quantumcoin 7.0.12 → 7.0.14

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "quantumcoin",
-  "version": "7.0.12",
+  "version": "7.0.14",
   "description": "QuantumCoin.js - a post quantum cryptography SDK for QuantumCoin",
   "main": "index.js",
   "types": "src/index.d.ts",
@@ -90,6 +90,6 @@
   },
   "dependencies": {
     "seed-words": "^1.0.2",
-    "quantum-coin-js-sdk": "1.0.35"
+    "quantum-coin-js-sdk": "1.0.36"
   }
 }

package/src/abi/fragments.d.ts

@@ -1,42 +1,42 @@
-/**
- * @fileoverview Minimal ABI fragment classes (ethers.js v6 compatible surface).
- *
- * This SDK keeps fragment handling lightweight and delegates ABI encoding/decoding
- * to `quantum-coin-js-sdk` (WASM).
- */
-export class Fragment {
-    /**
-     * @param {any} fragment
-     */
-    constructor(fragment: any);
-    type: any;
-    name: any;
-    inputs: any;
-    outputs: any;
-    stateMutability: any;
-    anonymous: any;
-    /**
-     * Formats the fragment.
-     * @param {string=} format
-     * @returns {string}
-     */
-    format(format?: string | undefined): string;
-    /**
-     * @returns {any}
-     */
-    toJSON(): any;
-}
-export class NamedFragment extends Fragment {
-}
-export class FunctionFragment extends NamedFragment {
-}
-export class EventFragment extends NamedFragment {
-}
-export class ErrorFragment extends NamedFragment {
-}
-export class ConstructorFragment extends Fragment {
-}
-export class StructFragment extends Fragment {
-}
-export class FallbackFragment extends Fragment {
-}
+/**
+ * @fileoverview Minimal ABI fragment classes (ethers.js v6 compatible surface).
+ *
+ * This SDK keeps fragment handling lightweight and delegates ABI encoding/decoding
+ * to `quantum-coin-js-sdk` (WASM).
+ */
+export class Fragment {
+    /**
+     * @param {any} fragment
+     */
+    constructor(fragment: any);
+    type: any;
+    name: any;
+    inputs: any;
+    outputs: any;
+    stateMutability: any;
+    anonymous: any;
+    /**
+     * Formats the fragment.
+     * @param {string=} format
+     * @returns {string}
+     */
+    format(format?: string | undefined): string;
+    /**
+     * @returns {any}
+     */
+    toJSON(): any;
+}
+export class NamedFragment extends Fragment {
+}
+export class FunctionFragment extends NamedFragment {
+}
+export class EventFragment extends NamedFragment {
+}
+export class ErrorFragment extends NamedFragment {
+}
+export class ConstructorFragment extends Fragment {
+}
+export class StructFragment extends Fragment {
+}
+export class FallbackFragment extends Fragment {
+}

package/src/abi/index.d.ts

@@ -1,13 +1,13 @@
-declare const _exports: {
-    Interface: typeof import("./interface").Interface;
-    AbiCoder: typeof import("./interface").AbiCoder;
-    Fragment: typeof import("./fragments").Fragment;
-    NamedFragment: typeof import("./fragments").NamedFragment;
-    FunctionFragment: typeof import("./fragments").FunctionFragment;
-    EventFragment: typeof import("./fragments").EventFragment;
-    ErrorFragment: typeof import("./fragments").ErrorFragment;
-    ConstructorFragment: typeof import("./fragments").ConstructorFragment;
-    StructFragment: typeof import("./fragments").StructFragment;
-    FallbackFragment: typeof import("./fragments").FallbackFragment;
-};
-export = _exports;
+declare const _exports: {
+    Interface: typeof import("./interface").Interface;
+    AbiCoder: typeof import("./interface").AbiCoder;
+    Fragment: typeof import("./fragments").Fragment;
+    NamedFragment: typeof import("./fragments").NamedFragment;
+    FunctionFragment: typeof import("./fragments").FunctionFragment;
+    EventFragment: typeof import("./fragments").EventFragment;
+    ErrorFragment: typeof import("./fragments").ErrorFragment;
+    ConstructorFragment: typeof import("./fragments").ConstructorFragment;
+    StructFragment: typeof import("./fragments").StructFragment;
+    FallbackFragment: typeof import("./fragments").FallbackFragment;
+};
+export = _exports;

