Skip to content
This repository was archived by the owner on Aug 5, 2025. It is now read-only.

Deployment Connect version 2.4.0 #1307

Open
yuli-ferna wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Deployment Connect version 2.4.0 #1307

yuli-ferna wants to merge 3 commits into from

Conversation

@yuli-ferna
Copy link
Contributor

@yuli-ferna yuli-ferna commented Mar 11, 2025

No description provided.

@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 11, 2025 18:11 — with GitHub Actions Inactive
@coworker-bot
Copy link

coworker-bot bot commented Mar 11, 2025

[github_XLabs/portal-bridge-ui#1307]
XLabs/portal-bridge-ui #1307

Change Summary:

  • Updated Wormhole SDK dependencies from version 1.11.0 to 1.13.1
  • Upgraded ethers library from version 5.6.8 to 6.4.2
  • Updated Wormhole Connect from version 2.3.0 to 2.4.0-beta.0-development
  • Modified address validation logic for Ethereum/EVM addresses
  • Updated package dependencies to be compatible with newer library versions

Risk Score: 5/10

  • Explanation: Moderate risk due to significant library upgrades and changes in address validation logic

Potential Vulnerabilities:
File: apps/connect/src/utils/isValidAddress.ts:11-20

export const isValidAddress = async (
  address: string,
  chain: Chain
): Promise<boolean> => {
  if (isEVMChain(chain) || chain === "Worldchain")
    return ethers.isAddress(address);
  // ... other validation logic
}
  • Explanation: The address validation method has been simplified, potentially reducing the rigor of address checking. The previous implementation included checksum validation which is now replaced with a single ethers.isAddress() call.

Code Smell:
File: apps/connect/src/utils/isValidAddress.ts:50

if (chain === "Evmos" && address.startsWith("0x")) {
  return ethers.isAddress(address);
}
  • Explanation: The code relies on a simple prefix check for Evmos addresses, which might not be the most robust way to validate addresses for this specific chain.

Unintended Consequences:

  1. File: apps/connect/package.json
"ethers": "^6.4.2"
  • Explanation: Major version upgrade from ethers 5.x to 6.x introduces breaking changes that could require significant refactoring of existing code using ethers library.
  1. File: apps/connect/src/utils/isValidAddress.ts
// Removed: const getEthereumAddressWithChecksum = (address: string): string => {
//   return ethers.utils.getAddress(address);
// };
  • Explanation: Removal of detailed address checksum validation might introduce subtle validation issues, especially for EVM-compatible chains.

Debug Log:

  • No debug logs were found in the provided diff.

Additional Observations:

  • The PR introduces compatibility with newer SDK versions
  • Address validation logic has been significantly simplified
  • Potential for breaking changes in existing integrations due to library upgrades[github_XLabs/portal-bridge-ui#1307]

@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 11, 2025 18:11 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 11, 2025 18:17 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 11, 2025 18:18 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna force-pushed the deployment/conenct2.4.0 branch from 6bbfb78 to 0b2cad5 Compare March 12, 2025 18:41
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 18:41 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 18:48 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 18:48 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 19:13 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Preview March 12, 2025 19:20 — with GitHub Actions Inactive
@yuli-ferna yuli-ferna temporarily deployed to Cloudflare-Testnet March 12, 2025 19:20 — with GitHub Actions Inactive
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yuli-ferna