat/workerize/src/utils/keys.ts but I still wasn't able to derive the nonce from the keys.

As seen in the attached screenshots, the plugin has been successfully converted to a worker. The inputs are encrypted as a base64 string, and this string has to be signed using the kernel's private key, and included in the payload as well. The signature verification is done using the kernel's public key which is available in the environment as KERNEL_PUBLIC_KEY.

[kingsley-einstein]

@0x4007 @gentlementlegen @rndquu

[Keyrxng]

#71 (comment) - check this comment kingsley. This PR should be closed, sorry bud.

[kingsley-einstein]

#71 (comment) - check this comment kingsley. This PR should be closed, sorry bud.

Ouch! That's okay