Mirror/robosats
1
0
Fork 0
mirror of https://github.com/RoboSats/robosats.git synced 2025-01-31 02:21:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix signature verification error due to clock mismatch. Fix amount limits rounding.

Browse Source
This commit is contained in:
Reckless_Satoshi 2022-06-04 18:10:13 -07:00
parent f20a7d5636
commit 7c050b560a
No known key found for this signature in database
GPG Key ID: 9C4585B561315571
7 changed files with 26 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
chat/consumers.py
View File

@ -244,8 +244,6 @@ class ChatRoomConsumer(AsyncWebsocketConsumer):
nick = event["nick"] nick = event["nick"]
peer_connected = event["peer_connected"] peer_connected = event["peer_connected"]
print(message)
await self.send(text_data=json.dumps({ await self.send(text_data=json.dumps({
"message": message, "message": message,
"user_nick": nick, "user_nick": nick,

4
frontend/src/components/EncryptedChat.js
View File

@ -208,9 +208,9 @@ class Chat extends Component {
} }
style={{backgroundColor: props.cardColor}} style={{backgroundColor: props.cardColor}}
title={ title={
<Tooltip placement="top" enterTouchDelay={0} enterDelay={500} enterNextDelay={2000} title={t(props.message.validSignature ? "Verified signature by {{nickname}}": "Invalid signature! Not sent by {{nickname}}",{"nickname": props.message.userNick})}> <Tooltip placement="top" enterTouchDelay={0} enterDelay={500} enterNextDelay={2000} title={t(props.message.validSignature ? "Verified signature by {{nickname}}": "Cannot verify signature of {{nickname}}",{"nickname": props.message.userNick})}>
<div style={{display:'flex',alignItems:'center', flexWrap:'wrap', position:'relative',left:-5, width:240}}> <div style={{display:'flex',alignItems:'center', flexWrap:'wrap', position:'relative',left:-5, width:240}}>
<div style={{width:173,display:'flex',alignItems:'center', flexWrap:'wrap'}}> <div style={{width:168,display:'flex',alignItems:'center', flexWrap:'wrap'}}>
{props.message.userNick} {props.message.userNick}
{props.message.validSignature ? {props.message.validSignature ?
<CheckIcon sx={{height:16}} color="success"/> <CheckIcon sx={{height:16}} color="success"/>

15
frontend/src/components/MakerPage.js
View File

@ -86,6 +86,13 @@ class MakerPage extends Component {
})); }));
} }
recalcBounds = () =>{
this.setState({
minAmount: this.state.amount ? parseFloat((this.state.amount/2).toPrecision(2)) : parseFloat(Number(this.state.limits[this.state.currency]['max_amount']*0.25).toPrecision(2)),
maxAmount: this.state.amount ? this.state.amount : parseFloat(Number(this.state.limits[this.state.currency]['max_amount']*0.75).toPrecision(2)),
});
}
a11yProps(index) { a11yProps(index) {
return { return {
id: `simple-tab-${index}`, id: `simple-tab-${index}`,
@ -321,9 +328,9 @@ class MakerPage extends Component {
<TextField <TextField
disabled = {this.state.enableAmountRange} disabled = {this.state.enableAmountRange}
variant = {this.state.enableAmountRange ? 'filled' : 'outlined'} variant = {this.state.enableAmountRange ? 'filled' : 'outlined'}
error={(this.state.amount <= this.getMinAmount() || this.state.amount >= this.getMaxAmount()) & this.state.amount != "" ? true : false} error={(this.state.amount < this.getMinAmount() || this.state.amount > this.getMaxAmount()) & this.state.amount != "" ? true : false}
helperText={this.state.amount <= this.getMinAmount() & this.state.amount != "" ? t("Too low") helperText={this.state.amount < this.getMinAmount() & this.state.amount != "" ? t("Must be more than {{minAmount}}",{minAmount:this.getMinAmount()})
: (this.state.amount >= this.getMaxAmount() & this.state.amount != "" ? t("Too high") : null)} : (this.state.amount > this.getMaxAmount() & this.state.amount != "" ? t("Must be less than {{maxAmount}}",{maxAmount:this.getMaxAmount()}) : null)}
label={t("Amount")} label={t("Amount")}
type="number" type="number"
required={true} required={true}
@ -546,7 +553,7 @@ class MakerPage extends Component {
<FormControl align="center"> <FormControl align="center">
<Tooltip enterTouchDelay={0} placement="top" align="center" title={t("Let the taker chose an amount within the range")}> <Tooltip enterTouchDelay={0} placement="top" align="center" title={t("Let the taker chose an amount within the range")}>
<FormHelperText align="center" style={{display:'flex',alignItems:'center', flexWrap:'wrap'}}> <FormHelperText align="center" style={{display:'flex',alignItems:'center', flexWrap:'wrap'}}>
<Checkbox onChange={(e)=>this.setState({enableAmountRange:e.target.checked, is_explicit: false})}/> <Checkbox onChange={(e)=>this.setState({enableAmountRange:e.target.checked, is_explicit: false}) & this.recalcBounds()}/>
{this.state.enableAmountRange & this.state.minAmount != null? this.rangeText() : t("Enable Amount Range")} {this.state.enableAmountRange & this.state.minAmount != null? this.rangeText() : t("Enable Amount Range")}
</FormHelperText> </FormHelperText>
</Tooltip> </Tooltip>

