swap-fix (#78)

- Resolves a "key not found error" on the swap max limit node - Resolves double PIN requests when authorizing transactions #67 Reviewed-on: #78 Co-authored-by: alfred-mk <alfredmwaik@gmail.com> Co-committed-by: alfred-mk <alfredmwaik@gmail.com>
2025-06-03 09:19:13 +02:00 · 2025-06-03 09:19:13 +02:00 · 7228b818e3
commit 7228b818e3
parent fac703576f
6 changed files with 35 additions and 55 deletions
--- a/handlers/application/menuhandler.go
+++ b/handlers/application/menuhandler.go
@ -630,21 +630,11 @@ func (h *MenuHandlers) incrementIncorrectPINAttempts(ctx context.Context, sessio
 // resetIncorrectPINAttempts resets the number of incorrect PIN attempts after a correct PIN entry
 func (h *MenuHandlers) resetIncorrectPINAttempts(ctx context.Context, sessionId string) error {
 	store := h.userdataStore
-	currentWrongPinAttempts, err := store.ReadEntry(ctx, sessionId, storedb.DATA_INCORRECT_PIN_ATTEMPTS)
+	err := store.WriteEntry(ctx, sessionId, storedb.DATA_INCORRECT_PIN_ATTEMPTS, []byte(string("0")))
 	if err != nil {
-		if db.IsNotFound(err) {
-			return nil
-		}
+		logg.ErrorCtxf(ctx, "failed to reset incorrect PIN attempts ", "key", storedb.DATA_INCORRECT_PIN_ATTEMPTS, "error", err)
 		return err
 	}
-	currentWrongPinAttemptsCount, _ := strconv.ParseUint(string(currentWrongPinAttempts), 0, 64)
-	if currentWrongPinAttemptsCount <= uint64(pin.AllowedPINAttempts) {
-		err = store.WriteEntry(ctx, sessionId, storedb.DATA_INCORRECT_PIN_ATTEMPTS, []byte(string("0")))
-		if err != nil {
-			logg.ErrorCtxf(ctx, "failed to reset incorrect PIN attempts ", "key", storedb.DATA_INCORRECT_PIN_ATTEMPTS, "value", pin.AllowedPINAttempts, "error", err)
-			return err
-		}
-	}
 	return nil
 }

@ -1371,7 +1361,13 @@ func (h *MenuHandlers) Authorize(ctx context.Context, sym string, input []byte)
 	flag_incorrect_pin, _ := h.flagManager.GetFlag("flag_incorrect_pin")
 	flag_account_authorized, _ := h.flagManager.GetFlag("flag_account_authorized")
 	flag_allow_update, _ := h.flagManager.GetFlag("flag_allow_update")
-	flag_invalid_pin, _ := h.flagManager.GetFlag("flag_invalid_pin")
+
+	pinInput := string(input)
+
+	if !pin.IsValidPIN(pinInput) {
+		res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
+		return res, nil
+	}

 	store := h.userdataStore
 	AccountPin, err := store.ReadEntry(ctx, sessionId, storedb.DATA_ACCOUNT_PIN)
@ -1379,40 +1375,28 @@ func (h *MenuHandlers) Authorize(ctx context.Context, sym string, input []byte)
 		logg.ErrorCtxf(ctx, "failed to read AccountPin entry with", "key", storedb.DATA_ACCOUNT_PIN, "error", err)
 		return res, err
 	}
-	str := string(input)
-	_, err = strconv.Atoi(str)
-	if len(input) == 4 && err == nil {
-		if pin.VerifyPIN(string(AccountPin), string(input)) {
-			if h.st.MatchFlag(flag_account_authorized, false) {
-				res.FlagReset = append(res.FlagReset, flag_incorrect_pin)
-				res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
-				err := h.resetIncorrectPINAttempts(ctx, sessionId)
-				if err != nil {
-					return res, err
-				}
-			} else {
-				res.FlagSet = append(res.FlagSet, flag_allow_update)
-				res.FlagReset = append(res.FlagReset, flag_account_authorized)
-				err := h.resetIncorrectPINAttempts(ctx, sessionId)
-				if err != nil {
-					return res, err
-				}
-			}
-		} else {
-			err = h.incrementIncorrectPINAttempts(ctx, sessionId)
-			if err != nil {
-				return res, err
-			}
-			res.FlagSet = append(res.FlagSet, flag_incorrect_pin)
-			res.FlagReset = append(res.FlagReset, flag_account_authorized)
-			return res, nil
+
+	// verify that the user provided the correct PIN
+	if pin.VerifyPIN(string(AccountPin), pinInput) {
+		// set the required flags for a valid PIN
+		res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
+		res.FlagReset = append(res.FlagReset, flag_incorrect_pin)
+
+		err := h.resetIncorrectPINAttempts(ctx, sessionId)
+		if err != nil {
+			return res, err
 		}
 	} else {
-		if string(input) != "0" {
-			res.FlagSet = append(res.FlagSet, flag_invalid_pin)
+		// set the required flags for an incorrect PIN
+		res.FlagSet = append(res.FlagSet, flag_incorrect_pin)
+		res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
+
+		err = h.incrementIncorrectPINAttempts(ctx, sessionId)
+		if err != nil {
+			return res, err
 		}
-		return res, nil
 	}
+
 	return res, nil
 }

