fix: guard wallet send submission preflight#8
Conversation
|
Maintainer-facing review assist for bitgesell-wallet #8 / Bitgesell #81. I am not claiming this bounty here; I reviewed the visible PR diff only, without installing dependencies, opening a wallet, using credentials, querying a live node/API, or performing any chain action. This is a useful wallet safety slice: revalidating the recipient at submit time and refusing to call A few checks I would keep visible before merge/acceptance:
Suggested merge bar: submit-time invalid-recipient and empty-transaction branches are visibly covered, broader wallet tests pass, and maintainers confirm the payout/claim process for this focused wallet-send safety fix. |
|
Follow-up hardening pushed in |
Summary
changehandlersendrawtransactionwhen no serialized transaction has been generatedWhy
The send form can be submitted without the recipient field having passed through the
changehandler, or after stale form state leavesnewTxempty. In that state the wallet could attempt asendrawtransactionRPC with a null/stale transaction body instead of blocking locally and marking the recipient field invalid.Hardening note
Follow-up commit
3dd1930makes the review-assist merge bar visible in the repository test suite:sendrawtransactionsendrawtransactionand does not disable the formnpm testnow lints nestedsrc/**/*.jsfiles and runs the send-form regression harnessValidation
node --check src/send/send.jsnode --check test/send_preflight_test.jsnpm test(eslint 'src/**/*.js' && node test/send_preflight_test.js)git diff --checkPayout address if accepted: EVM/USDT-compatible
0x4a76c7E64C08cF29B59eFC640b4ada97A270d428.