Decodes a Base58Check-encoded Tron address, throwing on invalid input#4708
Open
nikhil-gupta-tw wants to merge 2 commits intomasterfrom
Open
Decodes a Base58Check-encoded Tron address, throwing on invalid input#4708nikhil-gupta-tw wants to merge 2 commits intomasterfrom
nikhil-gupta-tw wants to merge 2 commits intomasterfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR strengthens Tron transaction signing by centralizing Base58Check address decoding/validation and mapping invalid-address failures to Error_invalid_address instead of producing a signable transaction with empty/invalid address bytes.
Changes:
- Added a
decodeAddress()helper insrc/Tron/Signer.cppand replaced directBase58::decodeCheckusages across contract conversions. - Allowed invalid address errors to propagate by removing
noexceptfrombuildTransaction(), and added exception-to-error mapping inSigner::sign()andSigner::compile(). - Extended the Tron signer test suite with invalid-address cases to ensure errors are reported and no id/signature is produced.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| src/Tron/Signer.cpp | Centralizes address decoding + propagates/handles invalid address errors in signing/compilation flows. |
| tests/chains/Tron/SignerTests.cpp | Adds regression tests for invalid recipient/contract addresses returning Error_invalid_address. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Binary size comparison➡️ aarch64-apple-ios: 14.34 MB ➡️ aarch64-apple-ios-sim: 14.34 MB ➡️ aarch64-linux-android: 18.77 MB ➡️ armv7-linux-androideabi: 16.20 MB ➡️ wasm32-unknown-emscripten: 13.68 MB |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request improves Tron transaction signing by adding robust validation and error handling for Tron addresses. It introduces a centralized address decoding function that throws on invalid input, ensuring that all contract types consistently validate addresses. Additionally, it enhances the test suite with cases for invalid addresses to ensure correct error reporting.
Address validation and error handling:
decodeAddresshelper function inSigner.cppto decode Base58Check-encoded Tron addresses, throwing an exception on invalid input, and replaced all direct usages ofBase58::decodeCheckwith this function across all contract conversion functions. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15]buildTransactionfunction to no longer be marked asnoexcept, allowing exceptions to propagate for invalid addresses.Signer::signandSigner::compilemethods to catch address decoding exceptions, set the error code toError_invalid_address, and populate the error message accordingly in the output. [1] [2] [3]Testing improvements:
SignerTests.cppto verify that invalid addresses in transfers and TRC20 contracts are correctly detected and reported as errors, ensuring that no transaction ID or signature is produced in these cases.