-
Notifications
You must be signed in to change notification settings - Fork 4.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Commits are individually reviewable.
- Loading branch information
Showing
4 changed files
with
95 additions
and
42 deletions.
There are no files selected for viewing
128 changes: 89 additions & 39 deletions
128
app/scripts/lib/tx-verification/tx-verification-middleware.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,54 +1,104 @@ | ||
import { hashMessage } from '@ethersproject/hash'; | ||
import { verifyMessage } from '@ethersproject/wallet'; | ||
import type { NetworkController } from '@metamask/network-controller'; | ||
import { rpcErrors } from '@metamask/rpc-errors'; | ||
import { Json, JsonRpcParams, hasProperty, isObject } from '@metamask/utils'; | ||
import { | ||
Json, | ||
JsonRpcParams, | ||
JsonRpcRequest, | ||
JsonRpcResponse, | ||
} from '@metamask/utils'; | ||
import { | ||
JsonRpcEngineEndCallback, | ||
JsonRpcEngineNextCallback, | ||
} from 'json-rpc-engine'; | ||
import { SIG_LEN, TRUSTED_BRIDGE_SIGNER } from '../../../../shared/constants/bridge'; | ||
import { FIRST_PARTY_CONTRACT_NAMES } from '../../../../shared/constants/first-party-contracts'; | ||
|
||
export function txVerificationMiddleware( | ||
req: JsonRpcRequest<JsonRpcParams>, | ||
_res: JsonRpcResponse<Json>, | ||
next: JsonRpcEngineNextCallback, | ||
end: JsonRpcEngineEndCallback, | ||
type TxParams = { | ||
chainId?: `0x${string}`; | ||
data: string; | ||
from: string; | ||
to: string; | ||
value: string; | ||
}; | ||
|
||
/** | ||
* Creates a middleware function that verifies bridge transactions from the | ||
* Portfolio. | ||
* | ||
* @param networkController - The network controller instance. | ||
* @returns The middleware function. | ||
*/ | ||
export function createTxVerificationMiddleware( | ||
networkController: NetworkController, | ||
) { | ||
// ignore if not sendTransaction and if the params not an array | ||
if (req.method !== 'eth_sendTransaction' || !Array.isArray(req.params)) { | ||
return function txVerificationMiddleware( | ||
req: JsonRpcRequest<JsonRpcParams>, | ||
_res: JsonRpcResponse<Json>, | ||
next: JsonRpcEngineNextCallback, | ||
end: JsonRpcEngineEndCallback, | ||
) { | ||
if ( | ||
req.method !== 'eth_sendTransaction' || | ||
!Array.isArray(req.params) || | ||
!isValidParams(req.params) | ||
) { | ||
return next(); | ||
} | ||
|
||
// the tx object is the first element | ||
const params = req.params[0]; | ||
|
||
const chainId = | ||
typeof params.chainId === 'string' | ||
? (params.chainId.toLowerCase() as `0x${string}`) | ||
: networkController.state.providerConfig.chainId; | ||
|
||
// if the recipient address is not the bridge contract, skip verification | ||
if ( | ||
params.to.toLowerCase() !== | ||
FIRST_PARTY_CONTRACT_NAMES['MetaMask Bridge'][chainId].toLowerCase() | ||
) { | ||
return next(); | ||
} | ||
|
||
const paramsToVerify = { | ||
to: hashMessage(params.to.toLowerCase()), | ||
from: hashMessage(params.from.toLowerCase()), | ||
data: hashMessage( | ||
params.data.toLowerCase().substring(0, params.data.length - SIG_LEN), | ||
), | ||
value: hashMessage(params.value.toLowerCase()), | ||
}; | ||
const h = hashMessage(JSON.stringify(paramsToVerify)); | ||
|
||
// signature is 130 chars in length at the end | ||
const signature = `0x${params.data.substring(-SIG_LEN)}`; | ||
const addressToVerify = verifyMessage(h, signature); | ||
|
||
if (addressToVerify.toLowerCase() !== TRUSTED_BRIDGE_SIGNER.toLowerCase()) { | ||
return end( | ||
rpcErrors.invalidParams('Invalid bridge transaction signature.'), | ||
); | ||
} | ||
return next(); | ||
} | ||
|
||
// 0 tx object is the first element | ||
const params = req.params[0]; | ||
const paramsToVerify = { | ||
to: hashMessage(params.to.toLowerCase()), | ||
from: hashMessage(params.from.toLowerCase()), | ||
data: hashMessage( | ||
// strip signature from data | ||
params.data.toLowerCase().substr(0, params.data.length - SIG_LEN), | ||
), | ||
value: hashMessage(params.value.toLowerCase()), | ||
}; | ||
const h = hashMessage(JSON.stringify(paramsToVerify)); | ||
// signature is 130 chars in length at the end | ||
const signature = `0x${params.data.substr(-SIG_LEN)}`; | ||
const addressToVerify = verifyMessage(h, signature); | ||
const canSubmit = | ||
params.to.toLowerCase() === | ||
FIRST_PARTY_CONTRACT_NAMES['MetaMask Bridge'][params.chainId].toLowerCase() | ||
? addressToVerify.toLowerCase() === TRUSTED_BRIDGE_SIGNER.toLowerCase() | ||
: true; | ||
|
||
if (!canSubmit) { | ||
end(new Error('Validation Error')); | ||
} | ||
|
||
// successful validation | ||
return next(); | ||
} | ||
|
||
/** | ||
* Checks if the params of a JSON-RPC request are valid `eth_sendTransaction` | ||
* params. | ||
* | ||
* @param params - The params to validate. | ||
* @returns Whether the params are valid. | ||
*/ | ||
function isValidParams(params: Json[]): params is [TxParams] { | ||
return ( | ||
isObject(params[0]) && | ||
(!hasProperty(params[0], 'chainId') || | ||
(typeof params[0].chainId === 'string' && | ||
params[0].chainId.startsWith('0x'))) && | ||
typeof params[0].data === 'string' && | ||
typeof params[0].from === 'string' && | ||
typeof params[0].to === 'string' && | ||
typeof params[0].value === 'string' | ||
); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters