chore(indexer): verify call with alchemy signing key (#318)

bitcashorg · Aug 21, 2024 · 5fc15b6 · 5fc15b6
1 parent 7c30f06
commit 5fc15b6
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 3 deletions.
diff --git a/apps/indexer/.env-sample b/apps/indexer/.env-sample
@@ -4,4 +4,4 @@ SEPOLIA_RPC=https://eth-sepolia.g.alchemy.com/v2/xxx
 ISSUER_KEY=xxx
 ISSUER_ADDRESS=0x
 DFUSE_API_KEY=server_xxx
-ALCHEMY_SECRET_KEY=xxx
+ALCHEMY_ACTIVITY_SIGNING_KEY=xxx
diff --git a/apps/indexer/src/config.ts b/apps/indexer/src/config.ts
@@ -15,7 +15,9 @@ export const appConfig = {
     issuerKey: process.env.ISSUER_KEY || '',
     issuerAddress: (process.env.ISSUER_ADDRESS || '') as Address,
     issuerAccount: privateKeyToAccount(`0x${process.env.ISSUER_KEY}`),
-    alchemySecretKey: process.env.ALCHEMY_SECRET_KEY || '',
+    alchemy: {
+      activitySigningKey: process.env.ALCHEMY_ACTIVITY_SIGNING_KEY || '',
+    },
   },
   ...smartsaleEnv.test,
 }
diff --git a/apps/indexer/src/routes/alchemy.ts b/apps/indexer/src/routes/alchemy.ts
@@ -20,7 +20,10 @@ export function alchemyWebhook(req: Request, res: Response) {
 function validateAlchemySignature(req: Request): boolean {
   const alchemySignature = req.headers['x-alchemy-signature'] as string
   const payload = JSON.stringify(req.body)
-  const hmac = crypto.createHmac('sha256', appConfig.evm.alchemySecretKey)
+  const hmac = crypto.createHmac(
+    'sha256',
+    appConfig.evm.alchemy.activitySigningKey,
+  )
   hmac.update(payload)
   return alchemySignature === hmac.digest('hex')
 }