How Daedalus wallet identifies a valid cardano payment address? - cardano

When a Cardano address is entered for payment, Daedalus identifies it as a valid address immediately. Even if there is a single character change, it shows it as an invalid address. Were are these addresses stored and how it is identified as a valid address.

There are two verification mechanisms, giving a certain level of certainty it's a valid address.
First, the wallet software can check it's valid address discrimination: Cardano Shelley mainnet addresses start with addr...
Second, the address - being a bech32 encoded string - has a checksum. This checksum for the given string length is not fully bulletproof but in almost all cases allows an instant offline validation for the given address.

Related

Is this the valid contact header and can you explain the parameters

I am new to sipp and network concepts i got a contact header
"Fin Tax" <sip:b2fdfc58-b7f2-a482-572c-8dbc1aae24#10.195.1.41:5060>;+
"ip.instance="urn:uuid:00000000-0000-0000-0000-34db8dc64>";+
u.sip!devicename="ATA34DBFD8DC64"4DBFD18DC64";+u.sip!model.cc.co.com="681"
Can you explain this contact paramerter i know the first part uri but what are next parameters
First parameter is +sip.instance (the double quote after + in the example above is a typo for sure), which is defined by IETF, it can be found in SIP Outbound (RFC5626) and GRUU (RFC5627):
https://www.rfc-editor.org/rfc/rfc5626
https://www.rfc-editor.org/rfc/rfc5627
Its purpose is to identify uniquely a device, independent of contact address (which can change in case of roaming around wifi hotspots or 4G/5G networks) or multiple connections, but contact addresses can also overlap when devices are located in private networks using same IP range.
Usually its value is build using a UUID (universally unique identifier), which should reduce the risk of duplicate values for users with multiple devices. Its uniqueness allows SIP Registrar Server to identify what contact record to update or remove when processing REGISTER requests from the same device.
The next two parameters prefixed with +u.sip! seem to be custom parameters set by the sending SIP UA. They look like specific to some CISCO equipment, probably a gateway. In general, SIP specifications tell that custom parameters can be ignored by receiving UA, if it does not know how to interpret them.

Kafka authorization - Email address in certificate subject name converted with OID

We use mTLS authentication between clients and Kafka cluster and some ACLs configured on topics.
A client has in his subject name the email address, like:
Owner: EMAILADDRESS=user#my-domain.com, CN=my-service, OU=my-ou, O=my-org, L=my-loc, ST=my-state, C=my-country
But when the client calls kafka cluster we see the email address converted with his [OID code].
[2022-07-13 10:37:32,549] INFO Principal = User:1.2.840.113549.1.9.1=#3uR2XK21ru2nwVymHN9u4B7wQCs4wrhcPavdGktA,CN=my-service,OU=my-ou,O=my-org,L=my-loc,ST=my-state,C=my-country is Denied Operation = Write from host = 10.10.10.2 on resource = Topic:LITERAL:my-topic for request = Produce with resourceRefCount = 1 (kafka.authorizer.logger)
Could someone explain me why this happen and how to get the email address literal instead?
[OID code] https://oidref.com/1.2.840.113549.1.9.1
You cannot get the email address as a literal because Kafka parses the principal DN (Distinguished Name) as described in rfc2253, which doesn't support the EMAILADDRESS attribute. Unsupported attributes are encoded as in your example.
The next step depends on what you're trying to achieve.
If you are trying to use the email address in the ACL rule, then you can do one of:
if you can, issue certificates where the email address is in one of the supported attributes, such as within the CN.
use a script to encode it and get the correct value, which you can use as-is in the ACL rule.
If you don't mean to use the email address, and instead you mean to use other attributes which appear as literals (like the CN), you can either:
If you have access, the best option is to issue certificates without an email in the subject name and create ACL rules accordingly.
Another option might be to use Kafka ssl principal mapping rules to strip the email address and
leave the rest for use in ACL rules. This rule should do the work:
RULE:^1.2.840.113549.1.9.1=.,(CN=.)/$1
Furthermore, EMAILADDRESS oid is deprecated as mentioned here: https://oidref.com/1.2.840.113549.1.9.1 altNames should be used instead. You can see an example here: On certificates, what type should E-mail addresses be when in subjectAltName.

