quantumcoin 7.0.12 → 7.0.14

package/src/providers/provider.js

@@ -7,7 +7,7 @@
 
 const { EventEmitter } = require("events");
 const { makeError, assertArgument } = require("../errors");
-const { normalizeHex, isHexString } = require("../internal/hex");
+const { normalizeHex, toQuantityHex, isHexString } = require("../internal/hex");
 
 /**
  * @typedef {import("../utils/encoding").BytesLike} BytesLike
@@ -44,7 +44,17 @@ function _hexToBigInt(hex) {
 }
 
 function _hexToNumber(hex) {
-  return Number(_hexToBigInt(hex));
+  // RPC quantities are untrusted. Previously `Number(bigint)` silently
+  // truncated values above 2^53, corrupting blockNumber/nonce/status/indices used
+  // in confirmation math. We keep returning a `number` (no signature/type change),
+  // but fail loudly for out-of-range values instead of returning a corrupted one.
+  // Real chain values are far below MAX_SAFE_INTEGER, so honest flows are
+  // unaffected. (Returning bigint would break field types and wait() arithmetic.)
+  const bi = _hexToBigInt(hex);
+  if (bi > BigInt(Number.MAX_SAFE_INTEGER) || bi < BigInt(Number.MIN_SAFE_INTEGER)) {
+    throw makeError("RPC quantity exceeds safe integer range", "NUMERIC_FAULT", { value: bi.toString() });
+  }
+  return Number(bi);
 }
   
 /**
@@ -52,13 +62,54 @@ function _hexToNumber(hex) {
  * @param {number|string|undefined} blockTag
  * @returns {string|undefined}
  */
+/**
+ * Build a lowercase Set of allowed log addresses from a filter's `address` field
+ * (string or string[]). Returns null when no address constraint is present.
+ * @param {string|string[]|undefined|null} address
+ * @returns {Set<string>|null}
+ */
+function _normalizeAddressFilter(address) {
+  if (address == null) return null;
+  const list = Array.isArray(address) ? address : [address];
+  const set = new Set();
+  for (const a of list) {
+    if (typeof a === "string" && a.length > 0) set.add(a.toLowerCase());
+  }
+  return set.size ? set : null;
+}
+
+/**
+ * Check a log's topics against a requested topics filter (eth_getLogs
+ * semantics). Each filter position may be null (wildcard), a string (exact
+ * match), or an array of strings (any match). Used to drop logs a malicious node
+ * returns that do not actually match the requested event topic(s).
+ * @param {any[]} logTopics
+ * @param {(string|string[]|null)[]} filterTopics
+ * @returns {boolean}
+ */
+function _topicsMatch(logTopics, filterTopics) {
+  if (!Array.isArray(filterTopics)) return true;
+  const topics = Array.isArray(logTopics) ? logTopics : [];
+  for (let i = 0; i < filterTopics.length; i++) {
+    const want = filterTopics[i];
+    if (want == null) continue; // wildcard position
+    const have = typeof topics[i] === "string" ? topics[i].toLowerCase() : null;
+    if (have == null) return false;
+    const allowed = (Array.isArray(want) ? want : [want])
+      .filter((t) => typeof t === "string")
+      .map((t) => t.toLowerCase());
+    if (allowed.length && !allowed.includes(have)) return false;
+  }
+  return true;
+}
+
 function _blockTagToHex(blockTag) {
   if (blockTag === undefined || blockTag === null) return undefined;
   const s = String(blockTag).toLowerCase();
   if (s === "latest" || s === "pending" || s === "earliest") return s;
   const n = typeof blockTag === "number" ? blockTag : Number(blockTag);
   if (!Number.isInteger(n) || n < 0) return undefined;
-  return normalizeHex("0x" + n.toString(16));
+  return toQuantityHex(n);
 }
 
