mirror of
https://github.com/status-im/status-github-bot.git
synced 2025-01-11 22:04:19 +00:00
cf2c211467
Add pre-push script to check for any private keys with a balance in the account. Closes #23
83 lines
3.2 KiB
JavaScript
83 lines
3.2 KiB
JavaScript
#!/usr/bin/env node
|
|
// requirements
|
|
const ethereumjs = require('ethereumjs-util')
|
|
const https = require('https')
|
|
const exec = require('child_process').exec
|
|
// constants
|
|
const host = 'https://api.etherscan.io/api?module=account&action=balancemulti&address='
|
|
// variables
|
|
var foundPrivateKeys = []
|
|
var formatedKeys = []
|
|
var rawKeysFound = []
|
|
var keyFound = false
|
|
var originSHA = process.env.HUSKY_GIT_STDIN.split(/\s+/)[3]
|
|
var masterSHA = process.env.HUSKY_GIT_STDIN.split(/\s+/)[1]
|
|
// start script
|
|
console.log('\x1b[1m', 'Checking for possible private keys with balance...\n', '\x1b[0m')
|
|
// setup shell script command function
|
|
var result = function (command, cb) {
|
|
exec(command, function (err, stdout, stderr) {
|
|
if (err != null) {
|
|
return cb(new Error(err), null)
|
|
} else if (typeof (stderr) !== 'string') {
|
|
return cb(new Error(stderr), null)
|
|
} else {
|
|
return cb(null, stdout)
|
|
}
|
|
})
|
|
}
|
|
// get git to return files that have been altered
|
|
result('git diff ' + masterSHA + ' ' + originSHA + ' --name-only', function (err, response) {
|
|
if (!err && response !== '') {
|
|
// look for possible private keys
|
|
let splitResult = response.replace(/\r?\n|\r/g, ' ').split(' ').join(' ')
|
|
result('grep -E -- "([0-9A-Fa-f][^OIl]){32}" ' + splitResult, function (err, response) {
|
|
if (!err) {
|
|
foundPrivateKeys = response.replace(/[^0-9A-Fa-f]/g, ' ').split(' ')
|
|
|
|
for (var i in foundPrivateKeys) {
|
|
if (foundPrivateKeys[i].length === 64) {
|
|
rawKeysFound.push(foundPrivateKeys[i])
|
|
formatedKeys.push(ethereumjs.bufferToHex(ethereumjs.privateToAddress(ethereumjs.toBuffer('0x' + foundPrivateKeys[i]))))
|
|
}
|
|
}
|
|
// make api call to etherscan to check balance
|
|
https.get(host + formatedKeys.toString() + '&tag=latest&apikey=YourApiKeyToken', (resp) => {
|
|
let data = ''
|
|
resp.on('data', (chunk) => {
|
|
data += chunk
|
|
})
|
|
resp.on('end', () => {
|
|
let returnedKeys = (JSON.parse(data).result)
|
|
for (var i in returnedKeys) {
|
|
if (returnedKeys[i].balance > 0) {
|
|
console.log('Private key found: \x1b[41m%s\x1b[0m', rawKeysFound[i], ' with balance of: ', returnedKeys[i].balance / Math.pow(10, 18))
|
|
if (!keyFound) keyFound = true
|
|
}
|
|
}
|
|
|
|
if (!keyFound) {
|
|
console.log('\x1b[32m', 'No private keys with balance found...\n', '\x1b[0m')
|
|
process.exit(0)
|
|
} else {
|
|
console.log('\x1b[33m', '\nPrivate key(s) with balance found: to commit anyway use command "git push --no-verify"\n', '\x1b[0m')
|
|
process.exit(1)
|
|
}
|
|
})
|
|
}).on('error', (err) => {
|
|
console.log('Error: ' + err.message)
|
|
process.exit(2)
|
|
})
|
|
} else {
|
|
console.log('\x1b[32m', 'No private keys found in commits\n', '\x1b[0m')
|
|
process.exit(0)
|
|
}
|
|
})
|
|
} else {
|
|
if (response === '') {
|
|
console.log('No changed files found.')
|
|
} else { console.log('Error: ' + err) }
|
|
process.exit(2)
|
|
}
|
|
})
|