Validate submit EVM address inputs

[TUPM96]

Summary

• validate the original EVM address input format before normalizing it
• reuse that validation for both BGL->WBGL and WBGL->BGL submit handlers
• add regression coverage for malformed, short, long, non-hex, checksummed, lowercase, and no-prefix address inputs

Why

The previous handlers called common.HexToAddress(input).Hex() before validation. That can turn malformed inputs such as 0x1 or non-address strings into padded/canonical addresses, allowing bad user input past the validation gate.

Validation

• go test ./workers/handlers
• go test ./...

Refs #3.
Submitting as a focused bridge robustness/test-coverage improvement under BitgesellOfficial/bitgesell#39 if maintainers consider it eligible. Payout details can be provided privately if approved.

[Copilot]

Pull request overview

This PR hardens bridge submit handlers by validating EVM address inputs before they can be normalized into a canonical 20-byte address, preventing malformed user input from slipping past validation. It also centralizes the validation logic and adds regression tests for common malformed/edge-case address inputs.

Changes:

• Introduces a shared validateEVMAddress helper and reuses it in both SubmitBGL and SubmitWBGL.
• Updates submit handlers to validate the raw user-provided EVM address input rather than validating a normalized/padded version.
• Adds unit tests covering malformed, short/long, non-hex, checksummed, lowercase, and no-prefix inputs.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
workers/handlers/SubmitWBGL.go	Replaces inline EVM address validation with shared helper in the WBGL→BGL submit handler.
workers/handlers/SubmitBGL.go	Replaces inline EVM address validation with shared helper in the BGL→WBGL submit handler.
workers/handlers/address.go	Adds centralized EVM address validation helper.
workers/handlers/address_test.go	Adds regression tests for the new EVM address validation helper.

Comments suppressed due to low confidence (2)

workers/handlers/SubmitWBGL.go:55

• validateEVMAddress() accepts non-0x-prefixed addresses, but later SubmitWBGL compares req.EthAddress with address.Hex() (always 0x-prefixed) using strings.EqualFold. A valid no-prefix input will pass validation but fail the signature match check. Normalize req.EthAddress to a canonical 0x-prefixed form after validation (or require the prefix in validation) to keep behavior consistent.

	if err := validateEVMAddress(req.EthAddress); err != nil {
		log.Printf("Error validating Eth address '%s': %s\n", req.EthAddress, err.Error())
		responseJSON(w, &APIResponse{
			Status:  "error",
			Field:   "ethAddress",

workers/handlers/SubmitBGL.go:50

• On EVM address validation failure, the response sets Field to "ethAddress", but the request payload field is "address" (BGLtoWBGLBindingRequest.Address). This makes the error response inconsistent for API clients and harder to map back to the submitted JSON field.

		responseJSON(w, &APIResponse{
			Status:  "error",
			Field:   "ethAddress",
			Message: "No ethereum address or invalid address provided",
		}, http.StatusBadRequest)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.