 /**
@@ -251,7 +302,7 @@ class AbstractProvider extends Provider {
    * @returns {Promise<Block>}
    */
   async getBlock(blockNumber) {
-    const tag = blockNumber === "latest" ? "latest" : normalizeHex("0x" + Number(blockNumber).toString(16));
+    const tag = blockNumber === "latest" ? "latest" : toQuantityHex(blockNumber);
     const block = await this._perform("eth_getBlockByNumber", [tag, false]);
     return new Block(block, this);
   }
@@ -263,7 +314,23 @@ class AbstractProvider extends Provider {
   async getTransaction(txHash) {
     const tx = await this._perform("eth_getTransactionByHash", [txHash]);
     if (!tx) return null;
-    return new TransactionResponse(tx, this);
+    const result = new TransactionResponse(tx, this);
+    // Do not trust the node to return the transaction we actually asked for.
+    // When the response carries a hash, it must match the requested hash;
+    // otherwise a malicious node could substitute a different transaction.
+    if (
+      typeof txHash === "string" &&
+      typeof result.hash === "string" &&
+      result.hash.length > 0 &&
+      result.hash.toLowerCase() !== txHash.toLowerCase()
+    ) {
+      throw makeError("RPC node returned a transaction whose hash does not match the requested hash", "UNKNOWN_ERROR", {
+        operation: "getTransaction",
+        expected: txHash,
+        got: result.hash,
+      });
+    }
+    return result;
   }
 
   /**
@@ -273,7 +340,23 @@ class AbstractProvider extends Provider {
   async getTransactionReceipt(txHash) {
     const receipt = await this._perform("eth_getTransactionReceipt", [txHash]);
     if (!receipt) return null;
-    return new TransactionReceipt(receipt, this);
+    const result = new TransactionReceipt(receipt, this);
+    // The receipt must belong to the transaction we asked about. A node must
+    // not be able to confirm an unrelated/fabricated transaction (which would let
+    // wait() report success for the wrong tx).
+    if (
+      typeof txHash === "string" &&
+      typeof result.transactionHash === "string" &&
+      result.transactionHash.length > 0 &&
+      result.transactionHash.toLowerCase() !== txHash.toLowerCase()
+    ) {
+      throw makeError("RPC node returned a receipt whose hash does not match the requested hash", "UNKNOWN_ERROR", {
+        operation: "getTransactionReceipt",
+        expected: txHash,
+        got: result.transactionHash,
+      });
+    }
+    return result;
   }
 
   /**
@@ -299,15 +382,47 @@ class AbstractProvider extends Provider {
   /**
    * Broadcasts a signed transaction.
    * @param {TransactionRequest|string} tx
+   * @param {{ expectedHash?: string }=} opts Optional. When `expectedHash` is set,
+   *   the hash returned by the node (and the fetched-back transaction's hash) must
+   *   match it, otherwise an error is thrown (do not trust the RPC node to
+   *   broadcast the exact transaction that was signed).
    * @returns {Promise<TransactionResponse>}
    */
-  async sendTransaction(tx) {
+  async sendTransaction(tx, opts) {
     // For QuantumCoin.js, tx is expected to be a signed raw transaction hex string.
     const raw = typeof tx === "string" ? tx : tx?.raw;
     if (typeof raw !== "string") throw makeError("sendTransaction requires a signed raw transaction string", "INVALID_ARGUMENT", { tx });
+    const expectedHash =
+      opts && typeof opts.expectedHash === "string" && opts.expectedHash.length > 0 ? opts.expectedHash.toLowerCase() : null;
+
     const hash = await this._perform("eth_sendRawTransaction", [raw]);
+
+    // The node returns the hash it claims to have accepted. If we know the
+    // hash of the transaction we signed, reject any mismatch — a malicious or
+    // buggy node must not be able to silently substitute a different transaction.
+    if (expectedHash != null && typeof hash === "string" && hash.length > 0) {
+      if (hash.toLowerCase() !== expectedHash) {
+        throw makeError("RPC node returned a transaction hash that does not match the signed transaction", "UNKNOWN_ERROR", {
+          operation: "sendTransaction",
+          expected: expectedHash,
+          got: hash,
+        });
+      }
+    }
+
     // Fetch back transaction (best-effort)
     const result = await this.getTransaction(hash);
+
+    // Verify the fetched-back transaction's hash too, so a node cannot return
+    // a fabricated transaction object under the correct hash lookup.
+    if (result && expectedHash != null && typeof result.hash === "string" && result.hash.toLowerCase() !== expectedHash) {
+      throw makeError("RPC node returned a transaction whose hash does not match the signed transaction", "UNKNOWN_ERROR", {
+        operation: "sendTransaction",
+        expected: expectedHash,
+        got: result.hash,
+      });
+    }
+
     return result || new TransactionResponse({ hash }, this);
   }
 