package/src/abi/interface.js

@@ -518,8 +518,17 @@ class Interface {
   getSighash() {
     throw makeError("getSighash not implemented", "NOT_IMPLEMENTED", {});
   }
-  getEventTopic() {
-    throw makeError("getEventTopic not implemented", "NOT_IMPLEMENTED", {});
+  /**
+   * Compute the topic0 (event signature hash) for an event.
+   * @param {string|EventFragment|any} nameOrFragment
+   * @returns {string} normalized 0x-prefixed topic hash
+   */
+  getEventTopic(nameOrFragment) {
+    const name = typeof nameOrFragment === "string" ? nameOrFragment : nameOrFragment?.name;
+    const frag = this.getEvent(name);
+    const inputs = Array.isArray(frag.inputs) ? frag.inputs : [];
+    const sig = `${frag.name}(${inputs.map((i) => String(i.type || "")).join(",")})`;
+    return normalizeHex(id(sig));
   }
   getFallback() {
     return null;

package/src/abi/js-abi-coder.js

@@ -304,7 +304,21 @@ function encodeFunctionData(name, inputs, values) {
   return normalizeHex(selector + strip0x(bytesToHex(enc)));
 }
 
+// A 32-byte word must lie fully within the data. Without this check
+// `data.slice(offset, offset + 32)` silently returns a short/empty array, so an
+// out-of-bounds read decodes to `0n` / the zero address — letting a malicious RPC
+// response corrupt static return values (e.g. a balance silently reads as 0).
+function _assertWordInBounds(data, offset) {
+  if (!Number.isInteger(offset) || offset < 0 || offset + 32 > data.length) {
+    throw makeError("ABI decoding: read past end of data", "INVALID_ARGUMENT", {
+      offset,
+      length: data.length,
+    });
+  }
+}
+
 function _readWordAsBigInt(data, offset) {
+  _assertWordInBounds(data, offset);
   const chunk = data.slice(offset, offset + 32);
   const hex = bytesToHex(chunk);
   return BigInt(hex);
@@ -338,11 +352,13 @@ function _decodeBool(data, offset) {
 }
 
 function _decodeAddress(data, offset) {
+  _assertWordInBounds(data, offset);
   const chunk = data.slice(offset, offset + 32);
   return normalizeHex(bytesToHex(chunk));
 }
 
 function _decodeFixedBytes(type, data, offset) {
+  _assertWordInBounds(data, offset);
   const n = _bytesNLen(type);
   const chunk = data.slice(offset, offset + 32);
   return normalizeHex(bytesToHex(chunk.slice(0, n)));
@@ -351,6 +367,12 @@ function _decodeFixedBytes(type, data, offset) {
 function _decodeBytesDynamic(data, baseOffset) {
   const len = _readWordAsNumber(data, baseOffset);
   const start = baseOffset + 32;
+  // The declared length must fit within the available data; otherwise a
+  // malicious response could declare a huge length and cause silent truncation
+  // or oversized allocation.
+  if (start + len > data.length) {
+    throw makeError("ABI decoding: bytes length exceeds available data", "INVALID_ARGUMENT", { length: len });
+  }
   const out = data.slice(start, start + len);
   return normalizeHex(bytesToHex(out));
 }
@@ -358,6 +380,10 @@ function _decodeBytesDynamic(data, baseOffset) {
 function _decodeString(data, baseOffset) {
   const len = _readWordAsNumber(data, baseOffset);
   const start = baseOffset + 32;
+  // The declared length must fit within the available data.
+  if (start + len > data.length) {
+    throw makeError("ABI decoding: string length exceeds available data", "INVALID_ARGUMENT", { length: len });
+  }
   const out = data.slice(start, start + len);
   return bytesToUtf8(out);
 }
@@ -377,6 +403,22 @@ function decodeTupleLike(params, data, baseOffset, depth) {
     const p = ps[i];
     if (_isDynamicType(p)) {
       const rel = _readWordAsNumber(data, baseOffset + headOff);
+      // The dynamic offset is attacker-controlled. In canonical ABI encoding
+      // the tail always starts at or after the head, so reject offsets that point
+      // back into the head region (aliasing) and offsets that fall outside the
+      // available data before following the pointer.
+      if (rel < headSize) {
+        throw makeError("ABI decoding: dynamic offset points into head region", "INVALID_ARGUMENT", {
+          offset: rel,
+          headSize,
+        });
+      }
+      if (baseOffset + rel + 32 > data.length) {
+        throw makeError("ABI decoding: dynamic offset out of bounds", "INVALID_ARGUMENT", {
+          offset: rel,
+          length: data.length,
+        });
+      }
       values.push(decodeParam(p, data, baseOffset + rel, depth));
       headOff += 32;
     } else {
@@ -385,7 +427,6 @@ function decodeTupleLike(params, data, baseOffset, depth) {
     }
   }
 
