From 06833178218e20b52cd368562e8e4154c0282442 Mon Sep 17 00:00:00 2001 From: Richard Ramos Date: Thu, 8 Nov 2018 13:42:45 -0400 Subject: [PATCH] Additional verification for availability strategy to check instances --- gas-relayer/src/service.js | 22 +++++++++++-------- .../src/strategy/AvailabilityStrategy.js | 8 +++++++ gas-relayer/src/strategy/BaseStrategy.js | 19 ++++++++++++++++ gas-relayer/src/strategy/IdentityStrategy.js | 17 -------------- .../contracts/identity/IdentityFactory.sol | 1 + 5 files changed, 41 insertions(+), 26 deletions(-) diff --git a/gas-relayer/src/service.js b/gas-relayer/src/service.js index 496b168..b94395c 100644 --- a/gas-relayer/src/service.js +++ b/gas-relayer/src/service.js @@ -9,6 +9,8 @@ const winston = require('winston'); const cache = require('memory-cache'); const accountParser = require('./account-parser'); +var pubKey; + // Setting up logging const wLogger = winston.createLogger({ level: 'info', @@ -92,7 +94,7 @@ events.on('setup:complete', async (settings) => { shhOptions.kId = await web3.shh.newKeyPair(); const symKeyID = await web3.shh.addSymKey(config.node.whisper.symKey); - const pubKey = await web3.shh.getPublicKey(shhOptions.kId); + pubKey = await web3.shh.getPublicKey(shhOptions.kId); // Listening to whisper // Individual subscriptions due to https://github.com/ethereum/web3.js/issues/1361 @@ -183,14 +185,16 @@ events.on('server:listen', (shhOptions, settings) => { let validationResult; switch(input.action){ case 'transaction': - processor.processTransaction(settings.getContractByTopic(message.topic), - input, - reply, - account, - () => { - cache.put(inputCheckSum, (new Date().getTime()), 3600000); - } - ); + if(message.recipientPublicKey === pubKey){ + processor.processTransaction(settings.getContractByTopic(message.topic), + input, + reply, + account, + () => { + cache.put(inputCheckSum, (new Date().getTime()), 3600000); + } + ); + } break; case 'availability': validationResult = await processor.processStrategy(settings.getContractByTopic(message.topic), diff --git a/gas-relayer/src/strategy/AvailabilityStrategy.js b/gas-relayer/src/strategy/AvailabilityStrategy.js index 0c3f436..fe6e5f0 100644 --- a/gas-relayer/src/strategy/AvailabilityStrategy.js +++ b/gas-relayer/src/strategy/AvailabilityStrategy.js @@ -12,6 +12,14 @@ class AvailabilityStrategy extends Strategy { * @returns {object} Status of validation, and minimum price */ async execute(input, cache){ + + if(this.contract.isIdentity){ + let validInstance = await this._validateInstance(input); + if(!validInstance){ + return {success: false, message: "Invalid identity instance"}; + } + } + // Verifying if token is allowed const token = this.settings.getToken(input.gasToken); if(token == undefined) return {success: false, message: "Token not allowed"}; diff --git a/gas-relayer/src/strategy/BaseStrategy.js b/gas-relayer/src/strategy/BaseStrategy.js index d947d02..5370e9d 100644 --- a/gas-relayer/src/strategy/BaseStrategy.js +++ b/gas-relayer/src/strategy/BaseStrategy.js @@ -7,6 +7,25 @@ const erc20ABI = require('../../abi/ERC20Token.json'); */ class BaseStrategy { + /** + * Validates if the contract being invoked represents an instance created via factory + * @param {object} input - Object obtained from a `transaction` request. + * @returns {bool} Valid instance or not + */ + async _validateInstance(input){ + const instanceCodeHash = this.web3.utils.soliditySha3(await this.web3.eth.getCode(input.contract)); + const kernelVerifSignature = this.web3.utils.soliditySha3(this.contract.kernelVerification).slice(0, 10); + + if(instanceCodeHash === null) return false; + + let verificationResult = await this.web3.eth.call({ + to: this.contract.factoryAddress, + data: kernelVerifSignature + instanceCodeHash.slice(2)}); + + return this.web3.eth.abi.decodeParameter('bool', verificationResult); + } + + /** * @param {object} web3 - Web3 object already configured * @param {object} config - Configuration object obtained from `./config/config.js` diff --git a/gas-relayer/src/strategy/IdentityStrategy.js b/gas-relayer/src/strategy/IdentityStrategy.js index 07f3d78..830578b 100644 --- a/gas-relayer/src/strategy/IdentityStrategy.js +++ b/gas-relayer/src/strategy/IdentityStrategy.js @@ -10,23 +10,6 @@ const ApproveAndCallGasRelayed = "0x59f4ac61"; */ class IdentityStrategy extends Strategy { - /** - * Validates if the contract being invoked represents an Identity instance - * @param {object} input - Object obtained from a `transaction` request. - * @returns {bool} Valid instance or not - */ - async _validateInstance(input){ - const instanceCodeHash = this.web3.utils.soliditySha3(await this.web3.eth.getCode(input.contract)); - const kernelVerifSignature = this.web3.utils.soliditySha3(this.contract.kernelVerification).slice(0, 10); - - if(instanceCodeHash === null) return false; - - let verificationResult = await this.web3.eth.call({ - to: this.contract.factoryAddress, - data: kernelVerifSignature + instanceCodeHash.slice(2)}); - - return this.web3.eth.abi.decodeParameter('bool', verificationResult); - } /** * Process Identity strategy diff --git a/test-dapp/contracts/identity/IdentityFactory.sol b/test-dapp/contracts/identity/IdentityFactory.sol index 19c83e8..af46dce 100644 --- a/test-dapp/contracts/identity/IdentityFactory.sol +++ b/test-dapp/contracts/identity/IdentityFactory.sol @@ -52,6 +52,7 @@ contract IdentityFactory is Factory { { IdentityKernel instance = IdentityKernel(new DelayedUpdatableInstance(address(latestKernel))); + // Saving hash for version in case it does not exist bytes32 codeHash = getCodeHash(address(instance)); if(hashToVersion[codeHash] == 0){ hashToVersion[codeHash] = versionLog.length;