Add username choice for sign buffer requests

README.md

@@ -74,9 +74,9 @@ Sites can request that the extension sign and broadcast a transfer operation for
 ```
 steem_keychain.requestTransfer(account_name, to_account, amount, memo, currency, function(response) {
 	console.log(response);
-},enforce);
+}, enforce);
 ```
-where `memo` will be encrypted using Memo key if it is starting by `#`, and `enforce` doesn't allow the user to chose which account will make the transfer but rather enforce `account_name`.
+where `memo` will be encrypted using Memo key if it is starting by `#`, and `enforce` doesn't allow the user to chose which account will make the transfer but rather enforce `account_name` (optional, defaults to false).
 
 ### Decode Memo / Verify Key
 
@@ -129,10 +129,12 @@ Sites can request that the extension sign messages:
 ```
 steem_keychain.requestSignBuffer(account_name, message, key_type, function(response) {
         console.log(response);
-});
+}, enforce);
 ```
 
-Where "message" is any string and "key_type" can be "Posting" or "Active". This is equivalent to
+Where "message" is any string and "key_type" can be "Posting" or "Active", and "account_name" can be omitted optionally to allow the user to choose an account to sign the message with.
+
+. This is equivalent to
 
 ```Signature.signBufferSha256(hash.sha256(message), wif).toHex();```
 

css/dialog.css

@@ -96,7 +96,7 @@ h3 .small {
 
 #modal-body-msg .msg-data>div,
 #modal-body-msg .msg-data>h3,
-#transfer_acct_list {
+#acct_list {
     display: none;
 }
 

example/main.html

@@ -70,7 +70,7 @@ <h3>Add Account Authority</h3>
       <option>Posting</option>
       <option>Active</option>
     </select>
-    <input type="number" placeholder="1" id="addauth_weight" />
+    <input type="number" placeholder="1" id="addauth_weight" value=1 />
     <button id="send_addauth">Send</button>
     <h3>Remove Account Authority</h3>
     <input type="text" placeholder="username" id="removeauth_username" />

html/dialog.html

@@ -31,14 +31,14 @@ <h3 class="dialog-message" id="dialog_message" style="display: none;"></h3>
         </div>
 
         <div id="modal-body-msg" style="display: none;">
-            <div id="transfer_acct_list" class="custom-select custom-select-main transfer">
-                <select id="select_transfer">
+            <div id="acct_list" class="custom-select custom-select-main transfer signBuffer">
+                <select id="select_account">
 						</select>
             </div>
 
             <div class="msg-data">
-                <h3 class="decode vote post custom delegation addAccountAuthority removeAccountAuthority broadcast signBuffer signedCall witnessVote powerUp powerDown">Account</h3>
-                <div class="decode vote post custom delegation addAccountAuthority removeAccountAuthority broadcast signBuffer signedCall witnessVote powerUp powerDown" id="username"></div>
+                <h3 class="decode vote post custom delegation addAccountAuthority removeAccountAuthority broadcast signedCall witnessVote powerUp powerDown">Account</h3>
+                <div class="decode vote post custom delegation addAccountAuthority removeAccountAuthority broadcast signedCall witnessVote powerUp powerDown" id="username"></div>
                 <h3 class="decode">Key</h3>
                 <div class="decode" id="wif"></div>
                 <h3 class="vote">Author</h3>

js/background.js

@@ -629,8 +629,12 @@ async function performTransaction(data, tab,no_confirm) {
                 }
                 break;
             case "signBuffer":
+                let signAcc = accounts.list.find(function(e) {
+                    return e.name == data.username;
+                });
+                const signKey = signAcc.keys[data.method.toLowerCase()];
                 try {
-                    let signed = window.signBuffer(data.message, key);
+                    let signed = window.signBuffer(data.message, signKey);
 
                     let message = {
                         command: "answerRequest",
@@ -764,10 +768,12 @@ function checkBeforeCreate(request, tab, domain) {
                     list: []
                 }) ? null : decryptToJson(items.accounts, mk);
                 let account = null;
-                if (request.type == "transfer") {
-                    let tr_accounts = accounts.list.filter(a => a.keys.hasOwnProperty("active"));
+                if (request.type == 'transfer' || request.type == 'signBuffer') {
+                    const keyType = request.type == 'transfer' ? 'active' : request.method.toLowerCase();
+                    let tr_accounts = accounts.list.filter(a => a.keys.hasOwnProperty(keyType));
