feat(ens): adding timestamp threshold check (#491)

reown-com · Jan 25, 2024 · 58bed27 · 58bed27
1 parent 50437c4
commit 58bed27
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 3 deletions.
diff --git a/integration/integration.test.ts b/integration/integration.test.ts
@@ -152,7 +152,7 @@ describe('blockchain api', () => {
     const messageObject = {
         name,
         address,
-        timestamp: Date.now()
+        timestamp: Math.round(Date.now() / 1000)
     };
     const message = JSON.stringify(messageObject);
 

diff --git a/src/handlers/profile/mod.rs b/src/handlers/profile/mod.rs
@@ -1,13 +1,19 @@
 use {
     ethers::types::H160,
     serde::{Deserialize, Serialize},
-    std::str::FromStr,
+    std::{
+        str::FromStr,
+        time::{SystemTime, UNIX_EPOCH},
+    },
+    tap::TapFallible,
 };
 
 pub mod lookup;
 pub mod register;
 pub mod reverse;
 
+pub const UNIXTIMESTAMP_SYNC_THRESHOLD: u64 = 10;
+
 /// Payload to register domain name that should be serialized to JSON
 /// and passed to the RegisterRequest.message
 #[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize)]
@@ -47,6 +53,19 @@ pub fn verify_message_signature(
     }
 }
 
+/// Check if the given unixtimestamp is within the threshold interval relative
+/// to the current time
+#[tracing::instrument(level = "debug")]
+pub fn is_timestamp_within_interval(unix_timestamp: u64, threshold_interval: u64) -> bool {
+    let now = SystemTime::now()
+        .duration_since(UNIX_EPOCH)
+        .tap_err(|_| tracing::error!("SystemTime before UNIX EPOCH!"))
+        .unwrap_or_default()
+        .as_secs();
+
+    unix_timestamp >= (now - threshold_interval) && unix_timestamp <= (now + threshold_interval)
+}
+
 #[cfg(test)]
 mod tests {
     use {super::*, ethers::types::H160, std::str::FromStr};
@@ -84,4 +103,35 @@ mod tests {
         assert!(result.is_ok());
         assert!(!result.unwrap());
     }
+
+    #[test]
+    fn test_verify_is_timestamp_within_interval_valid() {
+        let threshold_interval = 10;
+        let now = SystemTime::now()
+            .duration_since(UNIX_EPOCH)
+            .tap_err(|_| tracing::error!("SystemTime before UNIX EPOCH!"))
+            .unwrap_or_default()
+            .as_secs();
+        assert!(is_timestamp_within_interval(now, threshold_interval));
+    }
+
+    #[test]
+    fn test_verify_is_timestamp_within_interval_invalid() {
+        let threshold_interval = 10;
+        let now = SystemTime::now()
+            .duration_since(UNIX_EPOCH)
+            .tap_err(|_| tracing::error!("SystemTime before UNIX EPOCH!"))
+            .unwrap_or_default()
+            .as_secs();
+        // Upper bound reached
+        assert!(!is_timestamp_within_interval(
+            now + threshold_interval + 1,
+            threshold_interval
+        ));
+        // Lower bound reached
+        assert!(!is_timestamp_within_interval(
+            now - threshold_interval - 1,
+            threshold_interval
+        ));
+    }
 }
diff --git a/src/handlers/profile/register.rs b/src/handlers/profile/register.rs
@@ -1,9 +1,11 @@
 use {
     super::{
         super::HANDLER_TASK_METRICS,
+        is_timestamp_within_interval,
         verify_message_signature,
         RegisterPayload,
         RegisterRequest,
+        UNIXTIMESTAMP_SYNC_THRESHOLD,
     },
     crate::{
         database::{
@@ -85,7 +87,14 @@ pub async fn handler_internal(
         return Ok((StatusCode::BAD_REQUEST, "Name is already registered").into_response());
     };
 
-    // TODO: Check the timestamp within 5-10 minutes ttl
+    // Check the timestamp is within the sync threshold interval
+    if !is_timestamp_within_interval(payload.timestamp, UNIXTIMESTAMP_SYNC_THRESHOLD) {
+        return Ok((
+            StatusCode::BAD_REQUEST,
+            "Timestamp is too old or in the future",
+        )
+            .into_response());
+    }
 
     let owner = match ethers::types::H160::from_str(&register_request.address) {
         Ok(owner) => owner,