From 82100da75728ea4ef3983fd6439e175201cafc9b Mon Sep 17 00:00:00 2001
From: Sonali Thakur <sonalithakur1199@gmail.com>
Date: Tue, 9 Jul 2024 13:45:36 +0530
Subject: [PATCH 1/3] error handling for all external endpoints

---
 src/network/index.ts | 45 ++++++++++++++++++++++++++++----------------
 1 file changed, 29 insertions(+), 16 deletions(-)

diff --git a/src/network/index.ts b/src/network/index.ts
index 3a926cb0f..b859bba78 100644
--- a/src/network/index.ts
+++ b/src/network/index.ts
@@ -127,6 +127,19 @@ export class NetworkClass extends EventEmitter {
     next()
   }
 
+  handleError(error: any, req: any, res: any, route: string) {
+    /* prettier-ignore */ if (logFlags.error) this.mainLogger.error(`Error in route ${route}: ${error.message}`)
+
+    nestedCountersInstance.countEvent('endpoint-exception', `error-${route}`)
+
+    // Send an error response
+    res.status(500).json({
+      error: 'Internal Server Error',
+      message: isDebugMode() ? error.message : 'An unexpected error occurred',
+      route: route,
+    })
+  }
+
   // TODO: Allow for binding to a specified network interface
   _setupExternal() {
     return new Promise((resolve, reject) => {
@@ -545,29 +558,29 @@ export class NetworkClass extends EventEmitter {
       handlers.push(authHandler)
     }
 
-    if (isDebugMode() && ['GET', 'POST'].includes(method)) {
-      const wrappedHandler = async (req, res, next) => {
-        profilerInstance.profileSectionStart('net-externl', false)
-        profilerInstance.profileSectionStart(`net-externl-${route}`, false)
-        profilerInstance.scopedProfileSectionStart(`net-externl-${route}`, false)
-
-        let result
-        try {
-          result = await responseHandler(req, res, next)
-        } finally {
+    const wrappedHandler = async (req, res, next) => {
+      let result
+      try {
+        if (isDebugMode() && ['GET', 'POST'].includes(method)) {
+          profilerInstance.profileSectionStart('net-externl', false)
+          profilerInstance.profileSectionStart(`net-externl-${route}`, false)
+          profilerInstance.scopedProfileSectionStart(`net-externl-${route}`, false)
+        }
+        result = await responseHandler(req, res, next)
+      } catch (error) {
+        this.handleError(error, req, res, route)
+      } finally {
+        if (isDebugMode() && ['GET', 'POST'].includes(method)) {
           profilerInstance.scopedProfileSectionEnd(`net-externl-${route}`)
           profilerInstance.profileSectionEnd(`net-externl-${route}`, false)
           profilerInstance.profileSectionEnd('net-externl', false)
         }
-
-        return result
       }
-
-      handlers.push(wrappedHandler)
-    } else {
-      handlers.push(responseHandler)
+      return result
     }
 
+    handlers.push(wrappedHandler)
+
     let expressMethod = {
       GET: 'get',
       POST: 'post',

From 4d75f797a9d67af7a94dec8860220c4e0f9ade3c Mon Sep 17 00:00:00 2001
From: Sonali Thakur <sonalithakur1199@gmail.com>
Date: Tue, 9 Jul 2024 13:49:54 +0530
Subject: [PATCH 2/3] update endpoint-exception counter message

---
 src/network/index.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/network/index.ts b/src/network/index.ts
index b859bba78..ec6f9ad24 100644
--- a/src/network/index.ts
+++ b/src/network/index.ts
@@ -130,7 +130,7 @@ export class NetworkClass extends EventEmitter {
   handleError(error: any, req: any, res: any, route: string) {
     /* prettier-ignore */ if (logFlags.error) this.mainLogger.error(`Error in route ${route}: ${error.message}`)
 
-    nestedCountersInstance.countEvent('endpoint-exception', `error-${route}`)
+    nestedCountersInstance.countEvent('endpoint-exception', `${route}`)
 
     // Send an error response
     res.status(500).json({

From bd4f26dc2caea6b6c1cbba1ca9b247f89ca6d358 Mon Sep 17 00:00:00 2001
From: Thura Moe Myint <mgthuramoemyint@gmail.com>
Date: Tue, 16 Jul 2024 13:11:40 +0700
Subject: [PATCH 3/3] SEC-421: Binary Handler Impersonation Check

---
 src/p2p/Comms.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/p2p/Comms.ts b/src/p2p/Comms.ts
index a84354719..d569bb868 100644
--- a/src/p2p/Comms.ts
+++ b/src/p2p/Comms.ts
@@ -639,7 +639,12 @@ export function registerInternalBinary(route: string, handler: InternalBinaryHan
       warn('registerInternalBinary: internal routes can only be used by nodes in the network...')
       return
     }
-
+    if (
+      NodeList.nodes.get(header.sender_id).publicKey !== sign.owner
+    ) {
+      warn('registerInternalBinary: Public key is not the same with sign owner')
+      return
+    }
     // Checks to see if we can extract the actual payload from the wrapped message
     const requestPayload = _extractPayloadBinary(wrappedPayload)
     if (!requestPayload) {