Validate signature

Author: protinam

package.json

@@ -29,7 +29,6 @@
     "pg": "^7.4.1",
     "sequelize": "^4.31.2",
     "web3": "^0.20.4",
-    "wyvern-js": "file:../wyvern-js",
-    "wyvern-schemas": "file:../wyvern-schemas"
+    "wyvern-js": "file:../wyvern-js"
   }
 }

server/db.js

@@ -12,6 +12,8 @@ const sequelize = new Sequelize('orderbook', 'postgres', 'postgres', {
 
 const Order = sequelize.define('order', {
   hash: {type: Sequelize.TEXT, allowNull: false, primaryKey: true},
+  title: {type: Sequelize.TEXT, allowNull: true},
+  schema: {type: Sequelize.TEXT, allowNull: true},
   metadata: {type: Sequelize.JSON, allowNull: false},
   exchange: {type: Sequelize.TEXT, allowNull: false},
   maker: {type: Sequelize.TEXT, allowNull: false},
@@ -42,11 +44,14 @@ const Order = sequelize.define('order', {
   indexes: [
     {name: 'listingTime_index', method: 'BTREE', fields: ['listingTime']},
     {name: 'expirationTime_index', method: 'BTREE', fields: ['expirationTime']}
-  ]
+  ],
+  version: true
 })
 
 const encodeOrder = (order) => ({
   hash: order.hash,
+  title: order.metadata.title || null,
+  schema: order.metadata.schema || null,
   metadata: order.metadata,
   exchange: order.exchange,
   maker: order.maker,
@@ -102,11 +107,14 @@ const decodeOrder = (order) => ({
   r: order.r,
   s: order.s,
   cancelledOrFinalized: order.cancelledOrFinalized,
-  markedInvalid: order.markedInvalid
+  markedInvalid: order.markedInvalid,
+  createdAt: order.createdAt,
+  updatedAt: order.updatedAt
 })
 
 module.exports = {
   sequelize: sequelize,
+  Op: Sequelize.Op,
   Order: Order,
   encodeOrder: encodeOrder,
   decodeOrder: decodeOrder

server/index.js

@@ -1,16 +1,12 @@
 const express = require('express')
 const bodyParser = require('body-parser')
 const helmet = require('helmet')
-const { WyvernProtocol } = require('wyvern-js')
 
-const { sequelize, Order, encodeOrder, decodeOrder } = require('./db.js')
+const { sequelize, Op, Order, encodeOrder, decodeOrder } = require('./db.js')
+const { validateOrder } = require('./validate.js')
 const log = require('./logging.js')
 const scan = require('./scan.js')
 
-const assertEqual = (a, b, msg) => {
-  if (a !== b) throw new Error(msg + ': ' + a + ', ' + b)
-}
-
 const fail = (req, res, status, err) => {
   log.warn({error: err.message, origin: 'express', path: req.path}, 'Error processing request')
   res.status(status)
@@ -20,19 +16,49 @@ const fail = (req, res, status, err) => {
 const app = express()
 app.use(helmet())
 app.use(bodyParser.json())
-app.use((req, res, next) => {
-  const start = Date.now() / 1000
-  res.header('Access-Control-Allow-Origin', '*')
-  res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept')
-  next()
-  const end = Date.now() / 1000
-  log.debug({origin: 'express', diff: end - start, path: req.path, method: req.method, ip: req.headers['X-Forwarded-For']}, 'Request handled')
-})
 
 const router = express.Router()
 
 router.get('/orders', (req, res) => {
-  return Order.findAll({where: {cancelledOrFinalized: false}}).then(orders => {
+  var where = {
+    markedInvalid: req.query.markedInvalid === '1',
+    cancelledOrFinalized: req.query.cancelledOrFinalized === '1'
+  }
+  if (req.query.maker) {
+    where.maker = req.query.maker
+  }
+  if (req.query.taker) {
+    where.taker = req.query.taker
+  }
+  if (req.query.paymentToken) {
+    where.paymentToken = req.query.paymentToken
+  }
+  if (req.query.side) {
+    where.side = req.query.side
+  }
+  if (req.query.schema) {
+    where.schema = req.query.schema
+  }
+  if (req.query.saleKind) {
+    where.saleKind = req.query.saleKind
+  }
+  if (req.query.filter) {
+    where.title = [Op.like, req.query.filter]
+  }
+  var order = [['createdAt', 'DESC']]
+  if (req.query.order) {
+    switch (req.query.order) {
+      case '1': order = [['createdAt', 'DESC']]; break
+      case '2': order = [['createdAt', 'ASC']]; break
+      case '3': order = [['basePrice', 'DESC']]; break
+      case '4': order = [['basePrice', 'ASC']]; break
+    }
+  }
+  var limit = req.query.limit ? parseInt(req.query.limit) : 20
+  limit = Math.min(100, Math.max(0, limit))
+  var offset = req.query.offset ? parseInt(req.query.offset) : 0
+  var query = { where, order, limit, offset }
+  return Order.findAll(query).then(orders => {
     res.json({result: orders.map(decodeOrder), error: null})
   }).catch(err => {
     fail(req, res, 500, err)
@@ -47,11 +73,6 @@ router.get('/orders/:hash', (req, res) => {
   })
 })
 
