From d575450ef0ccb11908d2b0369e99fc1f0bc844be Mon Sep 17 00:00:00 2001 From: Trent Nelson Date: Tue, 20 Apr 2021 01:38:52 -0600 Subject: [PATCH] docs: Flesh out address verification in integraion guide --- docs/src/integrations/exchange.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/docs/src/integrations/exchange.md b/docs/src/integrations/exchange.md index bdd7cf50c1..cf478bbbe2 100644 --- a/docs/src/integrations/exchange.md +++ b/docs/src/integrations/exchange.md @@ -480,6 +480,27 @@ As withdrawals are irreversible, it may be a good practice to validate a user-supplied account address before authorizing a withdrawal in order to prevent accidental loss of user funds. +#### Basic verfication + +Solana addresses a 32-byte array, encoded with the bitcoin base58 alphabet. This +results in an ASCII text string matching the following regular expression: +``` +[1-9A-HJ-NP-Za-km-z]{32,44} +``` +This check is insufficient on its own as Solana addresses are not checksummed, so +typos cannot be detected. To further validate the user's input, the string can be +decoded and the resulting byte array's length confirmed to be 32. However, there +are some addresses that can decode to 32 bytes despite a typo such as a single +missing character, reversed characters and ignored case + +#### Advanced verification + +Due to the vulnerability to typos described above, it is recommended that the +balance be queried for candidate withdraw addresses and the user prompted to +confirm their intentions if a non-zero balance is discovered. + +#### Valid ed25519 pubkey check + The address of a normal account in Solana is a Base58-encoded string of a 256-bit ed25519 public key. Not all bit patterns are valid public keys for the ed25519 curve, so it is possible to ensure user-supplied account addresses are