dexe-mcp 0.8.3 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +70 -0
- package/README.md +1 -0
- package/dist/bootstrap.d.ts +14 -0
- package/dist/bootstrap.d.ts.map +1 -1
- package/dist/bootstrap.js +24 -2
- package/dist/bootstrap.js.map +1 -1
- package/dist/diag/checks.d.ts.map +1 -1
- package/dist/diag/checks.js +5 -4
- package/dist/diag/checks.js.map +1 -1
- package/dist/lib/amount.d.ts +23 -0
- package/dist/lib/amount.d.ts.map +1 -0
- package/dist/lib/amount.js +30 -0
- package/dist/lib/amount.js.map +1 -0
- package/dist/lib/broadcastGuards.d.ts +10 -0
- package/dist/lib/broadcastGuards.d.ts.map +1 -1
- package/dist/lib/broadcastGuards.js +11 -1
- package/dist/lib/broadcastGuards.js.map +1 -1
- package/dist/lib/decoders.d.ts +20 -0
- package/dist/lib/decoders.d.ts.map +1 -1
- package/dist/lib/decoders.js +52 -0
- package/dist/lib/decoders.js.map +1 -1
- package/dist/lib/ipfs.d.ts +14 -0
- package/dist/lib/ipfs.d.ts.map +1 -1
- package/dist/lib/ipfs.js +31 -1
- package/dist/lib/ipfs.js.map +1 -1
- package/dist/lib/markdownToSlate.d.ts +9 -0
- package/dist/lib/markdownToSlate.d.ts.map +1 -1
- package/dist/lib/markdownToSlate.js +24 -0
- package/dist/lib/markdownToSlate.js.map +1 -1
- package/dist/lib/multicall.d.ts.map +1 -1
- package/dist/lib/multicall.js +12 -2
- package/dist/lib/multicall.js.map +1 -1
- package/dist/lib/protocolAdvisories.d.ts +26 -0
- package/dist/lib/protocolAdvisories.d.ts.map +1 -0
- package/dist/lib/protocolAdvisories.js +39 -0
- package/dist/lib/protocolAdvisories.js.map +1 -0
- package/dist/lib/redact.d.ts +36 -0
- package/dist/lib/redact.d.ts.map +1 -0
- package/dist/lib/redact.js +72 -0
- package/dist/lib/redact.js.map +1 -0
- package/dist/lib/sanitize.d.ts +31 -0
- package/dist/lib/sanitize.d.ts.map +1 -0
- package/dist/lib/sanitize.js +51 -0
- package/dist/lib/sanitize.js.map +1 -0
- package/dist/lib/signer.d.ts +11 -0
- package/dist/lib/signer.d.ts.map +1 -1
- package/dist/lib/signer.js +16 -0
- package/dist/lib/signer.js.map +1 -1
- package/dist/lib/subgraph.d.ts +7 -0
- package/dist/lib/subgraph.d.ts.map +1 -1
- package/dist/lib/subgraph.js +24 -2
- package/dist/lib/subgraph.js.map +1 -1
- package/dist/rpc.d.ts.map +1 -1
- package/dist/rpc.js +2 -1
- package/dist/rpc.js.map +1 -1
- package/dist/tools/dao.d.ts.map +1 -1
- package/dist/tools/dao.js +2 -1
- package/dist/tools/dao.js.map +1 -1
- package/dist/tools/flow.d.ts +6 -0
- package/dist/tools/flow.d.ts.map +1 -1
- package/dist/tools/flow.js +59 -13
- package/dist/tools/flow.js.map +1 -1
- package/dist/tools/getConfig.d.ts.map +1 -1
- package/dist/tools/getConfig.js +2 -1
- package/dist/tools/getConfig.js.map +1 -1
- package/dist/tools/gov.d.ts.map +1 -1
- package/dist/tools/gov.js +41 -11
- package/dist/tools/gov.js.map +1 -1
- package/dist/tools/otc.d.ts +12 -0
- package/dist/tools/otc.d.ts.map +1 -1
- package/dist/tools/otc.js +31 -18
- package/dist/tools/otc.js.map +1 -1
- package/dist/tools/proposalBuild.d.ts.map +1 -1
- package/dist/tools/proposalBuild.js +2 -1
- package/dist/tools/proposalBuild.js.map +1 -1
- package/dist/tools/proposalBuildComplex.d.ts.map +1 -1
- package/dist/tools/proposalBuildComplex.js +38 -10
- package/dist/tools/proposalBuildComplex.js.map +1 -1
- package/dist/tools/proposalBuildMore.d.ts.map +1 -1
- package/dist/tools/proposalBuildMore.js +6 -1
- package/dist/tools/proposalBuildMore.js.map +1 -1
- package/dist/tools/read.d.ts +1 -0
- package/dist/tools/read.d.ts.map +1 -1
- package/dist/tools/read.js +61 -18
- package/dist/tools/read.js.map +1 -1
- package/dist/tools/safe.d.ts.map +1 -1
- package/dist/tools/safe.js +13 -0
- package/dist/tools/safe.js.map +1 -1
- package/dist/tools/txSend.d.ts +6 -0
- package/dist/tools/txSend.d.ts.map +1 -1
- package/dist/tools/txSend.js +26 -3
- package/dist/tools/txSend.js.map +1 -1
- package/dist/tools/voteBuild.d.ts.map +1 -1
- package/dist/tools/voteBuild.js +26 -23
- package/dist/tools/voteBuild.js.map +1 -1
- package/package.json +1 -1
package/dist/lib/ipfs.js
CHANGED
|
@@ -52,7 +52,22 @@ export async function fetchIpfs(cid, cfg) {
|
|
|
52
52
|
// not JSON — that's fine
|
|
53
53
|
}
|
|
54
54
|
}
|
|
55
|
-
|
|
55
|
+
const verdict = await verifyCidBytes(parsed, bytes);
|
|
56
|
+
if (verdict === "mismatch") {
|
|
57
|
+
// W20: a hostile / MitM gateway returned bytes that don't hash to the
|
|
58
|
+
// requested CID. Don't trust it — try the next gateway.
|
|
59
|
+
errors.push(`${gw} → content-hash mismatch for ${cidStr}`);
|
|
60
|
+
continue;
|
|
61
|
+
}
|
|
62
|
+
return {
|
|
63
|
+
cid: cidStr,
|
|
64
|
+
gateway: gw,
|
|
65
|
+
contentType,
|
|
66
|
+
bytes,
|
|
67
|
+
json: parsedJson,
|
|
68
|
+
attempts,
|
|
69
|
+
verified: verdict === "verified",
|
|
70
|
+
};
|
|
56
71
|
}
|
|
57
72
|
catch (err) {
|
|
58
73
|
errors.push(`${gw} → ${err instanceof Error ? err.message : String(err)}`);
|
|
@@ -63,6 +78,21 @@ export async function fetchIpfs(cid, cfg) {
|
|
|
63
78
|
}
|
|
64
79
|
throw new Error(`IPFS fetch failed for ${cidStr} across ${attempts} gateway(s): ${errors.join("; ")}`);
|
|
65
80
|
}
|
|
81
|
+
/**
|
|
82
|
+
* W20 content-address check. Returns "verified" when sha256(bytes) reproduces
|
|
83
|
+
* the requested CID, "mismatch" when it doesn't (tampered / MitM gateway), and
|
|
84
|
+
* "unverifiable" for codecs whose CID is over a DAG rather than the raw bytes
|
|
85
|
+
* (dag-pb / unixfs) — those need full DAG reconstruction we don't perform here.
