From 6183b93b1b19112dd0168272aa5f443edcda25a1 Mon Sep 17 00:00:00 2001
From: Thomas van Dam <thomas@seda.xyz>
Date: Mon, 6 Jan 2025 14:52:06 +0100
Subject: [PATCH] feat(data-proxy)!: add chain-id to signed registration
 payload

This prevents replay attacks between different networks.

Closes: #37
---
 workspace/data-proxy-sdk/src/config.ts   |  5 +++++
 workspace/data-proxy/src/cli/register.ts | 17 ++++++++++++++++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/workspace/data-proxy-sdk/src/config.ts b/workspace/data-proxy-sdk/src/config.ts
index 82e25a9..3702a4e 100644
--- a/workspace/data-proxy-sdk/src/config.ts
+++ b/workspace/data-proxy-sdk/src/config.ts
@@ -6,6 +6,7 @@ export enum Environment {
 }
 
 export interface DataProxyOptions {
+	chainId: string;
 	rpcUrl: string;
 
 	// URL to the explorer page
@@ -18,21 +19,25 @@ export interface DataProxyOptions {
 
 export const defaultConfig: Record<Environment, DataProxyOptions> = {
 	mainnet: {
+		chainId: "seda-1",
 		rpcUrl: "https://rpc.seda.xyz",
 		explorerUrl: "https://explorer.seda.xyz",
 		privateKey: Buffer.from([]),
 	},
 	testnet: {
+		chainId: "seda-1-testnet",
 		rpcUrl: "https://rpc.testnet.seda.xyz",
 		explorerUrl: "https://testnet.explorer.seda.xyz",
 		privateKey: Buffer.from([]),
 	},
 	devnet: {
+		chainId: "seda-1-devnet",
 		rpcUrl: "https://rpc.devnet.seda.xyz",
 		explorerUrl: "https://devnet.explorer.seda.xyz",
 		privateKey: Buffer.from([]),
 	},
 	planet: {
+		chainId: "seda-1-planet",
 		rpcUrl: "https://rpc.planet.seda.xyz",
 		explorerUrl: "https://planet.explorer.seda.xyz",
 		privateKey: Buffer.from([]),
diff --git a/workspace/data-proxy/src/cli/register.ts b/workspace/data-proxy/src/cli/register.ts
index 7be90e6..904b8c8 100644
--- a/workspace/data-proxy/src/cli/register.ts
+++ b/workspace/data-proxy/src/cli/register.ts
@@ -1,5 +1,6 @@
 import { Command } from "@commander-js/extra-typings";
 import { Keccak256 } from "@cosmjs/crypto";
+import { fromBech32 } from "@cosmjs/encoding";
 import { Environment } from "@seda-protocol/data-proxy-sdk";
 import { defaultConfig } from "@seda-protocol/data-proxy-sdk/src/config";
 import { trySync } from "@seda-protocol/utils";
@@ -49,7 +50,11 @@ export const registerCommand = new Command("register")
 			process.exit(1);
 		}
 
-		// TODO: Validate if seda address is valid
+		if (!isValidSedaAddress(payoutAddress)) {
+			console.error(`${payoutAddress} is not a valid SEDA address`);
+			process.exit(1);
+		}
+
 		const aSedaAmount = trySync(() => sedaToAseda(fee)).map(
 			(amount) => `${amount}aseda`,
 		);
@@ -64,6 +69,7 @@ export const registerCommand = new Command("register")
 
 		hasher.update(Buffer.from(payoutAddress));
 		hasher.update(Buffer.from(memo));
+		hasher.update(Buffer.from(network.value.chainId));
 		const hash = Buffer.from(hasher.digest());
 
 		const signatureRaw = ecdsaSign(hash, privateKey.value);
@@ -87,3 +93,12 @@ export const registerCommand = new Command("register")
 		console.info("");
 		console.info(`Submit your transaction on: \n${url.toString()}`);
 	});
+
+function isValidSedaAddress(address: string): boolean {
+	try {
+		const { prefix } = fromBech32(address);
+		return prefix === "seda";
+	} catch (error) {
+		return false;
+	}
+}