From 1d65687ce48bc7f35ee0167c94813f8b3cb3a6ee Mon Sep 17 00:00:00 2001
From: Thomas <thomas.b.huang@gmail.com>
Date: Wed, 24 Oct 2018 20:03:55 -0700
Subject: Validate signTypedData in eth-json-rpc-middleware
---
app/scripts/metamask-controller.js | 58 ++++++++++++++++++++------------------
1 file changed, 30 insertions(+), 28 deletions(-)
(limited to 'app/scripts/metamask-controller.js')
diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js
index 7913662d4..1e02d8488 100644
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@@ -138,12 +138,12 @@ module.exports = class MetamaskController extends EventEmitter {
this.accountTracker.stop()
}
})
-
+
// ensure accountTracker updates balances after network change
this.networkController.on('networkDidChange', () => {
this.accountTracker._updateAccounts()
})
-
+
// key mgmt
const additionalKeyrings = [TrezorKeyring, LedgerBridgeKeyring]
this.keyringController = new KeyringController({
@@ -275,6 +275,8 @@ module.exports = class MetamaskController extends EventEmitter {
processTransaction: this.newUnapprovedTransaction.bind(this),
// msg signing
processEthSignMessage: this.newUnsignedMessage.bind(this),
+ processTypedMessage: this.newUnsignedTypedMessage.bind(this),
+ processTypedMessageV3: this.newUnsignedTypedMessage.bind(this),
processPersonalMessage: this.newUnsignedPersonalMessage.bind(this),
getPendingNonce: this.getPendingNonce.bind(this),
}
@@ -978,8 +980,8 @@ module.exports = class MetamaskController extends EventEmitter {
* @param {Object} msgParams - The params passed to eth_signTypedData.
* @param {Function} cb - The callback function, called with the signature.
*/
- newUnsignedTypedMessage (msgParams, req) {
- const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req)
+ newUnsignedTypedMessage (msgParams, req, version) {
+ const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req, version)
this.sendUpdate()
this.opts.showUnconfirmedMessage()
return promise
@@ -1274,9 +1276,9 @@ module.exports = class MetamaskController extends EventEmitter {
// watch asset
engine.push(this.preferencesController.requestWatchAsset.bind(this.preferencesController))
// sign typed data middleware
- engine.push(this.createTypedDataMiddleware('eth_signTypedData', 'V1').bind(this))
- engine.push(this.createTypedDataMiddleware('eth_signTypedData_v1', 'V1').bind(this))
- engine.push(this.createTypedDataMiddleware('eth_signTypedData_v3', 'V3', true).bind(this))
+ // engine.push(this.createTypedDataMiddleware('eth_signTypedData', 'V1').bind(this))
+ // engine.push(this.createTypedDataMiddleware('eth_signTypedData_v1', 'V1').bind(this))
+ // engine.push(this.createTypedDataMiddleware('eth_signTypedData_v3', 'V3', true).bind(this))
// forward to metamask primary provider
engine.push(createProviderMiddleware({ provider }))
@@ -1542,27 +1544,27 @@ module.exports = class MetamaskController extends EventEmitter {
* @param {Function} - next
* @param {Function} - end
*/
- createTypedDataMiddleware (methodName, version, reverse) {
- return async (req, res, next, end) => {
- const { method, params } = req
- if (method === methodName) {
- const promise = this.typedMessageManager.addUnapprovedMessageAsync({
- data: reverse ? params[1] : params[0],
- from: reverse ? params[0] : params[1],
- }, req, version)
- this.sendUpdate()
- this.opts.showUnconfirmedMessage()
- try {
- res.result = await promise
- end()
- } catch (error) {
- end(error)
- }
- } else {
- next()
- }
- }
- }
+ // createTypedDataMiddleware (methodName, version, reverse) {
+ // return async (req, res, next, end) => {
+ // const { method, params } = req
+ // if (method === methodName) {
+ // const promise = this.typedMessageManager.addUnapprovedMessageAsync({
+ // data: reverse ? params[1] : params[0],
+ // from: reverse ? params[0] : params[1],
+ // }, req, version)
+ // this.sendUpdate()
+ // this.opts.showUnconfirmedMessage()
+ // try {
+ // res.result = await promise
+ // end()
+ // } catch (error) {
+ // end(error)
+ // }
+ // } else {
+ // next()
+ // }
+ // }
+ // }
/**
* Adds a domain to the {@link BlacklistController} whitelist
--
cgit
From 95b92a1ddcaf478fe612f46c94c8e0600826cfd6 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.b.huang@gmail.com>
Date: Wed, 24 Oct 2018 20:13:40 -0700
Subject: Remove commented out/unused methods
---
app/scripts/metamask-controller.js | 29 ++---------------------------
1 file changed, 2 insertions(+), 27 deletions(-)
(limited to 'app/scripts/metamask-controller.js')
diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js
index 1e02d8488..5a182d3f0 100644
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@@ -980,8 +980,8 @@ module.exports = class MetamaskController extends EventEmitter {
* @param {Object} msgParams - The params passed to eth_signTypedData.
