From 0b208f117aed7a963321be9f69e0a9b5fe5409f7 Mon Sep 17 00:00:00 2001
From: Denis Fadeev <denis@fadeev.org>
Date: Fri, 20 Dec 2024 14:08:16 +0300
Subject: [PATCH] fix: address validation (#28)

---
 contracts/nft/tasks/connectedSetUniversal.ts   |  5 +++++
 contracts/nft/tasks/deploy.ts                  |  8 ++++++++
 contracts/nft/tasks/mint.ts                    |  6 ++++++
 contracts/nft/tasks/transfer.ts                |  7 +++++++
 contracts/nft/tasks/universalSetConnected.ts   |  9 +++++++++
 contracts/token/tasks/connectedSetUniversal.ts |  6 ++++++
 contracts/token/tasks/deploy.ts                |  9 +++++++++
 contracts/token/tasks/mint.ts                  |  6 ++++++
 contracts/token/tasks/transfer.ts              |  6 ++++++
 contracts/token/tasks/universalSetConnected.ts | 10 ++++++++++
 10 files changed, 72 insertions(+)

diff --git a/contracts/nft/tasks/connectedSetUniversal.ts b/contracts/nft/tasks/connectedSetUniversal.ts
index 7f99525..2bfd859 100644
--- a/contracts/nft/tasks/connectedSetUniversal.ts
+++ b/contracts/nft/tasks/connectedSetUniversal.ts
@@ -3,6 +3,7 @@ import { HardhatRuntimeEnvironment } from "hardhat/types";
 import { EVMUniversalNFT } from "@/typechain-types";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
   const [signer] = await hre.ethers.getSigners();
   if (!signer) {
     throw new Error(
@@ -10,6 +11,10 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (!isAddress(args.contract) || !isAddress(args.universal)) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const contract: EVMUniversalNFT = await hre.ethers.getContractAt(
     "EVMUniversalNFT",
     args.contract
diff --git a/contracts/nft/tasks/deploy.ts b/contracts/nft/tasks/deploy.ts
index 5a4d6bc..786f5ce 100644
--- a/contracts/nft/tasks/deploy.ts
+++ b/contracts/nft/tasks/deploy.ts
@@ -2,6 +2,7 @@ import { task, types } from "hardhat/config";
 import { HardhatRuntimeEnvironment } from "hardhat/types";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
   const network = hre.network.name;
 
   const [signer] = await hre.ethers.getSigners();
@@ -11,6 +12,13 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (
+    !isAddress(args.gateway) ||
+    (args.uniswapRouter && !isAddress(args.uniswapRouter))
+  ) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const factory: any = await hre.ethers.getContractFactory(args.name);
 
   const contract = await hre.upgrades.deployProxy(factory, [
diff --git a/contracts/nft/tasks/mint.ts b/contracts/nft/tasks/mint.ts
index 58a5e93..f7f6b90 100644
--- a/contracts/nft/tasks/mint.ts
+++ b/contracts/nft/tasks/mint.ts
@@ -3,6 +3,8 @@ import { HardhatRuntimeEnvironment } from "hardhat/types";
 import isURL from "validator/lib/isURL";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
+
   const [signer] = await hre.ethers.getSigners();
   if (signer === undefined) {
     throw new Error(
@@ -10,6 +12,10 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (!isAddress(args.contract)) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const supportedProtocols = ["https", "ipfs"];
 
