feat: replace generic Error with SuspiciousTransactionError

danielpeng1 · danielpeng1 · commit 4714aa63da4a · 2025-10-16T13:00:00.000-04:00
Ticket: WP-6189
diff --git a/modules/abstract-eth/src/abstractEthLikeNewCoins.ts b/modules/abstract-eth/src/abstractEthLikeNewCoins.ts
@@ -28,6 +28,7 @@ import {
   PresignTransactionOptions as BasePresignTransactionOptions,
   Recipient,
   SignTransactionOptions as BaseSignTransactionOptions,
+  SuspiciousTransactionError,
   TransactionParams,
   TransactionPrebuild as BaseTransactionPrebuild,
   TransactionRecipient,
@@ -2777,13 +2778,13 @@ export abstract class AbstractEthLikeNewCoins extends AbstractEthLikeCoin {
         (txParams.type && ['acceleration', 'fillNonce', 'transferToken', 'tokenApproval'].includes(txParams.type))
       )
     ) {
-      throw new Error(`missing txParams`);
+      throw new SuspiciousTransactionError(`missing txParams`);
     }
     if (!wallet || !txPrebuild) {
-      throw new Error(`missing params`);
+      throw new SuspiciousTransactionError(`missing params`);
     }
     if (txParams.hop && txParams.recipients && txParams.recipients.length > 1) {
-      throw new Error(`tx cannot be both a batch and hop transaction`);
+      throw new SuspiciousTransactionError(`tx cannot be both a batch and hop transaction`);
     }
 
     if (txParams.type && ['transfer'].includes(txParams.type)) {
@@ -2798,21 +2799,25 @@ export abstract class AbstractEthLikeNewCoins extends AbstractEthLikeCoin {
         const txJson = tx.toJson();
         if (txJson.data === '0x') {
           if (expectedAmount !== txJson.value) {
-            throw new Error('the transaction amount in txPrebuild does not match the value given by client');
+            throw new SuspiciousTransactionError(
+              'the transaction amount in txPrebuild does not match the value given by client'
+            );
           }
           if (expectedDestination.toLowerCase() !== txJson.to.toLowerCase()) {
-            throw new Error('destination address does not match with the recipient address');
+            throw new SuspiciousTransactionError('destination address does not match with the recipient address');
           }
         } else if (txJson.data.startsWith('0xa9059cbb')) {
           const [recipientAddress, amount] = getRawDecoded(
             ['address', 'uint256'],
             getBufferedByteCode('0xa9059cbb', txJson.data)
           );
           if (expectedAmount !== amount.toString()) {
-            throw new Error('the transaction amount in txPrebuild does not match the value given by client');
+            throw new SuspiciousTransactionError(
+              'the transaction amount in txPrebuild does not match the value given by client'
+            );
           }
           if (expectedDestination.toLowerCase() !== addHexPrefix(recipientAddress.toString()).toLowerCase()) {
-            throw new Error('destination address does not match with the recipient address');
+            throw new SuspiciousTransactionError('destination address does not match with the recipient address');
           }
         }
       }
@@ -2839,20 +2844,22 @@ export abstract class AbstractEthLikeNewCoins extends AbstractEthLikeCoin {
     }
 
     if (!txParams?.recipients || !txPrebuild?.recipients || !wallet) {
-      throw new Error(`missing params`);
+      throw new SuspiciousTransactionError(`missing params`);
     }
     if (txParams.hop && txParams.recipients.length > 1) {
-      throw new Error(`tx cannot be both a batch and hop transaction`);
+      throw new SuspiciousTransactionError(`tx cannot be both a batch and hop transaction`);
     }
     if (txPrebuild.recipients.length > 1) {
-      throw new Error(
+      throw new SuspiciousTransactionError(
         `${this.getChain()} doesn't support sending to more than 1 destination address within a single transaction. Try again, using only a single recipient.`
       );
     }
     if (txParams.hop && txPrebuild.hopTransaction) {
       // Check recipient amount for hop transaction
       if (txParams.recipients.length !== 1) {
-        throw new Error(`hop transaction only supports 1 recipient but ${txParams.recipients.length} found`);
+        throw new SuspiciousTransactionError(
+          `hop transaction only supports 1 recipient but ${txParams.recipients.length} found`
+        );
       }
 
