From f9e844e59c74c2d02fd9bb53c1bc003ea24b1d47 Mon Sep 17 00:00:00 2001 From: lingcoder Date: Fri, 21 Nov 2025 15:57:21 +0800 Subject: [PATCH 1/3] fix(web3): normalize Ethereum addresses to lowercase to prevent case-sensitivity issues #2264 --- internal/utilities/siwe/parser.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/internal/utilities/siwe/parser.go b/internal/utilities/siwe/parser.go index bd1c1f5dd..ace19d7f4 100644 --- a/internal/utilities/siwe/parser.go +++ b/internal/utilities/siwe/parser.go @@ -52,7 +52,9 @@ func ParseMessage(raw string) (*SIWEMessage, error) { return nil, ErrInvalidDomain } - address := strings.TrimSpace(lines[1]) + // Normalize Ethereum addresses to lowercase to prevent case-sensitivity issues + // Ethereum addresses are case-insensitive (EIP-55 uses mixed case for checksum) + address := strings.ToLower(strings.TrimSpace(lines[1])) if !addressPattern.MatchString(address) { return nil, ErrInvalidAddress } From 776d2c63f782f67abbe8d05742002e9345e0cf42 Mon Sep 17 00:00:00 2001 From: lingcoder Date: Sun, 30 Nov 2025 09:11:27 +0800 Subject: [PATCH 2/3] test: uodate testcase internal/utilities/siwe/parser_test --- internal/utilities/siwe/parser_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/utilities/siwe/parser_test.go b/internal/utilities/siwe/parser_test.go index 2e0e74a82..f4da06229 100644 --- a/internal/utilities/siwe/parser_test.go +++ b/internal/utilities/siwe/parser_test.go @@ -116,7 +116,7 @@ func TestParseMessage(t *testing.T) { require.Nil(t, err) require.Equal(t, "example.com", parsed.Domain) - require.Equal(t, "0x196a28d05bA75C8dC35B0F6e71DD622D1aC82b7E", parsed.Address) + require.Equal(t, "0x196a28d05ba75c8dc35b0f6e71dd622d1ac82b7e", parsed.Address) if i == 0 { require.Equal(t, "Sign in to Example App", *parsed.Statement) From 43314eb4e89887d8c856dafe0ebc26ee38e8042d Mon Sep 17 00:00:00 2001 From: lingcoder Date: Sun, 30 Nov 2025 09:56:53 +0800 Subject: [PATCH 3/3] refactor(web3): add migrations sql --- ...000_normalize_web3_ethereum_addresses.up.sql | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 migrations/20251202014000_normalize_web3_ethereum_addresses.up.sql diff --git a/migrations/20251202014000_normalize_web3_ethereum_addresses.up.sql b/migrations/20251202014000_normalize_web3_ethereum_addresses.up.sql new file mode 100644 index 000000000..37e52fd67 --- /dev/null +++ b/migrations/20251202014000_normalize_web3_ethereum_addresses.up.sql @@ -0,0 +1,17 @@ +-- Normalize Ethereum addresses in provider_id to lowercase to prevent case-sensitivity issues +-- This migration must run BEFORE deploying the code change that lowercases addresses in parser.go +-- Background: Ethereum addresses are case-insensitive, but EIP-55 uses mixed case for checksums. +-- This migration ensures existing checksummed addresses are normalized to lowercase to match +-- the new behavior where addresses are lowercased at parse time. +-- +-- Note: identity_data is NOT updated because it's only metadata for display purposes. +-- The provider_id field is the only field used for identity lookup and uniqueness. + +/* auth_migration: 20251202014000 */ + +-- Update all web3:ethereum provider_id entries to use lowercase addresses +-- Format: "web3:ethereum:0xABCDEF..." -> "web3:ethereum:0xabcdef..." +update {{ index .Options "Namespace" }}.identities +set provider_id = lower(provider_id) +where provider = 'web3' + and provider_id LIKE 'web3:ethereum:0x%';