Improves/security

apps/bitcoin/rpc.go

@@ -91,7 +91,7 @@ func RPCGetTransactionOutput(chain byte, rpc, hash string, index int64) (*RPCTra
 	output := &Output{
 		Address:  out.ScriptPubKey.Address,
 		Satoshi:  satoshi.IntPart(),
-		Coinbase: len(tx.Vin) == 0 && tx.Vin[0].Coinbase != "",
+		Coinbase: len(tx.Vin) > 0 && tx.Vin[0].Coinbase != "",
 	}
 
 	if tx.BlockHash == "" { // mempool

apps/ethereum/rpc.go

@@ -288,9 +288,14 @@ func GetERC20TransferLogFromBlock(ctx context.Context, rpc string, chain, height
 	if err != nil {
 		return nil, err
 	}
+	defer client.Close()
+
+	logTransferSig := []byte("Transfer(address,address,uint256)")
+	logTransferSigHash := crypto.Keccak256Hash(logTransferSig)
 	query := ethereum.FilterQuery{
 		FromBlock: big.NewInt(height),
 		ToBlock:   big.NewInt(height),
+		Topics:    [][]common.Hash{{logTransferSigHash}},
 	}
 	contractAbi, err := ga.JSON(strings.NewReader(abi.AssetABI))
 	if err != nil {
@@ -300,8 +305,6 @@ func GetERC20TransferLogFromBlock(ctx context.Context, rpc string, chain, height
 	if err != nil {
 		return nil, err
 	}
-	logTransferSig := []byte("Transfer(address,address,uint256)")
-	logTransferSigHash := crypto.Keccak256Hash(logTransferSig)
 
 	ts := []*Transfer{}
 	for _, vLog := range logs {

common/aes.go

@@ -3,6 +3,8 @@ package common
 import (
 	"crypto/aes"
 	"crypto/cipher"
+	"crypto/rand"
+	"io"
 
 	"github.com/MixinNetwork/mixin/crypto"
 	"github.com/gofrs/uuid/v5"
@@ -36,7 +38,7 @@ func AESDecrypt(secret, b []byte) []byte {
 	if err != nil {
 		panic(err)
 	}
-	return append(nonce, d...)
+	return d
 }
 
 func AESEncrypt(secret, b []byte, sid string) []byte {
@@ -54,7 +56,12 @@ func AESEncrypt(secret, b []byte, sid string) []byte {
 	if err != nil {
 		panic(err)
 	}
-	nonce := b[:aead.NonceSize()]
-	cipher := aead.Seal(nil, nonce, b[aead.NonceSize():], nil)
+	// The nonce must be unique for all time, for a given key
+	nonce := make([]byte, aead.NonceSize())
+	_, err = io.ReadFull(rand.Reader, nonce)
+	if err != nil {
+		panic(err)
+	}
+	cipher := aead.Seal(nil, nonce, b, nil)
 	return append(nonce, cipher...)
 }

keeper/bitcoin.go

@@ -438,9 +438,15 @@ func (node *Node) processBitcoinSafeProposeAccount(ctx context.Context, req *com
 		panic(req.Role)
 	}
 	rce := req.ExtraBytes()
-	ver, _ := node.group.ReadKernelTransactionUntilSufficient(ctx, req.MixinHash.String())
+	ver, err := node.group.ReadKernelTransactionUntilSufficient(ctx, req.MixinHash.String())
+	if err != nil {
+		panic(err)
+	}
 	if len(rce) == 32 && len(ver.References) == 1 && ver.References[0].String() == req.ExtraHEX {
-		stx, _ := node.group.ReadKernelTransactionUntilSufficient(ctx, ver.References[0].String())
+		stx, err := node.group.ReadKernelTransactionUntilSufficient(ctx, ver.References[0].String())
+		if err != nil {
+			panic(err)
+		}
 		rce = stx.Extra
 	}
 	arp, err := req.ParseMixinRecipient(ctx, node.mixin, rce)

keeper/ethereum.go

@@ -436,9 +436,15 @@ func (node *Node) processEthereumSafeProposeAccount(ctx context.Context, req *co
 		panic(req.Curve)
 	}
 	rce := req.ExtraBytes()
-	ver, _ := node.group.ReadKernelTransactionUntilSufficient(ctx, req.MixinHash.String())
+	ver, err := node.group.ReadKernelTransactionUntilSufficient(ctx, req.MixinHash.String())
+	if err != nil {
+		panic(err)
+	}
 	if len(rce) == 32 && len(ver.References) == 1 && bytes.Equal(ver.References[0][:], rce) {
-		stx, _ := node.group.ReadKernelTransactionUntilSufficient(ctx, ver.References[0].String())
+		stx, err := node.group.ReadKernelTransactionUntilSufficient(ctx, ver.References[0].String())
+		if err != nil {
+			panic(err)
+		}
 		rce = stx.Extra
 	}
 	arp, err := req.ParseMixinRecipient(ctx, node.mixin, rce)

observer/accountant.go

@@ -30,9 +30,15 @@ func (node *Node) keeperCombineBitcoinTransactionSignatures(ctx context.Context,
 	spsbt, _ := bitcoin.UnmarshalPartiallySignedTransaction(extra)
 