                     const encode = (request.memo != undefined && request.memo.length > 0 && request.memo[0] == "#");
-                    const enforce = request.enforce || encode;
+                    const enforce = request.enforce || encode
+                        || (request.type == 'signBuffer' && request.username);
                     if (encode)
                         account = accounts.list.find(function(e) {
                             return e.name == request.username;
@@ -776,18 +782,18 @@ function checkBeforeCreate(request, tab, domain) {
                     if (enforce && request.username && !tr_accounts.find(a => a.name == request.username)) {
                         createPopup(function() {
                             console.log("error1");
-                            sendErrors(tab, "user_cancel", "Request was canceled by the user.", "The current website is trying to send a transfer request to the Steem Keychain browser extension for account @" + request.username + " using the active key, which has not been added to the wallet.", request);
+                            sendErrors(tab, "user_cancel", "Request was canceled by the user.", `The current website is trying to send a request to the Steem Keychain browser extension for account @${request.username} using the ${keyType} key, which has not been added to the wallet.`, request);
                         });
                     } else if (encode && !account.keys.hasOwnProperty("memo")) {
                         createPopup(function() {
                             console.log("error2");
-                            sendErrors(tab, "user_cancel", "Request was canceled by the user.", "The current website is trying to send a request to the Steem Keychain browser extension for account @" + request.username + " using the memo key, which has not been added to the wallet.", request);
+                            sendErrors(tab, "user_cancel", "Request was canceled by the user.", `The current website is trying to send a request to the Steem Keychain browser extension for account @${request.username} using the memo key, which has not been added to the wallet.`, request);
                         });
                     }
                     else if (tr_accounts.length==0){
                       createPopup(function() {
                           console.log("error3");
-                        sendErrors(tab, "user_cancel", "Request was canceled by the user.", "The current website is trying to send a transfer request to the Steem Keychain browser extension for account @" + request.username + " using the active key, which has not been added to the wallet.", request);
+                        sendErrors(tab, "user_cancel", "Request was canceled by the user.", `The current website is trying to send a request to the Steem Keychain browser extension for account @${request.username} using the ${keyType} key, which has not been added to the wallet.`, request);
                       });
                     }
                     else {

js/dialog.js

@@ -84,7 +84,7 @@ chrome.runtime.onMessage.addListener(function(msg, sender, sendResp) {
             $("#dialog_message").text(msg.data.display_msg);
         }
 
-        if (type == "transfer") {
+        if (type == 'transfer' || type == 'signBuffer') {
             $('#modal-body-msg .msg-data').css('max-height', '200px');
             let accounts = msg.accounts;
             if (msg.data.username !== undefined) {
@@ -98,7 +98,7 @@ chrome.runtime.onMessage.addListener(function(msg, sender, sendResp) {
             }
             for (acc of accounts) {
                 if (acc != undefined)
-                    $("#select_transfer").append("<option>" + acc.name + "</option>");
+                    $("#select_account").append("<option>" + acc.name + "</option>");
             }
             initiateCustomSelect();
         }
@@ -109,7 +109,7 @@ chrome.runtime.onMessage.addListener(function(msg, sender, sendResp) {
         $("#modal-content").css("align-items", "flex-start");
         const keyVerifyAction = msg.data.type == 'decode' || msg.data.type == 'signBuffer';
         console.log(msg.data.key);
-        if (msg.data.key!=="active"&&msg.data.type!="transfer") {
+        if (msg.data.key !== 'active' && msg.data.type !== 'transfer' && msg.data.type !== 'signBuffer') {
             $("#keep_div").show();
             var prompt_msg = keyVerifyAction ? "Do not prompt again to verify keys for the @" + msg.data.username + " account on " + msg.domain :
                 "Do not prompt again to send " + msg.data.type + " transactions from the @" + msg.data.username + " account on " + msg.domain
