aboutsummaryrefslogtreecommitdiffstats
path: root/app/scripts/controllers
diff options
context:
space:
mode:
authorDan Finlay <dan@danfinlay.com>2017-12-08 05:13:38 +0800
committerDan Finlay <dan@danfinlay.com>2017-12-08 05:13:40 +0800
commit950ec9596c931055c3e0f2212f2733c9ca07739d (patch)
treeeb10230798a7c515c9b0234225a45da779867d87 /app/scripts/controllers
parent89e640afcbd50307fcdae13f961f4b3cf6164b5b (diff)
downloadtangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar
tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.gz
tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.bz2
tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.lz
tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.xz
tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.zst
tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.zip
Do not allow nonces larger than the next valid nonce
To avoid situations where a user signs a transaction that will become surprisingly valid in the future.
Diffstat (limited to 'app/scripts/controllers')
-rw-r--r--app/scripts/controllers/transactions.js4
1 files changed, 4 insertions, 0 deletions
diff --git a/app/scripts/controllers/transactions.js b/app/scripts/controllers/transactions.js
index bb408d445..6110b9c75 100644
--- a/app/scripts/controllers/transactions.js
+++ b/app/scripts/controllers/transactions.js
@@ -209,6 +209,10 @@ module.exports = class TransactionController extends EventEmitter {
nonceLock = await this.nonceTracker.getNonceLock(fromAddress)
// add nonce to txParams
const nonce = txMeta.nonceSpecified ? txMeta.txParams.nonce : nonceLock.nextNonce
+ if (nonce > nonceLock.nextNonce) {
+ const message = `Specified nonce may not be larger than account's next valid nonce.`
+ throw new Error(message)
+ }
txMeta.txParams.nonce = ethUtil.addHexPrefix(nonce.toString(16))
// add nonce debugging information to txMeta
txMeta.nonceDetails = nonceLock.nonceDetails