stricter validation

modules/ipc/ipcProviderBackend.js

@@ -20,7 +20,7 @@ const Windows = require('../windows');
 
 
 const ERRORS = {
-    INVALID_PAYLOAD: { code: -32600, message: 'Payload, or some of its content properties are invalid. Please check if they are valid HEX.' },
+    INVALID_PAYLOAD: { code: -32600, message: 'Payload, or some of its content properties are invalid. Please check if they are valid HEX with \'0x\' prefix.' },
     METHOD_DENIED: { code: -32601, message: "Method \'__method__\' not allowed." },
     METHOD_TIMEOUT: { code: -32603, message: "Request timed out for method  \'__method__\'." },
     TX_DENIED: { code: -32603, message: 'Transaction denied' },

modules/ipc/methods/eth_sendTransaction.js

@@ -36,16 +36,15 @@ module.exports = class extends BaseProcessor {
             try {
                 _.each(payload.params[0], (val, key) => {
                     // if doesn't have hex then leave
-                    if (_.isString(val) || _.isNumber(val)) {
-
+                    if (!_.isString(val)) {
+                        throw this.ERRORS.INVALID_PAYLOAD;
+                    } else {
                         // make sure all data is lowercase and has 0x
-                        if (val) val = `0x${val.toLowerCase().replace('0x', '')}`;
+                        if (val) val = `0x${val.toLowerCase().replace(/^0x/igm, '')}`;
 
-                        if (val.match(/[^0-9a-fx]/igm)) {
+                        if (val.substr(2).match(/[^0-9a-f]/igm)) {
                             throw this.ERRORS.INVALID_PAYLOAD;
                         }
-                    } else {
-                        throw this.ERRORS.INVALID_PAYLOAD;
                     }
 
                     payload.params[0][key] = val;