Create contract address from the address of the creator and nonce

I am sure that a contract address can be deterministically created using msg.sender and nonce.I read that they used RLPEncoding in python https://ethereum.stackexchange.com/questions/760/how-is-the-address-of-an-ethereum-contract-computed/47083#47083. But I am unsure how to do that in solidity.
function createAddress(address creator, bytes nonce) public returns(address conractAdd) {
//SomeBody help me writing this part
}
new contract address depends on the current address of the contract and nonce of the contract that you are creating based on shared link. nonce is counter maintained internally by a contract referring to the number of contracts
created by it but unfortunately it is not available within the contract. So you cannot create address without nonce.
Even though, contract creating address depends on the parent contract address and the nonce of the contract, there must be other variables that creates the contract address. because, if you want to create two separate contract's address in same contract. contract address will be same and it is likely that nonce of the contracts that you are creating might be same as well, because nonce is essentially just a scalar number. In this case you would be creating same contract addresses.

IMAP Envelope email address format?

If I poll an IMAP server for an Envelope structure SELECT INBOX, FETCH UID ALL - I will get an envelope structure in return.
For all fields in the envelope structure that are an email address, from, sender, reply-to, etc, I have noticed this is how an email address is represented:
(("Name on Email Account" NIL "emailaddress" "domain.com"))
or for accounts with no email name set -
((NIL NIL "emailaddressnoname" "domain.com"))
I can see the 1st value is the name, the 3rd value is the email address name & the 4th value is the domain name - but what is the 2nd value for? I've polled for hundreds of emails from many different IMAP servers and this value is always NIL & I'm afraid that one day it's not going to be NIL and it's going to mess up my parsing code.
In the part of the RFC that defines Envelope structure (https://www.rfc-editor.org/rfc/rfc822) nothing is mentioned about this.
Anybody know what's going on?
From RFC 3501, section 7.4.2 (Fetch Responses), subsection ENVELOPE:
An address structure is a parenthesized list that describes an
electronic mail address. The fields of an address structure
are in the following order: personal name, [SMTP]
at-domain-list (source route), mailbox name, and host name.
The second portion represents source routes, which are obsolete on the Internet, so can be effectively ignored.
There is also information about group list syntax, which is also nearly obsolete, but you may come across it occasionally.

Email validation MX Lookup

I have been asked to implement some email address validation on a web app - I'm sure we've all been there a thousand times... however, this time I have been asked to do an MX Lookup on the domain to see if it accepts emails.
Does anyone know of any potential problems with doing this? Is an mx lookup a reliable way of finding out if a domain accepts email? are there any edge cases where a valid email address could fail an MX lookup check?
Thanks for your advice!
are there any edge cases where a valid email address could fail an MX lookup check?
Yes, in that where there is no MX record, MTAs fall back to using the A record instead. So only allowing MX records would fail a class of mail servers that work in the real world.
Allowing any name with an MX or A record at least detects obvious mistypings that result in NXDOMAIN. However it will still allow mistypings that end up at squatter sites. A further step for addresses resolved by A records might be to check where port 25 is accepting connections on that address.
You can only check if there is an mail server registered for the domain.
If the server also accepts mails and if the address is valid (not syntactically but in the sense that there exists a inbox for it and so on...) you will only find out when sending the e.g. registration email
sample on how to do this in PHP
function mailserver_exists($email) {
list($user,$domain) = split('#',$email);
//included check for 'A' after [comment from bobince][1]
return checkdnsrr($domain,'MX') || checkdnsrr($domain,'A');
}
if(domain_exists('joe#foreigndomain.xx')) {...} else {...}
Yes you can use 'TinyTim#192.184.165.13' too. The PHP documentation for checkdnsrr(host, type) states
host may either be the IP address in
dotted-quad notation or the host name