add: malicious send calls #401
Conversation
| @@ -228,18 +206,15 @@ export function ppomMaliciousTransactionsAndSignatures(parentContainer) { | |||
|
|
|||
| // Malicious Contract interaction | |||
| maliciousContractInteractionButton.onclick = async () => { | |||
| const contractAddress = | |||
| MALICIOUS_CONTRACT_ADDRESSES[globalContext.networkName] || | |||
| MALICIOUS_CONTRACT_ADDRESSES.default; | |||
There was a problem hiding this comment.
we directly use the malicious contract interaction data from the sample contracts. We don't want to hide this button for these networks (unsure why this was added)
The payload for the hex data is what makes Blockaid flag it as malicious, no matter to which address we point, even if it's an EOA (which makes our life easier)
| @@ -0,0 +1,39 @@ | |||
| import { maliciousAddress } from '../../sample-addresses'; | |||
There was a problem hiding this comment.
moved the malicious tx's in this file, so they can be used both in the ppom tx and in the ppom batch txs
| disabled | ||
| > | ||
| Malicious Set Approval For All | ||
| Malicious Contract Interaction |
There was a problem hiding this comment.
re-ordered these 2 as it makes more sense like this (first all custom contract interactions, and the last one the fallback contract interaction) -- also following this order for the batch
| opBnb: '0x61d7e121185b1d7902a3da7f3c8ac9faaee8863b', | ||
| optimism: '0xaf18644083151cf57f914cccc23c42a1892c218e', | ||
| polygon: '0x9e8ea82e76262e957d4cc24e04857a34b0d8f062', | ||
| sepolia: '0xbba60aa8144579e07c6db64121b0f608ab6f0c89', |
There was a problem hiding this comment.
reorder alphabetically
| @@ -159,7 +159,7 @@ export function ppomMaliciousBatchingAndQueueing(parentContainer) { | |||
| params: [ | |||
| { | |||
| from: globalContext.accounts[0], | |||
| to: '0x5FbDB2315678afecb367f032d93F642f64180aa3', | |||
There was a problem hiding this comment.
remove hardcoded malicious address, and use the const
src/sample-addresses.js
Outdated
| @@ -1 +1 @@ | |||
| export const maliciousAddress = '0x5FbDB2315678afecb367f032d93F642f64180aa3'; | |||
There was a problem hiding this comment.
this address is no longer flagged as malicious (https://consensys.slack.com/archives/C08JQ6DDCSU/p1744401213662199?thread_ts=1744173737.539829&cid=C08JQ6DDCSU) replacing with a new address which isflagged
There was a problem hiding this comment.
the change has been reverted, as the address i working again as malicious
Description
This PR adds a new section for malicious batch transactions.
On each send call we'll have 1 type of a malicious transaction, the rest will be the 2 default simple sends (benign).
Screenshots
malicious-eip5792.mp4