3
frontend/src/components/TradeBox.js
View File

@ -132,8 +132,9 @@ class TradeBox extends Component {
<DialogContentText id="alert-dialog-description"> <DialogContentText id="alert-dialog-description">
{t("The RoboSats staff will examine the statements and evidence provided. You need to build a complete case, as the staff cannot read the chat. It is best to provide a burner contact method with your statement. The satoshis in the trade escrow will be sent to the dispute winner, while the dispute loser will lose the bond.")} {t("The RoboSats staff will examine the statements and evidence provided. You need to build a complete case, as the staff cannot read the chat. It is best to provide a burner contact method with your statement. The satoshis in the trade escrow will be sent to the dispute winner, while the dispute loser will lose the bond.")}
</DialogContentText> </DialogContentText>
<br/>
<DialogContentText id="alert-dialog-description"> <DialogContentText id="alert-dialog-description">
{t("Make sure to EXPORT the chat log using the button. Staff might request your chat log in order to solve discrepancies. It is your responsibility to store it.")} {t("Make sure to EXPORT the chat log. The staff might request your exported chat log JSON in order to solve discrepancies. It is your responsibility to store it.")}
</DialogContentText> </DialogContentText>
</DialogContent> </DialogContent>
<DialogActions> <DialogActions>

5
frontend/src/locales/en.json
View File

@ -179,7 +179,7 @@
"Your last order #{{orderID}}":"Your last order #{{orderID}}", "Your last order #{{orderID}}":"Your last order #{{orderID}}",
"Inactive order":"Inactive order", "Inactive order":"Inactive order",
"You do not have previous orders":"You do not have previous orders", "You do not have previous orders":"You do not have previous orders",
"Join RoboSat's Subreddit":"Join RoboSat's Subreddit", "Join RoboSats' Subreddit":"Join RoboSats' Subreddit",
"RoboSats in Reddit":"RoboSats in Reddit", "RoboSats in Reddit":"RoboSats in Reddit",
"ORDER PAGE - OrderPage.js": "Order details page", "ORDER PAGE - OrderPage.js": "Order details page",
@ -280,6 +280,8 @@
"Keys":"Keys", "Keys":"Keys",
"Save messages as a JSON file":"Save messages as a JSON file", "Save messages as a JSON file":"Save messages as a JSON file",
"Messages":"Messages", "Messages":"Messages",
"Verified signature by {{nickname}}":"Verified signature by {{nickname}}",
"Cannot verify signature of {{nickname}}":"Cannot verify signature of {{nickname}}",
"CONTRACT BOX - TradeBox.js": "The Contract Box that guides users trough the whole trade pipeline", "CONTRACT BOX - TradeBox.js": "The Contract Box that guides users trough the whole trade pipeline",
@ -387,6 +389,7 @@
"The invoice provided has no explicit amount":"The invoice provided has no explicit amount", "The invoice provided has no explicit amount":"The invoice provided has no explicit amount",
"Does not look like a valid lightning invoice":"Does not look like a valid lightning invoice", "Does not look like a valid lightning invoice":"Does not look like a valid lightning invoice",
"The invoice provided has already expired":"The invoice provided has already expired", "The invoice provided has already expired":"The invoice provided has already expired",
