feat: add isMessageWhitelisted() in MessageBuilder

TICKET: SC-2419

Author: bhavidhingra

modules/account-lib/src/index.ts

@@ -206,8 +206,8 @@ export { Vet };
 import * as CosmosSharedCoin from '@bitgo/sdk-coin-cosmos';
 export { CosmosSharedCoin };
 
-import { validateAgainstMessageTemplates, MIDNIGHT_TNC_HASH } from './utils';
-export { MIDNIGHT_TNC_HASH };
+import { isMessageWhitelisted, MIDNIGHT_TNC_HASH, MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE } from './utils';
+export { isMessageWhitelisted, MIDNIGHT_TNC_HASH, MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE };
 
 const coinBuilderMap = {
   trx: Trx.WrappedBuilder,
@@ -435,7 +435,7 @@ export async function verifyMessage(
     if (!isValidMessageEncoded) {
       return false;
     }
-    return validateAgainstMessageTemplates(messageRaw);
+    return messageBuilder.isMessageWhitelisted(messageRaw);
   } catch (e) {
     console.error(`Error verifying message for coin ${coinName}:`, e);
     return false;

modules/account-lib/src/utils/messages/index.ts

@@ -5,22 +5,20 @@ export const MIDNIGHT_TNC_HASH = '31a6bab50a84b8439adcfb786bb2020f6807e6e8fda629
  * then " to addr" or " to addr_test1", followed by a 50+ character alphanumeric address,
  * and ends with the midnight TnC hash
  */
-const MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE = `STAR \\d+ to addr(?:1|_test1)[a-z0-9]{50,} ${MIDNIGHT_TNC_HASH}`;
-
-/**
- * @file Utility functions for validating messages against whitelisted templates.
- * This is used to ensure that only specific message formats are accepted.
- */
-const whitelistedMessageTemplates = [MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE];
+export const MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE = `STAR \\d+ to addr(?:1|_test1)[a-z0-9]{50,} ${MIDNIGHT_TNC_HASH}`;
 
 /**
  * Validates a message against a set of whitelisted templates.
  * The templates can contain placeholders like {{variable}} which will be replaced with a wildcard in the regex.
  *
+ * @param whitelistedMessageTemplates - An array of whitelisted message templates.
  * @param {string} messageRaw - The raw message to validate.
  * @returns {boolean} - Returns true if the message matches any of the whitelisted templates, false otherwise.
  */
-export function validateAgainstMessageTemplates(messageRaw: string): boolean {
+export function isMessageWhitelisted(whitelistedMessageTemplates: string[], messageRaw: string): boolean {
+  if (!whitelistedMessageTemplates || whitelistedMessageTemplates.length === 0) {
+    return true;
+  }
   return whitelistedMessageTemplates.some((template) => {
     const regex = new RegExp(`^${template}$`, 's'); // 's' flag to match newlines
     return regex.test(messageRaw);

modules/account-lib/test/unit/utils/messages/index.ts

@@ -1,32 +1,38 @@
 import should from 'should';
-import { MIDNIGHT_TNC_HASH, validateAgainstMessageTemplates } from '../../../../src/utils';
+import {
+  MIDNIGHT_TNC_HASH,
+  isMessageWhitelisted,
+  MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE,
+} from '../../../../src/utils';
 
 describe('Message validation', () => {
-  describe('validateAgainstMessageTemplates', () => {
+  describe('isMessageWhitelisted', () => {
+    const whitelistedMessageTemplates = [MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE];
+
     const adaTestnetDestinationAddress = 'addr_test1vz7xs7ceu4xx9n5xn57lfe86vrwddqpp77vjwq5ptlkh49cqy3wur';
     const adaMainnetDestinationAddress =
       'addr1q9k6u7lhf467y2f8skr2dafldx2npsd8fymq0mslnj0t44nd4ealwnt4ug5j0pvx5m6n76v4xrq6wjfkqlhpl8y7httq2m9cmu';
 
     it('should validate testnet message matching the Midnight glacier drop claim template', () => {
       const messageRaw = `STAR 100 to ${adaTestnetDestinationAddress} ${MIDNIGHT_TNC_HASH}`;
 
