lamassu/lamassu-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add migration to clean blacklist table

Browse source 
fix: address reuse and blacklist check
This commit is contained in:
Sérgio Salgado 2021-06-23 18:03:51 +01:00 committed by Josh Harvey
parent f682a77eb5
commit d7519d477e
4 changed files with 23 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lib/blacklist.js
View file

@ -3,11 +3,10 @@ const notifierQueries = require('./notifier/queries')
// Get all blacklist rows from the DB "blacklist" table that were manually inserted by the operator // Get all blacklist rows from the DB "blacklist" table that were manually inserted by the operator
const getBlacklist = () => { const getBlacklist = () => {
return db.any(`SELECT * FROM blacklist WHERE created_by_operator = 't'`).then(res => return db.any(`SELECT * FROM blacklist`).then(res =>
res.map(item => ({ res.map(item => ({
cryptoCode: item.crypto_code, cryptoCode: item.crypto_code,
address: item.address, address: item.address
createdByOperator: item.created_by_operator
})) }))
) )
} }
@ -22,13 +21,13 @@ const deleteFromBlacklist = (cryptoCode, address) => {
const insertIntoBlacklist = (cryptoCode, address) => { const insertIntoBlacklist = (cryptoCode, address) => {
return db return db
.none( .none(
'insert into blacklist(crypto_code, address, created_by_operator) values($1, $2, $3);', 'INSERT INTO blacklist (crypto_code, address) VALUES ($1, $2);',
[cryptoCode, address, true] [cryptoCode, address]
) )
} }
function blocked (address, cryptoCode) { function blocked (address, cryptoCode) {
const sql = `select * from blacklist where address = $1 and crypto_code = $2` const sql = `SELECT * FROM blacklist WHERE address = $1 AND crypto_code = $2`
return db.any(sql, [address, cryptoCode]) return db.any(sql, [address, cryptoCode])
} }
@ -36,7 +35,7 @@ function addToUsedAddresses (address, cryptoCode) {
// ETH reuses addresses // ETH reuses addresses
if (cryptoCode === 'ETH') return Promise.resolve() if (cryptoCode === 'ETH') return Promise.resolve()
const sql = `insert into blacklist(crypto_code, address, created_by_operator) values ($1, $2, 'f')` const sql = `INSERT INTO blacklist (crypto_code, address) VALUES ($1, $2)`
return db.oneOrNone(sql, [cryptoCode, address]) return db.oneOrNone(sql, [cryptoCode, address])
} }

21
lib/cash-in/cash-in-tx.js
View file

@ -34,14 +34,14 @@ function post (machineTx, pi) {
let blacklisted = false let blacklisted = false
let addressReuse = false let addressReuse = false
return Promise.all([settingsLoader.loadLatest(), checkForBlacklisted(updatedTx)]) return Promise.all([settingsLoader.loadLatest(), checkForBlacklisted(updatedTx), getAddresses()])
.then(([{ config }, blacklistItems]) => { .then(([{ config }, blacklistItems, addresses]) => {
const rejectAddressReuseActive = configManager.getCompliance(config).rejectAddressReuse const rejectAddressReuse = configManager.getCompliance(config).rejectAddressReuse
if (_.some(it => it.created_by_operator)(blacklistItems)) { if (_.some(it => it.address === updatedTx.toAddress)(blacklistItems)) {
blacklisted = true blacklisted = true
notifier.notifyIfActive('compliance', 'blacklistNotify', r.tx, false) notifier.notifyIfActive('compliance', 'blacklistNotify', r.tx, false)
} else if (_.some(it => !it.created_by_operator)(blacklistItems) && rejectAddressReuseActive) { } else if (_.some(it => it === updatedTx.toAddress)(addresses) && rejectAddressReuse) {
notifier.notifyIfActive('compliance', 'blacklistNotify', r.tx, true) notifier.notifyIfActive('compliance', 'blacklistNotify', r.tx, true)
addressReuse = true addressReuse = true
} }
@ -133,17 +133,18 @@ function postProcess (r, pi, isBlacklisted, addressReuse) {
} }
}) })
.then(sendRec => { .then(sendRec => {
settingsLoader.loadLatest().then(it => {
blacklist.addToUsedAddresses(r.tx.toAddress, r.tx.cryptoCode)
.catch(err => logger.error('Failure adding to addressReuse', err))
})
pi.notifyOperator(r.tx, sendRec) pi.notifyOperator(r.tx, sendRec)
.catch((err) => logger.error('Failure sending transaction notification', err)) .catch((err) => logger.error('Failure sending transaction notification', err))
return logAction(sendRec, r.tx) return logAction(sendRec, r.tx)
}) })
} }
function getAddresses () {
const sql = `SELECT DISTINCT to_address FROM cash_in_txs`
return db.any(sql).then(res => res.map(it => it.to_address))
}
function monitorPending (settings) { function monitorPending (settings) {
const sql = `select * from cash_in_txs const sql = `select * from cash_in_txs
where created > now() - interval $1 where created > now() - interval $1

2
lib/tx.js
View file

@ -81,4 +81,4 @@ function customerHistory (customerId, thresholdDays) {
return db.any(sql, [customerId, `${days} days`]) return db.any(sql, [customerId, `${days} days`])
} }
module.exports = {post, cancel, customerHistory} module.exports = { post, cancel, customerHistory }

7
migrations/1624214428956-txs-addresses-to-blacklist.js
View file

@ -2,8 +2,11 @@ var db = require('./db')
exports.up = function (next) { exports.up = function (next) {
var sql = [ var sql = [
`INSERT INTO blacklist SELECT DISTINCT crypto_code, to_address, false FROM cash_in_txs ON CONFLICT DO NOTHING`, `ALTER TABLE blacklist DROP CONSTRAINT blacklist_crypto_code_address_created_by_operator_key`,
`INSERT INTO blacklist SELECT DISTINCT crypto_code, to_address, false FROM cash_out_txs ON CONFLICT DO NOTHING` `ALTER TABLE blacklist ADD CONSTRAINT blacklist_crypto_code_address_key UNIQUE (crypto_code, address)`,
`DROP INDEX blacklist_created_by_operator_idx`,
`ALTER TABLE blacklist DROP COLUMN created_by_operator`,
`CREATE INDEX cash_in_txs_to_address_idx ON cash_in_txs(to_address)`
] ]
db.multi(sql, next) db.multi(sql, next)