RanchiMall/tonwallet
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance private key validation for wallet recovery and improve error messaging

Browse Source
This commit is contained in:
void-57 2025-10-14 13:31:24 +05:30
parent bb30be548a
commit c40e09a794
1 changed files with 67 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
index.html
View File

@ -2345,11 +2345,18 @@
} }
// Check for TON/FLO/BTC private key format (WIF - Wallet Import Format) // Check for TON/FLO/BTC private key format (WIF - Wallet Import Format)
const base58Regex = /^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/; const base58Regex =
if (base58Regex.test(input) && input.length >= 51 && input.length <= 56) { /^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/;
if (
base58Regex.test(input) &&
input.length >= 51 &&
input.length <= 56
) {
// Only accept private keys with specific prefixes that can be converted to TON // Only accept private keys with specific prefixes that can be converted to TON
const validPrivateKeyPrefixes = ['R',, 'K', 'L', 'T']; const validPrivateKeyPrefixes = ["R", "K", "L", "T"];
if (validPrivateKeyPrefixes.some(prefix => input.startsWith(prefix))) { if (
validPrivateKeyPrefixes.some((prefix) => input.startsWith(prefix))
) {
return true; return true;
} }
return false; // Reject other Base58 strings (like BTC addresses) return false; // Reject other Base58 strings (like BTC addresses)
@ -2898,6 +2905,34 @@
} }
} }
// Validation function for recover wallet (only private keys,)
function isValidRecoverPrivateKey(input) {
// Check if it's a hex private key (64 or 128 characters) - TON format
const hexOnly = /^[0-9a-fA-F]+$/.test(input);
if (hexOnly && (input.length === 64 || input.length === 128)) {
return true;
}
// Check for TON/FLO/BTC private key format (WIF - Wallet Import Format)
const base58Regex =
/^[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+$/;
if (
base58Regex.test(input) &&
input.length >= 51 &&
input.length <= 56
) {
// Only accept private keys with specific prefixes for TON/FLO/BTC
const validPrivateKeyPrefixes = ["R", "K", "L", "T"];
if (
validPrivateKeyPrefixes.some((prefix) => input.startsWith(prefix))
) {
return true;
}
}
return false;
}
// Recover wallet functionality // Recover wallet functionality
async function recoverWallet() { async function recoverWallet() {
const privateKeyInput = document const privateKeyInput = document
@ -2913,6 +2948,27 @@
return; return;
} }
// Validate private key format
if (!isValidRecoverPrivateKey(privateKeyInput)) {
output.innerHTML = `
<div class="error-state">
<div class="error-icon">
<i class="fas fa-exclamation-triangle"></i>
</div>
<div class="error-message">
<h3>Invalid Private Key Format</h3>
<p>Please enter a valid private key (TON/FLO/BTC format).</p>
<p>Addresses and other formats are not supported.</p>
</div>
</div>
`;
showNotification(
"Invalid private key format - only TON/FLO/BTC private keys supported",
"error"
);
return;
}
// Show loading state // Show loading state
const originalHTML = button.innerHTML; const originalHTML = button.innerHTML;
button.disabled = true; button.disabled = true;
@ -3045,11 +3101,15 @@
</div> </div>
<div class="error-message"> <div class="error-message">
<h3>Recovery Failed</h3> <h3>Recovery Failed</h3>
<p>Please check that you've entered a valid private key in the correct format.</p> <p>Unable to recover address from the provided private key. Please ensure you've entered a valid TON/FLO/BTC private key.</p>
</div> </div>
</div> </div>
`; `;
showNotification("Failed to recover ", "error"); showNotification(
"Failed to recover address from private key",
"error"
);
} finally { } finally {
button.disabled = false; button.disabled = false;
button.innerHTML = originalHTML; button.innerHTML = originalHTML;