diff --git a/api/default_networks.go b/api/default_networks.go index f617cebeefd..4227270987b 100644 --- a/api/default_networks.go +++ b/api/default_networks.go @@ -7,6 +7,7 @@ import ( "github.com/ethereum/go-ethereum/common" "github.com/status-im/status-go/params" "github.com/status-im/status-go/protocol/requests" + "github.com/status-im/status-go/internal/security" ) const ( @@ -26,12 +27,12 @@ func mainnet(stageName string) params.Network { return params.Network{ ChainID: mainnetChainID, ChainName: "Mainnet", - DefaultRPCURL: fmt.Sprintf("https://%s.api.status.im/nodefleet/ethereum/mainnet/", stageName), - DefaultFallbackURL: fmt.Sprintf("https://%s.api.status.im/infura/ethereum/mainnet/", stageName), - DefaultFallbackURL2: fmt.Sprintf("https://%s.api.status.im/grove/ethereum/mainnet/", stageName), - RPCURL: "https://mainnet.infura.io/v3/", - FallbackURL: "https://eth-archival.rpc.grove.city/v1/", - BlockExplorerURL: "https://etherscan.io/", + DefaultRPCURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/nodefleet/ethereum/mainnet/", stageName)), + DefaultFallbackURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/infura/ethereum/mainnet/", stageName)), + DefaultFallbackURL2: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/grove/ethereum/mainnet/", stageName)), + RPCURL: security.NewSensitiveString("https://mainnet.infura.io/v3/"), + FallbackURL: security.NewSensitiveString("https://eth-archival.rpc.grove.city/v1/"), + BlockExplorerURL: security.NewSensitiveString("https://etherscan.io/"), IconURL: "network/Network=Ethereum", ChainColor: "#627EEA", ShortName: "eth", @@ -49,12 +50,12 @@ func sepolia(stageName string) params.Network { return params.Network{ ChainID: sepoliaChainID, ChainName: "Mainnet", - DefaultRPCURL: fmt.Sprintf("https://%s.api.status.im/nodefleet/ethereum/sepolia/", stageName), - DefaultFallbackURL: fmt.Sprintf("https://%s.api.status.im/infura/ethereum/sepolia/", stageName), - DefaultFallbackURL2: fmt.Sprintf("https://%s.api.status.im/grove/ethereum/sepolia/", stageName), - RPCURL: "https://sepolia.infura.io/v3/", - FallbackURL: "https://sepolia-archival.rpc.grove.city/v1/", - BlockExplorerURL: "https://sepolia.etherscan.io/", + DefaultRPCURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/nodefleet/ethereum/sepolia/", stageName)), + DefaultFallbackURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/infura/ethereum/sepolia/", stageName)), + DefaultFallbackURL2: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/grove/ethereum/sepolia/", stageName)), + RPCURL: security.NewSensitiveString("https://sepolia.infura.io/v3/"), + FallbackURL: security.NewSensitiveString("https://sepolia-archival.rpc.grove.city/v1/"), + BlockExplorerURL: security.NewSensitiveString("https://sepolia.etherscan.io/"), IconURL: "network/Network=Ethereum", ChainColor: "#627EEA", ShortName: "eth", @@ -72,12 +73,12 @@ func optimism(stageName string) params.Network { return params.Network{ ChainID: optimismChainID, ChainName: "Optimism", - DefaultRPCURL: fmt.Sprintf("https://%s.api.status.im/nodefleet/optimism/mainnet/", stageName), - DefaultFallbackURL: fmt.Sprintf("https://%s.api.status.im/infura/optimism/mainnet/", stageName), - DefaultFallbackURL2: fmt.Sprintf("https://%s.api.status.im/grove/optimism/mainnet/", stageName), - RPCURL: "https://optimism-mainnet.infura.io/v3/", - FallbackURL: "https://optimism-archival.rpc.grove.city/v1/", - BlockExplorerURL: "https://optimistic.etherscan.io", + DefaultRPCURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/nodefleet/optimism/mainnet/", stageName)), + DefaultFallbackURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/infura/optimism/mainnet/", stageName)), + DefaultFallbackURL2: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/grove/optimism/mainnet/", stageName)), + RPCURL: security.NewSensitiveString("https://optimism-mainnet.infura.io/v3/"), + FallbackURL: security.NewSensitiveString("https://optimism-archival.rpc.grove.city/v1/"), + BlockExplorerURL: security.NewSensitiveString("https://optimistic.etherscan.io"), IconURL: "network/Network=Optimism", ChainColor: "#E90101", ShortName: "oeth", @@ -95,12 +96,12 @@ func optimismSepolia(stageName string) params.Network { return params.Network{ ChainID: optimismSepoliaChainID, ChainName: "Optimism", - DefaultRPCURL: fmt.Sprintf("https://%s.api.status.im/nodefleet/optimism/sepolia/", stageName), - DefaultFallbackURL: fmt.Sprintf("https://%s.api.status.im/infura/optimism/sepolia/", stageName), - DefaultFallbackURL2: fmt.Sprintf("https://%s.api.status.im/grove/optimism/sepolia/", stageName), - RPCURL: "https://optimism-sepolia.infura.io/v3/", - FallbackURL: "https://optimism-sepolia-archival.rpc.grove.city/v1/", - BlockExplorerURL: "https://sepolia-optimism.etherscan.io/", + DefaultRPCURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/nodefleet/optimism/sepolia/", stageName)), + DefaultFallbackURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/infura/optimism/sepolia/", stageName)), + DefaultFallbackURL2: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/grove/optimism/sepolia/", stageName)), + RPCURL: security.NewSensitiveString("https://optimism-sepolia.infura.io/v3/"), + FallbackURL: security.NewSensitiveString("https://optimism-sepolia-archival.rpc.grove.city/v1/"), + BlockExplorerURL: security.NewSensitiveString("https://sepolia-optimism.etherscan.io/"), IconURL: "network/Network=Optimism", ChainColor: "#E90101", ShortName: "oeth", @@ -118,12 +119,12 @@ func arbitrum(stageName string) params.Network { return params.Network{ ChainID: arbitrumChainID, ChainName: "Arbitrum", - DefaultRPCURL: fmt.Sprintf("https://%s.api.status.im/nodefleet/arbitrum/mainnet/", stageName), - DefaultFallbackURL: fmt.Sprintf("https://%s.api.status.im/infura/arbitrum/mainnet/", stageName), - DefaultFallbackURL2: fmt.Sprintf("https://%s.api.status.im/grove/arbitrum/mainnet/", stageName), - RPCURL: "https://arbitrum-mainnet.infura.io/v3/", - FallbackURL: "https://arbitrum-one.rpc.grove.city/v1/", - BlockExplorerURL: "https://arbiscan.io/", + DefaultRPCURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/nodefleet/arbitrum/mainnet/", stageName)), + DefaultFallbackURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/infura/arbitrum/mainnet/", stageName)), + DefaultFallbackURL2: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/grove/arbitrum/mainnet/", stageName)), + RPCURL: security.NewSensitiveString("https://arbitrum-mainnet.infura.io/v3/"), + FallbackURL: security.NewSensitiveString("https://arbitrum-one.rpc.grove.city/v1/"), + BlockExplorerURL: security.NewSensitiveString("https://arbiscan.io/"), IconURL: "network/Network=Arbitrum", ChainColor: "#51D0F0", ShortName: "arb1", @@ -141,12 +142,12 @@ func arbitrumSepolia(stageName string) params.Network { return params.Network{ ChainID: arbitrumSepoliaChainID, ChainName: "Arbitrum", - DefaultRPCURL: fmt.Sprintf("https://%s.api.status.im/nodefleet/arbitrum/sepolia/", stageName), - DefaultFallbackURL: fmt.Sprintf("https://%s.api.status.im/infura/arbitrum/sepolia/", stageName), - DefaultFallbackURL2: fmt.Sprintf("https://%s.api.status.im/grove/arbitrum/sepolia/", stageName), - RPCURL: "https://arbitrum-sepolia.infura.io/v3/", - FallbackURL: "https://arbitrum-sepolia-archival.rpc.grove.city/v1/", - BlockExplorerURL: "https://sepolia-explorer.arbitrum.io/", + DefaultRPCURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/nodefleet/arbitrum/sepolia/", stageName)), + DefaultFallbackURL: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/infura/arbitrum/sepolia/", stageName)), + DefaultFallbackURL2: security.NewSensitiveString(fmt.Sprintf("https://%s.api.status.im/grove/arbitrum/sepolia/", stageName)), + RPCURL: security.NewSensitiveString("https://arbitrum-sepolia.infura.io/v3/"), + FallbackURL: security.NewSensitiveString("https://arbitrum-sepolia-archival.rpc.grove.city/v1/"), + BlockExplorerURL: security.NewSensitiveString("https://sepolia-explorer.arbitrum.io/"), IconURL: "network/Network=Arbitrum", ChainColor: "#51D0F0", ShortName: "arb1", @@ -185,13 +186,15 @@ func setRPCs(networks []params.Network, request *requests.WalletSecretsConfig) [ grove = "grove.city/" ) - appendToken := func(url string) string { - if strings.Contains(url, infura) && !request.InfuraToken.Empty() { - return