npm - @usherlabs/cex-broker - Versions diffs - 0.2.1 → 0.2.2 - Mend

@usherlabs/cex-broker 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/commands/cli.js +209 -40
package/dist/helpers/index.d.ts +1 -0
package/dist/index.js +210 -41
package/dist/index.js.map +7 -6
package/dist/utils/payload-reader.d.ts +13 -0
package/package.json +1 -1

package/dist/commands/cli.js CHANGED Viewed

@@ -313654,20 +313654,33 @@ function loadPolicy(policyPath) {
     if (error) {
       throw new Error(`Policy validation failed: ${error.details.map((d) => d.message).join("; ")}`);
     }
-    const normalizedPolicy = value;
-    normalizedPolicy.withdraw.rule = normalizedPolicy.withdraw.rule.map((rule) => ({
-      ...rule,
-      exchange: rule.exchange.trim().toUpperCase(),
-      network: rule.network.trim().toUpperCase(),
-      whitelist: rule.whitelist.map((a) => a.trim().toLowerCase())
-    }));
-    normalizedPolicy.order.rule.limits = normalizedPolicy.order.rule.limits ?? [];
-    return normalizedPolicy;
+    return normalizePolicyConfig(value);
   } catch (error) {
     console.error("Failed to load policy:", error);
     throw new Error("Policy configuration could not be loaded");
   }
 }
+function normalizePolicyConfig(policy) {
+  return {
+    ...policy,
+    withdraw: {
+      ...policy.withdraw,
+      rule: policy.withdraw.rule.map((rule) => ({
+        ...rule,
+        exchange: rule.exchange.trim().toUpperCase(),
+        network: rule.network.trim().toUpperCase(),
+        whitelist: rule.whitelist.map((address) => address.trim().toLowerCase())
+      }))
+    },
+    order: {
+      ...policy.order,
+      rule: {
+        ...policy.order.rule,
+        limits: policy.order.rule.limits ?? []
+      }
+    }
+  };
+}
 function getWithdrawRulePriority(rule, exchange, network) {
   const exchangeMatch = rule.exchange === exchange || rule.exchange === "*";
   const networkMatch = rule.network === network || rule.network === "*";
@@ -313686,15 +313699,16 @@ function getWithdrawRulePriority(rule, exchange, network) {
   return 1;
 }
 function validateWithdraw(policy, exchange, network, recipientAddress, _amount, _ticker) {
+  const normalizedPolicy = normalizePolicyConfig(policy);
   const exchangeNorm = exchange.trim().toUpperCase();
   const networkNorm = network.trim().toUpperCase();
-  const matchingRules = policy.withdraw.rule.map((rule) => ({
+  const matchingRules = normalizedPolicy.withdraw.rule.map((rule) => ({
     rule,
     priority: getWithdrawRulePriority(rule, exchangeNorm, networkNorm)
   })).filter((r) => r.priority > 0).sort((a, b2) => b2.priority - a.priority);
   const withdrawRule = matchingRules[0]?.rule;
   if (!withdrawRule) {
-    const allowedPairs = policy.withdraw.rule.map((r) => `${r.exchange}:${r.network}`);
+    const allowedPairs = normalizedPolicy.withdraw.rule.map((r) => `${r.exchange}:${r.network}`);
     return {
       valid: false,
       error: `Network ${networkNorm} is not allowed for exchange ${exchangeNorm}. Allowed exchange/network pairs: ${allowedPairs.join(", ")}`
@@ -314303,10 +314317,77 @@ var descriptor = {
 };
 var node_descriptor_default = descriptor;
+// src/utils/payload-reader.ts
+class PayloadValidationError extends Error {
+  constructor(message) {
+    super(`ValidationError: ${message}`);
+    this.name = "PayloadValidationError";
+  }
+}
+function parseNumberField(value, fieldName) {
+  if (typeof value !== "string" && typeof value !== "number") {
+    throw new PayloadValidationError(`'${fieldName}' must be a numeric string`);
+  }
+  const parsed = typeof value === "number" ? value : Number(value.trim());
+  if (!Number.isFinite(parsed)) {
+    throw new PayloadValidationError(`'${fieldName}' must be a valid number`);
+  }
+  return parsed;
+}
+function parseJsonField(value, fieldName, expected) {
+  const parsedValue = typeof value === "string" ? (() => {
+    try {
+      return JSON.parse(value);
+    } catch {
+      throw new PayloadValidationError(`Failed to parse JSON for '${fieldName}'`);
+    }
+  })() : value;
+  if (expected === "jsonObject") {
+    if (typeof parsedValue !== "object" || parsedValue === null || Array.isArray(parsedValue)) {
+      throw new PayloadValidationError(`'${fieldName}' must be a JSON object`);
+    }
+    return parsedValue;
+  }
+  if (!Array.isArray(parsedValue)) {
+    throw new PayloadValidationError(`'${fieldName}' must be a JSON array`);
+  }
+  return parsedValue;
+}
+class PayloadReader {
+  payload;
+  constructor(payload) {
+    this.payload = { ...payload ?? {} };
+  }
+  read(shape) {
+    const prepared = { ...this.payload };
+    for (const [fieldName, spec] of Object.entries(shape)) {
+      const rawValue = prepared[fieldName];
