From 8c6f01b91094564df59d6d95b6f43b811e711824 Mon Sep 17 00:00:00 2001 From: kumavis Date: Wed, 2 Aug 2017 15:54:59 -0700 Subject: [PATCH] blacklist controller - breakout from metamask and infura controllers --- app/scripts/controllers/blacklist.js | 50 ++++++++++++++++++++++++++ app/scripts/controllers/infura.js | 16 +-------- app/scripts/lib/is-phish.js | 29 ++++----------- app/scripts/metamask-controller.js | 19 +++++----- test/unit/blacklist-controller-test.js | 41 +++++++++++++++++++++ test/unit/phishing-detection-test.js | 36 ------------------- 6 files changed, 108 insertions(+), 83 deletions(-) create mode 100644 app/scripts/controllers/blacklist.js create mode 100644 test/unit/blacklist-controller-test.js delete mode 100644 test/unit/phishing-detection-test.js diff --git a/app/scripts/controllers/blacklist.js b/app/scripts/controllers/blacklist.js new file mode 100644 index 000000000..11e26d5b2 --- /dev/null +++ b/app/scripts/controllers/blacklist.js @@ -0,0 +1,50 @@ +const ObservableStore = require('obs-store') +const extend = require('xtend') +const communityBlacklistedDomains = require('etheraddresslookup/blacklists/domains.json') +const communityWhitelistedDomains = require('etheraddresslookup/whitelists/domains.json') +const checkForPhishing = require('../lib/is-phish') + +// compute phishing lists +const PHISHING_BLACKLIST = communityBlacklistedDomains.concat(['metamask.com']) +const PHISHING_WHITELIST = communityWhitelistedDomains.concat(['metamask.io', 'www.metamask.io']) +const PHISHING_FUZZYLIST = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask'] +// every ten minutes +const POLLING_INTERVAL = 10 * 60 * 1000 + +class BlacklistController { + + constructor (opts = {}) { + const initState = extend({ + phishing: PHISHING_BLACKLIST, + }, opts.initState) + this.store = new ObservableStore(initState) + // polling references + this._phishingUpdateIntervalRef = null + } + + // + // PUBLIC METHODS + // + + checkForPhishing (hostname) { + if (!hostname) return false + const { blacklist } = this.store.getState() + return checkForPhishing({ hostname, blacklist, whitelist: PHISHING_WHITELIST, fuzzylist: PHISHING_FUZZYLIST }) + } + + async updatePhishingList () { + const response = await fetch('https://api.infura.io/v1/blacklist') + const phishing = await response.json() + this.store.updateState({ phishing }) + return phishing + } + + scheduleUpdates () { + if (this._phishingUpdateIntervalRef) return + this._phishingUpdateIntervalRef = setInterval(() => { + this.updatePhishingList() + }, POLLING_INTERVAL) + } +} + +module.exports = BlacklistController diff --git a/app/scripts/controllers/infura.js b/app/scripts/controllers/infura.js index 97b2ab7e3..10adb1004 100644 --- a/app/scripts/controllers/infura.js +++ b/app/scripts/controllers/infura.js @@ -1,16 +1,14 @@ const ObservableStore = require('obs-store') const extend = require('xtend') -const recentBlacklist = require('etheraddresslookup/blacklists/domains.json') // every ten minutes -const POLLING_INTERVAL = 300000 +const POLLING_INTERVAL = 10 * 60 * 1000 class InfuraController { constructor (opts = {}) { const initState = extend({ infuraNetworkStatus: {}, - blacklist: recentBlacklist, }, opts.initState) this.store = new ObservableStore(initState) } @@ -32,24 +30,12 @@ class InfuraController { }) } - updateLocalBlacklist () { - return fetch('https://api.infura.io/v1/blacklist') - .then(response => response.json()) - .then((parsedResponse) => { - this.store.updateState({ - blacklist: parsedResponse, - }) - return parsedResponse - }) - } - scheduleInfuraNetworkCheck () { if (this.conversionInterval) { clearInterval(this.conversionInterval) } this.conversionInterval = setInterval(() => { this.checkInfuraNetworkStatus() - this.updateLocalBlacklist() }, POLLING_INTERVAL) } } diff --git a/app/scripts/lib/is-phish.js b/app/scripts/lib/is-phish.js index 21c68b0d6..ce51c353d 100644 --- a/app/scripts/lib/is-phish.js +++ b/app/scripts/lib/is-phish.js @@ -1,38 +1,23 @@ const levenshtein = require('fast-levenshtein') -const blacklistedMetaMaskDomains = ['metamask.com'] -let blacklistedDomains = require('etheraddresslookup/blacklists/domains.json').concat(blacklistedMetaMaskDomains) -const whitelistedMetaMaskDomains = ['metamask.io', 'www.metamask.io'] -const whitelistedDomains = require('etheraddresslookup/whitelists/domains.json').concat(whitelistedMetaMaskDomains) const LEVENSHTEIN_TOLERANCE = 4 -const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask'] - // credit to @sogoiii and @409H for their help! // Return a boolean on whether or not a phish is detected. -function isPhish({ hostname, blacklist }) { - var strCurrentTab = hostname +function isPhish({ hostname, blacklist, whitelist, fuzzylist }) { // check if the domain is part of the whitelist. - if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false } - - // Allow updating of blacklist: - if (blacklist) { - blacklistedDomains = blacklistedDomains.concat(blacklist) - } + if (whitelist && whitelist.includes(hostname)) return false // check if the domain is part of the blacklist. - const isBlacklisted = blacklistedDomains && blacklistedDomains.includes(strCurrentTab) + if (blacklist && blacklist.includes(hostname)) return true // check for similar values. - let levenshteinMatched = false - var levenshteinForm = strCurrentTab.replace(/\./g, '') - LEVENSHTEIN_CHECKS.forEach((element) => { - if (levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE) { - levenshteinMatched = true - } + const levenshteinForm = hostname.replace(/\./g, '') + const levenshteinMatched = fuzzylist.some((element) => { + return levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE }) - return isBlacklisted || levenshteinMatched + return levenshteinMatched } module.exports = isPhish diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index 28c35a13d..6d6cb85ab 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -16,6 +16,7 @@ const NoticeController = require('./notice-controller') const ShapeShiftController = require('./controllers/shapeshift') const AddressBookController = require('./controllers/address-book') const InfuraController = require('./controllers/infura') +const BlacklistController = require('./controllers/blacklist') const MessageManager = require('./lib/message-manager') const PersonalMessageManager = require('./lib/personal-message-manager') const TransactionController = require('./controllers/transactions') @@ -23,7 +24,6 @@ const ConfigManager = require('./lib/config-manager') const nodeify = require('./lib/nodeify') const accountImporter = require('./account-import-strategies') const getBuyEthUrl = require('./lib/buy-eth-url') -const checkForPhishing = require('./lib/is-phish') const debounce = require('debounce') const version = require('../manifest.json').version @@ -70,6 +70,10 @@ module.exports = class MetamaskController extends EventEmitter { }) this.infuraController.scheduleInfuraNetworkCheck() + this.blacklistController = new BlacklistController({ + initState: initState.BlacklistController, + }) + this.blacklistController.scheduleUpdates() // rpc provider this.provider = this.initializeProvider() @@ -152,6 +156,9 @@ module.exports = class MetamaskController extends EventEmitter { this.networkController.store.subscribe((state) => { this.store.updateState({ NetworkController: state }) }) + this.blacklistController.store.subscribe((state) => { + this.store.updateState({ BlacklistController: state }) + }) this.infuraController.store.subscribe((state) => { this.store.updateState({ InfuraController: state }) }) @@ -328,7 +335,7 @@ module.exports = class MetamaskController extends EventEmitter { setupUntrustedCommunication (connectionStream, originDomain) { // Check if new connection is blacklisted - if (this.isHostBlacklisted(originDomain)) { + if (this.blacklistController.checkForPhishing(originDomain)) { console.log('MetaMask - sending phishing warning for', originDomain) this.sendPhishingWarning(connectionStream, originDomain) return @@ -349,17 +356,9 @@ module.exports = class MetamaskController extends EventEmitter { this.setupProviderConnection(mx.createStream('provider'), originDomain) } - // Check if a domain is on our blacklist - isHostBlacklisted (hostname) { - if (!hostname) return false - const { blacklist } = this.getState().blacklist - return checkForPhishing({ blacklist, hostname }) - } - sendPhishingWarning (connectionStream, hostname) { const mx = setupMultiplex(connectionStream) const phishingStream = mx.createStream('phishing') - // phishingStream.write(true) phishingStream.write({ hostname }) } diff --git a/test/unit/blacklist-controller-test.js b/test/unit/blacklist-controller-test.js new file mode 100644 index 000000000..a9260466f --- /dev/null +++ b/test/unit/blacklist-controller-test.js @@ -0,0 +1,41 @@ +const assert = require('assert') +const BlacklistController = require('../../app/scripts/controllers/blacklist') + +describe('blacklist controller', function () { + let blacklistController + + before(() => { + blacklistController = new BlacklistController() + }) + + describe('checkForPhishing', function () { + it('should not flag whitelisted values', function () { + const result = blacklistController.checkForPhishing('www.metamask.io') + assert.equal(result, false) + }) + it('should flag explicit values', function () { + const result = blacklistController.checkForPhishing('metamask.com') + assert.equal(result, true) + }) + it('should flag levenshtein values', function () { + const result = blacklistController.checkForPhishing('metmask.io') + assert.equal(result, true) + }) + it('should not flag not-even-close values', function () { + const result = blacklistController.checkForPhishing('example.com') + assert.equal(result, false) + }) + it('should not flag the ropsten faucet domains', function () { + const result = blacklistController.checkForPhishing('faucet.metamask.io') + assert.equal(result, false) + }) + it('should not flag the mascara domain', function () { + const result = blacklistController.checkForPhishing('zero.metamask.io') + assert.equal(result, false) + }) + it('should not flag the mascara-faucet domain', function () { + const result = blacklistController.checkForPhishing('zero-faucet.metamask.io') + assert.equal(result, false) + }) + }) +}) \ No newline at end of file diff --git a/test/unit/phishing-detection-test.js b/test/unit/phishing-detection-test.js deleted file mode 100644 index affcb16c2..000000000 --- a/test/unit/phishing-detection-test.js +++ /dev/null @@ -1,36 +0,0 @@ -const assert = require('assert') -const isPhish = require('../../app/scripts/lib/is-phish') - -describe('phishing detection test', function () { - describe('#isPhish', function () { - it('should not flag whitelisted values', function () { - var result = isPhish({ hostname: 'www.metamask.io' }) - assert.equal(result, false) - }) - it('should flag explicit values', function () { - var result = isPhish({ hostname: 'metamask.com' }) - assert.equal(result, true) - }) - it('should flag levenshtein values', function () { - var result = isPhish({ hostname: 'metmask.io' }) - assert.equal(result, true) - }) - it('should not flag not-even-close values', function () { - var result = isPhish({ hostname: 'example.com' }) - assert.equal(result, false) - }) - it('should not flag the ropsten faucet domains', function () { - var result = isPhish({ hostname: 'faucet.metamask.io' }) - assert.equal(result, false) - }) - it('should not flag the mascara domain', function () { - var result = isPhish({ hostname: 'zero.metamask.io' }) - assert.equal(result, false) - }) - it('should not flag the mascara-faucet domain', function () { - var result = isPhish({ hostname: 'zero-faucet.metamask.io' }) - assert.equal(result, false) - }) - }) -}) -