From 12231cfa812f01c7670b7342ce6d9f19133ac87c Mon Sep 17 00:00:00 2001
From: Ethan Wessel <ethan.wessel@consensys.net>
Date: Tue, 4 Jun 2024 17:57:42 -0700
Subject: [PATCH] chore: remove console.log

Signed-off-by: Ethan Wessel <ethan.wessel@consensys.net>
---
 .../tx-verification-middleware.ts             | 53 +++++++++++++++++++
 app/scripts/metamask-controller.js            |  2 -
 2 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 app/scripts/lib/tx-verification/tx-verification-middleware.ts

diff --git a/app/scripts/lib/tx-verification/tx-verification-middleware.ts b/app/scripts/lib/tx-verification/tx-verification-middleware.ts
new file mode 100644
index 000000000000..853bbaa2d22f
--- /dev/null
+++ b/app/scripts/lib/tx-verification/tx-verification-middleware.ts
@@ -0,0 +1,53 @@
+import { hashMessage } from '@ethersproject/hash';
+import { verifyMessage } from '@ethersproject/wallet';
+import {
+  Json,
+  JsonRpcParams,
+  JsonRpcRequest,
+  JsonRpcResponse,
+} from '@metamask/utils';
+import {
+  JsonRpcEngineEndCallback,
+  JsonRpcEngineNextCallback,
+} from 'json-rpc-engine';
+import { TRUSTED_BRIDGE_SIGNER } from '../../../../shared/constants/bridge';
+import { FIRST_PARTY_CONTRACT_NAMES } from '../../../../shared/constants/first-party-contracts';
+
+export function txVerificationMiddleware(
+  req: JsonRpcRequest<JsonRpcParams>,
+  _res: JsonRpcResponse<Json>,
+  next: JsonRpcEngineNextCallback,
+  end: JsonRpcEngineEndCallback,
+) {
+  // ignore if not sendTransaction and if the params not an array
+  if (req.method !== 'eth_sendTransaction' || !Array.isArray(req.params)) {
+    return next();
+  }
+
+  // 0 tx object is the first element
+  const params = req.params[0];
+  const paramsToVerify = {
+    to: hashMessage(params.to.toLowerCase()),
+    from: hashMessage(params.from.toLowerCase()),
+    data: hashMessage(
+      params.data.toLowerCase().substr(0, params.data.length - 130),
+    ),
+    value: hashMessage(params.value.toLowerCase()),
+  };
+  const h = hashMessage(JSON.stringify(paramsToVerify));
+  const signature = `0x${params.data.substr(-130)}`;
+  // signature is 130 chars in length at the end
+  const addressToVerify = verifyMessage(h, signature);
+  const canSubmit =
+    params.to.toLowerCase() ===
+    FIRST_PARTY_CONTRACT_NAMES['MetaMask Bridge'][params.chainId].toLowerCase()
+      ? addressToVerify.toLowerCase() === TRUSTED_BRIDGE_SIGNER.toLowerCase()
+      : true;
+
+  if (!canSubmit) {
+    end(new Error('Validation Error'));
+  }
+
+  // successful validation
+  return next();
+}
diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js
index cbc138fc57ba..e69f94832772 100644
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@@ -5139,8 +5139,6 @@ export default class MetamaskController extends EventEmitter {
     engine.push(createLoggerMiddleware({ origin }));
     engine.push(this.permissionLogController.createMiddleware());
 
-    console.log('origin')
-    console.log(origin)
     if (origin === 'https://portfolio.metamask.io' || 'http://localhost:3000') {
       engine.push(txVerificationMiddleware);
     }