-  void headSize;
   return values;
 }
 
@@ -400,11 +441,29 @@ function decodeParam(param, data, offset, depth) {
 
     if (_isDynamicArray(type)) {
       const len = _readWordAsNumber(data, offset);
-      const elems = decodeTupleLike(Array.from({ length: len }).map(() => innerParam), data, offset + 32, depth + 1);
+      // Each element consumes at least one 32-byte head word. Reject lengths
+      // that cannot possibly fit in the remaining calldata before allocating an
+      // array of `len` entries (prevents unbounded allocation / OOM from a
+      // hostile ABI response declaring an enormous length).
+      const elemsStart = offset + 32;
+      if (len * 32 > data.length - elemsStart) {
+        throw makeError("ABI decoding: array length exceeds available data", "INVALID_ARGUMENT", { length: len });
+      }
+      const elems = decodeTupleLike(Array.from({ length: len }).map(() => innerParam), data, elemsStart, depth + 1);
       return elems;
     }
 
     const n = _fixedArrayLength(type);
+    // A fixed-array dimension comes from the (attacker-controllable) type
+    // string. Each element occupies at least one 32-byte head word, so reject a
+    // length that cannot possibly fit in the remaining data before allocating an
+    // array of `n` entries (prevents unbounded allocation / OOM from e.g.
+    // `uint256[1000000000]`).
+    if (n * 32 > data.length - offset) {
+      throw makeError("ABI decoding: fixed array length exceeds available data", "INVALID_ARGUMENT", {
+        length: n,
+      });
+    }
     return decodeTupleLike(Array.from({ length: n }).map(() => innerParam), data, offset, depth + 1);
   }
 

package/src/contract/contract.js

@@ -37,6 +37,40 @@ function _isOverridesLike(value) {
   return true;
 }
 
+// Fields a caller is allowed to set via `overrides`. Protected routing /
+// payload fields (`to`, `data`, `from`) are intentionally excluded so that a
+// caller-supplied overrides object can never redirect the transaction to a
+// different contract or replace the encoded calldata. Unknown keys are dropped.
+const _ALLOWED_OVERRIDE_KEYS = [
+  "value",
+  "gasLimit",
+  "gasPrice",
+  "maxFeePerGas",
+  "maxPriorityFeePerGas",
+  "nonce",
+  "chainId",
+  "remarks",
+  "signingContext",
+];
+
+/**
+ * Return a copy of `overrides` containing only the allow-listed fields.
+ * Drops `to`, `data`, `from`, and any unknown/prototype keys so the protected
+ * fields computed by the contract layer always win.
+ * @param {any} overrides
+ * @returns {Record<string, any>}
+ */
+function _sanitizeOverrides(overrides) {
+  const out = {};
+  if (!_isOverridesLike(overrides)) return out;
+  for (const key of _ALLOWED_OVERRIDE_KEYS) {
+    if (Object.prototype.hasOwnProperty.call(overrides, key) && overrides[key] !== undefined) {
+      out[key] = overrides[key];
+    }
+  }
+  return out;
+}
+
 /**
  * BaseContract placeholder (ethers-like).
  */
@@ -228,7 +262,8 @@ class Contract extends BaseContract {
     }
 
