feat: add migration to clean blacklist table

fix: address reuse and blacklist check
2021-06-23 18:03:51 +01:00 · 2021-06-23 18:03:51 +01:00 · d7519d477e
commit d7519d477e
parent f682a77eb5
4 changed files with 23 additions and 20 deletions
--- a/lib/blacklist.js
+++ b/lib/blacklist.js
@ -3,11 +3,10 @@ const notifierQueries = require('./notifier/queries')

 // Get all blacklist rows from the DB "blacklist" table that were manually inserted by the operator
 const getBlacklist = () => {
-  return db.any(`SELECT * FROM blacklist WHERE created_by_operator = 't'`).then(res =>
+  return db.any(`SELECT * FROM blacklist`).then(res =>
    res.map(item => ({
      cryptoCode: item.crypto_code,
-      address: item.address,
-      createdByOperator: item.created_by_operator
+      address: item.address
    }))
  )
 }
@ -22,13 +21,13 @@ const deleteFromBlacklist = (cryptoCode, address) => {
 const insertIntoBlacklist = (cryptoCode, address) => {
  return db
    .none(
-      'insert into blacklist(crypto_code, address, created_by_operator) values($1, $2, $3);',
-      [cryptoCode, address, true]
+      'INSERT INTO blacklist (crypto_code, address) VALUES ($1, $2);',
+      [cryptoCode, address]
    )
 }

 function blocked (address, cryptoCode) {
-  const sql = `select * from blacklist where address = $1 and crypto_code = $2`
+  const sql = `SELECT * FROM blacklist WHERE address = $1 AND crypto_code = $2`
  return db.any(sql, [address, cryptoCode])
 }

@ -36,7 +35,7 @@ function addToUsedAddresses (address, cryptoCode) {
  // ETH reuses addresses
  if (cryptoCode === 'ETH') return Promise.resolve()

-  const sql = `insert into blacklist(crypto_code, address, created_by_operator) values ($1, $2, 'f')`
+  const sql = `INSERT INTO blacklist (crypto_code, address) VALUES ($1, $2)`
  return db.oneOrNone(sql, [cryptoCode, address])
 }

--- a/lib/cash-in/cash-in-tx.js
+++ b/lib/cash-in/cash-in-tx.js
@ -34,14 +34,14 @@ function post (machineTx, pi) {
      let blacklisted = false
      let addressReuse = false

-      return Promise.all([settingsLoader.loadLatest(), checkForBlacklisted(updatedTx)])
-        .then(([{ config }, blacklistItems]) => {
-          const rejectAddressReuseActive = configManager.getCompliance(config).rejectAddressReuse
+      return Promise.all([settingsLoader.loadLatest(), checkForBlacklisted(updatedTx), getAddresses()])
+        .then(([{ config }, blacklistItems, addresses]) => {
+          const rejectAddressReuse = configManager.getCompliance(config).rejectAddressReuse

-          if (_.some(it => it.created_by_operator)(blacklistItems)) {
+          if (_.some(it => it.address === updatedTx.toAddress)(blacklistItems)) {
            blacklisted = true
            notifier.notifyIfActive('compliance', 'blacklistNotify', r.tx, false)
-          } else if (_.some(it => !it.created_by_operator)(blacklistItems) && rejectAddressReuseActive) {
+          } else if (_.some(it => it === updatedTx.toAddress)(addresses) && rejectAddressReuse) {
            notifier.notifyIfActive('compliance', 'blacklistNotify', r.tx, true)
            addressReuse = true
          }
@ -133,17 +133,18 @@ function postProcess (r, pi, isBlacklisted, addressReuse) {
      }
    })
    .then(sendRec => {
-      settingsLoader.loadLatest().then(it => {
-        blacklist.addToUsedAddresses(r.tx.toAddress, r.tx.cryptoCode)
-          .catch(err => logger.error('Failure adding to addressReuse', err))
-      })
-
      pi.notifyOperator(r.tx, sendRec)
        .catch((err) => logger.error('Failure sending transaction notification', err))
      return logAction(sendRec, r.tx)
    })
 }

+function getAddresses () {
+  const sql = `SELECT DISTINCT to_address FROM cash_in_txs`
+
+  return db.any(sql).then(res => res.map(it => it.to_address))
+}
+
 function monitorPending (settings) {
  const sql = `select * from cash_in_txs
  where created > now() - interval $1
--- a/migrations/1624214428956-txs-addresses-to-blacklist.js
+++ b/migrations/1624214428956-txs-addresses-to-blacklist.js
@ -2,8 +2,11 @@ var db = require('./db')

 exports.up = function (next) {
  var sql = [
-    `INSERT INTO blacklist SELECT DISTINCT crypto_code, to_address, false FROM cash_in_txs ON CONFLICT DO NOTHING`,
-    `INSERT INTO blacklist SELECT DISTINCT crypto_code, to_address, false FROM cash_out_txs ON CONFLICT DO NOTHING`
+    `ALTER TABLE blacklist DROP CONSTRAINT blacklist_crypto_code_address_created_by_operator_key`,
+    `ALTER TABLE blacklist ADD CONSTRAINT blacklist_crypto_code_address_key UNIQUE (crypto_code, address)`,
+    `DROP INDEX blacklist_created_by_operator_idx`,
+    `ALTER TABLE blacklist DROP COLUMN created_by_operator`,
+    `CREATE INDEX cash_in_txs_to_address_idx ON cash_in_txs(to_address)`
  ]

  db.multi(sql, next)