- ℹ️ Introduction
- ⬆️
verifyContractRequest Params - ⬇️
verifyContractResponse Result - 💡 Example
curlRequests - 📎 Utils
The HAQQ Network indexer verifyContract method allows validating transactions from DAPPs to detect malicious signatures in personal_sign and eth_sign methods. It filters non-whitelisted smart contract method calls and validates smart contract input data.
// Define a type alias for the tuple representing the parameters
type IndexerVerifyContractParams = (String, String, String, String);
// Accessing elements of the tuple
println!("Method Name: {}", params.0); // Accessing method_name
println!("Domain: {}", params.1); // Accessing domain
println!("Message or Input: {}", params.2); // Accessing message_or_input
println!("Address: {}", params.3); // Accessing addressmethod_name[0] - name of sign method which DAPP used.- possible values example
-
eth_sign personal_sign eth_sendTransaction eth_signTransaction eth_signTypedData_v4
domain[1] - DAPP domain URL addressmessage_or_input[2] - string message from DAPP or smart contract input data (value can be0x0)- example:
-
let mut is_message = false; let mut is_contract_input = false; match method_name.as_str() { "eth_sign" | "personal_sign" => { // `message_or_input` is message is_message = true; }, "eth_sendTransaction" | "eth_signTransaction" => { // `message_or_input` is smart contract input data is_contract_input = true; }, "eth_signTypedData_v4" => { // `message_or_input` is `0x0` // should validate only smart contract address and DAPP domain }, _ => {} } // Use `is_message` and `is_contract_input` as needed
address[3] - wallet/smart contract address (optional)- Possible address encodings:
-
EIP-55 for EVM Bech32 for COSMOS Base58 for TRX
struct IndexerVerifyContractResponseResult {
domain_in_whitelist: bool,
message_is_valid: Option<bool>,
input_is_valid: Option<bool>,
is_eip4361: Option<bool>,
contract: Option<ContractInformation>
}domain_in_whitelist- Indicates if the DAPP domain is whitelisted.message_is_valid- Indicates if a malicious signature wasn't detected.input_is_valid- Indicates if the smart contract input data is valid.- (filtering smart contract methods calls by method name)
is_eip4361- Indicates if the message is a Sign-In with Ethereumcontract- Optional JSON result from theaddressindexer method (see example below)-
{ "address_type": "contract", "coingecko_id": null, "created_at": "2024-07-16T13:48:38.185392Z", "decimals": null, "eth_address": "0x1dc6c35d0ec4824ebc85ba9e164a00a501a5b28e", "ibc": null, "icon": null, "id": "haqq1rhrvxhgwcjpya0y9h20pvjsq55q6tv5w9ztgwh", "is_coingecko_watch": null, "is_erc1155": false, "is_erc20": null, "is_erc721": true, "is_in_white_list": true, "is_skip_eth_tx": null, "is_transfer_prohibited": null, "min_input_amount": null, "name": "BibaToken", "symbol": "BIBA", "updated_at": "2024-07-17T06:39:36.753998Z" }
-
 |
 |
 |
|---|---|---|
result.domain_in_whitelist === false |
result.contract.is_in_white_list === true |
personal_sign EIP-4361 example |
 |
 |
 |
|
| message_is_valid === true if message is unknown hex strign, and malicious signature wasn't detected | message_is_valid === false | eth_signTypedData_v4 example |
curl -X POST https://jsonrpc.indexer.testedge2.haqq.network/ \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": "ABCDF0",
"method": "verifyContract",
"params": [
"eth_sign",
"https://exampledapp.com",
"Hello, please sign this message.",
]
}'
{
"jsonrpc": "2.0",
"id": "ABCDF0",
"result": {
"domain_in_whitelist": true,
"contract": null,
"message_is_valid": true,
"is_eip4361": false
}
}
curl -X POST https://jsonrpc.indexer.testedge2.haqq.network/ \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": "ABCDF1",
"method": "verifyContract",
"params": [
"eth_sendTransaction",
"https://anotherdapp.com",
"0xa9059cbb000000000000000000000000df7a506f2d6af5c0a47b873bb51526819997beab0000000000000000000000000000000000000000000000000000000010103e60",
"haqq1rhrvxhgwcjpya0y9h20pvjsq55q6tv5w9ztgwh"
]
}'{
"jsonrpc": "2.0",
"id": "ABCDF1",
"result": {
"domain_in_whitelist": false,
"contract": {
"address_type": "contract",
"coingecko_id": null,
"created_at": "2024-07-16T13:48:38.185392Z",
"decimals": null,
"eth_address": "0x1dc6c35d0ec4824ebc85ba9e164a00a501a5b28e",
"ibc": null,
"icon": null,
"id": "haqq1rhrvxhgwcjpya0y9h20pvjsq55q6tv5w9ztgwh",
"is_coingecko_watch": null,
"is_erc1155": false,
"is_erc20": null,
"is_erc721": true,
"is_in_white_list": true,
"is_skip_eth_tx": null,
"is_transfer_prohibited": null,
"min_input_amount": null,
"name": "BibaToken",
"symbol": "BIBA",
"updated_at": "2024-07-17T06:39:36.753998Z"
},
"message_is_valid": null,
"is_eip4361": null
}
}curl -X POST https://jsonrpc.indexer.testedge2.haqq.network/ \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": "ABCDF2",
"method": "verifyContract",
"params": [
"eth_signTypedData_v4",
"https://yetanotherdapp.com",
"0x0",
"haqq1rhrvxhgwcjpya0y9h20pvjsq55q6tv5w9ztgwh"
]
}'{
"jsonrpc": "2.0",
"id": "ABCDF2",
"result": {
"domain_in_whitelist": true,
"contract": null,
"message_is_valid": null,
"is_eip4361": false
}
}curl -X POST https://jsonrpc.indexer.testedge2.haqq.network/ \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": "ABCDF3",
"method": "verifyContract",
"params": [
"personal_sign",
"https://secureapp.com",
"Sign this message to confirm your action."
]
}'
{
"jsonrpc": "2.0",
"id": "ABCDF3",
"result": {
"domain_in_whitelist": false,
"contract": null,
"message_is_valid": true,
"is_eip4361": false
}
}- https://cleanunicorn.github.io/santoku - can be used for manual smart contract input data parsing