     const data = this.interface.encodeFunctionData(methodName, callArgs);
-    return { to: this.address, data, ...(overrides || {}) };
+    // Protected fields (to/data) must win over caller-supplied overrides.
+    return { ..._sanitizeOverrides(overrides), to: this.address, data };
   }
 
   /**
@@ -241,7 +276,8 @@ class Contract extends BaseContract {
   async call(methodName, args, overrides) {
     if (!this.provider) throw makeError("missing provider", "UNKNOWN_ERROR", { operation: "call" });
     const data = this.interface.encodeFunctionData(methodName, args);
-    const tx = { to: this.address, data, ...(overrides || {}) };
+    // Protected fields (to/data) must win over caller-supplied overrides.
+    const tx = { ..._sanitizeOverrides(overrides), to: this.address, data };
     const raw = await this.provider.call(tx, "latest");
     const decoded = this.interface.decodeFunctionResult(methodName, raw);
     return decoded;
@@ -257,7 +293,8 @@ class Contract extends BaseContract {
   async send(methodName, args, overrides) {
     if (!this.signer) throw makeError("missing signer", "UNKNOWN_ERROR", { operation: "send" });
     const data = this.interface.encodeFunctionData(methodName, args);
-    const tx = { to: this.address, data, ...(overrides || {}) };
+    // Protected fields (to/data) must win over caller-supplied overrides.
+    const tx = { ..._sanitizeOverrides(overrides), to: this.address, data };
     const resp = await this.signer.sendTransaction(tx);
     return new ContractTransactionResponse(resp);
   }
@@ -273,9 +310,19 @@ class Contract extends BaseContract {
     if (!this.provider) throw makeError("missing provider", "UNKNOWN_ERROR", { operation: "queryFilter" });
     const name = typeof event === "string" ? event : event?.name;
     assertArgument(typeof name === "string", "invalid event", "event", event);
-    const filter = { address: this.address, fromBlock, toBlock };
+
+    // Bind the query to the requested event's topic0 so a malicious node cannot
+    // return same-address logs for a *different* event. We both constrain the RPC
+    // filter and verify the returned logs' topic0 client-side.
+    const topic0 = this.interface.getEventTopic(name);
+    const filter = { address: this.address, topics: [topic0], fromBlock, toBlock };
     const logs = await this.provider.getLogs(filter);
-    return logs.map((l) => new EventLog(l));
+    return logs
+      .filter((l) => {
+        const t = Array.isArray(l && l.topics) ? l.topics[0] : null;
+        return typeof t === "string" && normalizeHex(t).toLowerCase() === topic0.toLowerCase();
+      })
+      .map((l) => new EventLog(l));
   }
 
   on(event, callback) {
@@ -356,5 +403,6 @@ module.exports = {
   ContractTransactionResponse,
   ContractTransactionReceipt,
   EventLog,
+  _sanitizeOverrides,
 };
 

package/src/contract/index.d.ts

@@ -1,9 +1,9 @@
-declare const _exports: {
-    ContractFactory: typeof import("./contract-factory").ContractFactory;
-    BaseContract: typeof import("./contract").BaseContract;
-    Contract: typeof import("./contract").Contract;
-    ContractTransactionResponse: typeof import("./contract").ContractTransactionResponse;
-    ContractTransactionReceipt: typeof import("./contract").ContractTransactionReceipt;
-    EventLog: typeof import("./contract").EventLog;
-};
-export = _exports;
+declare const _exports: {
+    ContractFactory: typeof import("./contract-factory").ContractFactory;
+    BaseContract: typeof import("./contract").BaseContract;
+    Contract: typeof import("./contract").Contract;
+    ContractTransactionResponse: typeof import("./contract").ContractTransactionResponse;
+    ContractTransactionReceipt: typeof import("./contract").ContractTransactionReceipt;
+    EventLog: typeof import("./contract").EventLog;
+};
+export = _exports;

