aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeonid <logvinov.leon@gmail.com>2017-09-06 16:39:43 +0800
committerGitHub <noreply@github.com>2017-09-06 16:39:43 +0800
commit07da617c050593a5cf9ce194eefd4f4e8fea7c61 (patch)
tree6156865472010078a9f27b905bcaec7782f6521c
parentf0a5ad2d2063fe8ba4682147ec2f73e2763b0275 (diff)
parent35c133caeda613121d7d90f3f1347ebdc8087d66 (diff)
downloaddexon-0x-contracts-07da617c050593a5cf9ce194eefd4f4e8fea7c61.tar.gz
dexon-0x-contracts-07da617c050593a5cf9ce194eefd4f4e8fea7c61.tar.zst
dexon-0x-contracts-07da617c050593a5cf9ce194eefd4f4e8fea7c61.zip
Merge pull request #152 from 0xProject/fix/signature-verification
Add signature verification as a part of order validation
-rw-r--r--CHANGELOG.md1
-rw-r--r--src/utils/order_validation_utils.ts6
-rw-r--r--test/order_validation_test.ts12
3 files changed, 17 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index dc2f4a040..680e55b42 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@ v0.13.0 - _TBD, 2017_
* Made all the functions submitting transactions to the network to immediately return transaction hash (#151)
* Added `zeroEx.awaitTransactionMinedAsync` (#151)
* Added `TransactionReceiptWithDecodedLogs`, `LogWithDecodedArgs`, `DecodedLogArgs` to public types (#151)
+ * Added signature validation to `validateFillOrderThrowIfInvalidAsync` (#152)
v0.12.1 - _September 2, 2017_
* Added the support for web3@1.x.x provider (#142)
diff --git a/src/utils/order_validation_utils.ts b/src/utils/order_validation_utils.ts
index 445ad43f9..e64666dfc 100644
--- a/src/utils/order_validation_utils.ts
+++ b/src/utils/order_validation_utils.ts
@@ -1,4 +1,5 @@
-import {ExchangeContractErrs, SignedOrder, Order} from '../types';
+import {ExchangeContractErrs, SignedOrder, Order, ZeroExError} from '../types';
+import {ZeroEx} from '../0x.js';
import {TokenWrapper} from '../contract_wrappers/token_wrapper';
import {ExchangeWrapper} from '../contract_wrappers/exchange_wrapper';
import {utils} from '../utils/utils';
@@ -19,6 +20,9 @@ export class OrderValidationUtils {
throw new Error(ExchangeContractErrs.OrderFillAmountZero);
}
const orderHash = utils.getOrderHashHex(signedOrder);
+ if (!ZeroEx.isValidSignature(orderHash, signedOrder.ecSignature, signedOrder.maker)) {
+ throw new Error(ZeroExError.InvalidSignature);
+ }
const unavailableTakerTokenAmount = await this.exchangeWrapper.getUnavailableTakerAmountAsync(orderHash);
if (signedOrder.makerTokenAmount.eq(unavailableTakerTokenAmount)) {
throw new Error(ExchangeContractErrs.OrderRemainingFillAmountZero);
diff --git a/test/order_validation_test.ts b/test/order_validation_test.ts
index 93bcfcce0..9a621555c 100644
--- a/test/order_validation_test.ts
+++ b/test/order_validation_test.ts
@@ -4,7 +4,7 @@ import * as BigNumber from 'bignumber.js';
import promisify = require('es6-promisify');
import {chaiSetup} from './utils/chai_setup';
import {web3Factory} from './utils/web3_factory';
-import {ZeroEx, SignedOrder, Token, ExchangeContractErrs} from '../src';
+import {ZeroEx, SignedOrder, Token, ExchangeContractErrs, ZeroExError} from '../src';
import {TokenUtils} from './utils/token_utils';
import {BlockchainLifecycle} from './utils/blockchain_lifecycle';
import {FillScenarios} from './utils/fill_scenarios';
@@ -64,6 +64,16 @@ describe('OrderValidation', () => {
signedOrder, zeroFillAmount, takerAddress,
)).to.be.rejectedWith(ExchangeContractErrs.OrderFillAmountZero);
});
+ it('should throw when the signature is invalid', async () => {
+ const signedOrder = await fillScenarios.createFillableSignedOrderAsync(
+ makerTokenAddress, takerTokenAddress, makerAddress, takerAddress, fillableAmount,
+ );
+ // 27 <--> 28
+ signedOrder.ecSignature.v = 27 + (28 - signedOrder.ecSignature.v);
+ return expect(zeroEx.exchange.validateFillOrderThrowIfInvalidAsync(
+ signedOrder, fillableAmount, takerAddress,
+ )).to.be.rejectedWith(ZeroExError.InvalidSignature);
+ });
it('should throw when the order is fully filled or cancelled', async () => {
const signedOrder = await fillScenarios.createFillableSignedOrderAsync(
makerTokenAddress, takerTokenAddress, makerAddress, takerAddress, fillableAmount,