refactor: use zod for rpc validation

package.json

@@ -260,6 +260,7 @@
     "webextension-polyfill": "0.12.0",
     "yup": "1.4.0",
     "zod": "3.23.8",
+    "zod-validation-error": "3.4.0",
     "zxcvbn": "4.4.2"
   },
   "devDependencies": {

src/shared/forms/address-validators.ts

@@ -1,4 +1,4 @@
-import { Network, validate } from 'bitcoin-address-validation';
+import { Network, getAddressInfo, validate } from 'bitcoin-address-validation';
 import * as yup from 'yup';
 
 import type { BitcoinNetworkModes } from '@leather.io/models';
@@ -23,14 +23,17 @@ export function btcAddressValidator() {
   });
 }
 
+export function getNetworkTypeFromAddress(address: string) {
+  return getAddressInfo(address).network as BitcoinNetworkModes;
+}
+
 function btcAddressNetworkValidatorFactory(network: BitcoinNetworkModes) {
   function getAddressNetworkType(network: BitcoinNetworkModes): Network {
     // Signet uses testnet address format, this parsing is to please the
     // validation library
     if (network === 'signet') return Network.testnet;
     return network as Network;
   }
-
   return (value?: string) => {
     if (isUndefined(value) || isEmptyString(value)) return true;
     return validate(value, getAddressNetworkType(network));

src/shared/rpc/methods/send-transfer.spec.ts

@@ -14,7 +14,7 @@ describe('`sendTransfer` method', () => {
         amount: '10000',
       };
 
-      expect(rpcSendTransferParamsSchemaLegacy.isValidSync(params)).toBeTruthy();
+      expect(rpcSendTransferParamsSchemaLegacy.safeParse(params).success).toEqual(true);
     });
 
     test('that it validates multiple recipient sends', () => {
@@ -33,7 +33,7 @@ describe('`sendTransfer` method', () => {
         ],
       };
 
-      expect(rpcSendTransferParamsSchema.isValidSync(params)).toBeTruthy();
+      expect(rpcSendTransferParamsSchema.safeParse(params).success).toEqual(true);
     });
 
     test('that it fails validation for missing required fields', () => {
@@ -42,7 +42,7 @@ describe('`sendTransfer` method', () => {
         account: 0,
       };
 
-      expect(() => rpcSendTransferParamsSchema.validateSync(params)).toThrow();
+      expect(() => rpcSendTransferParamsSchema.parse(params)).toThrow();
     });
 
     test('that it converts legacy params to new params', () => {
@@ -67,4 +67,40 @@ describe('`sendTransfer` method', () => {
       expect(convertRpcSendTransferLegacyParamsToNew(legacyParams)).toEqual(newParams);
     });
   });
+
+  test('that it fails if addresses do not match the defined network', () => {
+    const result = rpcSendTransferParamsSchema.safeParse({
+      network: 'mainnet',
+      account: 0,
+      recipients: [
+        {
+          // Expected to fail because we've passed a testnet address
+          address: 'tb1pjqhc5xw5xuhhg3zvk5p545q055e4farx37pvwnj2plt9t8lezvys0n58yz',
+          amount: '10000',
+        },
+      ],
+    });
+    expect(result.success).toEqual(false);
+  });
+
+  test('that it fails when addresses of different networks are passed', () => {
+    const result = rpcSendTransferParamsSchema.safeParse({
+      network: 'mainnet',
+      account: 0,
+      recipients: [
+        {
+          address: 'bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq',
+          amount: '100',
+        },
+        {
+          address: 'tb1pjqhc5xw5xuhhg3zvk5p545q055e4farx37pvwnj2plt9t8lezvys0n58yz',
+          amount: '100',
+        },
+      ],
+    });
+    expect(result.error?.issues.map(issue => issue.message)).toContain(
+      'Cannot tranfer to addresses of different networks'
+    );
+    expect(result.success).toEqual(false);
+  });
 });

src/shared/rpc/methods/send-transfer.ts

@@ -1,10 +1,14 @@
 import type { SendTransferRequestParams } from '@btckit/types';
-import * as yup from 'yup';
+import { z } from 'zod';
 
 import { type BitcoinNetworkModes, WalletDefaultNetworkConfigurationIds } from '@leather.io/models';
+import { uniqueArray } from '@leather.io/utils';
 
 import { FormErrorMessages } from '@shared/error-messages';
-import { btcAddressNetworkValidator, btcAddressValidator } from '@shared/forms/address-validators';
+import {
+  btcAddressNetworkValidator,
+  getNetworkTypeFromAddress,
+} from '@shared/forms/address-validators';
 import { checkIfDigitsOnly } from '@shared/forms/amount-validators';
 
 import {
@@ -16,42 +20,51 @@ import {
 
 export const defaultRpcSendTransferNetwork = 'mainnet';
 
