Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
constructor({ address }: MetamaskWalletConstructorArgumentsType) {
/*
* Validate the address that's coming in from Metamask
*/
addressValidator(address);
Object.defineProperties(this, {
/*
* The initial address is set when `open()`-ing the wallet, but after that
* it's updated via the Metamask state change observer.
*
* This way, we keep it in sync with the changes from Metamask's UI
*/
address: Object.assign({}, { value: address }, SETTERS),
type: Object.assign({}, { value: TYPE_SOFTWARE }, GENERIC_PROPS),
subtype: Object.assign({}, { value: SUBTYPE_METAMASK }, GENERIC_PROPS),
sign: Object.assign(
{},
{
value: async (transactionObject: TransactionObjectType) => {
/*
* Validate the trasaction's object input
export const verifyMessage = async ({
address,
...signatureMessage
}: Object = {}): Promise => {
/*
* Validate the address locally
*/
addressValidator(address);
/*
* Validate the rest of the pros using the core helper
*/
const { message, signature } = messageVerificationObjectValidator(
signatureMessage,
);
try {
const recoveredAddress: string = verifyEthersMessage(
message,
signature,
);
/*
* Validate the recovered address
*/
addressValidator(recoveredAddress);
return address === recoveredAddress;
(error: Error, recoveredAddress: string) => {
try {
if (error) {
throw new Error(error.message);
}
/*
* Validate that the recovered address is correct
*/
addressValidator(recoveredAddress);
/*
* Add the `0x` prefix to the recovered address
*/
const normalizedRecoveredAddress: string = addressNormalizer(
recoveredAddress,
);
/*
* Add the `0x` prefix to the current address
*/
const normalizedCurrentAddress: string = addressNormalizer(
currentAddress,
);
return resolve(
normalizedRecoveredAddress === normalizedCurrentAddress,
);
} catch (caughtError) {
export const signMessage = async ({
currentAddress,
message,
messageData,
}: Object = {}): Promise => {
addressValidator(currentAddress);
const toSign = messageOrDataValidator({ message, messageData });
/*
* We must check for the Metamask injected in-page proxy every time we
* try to access it. This is because something can change it from the time
* of last detection until now.
*/
return methodCaller(
/*
* @TODO Move into own (non-anonymous) method
* This way we could better test it
*/
() =>
new Promise((resolve, reject) => {
/*
* Sign the message. This will prompt the user via Metamask's UI
*/
export const verifyMessage = async ({
address,
...signatureMessage
}: Object = {}): Promise => {
/*
* Validate the address locally
*/
addressValidator(address);
/*
* Validate the rest of the pros using the core helper
*/
const { message, signature } = messageVerificationObjectValidator(
signatureMessage,
);
warning(messages.messageSignatureOnlyTrezor);
try {
const { success: isMessageValid } = await payloadListener({
payload: Object.assign({}, PAYLOAD_VERIFYMSG, {
/*
* Trezor service requires the prefix from the address to be stripped
*/
address: addressNormalizer(address, false),
message,
/*
addressValidator(address);
/*
* Validate the rest of the pros using the core helper
*/
const { message, signature } = messageVerificationObjectValidator(
signatureMessage,
);
try {
const recoveredAddress: string = verifyEthersMessage(
message,
signature,
);
/*
* Validate the recovered address
*/
addressValidator(recoveredAddress);
return address === recoveredAddress;
} catch (caughtError) {
throw new Error(
`${messages.cannotVerifySignature} ${objectToErrorString(
signatureMessage,
)} Error: ${caughtError.message}`,
);
}
};
export const signTransaction = async ({
from,
nonce: manualNonce,
...transactionObject
}: Object = {}): Promise => {
const {
chainId,
gasPrice,
gasLimit,
to,
value,
inputData,
} = transactionObjectValidator(transactionObject);
addressValidator(from);
/*
* Metamask auto-sets the nonce based on the next one available. You can manually
* override it, but it's best to omit it.
*
* So we only validate if there is one, otherwise we just pass undefined
* to the transaction object.
*
* We also notify (in dev mode) the user about not setting the nonce.
*/
if (manualNonce) {
safeIntegerValidator(manualNonce);
warning(messages.dontSetNonce);
}
/*
* We must check for the Metamask injected in-page proxy every time we
* try to access it. This is because something can change it from the time
constructor(ethersInstance: WalletArgumentsType = {}) {
const {
address,
privateKey,
password,
originalMnemonic: mnemonic,
keystore,
chainId,
sign: ethersSign,
signMessage: ethersSignMessage,
} = ethersInstance;
/*
* Validate the private key and address that's coming in from ethers.
*/
addressValidator(address);
hexSequenceValidator(privateKey);
/*
* If we have a keystore JSON string and encryption password, set them
* to the internal variables.
*/
internalEncryptionPassword = password;
internalKeystoreJson = keystore;
/*
* Set the private key to a "internal" variable since we only allow
* access to it through a getter and not directly via a prop.
*/
Object.defineProperties(this, {
address: Object.assign({}, { value: address }, WALLET_PROPS),
type: Object.assign({}, { value: TYPE_SOFTWARE }, WALLET_PROPS),
subtype: Object.assign({}, { value: SUBTYPE_ETHERS }, WALLET_PROPS),
chainId: Object.assign({}, { value: chainId }, WALLET_PROPS),