|
|
86
|
+
*/
|
|
87
|
+
export async function verifyCidBytes(parsedCid, bytes) {
|
|
88
|
+
if (parsedCid.multihash.code !== sha256.code)
|
|
89
|
+
return "unverifiable";
|
|
90
|
+
if (parsedCid.code !== raw.code && parsedCid.code !== json.code)
|
|
91
|
+
return "unverifiable";
|
|
92
|
+
const digest = await sha256.digest(bytes);
|
|
93
|
+
const expected = CID.create(parsedCid.version, parsedCid.code, digest);
|
|
94
|
+
return expected.equals(parsedCid) ? "verified" : "mismatch";
|
|
95
|
+
}
|
|
66
96
|
export function parseCid(input) {
|
|
67
97
|
const s = stripIpfsPrefix(input);
|
|
68
98
|
const cid = CID.parse(s);
|
package/dist/lib/ipfs.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ipfs.js","sourceRoot":"","sources":["../../src/lib/ipfs.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,KAAK,IAAI,MAAM,0BAA0B,CAAC;AACjD,OAAO,KAAK,GAAG,MAAM,yBAAyB,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAC;AAClD,OAAO,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAEtD;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAsB,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"ipfs.js","sourceRoot":"","sources":["../../src/lib/ipfs.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,KAAK,IAAI,MAAM,0BAA0B,CAAC;AACjD,OAAO,KAAK,GAAG,MAAM,yBAAyB,CAAC;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAC;AAClD,OAAO,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAEtD;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAsB,EAAE,CAAC;AAyBzD,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,GAAW,EACX,GAAoB;IAEpB,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACjC,MAAM,OAAO,GAAG,GAAG,CAAC,mBAAmB,IAAI,IAAI,CAAC;IAChD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,CAAC;IACzE,KAAK,MAAM,EAAE,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,QAAQ,EAAE,CAAC;QACX,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC3D,MAAM,GAAG,GAAG,GAAG,IAAI,SAAS,MAAM,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,CAAC;QACxD,sEAAsE;QACtE,wEAAwE;QACxE,oEAAoE;QACpE,yEAAyE;QACzE,2DAA2D;QAC3D,MAAM,OAAO,GAA2B,EAAE,CAAC;QAC3C,IAAI,kBAAkB,IAAI,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAChE,OAAO,CAAC,wBAAwB,CAAC,GAAG,kBAAkB,CAAC;QACzD,CAAC;QACD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACrE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC1C,SAAS;YACX,CAAC;YACD,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,0BAA0B,CAAC;YAClF,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;YACtD,IAAI,UAAU,GAAmB,IAAI,CAAC;YACtC,IAAI,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,IAAI,CAAC;oBACH,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC3D,CAAC;gBAAC,MAAM,CAAC;oBACP,yBAAyB;gBAC3B,CAAC;YACH,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;YACpD,IAAI,OAAO,KAAK,UAAU,EAAE,CAAC;gBAC3B,sEAAsE;gBACtE,wDAAwD;gBACxD,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,gCAAgC,MAAM,EAAE,CAAC,CAAC;gBAC3D,SAAS;YACX,CAAC;YACD,OAAO;gBACL,GAAG,EAAE,MAAM;gBACX,OAAO,EAAE,EAAE;gBACX,WAAW;gBACX,KAAK;gBACL,IAAI,EAAE,UAAU;gBAChB,QAAQ;gBACR,QAAQ,EAAE,OAAO,KAAK,UAAU;aACjC,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7E,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,yBAAyB,MAAM,WAAW,QAAQ,gBAAgB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,SAAc,EACd,KAAiB;IAEjB,IAAI,SAAS,CAAC,SAAS,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI;QAAE,OAAO,cAAc,CAAC;IACpE,IAAI,SAAS,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,IAAI,SAAS,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI;QAAE,OAAO,cAAc,CAAC;IACvF,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACvE,OAAO,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC;AAC9D,CAAC;AAaD,MAAM,UAAU,QAAQ,CAAC,KAAa;IACpC,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACzB,MAAM,OAAO,GAAG,GAAG,CAAC,OAAgB,CAAC;IACrC,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEjE,IAAI,SAAS,GAAkB,IAAI,CAAC;IACpC,IAAI,CAAC;QACH,IAAI,OAAO,KAAK,CAAC,EAAE,CAAC;YAClB,SAAS,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;aAAM,IAAI,OAAO,KAAK,CAAC,IAAI,GAAG,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YAC9C,6CAA6C;YAC7C,SAAS,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,SAAS,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AACvE,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,CAAS;IACvC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;AAC/D,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,KAAa;IACnC,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACzB,IAAI,GAAG,CAAC,OAAO,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACnD,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AACrC,CAAC;AAED,iEAAiE;AACjE,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,KAAc;IAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACxC,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AACzD,CAAC;AAED,iEAAiE;AACjE,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAiB;IACjD,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACxC,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC7B,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,IAAI;YACP,OAAO,KAAK,CAAC;QACf,KAAK,IAAI;YACP,OAAO,QAAQ,CAAC;QAClB,KAAK,IAAI;YACP,OAAO,UAAU,CAAC;QACpB,KAAK,MAAM;YACT,OAAO,MAAM,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,UAAU,CAAC;QACpB;YACE,OAAO,KAAK,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;IACpC,CAAC;AACH,CAAC;AAED,sCAAsC;AAEtC,MAAM,mBAAmB,GAAG,gDAAgD,CAAC;AAC7E,MAAM,mBAAmB,GAAG,gDAAgD,CAAC;AAC7E,MAAM,eAAe,GAAG,kDAAkD,CAAC;AAQ3E,MAAM,OAAO,YAAY;IACM;IAA7B,YAA6B,GAAW;QAAX,QAAG,GAAH,GAAG,CAAQ;QACtC,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IACtD,CAAC;IAED,4DAA4D;IAC5D,KAAK,CAAC,IAAI;QACR,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE;YACvC,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,GAAG,EAAE,EAAE;SACjD,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,CAAC,MAAM,IAAI,MAAM,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC7F,CAAC;IAED,KAAK,CAAC,OAAO,CACX,OAAgB,EAChB,IAA4D;QAE5D,MAAM,IAAI,GAAG;YACX,aAAa,EAAE,OAAO;YACtB,cAAc,EAAE,IAAI,EAAE,IAAI,IAAI,IAAI,EAAE,SAAS;gBAC3C,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE;gBAClD,CAAC,CAAC,SAAS;SACd,CAAC;QACF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC3C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,GAAG,EAAE;gBACnC,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;SAC3B,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,IAAI,MAAM,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACnF,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAI7B,CAAC;QACF,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAC9E,CAAC;IAED,KAAK,CAAC,OAAO,CACX,KAAiB,EACjB,IAA8F;QAE9F,MAAM,IAAI,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC,EAAE;YAC7B,IAAI,EAAE,IAAI,EAAE,WAAW,IAAI,0BAA0B;SACtD,CAAC,CAAC;QACH,wEAAwE;QACxE,wEAAwE;QACxE,yEAAyE;QACzE,qEAAqE;QACrE,0EAA0E;QAC1E,MAAM,IAAI,GAAG,IAAI,EAAE,iBAAiB,IAAI,IAAI,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,IAAI,MAAM,CAAC,CAAC;QACpD,IAAI,IAAI,EAAE,IAAI,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC3C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,GAAG,EAAE,EAAE;YAChD,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,IAAI,MAAM,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACnF,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAI7B,CAAC;QACF,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAC9E,CAAC;CACF"}
|
|
@@ -25,6 +25,15 @@
|
|
|
25
25
|
* inlineCode → wrapped in code-inline element
|
|
26
26
|
* delete → { strikethrough: true }
|
|
27
27
|
*/
|
|
28
|
+
/**
|
|
29
|
+
* Default cap on markdown input length (H-3 CPU-DoS guard). The parser is
|
|
30
|
+
* synchronous and super-linear in input size — ~16 KB blocks the single
|
|
31
|
+
* event loop for ~24 s, and unbounded input freezes the whole server. 16 KB is
|
|
32
|
+
* the documented threshold; operators in shared/untrusted environments should
|
|
33
|
+
* lower it via DEXE_MAX_DESCRIPTION_LEN.
|
|
34
|
+
*/
|
|
35
|
+
export declare const DEFAULT_MAX_MARKDOWN_LEN = 16384;
|
|
36
|
+
export declare function maxMarkdownLen(): number;
|
|
28
37
|
/**
|
|
29
38
|
* Convert a Markdown string to a Slate `SlateDescendant[]` array compatible
|
|
30
39
|
* with the DeXe investing-dashboard frontend.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"markdownToSlate.d.ts","sourceRoot":"","sources":["../../src/lib/markdownToSlate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;
|
|
1
|
+
{"version":3,"file":"markdownToSlate.d.ts","sourceRoot":"","sources":["../../src/lib/markdownToSlate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAqIH;;;;;;GAMG;AACH,eAAO,MAAM,wBAAwB,QAAS,CAAC;AAE/C,wBAAgB,cAAc,IAAI,MAAM,CAOvC;AAUD;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAiC3D"}
|
|
@@ -135,6 +135,23 @@ const overrides = {
|
|
|
135
135
|
};
|
|
136
136
|
/** The default empty Slate document the frontend uses. */
|
|
137
137
|
const SLATE_DEFAULT = [{ type: "paragraph", children: [{ text: "" }] }];
|
|
138
|
+
/**
|
|
139
|
+
* Default cap on markdown input length (H-3 CPU-DoS guard). The parser is
|
|
140
|
+
* synchronous and super-linear in input size — ~16 KB blocks the single
|
|
141
|
+
* event loop for ~24 s, and unbounded input freezes the whole server. 16 KB is
|
|
142
|
+
* the documented threshold; operators in shared/untrusted environments should
|
|
143
|
+
* lower it via DEXE_MAX_DESCRIPTION_LEN.
