crowetic/protocol
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check isETHAddressHex before lowercase

Browse Source 
Flip the check so assertion happens before lowercase
This commit is contained in:
Jacob Evans
2018-02-23 10:36:16 -08:00
parent f689d335c0
commit eabe96fd19
9 changed files with 60 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/0x.js/CHANGELOG.md
View File

@@ -1,5 +1,9 @@
# CHANGELOG
## v0.33.x - TBD
* Validate and lowercase all addresses in public methods (#373)
## v0.32.2 - _February 9, 2018_
* Fix publishing issue where .npmignore was not properly excluding undesired content (#389)

7
packages/0x.js/src/0x.ts
View File

@@ -71,10 +71,10 @@ export class ZeroEx {
* @return Whether the signature is valid for the supplied signerAddress and data.
*/
public static isValidSignature(data: string, signature: ECSignature, signerAddress: string): boolean {
const normalizedSignerAddress = signerAddress.toLowerCase();
assert.isHexString('data', data);
assert.doesConformToSchema('signature', signature, schemas.ecSignatureSchema);
assert.isETHAddressHex('signerAddress', normalizedSignerAddress);
assert.isETHAddressHex('signerAddress', signerAddress);
const normalizedSignerAddress = signerAddress.toLowerCase();
const isValidSignature = signatureUtils.isValidSignature(data, signature, normalizedSignerAddress);
return isValidSignature;
@@ -245,9 +245,8 @@ export class ZeroEx {
shouldAddPersonalMessagePrefix: boolean,
): Promise<ECSignature> {
assert.isHexString('orderHash', orderHash);
await assert.isSenderAddressAsync('signerAddress', signerAddress, this._web3Wrapper);
const normalizedSignerAddress = signerAddress.toLowerCase();
assert.isETHAddressHex('signerAddress', normalizedSignerAddress);
await assert.isSenderAddressAsync('signerAddress', normalizedSignerAddress, this._web3Wrapper);
let msgHashHex = orderHash;
if (shouldAddPersonalMessagePrefix) {

