Getting 500 from /users endpoint after connecting via sequence wallet

coderdidit · August 24, 2022, 10:26pm

hey

does Moralis support smart contract wallets like https://sequence.app/wallet

I did integrated the wallet so I can connect and sing

but when it sends the request to moralis /users endpoint, I get 500 response

alex · August 24, 2022, 10:35pm

There is no direct integration or tutorial like with Web3Auth or Magic but it should be possible, is this for moralis-v1 or for 2.0 (Auth API)?

What is the full URL of that endpoint? What have you tried in your code or project?

coderdidit · August 24, 2022, 10:46pm

its moralis-v1

see the code:

import { AbstractWeb3Connector } from "moralis";
import { sequence } from "0xsequence";
import { debugLog } from "dev-utils/debug";

class NoEthereumProviderError extends Error {
  constructor() {
    super();
    this.message = "Non ethereum enabled browser";
  }
}

function getProvider() {
  if (!window?.sequence.isSequence) {
    window.open("https://sequence.xyz");
    return null;
  }
  return window.sequence;
}

function fromDecimalToHex(number) {
  if (typeof number !== "number") throw "The input provided should be a number";
  return `0x${number.toString(16)}`;
}

/**
 * Converts chainId to a hex if it is a number
 */
function verifyChainId(chainId) {
  if (typeof chainId === "number") chainId = fromDecimalToHex(chainId);
  return chainId;
}

class SequenceConnector extends AbstractWeb3Connector {
  type = "sequence";

  verifyEthereumBrowser() {
    if (!window?.ethereum) {
      throw new NoEthereumProviderError();
    }
  }

  async activate() {
    this.verifyEthereumBrowser();

    const provider = getProvider();

    debugLog("[SequenceConnector]", provider);

    const [accounts, chainId] = await Promise.all([
      provider.request({ method: "eth_requestAccounts" }),
      provider.request({ method: "eth_chainId" }),
    ]);

    const account = accounts[0] ? accounts[0].toLowerCase() : null;

    this.chainId = verifyChainId(chainId);
    this.account = account;
    this.provider = provider;

    this.subscribeToEvents(provider);

    return { provider, chainId, account };
  }

  async switchNetwork(chainId) {
    this.verifyEthereumBrowser();
    chainId = verifyChainId(chainId);

    const currentNetwork = this.chainId;
    if (currentNetwork === chainId) return;

    const provider = getProvider();

    await provider.request({
      method: "wallet_switchEthereumChain",
      params: [{ chainId }],
    });
  }

  async addNetwork(
    chainId,
    chainName,
    currencyName,
    currencySymbol,
    rpcUrl,
    blockExplorerUrl,
  ) {
    this.verifyEthereumBrowser();

    const newchainId = verifyChainId(chainId);
    const provider = getProvider();

    await provider.request({
      method: "wallet_addEthereumChain",
      params: [
        {
          chainId: newchainId,
          chainName: chainName,
          nativeCurrency: {
            name: currencyName,
            symbol: currencySymbol,
            decimals: 18,
          },
          rpcUrls: [rpcUrl],
          blockExplorerUrls: blockExplorerUrl ? [blockExplorerUrl] : null,
        },
      ],
    });
  }
}

export default SequenceConnector;

URL is '<my-server-url>/server/users its a POST request with authData

coderdidit · August 24, 2022, 10:49pm

so i just created a custom wallet provider

coderdidit · August 24, 2022, 10:50pm

kicking off the auth works, only when the POST request <my-server-url>/server/users with authData to moralis is made, I got 500 response

I see that request in browser console in network tab

coderdidit · August 24, 2022, 10:57pm

As far as I know Sequence is a Smart contract type of wallet

coderdidit · August 24, 2022, 10:57pm

answer I got from them

You should ping Moralis indeed, 
they may not support smart contract wallets like 
Sequence, Argent and Gnosis Safe

alex · August 24, 2022, 11:46pm

It may not be possible, a user tried authenticating with Loopring Wallet which is smart contract based to their Moralis server and couldn’t do so - don’t think it was resolved.