 	tx, err := node.store.ReadTransactionApproval(ctx, spsbt.Hash())
-	if err != nil || tx.State >= common.RequestStateDone {
+	if err != nil {
 		return err
 	}
+	if tx == nil {
+		panic(spsbt.Hash())
+	}
+	if tx.State >= common.RequestStateDone {
+		return nil
+	}
 	switch tx.Chain {
 	case common.SafeChainBitcoin:
 	case common.SafeChainLitecoin:
@@ -138,9 +144,15 @@ func (node *Node) keeperVerifyEthereumTransactionSignatures(ctx context.Context,
 	raw := hex.EncodeToString(st.Marshal())
 
 	tx, err := node.store.ReadTransactionApproval(ctx, st.TxHash)
-	if err != nil || tx.State >= common.RequestStateDone {
+	if err != nil {
 		return err
 	}
+	if tx == nil {
+		panic(st.TxHash)
+	}
+	if tx.State >= common.RequestStateDone {
+		return nil
+	}
 	safe, err := node.keeperStore.ReadSafe(ctx, tx.Holder)
 	if err != nil {
 		return err

observer/bitcoin.go

@@ -984,6 +984,9 @@ func (node *Node) httpRevokeBitcoinTransaction(ctx context.Context, txHash strin
 	if err != nil {
 		return err
 	}
+	if tx == nil || tx.State != common.RequestStateInitial {
+		return fmt.Errorf("HTTP: %d", http.StatusNotAcceptable)
+	}
 
 	sig, err := base64.RawURLEncoding.DecodeString(sigBase64)
 	if err != nil {

observer/ethereum.go

@@ -1079,6 +1079,9 @@ func (node *Node) httpRevokeEthereumTransaction(ctx context.Context, txHash stri
 	if err != nil {
 		return err
 	}
+	if tx == nil || tx.State != common.RequestStateInitial {
+		return fmt.Errorf("HTTP: %d", http.StatusNotAcceptable)
+	}
 
 	sig, err := hex.DecodeString(sigHex)
 	if err != nil {

observer/holder.go

@@ -179,15 +179,7 @@ func (node *Node) httpCreateSafeAccountRecoveryRequest(ctx context.Context, addr
 	if hash == "" || raw == "" {
 		return fmt.Errorf("HTTP: %d", http.StatusNotAcceptable)
 	}
-	proposed, err := node.store.CheckAccountProposed(ctx, addr)
-	if err != nil || !proposed {
-		return err
-	}
-	sp, err := node.keeperStore.ReadSafeProposalByAddress(ctx, addr)
-	if err != nil {
-		return err
-	}
-	safe, err := node.keeperStore.ReadSafe(ctx, sp.Holder)
+	safe, err := node.keeperStore.ReadSafeByAddress(ctx, addr)
 	if err != nil {
 		return err
 	}
@@ -207,15 +199,7 @@ func (node *Node) httpCreateSafeAccountRecoveryRequest(ctx context.Context, addr
 
 func (node *Node) httpSignAccountRecoveryRequest(ctx context.Context, addr, raw, hash string) error {
 	logger.Printf("node.httpSignAccountRecoveryRequest(%s, %s, %s)", addr, raw, hash)
-	proposed, err := node.store.CheckAccountProposed(ctx, addr)
-	if err != nil || !proposed {
-		return err
-	}
-	sp, err := node.keeperStore.ReadSafeProposalByAddress(ctx, addr)
-	if err != nil {
-		return err
-	}
-	safe, err := node.keeperStore.ReadSafe(ctx, sp.Holder)
+	safe, err := node.keeperStore.ReadSafeByAddress(ctx, addr)
 	if err != nil {
 		return err
 	}
@@ -246,15 +230,7 @@ func (node *Node) httpSignAccountRecoveryRequest(ctx context.Context, addr, raw,
 
 func (node *Node) httpCloseAccountRecoveryRequest(ctx context.Context, addr, id, sig, hash string) error {
 	logger.Printf("node.httpCloseAccountRecoveryRequest(%s, %s, %v)", addr, sig, hash)
-	proposed, err := node.store.CheckAccountProposed(ctx, addr)
-	if err != nil || !proposed {
-		return err
-	}
-	sp, err := node.keeperStore.ReadSafeProposalByAddress(ctx, addr)
-	if err != nil {
-		return err
-	}
-	safe, err := node.keeperStore.ReadSafe(ctx, sp.Holder)
+	safe, err := node.keeperStore.ReadSafeByAddress(ctx, addr)
 	if err != nil {
 		return err
 	}

observer/http.go

@@ -263,6 +263,10 @@ func (node *Node) httpListNodes(w http.ResponseWriter, r *http.Request, typ stri
 func (node *Node) httpListDeposits(w http.ResponseWriter, r *http.Request, params map[string]string) {
 	holder := r.URL.Query().Get("holder")
 	chain, _ := strconv.ParseInt(r.URL.Query().Get("chain"), 10, 32)
+	if chain == 0 {
+		common.RenderJSON(w, r, http.StatusBadRequest, map[string]any{"error": "chain"})
+		return
+	}
 	offset, _ := strconv.ParseInt(r.URL.Query().Get("offset"), 10, 64)
 	deposits, err := node.store.ListDeposits(r.Context(), int(chain), holder, 0, offset)
 	if err != nil {

observer/node.go

@@ -216,6 +216,7 @@ func (node *Node) sendAccountApprovals(ctx context.Context) {
 				panic(err)
 			}
 		}
+		time.Sleep(5 * time.Second)
 	}
 }