diff --git a/app/scripts/controllers/blacklist.js b/app/scripts/controllers/blacklist.js index 11e26d5b2..7e01fa386 100644 --- a/app/scripts/controllers/blacklist.js +++ b/app/scripts/controllers/blacklist.js @@ -1,13 +1,9 @@ const ObservableStore = require('obs-store') const extend = require('xtend') -const communityBlacklistedDomains = require('etheraddresslookup/blacklists/domains.json') -const communityWhitelistedDomains = require('etheraddresslookup/whitelists/domains.json') -const checkForPhishing = require('../lib/is-phish') +const PhishingDetector = require('eth-phishing-detect/src/detector') // compute phishing lists -const PHISHING_BLACKLIST = communityBlacklistedDomains.concat(['metamask.com']) -const PHISHING_WHITELIST = communityWhitelistedDomains.concat(['metamask.io', 'www.metamask.io']) -const PHISHING_FUZZYLIST = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask'] +const PHISHING_DETECTION_CONFIG = require('eth-phishing-detect/src/config.json') // every ten minutes const POLLING_INTERVAL = 10 * 60 * 1000 @@ -15,9 +11,12 @@ class BlacklistController { constructor (opts = {}) { const initState = extend({ - phishing: PHISHING_BLACKLIST, + phishing: PHISHING_DETECTION_CONFIG, }, opts.initState) this.store = new ObservableStore(initState) + // phishing detector + this._phishingDetector = null + this._setupPhishingDetector(initState.phishing) // polling references this._phishingUpdateIntervalRef = null } @@ -28,14 +27,15 @@ class BlacklistController { checkForPhishing (hostname) { if (!hostname) return false - const { blacklist } = this.store.getState() - return checkForPhishing({ hostname, blacklist, whitelist: PHISHING_WHITELIST, fuzzylist: PHISHING_FUZZYLIST }) + const { result } = this._phishingDetector.check(hostname) + return result } async updatePhishingList () { - const response = await fetch('https://api.infura.io/v1/blacklist') + const response = await fetch('https://api.infura.io/v2/blacklist') const phishing = await response.json() this.store.updateState({ phishing }) + this._setupPhishingDetector(phishing) return phishing } @@ -45,6 +45,14 @@ class BlacklistController { this.updatePhishingList() }, POLLING_INTERVAL) } + + // + // PRIVATE METHODS + // + + _setupPhishingDetector (config) { + this._phishingDetector = new PhishingDetector(config) + } } module.exports = BlacklistController diff --git a/app/scripts/lib/is-phish.js b/app/scripts/lib/is-phish.js deleted file mode 100644 index ce51c353d..000000000 --- a/app/scripts/lib/is-phish.js +++ /dev/null @@ -1,23 +0,0 @@ -const levenshtein = require('fast-levenshtein') -const LEVENSHTEIN_TOLERANCE = 4 - -// credit to @sogoiii and @409H for their help! -// Return a boolean on whether or not a phish is detected. -function isPhish({ hostname, blacklist, whitelist, fuzzylist }) { - - // check if the domain is part of the whitelist. - if (whitelist && whitelist.includes(hostname)) return false - - // check if the domain is part of the blacklist. - if (blacklist && blacklist.includes(hostname)) return true - - // check for similar values. - const levenshteinForm = hostname.replace(/\./g, '') - const levenshteinMatched = fuzzylist.some((element) => { - return levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE - }) - - return levenshteinMatched -} - -module.exports = isPhish diff --git a/package.json b/package.json index a086af29d..a85da614c 100644 --- a/package.json +++ b/package.json @@ -7,7 +7,7 @@ "start": "npm run dev", "dev": "gulp dev --debug", "disc": "gulp disc --debug", - "clear": "rm -rf node_modules/eth-contract-metadata && rm -rf node_modules/etheraddresslookup", + "clear": "rm -rf node_modules/eth-contract-metadata && rm -rf node_modules/eth-phishing-detect", "dist": "npm run clear && npm install && gulp dist", "test": "npm run lint && npm run test-unit && npm run test-integration", "test-unit": "METAMASK_ENV=test mocha --require test/helper.js --recursive \"test/unit/**/*.js\"", @@ -68,11 +68,11 @@ "eth-bin-to-ops": "^1.0.1", "eth-contract-metadata": "^1.1.4", "eth-hd-keyring": "^1.1.1", + "eth-phishing-detect": "^1.0.2", "eth-query": "^2.1.2", "eth-sig-util": "^1.2.2", "eth-simple-keyring": "^1.1.1", "eth-token-tracker": "^1.1.2", - "etheraddresslookup": "github:409H/EtherAddressLookup", "ethereumjs-tx": "^1.3.0", "ethereumjs-util": "ethereumjs/ethereumjs-util#ac5d0908536b447083ea422b435da27f26615de9", "ethereumjs-wallet": "^0.6.0",