|
|
144
|
+
*/
|
|
145
|
+
export const DEFAULT_MAX_MARKDOWN_LEN = 16_384;
|
|
146
|
+
export function maxMarkdownLen() {
|
|
147
|
+
const raw = process.env.DEXE_MAX_DESCRIPTION_LEN?.trim();
|
|
148
|
+
if (raw && /^[0-9]+$/.test(raw)) {
|
|
149
|
+
const n = Number(raw);
|
|
150
|
+
if (n > 0)
|
|
151
|
+
return n;
|
|
152
|
+
}
|
|
153
|
+
return DEFAULT_MAX_MARKDOWN_LEN;
|
|
154
|
+
}
|
|
138
155
|
/**
|
|
139
156
|
* Unified processor configured with our overrides.
|
|
140
157
|
*/
|
|
@@ -156,6 +173,13 @@ export function markdownToSlate(markdown) {
|
|
|
156
173
|
if (!markdown || markdown.trim().length === 0) {
|
|
157
174
|
return SLATE_DEFAULT;
|
|
158
175
|
}
|
|
176
|
+
// H-3: reject oversize input BEFORE the synchronous super-linear parse so a
|
|
177
|
+
// large/adversarial description can't freeze the single-threaded server.
|
|
178
|
+
const max = maxMarkdownLen();
|
|
179
|
+
if (markdown.length > max) {
|
|
180
|
+
throw new Error(`Description too long for markdown conversion: ${markdown.length} chars exceeds the ${max}-char ` +
|
|
181
|
+
`limit (set DEXE_MAX_DESCRIPTION_LEN to adjust). Shorten it, or upload the long form as a file/CID.`);
|
|
182
|
+
}
|
|
159
183
|
try {
|
|
160
184
|
const result = processor.processSync(markdown);
|
|
161
185
|
const nodes = result.result;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"markdownToSlate.js","sourceRoot":"","sources":["../../src/lib/markdownToSlate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,WAAW,MAAM,cAAc,CAAC;AACvC,OAAO,SAAS,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAMzD;;;GAGG;AACH,MAAM,SAAS,GAAmF;IAChG,mEAAmE;IACnE,OAAO,CAAC,IAAI,EAAE,IAAI;QAChB,MAAM,QAAQ,GAA2B;YACvC,CAAC,EAAE,aAAa;YAChB,CAAC,EAAE,aAAa;YAChB,CAAC,EAAE,eAAe;SACnB,CAAC;QACF,OAAO;YACL,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAe,CAAC,IAAI,eAAe;YACvD,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,qEAAqE;IACrE,+DAA+D;IAC/D,SAAS,CAAC,IAAI,EAAE,IAAI;QAClB,OAAO;YACL,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,IAAI;QACb,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC;QAC9D,OAAO;YACL,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,IAAI,EAAE,IAAI;QACjB,qEAAqE;QACrE,mEAAmE;QACnE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACrD,wDAAwD;QACxD,MAAM,QAAQ,GACZ,SAAS,CAAC,MAAM,KAAK,CAAC;YACtB,SAAS,CAAC,CAAC,CAAC;YACX,SAAS,CAAC,CAAC,CAAS,CAAC,IAAI,KAAK,WAAW;YACxC,CAAC,CAAG,SAAS,CAAC,CAAC,CAAS,CAAC,QAAwB;YACjD,CAAC,CAAC,SAAS,CAAC;QAChB,OAAO;YACL,IAAI,EAAE,WAAW;YACjB,QAAQ;SACT,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,IAAI;QACP,0CAA0C;QAC1C,OAAO;YACL,IAAI,EAAE,YAAY;YAClB,QAAQ,EAAG,IAAI,CAAC,IAAe,IAAI,EAAE;YACrC,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,KAAe,EAAE,CAAC;SAC3C,CAAC;IACJ,CAAC;IAED,UAAU,CAAC,IAAI,EAAE,IAAI;QACnB,kEAAkE;QAClE,sDAAsD;QACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACpD,CAAC;IAED,aAAa;QACX,2CAA2C;QAC3C,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IAC5D,CAAC;IAED,mEAAmE;IACnE,IAAI,CAAC,IAAI,EAAE,IAAI;QACb,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,GAAG,EAAE,IAAI,CAAC,GAAa;YACvB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI;QACR,OAAO;YACL,IAAI,EAAE,OAAO;YACb,GAAG,EAAE,IAAI,CAAC,GAAa;YACvB,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAG,IAAI,CAAC,GAAc,IAAI,EAAE,EAAE,CAAC;SACjD,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,iEAAiE;IACjE,sEAAsE;IAEtE,MAAM,CAAC,IAAI,EAAE,IAAI;QACf,wCAAwC;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED,QAAQ,CAAC,IAAI,EAAE,IAAI;QACjB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAED,MAAM,CAAC,IAAI,EAAE,IAAI;QACf,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IACxE,CAAC;IAED,UAAU,CAAC,IAAI;QACb,4DAA4D;QAC5D,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,KAAe,EAAE,CAAC;SAC3C,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,0DAA0D;AAC1D,MAAM,aAAa,GAAG,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;AAExE;;GAEG;AACH,MAAM,SAAS,GAAG,OAAO,EAAE;KACxB,GAAG,CAAC,WAAW,CAAC;KAChB,GAAG,CAAC,SAAS,CAAC,CAAE,wDAAwD;KACxE,GAAG,CAAC,aAAa,EAAE,EAAE,SAAS,EAAS,CAAC,CAAC;AAE5C;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAAC,QAAgB;IAC9C,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9C,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,MAAmB,CAAC;QAEzC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChD,OAAO,aAAa,CAAC;QACvB,CAAC;QAED,wEAAwE;QACxE,2DAA2D;QAC3D,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,qEAAqE;QACrE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC;YACrB,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;YAC1E,CAAC,CAAC,aAAa,CAAC;IACpB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,KAAgB;IACzC,MAAM,MAAM,GAAc,EAAE,CAAC;IAC7B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1C,CAAC;aAAM,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC5C,MAAM,CAAC,GAAG,IAA+B,CAAC;YAC1C,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC9B,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,QAAqB,CAAC,EAAE,CAAC,CAAC;YAC9E,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
1
|
+
{"version":3,"file":"markdownToSlate.js","sourceRoot":"","sources":["../../src/lib/markdownToSlate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,WAAW,MAAM,cAAc,CAAC;AACvC,OAAO,SAAS,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAMzD;;;GAGG;AACH,MAAM,SAAS,GAAmF;IAChG,mEAAmE;IACnE,OAAO,CAAC,IAAI,EAAE,IAAI;QAChB,MAAM,QAAQ,GAA2B;YACvC,CAAC,EAAE,aAAa;YAChB,CAAC,EAAE,aAAa;YAChB,CAAC,EAAE,eAAe;SACnB,CAAC;QACF,OAAO;YACL,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAe,CAAC,IAAI,eAAe;YACvD,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,qEAAqE;IACrE,+DAA+D;IAC/D,SAAS,CAAC,IAAI,EAAE,IAAI;QAClB,OAAO;YACL,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,IAAI;QACb,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC;QAC9D,OAAO;YACL,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,IAAI,EAAE,IAAI;QACjB,qEAAqE;QACrE,mEAAmE;QACnE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACrD,wDAAwD;QACxD,MAAM,QAAQ,GACZ,SAAS,CAAC,MAAM,KAAK,CAAC;YACtB,SAAS,CAAC,CAAC,CAAC;YACX,SAAS,CAAC,CAAC,CAAS,CAAC,IAAI,KAAK,WAAW;YACxC,CAAC,CAAG,SAAS,CAAC,CAAC,CAAS,CAAC,QAAwB;YACjD,CAAC,CAAC,SAAS,CAAC;QAChB,OAAO;YACL,IAAI,EAAE,WAAW;YACjB,QAAQ;SACT,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,IAAI;QACP,0CAA0C;QAC1C,OAAO;YACL,IAAI,EAAE,YAAY;YAClB,QAAQ,EAAG,IAAI,CAAC,IAAe,IAAI,EAAE;YACrC,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,KAAe,EAAE,CAAC;SAC3C,CAAC;IACJ,CAAC;IAED,UAAU,CAAC,IAAI,EAAE,IAAI;QACnB,kEAAkE;QAClE,sDAAsD;QACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IACpD,CAAC;IAED,aAAa;QACX,2CAA2C;QAC3C,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IAC5D,CAAC;IAED,mEAAmE;IACnE,IAAI,CAAC,IAAI,EAAE,IAAI;QACb,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,GAAG,EAAE,IAAI,CAAC,GAAa;YACvB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI;QACR,OAAO;YACL,IAAI,EAAE,OAAO;YACb,GAAG,EAAE,IAAI,CAAC,GAAa;YACvB,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAG,IAAI,CAAC,GAAc,IAAI,EAAE,EAAE,CAAC;SACjD,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,iEAAiE;IACjE,sEAAsE;IAEtE,MAAM,CAAC,IAAI,EAAE,IAAI;QACf,wCAAwC;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED,QAAQ,CAAC,IAAI,EAAE,IAAI;QACjB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAED,MAAM,CAAC,IAAI,EAAE,IAAI;QACf,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAgB,CAAC;QACpD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IACxE,CAAC;IAED,UAAU,CAAC,IAAI;QACb,4DAA4D;QAC5D,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,KAAe,EAAE,CAAC;SAC3C,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,0DAA0D;AAC1D,MAAM,aAAa,GAAG,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;AAExE;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC;AAE/C,MAAM,UAAU,cAAc;IAC5B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,IAAI,EAAE,CAAC;IACzD,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAChC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;IACtB,CAAC;IACD,OAAO,wBAAwB,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,MAAM,SAAS,GAAG,OAAO,EAAE;KACxB,GAAG,CAAC,WAAW,CAAC;KAChB,GAAG,CAAC,SAAS,CAAC,CAAE,wDAAwD;KACxE,GAAG,CAAC,aAAa,EAAE,EAAE,SAAS,EAAS,CAAC,CAAC;AAE5C;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAAC,QAAgB;IAC9C,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9C,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,4EAA4E;IAC5E,yEAAyE;IACzE,MAAM,GAAG,GAAG,cAAc,EAAE,CAAC;IAC7B,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CACb,iDAAiD,QAAQ,CAAC,MAAM,sBAAsB,GAAG,QAAQ;YAC/F,oGAAoG,CACvG,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,MAAmB,CAAC;QAEzC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChD,OAAO,aAAa,CAAC;QACvB,CAAC;QAED,wEAAwE;QACxE,2DAA2D;QAC3D,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,qEAAqE;QACrE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC;YACrB,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;YAC1E,CAAC,CAAC,aAAa,CAAC;IACpB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,KAAgB;IACzC,MAAM,MAAM,GAAc,EAAE,CAAC;IAC7B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1C,CAAC;aAAM,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC5C,MAAM,CAAC,GAAG,IAA+B,CAAC;YAC1C,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC9B,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,QAAqB,CAAC,EAAE,CAAC,CAAC;YAC9E,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"multicall.d.ts","sourceRoot":"","sources":["../../src/lib/multicall.ts"],"names":[],"mappings":"AAAA,OAAO,EAAY,SAAS,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"multicall.d.ts","sourceRoot":"","sources":["../../src/lib/multicall.ts"],"names":[],"mappings":"AAAA,OAAO,EAAY,SAAS,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;AAG9D;;;GAGG;AACH,eAAO,MAAM,kBAAkB,+CAA+C,CAAC;AAM/E,MAAM,WAAW,IAAI;IACnB,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,KAAK,EAAE,SAAS,CAAC;IACjB,qCAAqC;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,6CAA6C;IAC7C,IAAI,EAAE,SAAS,OAAO,EAAE,CAAC;IACzB,0EAA0E;IAC1E,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,UAAU,CAAC,CAAC,GAAG,OAAO;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC;IAChB,mCAAmC;IACnC,GAAG,EAAE,MAAM,CAAC;IACZ,2EAA2E;IAC3E,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,wBAAsB,SAAS,CAC7B,QAAQ,EAAE,eAAe,EACzB,KAAK,EAAE,IAAI,EAAE,GACZ,OAAO,CAAC,UAAU,EAAE,CAAC,CAuCvB"}
|
package/dist/lib/multicall.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { Contract } from "ethers";
|
|
2
|
+
import { safeErrorMessage } from "./redact.js";
|
|
2
3
|
/**
|
|
3
4
|
* Multicall3 — deployed at the same address on ~every EVM chain.
|
|
4
5
|
* https://www.multicall3.com
|
|
@@ -21,7 +22,16 @@ export async function multicall(provider, calls) {
|
|
|
21
22
|
allowFailure: c.allowFailure ?? false,
|
|
22
23
|
callData: c.iface.encodeFunctionData(c.method, c.args),
|
|
23
24
|
}));
|
|
24
|
-
|
|
25
|
+
let results;
|
|
26
|
+
try {
|
|
27
|
+
results = await mc.getFunction("aggregate3").staticCall(payload);
|
|
28
|
+
}
|
|
29
|
+
catch (err) {
|
|
30
|
+
// Central W36 redaction: a keyed RPC URL rides in ethers' err.message on
|
|
31
|
+
// any non-2xx provider response. Rethrow with a credential-free message so
|
|
32
|
+
// no downstream catch block can leak it into an LLM-visible tool result.
|
|
33
|
+
throw new Error(safeErrorMessage(err));
|
|
34
|
+
}
|
|
25
35
|
return results.map((r, i) => {
|
|
26
36
|
const c = calls[i];
|
|
27
37
|
if (!r.success) {
|
|
@@ -38,7 +48,7 @@ export async function multicall(provider, calls) {
|
|
|
38
48
|
success: false,
|
|
39
49
|
value: null,
|
|
40
50
|
raw: r.returnData,
|
|
41
|
-
error:
|
|
51
|
+
error: safeErrorMessage(err),
|
|
42
52
|
};
|
|
43
53
|
}
|
|
44
54
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"multicall.js","sourceRoot":"","sources":["../../src/lib/multicall.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAA8B,MAAM,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"multicall.js","sourceRoot":"","sources":["../../src/lib/multicall.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAA8B,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,4CAA4C,CAAC;AAE/E,MAAM,cAAc,GAAG;IACrB,kJAAkJ;CAC1I,CAAC;AAwBX;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,QAAyB,EACzB,KAAa;IAEb,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAClC,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,kBAAkB,EAAE,cAAc,EAAE,QAAQ,CAAC,CAAC;IAEtE,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAChC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,YAAY,EAAE,CAAC,CAAC,YAAY,IAAI,KAAK;QACrC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC;KACvD,CAAC,CAAC,CAAC;IAEJ,IAAI,OAAwD,CAAC;IAC7D,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,yEAAyE;QACzE,2EAA2E;QAC3E,yEAAyE;QACzE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACpB,IAAI,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;YACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;QACpF,CAAC;QACD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC;YACrE,uDAAuD;YACvD,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;YAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC;QACrD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,GAAG,EAAE,CAAC,CAAC,UAAU;gBACjB,KAAK,EAAE,gBAAgB,CAAC,GAAG,CAAC;aAC7B,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Advisory warnings for proposal configurations whose root cause is a DeXe
|
|
3
|
+
* *contract* property the MCP cannot fix — it can only flag them (the full
|
|
4
|
+
* write-up for the protocol team is docs/ESCALATION-DEXE.md). These surface in
|
|
5
|
+
* the relevant builder's human-readable output so a reviewer/agent doesn't
|
|
6
|
+
* unknowingly ship a degraded-governance configuration.
|
|
7
|
+
*/
|
|
8
|
+
/** Seconds. A validator phase beyond this is almost certainly a mistake — and freezes deposits (H-11). */
|
|
9
|
+
export declare const DURATION_VALIDATORS_SANITY_CAP = 2592000n;
|
|
10
|
+
/**
|
|
11
|
+
* Flag degraded-governance GovSettings: zero-delay execution (no timelock),
|
|
12
|
+
* auto-defeating validator quorum, and an unbounded validator phase that
|
|
13
|
+
* freezes every voter's deposit. All three are unfixable in the MCP — the
|
|
14
|
+
* deployed contracts enforce no such bounds (H-11, executionDelay=0).
