fix: align rust signal hashing

Author: Takaros999

js/packages/core/src/__tests__/pure-crypto.test.ts

@@ -71,6 +71,18 @@ describe("hashSignal (pure JS)", () => {
       "0x001c8aff950685c2ed4bc3174f3472287b56d9517b9c948127319a09a7a36dea",
     );
   });
+
+  it("should hash address-shaped signals as raw address bytes", () => {
+    const signal = "0x3df41d9d0ba00d8fbe5a9896bb01efc4b3787b7c";
+    const rawAddressBytes = hexToBytes(signal.slice(2));
+    const utf8AddressString = new TextEncoder().encode(signal);
+
+    expect(hashSignal(signal)).toBe(hashSignal(rawAddressBytes));
+    expect(hashSignal(signal)).toBe(
+      "0x008c8aee1da6dd63c3fd6c420eab6a55882e7f1a3f97b27853e75eb8ffc8032f",
+    );
+    expect(hashSignal(signal)).not.toBe(hashSignal(utf8AddressString));
+  });
 });
 
 // Rust ref: https://github.com/worldcoin/world-id-protocol/blob/0008eab1efe200e572f27258793f9be5cb32858b/crates/primitives/src/rp.rs#L95-L105

js/packages/core/src/__tests__/smoke.test.ts

@@ -15,7 +15,9 @@ import {
   isNode,
   IDKitErrorCodes,
   signRequest,
+  hashSignal,
 } from "../index";
+import { initIDKit, WasmModule } from "../lib/wasm";
 
 const TEST_SESSION_ID = `session_${"11".repeat(64)}` as const;
 const TEST_SESSION_CONFIG = {
@@ -150,6 +152,41 @@ describe("IDKitRequest API", () => {
   //   });
   //   await expect(builder.constraints({ any: [] })).rejects.toThrow();
   // });
+
+  it("should hash address-shaped legacy preset signals as raw bytes in WASM payloads", async () => {
+    await initIDKit();
+
+    const signal = "0x3df41d9d0ba00d8fbe5a9896bb01efc4b3787b7c";
+    const utf8SignalHash = hashSignal(new TextEncoder().encode(signal));
+    const rawAddressSignalHash = hashSignal(signal);
+    const rpContext = new WasmModule.RpContextWasm(
+      "rp_1234567890abcdef",
+      "0x0000000000000000000000000000000000000000000000000000000000000001",
+      1_700_000_000n,
+      1_700_003_600n,
+      "0x" + "00".repeat(64) + "1b",
+    );
+    const builder = new WasmModule.IDKitBuilder(
+      "app_test",
+      "test-action",
+      rpContext,
+      null,
+      null,
+      true,
+      null,
+      null,
+      "production",
+    );
+
+    const result = builder.nativePayloadFromPreset(orbLegacy({ signal })) as {
+      payload: { signal: string };
+      legacy_signal_hash: string;
+    };
+
+    expect(rawAddressSignalHash).not.toBe(utf8SignalHash);
+    expect(result.payload.signal).toBe(rawAddressSignalHash);
+    expect(result.legacy_signal_hash).toBe(rawAddressSignalHash);
+  });
 });
 
 describe("Enums", () => {

rust/core/src/bridge.rs

@@ -415,7 +415,9 @@ pub fn build_request_payload(
         })
         .transpose()?;
 
-    // For backwards compatibility we hash the signal
+    // Legacy v3 payloads send only the signal hash. `Signal::from_string`
+    // intentionally mirrors JS `hashSignal`, including decoding valid `0x`
+    // strings as bytes so address signals match `abi.encodePacked(address)`.
     let legacy_signal_hash =
         crate::crypto::hash_signal(&Signal::from_string(params.legacy_signal.clone()));
 
@@ -1664,6 +1666,56 @@ mod tests {
         assert!(payload_bridge.get("timestamp").is_none());
     }
 
