Merge pull request #4414 from scsaba/recipient-blacklist
Disallow sending to ganache default accounts on main netfeature/default_network_editable
commit
d30f03dcbf
@ -0,0 +1,24 @@ |
||||
const Config = require('./recipient-blacklist-config.json') |
||||
|
||||
/** @module*/ |
||||
module.exports = { |
||||
checkAccount, |
||||
} |
||||
|
||||
/** |
||||
* Checks if a specified account on a specified network is blacklisted. |
||||
@param networkId {number} |
||||
@param account {string} |
||||
*/ |
||||
function checkAccount (networkId, account) { |
||||
|
||||
const mainnetId = 1 |
||||
if (networkId !== mainnetId) { |
||||
return |
||||
} |
||||
|
||||
const accountToCheck = account.toLowerCase() |
||||
if (Config.blacklist.includes(accountToCheck)) { |
||||
throw new Error('Recipient is a public account') |
||||
} |
||||
} |
@ -0,0 +1,14 @@ |
||||
{ |
||||
"blacklist": [ |
||||
"0x627306090abab3a6e1400e9345bc60c78a8bef57", |
||||
"0xf17f52151ebef6c7334fad080c5704d77216b732", |
||||
"0xc5fdf4076b8f3a5357c5e395ab970b5b54098fef", |
||||
"0x821aea9a577a9b44299b9c15c88cf3087f3b5544", |
||||
"0x0d1d4e623d10f9fba5db95830f7d3839406c6af2", |
||||
"0x2932b7a2355d6fecc4b5c0b6bd44cc31df247a2e", |
||||
"0x2191ef87e392377ec08e7c08eb105ef5448eced5", |
||||
"0x0f4f2ac550a1b4e2280d04c21cea7ebd822934b5", |
||||
"0x6330a553fc93768f612722bb8c2ec78ac90b3bbc", |
||||
"0x5aeda56215b167893e80b4fe645ba6d5bab767de" |
||||
] |
||||
} |
@ -0,0 +1,77 @@ |
||||
const assert = require('assert') |
||||
const recipientBlackListChecker = require('../../../../../app/scripts/controllers/transactions/lib/recipient-blacklist-checker') |
||||
const { |
||||
ROPSTEN_CODE, |
||||
RINKEYBY_CODE, |
||||
KOVAN_CODE, |
||||
} = require('../../../../../app/scripts/controllers/network/enums') |
||||
|
||||
const KeyringController = require('eth-keyring-controller') |
||||
|
||||
describe('Recipient Blacklist Checker', function () { |
||||
|
||||
let publicAccounts |
||||
|
||||
before(async function () { |
||||
const damnedMnemonic = 'candy maple cake sugar pudding cream honey rich smooth crumble sweet treat' |
||||
const keyringController = new KeyringController({}) |
||||
const Keyring = keyringController.getKeyringClassForType('HD Key Tree') |
||||
const opts = { |
||||
mnemonic: damnedMnemonic, |
||||
numberOfAccounts: 10, |
||||
} |
||||
const keyring = new Keyring(opts) |
||||
publicAccounts = await keyring.getAccounts() |
||||
}) |
||||
|
||||
describe('#checkAccount', function () { |
||||
it('does not fail on test networks', function () { |
||||
let callCount = 0 |
||||
const networks = [ROPSTEN_CODE, RINKEYBY_CODE, KOVAN_CODE] |
||||
for (let networkId in networks) { |
||||
publicAccounts.forEach((account) => { |
||||
recipientBlackListChecker.checkAccount(networkId, account) |
||||
callCount++ |
||||
}) |
||||
} |
||||
assert.equal(callCount, 30) |
||||
}) |
||||
|
||||
it('fails on mainnet', function () { |
||||
const mainnetId = 1 |
||||
let callCount = 0 |
||||
publicAccounts.forEach((account) => { |
||||
try { |
||||
recipientBlackListChecker.checkAccount(mainnetId, account) |
||||
assert.fail('function should have thrown an error') |
||||
} catch (err) { |
||||
assert.equal(err.message, 'Recipient is a public account') |
||||
} |
||||
callCount++ |
||||
}) |
||||
assert.equal(callCount, 10) |
||||
}) |
||||
|
||||
it('fails for public account - uppercase', function () { |
||||
const mainnetId = 1 |
||||
const publicAccount = '0X0D1D4E623D10F9FBA5DB95830F7D3839406C6AF2' |
||||
try { |
||||
recipientBlackListChecker.checkAccount(mainnetId, publicAccount) |
||||
assert.fail('function should have thrown an error') |
||||
} catch (err) { |
||||
assert.equal(err.message, 'Recipient is a public account') |
||||
} |
||||
})
|
||||
|
||||
it('fails for public account - lowercase', async function () { |
||||
const mainnetId = 1 |
||||
const publicAccount = '0x0d1d4e623d10f9fba5db95830f7d3839406c6af2' |
||||
try { |
||||
await recipientBlackListChecker.checkAccount(mainnetId, publicAccount) |
||||
assert.fail('function should have thrown an error') |
||||
} catch (err) { |
||||
assert.equal(err.message, 'Recipient is a public account') |
||||
} |
||||
})
|
||||
}) |
||||
}) |
Loading…
Reference in new issue