Skip to content

[BWC] Proposal Verification Logging #3966

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
leolambo wants to merge 4 commits into
base: v10
Choose a base branch
from
Open

[BWC] Proposal Verification Logging #3966

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
fa507a9
throw descriptve errors
leolambo Jul 25, 2025
886148a
Merge branch 'master' of https://github.com/bitpay/bitcore into txpVe…
leolambo Aug 26, 2025
88384f7
log instead of throwing errors
leolambo Aug 26, 2025
fccd299
log on verification failure
leolambo Aug 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 17 additions & 4 deletions packages/bitcore-wallet-client/src/lib/api.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -580,6 +580,7 @@ export class API extends EventEmitter {

if (this.credentials.walletPrivKey) {
if (!Verifier.checkCopayers(this.credentials, wallet.copayers)) {
log.error('Copayer verification falied on openWallet');
return cb(new Errors.SERVER_COMPROMISED());
}
} else {
Expand Down Expand Up @@ -1457,6 +1458,7 @@ export class API extends EventEmitter {
this.credentials.sharedEncryptingKey
)
) {
log.error('Transaction proposal verification falied on createTxProposal');
return cb(new Errors.SERVER_COMPROMISED());
}

Expand Down Expand Up @@ -1520,6 +1522,7 @@ export class API extends EventEmitter {
if (err) return cb(err);

if (!Verifier.checkAddress(this.credentials, address)) {
log.error('Address verification falied on createAddress');
return cb(new Errors.SERVER_COMPROMISED());
}

Expand Down Expand Up @@ -1555,7 +1558,10 @@ export class API extends EventEmitter {

if (!opts.doNotVerify) {
const fake = (addresses || []).some(address => !Verifier.checkAddress(this.credentials, address));
if (fake) return cb(new Errors.SERVER_COMPROMISED());
if (fake) {
log.error('Address verification falied on getMainAddresses');
return cb(new Errors.SERVER_COMPROMISED());
}
}
return cb(null, addresses);
});
Expand Down Expand Up @@ -1632,11 +1638,14 @@ export class API extends EventEmitter {
return acb(isLegit);
})
.catch(err => {
return acb(err);
return cb(err);
});
},
isLegit => {
if (!isLegit) return cb(new Errors.SERVER_COMPROMISED());
if (!isLegit) {
log.error('Transaction proposal verification falied on getTxProposals');
return cb(new Errors.SERVER_COMPROMISED());
}

var result;
if (opts.forAirGapped) {
Expand Down Expand Up @@ -1724,7 +1733,10 @@ export class API extends EventEmitter {
this.getPayProV2(txp)
.then(paypro => {
const isLegit = Verifier.checkTxProposal(this.credentials, txp, { paypro });
if (!isLegit) return cb(new Errors.SERVER_COMPROMISED());
if (!isLegit) {
log.error('Transaction proposal verification falied on pushSignatures');
return cb(new Errors.SERVER_COMPROMISED());
}

baseUrl = baseUrl || '/v2/txproposals/';
const url = baseUrl + txp.id + '/signatures/';
Expand Down Expand Up @@ -2924,6 +2936,7 @@ export class API extends EventEmitter {

if (credentials.walletPrivKey) {
if (!Verifier.checkCopayers(credentials, wallet.copayers)) {
log.error('Copayer verification falied on serverAssistedImport');
return cb2(null, new Errors.SERVER_COMPROMISED());
}
} else {
Expand Down
39 changes: 28 additions & 11 deletions packages/bitcore-wallet-client/src/lib/verifier.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,11 @@ export class Verifier {
return true;
});

if (!creatorKeys) return false;
if (!creatorKeys) {
log.error('Missing creator key')
return false;
}

var creatorSigningPubKey;

// If the txp using a selfsigned pub key?
Expand All @@ -194,14 +198,17 @@ export class Verifier {
txp.proposalSignaturePubKeySig,
creatorKeys.xPubKey
)
)
) {
log.error('Invalid self-signed proposal signature')
return false;

}
creatorSigningPubKey = txp.proposalSignaturePubKey;
} else {
creatorSigningPubKey = creatorKeys.requestPubKey;
}
if (!creatorSigningPubKey) return false;
if (!creatorSigningPubKey) {
log.error('Missing creator signing key');
}

var hash;
if (parseInt(txp.version) >= 3) {
Expand All @@ -219,11 +226,15 @@ export class Verifier {
);

const verified = Utils.verifyMessage(hash, txp.proposalSignature, creatorSigningPubKey);
if (!verified && !txp.prePublishRaw)
return false;

if (!verified && txp.prePublishRaw && !Utils.verifyMessage(txp.prePublishRaw, txp.proposalSignature, creatorSigningPubKey))
return false;
if (!verified && !txp.prePublishRaw) {
log.error('Invalid proposal signature');
return false;
}

if (!verified && txp.prePublishRaw && !Utils.verifyMessage(txp.prePublishRaw, txp.proposalSignature, creatorSigningPubKey)) {
log.error('Invalid refreshed proposal signature');
return false
}

if (Constants.UTXO_CHAINS.includes(chain)) {
if (!this.checkAddress(credentials, txp.changeAddress)) {
Expand Down Expand Up @@ -286,9 +297,15 @@ export class Verifier {
static checkTxProposal(credentials, txp, opts) {
opts = opts || {};

if (!this.checkTxProposalSignature(credentials, txp)) return false;
if (!this.checkTxProposalSignature(credentials, txp)) {
log.error('Transaction proposal signature check failed');
return false;
}

if (opts.paypro && !this.checkPaypro(txp, opts.paypro)) return false;
if (opts.paypro && !this.checkPaypro(txp, opts.paypro)) {
log.error('Transaction proposal paypro check failed');
return false;
}

return true;
}
Expand Down