mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-12-23 09:52:26 +01:00
blacklist - use module eth-phishing-detect
This commit is contained in:
kumavis
parent
8a9d0073b1
commit
d4877cb4e2
@ -1,13 +1,9 @@
|
||||
const ObservableStore = require('obs-store')
|
||||
const extend = require('xtend')
|
||||
const communityBlacklistedDomains = require('etheraddresslookup/blacklists/domains.json')
|
||||
const communityWhitelistedDomains = require('etheraddresslookup/whitelists/domains.json')
|
||||
const checkForPhishing = require('../lib/is-phish')
|
||||
const PhishingDetector = require('eth-phishing-detect/src/detector')
|
||||
|
||||
// compute phishing lists
|
||||
const PHISHING_BLACKLIST = communityBlacklistedDomains.concat(['metamask.com'])
|
||||
const PHISHING_WHITELIST = communityWhitelistedDomains.concat(['metamask.io', 'www.metamask.io'])
|
||||
const PHISHING_FUZZYLIST = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask']
|
||||
const PHISHING_DETECTION_CONFIG = require('eth-phishing-detect/src/config.json')
|
||||
// every ten minutes
|
||||
const POLLING_INTERVAL = 10 * 60 * 1000
|
||||
|
||||
@ -15,9 +11,12 @@ class BlacklistController {
|
||||
|
||||
constructor (opts = {}) {
|
||||
const initState = extend({
|
||||
phishing: PHISHING_BLACKLIST,
|
||||
phishing: PHISHING_DETECTION_CONFIG,
|
||||
}, opts.initState)
|
||||
this.store = new ObservableStore(initState)
|
||||
// phishing detector
|
||||
this._phishingDetector = null
|
||||
this._setupPhishingDetector(initState.phishing)
|
||||
// polling references
|
||||
this._phishingUpdateIntervalRef = null
|
||||
}
|
||||
@ -28,14 +27,15 @@ class BlacklistController {
|
||||
|
||||
checkForPhishing (hostname) {
|
||||
if (!hostname) return false
|
||||
const { blacklist } = this.store.getState()
|
||||
return checkForPhishing({ hostname, blacklist, whitelist: PHISHING_WHITELIST, fuzzylist: PHISHING_FUZZYLIST })
|
||||
const { result } = this._phishingDetector.check(hostname)
|
||||
return result
|
||||
}
|
||||
|
||||
async updatePhishingList () {
|
||||
const response = await fetch('https://api.infura.io/v1/blacklist')
|
||||
const response = await fetch('https://api.infura.io/v2/blacklist')
|
||||
const phishing = await response.json()
|
||||
this.store.updateState({ phishing })
|
||||
this._setupPhishingDetector(phishing)
|
||||
return phishing
|
||||
}
|
||||
|
||||
@ -45,6 +45,14 @@ class BlacklistController {
|
||||
this.updatePhishingList()
|
||||
}, POLLING_INTERVAL)
|
||||
}
|
||||
|
||||
//
|
||||
// PRIVATE METHODS
|
||||
//
|
||||
|
||||
_setupPhishingDetector (config) {
|
||||
this._phishingDetector = new PhishingDetector(config)
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = BlacklistController
|
||||
|
||||
@ -1,23 +0,0 @@
|
||||
const levenshtein = require('fast-levenshtein')
|
||||
const LEVENSHTEIN_TOLERANCE = 4
|
||||
|
||||
// credit to @sogoiii and @409H for their help!
|
||||
// Return a boolean on whether or not a phish is detected.
|
||||
function isPhish({ hostname, blacklist, whitelist, fuzzylist }) {
|
||||
|
||||
// check if the domain is part of the whitelist.
|
||||
if (whitelist && whitelist.includes(hostname)) return false
|
||||
|
||||
// check if the domain is part of the blacklist.
|
||||
if (blacklist && blacklist.includes(hostname)) return true
|
||||
|
||||
// check for similar values.
|
||||
const levenshteinForm = hostname.replace(/\./g, '')
|
||||
const levenshteinMatched = fuzzylist.some((element) => {
|
||||
return levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE
|
||||
})
|
||||
|
||||
return levenshteinMatched
|
||||
}
|
||||
|
||||
module.exports = isPhish
|
||||
@ -7,7 +7,7 @@
|
||||
"start": "npm run dev",
|
||||
"dev": "gulp dev --debug",
|
||||
"disc": "gulp disc --debug",
|
||||
"clear": "rm -rf node_modules/eth-contract-metadata && rm -rf node_modules/etheraddresslookup",
|
||||
"clear": "rm -rf node_modules/eth-contract-metadata && rm -rf node_modules/eth-phishing-detect",
|
||||
"dist": "npm run clear && npm install && gulp dist",
|
||||
"test": "npm run lint && npm run test-unit && npm run test-integration",
|
||||
"test-unit": "METAMASK_ENV=test mocha --require test/helper.js --recursive \"test/unit/**/*.js\"",
|
||||
@ -68,11 +68,11 @@
|
||||
"eth-bin-to-ops": "^1.0.1",
|
||||
"eth-contract-metadata": "^1.1.4",
|
||||
"eth-hd-keyring": "^1.1.1",
|
||||
"eth-phishing-detect": "^1.0.2",
|
||||
"eth-query": "^2.1.2",
|
||||
"eth-sig-util": "^1.2.2",
|
||||
"eth-simple-keyring": "^1.1.1",
|
||||
"eth-token-tracker": "^1.1.2",
|
||||
"etheraddresslookup": "github:409H/EtherAddressLookup",
|
||||
"ethereumjs-tx": "^1.3.0",
|
||||
"ethereumjs-util": "ethereumjs/ethereumjs-util#ac5d0908536b447083ea422b435da27f26615de9",
|
||||
"ethereumjs-wallet": "^0.6.0",
|
||||
|
||||
Loading…
Reference in New Issue
Block a user