medicz
commented
10 months ago This code is unfamiliar to me, but I just want to verify that this solution provides no way to sign a payload that could possibly itself be a valid transaction; we can't sign any particular string, only ones that match our NEP413 format and where all required keys have values.
If it is possible for someone to send a payload that is a valid transaction, then this is a security problem as it would allow someone to craft a message sign request that could then be used to actually perform an action against the users account. We should have a test that proves that any payload not conforming to NEP413 exactly will be rejected, and that we are signing the entire payload; we cannot ignore any part of the NEP413 payload.
By the NEP-413 itself, it is impossible for any message to represent valid transaction.
That is achieved by the fact that first field of a transaction is signer_id, which, when borsch serialized, will start with it's length that is not longer than 64 bytes. Therefore, when the first 4 bytes represent number 2147484061, we know it can not be valid transaction.
More about it: https://github.com/near/NEPs/blob/master/neps/nep-0413.md#how-to-ensure-the-message-is-not-a-transaction.
That said, I completely agree about adding tests, and require help with how to properly do it in this codebase, which is why they are missing.
trechriron
dj8yfo
Implements: https://github.com/near/NEPs/blob/master/neps/nep-0413.md
Pending automated tests.
Tested using https://github.com/LedgerHQ/speculos/tree/master
Screenshots below for Nano S+, ran emulator for all supported devices.