From 05d72b51ceee7359c0fd9470c01e3bbcae286ffd Mon Sep 17 00:00:00 2001
From: 0X-SquidSol <david.laszczynski@gmail.com>
Date: Thu, 9 Apr 2026 13:18:28 -0400
Subject: [PATCH] fix(ws): reject tokens with NaN timestamps in verifyWsToken
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

parseInt(timestampStr, 10) returns NaN for non-numeric strings.
Without a guard, all subsequent comparisons (now - NaN > X) evaluate
to false, allowing the time check to pass. While the HMAC check
still prevents forgery, this is a defense-in-depth gap — reject
malformed timestamps explicitly before reaching the time comparison.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 src/routes/ws.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/routes/ws.ts b/src/routes/ws.ts
index d2ba32a..3113b95 100644
--- a/src/routes/ws.ts
+++ b/src/routes/ws.ts
@@ -284,7 +284,8 @@ function verifyWsToken(token: string, expectedSlab?: string): { isValid: boolean
     
     const [slabAddress, timestampStr, signature] = parts;
     const timestamp = parseInt(timestampStr, 10);
-    
+    if (Number.isNaN(timestamp)) return { isValid: false, slabAddress: null };
+
     // Check timestamp is within last 5 minutes and not in the future (30s clock skew tolerance)
     const now = Date.now();
     if (now - timestamp > 5 * 60 * 1000 || timestamp > now + 30_000) {