Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix: update OFAC filename #266

Merged
merged 2 commits into from
Dec 5, 2024
Merged

Fix: update OFAC filename #266

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9bc78b7
fix: update OFAC list URL and filename
PavelInjective Dec 3, 2024
67353b0
(fix) remove ofac.json from client dir
PavelInjective Dec 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 0 additions & 48 deletions client/chain/injective_data/ofac.json
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion client/chain/ofac.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
)

const (
DefaultOfacListURL = "https://raw.githubusercontent.com/InjectiveLabs/injective-lists/refs/heads/master/json/wallets/ofac.json"
DefaultOfacListURL = "https://raw.githubusercontent.com/InjectiveLabs/injective-lists/refs/heads/master/json/wallets/ofacAndRestricted.json"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

⚠️ Potential issue

Update local filename to match remote OFAC list source

The verification confirms that there is an inconsistency between the remote source (ofacAndRestricted.json) and local storage (ofac.json). The code downloads from DefaultOfacListURL and saves locally using OfacListFilename. This mismatch should be fixed to maintain consistency and prevent confusion.

  • client/chain/ofac.go: Update OfacListFilename from ofac.json to ofacAndRestricted.json to match the source URL
var (
    OfacListPath     = "injective_data"
-   OfacListFilename = "ofac.json"
+   OfacListFilename = "ofacAndRestricted.json"
)
🔗 Analysis chain

Verify consistency between URL and local filename

The URL has been updated to fetch "ofacAndRestricted.json", but the local OfacListFilename variable still uses "ofac.json". This inconsistency could lead to confusion and potential issues.

Apply this diff to maintain consistency:

var (
    OfacListPath     = "injective_data"
-   OfacListFilename = "ofac.json"
+   OfacListFilename = "ofacAndRestricted.json"
)

Let me gather more information about how this filename is used in the codebase to understand the potential impact.

Let me check how the OFAC list is actually loaded and used to understand if this filename mismatch could cause issues.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the usage of OFAC filenames across the codebase

# Search for references to ofac.json and ofacAndRestricted.json
echo "Searching for OFAC filename references:"
rg -i "ofac.*\.json"

# Search for URL references
echo "Searching for OFAC URL references:"
rg "https.*injective-lists.*json"

Length of output: 1226

Script:

#!/bin/bash
# Search for functions/methods that use OfacListFilename
ast-grep --pattern 'OfacListFilename'

# Search for any file operations or references to these filenames
rg -A 3 'ofac.*\.json' 

# Look for any configuration or setup code related to OFAC
ast-grep --pattern 'func $_($$_) {
  $$$
  OfacList$_
  $$$
}'

Length of output: 640

Script:

#!/bin/bash
# Look for methods that load or use the OFAC list
ast-grep --pattern 'func ($_ *OfacChecker) $_($$$) {
  $$$
}'

# Search for any file operations related to loading OFAC data
rg -A 5 'LoadOfacList|SaveOfacList'

# Check if there's any download or update functionality
rg -A 5 'DefaultOfacListURL'

Length of output: 707

)

var (
Expand Down
5 changes: 4 additions & 1 deletion injective_data/ofac.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,5 +154,8 @@
"0xfac583c0cf07ea434052c49115a4682172ab6b4f",
"0xfd8610d20aa15b7b2e3be39b396a1bc3516c7144",
"0xfec8a60023265364d066a1212fde3930f6ae8da7",
"0xffbac21a641dcfe4552920138d90f3638b3c9fba"
"0xffbac21a641dcfe4552920138d90f3638b3c9fba",
"0xc5801cd781d168e2d3899ad9c39d8a2541871298",
"0x0992E2D17e0082Df8a31Bf36Bd8Cc662551de68B",
"0x8aa07899eb940f40e514b8efdb3b6af5d1cf7bb"
Comment on lines +157 to +160
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Invalid Ethereum address format detected

The address 0x8aa07899eb940f40e514b8efdb3b6af5d1cf7bb is invalid as it contains only 39 hexadecimal characters after the '0x' prefix, instead of the required 40 characters for a valid Ethereum address.

  • The address appears to be missing one character at the end
  • Other addresses in the list are properly formatted with 40 hexadecimal characters
  • This invalid address is present in both injective_data/ofac.json and client/chain/injective_data/ofac.json
🔗 Analysis chain

Verify the newly added addresses.

The following addresses have been added:

  • 0xc5801cd781d168e2d3899ad9c39d8a2541871298
  • 0x0992E2D17e0082Df8a31Bf36Bd8Cc662551de68B
  • 0x8aa07899eb940f40e514b8efdb3b6af5d1cf7bb

Please ensure these addresses are from official OFAC sources.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the format of the newly added Ethereum addresses

# Test: Check if all addresses are valid Ethereum addresses (40 hex chars)
for addr in "0xc5801cd781d168e2d3899ad9c39d8a2541871298" "0x0992E2D17e0082Df8a31Bf36Bd8Cc662551de68B" "0x8aa07899eb940f40e514b8efdb3b6af5d1cf7bb"; do
  if ! echo "$addr" | grep -qE "^0x[0-9a-fA-F]{40}$"; then
    echo "Invalid address format: $addr"
  fi
done

# Test: Check if addresses are unique in the file
rg -c "$addr" injective_data/ofac.json client/chain/injective_data/ofac.json

Length of output: 1012

]
Loading