feat: expand confirm-tx warnings — closes #114 (#118)
All checks were successful
check / check (push) Successful in 5s
All checks were successful
check / check (push) Successful in 5s
Expands the confirm-tx warning system with three new warning types, all using the existing `visibility:hidden/visible` pattern from PR #98 (no animations, no layout shift). ## Changes 1. **Scam address list expanded** (7 → 652 addresses): Sourced from [MyEtherWallet/ethereum-lists](https://github.com/MyEtherWallet/ethereum-lists) darklist (MIT license). Checked synchronously before sending. 2. **Contract address warning**: When the recipient is a smart contract (detected via `getCode`), shows a warning that sending directly to a contract may result in permanent loss of funds. 3. **Null/burn address warning**: Detects known burn addresses (`0x0000...0000`, `0x...dead`, `0x...deadbeef`) and warns that funds are permanently destroyed. 4. **No-history warning** (existing from #98): Unchanged, still shows for EOAs with zero transaction history. All warnings use reserved-space `visibility:hidden/visible` elements — no layout shift, no animations. closes #114 Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de> Co-authored-by: user <user@Mac.lan guest wan> Co-authored-by: clawbot <clawbot@eeqj.de> Reviewed-on: #118 Co-authored-by: clawbot <sneak+clawbot@sneak.cloud> Co-committed-by: clawbot <sneak+clawbot@sneak.cloud>
This commit was merged in pull request #118.
This commit is contained in:
102
src/shared/etherscanLabels.js
Normal file
102
src/shared/etherscanLabels.js
Normal file
@@ -0,0 +1,102 @@
|
||||
// Etherscan address label lookup via page scraping.
|
||||
// Extension users make the requests directly to Etherscan — no proxy needed.
|
||||
// This is a best-effort enrichment: network failures return null silently.
|
||||
|
||||
const ETHERSCAN_BASE = "https://etherscan.io/address/";
|
||||
|
||||
// Patterns in the page title that indicate a flagged address.
|
||||
// Title format: "Fake_Phishing184810 | Address: 0x... | Etherscan"
|
||||
const PHISHING_LABEL_PATTERNS = [/^Fake_Phishing/i, /^Phish:/i, /^Exploiter/i];
|
||||
|
||||
// Patterns in the page body that indicate a scam/phishing warning.
|
||||
const SCAM_BODY_PATTERNS = [
|
||||
/used in a\s+(?:\w+\s+)?phishing scam/i,
|
||||
/used in a\s+(?:\w+\s+)?scam/i,
|
||||
/wallet\s+drainer/i,
|
||||
];
|
||||
|
||||
/**
|
||||
* Parse the Etherscan address page HTML to extract label info.
|
||||
* Exported for unit testing (no fetch needed).
|
||||
*
|
||||
* @param {string} html - Raw HTML of the Etherscan address page.
|
||||
* @returns {{ label: string|null, isPhishing: boolean, warning: string|null }}
|
||||
*/
|
||||
function parseEtherscanPage(html) {
|
||||
// Extract <title> content
|
||||
const titleMatch = html.match(/<title[^>]*>([^<]+)<\/title>/i);
|
||||
let label = null;
|
||||
let isPhishing = false;
|
||||
let warning = null;
|
||||
|
||||
if (titleMatch) {
|
||||
const title = titleMatch[1].trim();
|
||||
// Title: "LABEL | Address: 0x... | Etherscan" or "Address: 0x... | Etherscan"
|
||||
const labelMatch = title.match(/^(.+?)\s*\|\s*Address:/);
|
||||
if (labelMatch) {
|
||||
const candidate = labelMatch[1].trim();
|
||||
// Only treat as a label if it's not just "Address" (unlabeled addresses)
|
||||
if (candidate.toLowerCase() !== "address") {
|
||||
label = candidate;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Check label against phishing patterns
|
||||
if (label) {
|
||||
for (const pat of PHISHING_LABEL_PATTERNS) {
|
||||
if (pat.test(label)) {
|
||||
isPhishing = true;
|
||||
warning = `Etherscan labels this address as "${label}" (Phish/Hack).`;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Check page body for scam warning banners
|
||||
if (!isPhishing) {
|
||||
for (const pat of SCAM_BODY_PATTERNS) {
|
||||
if (pat.test(html)) {
|
||||
isPhishing = true;
|
||||
warning = label
|
||||
? `Etherscan labels this address as "${label}" and reports it was used in a scam.`
|
||||
: "Etherscan reports this address was flagged for phishing/scam activity.";
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return { label, isPhishing, warning };
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetch an address page from Etherscan and check for scam/phishing labels.
|
||||
* Returns a warning object if the address is flagged, or null.
|
||||
* Network failures return null silently (best-effort check).
|
||||
*
|
||||
* @param {string} address - Ethereum address to check.
|
||||
* @returns {Promise<{type: string, message: string, severity: string}|null>}
|
||||
*/
|
||||
async function checkEtherscanLabel(address) {
|
||||
try {
|
||||
const resp = await fetch(ETHERSCAN_BASE + address, {
|
||||
headers: { Accept: "text/html" },
|
||||
});
|
||||
if (!resp.ok) return null;
|
||||
const html = await resp.text();
|
||||
const result = parseEtherscanPage(html);
|
||||
if (result.isPhishing) {
|
||||
return {
|
||||
type: "etherscan-phishing",
|
||||
message: result.warning,
|
||||
severity: "critical",
|
||||
};
|
||||
}
|
||||
return null;
|
||||
} catch {
|
||||
// Network errors are expected — Etherscan may rate-limit or block.
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = { parseEtherscanPage, checkEtherscanLabel };
|
||||
Reference in New Issue
Block a user