chore_: truncate sensitive information in error messages

This commit adds a utility function from the common package to truncate sensitive information (like addresses, IDs, etc.) in error messages across multiple files. This helps prevent accidentally exposing full sensitive data in logs and error messages while maintaining readability.

Author: qfrank

abi-spec/utils.go

@@ -11,6 +11,7 @@ import (
 	"go.uber.org/zap"
 
 	"github.com/ethereum/go-ethereum/common"
+	gocommon "github.com/status-im/status-go/common"
 	"github.com/status-im/status-go/eth-node/crypto"
 	"github.com/status-im/status-go/logutils"
 )
@@ -183,7 +184,7 @@ func ToChecksumAddress(address string) (string, error) {
 		return "", nil
 	}
 	if !addressBasicPattern.MatchString(address) {
-		return "", fmt.Errorf("given address '%s' is not a valid Ethereum address", address)
+		return "", fmt.Errorf("given address '%s' is not a valid Ethereum address", gocommon.TruncateWithDot(address))
 	}
 
 	address = strings.ToLower(address)

account/accounts.go

@@ -20,6 +20,7 @@ import (
 	gethcommon "github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
 	"github.com/status-im/status-go/account/generator"
+	gocommon "github.com/status-im/status-go/common"
 	"github.com/status-im/status-go/eth-node/crypto"
 	"github.com/status-im/status-go/eth-node/keystore"
 	"github.com/status-im/status-go/eth-node/types"
@@ -230,7 +231,7 @@ func (m *DefaultManager) VerifyAccountPassword(keyStoreDir, address, password st
 
 	// avoid swap attack
 	if key.Address != addressObj {
-		return nil, fmt.Errorf("account mismatch: have %s, want %s", key.Address.Hex(), addressObj.Hex())
+		return nil, fmt.Errorf("account mismatch: have %s, want %s", gocommon.TruncateWithDot(key.Address.Hex()), gocommon.TruncateWithDot(addressObj.Hex()))
 	}
 
 	return key, nil

api/geth_backend.go

@@ -283,7 +283,7 @@ func (b *GethStatusBackend) getAccountByKeyUID(keyUID string) (*multiaccounts.Ac
 			return &acc, nil
 		}
 	}
-	return nil, fmt.Errorf("account with keyUID %s not found", keyUID)
+	return nil, fmt.Errorf("account with keyUID %s not found", gocommon.TruncateWithDot(keyUID))
 }
 
 func (b *GethStatusBackend) SaveAccount(account multiaccounts.Account) error {

protocol/identity/utils.go

@@ -7,14 +7,16 @@ import (
 	"testing"
 
 	"github.com/ethereum/go-ethereum/crypto/secp256k1"
+
+	gocommon "github.com/status-im/status-go/common"
 )
 
 func ToColorID(pubkey string) (int64, error) {
 	const colorPalletLength = 12
 
 	pubkeyValue, ok := new(big.Int).SetString(pubkey, 0)
 	if !ok {
-		return 0, fmt.Errorf("invalid pubkey: %s", pubkey)
+		return 0, fmt.Errorf("invalid pubkey: %s", gocommon.TruncateWithDot(pubkey))
 	}
 
 	colorID := new(big.Int).Mod(pubkeyValue, new(big.Int).SetInt64(colorPalletLength-1)).Int64()
@@ -61,12 +63,12 @@ func Slices(compressedPubkey []byte) (res [4][]byte, err error) {
 func ToCompressedKey(pubkey string) ([]byte, error) {
 	pubkeyValue, ok := new(big.Int).SetString(pubkey, 0)
 	if !ok {
-		return nil, fmt.Errorf("invalid pubkey: %s", pubkey)
+		return nil, fmt.Errorf("invalid pubkey: %s", gocommon.TruncateWithDot(pubkey))
 	}
 
 	x, y := secp256k1.S256().Unmarshal(pubkeyValue.Bytes())
 	if x == nil || !secp256k1.S256().IsOnCurve(x, y) {
-		return nil, fmt.Errorf("invalid pubkey: %s", pubkey)
+		return nil, fmt.Errorf("invalid pubkey: %s", gocommon.TruncateWithDot(pubkey))
 	}
 
 	return secp256k1.CompressPubkey(x, y), nil

protocol/linkpreview_unfurler_status.go

@@ -6,6 +6,7 @@ import (
 	"go.uber.org/zap"
 