@@ -126,8 +126,13 @@ chrome.runtime.onMessage.addListener(function(msg, sender, sendResp) {
                 $("#dialog_message").text('The website ' + msg.domain + ' would like to verify that you have access to the private ' + msg.data.method + ' key for the account: @' + msg.data.username);
                 break;
             case "signBuffer":
+                if (msg.data.username) {
+                    $("#username").show();
+                    $("#username").prev().show();
+                    $("#acct_list").hide();
+                }
                 $("#dialog_message").show();
-                $("#dialog_message").text('The website ' + msg.domain + ' would like you to sign a message using the ' + msg.data.method + ' key for the account: @' + msg.data.username);
+                $("#dialog_message").text('The website ' + msg.domain + ' would like you to sign a message using the ' + msg.data.method + ' key' + (msg.data.username ? ' for the account: @' + msg.data.username : '') + '.');
                 const fullMessage = msg.data.message;
                 let truncatedMessage = fullMessage.substring(0, 200);
                 if (fullMessage.length > 200) {
@@ -195,7 +200,7 @@ chrome.runtime.onMessage.addListener(function(msg, sender, sendResp) {
                 if (enforce) {
                     $("#username").show();
                     $("#username").prev().show();
-                    $("#transfer_acct_list").hide();
+                    $("#acct_list").hide();
                 }
                 $("#to").text('@' + msg.data.to);
                 $("#amount").text(msg.data.amount + " " + msg.data.currency);
@@ -264,8 +269,8 @@ chrome.runtime.onMessage.addListener(function(msg, sender, sendResp) {
         // Closes the window and launch the transaction in background
         $("#proceed").click(function() {
             let data = msg.data;
-            if (data.type == "transfer" && !enforce)
-                data.username = $("#select_transfer option:selected").val();
+            if ((data.type == 'transfer' || data.type == 'signBuffer') && !enforce)
+                data.username = $("#select_account option:selected").val();
             chrome.runtime.sendMessage({
                 command: "acceptTransaction",
                 data: data,

js/web_interface.js

@@ -66,7 +66,7 @@ function sendResponse(response) {
 function validate(req) {
     return req != null && req != undefined && req.type != undefined && req.type != null &&
         ((req.type == "decode" && isFilled(req.username) && isFilled(req.message) && req.message[0] == "#" && isFilledKey(req.method)) ||
-            (req.type == "signBuffer" && isFilled(req.username) && isFilled(req.message) && isFilledKey(req.method)) ||
+            (req.type == "signBuffer" && isFilled(req.message) && isFilledKey(req.method)) ||
             (req.type == "vote" && isFilled(req.username) && isFilledWeight(req.weight) && isFilled(req.permlink) && isFilled(req.author)) ||
             (req.type == "post" && isFilled(req.username) && isFilled(req.body) &&
                 ( (isFilled(req.title) && isFilledOrEmpty(req.permlink) && !isFilled(req.parent_username) && isFilled(req.parent_perm) && isFilled(req.json_metadata)) ||
@@ -79,7 +79,7 @@ function validate(req) {
             (req.type == "signedCall" && isFilled(req.method) && isFilled(req.params) && isFilled(req.typeWif)) ||
             (req.type == "witnessVote" && isFilled(req.username) && isFilled(req.witness) && isBoolean(req.vote)) ||
             (req.type == "delegation" && isFilled(req.username) && isFilled(req.delegatee) && isFilledAmtSP(req) && isFilledDelegationMethod(req.unit)) ||
-            (req.type == "transfer" && isFilledAmt(req.amount) && isFilled(req.to) && isFilledCurrency(req.currency) && hasTransferInfo(req)) ||
+            (req.type == "transfer" && isFilledAmt(req.amount) && isFilled(req.to) && isFilledCurrency(req.currency) && checkEnforceUsername(req)) ||
             (req.type == "sendToken" && isFilledAmt(req.amount) && isFilled(req.to) && isFilled(req.currency))||
             (req.type == "powerUp" && isFilled(req.username)&& isFilledAmt(req.steem) && isFilled(req.recipient))||
             (req.type == "powerDown" && isFilled(req.username)&& (isFilledAmt(req.steem_power)||req.steem_power=="0.000"))||
@@ -89,7 +89,7 @@ function validate(req) {
 
 // Functions used to check the incoming data
 
-function hasTransferInfo(req) {
+function checkEnforceUsername(req) {
     if (req.enforce)
         return isFilled(req.username);
     else if (isFilled(req.memo) && req.memo[0] == "#")