* @param {Function} cb - The callback function, called with the signature.
*/
- newUnsignedTypedMessage (msgParams, req, version) {
- const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req, version)
+ newUnsignedTypedMessage (msgParams, req) {
+ const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req)
this.sendUpdate()
this.opts.showUnconfirmedMessage()
return promise
@@ -1275,10 +1275,6 @@ module.exports = class MetamaskController extends EventEmitter {
engine.push(subscriptionManager.middleware)
// watch asset
engine.push(this.preferencesController.requestWatchAsset.bind(this.preferencesController))
- // sign typed data middleware
- // engine.push(this.createTypedDataMiddleware('eth_signTypedData', 'V1').bind(this))
- // engine.push(this.createTypedDataMiddleware('eth_signTypedData_v1', 'V1').bind(this))
- // engine.push(this.createTypedDataMiddleware('eth_signTypedData_v3', 'V3', true).bind(this))
// forward to metamask primary provider
engine.push(createProviderMiddleware({ provider }))
@@ -1544,27 +1540,6 @@ module.exports = class MetamaskController extends EventEmitter {
* @param {Function} - next
* @param {Function} - end
*/
- // createTypedDataMiddleware (methodName, version, reverse) {
- // return async (req, res, next, end) => {
- // const { method, params } = req
- // if (method === methodName) {
- // const promise = this.typedMessageManager.addUnapprovedMessageAsync({
- // data: reverse ? params[1] : params[0],
- // from: reverse ? params[0] : params[1],
- // }, req, version)
- // this.sendUpdate()
- // this.opts.showUnconfirmedMessage()
- // try {
- // res.result = await promise
- // end()
- // } catch (error) {
- // end(error)
- // }
- // } else {
- // next()
- // }
- // }
- // }
/**
* Adds a domain to the {@link BlacklistController} whitelist
--
cgit
From 8c0e5e97e5ee50122e4ff120e1076e71394be378 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.b.huang@gmail.com>
Date: Wed, 24 Oct 2018 20:24:42 -0700
Subject: Add version to unapprovedMessage
---
app/scripts/metamask-controller.js | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
(limited to 'app/scripts/metamask-controller.js')
diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js
index 5a182d3f0..bbff95618 100644
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@@ -980,8 +980,8 @@ module.exports = class MetamaskController extends EventEmitter {
* @param {Object} msgParams - The params passed to eth_signTypedData.
* @param {Function} cb - The callback function, called with the signature.
*/
- newUnsignedTypedMessage (msgParams, req) {
- const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req)
+ newUnsignedTypedMessage (msgParams, req, version) {
+ const promise = this.typedMessageManager.addUnapprovedMessageAsync(msgParams, req, version)
this.sendUpdate()
this.opts.showUnconfirmedMessage()
return promise
--
cgit