package/src/errors/index.d.ts

@@ -1,92 +1,92 @@
-export type ErrorCode = "INVALID_ARGUMENT" | "NUMERIC_FAULT" | "BUFFER_OVERRUN" | "CALL_EXCEPTION" | "UNKNOWN_ERROR" | "NOT_IMPLEMENTED";
-/**
- * @fileoverview Error helpers and error classes.
- *
- * The QuantumCoin.js SDK follows ethers.js v6 error patterns:
- * - errors include a machine-readable `code`
- * - errors include `shortMessage`
- * - errors may include extra fields depending on the failure
- */
-/**
- * @typedef {"INVALID_ARGUMENT"|"NUMERIC_FAULT"|"BUFFER_OVERRUN"|"CALL_EXCEPTION"|"UNKNOWN_ERROR"|"NOT_IMPLEMENTED"} ErrorCode
- */
-/**
- * Returns true if the error matches the given code.
- * @param {any} error
- * @param {string} code
- * @returns {boolean}
- */
-export function isError(error: any, code: string): boolean;
-/**
- * Returns true if the error is a CALL_EXCEPTION.
- * @param {any} error
- * @returns {boolean}
- */
-export function isCallException(error: any): boolean;
-/**
- * Create an Error configured like ethers emits errors.
- *
- * @param {string} message
- * @param {ErrorCode} code
- * @param {Record<string, any>=} info
- * @returns {Error & { code: ErrorCode, shortMessage: string }}
- */
-export function makeError(message: string, code: ErrorCode, info?: Record<string, any> | undefined): Error & {
-    code: ErrorCode;
-    shortMessage: string;
-};
-/**
- * Assert a condition, throwing an ethers-style error otherwise.
- * @param {any} check
- * @param {string} message
- * @param {ErrorCode} code
- * @param {Record<string, any>=} info
- */
-export function assert(check: any, message: string, code: ErrorCode, info?: Record<string, any> | undefined): void;
-/**
- * Assert an argument constraint.
- * @param {any} check
- * @param {string} message
- * @param {string} name
- * @param {any} value
- */
-export function assertArgument(check: any, message: string, name: string, value: any): void;
-/**
- * Provider error.
- */
-export class ProviderError extends Error {
-    /**
-     * @param {string} message
-     * @param {Record<string, any>=} info
-     */
-    constructor(message: string, info?: Record<string, any> | undefined);
-    /** @type {ErrorCode} */
-    code: ErrorCode;
-    shortMessage: string;
-}
-/**
- * Transaction error.
- */
-export class TransactionError extends Error {
-    /**
-     * @param {string} message
-     * @param {Record<string, any>=} info
-     */
-    constructor(message: string, info?: Record<string, any> | undefined);
-    /** @type {ErrorCode} */
-    code: ErrorCode;
-    shortMessage: string;
-}
-/**
- * Contract error.
- */
-export class ContractError extends Error {
-    /**
-     * @param {string} message
-     * @param {Record<string, any>=} info
-     */
-    constructor(message: string, info?: Record<string, any> | undefined);
-    /** @type {ErrorCode} */
-    code: ErrorCode;
-    shortMessage: string;
-}
+export type ErrorCode = "INVALID_ARGUMENT" | "NUMERIC_FAULT" | "BUFFER_OVERRUN" | "CALL_EXCEPTION" | "UNKNOWN_ERROR" | "NOT_IMPLEMENTED";
+/**
+ * @fileoverview Error helpers and error classes.
+ *
+ * The QuantumCoin.js SDK follows ethers.js v6 error patterns:
+ * - errors include a machine-readable `code`
+ * - errors include `shortMessage`
+ * - errors may include extra fields depending on the failure
+ */
+/**
+ * @typedef {"INVALID_ARGUMENT"|"NUMERIC_FAULT"|"BUFFER_OVERRUN"|"CALL_EXCEPTION"|"UNKNOWN_ERROR"|"NOT_IMPLEMENTED"} ErrorCode
+ */
+/**
+ * Returns true if the error matches the given code.
+ * @param {any} error
+ * @param {string} code
+ * @returns {boolean}
+ */
+export function isError(error: any, code: string): boolean;
+/**
+ * Returns true if the error is a CALL_EXCEPTION.
+ * @param {any} error
+ * @returns {boolean}
+ */
+export function isCallException(error: any): boolean;
+/**
+ * Create an Error configured like ethers emits errors.
+ *
+ * @param {string} message
+ * @param {ErrorCode} code
+ * @param {Record<string, any>=} info
+ * @returns {Error & { code: ErrorCode, shortMessage: string }}
+ */
+export function makeError(message: string, code: ErrorCode, info?: Record<string, any> | undefined): Error & {
+    code: ErrorCode;
+    shortMessage: string;
+};
+/**
+ * Assert a condition, throwing an ethers-style error otherwise.
+ * @param {any} check
+ * @param {string} message
+ * @param {ErrorCode} code
+ * @param {Record<string, any>=} info
+ */
+export function assert(check: any, message: string, code: ErrorCode, info?: Record<string, any> | undefined): void;
+/**
+ * Assert an argument constraint.
+ * @param {any} check
+ * @param {string} message
+ * @param {string} name
+ * @param {any} value
+ */
+export function assertArgument(check: any, message: string, name: string, value: any): void;
+/**
+ * Provider error.
+ */
+export class ProviderError extends Error {
+    /**
+     * @param {string} message
+     * @param {Record<string, any>=} info
+     */
+    constructor(message: string, info?: Record<string, any> | undefined);
+    /** @type {ErrorCode} */
+    code: ErrorCode;
+    shortMessage: string;
+}
+/**
+ * Transaction error.
+ */
+export class TransactionError extends Error {
+    /**
+     * @param {string} message
+     * @param {Record<string, any>=} info
+     */
+    constructor(message: string, info?: Record<string, any> | undefined);
+    /** @type {ErrorCode} */
+    code: ErrorCode;
+    shortMessage: string;
+}
+/**
+ * Contract error.
+ */
+export class ContractError extends Error {
+    /**
+     * @param {string} message
+     * @param {Record<string, any>=} info
+     */
+    constructor(message: string, info?: Record<string, any> | undefined);
+    /** @type {ErrorCode} */
+    code: ErrorCode;
+    shortMessage: string;
+}

