Allow smart contract wallets to obtain Proof of Humanity trust bonus (#10555)

* Added eip-1271 support (isValidSignature) to PoH trust bonus verification. This allows smart contract wallets to properly sign the tx

* Removing parts unrelated to my changes. Not sure how these got in

* Restructuring the logic for better readability

* Removing json.loads() when loading the contract abi per review from Tim. This stays consistent with the surrounding code

* - Created new file for eip 1271 abi
- Moved is_valid_eip_1271_signature() out of poh_utils.py and into grants/utils.py

* Putting newline back in so changes aren't made during the PR

Author: scampVR

app/assets/v2/js/pages/profile-trust.js

@@ -833,7 +833,7 @@ Vue.component('poh-verify-modal', {
             </div>
             <div v-if="step === 'validation-complete'">
               <div>
-                Your Proof of Humanity verification was successful. Thank you for helping make Gitcoin mroe sybil resistant!
+                Your Proof of Humanity verification was successful. Thank you for helping make Gitcoin more sybil resistant!
               </div>
               <b-button @click="dismissVerification" variant="primary" class="btn btn-primary mt-5 px-5 float-right">Done</b-button>
             </div>

app/dashboard/views.py

@@ -91,7 +91,7 @@
 from eth_account.messages import defunct_hash_message
 from eth_utils import is_address, is_same_address
 from git.utils import get_auth_url, get_issue_details, get_url_dict, get_user, is_github_token_valid, search_users
-from grants.utils import get_clr_rounds_metadata
+from grants.utils import get_clr_rounds_metadata, is_valid_eip_1271_signature
 from kudos.models import Token
 from kudos.utils import humanize_name
 # from mailchimp3 import MailChimp
@@ -7220,21 +7220,26 @@ def verify_user_poh(request, handle):
             'msg': 'Empty signature or Ethereum address',
         })
 
+    web3 = get_web3('mainnet')
     message_hash = defunct_hash_message(text="verify_poh_registration")
     signer = w3.eth.account.recoverHash(message_hash, signature=signature)
     if eth_address != signer:
-        return JsonResponse({
-            'ok': False,
-            'msg': 'Invalid signature',
-        })
+        # recoverHash() will fail if the address is a smart contract wallet. Check for EIP-1271 compliance
+        if is_valid_eip_1271_signature(web3, web3.toChecksumAddress(eth_address), message_hash, signature):
+            # We got a valid EIP-1271 signature from eth_address, so we can trust it.
+            signer = eth_address
+        else:
+            return JsonResponse({
+                'ok': False,
+                'msg': 'Invalid signature',
+            })
 
     if Profile.objects.filter(poh_handle=signer).exists():
         return JsonResponse({
             'ok': False,
             'msg': 'Ethereum address is already registered.',
         })
 
-    web3 = get_web3('mainnet')
     if not is_registered_on_poh(web3, signer):
         return JsonResponse({
             'ok': False,

app/grants/abi/__init__.py

@@ -0,0 +1 @@
+EIP_1271_ABI = [{"constant":True,"inputs":[{"name":"_messageHash","type":"bytes32"},{"name":"_signature","type":"bytes"}],"name":"isValidSignature","outputs":[{"name":"magicValue","type":"bytes4"}],"payable":False,"stateMutability":"view","type":"function"}]

app/grants/abi/eip_1271_abi.py

@@ -465,3 +465,12 @@ def bsci_script(csv: str) -> tuple:
 
 def isNaN(string):
     return string != string
+
+def is_valid_eip_1271_signature(web3, address, hash, signature) -> bool:
+    from grants.abi.eip_1271_abi import EIP_1271_ABI
+    try:
+        eip_1271_contract = web3.eth.contract(address=address, abi=EIP_1271_ABI)
+        retval = eip_1271_contract.functions.isValidSignature(hash, signature).call()
+        return web3.toInt(retval) == 0x1626ba7e
+    except Exception as e:
+        return False