|
|
15
|
+
*/
|
|
16
|
+
export declare function settingsAdvisories(s: {
|
|
17
|
+
validatorsVote: boolean;
|
|
18
|
+
durationValidators: string;
|
|
19
|
+
executionDelay: string;
|
|
20
|
+
quorumValidators: string;
|
|
21
|
+
}): string[];
|
|
22
|
+
/** changeVotePower swaps the DAO's vote-power math contract — a privileged, governance-wide change. */
|
|
23
|
+
export declare const CHANGE_VOTE_POWER_ADVISORY = "\u26A0 changeVotePower swaps the DAO's entire vote-power math contract \u2014 a privileged, governance-wide change (reversible only by another passed proposal). Verify the new VotePower address before proposing. [protocol-property \u2014 see docs/ESCALATION-DEXE.md]";
|
|
24
|
+
/** custom_abi can encode ANY call; the C-2 surface is privileged selectors routed via DEFAULT. */
|
|
25
|
+
export declare const CUSTOM_ABI_DEFAULT_ROUTING_ADVISORY = "\u26A0 custom_abi encodes an arbitrary call with no semantic validation. If the LAST proposal action routes to an unregistered executor (settingsId=DEFAULT), the INTERNAL allowlist is skipped for ALL earlier actions \u2014 the C-2 amplifier. (Privileged GovUserKeeper selectors are hard-refused by the C-2 guard.) Keep the last action's executor a registered one. [protocol-property \u2014 see docs/ESCALATION-DEXE.md]";
|
|
26
|
+
//# sourceMappingURL=protocolAdvisories.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protocolAdvisories.d.ts","sourceRoot":"","sources":["../../src/lib/protocolAdvisories.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,0GAA0G;AAC1G,eAAO,MAAM,8BAA8B,WAAa,CAAC;AAEzD;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,CAAC,EAAE;IACpC,cAAc,EAAE,OAAO,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;CAC1B,GAAG,MAAM,EAAE,CAqBX;AAED,uGAAuG;AACvG,eAAO,MAAM,0BAA0B,+QACwN,CAAC;AAEhQ,kGAAkG;AAClG,eAAO,MAAM,mCAAmC,uaACuW,CAAC"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Advisory warnings for proposal configurations whose root cause is a DeXe
|
|
3
|
+
* *contract* property the MCP cannot fix — it can only flag them (the full
|
|
4
|
+
* write-up for the protocol team is docs/ESCALATION-DEXE.md). These surface in
|
|
5
|
+
* the relevant builder's human-readable output so a reviewer/agent doesn't
|
|
6
|
+
* unknowingly ship a degraded-governance configuration.
|
|
7
|
+
*/
|
|
8
|
+
function toBig(s) {
|
|
9
|
+
return /^[0-9]+$/.test(s) ? BigInt(s) : null;
|
|
10
|
+
}
|
|
11
|
+
/** Seconds. A validator phase beyond this is almost certainly a mistake — and freezes deposits (H-11). */
|
|
12
|
+
export const DURATION_VALIDATORS_SANITY_CAP = 2592000n; // 30 days
|
|
13
|
+
/**
|
|
14
|
+
* Flag degraded-governance GovSettings: zero-delay execution (no timelock),
|
|
15
|
+
* auto-defeating validator quorum, and an unbounded validator phase that
|
|
16
|
+
* freezes every voter's deposit. All three are unfixable in the MCP — the
|
|
17
|
+
* deployed contracts enforce no such bounds (H-11, executionDelay=0).
|
|
18
|
+
*/
|
|
19
|
+
export function settingsAdvisories(s) {
|
|
20
|
+
const out = [];
|
|
21
|
+
if (toBig(s.executionDelay) === 0n) {
|
|
22
|
+
out.push("executionDelay=0 → no timelock: a passed proposal executes immediately, leaving no window to react to a malicious-but-passed action (amplifies C-2). DeXe contracts enforce no minimum — set a non-zero delay.");
|
|
23
|
+
}
|
|
24
|
+
if (s.validatorsVote) {
|
|
25
|
+
if (toBig(s.quorumValidators) === 0n) {
|
|
26
|
+
out.push("quorumValidators=0 with validatorsVote=true → every validator proposal auto-defeats (governance DoS). DeXe contracts enforce no lower bound.");
|
|
27
|
+
}
|
|
28
|
+
const dv = toBig(s.durationValidators);
|
|
29
|
+
if (dv !== null && dv > DURATION_VALIDATORS_SANITY_CAP) {
|
|
30
|
+
out.push(`durationValidators=${s.durationValidators}s (> 30 days) → GovSettings has NO upper bound and deposits stay LOCKED for the whole validator phase (GovPoolUnlock excludes ValidatorVoting), so a huge value freezes every voter's funds (H-11).`);
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
return out;
|
|
34
|
+
}
|
|
35
|
+
/** changeVotePower swaps the DAO's vote-power math contract — a privileged, governance-wide change. */
|
|
36
|
+
export const CHANGE_VOTE_POWER_ADVISORY = "⚠ changeVotePower swaps the DAO's entire vote-power math contract — a privileged, governance-wide change (reversible only by another passed proposal). Verify the new VotePower address before proposing. [protocol-property — see docs/ESCALATION-DEXE.md]";
|
|
37
|
+
/** custom_abi can encode ANY call; the C-2 surface is privileged selectors routed via DEFAULT. */
|
|
38
|
+
export const CUSTOM_ABI_DEFAULT_ROUTING_ADVISORY = "⚠ custom_abi encodes an arbitrary call with no semantic validation. If the LAST proposal action routes to an unregistered executor (settingsId=DEFAULT), the INTERNAL allowlist is skipped for ALL earlier actions — the C-2 amplifier. (Privileged GovUserKeeper selectors are hard-refused by the C-2 guard.) Keep the last action's executor a registered one. [protocol-property — see docs/ESCALATION-DEXE.md]";
|
|
39
|
+
//# sourceMappingURL=protocolAdvisories.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protocolAdvisories.js","sourceRoot":"","sources":["../../src/lib/protocolAdvisories.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,SAAS,KAAK,CAAC,CAAS;IACtB,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC/C,CAAC;AAED,0GAA0G;AAC1G,MAAM,CAAC,MAAM,8BAA8B,GAAG,QAAU,CAAC,CAAC,UAAU;AAEpE;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAAC,CAKlC;IACC,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,IAAI,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,EAAE,EAAE,CAAC;QACnC,GAAG,CAAC,IAAI,CACN,gNAAgN,CACjN,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,CAAC,cAAc,EAAE,CAAC;QACrB,IAAI,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAC,KAAK,EAAE,EAAE,CAAC;YACrC,GAAG,CAAC,IAAI,CACN,8IAA8I,CAC/I,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC;QACvC,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,GAAG,8BAA8B,EAAE,CAAC;YACvD,GAAG,CAAC,IAAI,CACN,sBAAsB,CAAC,CAAC,kBAAkB,qMAAqM,CAChP,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,uGAAuG;AACvG,MAAM,CAAC,MAAM,0BAA0B,GACrC,6PAA6P,CAAC;AAEhQ,kGAAkG;AAClG,MAAM,CAAC,MAAM,mCAAmC,GAC9C,qZAAqZ,CAAC"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secret-redaction helpers for any text that reaches an LLM-visible tool
|
|
3
|
+
* result (`content[].text`) or `structuredContent`.
|
|
4
|
+
*
|
|
5
|
+
* W36: a credentialed RPC URL (Alchemy/Infura/QuickNode key, or a
|
|
6
|
+
* `user:pass@host` form) is appended to ethers v6 `err.message` on any
|
|
7
|
+
* non-2xx provider response (401/429/5xx — routine under load) and was
|
|
8
|
+
* emitted verbatim, leaking the operator's provider API key into the model
|
|
9
|
+
* context and transcript.
|
|
10
|
+
*
|
|
11
|
+
* - `safeErrorMessage(err)` — prefer ethers' `shortMessage` (which stays
|
|
12
|
+
* URL-free) over the verbose `message`, then redact as a backstop. Use this
|
|
13
|
+
* wherever a caught error is surfaced to the user.