+      const isMissing = rawValue === undefined || rawValue === null;
+      if (isMissing) {
+        if (spec.required) {
+          throw new PayloadValidationError(`'${fieldName}' is required`);
+        }
+        continue;
+      }
+      if (spec.type === "number") {
+        prepared[fieldName] = parseNumberField(rawValue, fieldName);
+        continue;
+      }
+      prepared[fieldName] = parseJsonField(rawValue, fieldName, spec.type);
+    }
+    return prepared;
+  }
+}
 // src/server.ts
 var packageDef = protoLoader.fromJSON(node_descriptor_default);
 var grpcObj = grpc.loadPackageDefinition(packageDef);
 var cexNode = grpcObj.cex_broker;
+function preparePayload(rawPayload, shape) {
+  const payload = new PayloadReader(rawPayload);
+  return payload.read(shape);
+}
 function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, otelMetrics) {
   const server = new grpc.Server;
   server.addService(cexNode.cex_service.service, {
@@ -314383,9 +314464,25 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
             amount: import_joi2.default.number().positive().required(),
             transactionHash: import_joi2.default.string().required(),
             since: import_joi2.default.number(),
-            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.string()).default({})
+            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.alternatives(import_joi2.default.string(), import_joi2.default.number())).default({})
           });
-          const { value, error } = transactionSchema.validate(call.request.payload ?? {});
+          let payload;
+          try {
+            payload = preparePayload(call.request.payload, {
+              amount: { type: "number", required: true },
+              since: { type: "number" },
+              params: { type: "jsonObject" }
+            });
+          } catch (error2) {
+            if (error2 instanceof PayloadValidationError) {
+              return wrappedCallback({
+                code: grpc.status.INVALID_ARGUMENT,
+                message: error2.message
+              }, null);
+            }
+            throw error2;
+          }
+          const { value, error } = transactionSchema.validate(payload);
           if (error) {
             return wrappedCallback({
               code: grpc.status.INVALID_ARGUMENT,
@@ -314494,20 +314591,20 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
             args: import_joi2.default.array().items(import_joi2.default.alternatives(import_joi2.default.string(), import_joi2.default.number(), import_joi2.default.boolean(), import_joi2.default.object(), import_joi2.default.array())).default([]),
             params: import_joi2.default.object().default({})
           });
-          const rawPayload = call.request.payload ?? {};
-          const preparedPayload = { ...rawPayload };
+          let preparedPayload;
           try {
-            if (typeof preparedPayload.args === "string") {
-              preparedPayload.args = JSON.parse(preparedPayload.args);
-            }
-            if (typeof preparedPayload.params === "string") {
-              preparedPayload.params = JSON.parse(preparedPayload.params);
+            preparedPayload = preparePayload(call.request.payload, {
+              args: { type: "jsonArray" },
+              params: { type: "jsonObject" }
+            });
+          } catch (error) {
+            if (error instanceof PayloadValidationError) {
+              return wrappedCallback({
+                code: grpc.status.INVALID_ARGUMENT,
+                message: error.message
+              }, null);
             }
-          } catch {
-            return wrappedCallback({
-              code: grpc.status.INVALID_ARGUMENT,
-              message: "ValidationError: Failed to parse JSON for 'args' or 'params'"
-            }, null);
+            throw error;
           }
           const { value: callValue, error: callError } = callSchema.validate(preparedPayload);
           if (callError) {
@@ -314564,11 +314661,24 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
           const {
             value: fetchDepositAddresses,
             error: errorFetchDepositAddresses
-          } = fetchDepositAddressesSchema.validate(call.request.payload ?? {});
+          } = (() => {
+            try {
+              const payload = preparePayload(call.request.payload, {
+                params: { type: "jsonObject" }
+              });
+              return fetchDepositAddressesSchema.validate(payload);
+            } catch (error) {
+              if (error instanceof PayloadValidationError) {
+                return { value: null, error };
+              }
+              throw error;
+            }
+          })();
           if (errorFetchDepositAddresses) {