@@ -376,7 +491,25 @@ class AbstractProvider extends Provider {
     if (fromBlock !== undefined) normalized.fromBlock = fromBlock;
     if (toBlock !== undefined) normalized.toBlock = toBlock;
     const logs = await this._perform("eth_getLogs", [normalized]);
-    return (logs || []).map((l) => new Log(l, this));
+    const mapped = (logs || []).map((l) => new Log(l, this));
+
+    // A malicious node could return logs emitted by contracts other than the
+    // one(s) requested. When the filter constrains the address, drop any log whose
+    // address is not in that set so foreign-contract events cannot be injected.
+    const allowed = _normalizeAddressFilter(filter.address);
+    // A malicious node could return logs for a different event (different
+    // topic0) or from foreign contracts. Drop anything that does not match the
+    // requested address and topic constraints.
+    const hasTopicFilter = Array.isArray(filter.topics) && filter.topics.some((t) => t != null);
+    if (allowed || hasTopicFilter) {
+      return mapped.filter((l) => {
+        if (!l) return false;
+        if (allowed && !(typeof l.address === "string" && allowed.has(l.address.toLowerCase()))) return false;
+        if (hasTopicFilter && !_topicsMatch(l.topics, filter.topics)) return false;
+        return true;
+      });
+    }
+    return mapped;
   }
 }
 

package/src/utils/address.d.ts

@@ -1,58 +1,58 @@
-/**
- * Checks if string is a valid address (32 bytes, 66 hex characters).
- * @param {string} address
- * @returns {boolean}
- */
-export function isAddress(address: string): boolean;
-/**
- * Returns normalized address.
- * Note: QuantumCoin checksumming uses QuantumCoin conventions; currently this normalizes to lowercase.
- * @param {string} address
- * @returns {string}
- */
-export function getAddress(address: string): string;
-/**
- * Returns true if value is an object implementing Addressable (has getAddress()).
- * @param {any} value
- * @returns {boolean}
- */
-export function isAddressable(value: any): boolean;
-/**
- * Resolve an AddressLike into a string address.
- * For QuantumCoin, ENS is not supported.
- * @param {any} target
- * @returns {string|Promise<string>}
- */
-export function resolveAddress(target: any): string | Promise<string>;
-/**
- * Calculates contract address from deployer and nonce.
- * @param {{ from: string, nonce: number }} tx
- * @returns {string}
- */
-export function getContractAddress(tx: {
-    from: string;
-    nonce: number;
-}): string;
-/**
- * Alias for getContractAddress.
- * @param {{ from: string, nonce: number }} tx
- * @returns {string}
- */
-export function getCreateAddress(tx: {
-    from: string;
-    nonce: number;
-}): string;
-/**
- * Calculates CREATE2 contract address.
- * @param {string} from
- * @param {string} salt
- * @param {string} initCodeHash
- * @returns {string}
- */
-export function getCreate2Address(from: string, salt: string, initCodeHash: string): string;
-/**
- * Computes address from a public key.
- * @param {string|Uint8Array} key
- * @returns {string}
- */
-export function computeAddress(key: string | Uint8Array): string;
+/**
+ * Checks if string is a valid address (32 bytes, 66 hex characters).
+ * @param {string} address
+ * @returns {boolean}
+ */
+export function isAddress(address: string): boolean;
+/**
+ * Returns normalized address.
+ * Note: QuantumCoin checksumming uses QuantumCoin conventions; currently this normalizes to lowercase.
+ * @param {string} address
+ * @returns {string}
+ */
+export function getAddress(address: string): string;
+/**
+ * Returns true if value is an object implementing Addressable (has getAddress()).
+ * @param {any} value
+ * @returns {boolean}
+ */
+export function isAddressable(value: any): boolean;
+/**
+ * Resolve an AddressLike into a string address.
+ * For QuantumCoin, ENS is not supported.
+ * @param {any} target
+ * @returns {string|Promise<string>}
+ */
+export function resolveAddress(target: any): string | Promise<string>;
+/**
+ * Calculates contract address from deployer and nonce.
+ * @param {{ from: string, nonce: number }} tx
+ * @returns {string}
+ */
+export function getContractAddress(tx: {
+    from: string;
+    nonce: number;
+}): string;
+/**
+ * Alias for getContractAddress.
+ * @param {{ from: string, nonce: number }} tx
+ * @returns {string}
+ */
+export function getCreateAddress(tx: {
+    from: string;
+    nonce: number;
+}): string;
+/**
+ * Calculates CREATE2 contract address.
+ * @param {string} from
+ * @param {string} salt
+ * @param {string} initCodeHash
+ * @returns {string}
+ */
+export function getCreate2Address(from: string, salt: string, initCodeHash: string): string;
+/**
+ * Computes address from a public key.
+ * @param {string|Uint8Array} key
+ * @returns {string}
+ */
+export function computeAddress(key: string | Uint8Array): string;