|
|
14
|
+
* - `redactUrlCredentials(text)` — mask every URL found in arbitrary text
|
|
15
|
+
* (path + query + userinfo), so any embedded API key is removed regardless
|
|
16
|
+
* of provider.
|
|
17
|
+
* - `maskUrl(url)` — mask a single configured URL for deliberate display
|
|
18
|
+
* (e.g. `dexe_get_config`, `dexe_doctor`).
|
|
19
|
+
*
|
|
20
|
+
* The masking is provider-agnostic and structural (no host allowlist), so it
|
|
21
|
+
* covers any RPC vendor and cannot be bypassed by an unrecognized host.
|
|
22
|
+
*/
|
|
23
|
+
/**
|
|
24
|
+
* Mask a single URL: keep scheme + host, drop userinfo, and replace any
|
|
25
|
+
* path/query (which may carry the API key) with `***`. Never throws.
|
|
26
|
+
*/
|
|
27
|
+
export declare function maskUrl(raw: string): string;
|
|
28
|
+
/** Mask credentials/keys in every URL found in `text`. Best-effort, never throws. */
|
|
29
|
+
export declare function redactUrlCredentials(text: string): string;
|
|
30
|
+
/**
|
|
31
|
+
* Turn a caught error into a user-safe message. Prefers ethers'
|
|
32
|
+
* `shortMessage` (URL-free), falls back to `message`/`String(err)`, then
|
|
33
|
+
* redacts any residual URL credentials.
|
|
34
|
+
*/
|
|
35
|
+
export declare function safeErrorMessage(err: unknown): string;
|
|
36
|
+
//# sourceMappingURL=redact.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"redact.d.ts","sourceRoot":"","sources":["../../src/lib/redact.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAQH;;;GAGG;AACH,wBAAgB,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAW3C;AAED,qFAAqF;AACrF,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAEzD;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAerD"}
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secret-redaction helpers for any text that reaches an LLM-visible tool
|
|
3
|
+
* result (`content[].text`) or `structuredContent`.
|
|
4
|
+
*
|
|
5
|
+
* W36: a credentialed RPC URL (Alchemy/Infura/QuickNode key, or a
|
|
6
|
+
* `user:pass@host` form) is appended to ethers v6 `err.message` on any
|
|
7
|
+
* non-2xx provider response (401/429/5xx — routine under load) and was
|
|
8
|
+
* emitted verbatim, leaking the operator's provider API key into the model
|
|
9
|
+
* context and transcript.
|
|
10
|
+
*
|
|
11
|
+
* - `safeErrorMessage(err)` — prefer ethers' `shortMessage` (which stays
|
|
12
|
+
* URL-free) over the verbose `message`, then redact as a backstop. Use this
|
|
13
|
+
* wherever a caught error is surfaced to the user.
|
|
14
|
+
* - `redactUrlCredentials(text)` — mask every URL found in arbitrary text
|
|
15
|
+
* (path + query + userinfo), so any embedded API key is removed regardless
|
|
16
|
+
* of provider.
|
|
17
|
+
* - `maskUrl(url)` — mask a single configured URL for deliberate display
|
|
18
|
+
* (e.g. `dexe_get_config`, `dexe_doctor`).
|
|
19
|
+
*
|
|
20
|
+
* The masking is provider-agnostic and structural (no host allowlist), so it
|
|
21
|
+
* covers any RPC vendor and cannot be bypassed by an unrecognized host.
|
|
22
|
+
*/
|
|
23
|
+
/** Userinfo in a URL: `scheme://user:pass@` (used only in the parse fallback). */
|
|
24
|
+
const USERINFO_RE = /([a-zA-Z][a-zA-Z0-9+.-]*:\/\/)[^/?#\s@]+@/g;
|
|
25
|
+
/** Any http(s) URL token, bounded by whitespace / common punctuation. */
|
|
26
|
+
const URL_RE = /\bhttps?:\/\/[^\s'"`)<>\]},;]+/gi;
|
|
27
|
+
/**
|
|
28
|
+
* Mask a single URL: keep scheme + host, drop userinfo, and replace any
|
|
29
|
+
* path/query (which may carry the API key) with `***`. Never throws.
|
|
30
|
+
*/
|
|
31
|
+
export function maskUrl(raw) {
|
|
32
|
+
try {
|
|
33
|
+
const u = new URL(raw);
|
|
34
|
+
const path = u.pathname && u.pathname !== "/" ? "/***" : "";
|
|
35
|
+
const query = u.search ? "?***" : "";
|
|
36
|
+
// u.host excludes userinfo, so credentials in `user:pass@` are dropped.
|
|
37
|
+
return `${u.protocol}//${u.host}${path}${query}`;
|
|
38
|
+
}
|
|
39
|
+
catch {
|
|
40
|
+
// Non-parseable token: strip userinfo without recursing.
|
|
41
|
+
return raw.replace(USERINFO_RE, "$1***@");
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
/** Mask credentials/keys in every URL found in `text`. Best-effort, never throws. */
|
|
45
|
+
export function redactUrlCredentials(text) {
|
|
46
|
+
return text.replace(URL_RE, (m) => maskUrl(m));
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Turn a caught error into a user-safe message. Prefers ethers'
|
|
50
|
+
* `shortMessage` (URL-free), falls back to `message`/`String(err)`, then
|
|
51
|
+
* redacts any residual URL credentials.
|
|
52
|
+
*/
|
|
53
|
+
export function safeErrorMessage(err) {
|
|
54
|
+
let msg;
|
|
55
|
+
if (err && typeof err === "object") {
|
|
56
|
+
const e = err;
|
|
57
|
+
if (typeof e.shortMessage === "string" && e.shortMessage.length > 0) {
|
|
58
|
+
msg = e.shortMessage;
|
|
59
|
+
}
|
|
60
|
+
else if (typeof e.message === "string") {
|
|
61
|
+
msg = e.message;
|
|
62
|
+
}
|
|
63
|
+
else {
|
|
64
|
+
msg = String(err);
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
else {
|
|
68
|
+
msg = String(err);
|
|
69
|
+
}
|
|
70
|
+
return redactUrlCredentials(msg);
|
|
71
|
+
}
|
|
72
|
+
//# sourceMappingURL=redact.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"redact.js","sourceRoot":"","sources":["../../src/lib/redact.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,kFAAkF;AAClF,MAAM,WAAW,GAAG,4CAA4C,CAAC;AAEjE,yEAAyE;AACzE,MAAM,MAAM,GAAG,kCAAkC,CAAC;AAElD;;;GAGG;AACH,MAAM,UAAU,OAAO,CAAC,GAAW;IACjC,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QACrC,wEAAwE;QACxE,OAAO,GAAG,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,IAAI,GAAG,IAAI,GAAG,KAAK,EAAE,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,yDAAyD;QACzD,OAAO,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC;AAED,qFAAqF;AACrF,MAAM,UAAU,oBAAoB,CAAC,IAAY;IAC/C,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAY;IAC3C,IAAI,GAAW,CAAC;IAChB,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,GAAoD,CAAC;QAC/D,IAAI,OAAO,CAAC,CAAC,YAAY,KAAK,QAAQ,IAAI,CAAC,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpE,GAAG,GAAG,CAAC,CAAC,YAAY,CAAC;QACvB,CAAC;aAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YACzC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC;IACD,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC;AACnC,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Neutralize attacker-controlled strings before they are interpolated into a
|
|
3
|
+
* human/LLM-visible tool result (`content[].text`).
|
|
4
|
+
*
|
|
5
|
+
* On-chain `descriptionURL`, ERC20 `symbol()`, and IPFS-JSON values are fully
|
|
6
|
+
* attacker-controlled. Rendered verbatim they enable:
|
|
7
|
+
* - prompt-injection (H-13): instructions smuggled into the model context;
|
|
8
|
+
* - structural forgery (W24/H-13): an unescaped newline in `symbol()` paints
|
|
9
|
+
* a fake treasury line with an attacker-chosen address;
|
|
10
|
+
* - homoglyph / look-alike spoofing: Cyrillic/zero-width chars that read as a
|
|
11
|
+
* trusted token but are not.
|
|
12
|
+
*
|
|
13
|
+
* `sanitizeUntrusted` NFKC-normalizes, escapes C0/C1 control chars (so newlines
|
|
14
|
+
* can't forge lines), and drops zero-width / bidi-override / BOM characters.