   const isValidTokenUri = isURL(args.tokenUri, {
diff --git a/contracts/nft/tasks/transfer.ts b/contracts/nft/tasks/transfer.ts
index 70ea8b6..f68a18b 100644
--- a/contracts/nft/tasks/transfer.ts
+++ b/contracts/nft/tasks/transfer.ts
@@ -4,6 +4,13 @@ import { HardhatRuntimeEnvironment } from "hardhat/types";
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
   const { ethers } = hre;
   const [signer] = await ethers.getSigners();
+
+  const { isAddress } = hre.ethers.utils;
+
+  if (!isAddress(args.to) || !isAddress(args.revertAddress)) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const nftContract = await ethers.getContractAt("IERC721", args.from);
   const approveTx = await nftContract
     .connect(signer)
diff --git a/contracts/nft/tasks/universalSetConnected.ts b/contracts/nft/tasks/universalSetConnected.ts
index 50ed651..2c89a03 100644
--- a/contracts/nft/tasks/universalSetConnected.ts
+++ b/contracts/nft/tasks/universalSetConnected.ts
@@ -3,6 +3,7 @@ import { HardhatRuntimeEnvironment } from "hardhat/types";
 import { ZetaChainUniversalNFT } from "@/typechain-types";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
   const [signer] = await hre.ethers.getSigners();
   if (!signer) {
     throw new Error(
@@ -10,6 +11,14 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (
+    !isAddress(args.contract) ||
+    !isAddress(args.zrc20) ||
+    !isAddress(args.connected)
+  ) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const contract: ZetaChainUniversalNFT = await hre.ethers.getContractAt(
     "ZetaChainUniversalNFT",
     args.contract
diff --git a/contracts/token/tasks/connectedSetUniversal.ts b/contracts/token/tasks/connectedSetUniversal.ts
index 453a78a..e1145f0 100644
--- a/contracts/token/tasks/connectedSetUniversal.ts
+++ b/contracts/token/tasks/connectedSetUniversal.ts
@@ -3,6 +3,8 @@ import { HardhatRuntimeEnvironment } from "hardhat/types";
 import { EVMUniversalToken } from "../typechain-types";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
+
   const [signer] = await hre.ethers.getSigners();
   if (!signer) {
     throw new Error(
@@ -10,6 +12,10 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (!isAddress(args.contract) || !isAddress(args.universal)) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const contract: EVMUniversalToken = await hre.ethers.getContractAt(
     "EVMUniversalToken",
     args.contract
diff --git a/contracts/token/tasks/deploy.ts b/contracts/token/tasks/deploy.ts
index 88ac064..56d7848 100644
--- a/contracts/token/tasks/deploy.ts
+++ b/contracts/token/tasks/deploy.ts
@@ -2,6 +2,8 @@ import { task, types } from "hardhat/config";
 import { HardhatRuntimeEnvironment } from "hardhat/types";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
+
   const network = hre.network.name;
 
   const [signer] = await hre.ethers.getSigners();
@@ -11,6 +13,13 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (
+    !isAddress(args.gateway) ||
+    (args.uniswapRouter && !isAddress(args.uniswapRouter))
+  ) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const factory: any = await hre.ethers.getContractFactory(args.name);
 
   const contract = await hre.upgrades.deployProxy(factory, [
diff --git a/contracts/token/tasks/mint.ts b/contracts/token/tasks/mint.ts
index 221c98b..1f3b185 100644
--- a/contracts/token/tasks/mint.ts
+++ b/contracts/token/tasks/mint.ts
@@ -2,6 +2,8 @@ import { task } from "hardhat/config";
 import { HardhatRuntimeEnvironment } from "hardhat/types";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
+
   const [signer] = await hre.ethers.getSigners();
   if (signer === undefined) {
     throw new Error(
@@ -9,6 +11,10 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (!isAddress(args.contract)) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const contract: any = await hre.ethers.getContractAt(
     args.name,
     args.contract
diff --git a/contracts/token/tasks/transfer.ts b/contracts/token/tasks/transfer.ts
index 884e401..b5cc2b7 100644
--- a/contracts/token/tasks/transfer.ts
+++ b/contracts/token/tasks/transfer.ts
@@ -5,6 +5,12 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
   const { ethers } = hre;
   const [signer] = await ethers.getSigners();
 
+  const { isAddress } = hre.ethers.utils;
+
+  if (!isAddress(args.to) || !isAddress(args.revertAddress)) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const txOptions = {
     gasPrice: args.txOptionsGasPrice,
     gasLimit: args.txOptionsGasLimit,
diff --git a/contracts/token/tasks/universalSetConnected.ts b/contracts/token/tasks/universalSetConnected.ts
index 8aaeab8..9dc352b 100644
--- a/contracts/token/tasks/universalSetConnected.ts
+++ b/contracts/token/tasks/universalSetConnected.ts
@@ -3,6 +3,8 @@ import { HardhatRuntimeEnvironment } from "hardhat/types";
 import { ZetaChainUniversalToken } from "../typechain-types";
 
 const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
+  const { isAddress } = hre.ethers.utils;
+
   const [signer] = await hre.ethers.getSigners();
   if (!signer) {
     throw new Error(
@@ -10,6 +12,14 @@ const main = async (args: any, hre: HardhatRuntimeEnvironment) => {
     );
   }
 
+  if (
+    !isAddress(args.contract) ||
+    !isAddress(args.zrc20) ||
+    !isAddress(args.connected)
+  ) {
+    throw new Error("Invalid Ethereum address provided.");
+  }
+
   const contract: ZetaChainUniversalToken = await hre.ethers.getContractAt(
     "ZetaChainUniversalToken",
     args.contract