-export const rpcSendTransferParamsSchemaLegacy = yup.object().shape({
-  account: accountSchema,
-  address: yup.string().required(),
-  amount: yup.string().required(),
-  network: yup.string().oneOf(Object.values(WalletDefaultNetworkConfigurationIds)),
+export const rpcSendTransferParamsSchemaLegacy = z.object({
+  account: accountSchema.optional(),
+  address: z.string(),
+  amount: z.string(),
+  network: z
+    .enum(Object.values(WalletDefaultNetworkConfigurationIds) as [string, ...string[]])
+    .optional(),
 });
 
-export const rpcSendTransferParamsSchema = yup.object().shape({
-  account: accountSchema,
-  network: yup.string().oneOf(Object.values(WalletDefaultNetworkConfigurationIds)),
-  recipients: yup
-    .array()
-    .required()
-    .of(
-      yup.object().shape({
-        // check network is valid for address
-        address: btcAddressValidator().test(
-          'address-network-validation',
-          FormErrorMessages.IncorrectNetworkAddress,
-          (value, context) => {
-            const contextOptions = context.options as any;
-            const network =
-              (contextOptions.from[1].value.network as BitcoinNetworkModes) ||
-              defaultRpcSendTransferNetwork;
-            return btcAddressNetworkValidator(network).isValidSync(value);
-          }
-        ),
-        amount: yup
-          .string()
-          .required()
-          .test('amount-validation', 'Sat denominated amounts only', value => {
-            return checkIfDigitsOnly(value);
+export const rpcSendTransferParamsSchema = z
+  .object({
+    account: accountSchema.optional(),
+    network: z
+      .enum(Object.values(WalletDefaultNetworkConfigurationIds) as [string, ...string[]])
+      .optional(),
+    recipients: z
+      .array(
+        z.object({
+          address: z.string(),
+          amount: z.string().refine(value => checkIfDigitsOnly(value), {
+            message: 'Sat denominated amounts only',
           }),
-      })
-    ),
-});
+        })
+      )
+      .nonempty()
+      .refine(
+        recipients => {
+          const inferredNetworksByAddress = recipients.map(({ address }) =>
+            getNetworkTypeFromAddress(address)
+          );
+          return uniqueArray(inferredNetworksByAddress).length === 1;
+        },
+        { message: 'Cannot tranfer to addresses of different networks', path: ['recipients'] }
+      ),
+  })
+  .refine(
+    ({ network, recipients }) => {
+      const addressNetworks = recipients.map(recipient =>
+        btcAddressNetworkValidator(network as BitcoinNetworkModes).isValidSync(recipient.address)
+      );
+
+      return !addressNetworks.some(val => val === false);
+    },
+    { message: FormErrorMessages.IncorrectNetworkAddress, path: ['recipients'] }
+  );
 
 export interface RpcSendTransferParamsLegacy extends SendTransferRequestParams {
   network: string;

src/shared/rpc/methods/sign-message.ts

@@ -1,7 +1,7 @@
-import { PaymentTypes } from '@btckit/types';
-import * as yup from 'yup';
+import { z } from 'zod';
 
 import { WalletDefaultNetworkConfigurationIds } from '@leather.io/models';
+import type { PaymentTypes } from '@leather.io/rpc';
 
 import {
   accountSchema,
@@ -10,18 +10,16 @@ import {
   validateRpcParams,
 } from './validation.utils';
 
-// TODO: Import Bip322MessageTypes from btckit when updated
-type SupportedBip322MessageTypes = 'bip322';
-
-const rpcSignMessageParamsSchema = yup.object().shape({
-  type: yup.string<SupportedBip322MessageTypes>(),
-  account: accountSchema,
-  message: yup.string().required(),
-  network: yup.string().oneOf(Object.values(WalletDefaultNetworkConfigurationIds)),
-  paymentType: yup.string<PaymentTypes>(),
+const rpcSignMessageParamsSchema = z.object({
+  type: z.enum(['bip322']).optional(),
+  account: accountSchema.optional(),
+  message: z.string(),
+  network: z
+    .enum(Object.values(WalletDefaultNetworkConfigurationIds) as [string, ...string[]])
+    .optional(),
+  paymentType: z.enum(['p2tr', 'p2wpkh'] as [PaymentTypes, PaymentTypes]).optional(),
 });
 
-// TODO: Import param types from btckit when updated
 export function validateRpcSignMessageParams(obj: unknown) {
   return validateRpcParams(obj, rpcSignMessageParamsSchema);
 }