From 4bc870624d5b4d3ec2833ddfac4a288a2425a9c9 Mon Sep 17 00:00:00 2001 From: Abhishek Rajput Date: Thu, 21 Mar 2024 01:28:18 +0530 Subject: [PATCH] Add validate fund txn request body --- backend/package.json | 4 ++-- backend/src/handlers/discord-signed-digest.ts | 2 +- backend/src/handlers/fund-transactions.ts | 20 +++++++++++++++++-- backend/src/utils/fundTransactions.ts | 10 ++++------ 4 files changed, 25 insertions(+), 11 deletions(-) diff --git a/backend/package.json b/backend/package.json index fbf22001..0dd23e8e 100644 --- a/backend/package.json +++ b/backend/package.json @@ -4,8 +4,8 @@ "main": "index.js", "license": "MIT", "scripts": { - "build": "rm -rf dist && swc ./src -d ./dist --ignore \"**/*.test.ts,**/__test__/**\"", - "lint": "eslint \"src/**/*.{json,js,jsx,ts,tsx}\" && tsc --noemit", + "build": "tsc --noemit && rm -rf dist && swc ./src -d ./dist --ignore \"**/*.test.ts,**/__test__/**\"", + "lint": "eslint \"src/**/*.{json,js,jsx,ts,tsx}\"", "prettier": "prettier \"src/**/*.{json,js,jsx,ts,tsx}\" --write", "test": "jest --clearCache --coverage" }, diff --git a/backend/src/handlers/discord-signed-digest.ts b/backend/src/handlers/discord-signed-digest.ts index 03eda530..6992b6c5 100644 --- a/backend/src/handlers/discord-signed-digest.ts +++ b/backend/src/handlers/discord-signed-digest.ts @@ -39,7 +39,7 @@ export const signDiscordMessage = async ( console.error('Error generating signed discord digest', err) return { statusCode: 500, - body: JSON.stringify({ error: 'Error generating signed discord digest' }), + body: JSON.stringify({ error: 'Internal server error' }), } } } diff --git a/backend/src/handlers/fund-transactions.ts b/backend/src/handlers/fund-transactions.ts index 25025dad..e7ebb9b5 100644 --- a/backend/src/handlers/fund-transactions.ts +++ b/backend/src/handlers/fund-transactions.ts @@ -16,7 +16,7 @@ export const fundTransaction = async ( ): Promise => { try { const requestBody = JSON.parse(event.body!) as FundTransactionRequest - + validateFundTransactions(requestBody.transactions) const transactions = deserializeTransactions(requestBody.transactions) const isTransactionsValid = await checkTransactions(transactions) @@ -40,7 +40,23 @@ export const fundTransaction = async ( console.error('Error fully signing transactions', err) return { statusCode: 500, - body: JSON.stringify({ error: 'Error fully signing transactions' }), + body: JSON.stringify({ error: 'Internal server error' }), + } + } +} + +function validateFundTransactions(transactions: unknown) { + if (!Array.isArray(transactions) || transactions.length === 0) { + return { + statusCode: 400, + body: JSON.stringify({ error: 'Must provide transactions' }), + } + } + + if (transactions.length >= 10) { + return { + statusCode: 400, + body: JSON.stringify({ error: 'Too many transactions' }), } } } diff --git a/backend/src/utils/fundTransactions.ts b/backend/src/utils/fundTransactions.ts index d81482a0..dcc97080 100644 --- a/backend/src/utils/fundTransactions.ts +++ b/backend/src/utils/fundTransactions.ts @@ -10,14 +10,12 @@ import { getSecret } from './index' const SET_COMPUTE_UNIT_LIMIT_DISCRIMINANT = 2 export function deserializeTransactions( - // eslint-disable-next-line @typescript-eslint/no-explicit-any - transactions: any, + transactions: unknown, ): VersionedTransaction[] { try { - // eslint-disable-next-line @typescript-eslint/no-explicit-any - return transactions.map((serializedTx: any) => { - return VersionedTransaction.deserialize(Buffer.from(serializedTx)) - }) + return (transactions as Uint8Array[]).map((serializedTx) => + VersionedTransaction.deserialize(Buffer.from(serializedTx)), + ) } catch (err) { console.error('Failed to deserialize transactions', err) throw err