aboutsummaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
authorbitpshr <mail@bitpshr.net>2019-05-07 00:12:52 +0800
committerbitpshr <mail@bitpshr.net>2019-05-09 05:56:52 +0800
commit77d3bc252d5c4d223e9de3c6700750d1895bb257 (patch)
tree65721e69275db7cd28979aafb58bc38e74215e10 /app
parent094e4cf555c698bfef50ca6679cd1e98f4ea9aa1 (diff)
downloadtangerine-wallet-browser-77d3bc252d5c4d223e9de3c6700750d1895bb257.tar
tangerine-wallet-browser-77d3bc252d5c4d223e9de3c6700750d1895bb257.tar.gz
tangerine-wallet-browser-77d3bc252d5c4d223e9de3c6700750d1895bb257.tar.bz2
tangerine-wallet-browser-77d3bc252d5c4d223e9de3c6700750d1895bb257.tar.lz
tangerine-wallet-browser-77d3bc252d5c4d223e9de3c6700750d1895bb257.tar.xz
tangerine-wallet-browser-77d3bc252d5c4d223e9de3c6700750d1895bb257.tar.zst
tangerine-wallet-browser-77d3bc252d5c4d223e9de3c6700750d1895bb257.zip
feature: integrate gaba/PhishingController
Diffstat (limited to 'app')
-rw-r--r--app/scripts/controllers/blacklist.js136
-rw-r--r--app/scripts/metamask-controller.js15
2 files changed, 8 insertions, 143 deletions
diff --git a/app/scripts/controllers/blacklist.js b/app/scripts/controllers/blacklist.js
deleted file mode 100644
index e55b09d03..000000000
--- a/app/scripts/controllers/blacklist.js
+++ /dev/null
@@ -1,136 +0,0 @@
-const ObservableStore = require('obs-store')
-const extend = require('xtend')
-const PhishingDetector = require('eth-phishing-detect/src/detector')
-const log = require('loglevel')
-
-// compute phishing lists
-const PHISHING_DETECTION_CONFIG = require('eth-phishing-detect/src/config.json')
-// every four minutes
-const POLLING_INTERVAL = 4 * 60 * 1000
-
-class BlacklistController {
-
- /**
- * Responsible for polling for and storing an up to date 'eth-phishing-detect' config.json file, while
- * exposing a method that can check whether a given url is a phishing attempt. The 'eth-phishing-detect'
- * config.json file contains a fuzzylist, whitelist and blacklist.
- *
- *
- * @typedef {Object} BlacklistController
- * @param {object} opts Overrides the defaults for the initial state of this.store
- * @property {object} store The the store of the current phishing config
- * @property {object} store.phishing Contains fuzzylist, whitelist and blacklist arrays. @see
- * {@link https://github.com/MetaMask/eth-phishing-detect/blob/master/src/config.json}
- * @property {object} _phishingDetector The PhishingDetector instantiated by passing store.phishing to
- * PhishingDetector.
- * @property {object} _phishingUpdateIntervalRef Id of the interval created to periodically update the blacklist
- *
- */
- constructor (opts = {}) {
- const initState = extend({
- phishing: PHISHING_DETECTION_CONFIG,
- whitelist: [],
- }, opts.initState)
- this.store = new ObservableStore(initState)
- // phishing detector
- this._phishingDetector = null
- this._setupPhishingDetector(initState.phishing)
- // polling references
- this._phishingUpdateIntervalRef = null
- }
-
- /**
- * Adds the given hostname to the runtime whitelist
- * @param {string} hostname the hostname to whitelist
- */
- whitelistDomain (hostname) {
- if (!hostname) {
- return
- }
-
- const { whitelist } = this.store.getState()
- this.store.updateState({
- whitelist: [...new Set([hostname, ...whitelist])],
- })
- }
-
- /**
- * Given a url, returns the result of checking if that url is in the store.phishing blacklist
- *
- * @param {string} hostname The hostname portion of a url; the one that will be checked against the white and
- * blacklists of store.phishing
- * @returns {boolean} Whether or not the passed hostname is on our phishing blacklist
- *
- */
- checkForPhishing (hostname) {
- if (!hostname) return false
-
- const { whitelist } = this.store.getState()
- if (whitelist.some((e) => e === hostname)) {
- return false
- }
-
- const { result } = this._phishingDetector.check(hostname)
- return result
- }
-
- /**
- * Queries `https://api.infura.io/v2/blacklist` for an updated blacklist config. This is passed to this._phishingDetector
- * to update our phishing detector instance, and is updated in the store. The new phishing config is returned
- *
- *
- * @returns {Promise<object>} Promises the updated blacklist config for the phishingDetector
- *
- */
- async updatePhishingList () {
- // make request
- let response
- try {
- response = await fetch('https://api.infura.io/v2/blacklist')
- } catch (err) {
- log.error(new Error(`BlacklistController - failed to fetch blacklist:\n${err.stack}`))
- return
- }
- // parse response
- let rawResponse
- let phishing
- try {
- const rawResponse = await response.text()
- phishing = JSON.parse(rawResponse)
- } catch (err) {
- log.error(new Error(`BlacklistController - failed to parse blacklist:\n${rawResponse}`))
- return
- }
- // update current blacklist
- this.store.updateState({ phishing })
- this._setupPhishingDetector(phishing)
- return phishing
- }
-
- /**
- * Initiates the updating of the local blacklist at a set interval. The update is done via this.updatePhishingList().