url + request.InfuraToken - } else if strings.Contains(url, grove) && request.PoktToken != "" { - return url + request.PoktToken + appendToken := func(url security.SensitiveString) security.SensitiveString { + urlRevealed := url.Reveal() + switch { + case strings.Contains(urlRevealed, infura) && !request.InfuraToken.Empty(): + urlRevealed += request.InfuraToken.Reveal() + case strings.Contains(urlRevealed, grove) && !request.PoktToken.Empty(): + urlRevealed += request.PoktToken.Reveal() } - return url + return security.NewSensitiveString(urlRevealed) } for _, n := range networks { @@ -201,7 +204,7 @@ func setRPCs(networks []params.Network, request *requests.WalletSecretsConfig) [ n.RPCURL = appendToken(n.RPCURL) n.FallbackURL = appendToken(n.FallbackURL) - if request.GanacheURL != "" { + if !request.GanacheURL.Empty() { n.RPCURL = request.GanacheURL n.FallbackURL = request.GanacheURL if n.ChainID == mainnetChainID { diff --git a/internal/security/sensitive_string.go b/internal/security/sensitive_string.go index 70387ed4e4a..0b29cde2a41 100644 --- a/internal/security/sensitive_string.go +++ b/internal/security/sensitive_string.go @@ -2,6 +2,7 @@ package security import ( "encoding/json" + "fmt" ) const RedactionPlaceholder = "***" @@ -20,6 +21,11 @@ func NewSensitiveString(value string) SensitiveString { return SensitiveString{value: value} } +func NewSensitiveStringPrintf(format string, args ...interface{}) SensitiveString { + str := fmt.Sprintf(format, args...) + return NewSensitiveString(str) +} + // String provides a redacted version of the sensitive string func (s SensitiveString) String() string { if s.value == "" { diff --git a/params/config.go b/params/config.go index 4a289bce1e9..6a6c64cecb2 100644 --- a/params/config.go +++ b/params/config.go @@ -521,27 +521,27 @@ type TokenOverride struct { } type Network struct { - ChainID uint64 `json:"chainId"` - ChainName string `json:"chainName"` - DefaultRPCURL string `json:"defaultRpcUrl"` // proxy rpc url - DefaultFallbackURL string `json:"defaultFallbackURL"` // proxy fallback url - DefaultFallbackURL2 string `json:"defaultFallbackURL2"` // second proxy fallback url - RPCURL string `json:"rpcUrl"` - OriginalRPCURL string `json:"originalRpcUrl"` - FallbackURL string `json:"fallbackURL"` - OriginalFallbackURL string `json:"originalFallbackURL"` - BlockExplorerURL string `json:"blockExplorerUrl,omitempty"` - IconURL string `json:"iconUrl,omitempty"` - NativeCurrencyName string `json:"nativeCurrencyName,omitempty"` - NativeCurrencySymbol string `json:"nativeCurrencySymbol,omitempty"` - NativeCurrencyDecimals uint64 `json:"nativeCurrencyDecimals"` - IsTest bool `json:"isTest"` - Layer uint64 `json:"layer"` - Enabled bool `json:"enabled"` - ChainColor string `json:"chainColor"` - ShortName string `json:"shortName"` - TokenOverrides []TokenOverride `json:"tokenOverrides"` - RelatedChainID uint64 `json:"relatedChainId"` + ChainID uint64 `json:"chainId"` + ChainName string `json:"chainName"` + DefaultRPCURL security.SensitiveString `json:"defaultRpcUrl"` // proxy rpc url + DefaultFallbackURL security.SensitiveString `json:"defaultFallbackURL"` // proxy fallback url + DefaultFallbackURL2 security.SensitiveString `json:"defaultFallbackURL2"` // second proxy fallback url + RPCURL security.SensitiveString `json:"rpcUrl"` + OriginalRPCURL security.SensitiveString `json:"originalRpcUrl"` + FallbackURL security.SensitiveString `json:"fallbackURL"` + OriginalFallbackURL security.SensitiveString `json:"originalFallbackURL"` + BlockExplorerURL security.SensitiveString `json:"blockExplorerUrl,omitempty"` + IconURL string `json:"iconUrl,omitempty"` + NativeCurrencyName string `json:"nativeCurrencyName,omitempty"` + NativeCurrencySymbol string `json:"nativeCurrencySymbol,omitempty"` + NativeCurrencyDecimals uint64 `json:"nativeCurrencyDecimals"` + IsTest bool `json:"isTest"` + Layer uint64 `json:"layer"` + Enabled bool `json:"enabled"` + ChainColor string `json:"chainColor"` + ShortName string `json:"shortName"` + TokenOverrides []TokenOverride `json:"tokenOverrides"` + RelatedChainID uint64 `json:"relatedChainId"` } // WalletConfig