From cc71fda6864acc20e661a68896760e2d5b169de8 Mon Sep 17 00:00:00 2001 From: Jyoti Puri Date: Mon, 17 Apr 2023 09:54:25 +0530 Subject: [PATCH] Fix issue with requests with empty data being forwarded to opensea (#18598) --- .../lib/createRPCMethodTrackingMiddleware.js | 15 ++++- .../createRPCMethodTrackingMiddleware.test.js | 61 +++++++++++++++++++ 2 files changed, 74 insertions(+), 2 deletions(-) diff --git a/app/scripts/lib/createRPCMethodTrackingMiddleware.js b/app/scripts/lib/createRPCMethodTrackingMiddleware.js index c0fc09e24..d34404beb 100644 --- a/app/scripts/lib/createRPCMethodTrackingMiddleware.js +++ b/app/scripts/lib/createRPCMethodTrackingMiddleware.js @@ -1,5 +1,7 @@ import { errorCodes } from 'eth-rpc-errors'; import { detectSIWE } from '@metamask/controller-utils'; +import { isValidAddress } from 'ethereumjs-util'; + import { MESSAGE_TYPE, ORIGIN_METAMASK } from '../../../shared/constants/app'; import { TransactionStatus } from '../../../shared/constants/transaction'; import { SECOND } from '../../../shared/constants/time'; @@ -168,8 +170,17 @@ export default function createRPCMethodTrackingMiddleware({ if (event === MetaMetricsEventName.SignatureRequested) { eventProperties.signature_type = method; - const data = req?.params?.[0]; - const from = req?.params?.[1]; + // In personal messages the first param is data while in typed messages second param is data + // if condition below is added to ensure that the right params are captured as data and address. + let data; + let from; + if (isValidAddress(req?.params?.[1])) { + data = req?.params?.[0]; + from = req?.params?.[1]; + } else { + data = req?.params?.[1]; + from = req?.params?.[0]; + } const paramsExamplePassword = req?.params?.[2]; const msgData = { diff --git a/app/scripts/lib/createRPCMethodTrackingMiddleware.test.js b/app/scripts/lib/createRPCMethodTrackingMiddleware.test.js index 070ad12b2..5da8206fa 100644 --- a/app/scripts/lib/createRPCMethodTrackingMiddleware.test.js +++ b/app/scripts/lib/createRPCMethodTrackingMiddleware.test.js @@ -383,5 +383,66 @@ describe('createRPCMethodTrackingMiddleware', () => { }); }); }); + + describe('when signature requests are received', () => { + let securityProviderReq, fnHandler; + beforeEach(() => { + securityProviderReq = jest.fn().mockReturnValue(() => + Promise.resolve({ + flagAsDangerous: 0, + }), + ); + + fnHandler = createRPCMethodTrackingMiddleware({ + trackEvent, + getMetricsState, + rateLimitSeconds: 1, + securityProviderRequest: securityProviderReq, + }); + }); + it(`should pass correct data for personal sign`, async () => { + const req = { + method: 'personal_sign', + params: [ + '0x4578616d706c652060706572736f6e616c5f7369676e60206d657373616765', + '0x8eeee1781fd885ff5ddef7789486676961873d12', + 'Example password', + ], + jsonrpc: '2.0', + id: 1142196570, + origin: 'https://metamask.github.io', + tabId: 1048582817, + }; + const res = { id: 1142196570, jsonrpc: '2.0' }; + const { next } = getNext(); + + await fnHandler(req, res, next); + + expect(securityProviderReq).toHaveBeenCalledTimes(1); + const call = securityProviderReq.mock.calls[0][0]; + expect(call.msgParams.data).toStrictEqual(req.params[0]); + }); + it(`should pass correct data for typed sign`, async () => { + const req = { + method: 'eth_signTypedData_v4', + params: [ + '0x8eeee1781fd885ff5ddef7789486676961873d12', + '{"domain":{"chainId":"5","name":"Ether Mail","verifyingContract":"0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC","version":"1"},"message":{"contents":"Hello, Bob!","from":{"name":"Cow","wallets":["0xCD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826","0xDeaDbeefdEAdbeefdEadbEEFdeadbeEFdEaDbeeF"]},"to":[{"name":"Bob","wallets":["0xbBbBBBBbbBBBbbbBbbBbbbbBBbBbbbbBbBbbBBbB","0xB0BdaBea57B0BDABeA57b0bdABEA57b0BDabEa57","0xB0B0b0b0b0b0B000000000000000000000000000"]}]},"primaryType":"Mail","types":{"EIP712Domain":[{"name":"name","type":"string"},{"name":"version","type":"string"},{"name":"chainId","type":"uint256"},{"name":"verifyingContract","type":"address"}],"Group":[{"name":"name","type":"string"},{"name":"members","type":"Person[]"}],"Mail":[{"name":"from","type":"Person"},{"name":"to","type":"Person[]"},{"name":"contents","type":"string"}],"Person":[{"name":"name","type":"string"},{"name":"wallets","type":"address[]"}]}}', + ], + jsonrpc: '2.0', + id: 1142196571, + origin: 'https://metamask.github.io', + tabId: 1048582817, + }; + const res = { id: 1142196571, jsonrpc: '2.0' }; + const { next } = getNext(); + + await fnHandler(req, res, next); + + expect(securityProviderReq).toHaveBeenCalledTimes(1); + const call = securityProviderReq.mock.calls[0][0]; + expect(call.msgParams.data).toStrictEqual(req.params[1]); + }); + }); }); });