chore(wallet): migrate to Blowfish API v2023-06-05

[onyb]

Resolves brave/brave-browser#34619

EVM docs	https://docs.blowfish.xyz/reference/scan-transactions-evm

Solana docs	https://docs.blowfish.xyz/reference/scan-transactions-solana

Submitter Checklist:

• I confirm that no security/privacy review is needed and no other type of reviews are needed, or that I have requested them
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally:
  • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
  • npm run lint, npm run presubmit wiki, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

N/A

[github-actions]

[puLL-Merge] - brave/brave-core@21609

Description

This PR includes changes for updating the constant kBlowfishAPIVersion within the Brave Wallet component to a newer timestamp value, and it modifies the EncodeScanTransactionParams functions and their respective tests to handle a new data structure.

The updates in simulation_request_helper.cc seem to be focused on refactoring the functions responsible for building the transaction scan simulation request payloads for EVM and Solana transactions, updating returned values to include additional information (i.e. userAccount) in a pair, and adjusting the unit tests accordingly.

The rationale for these changes could include meeting new requirements from the simulation API endpoint (possibly for Blowfish, a service that scans transactions for security purposes), or improving the functionalities by including more relevant data in the transaction simulation request.

Changes

Changes

Changes are organized by filename.

brave_wallet/browser/simulation_request_helper.cc

• Modified EncodeScanTransactionParams function signatures to return a pair with the second element being the user account.
• Updated function bodies to handle new structure and include user account in the return value.

brave_wallet/browser/simulation_request_helper.h

• Reflected changes in function declarations to match updates in the .cc file.

brave_wallet/browser/simulation_request_helper_unittest.cc

• Adjusted unit tests to validate the updated functions which now return a pair containing the user account.

brave_wallet/browser/simulation_response_parser.cc

• Refactored the ParseSimulationResponse functions, taking into account new structures and potentially more reliable parsing.

brave_wallet/browser/simulation_response_parser.h

• Updated the function declarations to match the new parsing logic.

Security Hotspots

1. brave_wallet/browser/simulation_request_helper.cc & brave_wallet/browser/simulation_request_helper_unittest.cc:

   • Ensure that returning the user account as part of responses does not expose sensitive information or create a vector for security breaches when communicated outside trusted components.

2. brave_wallet/browser/simulation_response_parser.cc:

   • Validate that parsing changes do not introduce any risk of interpreting the simulation response data incorrectly.

3. General:

   • Confirm that the newly included timestamp for the Blowfish API version does not lead to any API incompatibilities or unexpected behaviors.
   • Verify that the addition of the userAccount to the transaction scan simulation payload meets all necessary privacy and security requirements.

These hotspot areas should be carefully reviewed and tested to ensure they meet the required security standards before merging the pull request.

[supermassive]

wallet core lgtm

[supermassive]

wallet core lgtm

[brave-builds]

A Storybook has been deployed to preview UI for the latest push

[josheleonard]

Frontend ++

Great work!

[brave-builds]

A Storybook has been deployed to preview UI for the latest push

[StephenHeaps]

iOS++

[cdesouza-chromium]

There was a bug on this relating to this field not being substituted. This was recently fixed in a separate PR [1]. A review of these tests should follow to make sure they cover both fail and success routes to make sure we are in general testing what we think to be testing. An [2] issue has been created for this review.

[1] #25643
[2] brave/brave-browser#41144