github.com/ethereum/go-ethereum@v1.16.1/signer/fourbyte/validation.go (about) 1 // Copyright 2019 The go-ethereum Authors 2 // This file is part of the go-ethereum library. 3 // 4 // The go-ethereum library is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Lesser General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // The go-ethereum library is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Lesser General Public License for more details. 13 // 14 // You should have received a copy of the GNU Lesser General Public License 15 // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. 16 17 package fourbyte 18 19 import ( 20 "bytes" 21 "errors" 22 "fmt" 23 24 "github.com/ethereum/go-ethereum/common" 25 "github.com/ethereum/go-ethereum/signer/core/apitypes" 26 ) 27 28 // ValidateTransaction does a number of checks on the supplied transaction, and 29 // returns either a list of warnings, or an error (indicating that the transaction 30 // should be immediately rejected). 31 func (db *Database) ValidateTransaction(selector *string, tx *apitypes.SendTxArgs) (*apitypes.ValidationMessages, error) { 32 messages := new(apitypes.ValidationMessages) 33 34 // Prevent accidental erroneous usage of both 'input' and 'data' (show stopper) 35 if tx.Data != nil && tx.Input != nil && !bytes.Equal(*tx.Data, *tx.Input) { 36 return nil, errors.New(`ambiguous request: both "data" and "input" are set and are not identical`) 37 } 38 // ToTransaction validates, among other things, that blob hashes match with blobs, and also 39 // populates the hashes if they were previously unset. 40 if _, err := tx.ToTransaction(); err != nil { 41 return nil, err 42 } 43 // Place data on 'data', and nil 'input' 44 var data []byte 45 if tx.Input != nil { 46 tx.Data = tx.Input 47 tx.Input = nil 48 } 49 if tx.Data != nil { 50 data = *tx.Data 51 } 52 // Contract creation doesn't validate call data, handle first 53 if tx.To == nil { 54 // Contract creation should contain sufficient data to deploy a contract. A 55 // typical error is omitting sender due to some quirk in the javascript call 56 // e.g. https://github.com/ethereum/go-ethereum/issues/16106. 57 if len(data) == 0 { 58 // Prevent sending ether into black hole (show stopper) 59 if tx.Value.ToInt().Sign() > 0 { 60 return nil, errors.New("transaction will create a contract with value but empty code") 61 } 62 // No value submitted at least, critically Warn, but don't blow up 63 messages.Crit("Transaction will create a contract with empty code") 64 } else if len(data) < 40 { // arbitrary heuristic limit 65 messages.Warn(fmt.Sprintf("Transaction will create a contract, but the payload is suspiciously small (%d bytes)", len(data))) 66 } 67 // Method selector should be nil for contract creation 68 if selector != nil { 69 messages.Warn("Transaction will create a contract, but method selector supplied, indicating an intent to call a method") 70 } 71 return messages, nil 72 } 73 // Not a contract creation, validate as a plain transaction 74 if !tx.To.ValidChecksum() { 75 messages.Warn("Invalid checksum on recipient address") 76 } 77 if bytes.Equal(tx.To.Address().Bytes(), common.Address{}.Bytes()) { 78 messages.Crit("Transaction recipient is the zero address") 79 } 80 switch { 81 case tx.GasPrice == nil && tx.MaxFeePerGas == nil: 82 messages.Crit("Neither 'gasPrice' nor 'maxFeePerGas' specified.") 83 case tx.GasPrice == nil && tx.MaxPriorityFeePerGas == nil: 84 messages.Crit("Neither 'gasPrice' nor 'maxPriorityFeePerGas' specified.") 85 case tx.GasPrice != nil && tx.MaxFeePerGas != nil: 86 messages.Crit("Both 'gasPrice' and 'maxFeePerGas' specified.") 87 case tx.GasPrice != nil && tx.MaxPriorityFeePerGas != nil: 88 messages.Crit("Both 'gasPrice' and 'maxPriorityFeePerGas' specified.") 89 } 90 // Semantic fields validated, try to make heads or tails of the call data 91 db.ValidateCallData(selector, data, messages) 92 return messages, nil 93 } 94 95 // ValidateCallData checks if the ABI call-data + method selector (if given) can 96 // be parsed and seems to match. 97 func (db *Database) ValidateCallData(selector *string, data []byte, messages *apitypes.ValidationMessages) { 98 // If the data is empty, we have a plain value transfer, nothing more to do 99 if len(data) == 0 { 100 return 101 } 102 // Validate the call data that it has the 4byte prefix and the rest divisible by 32 bytes 103 if len(data) < 4 { 104 messages.Warn("Transaction data is not valid ABI (missing the 4 byte call prefix)") 105 return 106 } 107 if n := len(data) - 4; n%32 != 0 { 108 messages.Warn(fmt.Sprintf("Transaction data is not valid ABI (length should be a multiple of 32 (was %d))", n)) 109 } 110 // If a custom method selector was provided, validate with that 111 if selector != nil { 112 if info, err := verifySelector(*selector, data); err != nil { 113 messages.Warn(fmt.Sprintf("Transaction contains data, but provided ABI signature could not be matched: %v", err)) 114 } else { 115 messages.Info(fmt.Sprintf("Transaction invokes the following method: %q", info.String())) 116 db.AddSelector(*selector, data[:4]) 117 } 118 return 119 } 120 // No method selector was provided, check the database for embedded ones 121 embedded, err := db.Selector(data[:4]) 122 if err != nil { 123 messages.Warn(fmt.Sprintf("Transaction contains data, but the ABI signature could not be found: %v", err)) 124 return 125 } 126 if info, err := verifySelector(embedded, data); err != nil { 127 messages.Warn(fmt.Sprintf("Transaction contains data, but provided ABI signature could not be verified: %v", err)) 128 } else { 129 messages.Info(fmt.Sprintf("Transaction invokes the following method: %q", info.String())) 130 } 131 }