|
|
15
|
+
* `renderUntrusted` additionally length-caps and appends a non-ASCII flag so an
|
|
16
|
+
* automated approver doesn't trust a look-alike. Regexes are character-class
|
|
17
|
+
* only (no host matching, no backtracking) to stay clear of ReDoS, and are
|
|
18
|
+
* built from escaped ASCII strings so the source stays free of literal control
|
|
19
|
+
* bytes.
|
|
20
|
+
*/
|
|
21
|
+
/** NFKC-normalize, escape control chars to visible `\xNN`, drop invisible chars. */
|
|
22
|
+
export declare function sanitizeUntrusted(raw: unknown): string;
|
|
23
|
+
/** True if the string contains any non-printable-ASCII char (homoglyph risk). */
|
|
24
|
+
export declare function hasNonAscii(s: string): boolean;
|
|
25
|
+
/**
|
|
26
|
+
* Render an attacker-controlled value for a single-line human/LLM context:
|
|
27
|
+
* sanitized, length-capped, and tagged `<non-ASCII>` when it contains non-ASCII
|
|
28
|
+
* characters (possible homoglyph) so a look-alike token isn't silently trusted.
|
|
29
|
+
*/
|
|
30
|
+
export declare function renderUntrusted(raw: unknown, maxLen?: number): string;
|
|
31
|
+
//# sourceMappingURL=sanitize.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../../src/lib/sanitize.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAaH,oFAAoF;AACpF,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAKtD;AAED,iFAAiF;AACjF,wBAAgB,WAAW,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAE9C;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,SAAM,GAAG,MAAM,CAMlE"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Neutralize attacker-controlled strings before they are interpolated into a
|
|
3
|
+
* human/LLM-visible tool result (`content[].text`).
|
|
4
|
+
*
|
|
5
|
+
* On-chain `descriptionURL`, ERC20 `symbol()`, and IPFS-JSON values are fully
|
|
6
|
+
* attacker-controlled. Rendered verbatim they enable:
|
|
7
|
+
* - prompt-injection (H-13): instructions smuggled into the model context;
|
|
8
|
+
* - structural forgery (W24/H-13): an unescaped newline in `symbol()` paints
|
|
9
|
+
* a fake treasury line with an attacker-chosen address;
|
|
10
|
+
* - homoglyph / look-alike spoofing: Cyrillic/zero-width chars that read as a
|
|
11
|
+
* trusted token but are not.
|
|
12
|
+
*
|
|
13
|
+
* `sanitizeUntrusted` NFKC-normalizes, escapes C0/C1 control chars (so newlines
|
|
14
|
+
* can't forge lines), and drops zero-width / bidi-override / BOM characters.
|
|
15
|
+
* `renderUntrusted` additionally length-caps and appends a non-ASCII flag so an
|
|
16
|
+
* automated approver doesn't trust a look-alike. Regexes are character-class
|
|
17
|
+
* only (no host matching, no backtracking) to stay clear of ReDoS, and are
|
|
18
|
+
* built from escaped ASCII strings so the source stays free of literal control
|
|
19
|
+
* bytes.
|
|
20
|
+
*/
|
|
21
|
+
// C0 controls (incl. \n \r \t), DEL, and C1 controls.
|
|
22
|
+
const CONTROL_RE = new RegExp("[\\u0000-\\u001F\\u007F-\\u009F]", "g");
|
|
23
|
+
// Zero-width + bidi marks, bidi embeddings/overrides, word-joiner/invisible
|
|
24
|
+
// math range, bidi isolates, and the BOM — all usable for visual spoofing.
|
|
25
|
+
const INVISIBLE_RE = new RegExp("[\\u200B-\\u200F\\u202A-\\u202E\\u2060-\\u2064\\u2066-\\u2069\\uFEFF]", "g");
|
|
26
|
+
// Anything outside printable ASCII (space..tilde).
|
|
27
|
+
const NON_ASCII_RE = new RegExp("[^\\u0020-\\u007E]");
|
|
28
|
+
/** NFKC-normalize, escape control chars to visible `\xNN`, drop invisible chars. */
|
|
29
|
+
export function sanitizeUntrusted(raw) {
|
|
30
|
+
const s = (typeof raw === "string" ? raw : String(raw)).normalize("NFKC");
|
|
31
|
+
return s
|
|
32
|
+
.replace(CONTROL_RE, (c) => "\\x" + (c.codePointAt(0) ?? 0).toString(16).padStart(2, "0"))
|
|
33
|
+
.replace(INVISIBLE_RE, "");
|
|
34
|
+
}
|
|
35
|
+
/** True if the string contains any non-printable-ASCII char (homoglyph risk). */
|
|
36
|
+
export function hasNonAscii(s) {
|
|
37
|
+
return NON_ASCII_RE.test(s);
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* Render an attacker-controlled value for a single-line human/LLM context:
|
|
41
|
+
* sanitized, length-capped, and tagged `<non-ASCII>` when it contains non-ASCII
|
|
42
|
+
* characters (possible homoglyph) so a look-alike token isn't silently trusted.
|
|
43
|
+
*/
|
|
44
|
+
export function renderUntrusted(raw, maxLen = 200) {
|
|
45
|
+
const s = sanitizeUntrusted(raw);
|
|
46
|
+
// Flag on the actual content, not the (ASCII) truncation marker.
|
|
47
|
+
const flagged = hasNonAscii(s);
|
|
48
|
+
const capped = s.length > maxLen ? s.slice(0, maxLen) + "..." : s;
|
|
49
|
+
return flagged ? `${capped} <non-ASCII>` : capped;
|
|
50
|
+
}
|
|
51
|
+
//# sourceMappingURL=sanitize.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sanitize.js","sourceRoot":"","sources":["../../src/lib/sanitize.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,sDAAsD;AACtD,MAAM,UAAU,GAAG,IAAI,MAAM,CAAC,kCAAkC,EAAE,GAAG,CAAC,CAAC;AACvE,4EAA4E;AAC5E,2EAA2E;AAC3E,MAAM,YAAY,GAAG,IAAI,MAAM,CAC7B,uEAAuE,EACvE,GAAG,CACJ,CAAC;AACF,mDAAmD;AACnD,MAAM,YAAY,GAAG,IAAI,MAAM,CAAC,oBAAoB,CAAC,CAAC;AAEtD,oFAAoF;AACpF,MAAM,UAAU,iBAAiB,CAAC,GAAY;IAC5C,MAAM,CAAC,GAAG,CAAC,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAC1E,OAAO,CAAC;SACL,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACzF,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;AAC/B,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,WAAW,CAAC,CAAS;IACnC,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,GAAY,EAAE,MAAM,GAAG,GAAG;IACxD,MAAM,CAAC,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IACjC,iEAAiE;IACjE,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,OAAO,OAAO,CAAC,CAAC,CAAC,GAAG,MAAM,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC;AACpD,CAAC"}
|
package/dist/lib/signer.d.ts
CHANGED
|
@@ -7,6 +7,8 @@ import { type EnvGuardResult } from "./requireEnv.js";
|
|
|
7
7
|
*/
|
|
8
8
|
export declare class SignerManager {
|
|
9
9
|
private readonly cache;
|
|
10
|
+
/** Per-chain broadcast serialization queue (H-12 nonce guard). */
|
|
11
|
+
private readonly broadcastQueues;
|
|
10
12
|
private readonly key;
|
|
11
13
|
private readonly config;
|
|
12
14
|
constructor(config: DexeConfig);
|
|
@@ -30,6 +32,15 @@ export declare class SignerManager {
|
|
|
30
32
|
* instead of a thrown stack trace.
|
|
31
33
|
*/
|
|
32
34
|
trySigner(chainId?: number): EnvGuardResult<Wallet>;
|
|
35
|
+
/**
|
|
36
|
+
* Serialize broadcasts per chain. Concurrent `dexe_tx_send` / composite-flow
|
|
37
|
+
* calls that share this signer would otherwise invoke `sendTransaction` at
|
|
38
|
+
* the same time, both read the same pending nonce, and one transaction is
|
|
39
|
+
* silently dropped (or hangs until timeout) — H-12. Each task runs only after
|
|
40
|
+
* the previous one for the same chain has settled; task failures are isolated
|
|
41
|
+
* so the queue keeps flowing.