-const validateOrder = async (order) => {
-  const orderHash = WyvernProtocol.getOrderHashHex(order)
-  assertEqual(orderHash, order.hash, 'Expected provided order hash to match calculated hash')
-}
-
 router.post('/orders/post', (req, res) => {
   const order = req.body
   return validateOrder(order).then(() => {
@@ -70,7 +91,7 @@ router.post('/orders/validate', (req, res) => {
   }).catch(err => fail(req, res, 400, err))
 })
 
-app.use('/v1', router)
+app.use('/v0', router)
 
 const go = ({ port, provider, network, production }) => {
   sequelize

server/scan.js

@@ -6,11 +6,9 @@ const log = require('./logging.js')
 
 const scan = (provider, network) => {
   const protocolInstance = new WyvernProtocol(new Web3.providers.HttpProvider(provider), { network })
-  const web3 = new Web3(provider)
+  const web3 = new Web3(new Web3.providers.HttpProvider(provider))
   const scanFunc = async () => {
     const start = Date.now() / 1000
-    var markedInvalid = 0
-    var cancelledOrFinalized = 0
     await Order.findAll({where: {cancelledOrFinalized: false}}).then(orders => {
       return Promise.all(orders.map(async order => {
         const valid = await protocolInstance.wyvernExchange.validateOrder_.callAsync(
@@ -28,7 +26,6 @@ const scan = (provider, network) => {
         if (!valid) {
           order.cancelledOrFinalized = true
           return order.save().then(() => {
-            cancelledOrFinalized++
             log.info('Order ' + order.hash + ' marked cancelled or finalized')
           })
         }
@@ -43,7 +40,6 @@ const scan = (provider, network) => {
           if (!res) {
             order.markedInvalid = true
             order.save().then(() => {
-              markedInvalid++
               log.info('Order ' + order.hash + ' marked invalid')
             })
           }
@@ -52,9 +48,10 @@ const scan = (provider, network) => {
     })
     const end = Date.now() / 1000
     const dt = Math.round((end - start) * 1000) / 1000
-    log.info({dt: dt + 's', markedInvalid, cancelledOrFinalized}, 'Orderbook scan completed')
+    log.info({dt: dt + 's'}, 'Orderbook scan completed')
+    setTimeout(scanFunc, 5000)
   }
-  setInterval(scanFunc, 5000)
+  scanFunc()
 }
 
 module.exports = scan

server/validate.js

@@ -0,0 +1,14 @@
+const { WyvernProtocol } = require('wyvern-js')
+
+const assertEqual = (a, b, msg) => {
+  if (a !== b) throw new Error(msg + ': ' + a + ', ' + b)
+}
+
+const validateOrder = async (order) => {
+  const orderHash = WyvernProtocol.getOrderHashHex(order)
+  assertEqual(orderHash, order.hash, 'Expected provided order hash to match calculated hash')
+  const validSignature = WyvernProtocol.isValidSignature(orderHash, { v: order.v, r: order.r, s: order.s }, order.maker)
+  assertEqual(validSignature, true, 'Expected valid order signature')
+}
+
+module.exports = { validateOrder }

yarn.lock

@@ -3534,7 +3534,7 @@ watchpack@^1.4.0:
     chokidar "^1.7.0"
     graceful-fs "^4.1.2"
 
-web3@^0.20.0, web3@^0.20.4:
+web3@0.20.4, web3@^0.20.0, web3@^0.20.4:
   version "0.20.4"
   resolved "https://registry.yarnpkg.com/web3/-/web3-0.20.4.tgz#400e6579a65bb4a3dde71a6ebf6509afadc33a04"
   dependencies:
@@ -3650,9 +3650,6 @@ wrappy@1:
     web3 "^0.20.4"
     webpack "^3.10.0"
 
-"wyvern-schemas@file:../wyvern-schemas":
-  version "0.1.0"
-
 [email protected]:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/x-xss-protection/-/x-xss-protection-1.0.0.tgz#898afb93869b24661cf9c52f9ee8db8ed0764dd9"