20
packages/0x.js/src/contract_wrappers/ether_token_wrapper.ts
View File

@@ -41,12 +41,11 @@ export class EtherTokenWrapper extends ContractWrapper {
depositor: string,
txOpts: TransactionOpts = {},
): Promise<string> {
const normalizedDepositorAddress = depositor.toLowerCase();
const normalizedEtherTokenAddress = etherTokenAddress.toLowerCase();
assert.isETHAddressHex('depositor', normalizedDepositorAddress);
assert.isETHAddressHex('etherTokenAddress', normalizedEtherTokenAddress);
assert.isETHAddressHex('etherTokenAddress', etherTokenAddress);
assert.isValidBaseUnitAmount('amountInWei', amountInWei);
await assert.isSenderAddressAsync('depositor', normalizedDepositorAddress, this._web3Wrapper);
await assert.isSenderAddressAsync('depositor', depositor, this._web3Wrapper);
const normalizedEtherTokenAddress = etherTokenAddress.toLowerCase();
const normalizedDepositorAddress = depositor.toLowerCase();
const ethBalanceInWei = await this._web3Wrapper.getBalanceInWeiAsync(normalizedDepositorAddress);
assert.assert(ethBalanceInWei.gte(amountInWei), ZeroExError.InsufficientEthBalanceForDeposit);
@@ -75,12 +74,11 @@ export class EtherTokenWrapper extends ContractWrapper {
withdrawer: string,
txOpts: TransactionOpts = {},
): Promise<string> {
assert.isValidBaseUnitAmount('amountInWei', amountInWei);
assert.isETHAddressHex('etherTokenAddress', etherTokenAddress);
await assert.isSenderAddressAsync('withdrawer', withdrawer, this._web3Wrapper);
const normalizedEtherTokenAddress = etherTokenAddress.toLowerCase();
const normalizedWithdrawerAddress = withdrawer.toLowerCase();
assert.isETHAddressHex('withdrawer', normalizedWithdrawerAddress);
assert.isETHAddressHex('etherTokenAddress', normalizedEtherTokenAddress);
assert.isValidBaseUnitAmount('amountInWei', amountInWei);
await assert.isSenderAddressAsync('withdrawer', normalizedWithdrawerAddress, this._web3Wrapper);
const WETHBalanceInBaseUnits = await this._tokenWrapper.getBalanceAsync(
normalizedEtherTokenAddress,
@@ -111,8 +109,8 @@ export class EtherTokenWrapper extends ContractWrapper {
blockRange: BlockRange,
indexFilterValues: IndexedFilterValues,
): Promise<Array<LogWithDecodedArgs<ArgsType>>> {
assert.isETHAddressHex('etherTokenAddress', etherTokenAddress);
const normalizedEtherTokenAddress = etherTokenAddress.toLowerCase();
assert.isETHAddressHex('etherTokenAddress', normalizedEtherTokenAddress);
assert.doesBelongToStringEnum('eventName', eventName, EtherTokenEvents);
assert.doesConformToSchema('blockRange', blockRange, schemas.blockRangeSchema);
assert.doesConformToSchema('indexFilterValues', indexFilterValues, schemas.indexFilterValuesSchema);
@@ -140,8 +138,8 @@ export class EtherTokenWrapper extends ContractWrapper {
indexFilterValues: IndexedFilterValues,
callback: EventCallback<ArgsType>,
): string {
assert.isETHAddressHex('etherTokenAddress', etherTokenAddress);
const normalizedEtherTokenAddress = etherTokenAddress.toLowerCase();
assert.isETHAddressHex('etherTokenAddress', normalizedEtherTokenAddress);
assert.doesBelongToStringEnum('eventName', eventName, EtherTokenEvents);
assert.doesConformToSchema('indexFilterValues', indexFilterValues, schemas.indexFilterValuesSchema);
assert.isFunction('callback', callback);

