Merge pull request #5621 from ripcurlx/add-payment-account-payload-sa…

…feguards Add payment account payload safeguards
bisq-network · Jul 13, 2021 · 30b100d · 30b100d
2 parents e4b00c6 + e858027
commit 30b100d
Show file tree

Hide file tree

Showing 8 changed files with 49 additions and 23 deletions.
diff --git a/core/src/main/java/bisq/core/account/witness/AccountAgeWitnessService.java b/core/src/main/java/bisq/core/account/witness/AccountAgeWitnessService.java
@@ -285,6 +285,10 @@ public AccountAgeWitness getNewWitness(PaymentAccountPayload paymentAccountPaylo
 
     Optional<AccountAgeWitness> findWitness(PaymentAccountPayload paymentAccountPayload,
                                             PubKeyRing pubKeyRing) {
+        if (paymentAccountPayload == null) {
+            return Optional.empty();
+        }
+
         byte[] accountInputDataWithSalt = getAccountInputDataWithSalt(paymentAccountPayload);
         byte[] hash = Hash.getSha256Ripemd160hash(Utilities.concatenateByteArrays(accountInputDataWithSalt,
                 pubKeyRing.getSignaturePubKeyBytes()));

diff --git a/core/src/main/java/bisq/core/filter/FilterManager.java b/core/src/main/java/bisq/core/filter/FilterManager.java
@@ -452,6 +452,7 @@ public boolean requireUpdateToNewVersionForDAO() {
 
     public boolean arePeersPaymentAccountDataBanned(PaymentAccountPayload paymentAccountPayload) {
         return getFilter() != null &&
+                paymentAccountPayload != null &&
                 getFilter().getBannedPaymentAccounts().stream()
                         .filter(paymentAccountFilter -> paymentAccountFilter.getPaymentMethodId().equals(
                                 paymentAccountPayload.getPaymentMethodId()))

diff --git a/core/src/main/java/bisq/core/support/dispute/agent/MultipleHolderNameDetection.java b/core/src/main/java/bisq/core/support/dispute/agent/MultipleHolderNameDetection.java
@@ -41,6 +41,8 @@
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
+import java.util.Optional;
 import java.util.Set;
 import java.util.concurrent.CopyOnWriteArrayList;
 import java.util.stream.Collectors;
@@ -84,14 +86,15 @@ private static boolean isBuyer(Dispute dispute) {
         return buyerSigPubKeyHashAsHex.equals(traderSigPubKeyHashAsHex);
     }
 
-    private static PayloadWithHolderName getPayloadWithHolderName(Dispute dispute) {
-        return (PayloadWithHolderName) getPaymentAccountPayload(dispute);
+    private static Optional<PayloadWithHolderName> getPayloadWithHolderName(Dispute dispute) {
+        Optional<PaymentAccountPayload> paymentAccountPayload = getPaymentAccountPayload(dispute);
+        return paymentAccountPayload.map(accountPayload -> (PayloadWithHolderName) accountPayload);
     }
 
-    public static PaymentAccountPayload getPaymentAccountPayload(Dispute dispute) {
-        return isBuyer(dispute) ?
+    public static Optional<PaymentAccountPayload> getPaymentAccountPayload(Dispute dispute) {
+        return Optional.ofNullable(isBuyer(dispute) ?
                 dispute.getContract().getBuyerPaymentAccountPayload() :
-                dispute.getContract().getSellerPaymentAccountPayload();
+                dispute.getContract().getSellerPaymentAccountPayload());
     }
 
