phishing 0.19.1

Author: github-actions[bot]

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 ## master
 
+- phishing 0.19.1
 - api, api-{augment, base, contract, derive}, rpc-{augment, core, provider}, types, types-{augment, codec, create, known} 9.13.1
 - hw-{ledger, ledger-transports}, keyring, networks, util, util-crypto, x-{bigint, fetch, global, randomvalues, textdecoder, textencoder, ws} 10.3.1
 

phishing/README.md

@@ -3,7 +3,7 @@
 To check for sites that are on the list -
 
 ```js
-import { checkIfDenied } from 'https://deno.land/x/polkadot@0.2.23/phishing/mod.ts';
+import { checkIfDenied } from 'https://deno.land/x/polkadot/phishing/mod.ts';
 
 const isOnDeny = await checkIfDenied(window.location.host);
 
@@ -13,7 +13,7 @@ console.log(`isOnDeny=${isOnDeny}`);
 To check for addresses that are on the list -
 
 ```js
-import { checkAddress } from 'https://deno.land/x/polkadot@0.2.23/phishing/mod.ts';
+import { checkAddress } from 'https://deno.land/x/polkadot/phishing/mod.ts';
 
 const info = await checkAddress('1b....');
 

phishing/bundle.ts

@@ -3,105 +3,145 @@
 
 import type { AddressList, HostList } from './types.ts';
 
-import { u8aEq } from 'https://deno.land/x/polkadot@0.2.23/util/mod.ts';
-import { decodeAddress } from 'https://deno.land/x/polkadot@0.2.23/util-crypto/mod.ts';
+import { u8aEq } from 'https://deno.land/x/polkadot/util/mod.ts';
+import { decodeAddress } from 'https://deno.land/x/polkadot/util-crypto/mod.ts';
 
 import { fetchJson } from './fetch.ts';
 
 export { packageInfo } from './packageInfo.ts';
 
+interface Cache<T> {
+  end: number;
+  list: T;
+}
+
+interface CacheAddrList extends Cache<AddressList> {
+  u8a: [string, Uint8Array[]][];
+}
+
+interface CacheHostList extends Cache<HostList> {
+  parts: string[][];
+}
+
 // Equivalent to https://raw.githubusercontent.com/polkadot-js/phishing/master/{address,all}.json
-const ADDRESS_JSON = 'https://polkadot.js.org/phishing/address.json';
-const ALL_JSON = 'https://polkadot.js.org/phishing/all.json';
+const PHISHING = 'https://polkadot.js.org/phishing';
+const ADDRESS_JSON = `${PHISHING}/address.json`;
 // 45 minutes cache refresh
 const CACHE_TIMEOUT = 45 * 60 * 1000;
 
-let cacheAddrEnd = 0;
-let cacheAddrList: AddressList | null = null;
-let cacheAddrU8a: [string, Uint8Array[]][] | null = null;
-let cacheHostEnd = 0;
-let cacheHostList: HostList | null = null;
-
-// gets the host-only part for a host
-function extractHost (path: string): string {
-  return path
-    .replace(/https:\/\/|http:\/\/|wss:\/\/|ws:\/\//, '')
-    .split('/')[0];
+const cacheAddr: CacheAddrList = {
+  end: 0,
+  list: {},
+  u8a: []
+};
+const cacheHost: Record<string, CacheHostList> = {};
+
+function splitHostParts (host: string): string[] {
+  return host
+    // split domain
+    .split('.')
+    // reverse order
+    .reverse();
 }
 
-// logs an error in a consistent format
-function log (error: unknown, check: string): void {
-  console.warn(`Error checking ${check}, assuming non-phishing`, (error as Error).message);
+function extractHostParts (host: string): string[] {
+  return splitHostParts(
+    host
+      // remove protocol
+      .replace(/https:\/\/|http:\/\/|wss:\/\/|ws:\/\//, '')
+      // get the domain-only part
+      .split('/')[0]
+  );
 }
 
-/**
- * Retrieve a list of known phishing addresses
- */
-export async function retrieveAddrList (allowCached = true): Promise<AddressList> {
+async function retrieveAddrCache (allowCached = true): Promise<CacheAddrList> {
   const now = Date.now();
 
-  return (allowCached && cacheAddrList && (now < cacheAddrEnd))
-    ? cacheAddrList
-    : fetchJson<AddressList>(ADDRESS_JSON).then((list) => {
-      cacheAddrEnd = now + CACHE_TIMEOUT;
-      cacheAddrList = list;
+  if (allowCached && (now < cacheAddr.end)) {
+    return cacheAddr;
+  }
+
+  const list = await fetchJson<AddressList>(ADDRESS_JSON);
+
+  cacheAddr.end = now + CACHE_TIMEOUT;
+  cacheAddr.list = list;
+  cacheAddr.u8a = Object.entries(list).map(([key, addresses]): [string, Uint8Array[]] =>
+    [key, addresses.map((a) => decodeAddress(a))]
+  );
+
+  return cacheAddr;
+}
+
+async function retrieveHostCache (allowCached = true, root = '*'): Promise<CacheHostList> {
+  const now = Date.now();
+
+  if (allowCached && cacheHost[root] && (now < cacheHost[root].end)) {
+    return cacheHost[root];
+  }
+
+  let list: HostList;
+
+  try {
+    list = root === '*'
+      ? await fetchJson<HostList>(`${PHISHING}/all.json`)
+      : {
+        allow: [],
+        deny: await fetchJson<string[]>(`${PHISHING}/all/${root}/all.json`)
+      };
+  } catch {
+    list = { allow: [], deny: [] };
+  }
+
+  cacheHost[root] = {
+    end: now + CACHE_TIMEOUT,
+    list,
+    parts: list.deny.map((h) => splitHostParts(h))
+  };
 
