Add validation of image

Author: HeesungB

package.json

@@ -11,6 +11,7 @@
     "lint-test": "eslint \"src/**/*\" && prettier --check \"src/**/*\"",
     "lint-fix": "eslint --fix \"src/**/*\" && prettier --write \"src/**/*\"",
     "validate:token": "ts-node src/scripts/validate-token.ts",
+    "validate:image": "ts-node src/scripts/validate-image.ts",
     "pre-commit": "lint-staged"
   },
   "pre-commit": [
@@ -52,6 +53,7 @@
     "@keplr-wallet/cosmos": "^0.12.12",
     "axios": "^1.4.0",
     "curve25519-js": "^0.0.4",
+    "image-size": "^1.1.1",
     "joi": "^17.9.2",
     "koa": "^2.14.2",
     "koa-router": "^12.0.0",

src/scripts/validate-token.ts

@@ -1,8 +1,9 @@
 import FS from "fs";
+import sizeOf from "image-size";
 import { CW20TokenScheme } from "../scheme";
-import { getChainBaseMap } from "../utils";
+import { getChainBaseMap, validateImageUrl } from "../utils";
 import Path from "path";
-import { Bech32Address } from "@keplr-wallet/cosmos";
+import { Bech32Address, ChainIdHelper } from "@keplr-wallet/cosmos";
 import { fetchTokenMetadata } from "../query";
 import { sortedJsonByKeyStringify } from "@keplr-wallet/common";
 
@@ -67,6 +68,29 @@ import { sortedJsonByKeyStringify } from "@keplr-wallet/common";
             )}), contract: ${validated.value.contractAddress}, chain: ${chain})`
           );
         }
+
+        if (validated.value.imageUrl) {
+          const chainIdentifier = ChainIdHelper.parse(base.chainId).identifier;
+          const tokenImageUrl = validateImageUrl(
+            chainIdentifier,
+            validated.value.imageUrl
+          );
+
+          const dimensions = sizeOf(
+            `images/${chainIdentifier}/${tokenImageUrl}`
+          );
+
+          if (dimensions.type === "png") {
+            const width = dimensions.width ?? 0;
+            const height = dimensions.height ?? 0;
+
+            if (width > 512 || height > 512) {
+              throw new Error(
+                `Reduce image size to 512x512 or smaller (expected: 512x512, actual: ${width}x${height})`
+              );
+            }
+          }
+        }
       } else {
         throw new Error(`Invalid path: ${path}`);
       }

src/utils.ts

@@ -49,3 +49,19 @@ export const getChainBaseMap = (
 
   return map;
 };
+
+export const validateImageUrl = (
+  chainIdentifier: string,
+  url: string
+): string => {
+  const baseURL = `https://raw.githubusercontent.com/chainapsis/keplr-contract-registry/main/images/${chainIdentifier}/`;
+
+  if (!url.startsWith(baseURL)) {
+    throw new Error(`Invalid image url: ${url}`);
+  }
+  if (!(url.endsWith(".png") || url.endsWith(".svg"))) {
+    throw new Error(`Image formats can only be PNG and SVG.`);
+  }
+
+  return url.replace(baseURL, "");
+};

yarn.lock

@@ -3316,6 +3316,17 @@ __metadata:
   languageName: node
   linkType: hard
 
+"image-size@npm:^1.1.1":
+  version: 1.1.1
+  resolution: "image-size@npm:1.1.1"
+  dependencies:
+    queue: 6.0.2
+  bin:
+    image-size: bin/image-size.js
+  checksum: 23b3a515dded89e7f967d52b885b430d6a5a903da954fce703130bfb6069d738d80e6588efd29acfaf5b6933424a56535aa7bf06867e4ebd0250c2ee51f19a4a
+  languageName: node
+  linkType: hard
+
 "import-fresh@npm:^3.0.0, import-fresh@npm:^3.2.1":
   version: 3.3.0
   resolution: "import-fresh@npm:3.3.0"
@@ -3750,6 +3761,7 @@ __metadata:
     eslint: ^8.34.0
     eslint-config-prettier: ^8.6.0
     eslint-plugin-prettier: ^4.2.1
+    image-size: ^1.1.1
     joi: ^17.9.2
     koa: ^2.14.2
     koa-router: ^12.0.0
@@ -4802,6 +4814,15 @@ __metadata:
   languageName: node
   linkType: hard
 
+"queue@npm:6.0.2":
+  version: 6.0.2
+  resolution: "queue@npm:6.0.2"
+  dependencies:
+    inherits: ~2.0.3
+  checksum: ebc23639248e4fe40a789f713c20548e513e053b3dc4924b6cb0ad741e3f264dcff948225c8737834dd4f9ec286dbc06a1a7c13858ea382d9379f4303bcc0916
+  languageName: node
+  linkType: hard
+
 "read-package-json@npm:^2.0.0":
   version: 2.1.2
   resolution: "read-package-json@npm:2.1.2"