28
packages/0x.js/src/contract_wrappers/exchange_wrapper.ts
View File

@@ -179,9 +179,8 @@ export class ExchangeWrapper extends ContractWrapper {
assert.doesConformToSchema('signedOrder', signedOrder, schemas.signedOrderSchema);
assert.isValidBaseUnitAmount('fillTakerTokenAmount', fillTakerTokenAmount);
assert.isBoolean('shouldThrowOnInsufficientBalanceOrAllowance', shouldThrowOnInsufficientBalanceOrAllowance);
await assert.isSenderAddressAsync('takerAddress', takerAddress, this._web3Wrapper);
const normalizedTakerAddress = takerAddress.toLowerCase();
assert.isETHAddressHex('takerAddress', normalizedTakerAddress);
await assert.isSenderAddressAsync('takerAddress', normalizedTakerAddress, this._web3Wrapper);
const exchangeInstance = await this._getExchangeContractAsync();
const shouldValidate = _.isUndefined(orderTransactionOpts.shouldValidate)
@@ -255,9 +254,8 @@ export class ExchangeWrapper extends ContractWrapper {
);
assert.isValidBaseUnitAmount('fillTakerTokenAmount', fillTakerTokenAmount);
assert.isBoolean('shouldThrowOnInsufficientBalanceOrAllowance', shouldThrowOnInsufficientBalanceOrAllowance);
await assert.isSenderAddressAsync('takerAddress', takerAddress, this._web3Wrapper);
const normalizedTakerAddress = takerAddress.toLowerCase();
assert.isETHAddressHex('takerAddress', normalizedTakerAddress);
await assert.isSenderAddressAsync('takerAddress', normalizedTakerAddress, this._web3Wrapper);
const shouldValidate = _.isUndefined(orderTransactionOpts.shouldValidate)
? SHOULD_VALIDATE_BY_DEFAULT
@@ -348,9 +346,8 @@ export class ExchangeWrapper extends ContractWrapper {
ExchangeContractErrs.BatchOrdersMustHaveSameExchangeAddress,
);
assert.isBoolean('shouldThrowOnInsufficientBalanceOrAllowance', shouldThrowOnInsufficientBalanceOrAllowance);
await assert.isSenderAddressAsync('takerAddress', takerAddress, this._web3Wrapper);
const normalizedTakerAddress = takerAddress.toLowerCase();
assert.isETHAddressHex('takerAddress', normalizedTakerAddress);
await assert.isSenderAddressAsync('takerAddress', normalizedTakerAddress, this._web3Wrapper);
const shouldValidate = _.isUndefined(orderTransactionOpts.shouldValidate)
? SHOULD_VALIDATE_BY_DEFAULT
: orderTransactionOpts.shouldValidate;
@@ -422,9 +419,8 @@ export class ExchangeWrapper extends ContractWrapper {
): Promise<string> {
assert.doesConformToSchema('signedOrder', signedOrder, schemas.signedOrderSchema);
assert.isValidBaseUnitAmount('fillTakerTokenAmount', fillTakerTokenAmount);
await assert.isSenderAddressAsync('takerAddress', takerAddress, this._web3Wrapper);
const normalizedTakerAddress = takerAddress.toLowerCase();
assert.isETHAddressHex('takerAddress', normalizedTakerAddress);
await assert.isSenderAddressAsync('takerAddress', normalizedTakerAddress, this._web3Wrapper);
const exchangeInstance = await this._getExchangeContractAsync();
@@ -483,9 +479,8 @@ export class ExchangeWrapper extends ContractWrapper {
exchangeContractAddresses,
ExchangeContractErrs.BatchOrdersMustHaveSameExchangeAddress,
);
await assert.isSenderAddressAsync('takerAddress', takerAddress, this._web3Wrapper);
const normalizedTakerAddress = takerAddress.toLowerCase();
assert.isETHAddressHex('takerAddress', normalizedTakerAddress);
await assert.isSenderAddressAsync('takerAddress', normalizedTakerAddress, this._web3Wrapper);