       // Check tx sends to hop address
@@ -2862,7 +2869,7 @@ export abstract class AbstractEthLikeNewCoins extends AbstractEthLikeCoin {
       const expectedHopAddress = optionalDeps.ethUtil.stripHexPrefix(decodedHopTx.getSenderAddress().toString());
       const actualHopAddress = optionalDeps.ethUtil.stripHexPrefix(txPrebuild.recipients[0].address);
       if (expectedHopAddress.toLowerCase() !== actualHopAddress.toLowerCase()) {
-        throw new Error('recipient address of txPrebuild does not match hop address');
+        throw new SuspiciousTransactionError('recipient address of txPrebuild does not match hop address');
       }
 
       // Convert TransactionRecipient array to Recipient array
@@ -2880,15 +2887,17 @@ export abstract class AbstractEthLikeNewCoins extends AbstractEthLikeCoin {
       if (txParams.tokenName) {
         const expectedTotalAmount = new BigNumber(0);
         if (!expectedTotalAmount.isEqualTo(txPrebuild.recipients[0].amount)) {
-          throw new Error('batch token transaction amount in txPrebuild should be zero for token transfers');
+          throw new SuspiciousTransactionError(
+            'batch token transaction amount in txPrebuild should be zero for token transfers'
+          );
         }
       } else {
         let expectedTotalAmount = new BigNumber(0);
         for (let i = 0; i < txParams.recipients.length; i++) {
           expectedTotalAmount = expectedTotalAmount.plus(txParams.recipients[i].amount);
         }
         if (!expectedTotalAmount.isEqualTo(txPrebuild.recipients[0].amount)) {
-          throw new Error(
+          throw new SuspiciousTransactionError(
             'batch transaction amount in txPrebuild received from BitGo servers does not match txParams supplied by client'
           );
         }
@@ -2900,29 +2909,33 @@ export abstract class AbstractEthLikeNewCoins extends AbstractEthLikeCoin {
         !batcherContractAddress ||
         batcherContractAddress.toLowerCase() !== txPrebuild.recipients[0].address.toLowerCase()
       ) {
-        throw new Error('recipient address of txPrebuild does not match batcher address');
+        throw new SuspiciousTransactionError('recipient address of txPrebuild does not match batcher address');
       }
     } else {
       // Check recipient address and amount for normal transaction
       if (txParams.recipients.length !== 1) {
-        throw new Error(`normal transaction only supports 1 recipient but ${txParams.recipients.length} found`);
+        throw new SuspiciousTransactionError(
+          `normal transaction only supports 1 recipient but ${txParams.recipients.length} found`
+        );
       }
       const expectedAmount = new BigNumber(txParams.recipients[0].amount);
       if (!expectedAmount.isEqualTo(txPrebuild.recipients[0].amount)) {
-        throw new Error(
+        throw new SuspiciousTransactionError(
           'normal transaction amount in txPrebuild received from BitGo servers does not match txParams supplied by client'
         );
       }
       if (
         this.isETHAddress(txParams.recipients[0].address) &&
         txParams.recipients[0].address !== txPrebuild.recipients[0].address
       ) {
-        throw new Error('destination address in normal txPrebuild does not match that in txParams supplied by client');
+        throw new SuspiciousTransactionError(
+          'destination address in normal txPrebuild does not match that in txParams supplied by client'
+        );
       }
     }
     // Check coin is correct for all transaction types
     if (!this.verifyCoin(txPrebuild)) {
-      throw new Error(`coin in txPrebuild did not match that in txParams supplied by client`);
+      throw new SuspiciousTransactionError(`coin in txPrebuild did not match that in txParams supplied by client`);
     }
     return true;
   }
diff --git a/modules/abstract-utxo/src/transaction/descriptor/verifyTransaction.ts b/modules/abstract-utxo/src/transaction/descriptor/verifyTransaction.ts
@@ -1,5 +1,5 @@
 import * as utxolib from '@bitgo/utxo-lib';
-import { ITransactionRecipient, VerifyTransactionOptions } from '@bitgo/sdk-core';
+import { ITransactionRecipient, SuspiciousTransactionError, VerifyTransactionOptions } from '@bitgo/sdk-core';
 import { DescriptorMap } from '@bitgo/utxo-core/descriptor';
 