"Make sure to EXPORT the chat log. The staff might request your exported chat log JSON in order to solve discrepancies. It is your responsibility to store it.":"Make sure to EXPORT the chat log. The staff might request your exported chat log JSON in order to solve discrepancies. It is your responsibility to store it.",
"INFO DIALOG - InfoDiagog.js":"App information and clarifications and terms of use", "INFO DIALOG - InfoDiagog.js":"App information and clarifications and terms of use",

2
frontend/src/locales/es.json
View File

@ -280,6 +280,8 @@
"Keys":"Llaves", "Keys":"Llaves",
"Save messages as a JSON file":"Guardar mensajes como archivo JSON", "Save messages as a JSON file":"Guardar mensajes como archivo JSON",
"Messages":"Mensajes", "Messages":"Mensajes",
"Verified signature by {{nickname}}":"Firma de {{nickname}} verificada",
"Cannot verify signature of {{nickname}}":"No se pudo verificar la firma de {{nickname}}",
"CONTRACT BOX - TradeBox.js": "The Contract Box that guides users trough the whole trade pipeline", "CONTRACT BOX - TradeBox.js": "The Contract Box that guides users trough the whole trade pipeline",
"Contract Box": "Contrato", "Contract Box": "Contrato",

8
frontend/src/utils/pgp.js
View File

@ -12,7 +12,7 @@ import { sha256 } from 'js-sha256';
// Generate KeyPair. Private Key is encrypted with the highEntropyToken // Generate KeyPair. Private Key is encrypted with the highEntropyToken
export async function genKey(highEntropyToken) { export async function genKey(highEntropyToken) {
var d = new Date(); const d = new Date();
const keyPair = await generateKey({ const keyPair = await generateKey({
type: 'ecc', // Type of the key, defaults to ECC type: 'ecc', // Type of the key, defaults to ECC
curve: 'curve25519', // ECC curve name, defaults to curve25519 curve: 'curve25519', // ECC curve name, defaults to curve25519
@ -35,10 +35,12 @@ export async function encryptMessage(plaintextMessage, ownPublicKeyArmored, peer
passphrase passphrase
}); });
const d = new Date();
const encryptedMessage = await encrypt({ const encryptedMessage = await encrypt({
message: await createMessage({ text: plaintextMessage }), // input as Message object, message must be string message: await createMessage({ text: plaintextMessage }), // input as Message object, message must be string
encryptionKeys: [ ownPublicKey, peerPublicKey ], encryptionKeys: [ ownPublicKey, peerPublicKey ],
signingKeys: privateKey // optional signingKeys: privateKey, // optional
date: d.setDate(d.getDate()-1) // One day of offset, avoids verification issue due to clock mismatch
}); });
return encryptedMessage; // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----' return encryptedMessage; // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
@ -61,7 +63,7 @@ export async function decryptMessage(encryptedMessage, publicKeyArmored, private
verificationKeys: publicKey, // optional verificationKeys: publicKey, // optional
decryptionKeys: privateKey decryptionKeys: privateKey
}); });
// check signature validity (signed messages only) // check signature validity (signed messages only)
try { try {
await signatures[0].verified; // throws on invalid signature await signatures[0].verified; // throws on invalid signature