diff options
author | Dan Finlay <dan@danfinlay.com> | 2017-12-08 05:13:38 +0800 |
---|---|---|
committer | Dan Finlay <dan@danfinlay.com> | 2017-12-08 05:13:40 +0800 |
commit | 950ec9596c931055c3e0f2212f2733c9ca07739d (patch) | |
tree | eb10230798a7c515c9b0234225a45da779867d87 /app/scripts | |
parent | 89e640afcbd50307fcdae13f961f4b3cf6164b5b (diff) | |
download | tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.gz tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.bz2 tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.lz tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.xz tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.tar.zst tangerine-wallet-browser-950ec9596c931055c3e0f2212f2733c9ca07739d.zip |
Do not allow nonces larger than the next valid nonce
To avoid situations where a user signs a transaction that will become
surprisingly valid in the future.
Diffstat (limited to 'app/scripts')
-rw-r--r-- | app/scripts/controllers/transactions.js | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/app/scripts/controllers/transactions.js b/app/scripts/controllers/transactions.js index bb408d445..6110b9c75 100644 --- a/app/scripts/controllers/transactions.js +++ b/app/scripts/controllers/transactions.js @@ -209,6 +209,10 @@ module.exports = class TransactionController extends EventEmitter { nonceLock = await this.nonceTracker.getNonceLock(fromAddress) // add nonce to txParams const nonce = txMeta.nonceSpecified ? txMeta.txParams.nonce : nonceLock.nextNonce + if (nonce > nonceLock.nextNonce) { + const message = `Specified nonce may not be larger than account's next valid nonce.` + throw new Error(message) + } txMeta.txParams.nonce = ethUtil.addHexPrefix(nonce.toString(16)) // add nonce debugging information to txMeta txMeta.nonceDetails = nonceLock.nonceDetails |