grant-hub icon indicating copy to clipboard operation
grant-hub copied to clipboard

Published 20 hours ago verified publisher icon gitcoinco

Programmatic validation of proper payout wallet addresses

Open michellema1208 opened this issue 3 years ago • 4 comments

Tasks

  • [x] [Design] Adding a new question on the application asking for multi-sig or not
  • [x] [Design] Display warning messages when at least one of the checks below fail
  • [ ] [Eng] We can check if it is or is NOT a contract now (doesn't preclude it from becoming a contract in the future)
    • [ ] An EOA cannot become a contract once created. The address for a contract is created when the contract is deployed. The future address of a contract can be calculated.
  • [ ] [Eng] We can check if the address you shared is a contract on the network you are connected to

Open Questions

  • [x] What types of wallet addresses do we want to validate against (i.e. Coinbase custodial wallets, any wallet that is not an externally owned account on the same network the round is deployed to)
  • [x] How to support multi-sig wallet addresses / when they are not compatible
  • [x] What information we may need to be passed from Round Manager

Notes

  • We can check for an Ethereum Externally Owned Account (EOA) and not a contract.
  • For Optimism: can accept Ethereum EOAs and multi-sigs
  • We cannot confirm that the address shared is definitively a multi-sig or Ethereum EOA, and cannot confirm that it is owned by you
  • Externally Owned Accounts (EOA) can sign messages with their associated private keys, but currently contracts cannot (https://eips.ethereum.org/EIPS/eip-1271)

michellema1208 avatar Aug 08 '22 17:08 michellema1208

⚠️ Status Update: Moving back to "In Progress"

@codenamejason I just tested this on staging, and it looks like some new bugs may have been introduced in the latest merge. I noticed that:

  • There is no wallet validation at all anymore -> I entered in "0x" as my wallet address and it let me go to the next page
  • I can no longer see the tooltip on hover with the message from Optimism team
  • The placing of the info tooltip is now on a newline -> it should be inline (see the screenshot from what we have on production currently)

Staging (with latest changes): Image

Production Image

michellema1208 avatar Sep 23 '22 19:09 michellema1208

@codenamejason can you share any sample addresses that would trigger a warning message here? I tested with our Gitcoin Gnosis Safe account (https://gnosis-safe.io/app/eth:0x1147E9Deed5476Fd5E23AF2f3f53082133fe461E/home) and it seemed to work

michellema1208 avatar Sep 28 '22 01:09 michellema1208

@michellema1208 a contract will not trigger a validation error, only invalid address whether contract or EOA (we can do this programmatically and check the box for them?). I was under the impression we were going to use the radio/safe selector to trigger the warning.

codenamejason avatar Sep 28 '22 02:09 codenamejason

@codenamejason moving this ticket to Ready for Deployment -> tracking the error overriding bug ticket here: https://github.com/gitcoinco/grant-hub/issues/429

michellema1208 avatar Oct 03 '22 14:10 michellema1208