I will try your connector soon.

coderdidit · August 25, 2022, 9:15am

Is it on Moralis Server side ?
Could that be fixed

coderdidit · August 26, 2022, 6:58am

@alex Did you had a chance to look into this?

cryptokid · August 26, 2022, 10:53am

can you check the difference between how the request looks like for a normal wallet and in this new case?
it should be a similar request format, you can see that in the browser network tab when a request it made and look in auth data

coderdidit · August 26, 2022, 10:59am

@cryptokid the request is the same,

you can look it up at this app

https://app.metagymland.com/

will post it in a sec, as far as I remember the signature was longer in size for sequence wallet

cryptokid · August 26, 2022, 11:00am

if the sequence doesn’t validate the same as for eth, then that could be the issue

coderdidit · August 26, 2022, 11:08am

@cryptokid below is the breakdown, I hide some details

request for metamask

I get 200 success

curl 'https://....usemoralis.com:2053/server/users' \
  -H 'authority: ....usemoralis.com:2053' \
  -H 'accept: */*' \
  -H 'accept-language: en-GB,en;q=0.7' \
  -H 'content-type: text/plain' \
  -H 'origin: https://app.metagymland.com' \
  -H 'referer: https://app.metagymland.com/' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: cross-site' \
  -H 'sec-gpc: 1' \
  -H 'user-agent: Mozilla/5.0 ...' \
  --data-raw '{"authData":{"moralisEth":{"id":"same","signature":"132 characters","data":"Moralis Authentication\n\nId: same"}},"_ApplicationId":"same","_ClientVersion":"js1.11.0","_InstallationId":"same"}' \
  --compressed

for sequence wallet I get

{"code":1,"message":"Internal server error."}

the request is

  curl 'https://....usemoralis.com:2053/server/users' \
  -H 'authority: ....usemoralis.com:2053' \
  -H 'accept: */*' \
  -H 'accept-language: en-GB,en;q=0.7' \
  -H 'content-type: text/plain' \
  -H 'origin: https://app.metagymland.com' \
  -H 'referer: https://app.metagymland.com/' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: cross-site' \
  -H 'sec-gpc: 1' \
  -H 'user-agent: Mozilla/5.0 ...' \
  --data-raw '{"authData":{"moralisEth":{"id":"same","signature":"322 characters in length","data":"Moralis Authentication\n\nId: same"}},"_ApplicationId":"same","_ClientVersion":"js1.11.0","_InstallationId":"same"}' \
  --compressed

the diff is

request via metamask have signature of 132 characters
request via sequence wallet have signature of 322 characters

cryptokid · August 26, 2022, 11:23am

that signature will be used to validate the eth address, if the signature is different then that validation probably will fail

this wallet uses a different algorithm to sign a message? there are two types of signatures, one to sign a transaction and one to sign a message

coderdidit · August 26, 2022, 2:33pm

@cryptokid could this be related?:

There are still a few sites for web3 dapps that haven't been implemented 
support for smart contract signatures 
( Their code blocks transactions because they haven't upgraded 
to include eip-1271: https://eips.ethereum.org/EIPS/eip-1271 )

cryptokid · August 26, 2022, 3:19pm

You should sign a message and not a transaction. I don’t know exactly how that signature is generated.

It is called personal sign in web3 or ethers

ari · August 26, 2022, 4:52pm

Sequence, Argent, Gnosis Safe, and other smart contract wallets use ERC1271 for signature validation. Check out the ERC for more info - it sounds like Moralis needs to support this ERC to verify Sequence signatures: https://github.com/ethereum/EIPs/issues/1271

coderdidit · August 26, 2022, 6:23pm

I agree

@cryptokid could Moralis support this?

side note, I am a paying customer

ivan · August 26, 2022, 6:39pm

thanks we will check this!