 	"github.com/status-im/status-go/api/multiformat"
+	gocommon "github.com/status-im/status-go/common"
 	"github.com/status-im/status-go/images"
 	"github.com/status-im/status-go/protocol/common"
 	"github.com/status-im/status-go/protocol/common/shard"
@@ -61,10 +62,10 @@ func (u *StatusUnfurler) buildContactData(publicKey string) (*common.StatusConta
 	if contact == nil {
 		contact, err = u.m.FetchContact(contactID, true)
 		if err != nil {
-			return nil, fmt.Errorf("failed to request contact info from mailserver for public key '%s': %w", publicKey, err)
+			return nil, fmt.Errorf("failed to request contact info from mailserver for public key '%s': %w", gocommon.TruncateWithDot(publicKey), err)
 		}
 		if contact == nil {
-			return nil, fmt.Errorf("contact wasn't found at the store node %s", publicKey)
+			return nil, fmt.Errorf("contact wasn't found at the store node %s", gocommon.TruncateWithDot(publicKey))
 		}
 	}
 
@@ -93,7 +94,7 @@ func (u *StatusUnfurler) buildCommunityData(communityID string, shard *shard.Sha
 	})
 
 	if err != nil {
-		return nil, nil, fmt.Errorf("failed to get community info for communityID '%s': %w", communityID, err)
+		return nil, nil, fmt.Errorf("failed to get community info for communityID '%s': %w", gocommon.TruncateWithDot(communityID), err)
 	}
 
 	if community == nil {
@@ -102,7 +103,7 @@ func (u *StatusUnfurler) buildCommunityData(communityID string, shard *shard.Sha
 
 	statusCommunityLinkPreviews, err := community.ToStatusLinkPreview()
 	if err != nil {
-		return nil, nil, fmt.Errorf("failed to get status community link preview for communityID '%s': %w", communityID, err)
+		return nil, nil, fmt.Errorf("failed to get status community link preview for communityID '%s': %w", gocommon.TruncateWithDot(communityID), err)
 	}
 
 	return community, statusCommunityLinkPreviews, nil
@@ -116,7 +117,7 @@ func (u *StatusUnfurler) buildChannelData(channelUUID string, communityID string
 
 	channel, ok := community.Chats()[channelUUID]
 	if !ok {
-		return nil, fmt.Errorf("channel with channelID '%s' not found in community '%s'", channelUUID, communityID)
+		return nil, fmt.Errorf("channel with channelID '%s' not found in community '%s'", gocommon.TruncateWithDot(channelUUID), gocommon.TruncateWithDot(communityID))
 	}
 
 	return &common.StatusCommunityChannelLinkPreview{

protocol/messenger.go

@@ -2038,7 +2038,7 @@ func (m *Messenger) dispatchMessage(ctx context.Context, rawMessage common.RawMe
 				zap.String("chatName", chat.Name),
 				zap.Any("messageType", rawMessage.MessageType),
 			)
-			return rawMessage, fmt.Errorf("can't post message type '%d' on chat '%s'", rawMessage.MessageType, chat.ID)
+			return rawMessage, fmt.Errorf("can't post message type '%d' on chat '%s'", rawMessage.MessageType, gocommon.TruncateWithDot(chat.ID))
 		}
 
 		logger.Debug("sending community chat message", zap.String("chatName", chat.Name))
@@ -3023,12 +3023,12 @@ func (r *ReceivedMessageState) addNewMessageNotification(publicKey ecdsa.PublicK
 
 	chat, ok := r.AllChats.Load(m.LocalChatID)
 	if !ok {
-		return fmt.Errorf("chat ID '%s' not present", m.LocalChatID)
+		return fmt.Errorf("chat ID '%s' not present", gocommon.TruncateWithDot(m.LocalChatID))
 	}
 
 	contact, ok := r.AllContacts.Load(contactID)
 	if !ok {
-		return fmt.Errorf("contact ID '%s' not present", contactID)
+		return fmt.Errorf("contact ID '%s' not present", gocommon.TruncateWithDot(contactID))
 	}
 
 	if !chat.Muted {
@@ -3098,7 +3098,7 @@ func (r *ReceivedMessageState) addNewActivityCenterNotification(publicKey ecdsa.
 
 	chat, ok := r.AllChats.Load(message.LocalChatID)
 	if !ok {
-		return fmt.Errorf("chat ID '%s' not present", message.LocalChatID)
+		return fmt.Errorf("chat ID '%s' not present", gocommon.TruncateWithDot(message.LocalChatID))
 	}
 
 	isNotification, notificationType := showMentionOrReplyActivityCenterNotification(publicKey, message, chat, responseTo)
@@ -4283,7 +4283,7 @@ func (m *Messenger) MarkAllReadInCommunity(ctx context.Context, communityID stri
 			m.allChats.Store(chat.ID, chat)
 			response.AddChat(chat)
 		} else {
-			err = fmt.Errorf("chat with chatID %s not found", chatID)
+			err = fmt.Errorf("chat with chatID %s not found", gocommon.TruncateWithDot(chatID))
 		}
 	}
 	return response, err

protocol/messenger_handler.go

@@ -486,7 +486,7 @@ func (m *Messenger) syncContactRequestForInstallationContact(contact *Contact, s
 	}
 
