Skip to content

fix: add runtime validation for ConnectionMode (WAPI-1129)#75

Merged
chakra-guy merged 1 commit intomainfrom
cyfrin/wapi-1129
Feb 27, 2026
Merged

fix: add runtime validation for ConnectionMode (WAPI-1129)#75
chakra-guy merged 1 commit intomainfrom
cyfrin/wapi-1129

Conversation

@chakra-guy
Copy link
Collaborator

@chakra-guy chakra-guy commented Feb 25, 2026
edited by cursor bot
Loading

Summary

  • Adds runtime validation for ConnectionMode values at connect-time in both WalletClient and DappClient
  • Exports CONNECTION_MODES const array and isValidConnectionMode() type guard from core
  • Previously, an invalid mode like "admin" would silently fall through to the UntrustedConnectionHandler via the else branch

Background

ConnectionMode was a TypeScript-only type ("trusted" | "untrusted") with no runtime enforcement. Since SessionRequest.mode can come from external sources (e.g. a QR code, deep link, or cross-origin message), a malformed value would bypass type safety at runtime. The Cyfrin audit flagged this as needing runtime validation.

Changes

  • packages/core/src/domain/connection-mode.ts: Added CONNECTION_MODES const array and isValidConnectionMode() type guard
  • packages/core/src/index.ts: Exports the new symbols
  • packages/wallet-client/src/client.ts: Validates request.mode before handler selection
  • packages/dapp-client/src/client.ts: Validates mode before creating session request
  • packages/core/CHANGELOG.md: Documents the new exports

Test plan

  • yarn build passes
  • yarn test:unit passes (68/68 tests)

Note

Low Risk
Low risk: small, localized change that adds runtime guarding of externally-sourced mode values and only affects connect-time error handling/flow selection.

Overview
Adds runtime validation for ConnectionMode by introducing CONNECTION_MODES and the isValidConnectionMode() type guard in core and exporting them publicly.

Updates DappClient.connect() and WalletClient.connect() to reject invalid mode values (throwing SessionError) before entering CONNECTING and selecting a connection handler, preventing unexpected fall-through to the untrusted flow.

Written by Cursor Bugbot for commit b20564c. This will update automatically on new commits. Configure here.

cursor[bot]
cursor bot reviewed Feb 25, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

adonesky1
adonesky1 previously approved these changes Feb 25, 2026
View reviewed changes
Base automatically changed from cyfrin/wapi-1128 to main February 27, 2026 11:26
@chakra-guy chakra-guy dismissed adonesky1’s stale review February 27, 2026 11:26

The base branch was changed.

@chakra-guy
fix: add runtime validation for ConnectionMode (WAPI-1129)
b20564c 
ConnectionMode was a TypeScript-only type with no runtime enforcement.
A malformed session request with an invalid mode (e.g. "admin") would
silently fall through to the UntrustedConnectionHandler. Now both
WalletClient and DappClient validate the mode at connect-time before
any state transition, and throw a clear error for invalid values.

Exports CONNECTION_MODES const and isValidConnectionMode() type guard
from core for downstream consumers.
@chakra-guy chakra-guy merged commit 4c8bf85 into main Feb 27, 2026
12 checks passed
@chakra-guy chakra-guy deleted the cyfrin/wapi-1129 branch February 27, 2026 12:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@wenfix wenfix wenfix approved these changes

@adonesky1 adonesky1 adonesky1 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@chakra-guy @adonesky1 @wenfix