-      return list;
-    });
+  return cacheHost[root];
+}
+
+function checkHostParts (items: CacheHostList['parts'], hostParts: string[]): boolean {
+  return items.some((parts) =>
+    // out list entry needs to have the same (or less) parts
+    (parts.length <= hostParts.length) &&
+    // ensure each section matches
+    parts.every((part, index) => hostParts[index] === part)
+  );
 }
 
 /**
- * Retrieve a list of known phishing addresses in raw Uint8Array format
+ * Retrieve a list of known phishing addresses
+ *
+ * @deprecated While not due for removal, it is suggested to rather use the
+ * checkAddress function (which is more optimal overall)
  */
-async function retrieveAddrU8a (allowCached = true): Promise<[string, Uint8Array[]][]> {
-  const now = Date.now();
+export async function retrieveAddrList (allowCached = true): Promise<AddressList> {
+  const cache = await retrieveAddrCache(allowCached);
 
-  return (allowCached && cacheAddrU8a && (now < cacheAddrEnd))
-    ? cacheAddrU8a
-    : retrieveAddrList(allowCached).then((all) => {
-      cacheAddrU8a = Object
-        .entries(all)
-        .map(([key, addresses]): [string, Uint8Array[]] =>
-          [key, addresses.map((a) => decodeAddress(a))]
-        );
-
-      return cacheAddrU8a;
-    });
+  return cache.list;
 }
 
 /**
  * Retrieve allow/deny from our list provider
+ *
+ * @deprecated While not due for removal, it is suggested to rather use the
+ * checkIfDenied function (which is more optimal overall)
  */
-export async function retrieveHostList (allowCached = true): Promise<HostList> {
-  const now = Date.now();
-
-  return (allowCached && cacheHostList && (now < cacheHostEnd))
-    ? cacheHostList
-    : fetchJson<HostList>(ALL_JSON).then((list) => {
-      cacheHostEnd = now + CACHE_TIMEOUT;
-      cacheHostList = list;
+export async function retrieveHostList (allowCached = true, root = '*'): Promise<HostList> {
+  const cache = await retrieveHostCache(allowCached, root);
 
-      return list;
-    });
+  return cache.list;
 }
 
 /**
  * Checks a host to see if it appears in the provided list
+ *
+ * @deprecated While not due for removal, it is suggested to rather use the
+ * checkIfDenied function (which is more optimal overall)
  */
-export function checkHost (items: string[], host: string): boolean {
-  const hostParts = extractHost(host).split('.').reverse();
-
-  return items.some((item): boolean => {
-    const checkParts = item.split('.').reverse();
-
-    // first we need to ensure it has less or equal parts to our source
-    if (checkParts.length > hostParts.length) {
-      return false;
-    }
-
-    // ensure each section matches
-    return checkParts.every((part, index) => hostParts[index] === part);
-  });
+export function checkHost (list: string[], host: string): boolean {
+  return checkHostParts(list.map((h) => splitHostParts(h)), extractHostParts(host));
 }
 
 /**
@@ -111,13 +151,13 @@ export function checkHost (items: string[], host: string): boolean {
 export async function checkAddress (address: string | Uint8Array, allowCached = true): Promise<string | null> {
   try {
     const u8a = decodeAddress(address);
-    const all = await retrieveAddrU8a(allowCached);
-    const entry = all.find(([, all]) => all.some((a) => u8aEq(a, u8a))) || [null];
-
-    return entry[0];
-  } catch (error) {
-    log(error, 'address');
+    const cache = await retrieveAddrCache(allowCached);
+    const entry = cache.u8a.find(([, u8as]) =>
+      u8as.some((a) => u8aEq(a, u8a))
+    );
 
+    return (entry && entry[0]) || null;
+  } catch {
     return null;
   }
 }
@@ -128,12 +168,11 @@ export async function checkAddress (address: string | Uint8Array, allowCached =
  */
 export async function checkIfDenied (host: string, allowCached = true): Promise<boolean> {
   try {
-    const { deny } = await retrieveHostList(allowCached);
-
-    return checkHost(deny, host);
-  } catch (error) {
-    log(error, host);
+    const hostParts = extractHostParts(host);
+    const cache = await retrieveHostCache(allowCached, hostParts[0]);
 
+    return checkHostParts(cache.parts, hostParts);
+  } catch {
     return false;
   }
 }

phishing/detectPackage.ts

@@ -3,7 +3,7 @@
 
 // Do not edit, auto-generated by @polkadot/dev
 
-import { detectPackage } from 'https://deno.land/x/polkadot@0.2.23/util/mod.ts';
+import { detectPackage } from 'https://deno.land/x/polkadot/util/mod.ts';
 
 import others from './detectOther.ts';
 import { packageInfo } from './packageInfo.ts';

phishing/fetch.ts

@@ -1,7 +1,7 @@
 // Copyright 2020-2023 @polkadot/phishing authors & contributors
 // SPDX-License-Identifier: Apache-2.0
 
-import { fetch } from 'https://deno.land/x/polkadot@0.2.23/x-fetch/mod.ts';
+import { fetch } from 'https://deno.land/x/polkadot/x-fetch/mod.ts';
 
 // this is also in @polkadot/apps-config - we may want to expose it
 // inside x-fetch at some point in the future...

phishing/packageInfo.ts

@@ -3,4 +3,4 @@
 
 // Do not edit, auto-generated by @polkadot/dev
 
-export const packageInfo = { name: '@polkadot/phishing', path: new URL(import.meta.url).pathname, type: 'deno', version: '0.2.23' };
+export const packageInfo = { name: '@polkadot/phishing', path: new URL(import.meta.url).pathname, type: 'deno', version: '0.19.1' };