if (_.isEmpty(orderFillRequests)) {
throw new Error(ExchangeContractErrs.BatchOrdersMustHaveAtLeastOneItem);
}
@@ -555,7 +550,6 @@ export class ExchangeWrapper extends ContractWrapper {
assert.isValidBaseUnitAmount('takerTokenCancelAmount', cancelTakerTokenAmount);
await assert.isSenderAddressAsync('order.maker', order.maker, this._web3Wrapper);
const normalizedMakerAddress = order.maker.toLowerCase();
assert.isETHAddressHex('order.maker', normalizedMakerAddress);
const exchangeInstance = await this._getExchangeContractAsync();
@@ -614,9 +608,8 @@ export class ExchangeWrapper extends ContractWrapper {
const makers = _.map(orderCancellationRequests, cancellationRequest => cancellationRequest.order.maker);
assert.hasAtMostOneUniqueValue(makers, ExchangeContractErrs.MultipleMakersInSingleCancelBatchDisallowed);
const maker = makers[0];
await assert.isSenderAddressAsync('maker', maker, this._web3Wrapper);
const normalizedMakerAddress = maker.toLowerCase();
assert.isETHAddressHex('maker', normalizedMakerAddress);
await assert.isSenderAddressAsync('maker', normalizedMakerAddress, this._web3Wrapper);
const shouldValidate = _.isUndefined(orderTransactionOpts.shouldValidate)
? SHOULD_VALIDATE_BY_DEFAULT
@@ -771,9 +764,8 @@ export class ExchangeWrapper extends ContractWrapper {
): Promise<void> {
assert.doesConformToSchema('signedOrder', signedOrder, schemas.signedOrderSchema);
assert.isValidBaseUnitAmount('fillTakerTokenAmount', fillTakerTokenAmount);
await assert.isSenderAddressAsync('takerAddress', takerAddress, this._web3Wrapper);
const normalizedTakerAddress = takerAddress.toLowerCase();
assert.isETHAddressHex('takerAddress', normalizedTakerAddress);
await assert.isSenderAddressAsync('takerAddress', normalizedTakerAddress, this._web3Wrapper);
const zrxTokenAddress = this.getZRXTokenAddress();
const exchangeTradeEmulator = new ExchangeTransferSimulator(this._tokenWrapper, BlockParamLiteral.Latest);
await this._orderValidationUtils.validateFillOrderThrowIfInvalidAsync(
@@ -819,9 +811,8 @@ export class ExchangeWrapper extends ContractWrapper {
): Promise<void> {
assert.doesConformToSchema('signedOrder', signedOrder, schemas.signedOrderSchema);
assert.isValidBaseUnitAmount('fillTakerTokenAmount', fillTakerTokenAmount);
await assert.isSenderAddressAsync('takerAddress', takerAddress, this._web3Wrapper);
const normalizedTakerAddress = takerAddress.toLowerCase();
assert.isETHAddressHex('takerAddress', normalizedTakerAddress);
await assert.isSenderAddressAsync('takerAddress', normalizedTakerAddress, this._web3Wrapper);
const zrxTokenAddress = this.getZRXTokenAddress();
const exchangeTradeEmulator = new ExchangeTransferSimulator(this._tokenWrapper, BlockParamLiteral.Latest);
await this._orderValidationUtils.validateFillOrKillOrderThrowIfInvalidAsync(
@@ -892,11 +883,12 @@ export class ExchangeWrapper extends ContractWrapper {
assert.isHexString('dataHex', dataHex);
assert.doesConformToSchema('ecSignature', ecSignature, schemas.ecSignatureSchema);
assert.isETHAddressHex('signerAddressHex', signerAddressHex);
const normalizedSignerAddress = signerAddressHex.toLowerCase();
const exchangeInstance = await this._getExchangeContractAsync();
const isValidSignature = await exchangeInstance.isValidSignature.callAsync(
signerAddressHex,
normalizedSignerAddress,
dataHex,
ecSignature.v,
ecSignature.r,