|
|
42
|
+
*/
|
|
43
|
+
withBroadcastLock<T>(chainId: number, task: () => Promise<T>): Promise<T>;
|
|
33
44
|
private failNoKey;
|
|
34
45
|
}
|
|
35
46
|
//# sourceMappingURL=signer.d.ts.map
|
package/dist/lib/signer.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../src/lib/signer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAmB,MAAM,EAAE,MAAM,QAAQ,CAAC;AACjD,OAAO,EAAgB,KAAK,UAAU,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAW,KAAK,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAE/D;;;GAGG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA6B;IACnD,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAqB;IACzC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;gBAExB,MAAM,EAAE,UAAU;IAK9B,SAAS,IAAI,OAAO;IAIpB,wFAAwF;IACxF,SAAS,IAAI,UAAU;IAIvB;;;OAGG;IACH,UAAU,IAAI,MAAM;IAKpB;;;OAGG;IACH,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM;IAYvC;;;;;OAKG;IACH,SAAS,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC;IAWnD,OAAO,CAAC,SAAS;CAMlB"}
|
|
1
|
+
{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../src/lib/signer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAmB,MAAM,EAAE,MAAM,QAAQ,CAAC;AACjD,OAAO,EAAgB,KAAK,UAAU,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAW,KAAK,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAE/D;;;GAGG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA6B;IACnD,kEAAkE;IAClE,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAuC;IACvE,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAqB;IACzC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;gBAExB,MAAM,EAAE,UAAU;IAK9B,SAAS,IAAI,OAAO;IAIpB,wFAAwF;IACxF,SAAS,IAAI,UAAU;IAIvB;;;OAGG;IACH,UAAU,IAAI,MAAM;IAKpB;;;OAGG;IACH,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM;IAYvC;;;;;OAKG;IACH,SAAS,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC;IAWnD;;;;;;;OAOG;IACG,iBAAiB,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAgB/E,OAAO,CAAC,SAAS;CAMlB"}
|
package/dist/lib/signer.js
CHANGED
|
@@ -7,6 +7,8 @@ import { hintFor } from "./requireEnv.js";
|
|
|
7
7
|
*/
|
|
8
8
|
export class SignerManager {
|
|
9
9
|
cache = new Map();
|
|
10
|
+
/** Per-chain broadcast serialization queue (H-12 nonce guard). */
|
|
11
|
+
broadcastQueues = new Map();
|
|
10
12
|
key;
|
|
11
13
|
config;
|
|
12
14
|
constructor(config) {
|
|
@@ -62,6 +64,20 @@ export class SignerManager {
|
|
|
62
64
|
};
|
|
63
65
|
}
|
|
64
66
|
}
|
|
67
|
+
/**
|
|
68
|
+
* Serialize broadcasts per chain. Concurrent `dexe_tx_send` / composite-flow
|
|
69
|
+
* calls that share this signer would otherwise invoke `sendTransaction` at
|
|
70
|
+
* the same time, both read the same pending nonce, and one transaction is
|
|
71
|
+
* silently dropped (or hangs until timeout) — H-12. Each task runs only after
|
|
72
|
+
* the previous one for the same chain has settled; task failures are isolated
|
|
73
|
+
* so the queue keeps flowing.
|
|
74
|
+
*/
|
|
75
|
+
async withBroadcastLock(chainId, task) {
|
|
76
|
+
const prev = this.broadcastQueues.get(chainId) ?? Promise.resolve();
|
|
77
|
+
const run = prev.then(() => task(), () => task());
|
|
78
|
+
this.broadcastQueues.set(chainId, run.then(() => undefined, () => undefined));
|
|
79
|
+
return run;
|
|
80
|
+
}
|
|
65
81
|
failNoKey() {
|
|
66
82
|
const dexeEnvKeys = Object.keys(process.env).filter(k => k.startsWith("DEXE_")).join(", ");
|
|
67
83
|
throw new Error(`DEXE_PRIVATE_KEY not set. Available DEXE_* env vars: [${dexeEnvKeys}]. Configure it in MCP server env to enable transaction signing.`);
|
package/dist/lib/signer.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/lib/signer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AACjD,OAAO,EAAE,YAAY,EAAmB,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,OAAO,EAAuB,MAAM,iBAAiB,CAAC;AAE/D;;;GAGG;AACH,MAAM,OAAO,aAAa;IACP,KAAK,GAAG,IAAI,GAAG,EAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/lib/signer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AACjD,OAAO,EAAE,YAAY,EAAmB,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,OAAO,EAAuB,MAAM,iBAAiB,CAAC;AAE/D;;;GAGG;AACH,MAAM,OAAO,aAAa;IACP,KAAK,GAAG,IAAI,GAAG,EAAkB,CAAC;IACnD,kEAAkE;IACjD,eAAe,GAAG,IAAI,GAAG,EAA4B,CAAC;IACtD,GAAG,CAAqB;IACxB,MAAM,CAAa;IAEpC,YAAY,MAAkB;QAC5B,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,SAAS;QACP,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACpB,CAAC;IAED,wFAAwF;IACxF,SAAS;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;;OAGG;IACH,UAAU;QACR,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,IAAI,CAAC,SAAS,EAAE,CAAC;QAChC,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC;IACtC,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,OAAgB;QAC5B,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,IAAI,CAAC,SAAS,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjD,IAAI,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,QAAQ,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YACnD,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YACxC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,OAAgB;QACxB,IAAI,CAAC;YACH,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;gBACvD,WAAW,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC;aAC3C,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,iBAAiB,CAAI,OAAe,EAAE,IAAsB;QAChE,MAAM,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpE,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CACnB,GAAG,EAAE,CAAC,IAAI,EAAE,EACZ,GAAG,EAAE,CAAC,IAAI,EAAE,CACb,CAAC;QACF,IAAI,CAAC,eAAe,CAAC,GAAG,CACtB,OAAO,EACP,GAAG,CAAC,IAAI,CACN,GAAG,EAAE,CAAC,SAAS,EACf,GAAG,EAAE,CAAC,SAAS,CAChB,CACF,CAAC;QACF,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,SAAS;QACf,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3F,MAAM,IAAI,KAAK,CACb,yDAAyD,WAAW,kEAAkE,CACvI,CAAC;IACJ,CAAC;CACF"}
|
package/dist/lib/subgraph.d.ts
CHANGED
|
@@ -15,6 +15,13 @@ export interface GqlResponse<T> {
|
|
|
15
15
|
* embed a key (e.g. `…/api/subgraphs/id/<id>` — Bearer-only style).
|
|
16
16
|
*/
|
|
17
17
|
export declare function extractGraphApiKey(endpoint: string): string | undefined;
|
|
18
|
+
/**
|
|
19
|
+
* Trusted hosts for The Graph's decentralized gateway / Studio. The Graph API
|
|
20
|
+
* key is only meaningful for these; we refuse to attach it as a Bearer to any
|
|
21
|
+
* other configured endpoint so a hostile `DEXE_SUBGRAPH_*_URL` can't harvest
|
|
22
|
+
* the operator's key (W21 companion / L-6).
|
|
23
|
+
*/
|
|
24
|
+
export declare function isTrustedGraphHost(endpoint: string): boolean;
|
|
18
25
|
export declare function gqlRequest<T>(endpoint: string, query: string, variables?: Record<string, unknown>, apiKey?: string): Promise<T>;
|
|
19
26
|
/** Ported from frontend gov-pools subgraph `proposalInteractions` query. */
|
|
20
27
|
export declare const PROPOSAL_INTERACTIONS_QUERY = "\n query ProposalInteractions($proposalId: String!, $first: Int!, $skip: Int!) {\n proposalInteractions(\n where: { proposal: $proposalId }\n first: $first\n skip: $skip\n orderBy: timestamp\n orderDirection: desc\n ) {\n id\n hash\n timestamp\n interactionType\n totalVote\n voter {\n id\n voter {\n id\n }\n }\n }\n }\n";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"subgraph.d.ts","sourceRoot":"","sources":["../../src/lib/subgraph.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,WAAW,CAAC,CAAC;IAC5B,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACrC;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAGvE;AAED,wBAAsB,UAAU,CAAC,CAAC,EAChC,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACnC,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"subgraph.d.ts","sourceRoot":"","sources":["../../src/lib/subgraph.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,WAAW,CAAC,CAAC;IAC5B,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACrC;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAGvE;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAO5D;AAED,wBAAsB,UAAU,CAAC,CAAC,EAChC,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACnC,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,CAAC,CAAC,CA4BZ;AAED,4EAA4E;AAC5E,eAAO,MAAM,2BAA2B,2aAsBvC,CAAC"}
|