Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: blacklist whitelist contacts #1814

Merged
merged 23 commits into from
May 13, 2022
Merged

Feat: blacklist whitelist contacts #1814

merged 23 commits into from
May 13, 2022

Conversation

bassemmagdy
Copy link
Contributor

@bassemmagdy bassemmagdy commented Dec 9, 2021
edited
Loading

  • Added feature blacklist/whitelist contacts
  • Separated contact list to blacklisted and whitelisted
  • By default now, transactions received from blacklisted contacts don't appear in transaction history

@bassemmagdy bassemmagdy marked this pull request as draft December 9, 2021 17:28
@bassemmagdy bassemmagdy force-pushed the feat-blacklist-whitelist-contacts branch 3 times, most recently from 8309396 to b119669 Compare December 14, 2021 15:52
@bassemmagdy bassemmagdy linked an issue Dec 14, 2021 that may be closed by this pull request
Changes to be made to address book 2.0 #1739
Closed
@bassemmagdy bassemmagdy force-pushed the feat-blacklist-whitelist-contacts branch from b119669 to 60fd197 Compare December 14, 2021 16:04
@bassemmagdy bassemmagdy marked this pull request as ready for review December 14, 2021 16:06
@bassemmagdy bassemmagdy force-pushed the feat-blacklist-whitelist-contacts branch from 60fd197 to 52baa8a Compare December 15, 2021 11:34
@bassemmagdy
Copy link
Contributor Author

@Jaguar0625 All comments are addressed, please recheck :)

gimre-xymcity
gimre-xymcity previously approved these changes Dec 17, 2021
View reviewed changes
Jaguar0625
Jaguar0625 reviewed Dec 17, 2021
View reviewed changes
__tests__/utils/CommonHelpers.spec.ts Outdated
Comment on lines 38 to 43
const address = Address.createFromRawAddress('TAD5BAHLOIXCRRB6GU2H72HPXMBBVAEUQRYPHBY');
const truncatedAddress = CommonHelpers.truncate(address.plain());
const string = 'string';
expect(truncatedAddress.length).toBe(15);
expect(truncatedAddress.substring(truncatedAddress.length - 6)).toEqual('...HBY');
expect(CommonHelpers.truncate(string).length).toBe(6);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. it's probably better to rename string to something more descriptive like shortString
  2. in future, generally would try to group Arrange / Act / Assert [see https://hackmd.io/WrKdAaohRXKgCbzd_4ZMxA]

__tests__/services/TransactionFilterService.spec.ts Outdated
@@ -17,6 +17,8 @@ import { TransactionFilterOptionsState, TransactionState } from '@/store/Transac
import { TransactionFilterService } from '@/services/TransactionFilterService';
import { getTestAccount } from '@MOCKS/Accounts';
import { TransferTransaction } from 'symbol-sdk';
import { addressBookMock } from '@MOCKS/AddressBookMock';
import { IContact } from 'symbol-address-book';

const currentSigner = getTestAccount('remoteTestnet');
const recepient = getTestAccount('remoteTestnetRecipient');
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. not something you need to fix as part of this PR, but it's a bit confusing to use currentSigner as recipient address
  2. recepient is spelled wrong

__tests__/components/TransactionList/TransactionListFilters/TransactionListFilter.spec.ts
test("should not call the 'account/SET_CURRENT_SIGNER' without address", () => {
vm.onSignerSelectorChange();
expect(vm.$store.dispatch).not.toBeCalled();
});

test("should call 'transaction/filterTransactions' with blacklisted contacts", () => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

would be good to add a test when isBlackListFilterActivated == true to cover else branch too

@bassemmagdy
Copy link
Contributor Author

@Jaguar0625 All feedbacks should be now addressed :)

@cryptoBeliever
Copy link
Contributor

cryptoBeliever commented Dec 24, 2021
edited
Loading

Pasting here as a reference. When I'm doing on branch:
npm install
npm run dev

I got error like this (app is starting):

image

@cryptoBeliever
Copy link
Contributor

@bassemmagdy @coiki I think the address book/blocked transactions mechanic and UX/UI has to be re-think. It's not intuitive for me.

  1. I'm able to add mainnet addresses to testnet profile which doesn't make sense I guess. Same with testnet addresses in mainnet profile.

  2. Have we graphics to address the book? Currently white and blacklist sublists are aligned to the left which looks strange. Also empty

image
image

  1. Option to import an address book is only available if you have an empty address book (white and black lists). How user should import more addresses to black/white lists? Should be possible?

  2. On the transaction list "Show blacklisted transactions" button has no indicator that it's active. It's very misleading for users. Maybe besides the "active" filtering indicator, we should add some iconographic in the transaction row?

How filtering should work? It should show valid + blacklisted transactions or should show only blacklisted? Currently, it's the second one. Could you tell me how filtering currently works for aggregate transactions where signed and initiator can be different? Which field is used to filter?

https://share.getcloudapp.com/7Kuqg54L

  1. First I have to add to whitelist addresses and next move it to blacklisted. There is no way to add it directly into blacklisted.

https://share.getcloudapp.com/5zunp6Z6

@bassemmagdy
Copy link
Contributor Author

@cryptoBeliever
1- added checker to validate network type before adding new contact.
2- you can find the design here -> https://www.figma.com/file/lkhDQWxq5FlUrMNZYIJ2wT/Symbol-Wallet---Legacy?node-id=168%3A14032
3- Currently importing is overwriting the current list that's why it's only available when the list is empty. We can improve it by letting it add the new ones to the list but, in case the address is found in the list all contact data will be overwritten except the address.
4- I will try to add a shadow to show the difference based on state (preferably we get a design for that.)
5- Mockups didn't include that option in the contact creation form.

@Jaguar0625
Copy link

@cryptoBeliever - do you think the new approach is intuitive enough or do you have more suggestions for improvements?

@postoronnii
Copy link

postoronnii commented Jan 4, 2022
edited
Loading

@cryptoBeliever how to delete address from the blacklist? Do we have this functionality?

@cryptoBeliever
Copy link
Contributor

cryptoBeliever commented Jan 4, 2022
edited
Loading

@cryptoBeliever how to delete address from the blacklist? Do we have this functionality?

@NikolaiB by using "Delete Contact" in the address book. Same as for "White List" contacts.

@bassemmagdy

  1. It's fixed.
  2. It doesn't look as on Figma Graphics.

a) Figma:

image

And wallet:

image

  • whitelist and blacklist header: missing grey horizontal line, header text size is same as for "My contacts" but should be way smaller
  • contact item: here also text seems too big, icon is too small comparing text; icon has also other borders color than on Figma; if name is long enough, it's cut (but there is still plenty of space)

  1. I think we should allow import and overwrite. @coiki what do you think?

  2. As I can see on Figma there is a graphic for the active and inactive state:

image

  1. Adding to white/blacklist. I think it requires changes. My proposition is to add a select box when adding a new contact with two options blacklist and whitelist. By default could be selected whitelist if we clicked "Add Contact" when whitelist is open or blacklist if we clicked "Add contact" when blacklist is open (but user could change that). Asking user to first add into whitelist and move to blacklist doesn't look good for me. @coiki what do you think?

  2. @coiki Signing partial transactions:
    image

At this moment blacklisting change only visibility on the transaction list. But maybe we should present some warning on transaction details (if the user decides to open a transaction to sign anyway or by mistake). My proposition is to not allow sign partial transactions if the user already added an address to blacklist.

  1. On the list we have now a button to show blacklisted transactions. When we activate it we can see only "blacklisted" transactions. For me, more intuitive would be present in such a situation whitelisted + blacklisted transactions (button would hide/show only blacklisted transactions) - whitelisted always visible. @coiki what do you think it would be better?

  2. Blacklisting transaction rules. @bassemmagdy could you write what rules are for blacklisting transactions? Transaction is blacklisted when transaction signer is on the blacklist?

  3. @bassemmagdy Figma (https://www.figma.com/file/lkhDQWxq5FlUrMNZYIJ2wT/Symbol-Wallet---Legacy?node-id=168%3A14032) contains changed flow for signing partial transactions and saving addresses (black and whitelisting) to address book which weren't implemented. I think it should be part of address book implementation.

View in wallet:

image

Screens on Figma:

Transaction details when opened (I think for whitelisted addresses we could move to Caution warning and skip this step):

image

When the user reject there is an option to blacklist contact:

image
image

There is also an option to "Archive". @coiki what it does? It should hide transactions? It should be implemented here or there will be a separate issue for the feature (as I understand it's an option to hide transactions without blacklisting address)?

The user can also "Accept..." and on the next screen, he can see Caution, and on the next screen provides a password to accept. At the end of process, there should be a way to add contact into "Whitelist".

image
image
image

Also currently warning is not presented if account is in relation with user multisig (to don't show a lot of warnings). We can communicate around that what flow in case of multisig relation of this account should be.

@coiki
Copy link

coiki commented Jan 6, 2022

@cryptoBeliever I checked your questions and I’ve tried to sum up my answers. We already spoke on the chat that we need to create a new task for this, or reuse the one that already touched this subject (and delete it if not).

  1. Understood. I agree it doesn’t make sense.
  2. The alignment should be to the left. The design is quite far from what was in the design from Biagio.
  3. Users will add contacts when interacting with transactions, but should always be able to add directly. If I understand correctly we have only 1 address book per whitelist/blacklist? We should have the option to always import an address book and it should just append it to my existing one.