+            const message = errorFetchDepositAddresses instanceof PayloadValidationError ? errorFetchDepositAddresses.message : `ValidationError: ${errorFetchDepositAddresses.message}`;
             return wrappedCallback({
               code: grpc.status.INVALID_ARGUMENT,
-              message: `ValidationError: ${errorFetchDepositAddresses?.message}`
+              message
             }, null);
           }
           try {
@@ -314612,16 +314722,31 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
             recipientAddress: import_joi2.default.string().required(),
             amount: import_joi2.default.number().positive().required(),
             chain: import_joi2.default.string().required(),
-            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.string()).default({})
+            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.alternatives(import_joi2.default.string(), import_joi2.default.number())).default({})
           });
-          const { value: transferValue, error: transferError } = transferSchema.validate(call.request.payload ?? {});
+          let payload;
+          try {
+            payload = preparePayload(call.request.payload, {
+              amount: { type: "number", required: true },
+              params: { type: "jsonObject" }
+            });
+          } catch (error) {
+            if (error instanceof PayloadValidationError) {
+              return wrappedCallback({
+                code: grpc.status.INVALID_ARGUMENT,
+                message: error.message
+              }, null);
+            }
+            throw error;
+          }
+          const { value: transferValue, error: transferError } = transferSchema.validate(payload);
           if (transferError) {
             return wrappedCallback({
               code: grpc.status.INVALID_ARGUMENT,
               message: `ValidationError:" ${transferError?.message}`
             }, null);
           }
-          const transferValidation = validateWithdraw(policy, cex3, transferValue.chain, transferValue.recipientAddress, Number(transferValue.amount), symbol);
+          const transferValidation = validateWithdraw(policy, cex3, transferValue.chain, transferValue.recipientAddress, transferValue.amount, symbol);
           if (!transferValidation.valid) {
             return wrappedCallback({
               code: grpc.status.PERMISSION_DENIED,
@@ -314637,7 +314762,7 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
                 message: `Broker ${cex3} doesnt support this ${transferValue.chain} for token ${symbol}`
               }, null);
             }
-            const transaction = await broker.withdraw(symbol, Number(transferValue.amount), transferValue.recipientAddress, undefined, { network: transferValue.chain });
+            const transaction = await broker.withdraw(symbol, transferValue.amount, transferValue.recipientAddress, undefined, { network: transferValue.chain });
             log.info(`Withdraw Result: ${JSON.stringify(transaction)}`);
             wrappedCallback(null, {
               proof: verityProof,
@@ -314659,9 +314784,25 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
             fromToken: import_joi2.default.string().required(),
             toToken: import_joi2.default.string().required(),
             price: import_joi2.default.number().positive().required(),
-            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.string()).default({})
+            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.alternatives(import_joi2.default.string(), import_joi2.default.number())).default({})
           });
-          const { value: orderValue, error: orderError } = createOrderSchema.validate(call.request.payload ?? {});
+          let payload;
+          try {
+            payload = preparePayload(call.request.payload, {
+              amount: { type: "number", required: true },
+              price: { type: "number", required: true },
+              params: { type: "jsonObject" }
+            });
+          } catch (error) {
+            if (error instanceof PayloadValidationError) {
+              return wrappedCallback({
+                code: grpc.status.INVALID_ARGUMENT,
+                message: error.message
+              }, null);
+            }
+            throw error;
+          }
+          const { value: orderValue, error: orderError } = createOrderSchema.validate(payload);
           if (orderError) {
             return wrappedCallback({
               code: grpc.status.INVALID_ARGUMENT,
@@ -314675,14 +314816,14 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
                 message: `Invalid CEX key: ${cex3}. Supported keys: ${Object.keys(brokers).join(", ")}`
               }, null);
             }