     public static String getAddress(Dispute dispute) {
@@ -146,7 +149,11 @@ public void detectMultipleHolderNames() {
         String previous = suspiciousDisputesByTraderMap.toString();
         getAllDisputesByTraderMap().forEach((key, value) -> {
             Set<String> userNames = value.stream()
-                    .map(dispute -> getPayloadWithHolderName(dispute).getHolderName())
+                    .map(dispute -> {
+                        Optional<PayloadWithHolderName> payloadWithHolderName = getPayloadWithHolderName(dispute);
+                        return payloadWithHolderName.map(PayloadWithHolderName::getHolderName).orElse(null);
+                    })
+                    .filter(Objects::nonNull)
                     .collect(Collectors.toSet());
             if (userNames.size() > 1) {
                 // As we compare previous results we need to make sorting deterministic
@@ -232,17 +239,20 @@ private String getReport(Collection<List<Dispute>> collectionOfDisputesOfTrader)
                                 if (!DontShowAgainLookup.showAgain(ackKey)) {
                                     ackSubString = "[ACK]   ";
                                 }
-                                String holderName = getPayloadWithHolderName(dispute).getHolderName();
+                                Optional<PayloadWithHolderName> payloadWithHolderName = getPayloadWithHolderName(dispute);
+                                String holderName = payloadWithHolderName.isPresent() ? payloadWithHolderName.get().getHolderName() : "NA";
                                 names.add(holderName);
                                 boolean isBuyer = isBuyer(dispute);
                                 isBuyerHashSet.add(isBuyer);
                                 String isBuyerSubString = getIsBuyerSubString(isBuyer);
                                 DisputeResult disputeResult = dispute.disputeResultProperty().get();
                                 String summaryNotes = disputeResult != null ? disputeResult.getSummaryNotesProperty().get().trim() : "Not closed yet";
+                                Optional<PaymentAccountPayload> paymentAccountPayload = getPaymentAccountPayload(dispute);
                                 return ackSubString +
                                         "Trade ID: '" + dispute.getShortTradeId() +
                                         "'\n        Account holder name: '" + holderName +
-                                        "'\n        Payment method: '" + Res.get(getPaymentAccountPayload(dispute).getPaymentMethodId()) +
+                                        "'\n        Payment method: '" + Res.get(paymentAccountPayload.isPresent() ?
+                                        paymentAccountPayload.get().getPaymentMethodId() : "NA") +
                                         isBuyerSubString +
                                         "'\n        Summary: '" + summaryNotes;
                             })

diff --git a/desktop/src/main/java/bisq/desktop/main/overlays/windows/ContractWindow.java b/desktop/src/main/java/bisq/desktop/main/overlays/windows/ContractWindow.java
@@ -189,9 +189,11 @@ private void addContent() {
                 nrOfDisputesAsBuyer + " / " + nrOfDisputesAsSeller);
 
         addConfirmationLabelTextFieldWithCopyIcon(gridPane, ++rowIndex, Res.get("shared.paymentDetails", Res.get("shared.buyer")),
-                contract.getBuyerPaymentAccountPayload().getPaymentDetails()).second.setMouseTransparent(false);
+                contract.getBuyerPaymentAccountPayload() != null ?
+                        contract.getBuyerPaymentAccountPayload().getPaymentDetails() : "NA").second.setMouseTransparent(false);
         addConfirmationLabelTextFieldWithCopyIcon(gridPane, ++rowIndex, Res.get("shared.paymentDetails", Res.get("shared.seller")),
-                sellerPaymentAccountPayload.getPaymentDetails()).second.setMouseTransparent(false);
+                sellerPaymentAccountPayload != null ?
+                        sellerPaymentAccountPayload.getPaymentDetails() : "NA").second.setMouseTransparent(false);
 
         String title = "";
         String agentKeyBaseUserName = "";

diff --git a/desktop/src/main/java/bisq/desktop/main/portfolio/closedtrades/ClosedTradesView.java b/desktop/src/main/java/bisq/desktop/main/portfolio/closedtrades/ClosedTradesView.java
@@ -448,8 +448,10 @@ private void applyFilteredListPredicate(String filterString) {
                 if (contract != null) {
                     isBuyerOnion = contract.getBuyerNodeAddress().getFullAddress().contains(filterString);
                     isSellerOnion = contract.getSellerNodeAddress().getFullAddress().contains(filterString);
-                    matchesBuyersPaymentAccountData = contract.getBuyerPaymentAccountPayload().getPaymentDetails().contains(filterString);
-                    matchesSellersPaymentAccountData = contract.getSellerPaymentAccountPayload().getPaymentDetails().contains(filterString);
+                    matchesBuyersPaymentAccountData = contract.getBuyerPaymentAccountPayload() != null &&
+                            contract.getBuyerPaymentAccountPayload().getPaymentDetails().contains(filterString);
+                    matchesSellersPaymentAccountData = contract.getSellerPaymentAccountPayload() != null &&
+                            contract.getSellerPaymentAccountPayload().getPaymentDetails().contains(filterString);
                 }
                 return isBuyerOnion || isSellerOnion ||
                         matchesBuyersPaymentAccountData || matchesSellersPaymentAccountData;

diff --git a/desktop/src/main/java/bisq/desktop/main/portfolio/failedtrades/FailedTradesView.java b/desktop/src/main/java/bisq/desktop/main/portfolio/failedtrades/FailedTradesView.java
@@ -298,8 +298,10 @@ private void applyFilteredListPredicate(String filterString) {
             if (contract != null) {
                 isBuyerOnion = contract.getBuyerNodeAddress().getFullAddress().contains(filterString);
                 isSellerOnion = contract.getSellerNodeAddress().getFullAddress().contains(filterString);
-                matchesBuyersPaymentAccountData = contract.getBuyerPaymentAccountPayload().getPaymentDetails().contains(filterString);
-                matchesSellersPaymentAccountData = contract.getSellerPaymentAccountPayload().getPaymentDetails().contains(filterString);
+                matchesBuyersPaymentAccountData = contract.getBuyerPaymentAccountPayload() != null &&
+                        contract.getBuyerPaymentAccountPayload().getPaymentDetails().contains(filterString);
+                matchesSellersPaymentAccountData = contract.getSellerPaymentAccountPayload() != null &&
+                        contract.getSellerPaymentAccountPayload().getPaymentDetails().contains(filterString);
             }
             return isBuyerOnion || isSellerOnion ||
                     matchesBuyersPaymentAccountData || matchesSellersPaymentAccountData;