Regarding showing the blacklisted transactions alongside the whitelisted, we want to treat it as a sort of ‘spam folder’ where all the toxic txs live. I think there are use cases where it would be helpful having them alongisde. Let’s see what we can do with this idea. I would also prefer view/hide, but we wanted to manage it like this due to the malicious attacks.

Regarding the new ‘signing area’ of the transactions:
I agree with your point to not allow to sign transactions from blacklisted addresses. Let’s add it to the logic of the new task about the signing area.

Q: What is Archive? A: It just hides that view (so the user only rejects but doesn’t blacklist). Let’s change the text to “Close”.

@cryptoBeliever cryptoBeliever mentioned this pull request Jan 13, 2022
Closed
10 tasks
@cryptoBeliever
Copy link
Contributor

cryptoBeliever commented Jan 13, 2022
edited
Loading

@bassemmagdy I reported a few issues:

I think those should be fixed in this PR:
#1823
#1824
#1825

Those could be done in separate PR:
#1826
#1827

Also depends on @coiki answers for questions in https://www.figma.com/file/lkhDQWxq5FlUrMNZYIJ2wT/Symbol-Wallet---Legacy?node-id=168%3A14032 I may report some further issues because currently there is no difference in flow between the situation when accounts is whitelisted/unknown/blacklisted.

@lgtm-com
Copy link

lgtm-com bot commented Jan 14, 2022

This pull request introduces 1 alert when merging ad0bde0 into 8b236aa - view on LGTM.com

new alerts:

  • 1 for Unused variable, import, function or class

@lgtm-com
Copy link

lgtm-com bot commented Jan 18, 2022

This pull request introduces 1 alert when merging b1e3544 into 8b236aa - view on LGTM.com

new alerts:

  • 1 for Useless conditional

@sonarcloud
Copy link

sonarcloud bot commented Jan 19, 2022

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot E 2 Security Hotspots
Code Smell A 1 Code Smell

No Coverage information No Coverage information
0.0% 0.0% Duplication

@bassemmagdy bassemmagdy mentioned this pull request Jan 21, 2022
Closed
@OlegMakarenko OlegMakarenko mentioned this pull request Feb 22, 2022
Merged
OlegMakarenko and others added 2 commits May 12, 2022 14:19
@OlegMakarenko
fix: address book (#1847)
108836e 
* fix: address book list styles. feat: add option to blacklist new contact

* fix: rewrite ModalTransactionCosignature warning section, fix flow, fix checkbox styles, add escape option

* feat: add blocked contact transaction view, add unblock option. fix: 'jumping' form

* fix: display contact name in the tx signer field

* task: replace pretty addresses with a plain ones

* feat: add signer address to tx details

* feat: make address filed redirectable to explorer page

* feat: add address popover with explorer url

* task: require blacklist contact name

* fix: aggregate txs get random names from the address book, fix tx filter

* fix: styles of the new address detected modal

* fix: detected address input styles, new transaction incorrect address

* fix: the accounts selector jumping action buttons

* fix: contact address edition doesn't work

* fix: rename blacklist => block and lint

* fix: missing property error

* fix: the contact list jumping action buttons

* fix: rename show blacklisted transactions => show blocked transactions

* fix: edit contact with the same address

* feat: improve cosignature warning, show unknown signer address, add explorer link, add caution text

* fix: account balance widget address label size

* task: change address row explorer link popover layout and styles

* fix: remove unused commented style props

* fix: presentation for  multilevel multisig tree

* fix: show warning for blocked multisig address

* fix: remove unnecessary tx detail scroll to sign form

* task: change copy requires => awaiting

* task: add ModalTransactionCosignature component test

* task: update translations

* fix: translation

* task: cleanup test

* task: update copy

* fix: the transaction list action icons position

* fix: remove blacklisted contacts from the send form

* feat: add tad for blocked addresses, fix modal aligment, remove blacklist contact name input

* fix: lint

* task: update translations, add locale unit test

* feat: add the scam alert link

* fix: typo
@OlegMakarenko
task: merge commit
4e5e8b1
gimre-xymcity
gimre-xymcity approved these changes May 12, 2022
View reviewed changes
__tests__/database/storage/ProfileModelStorage.spec.ts
@@ -1,5 +1,5 @@
/*
* (C) Symbol Contributors 2021 Foundation
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

😂

@yilmazbahadir yilmazbahadir merged commit c194967 into dev May 13, 2022
@yilmazbahadir yilmazbahadir deleted the feat-blacklist-whitelist-contacts branch May 13, 2022 11:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gimre-xymcity gimre-xymcity gimre-xymcity approved these changes

@0x6861746366574 0x6861746366574 Awaiting requested review from 0x6861746366574

@Jaguar0625 Jaguar0625 Awaiting requested review from Jaguar0625

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Changes to be made to address book 2.0
9 participants
@bassemmagdy @cryptoBeliever @Jaguar0625 @postoronnii @coiki @gimre-xymcity @yilmazbahadir @rg911 @OlegMakarenko