package/src/utils/encoding.d.ts

@@ -1,120 +1,120 @@
-export type BytesLike = string | Uint8Array;
-/**
- * @typedef {string | Uint8Array} BytesLike
- */
-/**
- * Converts bytes to UTF-8 string.
- * @param {BytesLike} data
- * @returns {string}
- */
-export function toUtf8String(data: BytesLike): string;
-/**
- * Converts string to UTF-8 bytes.
- * @param {string} str
- * @returns {Uint8Array}
- */
-export function toUtf8Bytes(str: string): Uint8Array;
-/**
- * Converts data to hex string.
- * @param {BytesLike} data
- * @returns {string}
- */
-export function toHex(data: BytesLike): string;
-/**
- * Alias for toHex.
- * @param {BytesLike} data
- * @returns {string}
- */
-export function hexlify(data: BytesLike): string;
-/**
- * Converts data to byte array.
- * @param {BytesLike} data
- * @returns {Uint8Array}
- */
-export function arrayify(data: BytesLike): Uint8Array;
-/**
- * Concatenates byte arrays and returns a hex string.
- * @param {BytesLike[]} items
- * @returns {string}
- */
-export function concat(items: BytesLike[]): string;
-/**
- * Strips leading zeros from a hex string.
- * @param {BytesLike} data
- * @returns {string}
- */
-export function stripZerosLeft(data: BytesLike): string;
-/**
- * Encodes a short UTF-8 string into a bytes32 hex string.
- * @param {string} text
- * @returns {string}
- */
-export function encodeBytes32String(text: string): string;
-/**
- * Decodes a bytes32 hex string into a UTF-8 string (trailing zeros stripped).
- * @param {BytesLike} bytes
- * @returns {string}
- */
-export function decodeBytes32String(bytes: BytesLike): string;
-/**
- * Decode Base58 string to bytes.
- * @param {string} data
- * @returns {Uint8Array}
- */
-export function decodeBase58(data: string): Uint8Array;
-/**
- * Base64 decode to bytes.
- * @param {string} data
- * @returns {Uint8Array}
- */
-export function decodeBase64(data: string): Uint8Array;
-/**
- * Encode BytesLike as Base58.
- * @param {BytesLike} data
- * @returns {string}
- */
-export function encodeBase58(data: BytesLike): string;
-/**
- * Base64 encode BytesLike.
- * @param {BytesLike} data
- * @returns {string}
- */
-export function encodeBase64(data: BytesLike): string;
-/**
- * Returns UTF-8 code points for a string.
- * @param {string} str
- * @returns {number[]}
- */
-export function toUtf8CodePoints(str: string): number[];
-import { isHexString } from "../internal/hex";
-/**
- * Returns true if value is BytesLike.
- * @param {any} value
- * @returns {boolean}
- */
-export function isBytesLike(value: any): boolean;
-/**
- * Pads a BytesLike value to the left with zeros (byte length).
- * @param {BytesLike} value
- * @param {number} length
- * @returns {string}
- */
-export function zeroPad(value: BytesLike, length: number): string;
-/**
- * Pads a hex value (interpreted as bytes) to the left with zeros (byte length).
- * @param {BytesLike} value
- * @param {number} length
- * @returns {string}
- */
-export function zeroPadValue(value: BytesLike, length: number): string;
-/**
- * Solidity packed encoding.
- * This is a complex helper in ethers.js; in QuantumCoin.js it is currently not implemented.
- * @throws
- */
-export function solidityPacked(): void;
-export function solidityPackedKeccak256(): void;
-export function solidityPackedSha256(): void;
-import { bytesToHex } from "../internal/hex";
-import { hexToBytes } from "../internal/hex";
