anders/Wallet
1
0
Fork 0
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #712 from maraoz/txp/protocol/security2

Browse source 
Improve tx proposal protocol security
This commit is contained in:
Ryan X. Charles 2014-06-23 15:18:56 -07:00
commit 0d54875bf2
5 changed files with 86 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

41
test/test.TxProposals.js
View file

@ -149,16 +149,23 @@ describe('TxProposals model', function() {
address: toAddress,
amountSat: amountSat
}]);
var selectedUtxos = b.getSelectedUnspent();
var inputChainPaths = selectedUtxos.map(function(utxo) {
return pkr.pathForAddress(utxo.address);
});
var signRet;
if (priv) {
var pkeys = priv.getAll(pkr.indexes.getReceiveIndex(), pkr.indexes.getChangeIndex());
var pkeys = priv.getForPaths(inputChainPaths);
b.sign(pkeys);
}
var me = {};
if (priv) me[priv.id] = Date.now();
if (priv) me[priv.getId()] = Date.now();
return {
inputChainPaths: inputChainPaths,
creator: priv.getId(),
createdTs: new Date(),
signedBy: priv && b.signaturesAdded ? me : {},
seenBy: priv ? me : {},
builder: b,
@ -216,10 +223,11 @@ describe('TxProposals model', function() {
tx.isComplete().should.equal(false);
tx.countInputMissingSignatures(0).should.equal(2);
(w.txps[ntxid].signedBy[priv.id] - ts > 0).should.equal(true);
var x = priv.getId();
(w.txps[ntxid].signedBy[priv.getId()] - ts > 0).should.equal(true);
(w.txps[ntxid].seenBy[priv.id] - ts > 0).should.equal(true);
var info = w.merge(w.txps[ntxid]);
var info = w.merge(w.txps[ntxid], pkr.getCopayerId(0));
info.events.length.should.equal(0);
Object.keys(w.txps).length.should.equal(1);
@ -293,9 +301,10 @@ describe('TxProposals model', function() {
(w2.txps[ntxid].signedBy[priv.id] - ts > 0).should.equal(true);
(w2.txps[ntxid].seenBy[priv.id] - ts > 0).should.equal(true);
var info = w.merge(w2.txps[ntxid]);
info.events.length.should.equal(1);
info.events[0].type.should.equal('signed');
var info = w.merge(w2.txps[ntxid], pkr.getCopayerId(0));
info.events.length.should.equal(2);
info.events[0].type.should.equal('seen');
info.events[1].type.should.equal('signed');
Object.keys(w.txps).length.should.equal(1);
@ -401,9 +410,10 @@ describe('TxProposals model', function() {
(w2.txps[ntxid].signedBy[priv.id] - ts > 0).should.equal(true);
(w2.txps[ntxid].seenBy[priv.id] - ts > 0).should.equal(true);
var info = w.merge(w2.txps[ntxid]);
info.events.length.should.equal(1);
info.events[0].type.should.equal('signed');
var info = w.merge(w2.txps[ntxid], pkr.getCopayerId(0));
info.events.length.should.equal(2);
info.events[0].type.should.equal('seen');
info.events[1].type.should.equal('signed');
tx = w.txps[ntxid].builder.build();
tx.isComplete().should.equal(false);
@ -431,8 +441,7 @@ describe('TxProposals model', function() {
(w3.txps[ntxid].signedBy[priv2.id] - ts > 0).should.equal(true);
(w3.txps[ntxid].seenBy[priv2.id] - ts > 0).should.equal(true);
var info = w.merge(w3.txps[ntxid]);
info.events.length.should.equal(0);
var info = w.merge(w3.txps[ntxid], pkr.getCopayerId(1));
Object.keys(w.txps).length.should.equal(1);
@ -522,8 +531,7 @@ describe('TxProposals model', function() {
(w3.txps[ntxid].signedBy[priv3.id] - ts > 0).should.equal(true);
(w3.txps[ntxid].seenBy[priv3.id] - ts > 0).should.equal(true);
var info = w.merge(w2.txps[ntxid]);
info.events.length.should.equal(0);
var info = w.merge(w2.txps[ntxid], pkr.getCopayerId(1));
Object.keys(w.txps).length.should.equal(1);
var tx = w.txps[ntxid].builder.build();
@ -535,8 +543,7 @@ describe('TxProposals model', function() {
(w.txps[ntxid].signedBy[priv2.id] - ts > 0).should.equal(true);
var info = w.merge(w3.txps[ntxid]);
info.events.length.should.equal(0);
var info = w.merge(w3.txps[ntxid], pkr.getCopayerId(2));
var tx = w.txps[ntxid].builder.build();
tx.isComplete().should.equal(true);
@ -601,7 +608,7 @@ describe('TxProposals model', function() {
should.exist(w2.txps[ntxid].builder);
should.exist(w2.txps[ntxid].builder.valueInSat);
w2.merge(w.txps[ntxid]);
w2.merge(w.txps[ntxid], pkr.getCopayerId(0));
Object.keys(w2.txps).length.should.equal(1);
});