+    #[test]
+    fn test_legacy_payload_hashes_address_shaped_signal_as_raw_bytes() {
+        let address = "0x3df41d9d0ba00d8fbe5a9896bb01efc4b3787b7c";
+        let address_bytes = hex::decode(address.strip_prefix("0x").unwrap()).unwrap();
+        let expected = crate::crypto::hash_signal(&Signal::from_bytes(address_bytes));
+        let utf8_hash = crate::crypto::hash_signal(&Signal::from_bytes(address.as_bytes()));
+
+        assert_ne!(expected, utf8_hash);
+        let app_id = AppId::new("app_test").unwrap();
+        let sig = "0x".to_string() + &"00".repeat(64) + "1b";
+        let rp_context = RpContext::new(
+            "rp_1234567890abcdef",
+            "0x0000000000000000000000000000000000000000000000000000000000000001",
+            1_700_000_000,
+            1_700_003_600,
+            &sig,
+        )
+        .unwrap();
+
+        let params = BridgeConnectionParams {
+            app_id,
+            kind: RequestKind::Uniqueness {
+                action: "my-action".to_string(),
+            },
+            constraints: None,
+            rp_context,
+            action_description: None,
+            legacy_verification_level: VerificationLevel::Orb,
+            legacy_signal: address.to_string(),
+            bridge_url: None,
+            allow_legacy_proofs: false,
+
+            override_connect_base_url: None,
+            return_to: None,
+            environment: None,
+        };
+
+        let cached = CachedSignalHashes::compute(&params);
+        assert_eq!(cached.legacy_signal_hash, expected);
+
+        let bridge_payload = build_request_payload(&params, false).unwrap();
+        assert_eq!(bridge_payload["signal"], expected);
+
+        let native_payload = build_request_payload(&params, true).unwrap();
+        assert_eq!(native_payload["signal"], expected);
+
+        let native_v1_payload = build_native_v1_payload(&params).unwrap();
+        assert_eq!(native_v1_payload["signal"], expected);
+    }
+
     fn sample_connection(return_to: Option<String>) -> BridgeConnection {
         BridgeConnection {
             bridge_url: BridgeUrl::default(),

rust/core/src/crypto.rs

@@ -158,10 +158,14 @@ pub fn hash_signal_abi<V: alloy_sol_types::SolValue>(signal: &V) -> U256 {
 /// Hashes a signal using keccak256 hash
 ///
 /// Takes a `Signal` (either string or bytes) and returns the keccak256 hash,
-/// shifted right by 8 bits, formatted as a hex string with 0x prefix
+/// shifted right by 8 bits, formatted as a hex string with 0x prefix.
+/// String signals intentionally use the same `0x` decoding semantics as the
+/// JS `hashSignal` helper: valid non-empty even-length hex strings are hashed
+/// as raw bytes, and all other strings are hashed as UTF-8 text.
 #[must_use]
 pub fn hash_signal(signal: &crate::Signal) -> String {
-    let hash = hash_to_field(signal.as_bytes());
+    let input = signal.hash_input_bytes();
+    let hash = hash_to_field(input.as_ref());
     format!("{hash:#066x}")
 }
 
@@ -275,6 +279,20 @@ mod tests {
         assert_eq!(hashed_bytes.len(), 66);
     }
 
+    #[test]
+    fn test_hash_signal_decodes_prefixed_hex_strings() {
+        use crate::Signal;
+
+        let signal = "0x3df41d9d0ba00d8fbe5a9896bb01efc4b3787b7c";
+        let address_bytes = hex::decode(signal.strip_prefix("0x").unwrap()).unwrap();
+        let expected = hash_signal(&Signal::from_bytes(address_bytes));
+        let utf8_hash = hash_signal(&Signal::from_bytes(signal.as_bytes()));
+
+        assert_ne!(expected, utf8_hash);
+        assert_eq!(hash_signal(&Signal::String(signal.to_string())), expected);
+        assert_eq!(hash_signal(&Signal::from_string(signal)), expected);
+    }
+
     #[test]
     fn test_base64_encode_decode() {
         let input = b"Hello, World!";

rust/core/src/preset.rs

@@ -247,4 +247,24 @@ mod tests {
             _ => panic!("expected deviceLegacy constraints to be a single orb item"),
         }
     }
+
+    #[test]
+    fn orb_legacy_preset_decodes_address_shaped_signal_as_bytes() {
+        let address = "0x3df41d9d0ba00d8fbe5a9896bb01efc4b3787b7c";
+        let preset = Preset::orb_legacy(Some(address.to_string()));
+        let (constraints, verification_level, legacy_signal) = preset.to_bridge_params();
+
+        assert_eq!(verification_level, VerificationLevel::Orb);
+        assert_eq!(legacy_signal, Some(address.to_string()));
+
+        match constraints {
+            ConstraintNode::Item(orb) => {
+                assert_eq!(orb.credential_type, CredentialType::ProofOfHuman);
+                let signal = orb.signal.expect("expected signal");
+                assert!(matches!(signal, Signal::Bytes(_)));
+                assert_eq!(signal.as_bytes().len(), 20);
+            }
+            _ => panic!("expected orbLegacy constraints to be a single orb item"),
+        }
+    }
 }