RanchiMall/tonwallet
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance input validation for TON/FLO/BTC private keys

Browse Source
This commit is contained in:
void-57 2025-10-14 12:28:25 +05:30
parent e12d9e4391
commit 4f27833ec0
1 changed files with 15 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
index.html
View File

@ -348,7 +348,7 @@
type="text" type="text"
id="transactionInput" id="transactionInput"
class="form-input" class="form-input"
placeholder="Enter TON address, private key, or transaction hash" placeholder="Enter TON address or private key (TON/FLO/BTC)"
/> />
<button <button
type="button" type="button"
@ -2344,25 +2344,19 @@
return true; return true;
} }
const base58Regex = // Check for TON/FLO/BTC private key format (WIF - Wallet Import Format)
/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/; const base58Regex = /^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/;
if ( if (base58Regex.test(input) && input.length >= 51 && input.length <= 56) {
base58Regex.test(input) && // Only accept private keys with specific prefixes that can be converted to TON
input.length >= 51 && const validPrivateKeyPrefixes = ['R',, 'K', 'L', 'T'];
input.length <= 56 if (validPrivateKeyPrefixes.some(prefix => input.startsWith(prefix))) {
) { return true;
return true; }
return false; // Reject other Base58 strings (like BTC addresses)
} }
if (input.length === 44 && /^[A-Za-z0-9+/]{43}=?$/.test(input)) { // Reject any other input format
return false; return false;
}
if (input.length < 32 || input.length > 128) {
return false;
}
return true;
} }
// Enhanced transaction loading with multi-chain support // Enhanced transaction loading with multi-chain support
@ -2414,8 +2408,7 @@
<p>The input doesn't appear to be a valid TON address or private key.</p> <p>The input doesn't appear to be a valid TON address or private key.</p>
<p>Please enter:</p> <p>Please enter:</p>
<ul style="margin: 0.5rem 0; padding-left: 1.5rem;"> <ul style="margin: 0.5rem 0; padding-left: 1.5rem;">
<li>A TON address (starts with EQ, UQ, or kQ)</li> <li>A TON address (starts with EQ, UQ)</li>
<li>A hex private key (64 or 128 characters)</li>
<li>A TON/FLO/BTC private key</li> <li>A TON/FLO/BTC private key</li>
</ul> </ul>
</div> </div>
@ -2459,11 +2452,13 @@
tonPrivateKey tonPrivateKey
); );
finalAddress = address.toString(true, true, true); finalAddress = address.toString(true, true, true);
finalAddress = await convertTob64(finalAddress);
} else { } else {
// Try multi-chain conversion (TON/FLO/BTC) // Try multi-chain conversion (TON/FLO/BTC)
const walletData = await tonCrypto.recoverFromInput(input); const walletData = await tonCrypto.recoverFromInput(input);
if (walletData.TON && walletData.TON.address) { if (walletData.TON && walletData.TON.address) {
finalAddress = walletData.TON.address; finalAddress = walletData.TON.address;
finalAddress = await convertTob64(finalAddress);
} else { } else {
throw new Error( throw new Error(
"Invalid input: not a valid TON address or private key" "Invalid input: not a valid TON address or private key"