 	if chat == nil {
-		return fmt.Errorf("no chat restored during the contact synchronisation, contact.ID = %s", contact.ID)
+		return fmt.Errorf("no chat restored during the contact synchronisation, contact.ID = %s", gocommon.TruncateWithDot(contact.ID))
 	}
 
 	contactRequestID, err := m.persistence.LatestPendingContactRequestIDForContact(contact.ID)

protocol/messenger_mention.go

@@ -222,7 +222,7 @@ func (m *MentionManager) getMentionableUser(chatID string, pk string) (*Mentiona
 	}
 	user, ok := mentionableUsers[pk]
 	if !ok {
-		return nil, fmt.Errorf("user not found when getting mentionable user, pk: %s", pk)
+		return nil, fmt.Errorf("user not found when getting mentionable user, pk: %s", gocommon.TruncateWithDot(pk))
 	}
 	return user, nil
 }
@@ -231,7 +231,7 @@ func (m *MentionManager) getMentionableUsers(chatID string) (map[string]*Mention
 	mentionableUsers := make(map[string]*MentionableUser)
 	chat, _ := m.allChats.Load(chatID)
 	if chat == nil {
-		return nil, fmt.Errorf("chat not found when getting mentionable users, chatID: %s", chatID)
+		return nil, fmt.Errorf("chat not found when getting mentionable users, chatID: %s", gocommon.TruncateWithDot(chatID))
 	}
 
 	var publicKeys []string
@@ -291,7 +291,7 @@ func (m *MentionManager) addMentionableUser(mentionableUsers map[string]*Mention
 func (m *MentionManager) ReplaceWithPublicKey(chatID, text string) (string, error) {
 	chat, _ := m.allChats.Load(chatID)
 	if chat == nil {
-		return "", fmt.Errorf("chat not found when check mentions, chatID: %s", chatID)
+		return "", fmt.Errorf("chat not found when check mentions, chatID: %s", gocommon.TruncateWithDot(chatID))
 	}
 	mentionableUsers, err := m.mentionableUserGetter.getMentionableUsers(chatID)
 	if err != nil {

protocol/messenger_share_urls.go

@@ -12,6 +12,7 @@ import (
 	"github.com/andybalholm/brotli"
 
 	"github.com/status-im/status-go/api/multiformat"
+	gocommon "github.com/status-im/status-go/common"
 	"github.com/status-im/status-go/eth-node/crypto"
 	"github.com/status-im/status-go/eth-node/types"
 	"github.com/status-im/status-go/protocol/common"
@@ -224,7 +225,7 @@ func (m *Messenger) ShareCommunityChannelURLWithChatKey(request *requests.Commun
 	}
 
 	if !valid {
-		return "", fmt.Errorf("channelID should be UUID, got %s", request.ChannelID)
+		return "", fmt.Errorf("channelID should be UUID, got %s", gocommon.TruncateWithDot(request.ChannelID))
 	}
 
 	return fmt.Sprintf("%s/cc/%s#%s", baseShareURL, request.ChannelID, shortKey), nil
@@ -237,7 +238,7 @@ func parseCommunityChannelURLWithChatKey(channelID string, publicKey string) (*U
 	}
 
 	if !valid {
-		return nil, fmt.Errorf("channelID should be UUID, got %s", channelID)
+		return nil, fmt.Errorf("channelID should be UUID, got %s", gocommon.TruncateWithDot(channelID))
 	}
 
 	communityID, err := decodeCommunityID(publicKey)
@@ -313,7 +314,7 @@ func (m *Messenger) ShareCommunityChannelURLWithData(request *requests.Community
 	}
 
 	if !valid {
-		return "nil", fmt.Errorf("channelID should be UUID, got %s", request.ChannelID)
+		return "", fmt.Errorf("channelID should be UUID, got %s", gocommon.TruncateWithDot(request.ChannelID))
 	}
 
 	community, err := m.GetCommunityByID(request.CommunityID)
@@ -323,7 +324,7 @@ func (m *Messenger) ShareCommunityChannelURLWithData(request *requests.Community
 
 	channel := community.Chats()[request.ChannelID]
 	if channel == nil {
-		return "", fmt.Errorf("channel with channelID %s not found", request.ChannelID)
+		return "", fmt.Errorf("channel with channelID %s not found", gocommon.TruncateWithDot(request.ChannelID))
 	}
 
 	data, shortKey, err := m.prepareEncodedCommunityChannelData(community, channel, request.ChannelID)

protocol/messenger_store_node_request_manager.go

@@ -149,7 +149,7 @@ func (m *StoreNodeRequestManager) FetchCommunities(ctx context.Context, communit
 	for _, community := range communities {
 		_, _, err := m.FetchCommunity(ctx, community, opts)
 		if err != nil {
-			outErr = fmt.Errorf("%sfailed to create a request for community %s: %w", outErr, community.CommunityID, err)
+			outErr = fmt.Errorf("%sfailed to create a request for community %s: %w", outErr, gocommon.TruncateWithDot(community.CommunityID), err)
 		}
 	}
 