-      const result = validateAgainstMessageTemplates(messageRaw);
+      const result = isMessageWhitelisted(whitelistedMessageTemplates, messageRaw);
 
       should.equal(result, true);
     });
 
     it('should validate mainnet message matching the Midnight glacier drop claim template', () => {
       const messageRaw = `STAR 100 to ${adaMainnetDestinationAddress} ${MIDNIGHT_TNC_HASH}`;
 
-      const result = validateAgainstMessageTemplates(messageRaw);
+      const result = isMessageWhitelisted(whitelistedMessageTemplates, messageRaw);
 
       should.equal(result, true);
     });
 
     it('should not validate message with incorrect format', () => {
       const messageRaw = `INCORRECT 100 to ${adaTestnetDestinationAddress} ${MIDNIGHT_TNC_HASH}`;
 
-      const result = validateAgainstMessageTemplates(messageRaw);
+      const result = isMessageWhitelisted(whitelistedMessageTemplates, messageRaw);
 
       should.equal(result, false);
     });
@@ -35,7 +41,7 @@ describe('Message validation', () => {
       // Missing "to addr" part
       const messageRaw = `STAR 100 ${MIDNIGHT_TNC_HASH}`;
 
-      const result = validateAgainstMessageTemplates(messageRaw);
+      const result = isMessageWhitelisted(whitelistedMessageTemplates, messageRaw);
 
       should.equal(result, false);
     });
@@ -46,21 +52,21 @@ describe('Message validation', () => {
         '5af1adf825baa496729e2eac1e895ebc77973744bce67f44276bf6006f5c21de863ed121e11828d8fc0241773191e26dc1134803a681a9a98ba0ae812553db24';
       const messageRaw = `STAR 100 to ${adaTestnetDestinationAddress} ${incorrectHash}`;
 
-      const result = validateAgainstMessageTemplates(messageRaw);
+      const result = isMessageWhitelisted(whitelistedMessageTemplates, messageRaw);
 
       should.equal(result, false);
     });
 
     it('should handle empty message', () => {
-      const result = validateAgainstMessageTemplates('');
+      const result = isMessageWhitelisted(whitelistedMessageTemplates, '');
 
       should.equal(result, false);
     });
 
     it('should not validate message with special regex characters', () => {
       const messageRaw = `STAR shade.with+special*chars to addr.with[special]chars ${MIDNIGHT_TNC_HASH}`;
 
-      const result = validateAgainstMessageTemplates(messageRaw);
+      const result = isMessageWhitelisted(whitelistedMessageTemplates, messageRaw);
 
       should.equal(result, false);
     });

modules/sdk-coin-ada/src/lib/messages/cip8/cip8MessageBuilder.ts

@@ -1,25 +1,22 @@
 import { Cip8Message } from './cip8Message';
 import { BaseCoin as CoinConfig } from '@bitgo/statics';
 import { BaseMessageBuilder, IMessage, MessageOptions, MessageStandardType } from '@bitgo/sdk-core';
+import { MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE } from '@bitgo/account-lib';
 
 /**
  * Builder for CIP-8 messages
  */
 export class Cip8MessageBuilder extends BaseMessageBuilder {
-  private static readonly MIDNIGHT_TNC_HASH = '31a6bab50a84b8439adcfb786bb2020f6807e6e8fda629b424110fc7bb1c6b8b';
-
-  /*
-   * matches a message that starts with "STAR ", followed by a number,
-   * then " to addr" or " to addr_test1", followed by a 50+ character alphanumeric address,
-   * and ends with the midnight TnC hash
-   */
-  private static readonly MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE = `STAR \\d+ to addr(?:1|_test1)[a-z0-9]{50,} ${Cip8MessageBuilder.MIDNIGHT_TNC_HASH}`;
   /**
    * Base constructor.
    * @param _coinConfig BaseCoin from statics library
    */
   public constructor(_coinConfig: Readonly<CoinConfig>) {
     super(_coinConfig, MessageStandardType.CIP8);
+    this.whitelistedMessageTemplates = [
+      MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE,
+      // Add more templates as needed
+    ];
   }
 
