diff --git a/packages/komodo_defi_framework/app_build/build_config.json b/packages/komodo_defi_framework/app_build/build_config.json index a7839b1..c6427da 100644 --- a/packages/komodo_defi_framework/app_build/build_config.json +++ b/packages/komodo_defi_framework/app_build/build_config.json @@ -28,7 +28,7 @@ "coins": { "fetch_at_build_enabled": true, "update_commit_on_build": true, - "bundled_coins_repo_commit": "d7906da4ab0283ea7dcd22d8b5157a8a46eac0f2", + "bundled_coins_repo_commit": "642abea7172b81db24b16bffc13783b9a0e400f5", "coins_repo_api_url": "https://api.github.com/repos/KomodoPlatform/coins", "coins_repo_content_url": "https://komodoplatform.github.io/coins", "coins_repo_branch": "master", diff --git a/packages/komodo_defi_local_auth/lib/src/auth/auth_service.dart b/packages/komodo_defi_local_auth/lib/src/auth/auth_service.dart index 4404f7f..784ca73 100644 --- a/packages/komodo_defi_local_auth/lib/src/auth/auth_service.dart +++ b/packages/komodo_defi_local_auth/lib/src/auth/auth_service.dart @@ -111,9 +111,12 @@ class KdfAuthService implements IAuthService { } final storedUser = await _secureStorage.getUser(walletName); + if (storedUser == null) { + throw AuthException.notFound(); + } // If we know this is not a BIP39 seed, don't allow HD mode - if (storedUser?.isBip39Seed == false && + if (!storedUser.isBip39Seed && options.derivationMethod == DerivationMethod.hdWallet) { throw AuthException( 'Cannot use HD mode with non-BIP39 seed', diff --git a/packages/komodo_defi_local_auth/lib/src/auth/auth_service_auth_extension.dart b/packages/komodo_defi_local_auth/lib/src/auth/auth_service_auth_extension.dart index 9fa5de2..0d941ab 100644 --- a/packages/komodo_defi_local_auth/lib/src/auth/auth_service_auth_extension.dart +++ b/packages/komodo_defi_local_auth/lib/src/auth/auth_service_auth_extension.dart @@ -23,7 +23,10 @@ extension KdfAuthServiceAuthExtension on KdfAuthService { // For HD wallets, verify BIP39 compatibility if not already verified if (currentUser.isHd && !currentUser.isBip39Seed) { - currentUser = await _verifyBip39Compatibility(config, currentUser); + currentUser = await _verifyBip39Compatibility( + walletPassword: config.walletPassword, + currentUser, + ); } return currentUser; @@ -60,11 +63,18 @@ extension KdfAuthServiceAuthExtension on KdfAuthService { ); await _secureStorage.saveUser(currentUser); - if (currentUser.isHd && !currentUser.isBip39Seed) { - // Verify BIP39 compatibility for HD wallets after registration - // if verification fails, the user can still log into the wallet in legacy - // mode. - currentUser = await _verifyBip39Compatibility(config, currentUser); + try { + currentUser = await _verifyBip39Compatibility( + walletPassword: config.walletPassword, + currentUser, + ); + } on AuthException { + if (currentUser.isHd && !currentUser.isBip39Seed) { + // Verify BIP39 compatibility for HD wallets after registration + // if verification fails, the user can still log into the wallet in legacy + // mode. + rethrow; + } } return currentUser; @@ -78,9 +88,9 @@ extension KdfAuthServiceAuthExtension on KdfAuthService { /// so any atomic requirements need to be handled by the calling function. /// Throws [AuthException] if the seed is not a valid BIP39 seed phrase. Future _verifyBip39Compatibility( - KdfStartupConfig config, - KdfUser currentUser, - ) async { + KdfUser currentUser, { + required String? walletPassword, + }) async { var updatedUser = currentUser.copyWith(); bool isBip39; @@ -90,7 +100,7 @@ extension KdfAuthServiceAuthExtension on KdfAuthService { // [getActiveUser] function (or any others). It simply final plaintext = await _getMnemonic( encrypted: false, - walletPassword: config.walletPassword, + walletPassword: walletPassword, ); if (plaintext.plaintextMnemonic == null) { diff --git a/packages/komodo_defi_sdk/example/lib/main.dart b/packages/komodo_defi_sdk/example/lib/main.dart index 392ca2d..f6b976b 100644 --- a/packages/komodo_defi_sdk/example/lib/main.dart +++ b/packages/komodo_defi_sdk/example/lib/main.dart @@ -738,10 +738,6 @@ class _KomodoAppState extends State { return 'Please enter a ${fieldName ?? 'value'}.'; } - if (input.contains(RegExp('[<>&]'))) { - return "Invalid password: contains '<', '>', or '&'"; - } - return null; }