protocol/storenodes/database.go

@@ -58,7 +58,7 @@ func (d *Database) syncSave(communityID types.HexBytes, snode []Storenode, clock
 	for _, n := range snode {
 		// defensively validate the communityID
 		if len(n.CommunityID) == 0 || !bytes.Equal(communityID, n.CommunityID) {
-			err = fmt.Errorf("communityID mismatch %v != %v", communityID, n.CommunityID)
+			err = fmt.Errorf("communityID mismatch")
 			return err
 		}
 		dbN := find(n, dbNodes)

protocol/v1/membership_update_message.go

@@ -11,6 +11,7 @@ import (
 	"github.com/google/uuid"
 	"github.com/pkg/errors"
 
+	gocommon "github.com/status-im/status-go/common"
 	"github.com/status-im/status-go/eth-node/crypto"
 	"github.com/status-im/status-go/eth-node/types"
 	"github.com/status-im/status-go/protocol/protobuf"
@@ -309,17 +310,17 @@ func (g *Group) init() error {
 		}
 		valid := g.validateEvent(event)
 		if !valid {
-			return fmt.Errorf("invalid event %#+v from %s", event, event.From)
+			return fmt.Errorf("invalid event, type: %s, from: %s, chatID: %s, name: %s", event.Type, gocommon.TruncateWithDot(event.From), gocommon.TruncateWithDot(event.ChatID), event.Name)
 		}
 		g.processEvent(event)
 	}
 
 	valid := g.validateChatID(g.chatID)
 	if !valid {
-		return fmt.Errorf("invalid chat ID: %s", g.chatID)
+		return fmt.Errorf("invalid chat ID: %s", gocommon.TruncateWithDot(g.chatID))
 	}
 	if chatID != g.chatID {
-		return fmt.Errorf("expected chat ID equal %s, got %s", g.chatID, chatID)
+		return fmt.Errorf("expected chat ID equal %s, got %s", gocommon.TruncateWithDot(g.chatID), gocommon.TruncateWithDot(chatID))
 	}
 
 	return nil
@@ -484,7 +485,7 @@ func (g *Group) ProcessEvents(events []MembershipUpdateEvent) error {
 
 func (g *Group) ProcessEvent(event MembershipUpdateEvent) error {
 	if !g.validateEvent(event) {
-		return fmt.Errorf("invalid event %#+v", event)
+		return fmt.Errorf("invalid event when processing, type: %s, from: %s, chatID: %s, name: %s", event.Type, gocommon.TruncateWithDot(event.From), gocommon.TruncateWithDot(event.ChatID), event.Name)
 	}
 	// Check if exists
 	g.events = append(g.events, event)

server/pairing/client.go

@@ -72,18 +72,16 @@ func findServerCert(c *ConnectionParams, reachableIPs []net.IP) (*url.URL, *x509
 
 	// Keep track of error counts
 	errorCount := 0
-	var combinedErrors string
 	for {
 		select {
 		case success := <-successCh:
 			baseAddress = success.u
 			serverCert = success.cert
 			return baseAddress, serverCert, nil
-		case ipErr := <-errCh:
+		case <-errCh:
 			errorCount++
-			combinedErrors += fmt.Sprintf("IP %s: %s; ", ipErr.ip, ipErr.err)
 			if errorCount == len(reachableIPs) {
-				return nil, nil, fmt.Errorf(combinedErrors)
+				return nil, nil, fmt.Errorf("failed to connect to any of given ip addresses.")
 			}
 		}
 	}

server/pairing/connection.go

@@ -154,19 +154,19 @@ func ParseNetIps(in []byte) ([]net.IP, error) {
 func (cp *ConnectionParams) FromString(s string) error {
 
 	if len(s) < 2 {
-		return fmt.Errorf("connection string is too short: '%s'", s)
+		return fmt.Errorf("connection string is too short")
 	}
 
 	if s[:2] != connectionStringID {
-		return fmt.Errorf("connection string doesn't begin with identifier '%s'", connectionStringID)
+		return fmt.Errorf("connection string doesn't begin with identifier")
 	}
 
 	requiredParams := 5
 
 	sData := strings.Split(s[2:], ":")
 	// NOTE: always allow extra parameters for forward compatibility, error on not enough required parameters or failing to parse
 	if len(sData) < requiredParams {
-		return fmt.Errorf("expected data '%s' to have length of '%d', received '%d'", s, requiredParams, len(sData))
+		return fmt.Errorf("expected connection string to have length of '%d', received '%d'", requiredParams, len(sData))
 	}
 
 	netIpsBytes := base58.Decode(sData[1])