feat: add Etherscan label scraping and MetaMask phishing domain blocklist
- Add etherscanLabels module: scrapes Etherscan address pages for phishing/scam labels (Fake_Phishing*, Exploiter, scam warnings). Integrated as best-effort async check in addressWarnings. - Add phishingDomains module: fetches MetaMask's eth-phishing-detect blocklist (~231K domains) at runtime, caches in memory, refreshes every 24h. Checks hostnames with subdomain matching and whitelist overrides. - Integrate domain phishing checks into all approval flows: connection requests, transaction approvals, and signature requests show a prominent red warning banner when the requesting site is on the MetaMask blocklist. - Add unit tests for both modules (12 tests for etherscanLabels parsing, 15 tests for phishingDomains matching). Closes #114
This commit is contained in:
user
@@ -13,6 +13,7 @@ const { ERC20_ABI } = require("../../shared/constants");
|
||||
const { TOKEN_BY_ADDRESS } = require("../../shared/tokenList");
|
||||
const txStatus = require("./txStatus");
|
||||
const uniswap = require("../../shared/uniswap");
|
||||
const { isPhishingDomain } = require("../../shared/phishingDomains");
|
||||
|
||||
const runtime =
|
||||
typeof browser !== "undefined" ? browser.runtime : chrome.runtime;
|
||||
@@ -155,7 +156,24 @@ function decodeCalldata(data, toAddress) {
|
||||
return null;
|
||||
}
|
||||
|
||||
function showPhishingWarning(elementId, hostname, isPhishing) {
|
||||
const el = $(elementId);
|
||||
if (!el) return;
|
||||
// Check both the flag from background and a local re-check
|
||||
if (isPhishing || isPhishingDomain(hostname)) {
|
||||
el.classList.remove("hidden");
|
||||
} else {
|
||||
el.classList.add("hidden");
|
||||
}
|
||||
}
|
||||
|
||||
function showTxApproval(details) {
|
||||
showPhishingWarning(
|
||||
"approve-tx-phishing-warning",
|
||||
details.hostname,
|
||||
details.isPhishingDomain,
|
||||
);
|
||||
|
||||
const toAddr = details.txParams.to;
|
||||
const token = toAddr ? TOKEN_BY_ADDRESS.get(toAddr.toLowerCase()) : null;
|
||||
const ethValue = formatEther(details.txParams.value || "0");
|
||||
@@ -323,6 +341,12 @@ function formatTypedDataHtml(jsonStr) {
|
||||
}
|
||||
|
||||
function showSignApproval(details) {
|
||||
showPhishingWarning(
|
||||
"approve-sign-phishing-warning",
|
||||
details.hostname,
|
||||
details.isPhishingDomain,
|
||||
);
|
||||
|
||||
const sp = details.signParams;
|
||||
|
||||
$("approve-sign-hostname").textContent = details.hostname;
|
||||
@@ -382,6 +406,12 @@ function show(id) {
|
||||
showSignApproval(details);
|
||||
return;
|
||||
}
|
||||
// Site connection approval
|
||||
showPhishingWarning(
|
||||
"approve-site-phishing-warning",
|
||||
details.hostname,
|
||||
details.isPhishingDomain,
|
||||
);
|
||||
$("approve-hostname").textContent = details.hostname;
|
||||
$("approve-address").innerHTML = approvalAddressHtml(
|
||||
state.activeAddress,
|
||||
|
||||
Reference in New Issue
Block a user