mirror of
https://github.com/filecoin-project/lotus.git
synced 2025-08-24 01:08:42 +08:00
069ffce4ef
* feat: api: sanity check the "to" address of outgoing messages If the "to" address of an outgoing message is a _delegated_ address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating `0xff0000....` addresses into `f410f...` addresses instead of `f0...` addresses. * tests for invalid delegated addresses * fix lint --------- Co-authored-by: aarshkshah1992 <aarshkshah1992@gmail.com>
68 lines
1.7 KiB
Go
68 lines
1.7 KiB
Go
package full
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/filecoin-project/go-address"
|
|
"github.com/filecoin-project/go-state-types/crypto"
|
|
|
|
"github.com/filecoin-project/lotus/chain/types"
|
|
)
|
|
|
|
func TestSanityCheckOutgoingMessage(t *testing.T) {
|
|
// fails for invalid delegated address
|
|
badTo, err := address.NewFromString("f410f74aaaaaaaaaaaaaaaaaaaaaaaaac5sh2bf3lgta")
|
|
require.NoError(t, err)
|
|
msg := &types.Message{
|
|
To: badTo,
|
|
}
|
|
|
|
err = sanityCheckOutgoingMessage(msg)
|
|
require.Error(t, err)
|
|
require.Contains(t, err.Error(), "is a delegated address but not a valid Eth Address")
|
|
|
|
// works for valid delegated address
|
|
goodTo, err := address.NewFromString("f410faxfebiima2gp4lduo2k3vt2iuqapuk3logeftky")
|
|
require.NoError(t, err)
|
|
msg = &types.Message{
|
|
To: goodTo,
|
|
}
|
|
err = sanityCheckOutgoingMessage(msg)
|
|
require.NoError(t, err)
|
|
|
|
// works for valid non-delegated address
|
|
goodTo, err = address.NewFromString("f1z762skeib2v6zlkvhywmjxbv3dxoiv4hmb6gs4y")
|
|
require.NoError(t, err)
|
|
msg = &types.Message{
|
|
To: goodTo,
|
|
}
|
|
err = sanityCheckOutgoingMessage(msg)
|
|
require.NoError(t, err)
|
|
}
|
|
|
|
func TestMpoolPushInvalidDelegatedAddressFails(t *testing.T) {
|
|
badTo, err := address.NewFromString("f410f74aaaaaaaaaaaaaaaaaaaaaaaaac5sh2bf3lgta")
|
|
require.NoError(t, err)
|
|
module := &MpoolModule{}
|
|
m := &MpoolAPI{
|
|
MpoolModuleAPI: module,
|
|
}
|
|
smsg := &types.SignedMessage{
|
|
Message: types.Message{
|
|
From: badTo,
|
|
To: badTo,
|
|
},
|
|
Signature: crypto.Signature{
|
|
Type: crypto.SigTypeSecp256k1,
|
|
Data: []byte("signature"),
|
|
},
|
|
}
|
|
_, err = m.MpoolPush(context.Background(), smsg)
|
|
require.Error(t, err)
|
|
|
|
require.Contains(t, err.Error(), "is a delegated address but not a valid Eth Address")
|
|
}
|