Skip to content

Commit

Permalink
Merge pull request #922 from LiskHQ/921-verify-active-account-passphr…
Browse files Browse the repository at this point in the history
…ase-signMessage

Verify that passphrase used belongs to active account - Cooses #921
  • Loading branch information
michaeltomasik authored Jun 18, 2018
2 parents 0dbc73f + edf8d46 commit d750dc3
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions src/components/signMessage/confirmMessage.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import styles from './confirmMessage.css';
import { Button } from '../toolbox/buttons/button';
import Input from '../toolbox/inputs/input';
import { passphraseIsValid } from '../../utils/form';
import { extractPublicKey } from '../../utils/account';
// eslint-disable-next-line import/no-named-as-default
import PassphraseInput from '../passphraseInput';
import TransitionWrapper from '../toolbox/transitionWrapper';
Expand Down Expand Up @@ -31,6 +32,18 @@ class ConfirmMessage extends React.Component {
}

handleChange(name, value, error) {
if (!error) {
const publicKeyMap = {
passphrase: 'publicKey',
secondPassphrase: 'secondPublicKey',
};

const expectedPublicKey = this.props.account[publicKeyMap[name]];

if (expectedPublicKey && expectedPublicKey !== extractPublicKey(value)) {
error = this.props.t('Entered passphrase does not belong to the active account');
}
}
this.setState({
[name]: {
value,
Expand Down

0 comments on commit d750dc3

Please sign in to comment.