Add customizable salt to offchain attestations and remove unnecessary offchain attestation version input from the signOffchainAttestation API

CHANGELOG.md

@@ -0,0 +1,6 @@
+# Changelog
+
+## 1.4.0 (2023-12-08)
+
+- Add customizable salt to offchain attestations to reduce the chance of predictable UIDs (which may be abused in some very specific use-cases)
+- Remove unnecessary offchain attestation version input from the `signOffchainAttestation` API

README.md

@@ -297,7 +297,7 @@ const attestation = {
     },
     uid: "0x5134f511e0533f997e569dac711952dde21daf14b316f3cce23835defc82c065",
     message: {
-      version: OffchainAttestationVersion.Version1,
+      version: OffchainAttestationVersion.Version2,
       schema: "0x27d06e3659317e9a4f8154d1e849eb53d43d91fb4f219884d1684f86d797804a",
       refUID: "0x0000000000000000000000000000000000000000000000000000000000000000",
       time: 1671219600,
@@ -316,7 +316,7 @@ const EAS_CONFIG: PartialTypedDataConfig = {
   version: attestation.sig.domain.version,
   chainId: attestation.sig.domain.chainId,
 };
-const offchain = new Offchain(EAS_CONFIG, OffchainAttestationVersion.Version1);
+const offchain = new Offchain(EAS_CONFIG, OffchainAttestationVersion.Version2);
 const isValidAttestation = offchain.verifyOffchainAttestationSignature(
   attestation.signer,
   attestation.sig

dist/offchain/offchain-utils.d.ts

@@ -1,13 +1,11 @@
 import { SignedOffchainAttestation } from './offchain';
-export interface SignedOffchainAttestationV1 extends Omit<SignedOffchainAttestation, 'signature'> {
+export interface SignedOffchainAttestationV1 extends Omit<SignedOffchainAttestation, 'signature' | 'version'> {
     r: string;
     s: string;
     v: number;
 }
 export interface AttestationShareablePackageObject {
-    /** Signed typed data with attestation object */
     sig: SignedOffchainAttestation;
-    /** Address of the signer */
     signer: string;
 }
 export type CompactAttestationShareablePackageObject = [
@@ -27,7 +25,8 @@ export type CompactAttestationShareablePackageObject = [
     revocable: boolean,
     data: string,
     nonce: number,
-    offchainVersion?: number
+    offchainVersion?: number,
+    salt?: string
 ];
 export declare const createOffchainURL: (pkg: AttestationShareablePackageObject) => string;
 export declare const zipAndEncodeToBase64: (pkg: AttestationShareablePackageObject) => string;

dist/offchain/offchain.d.ts

@@ -7,34 +7,42 @@ export interface OffchainAttestationType extends EIP712Types<EIP712MessageTypes>
 }
 export declare enum OffchainAttestationVersion {
     Legacy = 0,
-    Version1 = 1
+    Version1 = 1,
+    Version2 = 2
 }
 export declare const OFFCHAIN_ATTESTATION_TYPES: Record<OffchainAttestationVersion, OffchainAttestationType[]>;
 export type OffchainAttestationParams = {
-    version: number;
     schema: string;
     recipient: string;
     time: bigint;
     expirationTime: bigint;
     revocable: boolean;
     refUID: string;
     data: string;
+    salt?: string;
 } & Partial<EIP712Params>;
+export type OffchainAttestationTypedData = OffchainAttestationParams & {
+    version: OffchainAttestationVersion;
+};
 export type OffchainAttestationOptions = {
+    salt?: string;
     verifyOnchain: boolean;
 };
-export interface SignedOffchainAttestation extends EIP712Response<EIP712MessageTypes, OffchainAttestationParams> {
+export interface SignedOffchainAttestation extends EIP712Response<EIP712MessageTypes, OffchainAttestationTypedData> {
+    version: OffchainAttestationVersion;
     uid: string;
 }
+export declare const SALT_SIZE = 32;
 export declare class Offchain extends TypedDataHandler {
     readonly version: OffchainAttestationVersion;
     protected signingType: OffchainAttestationType;
     protected readonly verificationTypes: OffchainAttestationType[];
     private readonly eas;
-    constructor(config: PartialTypedDataConfig, version: number, eas: EAS);
+    constructor(config: PartialTypedDataConfig, version: OffchainAttestationVersion, eas: EAS);
     getDomainSeparator(): string;
     getDomainTypedData(): DomainTypedData;
     signOffchainAttestation(params: OffchainAttestationParams, signer: Signer, options?: OffchainAttestationOptions): Promise<SignedOffchainAttestation>;
-    verifyOffchainAttestationSignature(attester: string, request: SignedOffchainAttestation): boolean;
-    static getOffchainUID(params: OffchainAttestationParams): string;
+    verifyOffchainAttestationSignature(attester: string, attestation: SignedOffchainAttestation): boolean;
+    private getOffchainUID;
+    static getOffchainUID(version: OffchainAttestationVersion, attestation: SignedOffchainAttestation): string;
 }