Skip to content

Commit

Permalink
Add verifier checks to discovery relay (#7756)
Browse files Browse the repository at this point in the history
  • Loading branch information
raymondjacobson authored Mar 1, 2024
1 parent c3f0a99 commit 0d2d3b1
Show file tree
Hide file tree
Showing 5 changed files with 15 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,8 @@ export type Config = {
rateLimitAllowList: string[]
rateLimitBlockList: string[]
finalPoaBlock: number
redisUrl: string
redisUrl: string,
verifierAddress: string
}

// reads .env file based on environment
Expand Down Expand Up @@ -60,7 +61,8 @@ export const readConfig = (): Config => {
audius_final_poa_block: num({ default: 0 }),
audius_redis_url: str({
default: 'redis://audius-protocol-discovery-provider-redis-1:6379/00'
})
}),
audius_contracts_verified_address: str({ default: '' })
})
return {
environment: env.audius_discprov_env,
Expand All @@ -75,6 +77,7 @@ export const readConfig = (): Config => {
rateLimitAllowList: allowListPublicKeys(),
rateLimitBlockList: blockListPublicKeys(),
finalPoaBlock: env.audius_final_poa_block,
redisUrl: env.audius_redis_url
redisUrl: env.audius_redis_url,
verifierAddress: env.audius_contracts_verified_address
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,10 @@ export const antiAbuseMiddleware = async (
next: NextFunction
) => {
const aaoConfig = config.aao
const { ip, recoveredSigner, signerIsApp, createOrDeactivate} = response.locals.ctx
const { ip, recoveredSigner, signerIsApp, createOrDeactivate, isSenderVerifier } = response.locals.ctx

// no AAO to check and creates / deactivates should always be allowed
if (signerIsApp || createOrDeactivate) {
if (signerIsApp || createOrDeactivate || isSenderVerifier) {
next()
return
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ export interface RequestContext {
signerIsApp: boolean
signerIsUser: boolean
createOrDeactivate: boolean
isSenderVerifier: boolean
}

declare global {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ export const rateLimiterMiddleware = async (
res: Response,
next: NextFunction
) => {
const { validatedRelayRequest, recoveredSigner, signerIsUser, createOrDeactivate } = res.locals.ctx
const { validatedRelayRequest, recoveredSigner, signerIsUser, createOrDeactivate, isSenderVerifier } = res.locals.ctx
const { encodedABI } = validatedRelayRequest

let signer: string | null
Expand All @@ -23,7 +23,7 @@ export const rateLimiterMiddleware = async (
signer = (recoveredSigner as DeveloperApps).address
}

if ((signer === undefined || signer === null) && !createOrDeactivate) {
if ((signer === undefined || signer === null) && !createOrDeactivate && !isSenderVerifier) {
rateLimitError(next, 'user record does not have wallet')
return
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ export const validator = async (
let signerIsApp = false
let signerIsUser = false
let createOrDeactivate = false
const isSenderVerifier = senderAddress === config.verifierAddress

const user = await retrieveUser(
contractRegistryKey,
Expand Down Expand Up @@ -84,7 +85,7 @@ export const validator = async (
}

// could not find user and is not create, find app
if (!signerIsUser && !createOrDeactivate) {
if (!signerIsUser && !createOrDeactivate && !isSenderVerifier) {
const developerApp = await retrieveDeveloperApp({ encodedABI, contractAddress })
if (developerApp === undefined) {
logger.error({ encodedABI }, "neither user nor developer app could be found for address")
Expand All @@ -106,7 +107,8 @@ export const validator = async (
createOrDeactivate,
ip,
signerIsApp,
signerIsUser
signerIsUser,
isSenderVerifier
}
next()
}
Expand Down

0 comments on commit 0d2d3b1

Please sign in to comment.