Skip to content

Commit

Permalink
Fix/sessionkey token validation (#40)
Browse files Browse the repository at this point in the history
* fix: token validation while enabling sessionKey

* fix: validate token address call during sessionKey generation and rotation

* fix: ValidatorAddress validation and errorMessages during getNonce function call

* fix: update changeLog and version for sessionKeySDK changes

* chore: package lock updates with version changes

* fix: rename SessionKeyValidator-token validation function

* fix: SessionKeyValidator SDK - remove redundant validation check on token decimals

* fix: ChangeLog for the fix with version 2.0.5
  • Loading branch information
kanthgithub authored Oct 1, 2024
1 parent 2d52525 commit 6a2bec5
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 7 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# Changelog
## [2.0.5] - 2024-09-26
### fix
- validate the tokenAddress for `enableSessionKey` on `SessionKeyValidator` SDK instance
- validate the validatorAddress being set in tne `key` during `estimate` call on ModularSDK

## [2.0.4] - 2024-09-04
### Breaking Changes
- Static method `create` to initialize `SessionKeyValidator`
Expand Down
7 changes: 5 additions & 2 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@etherspot/modular-sdk",
"version": "2.0.4",
"version": "2.0.5",
"description": "Etherspot Modular SDK - build with ERC-7579 smart accounts modules",
"keywords": [
"ether",
Expand Down
25 changes: 24 additions & 1 deletion src/sdk/SessionKeyValidator/SessionKeyValidator.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { Contract, providers } from "ethers";
import { Contract, ethers, providers } from "ethers";
import { ModularSdk } from "../sdk";
import { KeyStore, PERMISSIONS_URL } from "./constants";
import { SessionKeyResponse, GenerateSessionKeyResponse, GetSessionKeyResponse, DeleteSessionKeyResponse, SessionData } from "./interfaces";
Expand All @@ -7,6 +7,7 @@ import { DEFAULT_ERC20_SESSION_KEY_VALIDATOR_ADDRESS, Networks } from "../networ
import { MODULE_TYPE, UserOperation, deepHexlify } from "../common";
import { resolveProperties } from "ethers/lib/utils";
import * as ERC20SessionKeyValidatorABI from "../abi/ERC20SessionKeyValidator.json";
import { ERC20_ABI } from "../helpers/abi/ERC20_ABI";

export class SessionKeyValidator {
private modularSdk: ModularSdk;
Expand Down Expand Up @@ -66,6 +67,12 @@ export class SessionKeyValidator {
throw new Error('Function Selector is required');
}

const isValidTokenIndicator = await this.isValidToken(token);

if (!isValidTokenIndicator) {
throw new Error(`Token: ${token} is does not exist or is invalid`);
}

const data = await this.generateSessionKeyData(
account,
this.chainId,
Expand Down Expand Up @@ -129,6 +136,12 @@ export class SessionKeyValidator {
const apiKeyMatch = this.provider.connection.url.match(/api-key=([^&]+)/);
const apiKey = apiKeyMatch ? apiKeyMatch[1] : null;

const isValidTokenIndicator = await this.isValidToken(token);

if (!isValidTokenIndicator) {
throw new Error(`Token: ${token} is does not exist or is invalid`);
}

const data = await this.generateSessionKeyData(
account,
this.chainId,
Expand Down Expand Up @@ -460,4 +473,14 @@ export class SessionKeyValidator {
throw new Error(err.message)
}
}

async isValidToken(token: string): Promise<boolean> {

const erc20 = new Contract(token, ERC20_ABI, this.provider);
const decimals = await erc20.decimals();
if (!decimals || decimals as number == 0) {
return false;
}
return true;
}
}
16 changes: 13 additions & 3 deletions src/sdk/base/EtherspotWalletAPI.ts
Original file line number Diff line number Diff line change
Expand Up @@ -289,10 +289,20 @@ export class EtherspotWalletAPI extends BaseAccountAPI {

async getNonce(key: BigNumber = BigNumber.from(0)): Promise<BigNumber> {
const accountAddress = await this.getAccountAddress();
const dummyKey = key.eq(0)
? ethers.utils.getAddress(this.multipleOwnerECDSAValidatorAddress) + "00000000"
: ethers.utils.getAddress(key.toHexString()) + "00000000";
const nonceAddressPrefix = key.eq(0) ? this.multipleOwnerECDSAValidatorAddress : key.toHexString();

// validate if the nonceAddressPrefix is a valid Address based on its size and also valid sequence of characters in it
if (!ethers.utils.isAddress(nonceAddressPrefix)) {
throw new Error(`Invalid Validator Address: ${nonceAddressPrefix}`);
}

const isValidatorInstalled : boolean = await this.isModuleInstalled(MODULE_TYPE.VALIDATOR, nonceAddressPrefix);

if(!isValidatorInstalled) {
throw new Error(`Validator: ${nonceAddressPrefix} is not installed in the wallet`);
}

const dummyKey = ethers.utils.getAddress(nonceAddressPrefix) + "00000000";
return await this.entryPointView.getNonce(accountAddress, BigInt(dummyKey));
}

Expand Down

0 comments on commit 6a2bec5

Please sign in to comment.