From f285130f63f4ef8b1d8c94605ee5eb069c7eca19 Mon Sep 17 00:00:00 2001
From: Ed Zynda <ezynda3@gmail.com>
Date: Tue, 26 Nov 2024 12:57:02 +0300
Subject: [PATCH] prevent empty non-evm addresses

---
 src/Facets/RelayFacet.sol             |  8 ++++++++
 test/solidity/Facets/RelayFacet.t.sol | 24 ++++++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/src/Facets/RelayFacet.sol b/src/Facets/RelayFacet.sol
index 1b23ee53..2ea512b5 100644
--- a/src/Facets/RelayFacet.sol
+++ b/src/Facets/RelayFacet.sol
@@ -64,6 +64,14 @@ contract RelayFacet is ILiFi, ReentrancyGuard, SwapperV2, Validatable {
             revert InvalidQuote();
         }
 
+        // Ensure nonEVMAddress is not empty
+        if (
+            _bridgeData.receiver == LibAsset.NON_EVM_ADDRESS &&
+            _relayData.nonEVMReceiver == bytes32(0)
+        ) {
+            revert InvalidQuote();
+        }
+
         // Verify that the bridging quote has been signed by the Relay solver
         // as attested using the attestation API
         // API URL: https://api.relay.link/requests/{requestId}/signature/v2
diff --git a/test/solidity/Facets/RelayFacet.t.sol b/test/solidity/Facets/RelayFacet.t.sol
index cfd81689..c444ce38 100644
--- a/test/solidity/Facets/RelayFacet.t.sol
+++ b/test/solidity/Facets/RelayFacet.t.sol
@@ -175,6 +175,30 @@ contract RelayFacetTest is TestBaseFacet {
         vm.stopPrank();
     }
 
+    function testRevert_WhenUsingEmptyNonEVMAddress() public virtual {
+        bridgeData.receiver = LibAsset.NON_EVM_ADDRESS;
+        bridgeData.destinationChainId = 1151111081099710;
+        validRelayData = RelayFacet.RelayData({
+            requestId: bytes32("1234"),
+            nonEVMReceiver: bytes32(0), // DEV Wallet
+            receivingAssetId: bytes32(
+                abi.encodePacked(
+                    "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v"
+                )
+            ), // Solana USDC
+            signature: ""
+        });
+
+        vm.startPrank(USER_SENDER);
+
+        // approval
+        usdc.approve(_facetTestContractAddress, bridgeData.minAmount);
+
+        vm.expectRevert(InvalidQuote.selector);
+        initiateBridgeTxWithFacet(false);
+        vm.stopPrank();
+    }
+
     function testRevert_WhenReplayingTransactionIds() public virtual {
         relayFacet.setConsumedId(validRelayData.requestId);
         bridgeData.receiver = LibAsset.NON_EVM_ADDRESS;