Skip to content

Commit

Permalink
add check for invalid nonceIn (#14)
Browse files Browse the repository at this point in the history
  • Loading branch information
rahul0tripathi authored Jan 29, 2024
2 parents 66e5d88 + 96bd4a6 commit 3568417
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 0 deletions.
6 changes: 6 additions & 0 deletions internal/usecase/path_sign_txn.go
Original file line number Diff line number Diff line change
Expand Up @@ -220,11 +220,17 @@ func (b *Backend) validateAndGetTx(data *framework.FieldData) (*RequestFieldsTra
b.Logger().Error("Invalid gas limit", "gas", data.Get("gas").(string))
return nil, fmt.Errorf("invalid gas limit")
}

gasLimit := gasLimitIn.Uint64()
gasPrice := validNumber(data.Get("gasPrice").(string))
gasFeeCapStr := data.Get("gasFeeCap").(string) //nolint
gasTipCapStr := data.Get("gasTipCap").(string) //nolint
nonceIn := validNumber(data.Get("nonce").(string))
if nonceIn == nil {
b.Logger().Error("Invalid nonce", "nonce", data.Get("nonce").(string))
return nil, fmt.Errorf("invalid nonce")
}

nonce := nonceIn.Uint64()

var addressTo *common.Address
Expand Down
17 changes: 17 additions & 0 deletions internal/usecase/path_sign_txn_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -173,4 +173,21 @@ func TestBackend_signTx(t *testing.T) {

sender, _ = types.Sender(types.LatestSignerForChainID(big.NewInt(1)), tx)
assert.Equal(t, address.Hex(), sender.Hex())

// sign TX with invalid nonce
dataToSign = "60fe47b10000000000000000000000000000000000000000000000000000000000000014"
req = logical.TestRequest(t, logical.CreateOperation, "key-managers/"+keeperSvc+"/txn/sign")
req.Storage = storage
data = map[string]interface{}{
"data": dataToSign,
"address": "0xBffc2f3Df75367B0f246aF6Ae42AFf59A33f2704",
"to": "0xf809410b0d6f047c603deb311979cd413e025a84",
"gas": 2000,
"nonce": "0x",
"gasPrice": 0,
"chainId": "12345",
}
req.Data = data
_, err = b.HandleRequest(context.Background(), req)
assert.ErrorContains(t, err, "invalid nonce")
}

0 comments on commit 3568417

Please sign in to comment.