67
test/test.Wallet.js
View file

@ -67,13 +67,13 @@ describe('Wallet model', function() {
c.network = new Network(config.network);
c.blockchain = new Blockchain(config.blockchain);
c.addressBook = {
'2NFR2kzH9NUdp8vsXTB4wWQtTtzhpKxsyoJ' : {
c.addressBook = {
'2NFR2kzH9NUdp8vsXTB4wWQtTtzhpKxsyoJ': {
label: 'John',
copayerId: '026a55261b7c898fff760ebe14fd22a71892295f3b49e0ca66727bc0a0d7f94d03',
createdTs: 1403102115,
},
'2MtP8WyiwG7ZdVWM96CVsk2M1N8zyfiVQsY' : {
},
'2MtP8WyiwG7ZdVWM96CVsk2M1N8zyfiVQsY': {
label: 'Jennifer',
copayerId: '032991f836543a492bd6d0bb112552bfc7c5f3b7d5388fcbcbf2fbb893b44770d7',
createdTs: 1403103115,
@ -312,7 +312,7 @@ describe('Wallet model', function() {
setTimeout(function() {
sinon.assert.callCount(spy, callCount);
done();
}, w.reconnectDelay*callCount*(callCount+1)/2);
}, w.reconnectDelay * callCount * (callCount + 1) / 2);
});
it('handle network indexes correctly', function() {
@ -641,7 +641,7 @@ describe('Wallet model', function() {
var ADDRESSES_RECEIVE = w.deriveAddresses(0, 20, false);
w.blockchain.checkActivity = function(addresses, cb) {
var activity = new Array(addresses.length);
for(var i=0; i<addresses.length; i++) {
for (var i = 0; i < addresses.length; i++) {
var a1 = ADDRESSES_CHANGE.indexOf(addresses[i]);
var a2 = ADDRESSES_RECEIVE.indexOf(addresses[i]);
activity[i] = f(Math.max(a1, a2));
@ -652,8 +652,10 @@ describe('Wallet model', function() {
it('#indexDiscovery should work without found activities', function(done) {
var w = createW2();
mockFakeActivity(w, function(index) { return false });
w.indexDiscovery(0, false, 5, function(e, lastActive){
mockFakeActivity(w, function(index) {
return false
});
w.indexDiscovery(0, false, 5, function(e, lastActive) {
lastActive.should.equal(-1);
done();
});
@ -661,8 +663,10 @@ describe('Wallet model', function() {
it('#indexDiscovery should continue scanning', function(done) {
var w = createW2();
mockFakeActivity(w, function(index) { return index <= 7 });
w.indexDiscovery(0, false, 5, function(e, lastActive){
mockFakeActivity(w, function(index) {
return index <= 7
});
w.indexDiscovery(0, false, 5, function(e, lastActive) {
lastActive.should.equal(7);
done();
});
@ -670,8 +674,10 @@ describe('Wallet model', function() {
it('#indexDiscovery should not found beyond the scannWindow', function(done) {
var w = createW2();
mockFakeActivity(w, function(index) { return index <= 10 || index == 17 });
w.indexDiscovery(0, false, 5, function(e, lastActive){
mockFakeActivity(w, function(index) {
return index <= 10 || index == 17
});
w.indexDiscovery(0, false, 5, function(e, lastActive) {
lastActive.should.equal(10);
done();
});
@ -679,8 +685,10 @@ describe('Wallet model', function() {
it('#indexDiscovery should look for activity along the scannWindow', function(done) {
var w = createW2();
mockFakeActivity(w, function(index) { return index <= 14 && index % 2 == 0 });
w.indexDiscovery(0, false, 5, function(e, lastActive){
mockFakeActivity(w, function(index) {
return index <= 14 && index % 2 == 0
});
w.indexDiscovery(0, false, 5, function(e, lastActive) {
lastActive.should.equal(14);
done();
});
@ -688,7 +696,9 @@ describe('Wallet model', function() {
it('#updateIndexes should update correctly', function(done) {
var w = createW2();
mockFakeActivity(w, function(index) { return index <= 14 && index % 2 == 0 });
mockFakeActivity(w, function(index) {
return index <= 14 && index % 2 == 0
});
w.updateIndexes(function(err) {
w.publicKeyRing.indexes.receiveIndex.should.equal(15);
w.publicKeyRing.indexes.changeIndex.should.equal(15);
@ -698,7 +708,9 @@ describe('Wallet model', function() {
it('#updateIndexes should store and emit event', function(done) {
var w = createW2();
mockFakeActivity(w, function(index) { return index <= 14 && index % 2 == 0 });
mockFakeActivity(w, function(index) {
return index <= 14 && index % 2 == 0
});
var spyStore = sinon.spy(w, 'store');
var spyEmit = sinon.spy(w, 'emit');
w.updateIndexes(function(err) {
@ -720,16 +732,13 @@ describe('Wallet model', function() {
done();
});
var contacts = [
{
label: 'Charles',
address: '2N8pJWpXCAxmNLHKVEhz3TtTcYCtHd43xWU ',
},
{
label: 'Linda',
address: '2N4Zq92goYGrf5J4F4SZZq7jnPYbCiyRYT2 ',
}
];
var contacts = [{
label: 'Charles',
address: '2N8pJWpXCAxmNLHKVEhz3TtTcYCtHd43xWU ',
}, {
label: 'Linda',
address: '2N4Zq92goYGrf5J4F4SZZq7jnPYbCiyRYT2 ',
}];
it('should create new entry for address book', function() {
var w = createW();
@ -747,7 +756,7 @@ describe('Wallet model', function() {
}).should.
throw();
});
it('should delete an entry for address book', function() {
var w = createW();
contacts.forEach(function(c) {
@ -763,8 +772,8 @@ describe('Wallet model', function() {
var w = createW();
var data = {
walletId: w.id,
addressBook: {
'msj42CCGruhRsFrGATiUuh25dtxYtnpbTx' : {
addressBook: {
'msj42CCGruhRsFrGATiUuh25dtxYtnpbTx': {
label: 'Faucet',
copayerId: '026a55261b7c898fff760ebe14fd22a71892295f3b49e0ca66727bc0a0d7f94d03',
createdTs: 1403102115,