package/src/generator/index.d.ts

@@ -52,23 +52,30 @@ export function generateFromArtifacts(opts: {
  * Generate a transactional e2e test file (JavaScript) for the typed contract package.
  * The test deploys the contract with constructor args (if any) and invokes one write method.
  *
- * @param {{ contractName: string, abi: any[] }} opts
- * @returns {string}
+ * When `bytecode` is omitted, empty, or `"0x"` the contract is treated as an interface
+ * and the post-deploy `provider.getCode(...)` bytecode assertion is omitted from the
+ * generated test (interfaces deploy with no runtime code by design).
+ *
+ * @param opts
  */
 export function generateTransactionalTestJs(opts: {
     contractName: string;
     abi: any[];
+    bytecode?: string;
 }): string;
 /**
  * Generate a single transactional e2e test that deploys and invokes methods on ALL contracts.
  * Used when the package has multiple contracts so one test exercises every contract.
  *
- * @param {{ artifacts: Array<{ contractName: string, abi: any[] }> }} opts
- * @returns {string}
+ * Accepts `bytecode` per artifact for forward-compatibility; the multi-contract template
+ * currently emits no `getCode` assertion (so the value is not yet consumed).
+ *
+ * @param opts
  */
 export function generateAllContractsTransactionalTestJs(opts: {
     artifacts: Array<{
         contractName: string;
         abi: any[];
+        bytecode?: string;
     }>;
 }): string;