-export { isHexString, bytesToHex, hexToBytes };
+export type BytesLike = string | Uint8Array;
+/**
+ * @typedef {string | Uint8Array} BytesLike
+ */
+/**
+ * Converts bytes to UTF-8 string.
+ * @param {BytesLike} data
+ * @returns {string}
+ */
+export function toUtf8String(data: BytesLike): string;
+/**
+ * Converts string to UTF-8 bytes.
+ * @param {string} str
+ * @returns {Uint8Array}
+ */
+export function toUtf8Bytes(str: string): Uint8Array;
+/**
+ * Converts data to hex string.
+ * @param {BytesLike} data
+ * @returns {string}
+ */
+export function toHex(data: BytesLike): string;
+/**
+ * Alias for toHex.
+ * @param {BytesLike} data
+ * @returns {string}
+ */
+export function hexlify(data: BytesLike): string;
+/**
+ * Converts data to byte array.
+ * @param {BytesLike} data
+ * @returns {Uint8Array}
+ */
+export function arrayify(data: BytesLike): Uint8Array;
+/**
+ * Concatenates byte arrays and returns a hex string.
+ * @param {BytesLike[]} items
+ * @returns {string}
+ */
+export function concat(items: BytesLike[]): string;
+/**
+ * Strips leading zeros from a hex string.
+ * @param {BytesLike} data
+ * @returns {string}
+ */
+export function stripZerosLeft(data: BytesLike): string;
+/**
+ * Encodes a short UTF-8 string into a bytes32 hex string.
+ * @param {string} text
+ * @returns {string}
+ */
+export function encodeBytes32String(text: string): string;
+/**
+ * Decodes a bytes32 hex string into a UTF-8 string (trailing zeros stripped).
+ * @param {BytesLike} bytes
+ * @returns {string}
+ */
+export function decodeBytes32String(bytes: BytesLike): string;
+/**
+ * Decode Base58 string to bytes.
+ * @param {string} data
+ * @returns {Uint8Array}
+ */
+export function decodeBase58(data: string): Uint8Array;
+/**
+ * Base64 decode to bytes.
+ * @param {string} data
+ * @returns {Uint8Array}
+ */
+export function decodeBase64(data: string): Uint8Array;
+/**
+ * Encode BytesLike as Base58.
+ * @param {BytesLike} data
+ * @returns {string}
+ */
+export function encodeBase58(data: BytesLike): string;
+/**
+ * Base64 encode BytesLike.
+ * @param {BytesLike} data
+ * @returns {string}
+ */
+export function encodeBase64(data: BytesLike): string;
+/**
+ * Returns UTF-8 code points for a string.
+ * @param {string} str
+ * @returns {number[]}
+ */
+export function toUtf8CodePoints(str: string): number[];
+import { isHexString } from "../internal/hex";
+/**
+ * Returns true if value is BytesLike.
+ * @param {any} value
+ * @returns {boolean}
+ */
+export function isBytesLike(value: any): boolean;
+/**
+ * Pads a BytesLike value to the left with zeros (byte length).
+ * @param {BytesLike} value
+ * @param {number} length
+ * @returns {string}
+ */
+export function zeroPad(value: BytesLike, length: number): string;
+/**
+ * Pads a hex value (interpreted as bytes) to the left with zeros (byte length).
+ * @param {BytesLike} value
+ * @param {number} length
+ * @returns {string}
+ */
+export function zeroPadValue(value: BytesLike, length: number): string;
+/**
+ * Solidity packed encoding.
+ * This is a complex helper in ethers.js; in QuantumCoin.js it is currently not implemented.
+ * @throws
+ */
+export function solidityPacked(): void;
+export function solidityPackedKeccak256(): void;
+export function solidityPackedSha256(): void;
+import { bytesToHex } from "../internal/hex";
+import { hexToBytes } from "../internal/hex";
+export { isHexString, bytesToHex, hexToBytes };