- * Also, this method store a reference to that interval at this._phishingUpdateIntervalRef
- *
- */
- scheduleUpdates () {
- if (this._phishingUpdateIntervalRef) return
- this.updatePhishingList()
- this._phishingUpdateIntervalRef = setInterval(() => {
- this.updatePhishingList()
- }, POLLING_INTERVAL)
- }
-
- /**
- * Sets this._phishingDetector to a new PhishingDetector instance.
- * @see {@link https://github.com/MetaMask/eth-phishing-detect}
- *
- * @private
- * @param {object} config A config object like that found at {@link https://github.com/MetaMask/eth-phishing-detect/blob/master/src/config.json}
- *
- */
- _setupPhishingDetector (config) {
- this._phishingDetector = new PhishingDetector(config)
- }
-}
-
-module.exports = BlacklistController
diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js
index b190dd452..447d8b626 100644
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@@ -28,7 +28,6 @@ const PreferencesController = require('./controllers/preferences')
const CurrencyController = require('./controllers/currency')
const ShapeShiftController = require('./controllers/shapeshift')
const InfuraController = require('./controllers/infura')
-const BlacklistController = require('./controllers/blacklist')
const CachedBalancesController = require('./controllers/cached-balances')
const RecentBlocksController = require('./controllers/recent-blocks')
const MessageManager = require('./lib/message-manager')
@@ -55,7 +54,10 @@ const HW_WALLETS_KEYRINGS = [TrezorKeyring.type, LedgerBridgeKeyring.type]
const EthQuery = require('eth-query')
const ethUtil = require('ethereumjs-util')
const sigUtil = require('eth-sig-util')
-const { AddressBookController } = require('gaba')
+const {
+ AddressBookController,
+ PhishingController,
+} = require('gaba')
const backEndMetaMetricsEvent = require('./lib/backend-metametrics')
@@ -112,8 +114,7 @@ module.exports = class MetamaskController extends EventEmitter {
})
this.infuraController.scheduleInfuraNetworkCheck()
- this.blacklistController = new BlacklistController()
- this.blacklistController.scheduleUpdates()
+ this.phishingController = new PhishingController()
// rpc provider
this.initializeProvider()
@@ -1301,7 +1302,7 @@ module.exports = class MetamaskController extends EventEmitter {
*/
setupUntrustedCommunication (connectionStream, originDomain) {
// Check if new connection is blacklisted
- if (this.blacklistController.checkForPhishing(originDomain)) {
+ if (this.phishingController.test(originDomain)) {
log.debug('MetaMask - sending phishing warning for', originDomain)
this.sendPhishingWarning(connectionStream, originDomain)
return
@@ -1781,11 +1782,11 @@ module.exports = class MetamaskController extends EventEmitter {
*/
/**
- * Adds a domain to the {@link BlacklistController} whitelist
+ * Adds a domain to the PhishingController whitelist
* @param {string} hostname the domain to whitelist
*/
whitelistPhishingDomain (hostname) {
- return this.blacklistController.whitelistDomain(hostname)
+ return this.phishingController.bypass(hostname)
}
/**