 import { AbstractUtxoCoin, BaseOutput, BaseParsedTransactionOutputs } from '../../abstractUtxoCoin';
@@ -74,7 +74,7 @@ export async function verifyTransaction(
 ): Promise<boolean> {
   const tx = coin.decodeTransactionFromPrebuild(params.txPrebuild);
   if (!(tx instanceof utxolib.bitgo.UtxoPsbt)) {
-    throw new Error('unexpected transaction type');
+    throw new SuspiciousTransactionError('unexpected transaction type');
   }
   assertValidTransaction(tx, descriptorMap, params.txParams.recipients ?? [], tx.network);
   return true;
diff --git a/modules/abstract-utxo/src/transaction/fixedScript/verifyTransaction.ts b/modules/abstract-utxo/src/transaction/fixedScript/verifyTransaction.ts
@@ -1,7 +1,7 @@
 import buildDebug from 'debug';
 import _ from 'lodash';
 import BigNumber from 'bignumber.js';
-import { BitGoBase } from '@bitgo/sdk-core';
+import { BitGoBase, SuspiciousTransactionError } from '@bitgo/sdk-core';
 import * as utxolib from '@bitgo/utxo-lib';
 
 import { AbstractUtxoCoin, Output, ParsedTransaction, VerifyTransactionOptions } from '../../abstractUtxoCoin';
@@ -33,11 +33,11 @@ export async function verifyTransaction<TNumber extends bigint | number>(
   const { txParams, txPrebuild, wallet, verification = {}, reqId } = params;
 
   if (!_.isUndefined(verification.disableNetworking) && !_.isBoolean(verification.disableNetworking)) {
-    throw new Error('verification.disableNetworking must be a boolean');
+    throw new SuspiciousTransactionError('verification.disableNetworking must be a boolean');
   }
   const isPsbt = txPrebuild.txHex && utxolib.bitgo.isPsbt(txPrebuild.txHex);
   if (isPsbt && txPrebuild.txInfo?.unspents) {
-    throw new Error('should not have unspents in txInfo for psbt');
+    throw new SuspiciousTransactionError('should not have unspents in txInfo for psbt');
   }
   const disableNetworking = !!verification.disableNetworking;
   const parsedTransaction: ParsedTransaction<TNumber> = await coin.parseTransaction<TNumber>({
@@ -64,7 +64,7 @@ export async function verifyTransaction<TNumber extends bigint | number>(
   if (!_.isEmpty(keySignatures)) {
     const verify = (key, pub) => {
       if (!keychains.user || !keychains.user.pub) {
-        throw new Error('missing user keychain');
+        throw new SuspiciousTransactionError('missing user keychain');
       }
       return verifyKeySignature({
         userKeychain: keychains.user as { pub: string },
@@ -75,7 +75,7 @@ export async function verifyTransaction<TNumber extends bigint | number>(
     const isBackupKeySignatureValid = verify(keychains.backup, keySignatures.backupPub);
     const isBitgoKeySignatureValid = verify(keychains.bitgo, keySignatures.bitgoPub);
     if (!isBackupKeySignatureValid || !isBitgoKeySignatureValid) {
-      throw new Error('secondary public key signatures invalid');
+      throw new SuspiciousTransactionError('secondary public key signatures invalid');
     }
     debug('successfully verified backup and bitgo key signatures');
   } else if (!disableNetworking) {
@@ -86,11 +86,13 @@ export async function verifyTransaction<TNumber extends bigint | number>(
 
