safe mode self-transfer handling in Wallet #369
Description
Reviewer's Guide
Adjusts safe mode restrictions to allow native token transfers to the wallet’s own address (self-transfers with no calldata) and adds tests to validate both the allowed and disallowed behaviors.
Sequence diagram for safe mode self-transfer handling in Wallet
sequenceDiagram
actor User
participant Wallet
participant Blockchain
User->>Wallet: submitTransaction(call)
activate Wallet
alt safeMode_enabled
alt call_to_wallet_address_and_empty_data
Wallet->>Blockchain: sendNativeTransfer(to_wallet_address, value, data_0x)
Blockchain-->>Wallet: transferSuccess
Wallet-->>User: return success
else call_to_wallet_address_and_non_empty_data_or_delegateCall
Wallet-->>User: throw Error
end
else safeMode_disabled
Wallet->>Blockchain: sendTransaction(call)
Blockchain-->>Wallet: txResult
Wallet-->>User: return txResult
end
deactivate Wallet
Flow diagram for safe mode call validation logic in Wallet
flowchart TD
A[Start safe mode call validation] --> B{safeMode_enabled?}
B -- No --> H[Allow call]
B -- Yes --> C{delegateCall?}
C -- Yes --> D[Throw error: delegate calls are not allowed in safe mode]
C -- No --> E{call.to equals wallet.address?}
E -- No --> H
E -- Yes --> F{call.data equals 0x?}
F -- Yes --> H
F -- No --> G[Throw error: calls to the wallet contract itself are not allowed in safe mode]
H --> I[End call validation]
File-Level Changes
| Change | Details | Files |
|---|---|---|
| Relax safe mode self-call restriction to allow native-token self-transfers without calldata while still blocking contract calls to self. |
|
packages/wallet/core/src/wallet.ts |
| Extend transaction tests to cover safe-mode self-transfer behavior and ensure non-value self-calls with data remain disallowed. |
|
packages/wallet/wdk/test/transactions.test.ts |
Tips and commands
Interacting with Sourcery
- Trigger a new review: Comment
@sourcery-ai reviewon the pull request. - Continue discussions: Reply directly to Sourcery's review comments.
- Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with@sourcery-ai issueto create an issue from it. - Generate a pull request title: Write
@sourcery-aianywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai titleon the pull request to (re-)generate the title at any time. - Generate a pull request summary: Write
@sourcery-ai summaryanywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment@sourcery-ai summaryon the pull request to
(re-)generate the summary at any time. - Generate reviewer's guide: Comment
@sourcery-ai guideon the pull
request to (re-)generate the reviewer's guide at any time. - Resolve all Sourcery comments: Comment
@sourcery-ai resolveon the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore. - Dismiss all Sourcery reviews: Comment
@sourcery-ai dismisson the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai reviewto trigger a new review!
Customizing Your Experience
Access your dashboard to:
- Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others. - Change the review language.
- Add, remove or edit custom review instructions.
- Adjust other review settings.
Getting Help
- Contact our support team for questions or feedback.
- Visit our documentation for detailed guides and information.
- Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.
Originally posted by @sourcery-ai[bot] in #367 (comment)