Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

boltz: Validate initial claim destination address #246

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion Boltz/Detail/ClaimTxHandler.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Ev::Io<void> ClaimTxHandler::core_run() {
}).then([this](Sqlite3::Tx tx) {
/* First do a quick check. */
auto check1 = tx.query(R"QRY(
SELECT lockedUp, timeoutBlockheight
SELECT lockedUp, timeoutBlockheight, destinationAddress
FROM "BoltzServiceFactory_rsub"
WHERE apiAccess = :apiAccess
AND swapId = :swapId
Expand All @@ -65,6 +65,7 @@ Ev::Io<void> ClaimTxHandler::core_run() {
++found;
lockedUp = r.get<bool>(0);
timeoutBlockheight = r.get<std::uint32_t>(1);
destinationAddress = r.get<std::string>(2);
break;
}
if (found == 0) {
Expand All @@ -89,6 +90,14 @@ Ev::Io<void> ClaimTxHandler::core_run() {
return Ev::lift();
});
}
if (destinationAddress.empty()) {
return loge("Swap destination address is empty??"
).then([]() {
throw End();
return Ev::lift();
});
}
// TODO: Check for validity of destination address?

/* Perform the actual fetch of the data. */
auto fetch = tx.query(R"QRY(
Expand Down
22 changes: 16 additions & 6 deletions Boss/Mod/SwapManager.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,12 @@ class SwapManager::Impl {
( payment_hash TEXT UNIQUE
, amount_sent INTEGER NOT NULL
);

-- Sanity check to remove erroneous blank addresses
-- from the address cache.
DELETE FROM SwapManager_addrcache
WHERE address IS NULL
OR address = '';
)QRY");
tx.commit();

Expand Down Expand Up @@ -280,6 +286,8 @@ class SwapManager::Impl {
/* First, try to get an address from the addrcache. */
auto check = tx.query(R"QRY(
SELECT id, address FROM "SwapManager_addrcache"
WHERE address IS NOT NULL
AND address <> ''
ORDER BY id
LIMIT 1
;
Expand Down Expand Up @@ -626,12 +634,14 @@ class SwapManager::Impl {
auto address = std::string();
for (auto& r : fetch)
address = r.get<std::string>(0);
tx.query(R"QRY(
INSERT INTO "SwapManager_addrcache"
VALUES(NULL, :address);
)QRY")
.bind(":address", address)
.execute();
if (!address.empty()) {
tx.query(R"QRY(
INSERT INTO "SwapManager_addrcache"
VALUES(NULL, :address);
)QRY")
.bind(":address", address)
.execute();
}

/* Delete the swap itself. */
tx.query(R"QRY(
Expand Down