   if (parsedTransaction.needsCustomChangeKeySignatureVerification) {
     if (!keychains.user || !userPublicKeyVerified) {
-      throw new Error('transaction requires verification of user public key, but it was unable to be verified');
+      throw new SuspiciousTransactionError(
+        'transaction requires verification of user public key, but it was unable to be verified'
+      );
     }
     const customChangeKeySignaturesVerified = verifyCustomChangeKeySignatures(parsedTransaction, keychains.user);
     if (!customChangeKeySignaturesVerified) {
-      throw new Error(
+      throw new SuspiciousTransactionError(
         'transaction requires verification of custom change key signatures, but they were unable to be verified'
       );
     }
@@ -100,7 +102,7 @@ export async function verifyTransaction<TNumber extends bigint | number>(
   const missingOutputs = parsedTransaction.missingOutputs;
   if (missingOutputs.length !== 0) {
     // there are some outputs in the recipients list that have not made it into the actual transaction
-    throw new Error('expected outputs missing in transaction prebuild');
+    throw new SuspiciousTransactionError('expected outputs missing in transaction prebuild');
   }
 
   const intendedExternalSpend = parsedTransaction.explicitExternalSpendAmount;
@@ -140,13 +142,13 @@ export async function verifyTransaction<TNumber extends bigint | number>(
     } else {
       // the additional external outputs can only be BitGo's pay-as-you-go fee, but we cannot verify the wallet address
       // there are some addresses that are outside the scope of intended recipients that are not change addresses
-      throw new Error('prebuild attempts to spend to unintended external recipients');
+      throw new SuspiciousTransactionError('prebuild attempts to spend to unintended external recipients');
     }
   }
 
   const allOutputs = parsedTransaction.outputs;
   if (!txPrebuild.txHex) {
-    throw new Error(`txPrebuild.txHex not set`);
+    throw new SuspiciousTransactionError(`txPrebuild.txHex not set`);
   }
   const inputs = isPsbt
     ? getPsbtTxInputs(txPrebuild.txHex, coin.network).map((v) => ({
@@ -163,7 +165,7 @@ export async function verifyTransaction<TNumber extends bigint | number>(
   const fee = inputAmount - outputAmount;
 
   if (fee < 0) {
-    throw new Error(
+    throw new SuspiciousTransactionError(
       `attempting to spend ${outputAmount} satoshis, which exceeds the input amount (${inputAmount} satoshis) by ${-fee}`
     );
   }
diff --git a/modules/sdk-core/src/bitgo/errors.ts b/modules/sdk-core/src/bitgo/errors.ts
@@ -160,6 +160,12 @@ export class InvalidTransactionError extends BitGoJsError {
   }
 }
 
+export class SuspiciousTransactionError extends BitGoJsError {
+  public constructor(message?: string) {
+    super(message || 'Suspicious transaction detected');
+  }
+}
+
 export class MissingEncryptedKeychainError extends Error {
   public constructor(message?: string) {
     super(message || 'No encrypted keychains on this wallet.');

Original file line number	Diff line number	Diff line change
`@@ -160,6 +160,12 @@ export class InvalidTransactionError extends BitGoJsError {`
`160`	`160`	`}`
`161`	`161`	`}`
`162`	`162`
	`163`	`+export class SuspiciousTransactionError extends BitGoJsError {`
	`164`	`+ public constructor(message?: string) {`
	`165`	`+ super(message \|\| 'Suspicious transaction detected');`
	`166`	`+ }`
	`167`	`+}`
	`168`	`+`
`163`	`169`	`export class MissingEncryptedKeychainError extends Error {`
`164`	`170`	`public constructor(message?: string) {`
`165`	`171`	`super(message \|\| 'No encrypted keychains on this wallet.');`