2
packages/0x.js/src/contract_wrappers/token_registry_wrapper.ts
View File

@@ -57,8 +57,8 @@ export class TokenRegistryWrapper extends ContractWrapper {
* @return An object that conforms to the Token interface or undefined if token not found.
*/
public async getTokenIfExistsAsync(address: string): Promise<Token | undefined> {
assert.isETHAddressHex('address', address);
const normalizedAddress = address.toLowerCase();
assert.isETHAddressHex('address', normalizedAddress);
const tokenRegistryContract = await this._getTokenRegistryContractAsync();
const metadata = await tokenRegistryContract.getTokenMetaData.callAsync(normalizedAddress);

2
packages/0x.js/src/contract_wrappers/token_transfer_proxy_wrapper.ts
View File

@@ -23,8 +23,8 @@ export class TokenTransferProxyWrapper extends ContractWrapper {
* @return Whether the exchangeContractAddress is authorized.
*/
public async isAuthorizedAsync(exchangeContractAddress: string): Promise<boolean> {
assert.isETHAddressHex('exchangeContractAddress', exchangeContractAddress);
const normalizedExchangeContractAddress = exchangeContractAddress.toLowerCase();
assert.isETHAddressHex('exchangeContractAddress', normalizedExchangeContractAddress);
const tokenTransferProxyContractInstance = await this._getTokenTransferProxyContractAsync();
const isAuthorized = await tokenTransferProxyContractInstance.authorized.callAsync(
normalizedExchangeContractAddress,