@ -2789,6 +2773,7 @@ func (h *MenuHandlers) LoadSwapToList(ctx context.Context, sym string, input []b
 	// Store all swap_to tokens data
 	dataMap := map[storedb.DataTyp]string{
 		storedb.DATA_POOL_TO_SYMBOLS:   data.Symbols,
+		storedb.DATA_POOL_TO_BALANCES:  data.Balances,
 		storedb.DATA_POOL_TO_DECIMALS:  data.Decimals,
 		storedb.DATA_POOL_TO_ADDRESSES: data.Addresses,
 	}
@ -2818,8 +2803,7 @@ func (h *MenuHandlers) SwapMaxLimit(ctx context.Context, sym string, input []byt
 	flag_api_error, _ := h.flagManager.GetFlag("flag_api_error")
 	flag_low_swap_amount, _ := h.flagManager.GetFlag("flag_low_swap_amount")

-	res.FlagReset = append(res.FlagReset, flag_incorrect_voucher)
-	res.FlagReset = append(res.FlagSet, flag_low_swap_amount)
+	res.FlagReset = append(res.FlagReset, flag_incorrect_voucher, flag_low_swap_amount)

 	inputStr := string(input)
 	if inputStr == "0" {
--- a/handlers/application/menuhandler_test.go
+++ b/handlers/application/menuhandler_test.go
@ -1116,7 +1116,6 @@ func TestAuthorize(t *testing.T) {
 	flag_incorrect_pin, _ := fm.GetFlag("flag_incorrect_pin")
 	flag_account_authorized, _ := fm.GetFlag("flag_account_authorized")
 	flag_allow_update, _ := fm.GetFlag("flag_allow_update")
-	flag_invalid_pin, _ := fm.GetFlag("flag_invalid_pin")

 	// Set 1234 is the correct account pin
 	accountPIN := "1234"
@ -1134,7 +1133,7 @@ func TestAuthorize(t *testing.T) {
 		expectedResult resource.Result
 	}{
 		{
-			name:  "Test with correct pin",
+			name:  "Test with correct PIN",
 			input: []byte("1234"),
 			expectedResult: resource.Result{
 				FlagReset: []uint32{flag_incorrect_pin},
@ -1142,18 +1141,18 @@ func TestAuthorize(t *testing.T) {
 			},
 		},
 		{
-			name:  "Test with incorrect pin",
+			name:  "Test with incorrect PIN",
 			input: []byte("1235"),
 			expectedResult: resource.Result{
-				FlagReset: []uint32{flag_account_authorized},
+				FlagReset: []uint32{flag_account_authorized, flag_allow_update},
 				FlagSet:   []uint32{flag_incorrect_pin},
 			},
 		},
 		{
-			name:  "Test with pin that is not a 4 digit",
+			name:  "Test with PIN that is not a 4 digit",
 			input: []byte("1235aqds"),
 			expectedResult: resource.Result{
-				FlagSet: []uint32{flag_invalid_pin},
+				FlagReset: []uint32{flag_account_authorized, flag_allow_update},
 			},
 		},
 	}
--- a/services/registration/swap_initiated.vis
+++ b/services/registration/swap_initiated.vis
@ -1,5 +1,4 @@
 LOAD reset_incorrect_pin 6
-CATCH incorrect_pin flag_incorrect_pin 1
 CATCH _ flag_account_authorized 0
 LOAD initiate_swap 0
 HALT
--- a/services/registration/swap_limit.vis
+++ b/services/registration/swap_limit.vis
@ -1,5 +1,3 @@
-RELOAD swap_max_limit
-CATCH api_failure flag_api_call_error 1
 MAP swap_max_limit
 MOUT back 0
 HALT
--- a/services/registration/swap_to_list.vis
+++ b/services/registration/swap_to_list.vis
@ -7,6 +7,7 @@ MOUT back 0
 HALT
 LOAD swap_max_limit 64
 RELOAD swap_max_limit
+CATCH api_failure flag_api_call_error 1
 CATCH . flag_incorrect_voucher 1
 CATCH low_swap_amount flag_low_swap_amount 1
 INCMP _ 0
--- a/services/registration/transaction_initiated.vis
+++ b/services/registration/transaction_initiated.vis
@ -1,5 +1,4 @@
 LOAD reset_incorrect_pin 6
-CATCH incorrect_pin flag_incorrect_pin 1
 CATCH _ flag_account_authorized 0
 RELOAD get_amount
 MAP get_amount