From 84344ac4c2a2502234373c24c0f02d8912417039 Mon Sep 17 00:00:00 2001
From: Richard Moore <github@ricmoo.com>
Date: Thu, 11 Oct 2018 15:16:31 -0400
Subject: [PATCH] Check all transaction parameters are valid; protect against
 typos (#299).

---
 src.ts/wallet.ts | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/src.ts/wallet.ts b/src.ts/wallet.ts
index 7b758c53..a824d11b 100644
--- a/src.ts/wallet.ts
+++ b/src.ts/wallet.ts
@@ -24,6 +24,9 @@ import { BlockTag, TransactionRequest, TransactionResponse } from './providers/a
 
 import * as errors from './errors';
 
+const allowedTransactionKeys: { [ key: string ]: boolean } = {
+    chainId: true, data: true, gasLimit: true, gasPrice:true, nonce: true, to: true, value: true
+}
 
 export class Wallet extends AbstractSigner {
 
@@ -69,6 +72,15 @@ export class Wallet extends AbstractSigner {
     }
 
     sign(transaction: TransactionRequest): Promise<string> {
+        for (let key in transaction) {
+            if (!allowedTransactionKeys[key]) {
+                errors.throwError('unsupported transaction property - ' + key, errors.INVALID_ARGUMENT, {
+                    argument: 'transaction',
+                    value: transaction,
+                    key: key
+                });
+            }
+        }
         return resolveProperties(transaction).then((tx) => {
             let rawTx = serializeTransaction(tx);
             let signature = this.signingKey.signDigest(keccak256(rawTx));
@@ -98,17 +110,12 @@ export class Wallet extends AbstractSigner {
             throw new Error('invalid transaction object');
         }
 
-        var tx = shallowCopy(transaction);
+        let tx = shallowCopy(transaction);
 
         if (tx.to != null) {
             tx.to = this.provider.resolveName(tx.to);
         }
 
-        if (tx.gasLimit == null) {
-            tx.from = this.getAddress();
-            tx.gasLimit = this.provider.estimateGas(tx);
-        }
-
         if (tx.gasPrice == null) {
             tx.gasPrice = this.provider.getGasPrice();
         }
@@ -117,6 +124,12 @@ export class Wallet extends AbstractSigner {
             tx.nonce = this.getTransactionCount();
         }
 
+        if (tx.gasLimit == null) {
+            let estimate = shallowCopy(tx);
+            estimate.from = this.getAddress();
+            tx.gasLimit = this.provider.estimateGas(estimate);
+        }
+
         if (tx.chainId == null) {
             tx.chainId = this.provider.getNetwork().then((network) => network.chainId);
         }