fix: permit pages breaking if address user is interacting is invalid integer address #25833
Conversation
jpuri
added
team-confirmations
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
|
@jpuri 
|
| * @param {string} address - The address passed. | ||
| * @returns Checksum address or undefined. | ||
| */ | ||
| export const getChecksumAddress = (address) => { |
There was a problem hiding this comment.
We now have toChecksumAddress, toChecksumHexAddress, and getChecksumAddress.
Could we re-use or extend toChecksumHexAddress?
Or at least place our new util in the same folder which is shared/modules/hexstring-utils.ts?
There was a problem hiding this comment.
toChecksumAddress is from ethjs-util lobrary. This function is different from toChecksumHexAddress and I can not categorise it as hex utillity
There was a problem hiding this comment.
My concern is adding to a generic util that's already almost a thousand lines, as opposed to a targeted file so we can keep our logic modular and organised.
Even if they're different, we now have three very similar functions without obvious differences.
I'd argue that hextring-utils.ts is more meaningful than util.js since the checksummed address (if successful) is is a hexadecimal string.
There was a problem hiding this comment.
We can add it to a more specific utility class.
But I am not sure if that should be hex utility, is every method returning a hex value candidate for hextring-utils.ts ?
| */ | ||
| export const getChecksumAddress = (address) => { | ||
| if (!ethUtil.isValidAddress(address)) { | ||
| return undefined; |
There was a problem hiding this comment.
Was the intent of this fix and util not to convert the integer address to hexadecimal rather than just displaying the original value?
There was a problem hiding this comment.
ethUtil.isValidAddress throws error for invalid addresses thus this change keeps from metamask breaking
There was a problem hiding this comment.
we still want to display invalid address to user with error from blockaid to show its wrong
There was a problem hiding this comment.
The Name component is designed to show Ethereum addresses as hexadecimal strings, not whatever unformatted input is given to it.
We want the UX to be consistent, so it seems the best two choices are to reject the request outright if an address is in a bad format, or normalize it so we can render it in a consistent format, plus this would ensure Blockaid can validate it correctly rather than throwing.
There was a problem hiding this comment.
For a wrong address, I think we should show users that address value as it is so its more obvious to user's what is wrong and not change that.
There was a problem hiding this comment.
But it's not the user's problem, or even a problem at all if we can just normalize it to hexadecimal then process it as normal.
The average user won't know what to do with an address in a different format to what they're used to, so why should we sacrifice the UX consistency if we can just convert it and then it's no longer an issue?
There was a problem hiding this comment.
Let's discuss this more with product team to reach on decision here.
There was a problem hiding this comment.
A couple of concerns:
- We should add/update tests for name, name-details, and shortenAddress
- Resulting UI with shortened invalid addresses is not shown in the PR description. Here are a couple of screenshots of the current UI:
- Have we discussed handling invalid addresses with design? It might be confusing to the user because we treat the invalid address as an address despite knowing it is an invalid address. This may not be a blocker for the PR, but I believe we should follow-up on this.
| return shortenAddress(toChecksumAddress(value)); | ||
| case NameType.ETHEREUM_ADDRESS: { | ||
| const checksumAddress = getChecksumAddress(value); | ||
| return shortenAddress(checksumAddress ?? value); |
There was a problem hiding this comment.
Interesting that if it is not a valid address, we may still shorten and truncate the value. Can we include tests for these cases for name and name-details?
also, now that shortedAddress may accept an invalid value, I think we should include a test for this. file: ui/helpers/utils/util.test.js
it('should return the shortened string if it is not a valid address', () => {
expect(
util.shortenAddress('1234567890123456789012345678901234567890'),
).toStrictEqual('1234567...67890');
});
|
@digiwand : invalid address is shown along with blockaid error. Showing invalid address is better than not showing address at all. I do not think its blocker as we never handled it even before. |
|
I agree with you. This is why I also mentioned it would not be a blocker. I do question if it would be an improvement to include more indicators that it is an invalid address rather than an "unknown address". Currently, users need to click "See details" in the banner alert to see it is. This is hidden. This could be a question for @SayaGT |
|
|
As discussed, we will reject signature like this. Thus closing this PR. |
Description
fix: permit pages breaking if address user is interacting is invalid integer address
Related issues
Fixes: #25733
Manual testing steps
Malicious permit with integer addressScreenshots/Recordings
Pre-merge author checklist
Pre-merge reviewer checklist