diff --git a/packages/shared/lib/auxiliary/deep-link/errors/index.ts b/packages/shared/lib/auxiliary/deep-link/errors/index.ts index 52f384775f..f0ba065a1f 100644 --- a/packages/shared/lib/auxiliary/deep-link/errors/index.ts +++ b/packages/shared/lib/auxiliary/deep-link/errors/index.ts @@ -1,5 +1,6 @@ export * from './amount-not-an-integer.error' export * from './invalid-address.error' +export * from './invalid-asset-id.error' export * from './metadata-length.error' export * from './no-address-specified.error' export * from './tag-length.error' diff --git a/packages/shared/lib/auxiliary/deep-link/errors/invalid-asset-id.error.ts b/packages/shared/lib/auxiliary/deep-link/errors/invalid-asset-id.error.ts new file mode 100644 index 0000000000..e35b8266ad --- /dev/null +++ b/packages/shared/lib/auxiliary/deep-link/errors/invalid-asset-id.error.ts @@ -0,0 +1,14 @@ +import { BaseError } from '@core/error' +import { localize } from '@core/i18n' + +export class InvalidAssetIdError extends BaseError { + constructor() { + const message = localize('error.send.invalidAssetId') + super({ + message, + showNotification: true, + saveToErrorLog: false, + logToConsole: true, + }) + } +} diff --git a/packages/shared/lib/auxiliary/deep-link/handlers/wallet/operations/handleDeepLinkSendConfirmationOperation.ts b/packages/shared/lib/auxiliary/deep-link/handlers/wallet/operations/handleDeepLinkSendConfirmationOperation.ts index 9bb95fad9e..2ca2c16b3c 100644 --- a/packages/shared/lib/auxiliary/deep-link/handlers/wallet/operations/handleDeepLinkSendConfirmationOperation.ts +++ b/packages/shared/lib/auxiliary/deep-link/handlers/wallet/operations/handleDeepLinkSendConfirmationOperation.ts @@ -1,7 +1,7 @@ import { get } from 'svelte/store' import { networkHrp } from '@core/network' -import { isStringTrue, isValidBech32AddressAndPrefix, getByteLengthOfString } from '@core/utils' +import { isStringTrue, isValidBech32AddressAndPrefix, getByteLengthOfString, validateAssetId } from '@core/utils' import { getAssetById, NewTransactionDetails, @@ -60,6 +60,7 @@ function parseSendConfirmationOperation(searchParams: URLSearchParams): NewTrans const recipient: Subject = { type: 'address', address } const assetId = searchParams.get(SendOperationParameter.AssetId) + assetId && validateAssetId(assetId) const baseAsset = get(selectedAccountAssets).baseCoin const asset = assetId ? getAssetById(assetId) : baseAsset if (!asset) { diff --git a/packages/shared/lib/core/utils/crypto/utils/index.ts b/packages/shared/lib/core/utils/crypto/utils/index.ts index 50c2c78125..4ff62ba1b5 100644 --- a/packages/shared/lib/core/utils/crypto/utils/index.ts +++ b/packages/shared/lib/core/utils/crypto/utils/index.ts @@ -1,2 +1,3 @@ +export * from './validateAssetId' export * from './validateBech32Address' export * from './validateEthereumAddress' diff --git a/packages/shared/lib/core/utils/crypto/utils/validateAssetId.ts b/packages/shared/lib/core/utils/crypto/utils/validateAssetId.ts new file mode 100644 index 0000000000..ebe78bf592 --- /dev/null +++ b/packages/shared/lib/core/utils/crypto/utils/validateAssetId.ts @@ -0,0 +1,11 @@ +import { InvalidAssetIdError } from '@auxiliary/deep-link' +import { COIN_TYPE } from '@core/network' + +export function validateAssetId(id: string): void { + const isHex = id.startsWith('0x') + if (isHex && !/^(0x08)?[0-9a-f]{64}?(?:0[1-9]|[1-5][0-9]|6[0-4])?0{8}$/i.test(id)) { + throw new InvalidAssetIdError() + } else if (!isHex && !Object.values(COIN_TYPE).includes(Number(id))) { + throw new InvalidAssetIdError() + } +} diff --git a/packages/shared/locales/en.json b/packages/shared/locales/en.json index ed8b97e2c8..76d2d01e36 100644 --- a/packages/shared/locales/en.json +++ b/packages/shared/locales/en.json @@ -1825,6 +1825,7 @@ "wrongAddressPrefix": "Addresses start with the prefix {prefix}.", "wrongAddressFormat": "The address is not correctly formatted.", "invalidAddress": "The address is not valid.", + "invalidAssetId": "The asset id is not valid.", "unknownAsset": "The asset is not known to this account.", "insufficientFunds": "This wallet has insufficient funds.", "insufficientFundsStorageDeposit": "Insufficient funds to cover the storage deposit",