extra configuration for wallet.Service. diff --git a/protocol/requests/create_account.go b/protocol/requests/create_account.go index e4c24e75923..daea4d6995d 100644 --- a/protocol/requests/create_account.go +++ b/protocol/requests/create_account.go @@ -90,7 +90,7 @@ type CreateAccount struct { } type WalletSecretsConfig struct { - PoktToken string `json:"poktToken"` + PoktToken security.SensitiveString `json:"poktToken"` InfuraToken security.SensitiveString `json:"infuraToken"` InfuraSecret security.SensitiveString `json:"infuraSecret"` OpenseaAPIKey security.SensitiveString `json:"openseaApiKey"` @@ -111,7 +111,7 @@ type WalletSecretsConfig struct { StatusProxyBlockchainPassword security.SensitiveString `json:"statusProxyBlockchainPassword"` // Testing - GanacheURL string `json:"ganacheURL"` + GanacheURL security.SensitiveString `json:"ganacheURL"` } func (c *CreateAccount) Validate(validation *CreateAccountValidation) error { diff --git a/rpc/network/network.go b/rpc/network/network.go index dfab0efb839..bbfaf63255d 100644 --- a/rpc/network/network.go +++ b/rpc/network/network.go @@ -9,6 +9,7 @@ import ( "github.com/status-im/status-go/multiaccounts/accounts" "github.com/status-im/status-go/params" + "github.com/status-im/status-go/internal/security" ) var SepoliaChainIDs = []uint64{11155111, 421614, 11155420} @@ -193,9 +194,22 @@ func (nm *Manager) Init(networks []params.Network) error { func (nm *Manager) Upsert(network *params.Network) error { _, err := nm.db.Exec( "INSERT OR REPLACE INTO networks (chain_id, chain_name, rpc_url, original_rpc_url, fallback_url, original_fallback_url, block_explorer_url, icon_url, native_currency_name, native_currency_symbol, native_currency_decimals, is_test, layer, enabled, chain_color, short_name, related_chain_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", - network.ChainID, network.ChainName, network.RPCURL, network.OriginalRPCURL, network.FallbackURL, network.OriginalFallbackURL, network.BlockExplorerURL, network.IconURL, - network.NativeCurrencyName, network.NativeCurrencySymbol, network.NativeCurrencyDecimals, - network.IsTest, network.Layer, network.Enabled, network.ChainColor, network.ShortName, + network.ChainID, + network.ChainName, + network.RPCURL.Reveal(), + network.OriginalRPCURL.Reveal(), + network.FallbackURL.Reveal(), + network.OriginalFallbackURL.Reveal(), + network.BlockExplorerURL.Reveal(), + network.IconURL, + network.NativeCurrencyName, + network.NativeCurrencySymbol, + network.NativeCurrencyDecimals, + network.IsTest, + network.Layer, + network.Enabled, + network.ChainColor, + network.ShortName, network.RelatedChainID, ) return err @@ -211,18 +225,21 @@ func (nm *Manager) UpdateRelatedChainID(chainID uint64, relatedChainID uint64) e return err } -func (nm *Manager) updateRPCURL(chainID uint64, rpcURL string) error { - _, err := nm.db.Exec(`UPDATE networks SET rpc_url = ? WHERE chain_id = ?`, rpcURL, chainID) +func (nm *Manager) updateRPCURL(chainID uint64, rpcURL security.SensitiveString) error { + _, err := nm.db.Exec(`UPDATE networks SET rpc_url = ? WHERE chain_id = ?`, rpcURL.Reveal(), chainID) return err } -func (nm *Manager) updateFallbackURL(chainID uint64, fallbackURL string) error { - _, err := nm.db.Exec(`UPDATE networks SET fallback_url = ? WHERE chain_id = ?`, fallbackURL, chainID) +func (nm *Manager) updateFallbackURL(chainID uint64, fallbackURL security.SensitiveString) error { + _, err := nm.db.Exec(`UPDATE networks SET fallback_url = ? WHERE chain_id = ?`, fallbackURL.Reveal(), chainID) return err } -func (nm *Manager) updateOriginalURLs(chainID uint64, originalRPCURL, OriginalFallbackURL string) error { - _, err := nm.db.Exec(`UPDATE networks SET original_rpc_url = ?, original_fallback_url = ? WHERE chain_id = ?`, originalRPCURL, OriginalFallbackURL, chainID) +func (nm *Manager) updateOriginalURLs(chainID uint64, originalRPCURL, OriginalFallbackURL security.SensitiveString) error { + _, err := nm.db.Exec(`UPDATE networks SET original_rpc_url = ?, original_fallback_url = ? WHERE chain_id = ?`, + originalRPCURL.Reveal(), + OriginalFallbackURL.Reveal(), + chainID) return err }