From eadcf267968e40214c498f0eb0aa0c4f2567a6e4 Mon Sep 17 00:00:00 2001 From: ffranr Date: Mon, 11 Sep 2023 14:50:41 +0100 Subject: [PATCH] tapfreighter: validate proof courier address before commencing send --- proof/courier.go | 4 ++-- tapfreighter/chain_porter.go | 31 +++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/proof/courier.go b/proof/courier.go index 9abc876ed..2272dd073 100644 --- a/proof/courier.go +++ b/proof/courier.go @@ -97,8 +97,8 @@ func ParseCourierAddrUrl(addr url.URL) (CourierAddr, error) { return NewHashMailCourierAddr(addr) } - return nil, fmt.Errorf("unknown courier address protocol: %v", - addr.Scheme) + return nil, fmt.Errorf("unknown courier address protocol "+ + "(consider updating tapd): %v", addr.Scheme) } // HashMailCourierAddr is a hashmail protocol specific implementation of the diff --git a/tapfreighter/chain_porter.go b/tapfreighter/chain_porter.go index 9978a3009..7ccc27328 100644 --- a/tapfreighter/chain_porter.go +++ b/tapfreighter/chain_porter.go @@ -795,6 +795,15 @@ func (p *ChainPorter) stateStep(currentPkg sendPackage) (*sendPackage, error) { return nil, fmt.Errorf("unable to cast parcel to " + "address parcel") } + + // Perform basic validation on the address parcel before we + // continue. + err := p.validateAddrParcel(*addrParcel) + if err != nil { + return nil, fmt.Errorf("failed to validate address "+ + "parcel: %w", err) + } + fundSendRes, outputIdxToAddr, err := p.cfg.AssetWallet.FundAddressSend( ctx, addrParcel.destAddrs..., @@ -1030,6 +1039,28 @@ func (p *ChainPorter) stateStep(currentPkg sendPackage) (*sendPackage, error) { } } +// validateAddrParcel validates the given address parcel. +func (p *ChainPorter) validateAddrParcel(addrParcel AddressParcel) error { + // We need at least one address to send to in an address parcel. + if len(addrParcel.destAddrs) < 1 { + return fmt.Errorf("at least one Tap address must be " + + "specified in address parcel") + } + + for idx := range addrParcel.destAddrs { + tapAddr := addrParcel.destAddrs[idx] + + // Validate proof courier addresses. + _, err := proof.ParseCourierAddrUrl(tapAddr.ProofCourierAddr) + if err != nil { + return fmt.Errorf("invalid proof courier address: %w", + err) + } + } + + return nil +} + // RegisterSubscriber adds a new subscriber to the set of subscribers that will // be notified of any new events that are broadcast. //