Summary
BitcoinProvider.is_valid_address() currently validates address format, but it does not enforce the configured network.
In both mainnet and testnet mode, the function accepts addresses from both networks.
Why this matters
Swap destination validation relies on this function. If the validator or CLI is running on one BTC network but accepts an address from another, a user can pass validation with an address that does not match the active network.
Repro
-
Configure BTC_NETWORK=mainnet
-
is_valid_address("tb1...") returns True
-
Configure BTC_NETWORK=testnet
-
is_valid_address("bc1...") returns True
The same applies to base58 prefixes (1/3 vs m/n/2).
Expected behavior
Validation should enforce network-specific prefixes/version bytes:
- mainnet:
bc1, 1, 3
- testnet:
tb1, m/n, 2
(And bcrt1 only if regtest is intentionally supported.)
Suggested fix
After decoding bech32/base58, check the decoded HRP/version against self.network before returning True.
Add regression tests for cross-network rejection in both directions.
Summary
BitcoinProvider.is_valid_address()currently validates address format, but it does not enforce the configured network.In both
mainnetandtestnetmode, the function accepts addresses from both networks.Why this matters
Swap destination validation relies on this function. If the validator or CLI is running on one BTC network but accepts an address from another, a user can pass validation with an address that does not match the active network.
Repro
Configure
BTC_NETWORK=mainnetis_valid_address("tb1...")returnsTrueConfigure
BTC_NETWORK=testnetis_valid_address("bc1...")returnsTrueThe same applies to base58 prefixes (
1/3vsm/n/2).Expected behavior
Validation should enforce network-specific prefixes/version bytes:
bc1,1,3tb1,m/n,2(And
bcrt1only if regtest is intentionally supported.)Suggested fix
After decoding bech32/base58, check the decoded HRP/version against
self.networkbefore returningTrue.Add regression tests for cross-network rejection in both directions.