-            const resolution = await resolveOrderExecution(policy, broker, cex3, orderValue.fromToken, orderValue.toToken, Number(orderValue.amount), Number(orderValue.price));
+            const resolution = await resolveOrderExecution(policy, broker, cex3, orderValue.fromToken, orderValue.toToken, orderValue.amount, orderValue.price);
             if (!resolution.valid || !resolution.symbol || !resolution.side) {
               return wrappedCallback({
                 code: grpc.status.INVALID_ARGUMENT,
                 message: resolution.error ?? "Order rejected by policy: market or limits not satisfied"
               }, null);
             }
-            const order = await broker.createOrder(resolution.symbol, orderValue.orderType, resolution.side, Number(resolution.amountBase ?? orderValue.amount), Number(orderValue.price), orderValue.params ?? {});
+            const order = await broker.createOrder(resolution.symbol, orderValue.orderType, resolution.side, resolution.amountBase ?? orderValue.amount, orderValue.price, orderValue.params ?? {});
             wrappedCallback(null, { result: JSON.stringify({ ...order }) });
           } catch (error) {
             log.error({ error });
@@ -314696,9 +314837,23 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
         case Action.GetOrderDetails: {
           const getOrderSchema = import_joi2.default.object({
             orderId: import_joi2.default.string().required(),
-            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.string()).default({})
+            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.alternatives(import_joi2.default.string(), import_joi2.default.number())).default({})
           });
-          const { value: getOrderValue, error: getOrderError } = getOrderSchema.validate(call.request.payload ?? {});
+          let payload;
+          try {
+            payload = preparePayload(call.request.payload, {
+              params: { type: "jsonObject" }
+            });
+          } catch (error) {
+            if (error instanceof PayloadValidationError) {
+              return wrappedCallback({
+                code: grpc.status.INVALID_ARGUMENT,
+                message: error.message
+              }, null);
+            }
+            throw error;
+          }
+          const { value: getOrderValue, error: getOrderError } = getOrderSchema.validate(payload);
           if (getOrderError) {
             return wrappedCallback({
               code: grpc.status.INVALID_ARGUMENT,
@@ -314736,9 +314891,23 @@ function getServer(policy, brokers, whitelistIps, useVerity, verityProverUrl, ot
         case Action.CancelOrder: {
           const cancelOrderSchema = import_joi2.default.object({
             orderId: import_joi2.default.string().required(),
-            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.string()).default({})
+            params: import_joi2.default.object().pattern(import_joi2.default.string(), import_joi2.default.alternatives(import_joi2.default.string(), import_joi2.default.number())).default({})
           });
-          const { value: cancelOrderValue, error: cancelOrderError } = cancelOrderSchema.validate(call.request.payload ?? {});
+          let payload;
+          try {
+            payload = preparePayload(call.request.payload, {
+              params: { type: "jsonObject" }
+            });
+          } catch (error) {
+            if (error instanceof PayloadValidationError) {
+              return wrappedCallback({
+                code: grpc.status.INVALID_ARGUMENT,
+                message: error.message
+              }, null);
+            }
+            throw error;
+          }
+          const { value: cancelOrderValue, error: cancelOrderError } = cancelOrderSchema.validate(payload);
           if (cancelOrderError) {
             return wrappedCallback({
               code: grpc.status.INVALID_ARGUMENT,
@@ -315272,7 +315441,7 @@ class CEXBroker {
       this.policy = loadPolicy(policies);
       this.port = config?.port ?? 8086;
     } else {
-      this.policy = policies;
+      this.policy = normalizePolicyConfig(policies);
     }
     if (this.#policyFilePath) {
       this.watchPolicyFile(this.#policyFilePath);

package/dist/helpers/index.d.ts CHANGED Viewed

@@ -31,6 +31,7 @@ export declare function selectBroker(brokers: {
  * Loads and validates policy configuration
  */
 export declare function loadPolicy(policyPath: string): PolicyConfig;
+export declare function normalizePolicyConfig(policy: PolicyConfig): PolicyConfig;
 export declare function validateWithdraw(policy: PolicyConfig, exchange: string, network: string, recipientAddress: string, _amount: number, _ticker: string): {
     valid: boolean;
     error?: string;