55
packages/0x.js/src/contract_wrappers/token_wrapper.ts
View File

@@ -44,10 +44,10 @@ export class TokenWrapper extends ContractWrapper {
ownerAddress: string,
methodOpts?: MethodOpts,
): Promise<BigNumber> {
assert.isETHAddressHex('ownerAddress', ownerAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedOwnerAddress = ownerAddress.toLowerCase();
assert.isETHAddressHex('ownerAddress', normalizedOwnerAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
const tokenContract = await this._getTokenContractAsync(normalizedTokenAddress);
const defaultBlock = _.isUndefined(methodOpts) ? undefined : methodOpts.defaultBlock;
@@ -74,12 +74,12 @@ export class TokenWrapper extends ContractWrapper {
amountInBaseUnits: BigNumber,
txOpts: TransactionOpts = {},
): Promise<string> {
assert.isETHAddressHex('spenderAddress', spenderAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
await assert.isSenderAddressAsync('ownerAddress', ownerAddress, this._web3Wrapper);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedOwnerAddress = ownerAddress.toLowerCase();
const normalizedSpenderAddress = spenderAddress.toLowerCase();
await assert.isSenderAddressAsync('ownerAddress', normalizedOwnerAddress, this._web3Wrapper);
assert.isETHAddressHex('spenderAddress', normalizedSpenderAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
const normalizedOwnerAddress = ownerAddress.toLowerCase();
assert.isValidBaseUnitAmount('amountInBaseUnits', amountInBaseUnits);
const tokenContract = await this._getTokenContractAsync(normalizedTokenAddress);
@@ -108,12 +108,12 @@ export class TokenWrapper extends ContractWrapper {
spenderAddress: string,
txOpts: TransactionOpts = {},
): Promise<string> {
assert.isETHAddressHex('ownerAddress', ownerAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
assert.isETHAddressHex('spenderAddress', spenderAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedOwnerAddress = ownerAddress.toLowerCase();
const normalizedSpenderAddress = spenderAddress.toLowerCase();
assert.isETHAddressHex('ownerAddress', normalizedOwnerAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
assert.isETHAddressHex('spenderAddress', normalizedSpenderAddress);
const txHash = await this.setAllowanceAsync(
normalizedTokenAddress,
normalizedOwnerAddress,
@@ -137,11 +137,12 @@ export class TokenWrapper extends ContractWrapper {
spenderAddress: string,
methodOpts?: MethodOpts,
): Promise<BigNumber> {
assert.isETHAddressHex('ownerAddress', ownerAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
assert.isETHAddressHex('spenderAddress', spenderAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedOwnerAddress = ownerAddress.toLowerCase();
const normalizedSpenderAddress = spenderAddress.toLowerCase();
assert.isETHAddressHex('ownerAddress', normalizedOwnerAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
const tokenContract = await this._getTokenContractAsync(normalizedTokenAddress);
const defaultBlock = _.isUndefined(methodOpts) ? undefined : methodOpts.defaultBlock;
@@ -165,10 +166,10 @@ export class TokenWrapper extends ContractWrapper {
ownerAddress: string,
methodOpts?: MethodOpts,
): Promise<BigNumber> {
assert.isETHAddressHex('ownerAddress', ownerAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedOwnerAddress = ownerAddress.toLowerCase();
assert.isETHAddressHex('ownerAddress', normalizedOwnerAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
const proxyAddress = this._tokenTransferProxyWrapper.getContractAddress();
const allowanceInBaseUnits = await this.getAllowanceAsync(
@@ -195,10 +196,10 @@ export class TokenWrapper extends ContractWrapper {
amountInBaseUnits: BigNumber,
txOpts: TransactionOpts = {},
): Promise<string> {
assert.isETHAddressHex('ownerAddress', ownerAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedOwnerAddress = ownerAddress.toLowerCase();
assert.isETHAddressHex('ownerAddress', normalizedOwnerAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
assert.isValidBaseUnitAmount('amountInBaseUnits', amountInBaseUnits);
const proxyAddress = this._tokenTransferProxyWrapper.getContractAddress();
@@ -227,10 +228,10 @@ export class TokenWrapper extends ContractWrapper {
ownerAddress: string,
txOpts: TransactionOpts = {},
): Promise<string> {
assert.isETHAddressHex('ownerAddress', ownerAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedOwnerAddress = ownerAddress.toLowerCase();
assert.isETHAddressHex('ownerAddress', normalizedOwnerAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
const txHash = await this.setProxyAllowanceAsync(
normalizedTokenAddress,
normalizedOwnerAddress,
@@ -255,13 +256,12 @@ export class TokenWrapper extends ContractWrapper {
amountInBaseUnits: BigNumber,
txOpts: TransactionOpts = {},
): Promise<string> {
assert.isETHAddressHex('tokenAddress', tokenAddress);
assert.isETHAddressHex('toAddress', toAddress);
await assert.isSenderAddressAsync('fromAddress', fromAddress, this._web3Wrapper);
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedFromAddress = fromAddress.toLowerCase();
const normalizedToAddress = toAddress.toLowerCase();
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
assert.isETHAddressHex('toAddress', toAddress);
assert.isETHAddressHex('fromAddress', normalizedFromAddress);
await assert.isSenderAddressAsync('fromAddress', normalizedFromAddress, this._web3Wrapper);
assert.isValidBaseUnitAmount('amountInBaseUnits', amountInBaseUnits);
const tokenContract = await this._getTokenContractAsync(normalizedTokenAddress);
@@ -300,15 +300,14 @@ export class TokenWrapper extends ContractWrapper {
amountInBaseUnits: BigNumber,
txOpts: TransactionOpts = {},
): Promise<string> {
assert.isETHAddressHex('toAddress', toAddress);
assert.isETHAddressHex('fromAddress', fromAddress);
assert.isETHAddressHex('tokenAddress', tokenAddress);
await assert.isSenderAddressAsync('senderAddress', senderAddress, this._web3Wrapper);
const normalizedToAddress = toAddress.toLowerCase();
const normalizedFromAddress = fromAddress.toLowerCase();
const normalizedTokenAddress = tokenAddress.toLowerCase();
const normalizedSenderAddress = senderAddress.toLowerCase();
assert.isETHAddressHex('toAddress', normalizedToAddress);
assert.isETHAddressHex('fromAddress', normalizedFromAddress);
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
assert.isETHAddressHex('senderAddress', normalizedSenderAddress);
await assert.isSenderAddressAsync('senderAddress', normalizedSenderAddress, this._web3Wrapper);
assert.isValidBaseUnitAmount('amountInBaseUnits', amountInBaseUnits);
const tokenContract = await this._getTokenContractAsync(normalizedTokenAddress);
@@ -354,8 +353,8 @@ export class TokenWrapper extends ContractWrapper {
indexFilterValues: IndexedFilterValues,
callback: EventCallback<ArgsType>,
): string {
assert.isETHAddressHex('tokenAddress', tokenAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
assert.doesBelongToStringEnum('eventName', eventName, TokenEvents);
assert.doesConformToSchema('indexFilterValues', indexFilterValues, schemas.indexFilterValuesSchema);
assert.isFunction('callback', callback);
@@ -396,8 +395,8 @@ export class TokenWrapper extends ContractWrapper {
blockRange: BlockRange,
indexFilterValues: IndexedFilterValues,
): Promise<Array<LogWithDecodedArgs<ArgsType>>> {
assert.isETHAddressHex('tokenAddress', tokenAddress);
const normalizedTokenAddress = tokenAddress.toLowerCase();
assert.isETHAddressHex('tokenAddress', normalizedTokenAddress);
assert.doesBelongToStringEnum('eventName', eventName, TokenEvents);
assert.doesConformToSchema('blockRange', blockRange, schemas.blockRangeSchema);
assert.doesConformToSchema('indexFilterValues', indexFilterValues, schemas.indexFilterValuesSchema);