   /**
@@ -30,15 +27,4 @@ export class Cip8MessageBuilder extends BaseMessageBuilder {
   async buildMessage(options: MessageOptions): Promise<IMessage> {
     return new Cip8Message(options);
   }
-
-  /**
-   * Validates the signable payload
-   * @param message The message to validate
-   * @returns A boolean indicating whether the signable payload is valid
-   */
-  public validateSignablePayload(message: string | Buffer): boolean {
-    const messageStr = Buffer.isBuffer(message) ? message.toString('utf8') : message;
-    const regex = new RegExp(`^${Cip8MessageBuilder.MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE}$`, 's');
-    return regex.test(messageStr);
-  }
 }

modules/sdk-core/src/account-lib/baseCoin/messages/baseMessageBuilder.ts

@@ -2,6 +2,7 @@ import { BroadcastableMessage, MessageOptions, MessagePayload, MessageStandardTy
 import { BaseCoin as CoinConfig } from '@bitgo/statics';
 import { IMessage, IMessageBuilder } from './iface';
 import { deserializeSignatures, Signature } from '../iface';
+import { isMessageWhitelisted } from '@bitgo/account-lib';
 
 /**
  * Base Message Builder
@@ -12,6 +13,7 @@ export abstract class BaseMessageBuilder implements IMessageBuilder {
   protected type: MessageStandardType;
   protected signatures: Signature[] = [];
   protected signers: string[] = [];
+  protected whitelistedMessageTemplates: string[] = [];
   protected metadata?: Record<string, unknown> = {};
   protected digest?: string;
 
@@ -118,13 +120,8 @@ export abstract class BaseMessageBuilder implements IMessageBuilder {
     return this;
   }
 
-  /**
-   * Validates the signable payload
-   * @param message The message to validate
-   * @returns A boolean indicating whether the signable payload is valid
-   */
-  public validateSignablePayload(message: string | Buffer): boolean {
-    return true;
+  public isMessageWhitelisted(messageRaw: string): boolean {
+    return isMessageWhitelisted(this.whitelistedMessageTemplates, messageRaw);
   }
 
   /**

modules/sdk-core/src/account-lib/baseCoin/messages/iface.ts

@@ -137,11 +137,11 @@ export interface IMessageBuilder {
   getPayload(): MessagePayload | undefined;
 
   /**
-   * Validates the signable payload
-   * @param message The message to validate
-   * @returns A boolean indicating whether the signable payload is valid
+   * Checks if the message string is whitelisted
+   * @param messageRaw The raw message string to check
+   * @return True if the message is whitelisted, false otherwise
    */
-  validateSignablePayload(message: string | Buffer): boolean;
+  isMessageWhitelisted(messageRaw: string): boolean;
 
   /**
    * Gets the current metadata

modules/sdk-core/src/account-lib/baseCoin/messages/simple/simpleMessageBuilder.ts

@@ -3,6 +3,7 @@ import { BaseCoin as CoinConfig } from '@bitgo/statics';
 import { BaseMessageBuilder } from '../baseMessageBuilder';
 import { MessageOptions, MessageStandardType } from '../../../../bitgo';
 import { IMessage } from '../iface';
+import { MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE } from '@bitgo/account-lib';
 
 /**
  * Builder for string messages
@@ -14,6 +15,10 @@ export class SimpleMessageBuilder extends BaseMessageBuilder {
    */
   public constructor(_coinConfig: Readonly<CoinConfig>) {
     super(_coinConfig, MessageStandardType.SIMPLE);
+    this.whitelistedMessageTemplates = [
+      MIDNIGHT_GLACIER_DROP_CLAIM_MESSAGE_TEMPLATE,
+      // Add more templates as needed
+    ];
   }
 
   /**