diff --git a/...src/main/java/bisq/desktop/main/portfolio/pendingtrades/steps/seller/SellerStep3View.java b/...src/main/java/bisq/desktop/main/portfolio/pendingtrades/steps/seller/SellerStep3View.java
@@ -221,15 +221,18 @@ protected void addContent() {
                     // Not expected
                     myPaymentDetails = ((AssetsAccountPayload) myPaymentAccountPayload).getAddress();
                 }
-                peersPaymentDetails = ((AssetsAccountPayload) peersPaymentAccountPayload).getAddress();
+                peersPaymentDetails = peersPaymentAccountPayload != null ?
+                        ((AssetsAccountPayload) peersPaymentAccountPayload).getAddress() : "NA";
                 myTitle = Res.get("portfolio.pending.step3_seller.yourAddress", currencyName);
                 peersTitle = Res.get("portfolio.pending.step3_seller.buyersAddress", currencyName);
             } else {
                 if (myPaymentDetails.isEmpty()) {
                     // Not expected
-                    myPaymentDetails = myPaymentAccountPayload.getPaymentDetails();
+                    myPaymentDetails = myPaymentAccountPayload != null ?
+                            myPaymentAccountPayload.getPaymentDetails() : "NA";
                 }
-                peersPaymentDetails = peersPaymentAccountPayload.getPaymentDetails();
+                peersPaymentDetails = peersPaymentAccountPayload != null ?
+                        peersPaymentAccountPayload.getPaymentDetails() : "NA";
                 myTitle = Res.get("portfolio.pending.step3_seller.yourAccount");
                 peersTitle = Res.get("portfolio.pending.step3_seller.buyersAccount");
             }

diff --git a/desktop/src/main/java/bisq/desktop/main/support/dispute/DisputeView.java b/desktop/src/main/java/bisq/desktop/main/support/dispute/DisputeView.java
@@ -464,11 +464,13 @@ protected FilterResult getFilterResult(Dispute dispute, String filterTerm) {
             return FilterResult.SELLER_NODE_ADDRESS;
         }
 
-        if (dispute.getContract().getBuyerPaymentAccountPayload().getPaymentDetails().toLowerCase().contains(filter)) {
+        if (dispute.getContract().getBuyerPaymentAccountPayload() != null &&
+                dispute.getContract().getBuyerPaymentAccountPayload().getPaymentDetails().toLowerCase().contains(filter)) {
             return FilterResult.BUYER_ACCOUNT_DETAILS;
         }
 
-        if (dispute.getContract().getSellerPaymentAccountPayload().getPaymentDetails().toLowerCase().contains(filter)) {
+        if (dispute.getContract().getSellerPaymentAccountPayload() != null &&
+                dispute.getContract().getSellerPaymentAccountPayload().getPaymentDetails().toLowerCase().contains(filter)) {
             return FilterResult.SELLER_ACCOUNT_DETAILS;
         }
 
@@ -780,11 +782,11 @@ private void showCompactReport() {
                         .append(")\n");
 
                 String buyerPaymentAccountPayload = Utilities.toTruncatedString(
-                        contract.getBuyerPaymentAccountPayload().getPaymentDetails().
-                                replace("\n", " ").replace(";", "."), 100);
+                        contract.getBuyerPaymentAccountPayload() != null ? contract.getBuyerPaymentAccountPayload().getPaymentDetails().
+                                replace("\n", " ").replace(";", ".") : "NA", 100);
                 String sellerPaymentAccountPayload = Utilities.toTruncatedString(
-                        contract.getSellerPaymentAccountPayload().getPaymentDetails()
-                                .replace("\n", " ").replace(";", "."), 100);
+                        contract.getSellerPaymentAccountPayload() != null ? contract.getSellerPaymentAccountPayload().getPaymentDetails()
+                                .replace("\n", " ").replace(";", ".") : "NA", 100);
                 String buyerNodeAddress = contract.getBuyerNodeAddress().getFullAddress();
                 String sellerNodeAddress = contract.getSellerNodeAddress().getFullAddress();
                 csvStringBuilder.append(currency).append(";")