Add guard check for signing algorithm (#2278)

Previously unsupported algorithm would not throw exceptions.

Co-authored-by: Caleb Kniffen <[email protected]>

packages/xrpl/HISTORY.md

@@ -4,6 +4,7 @@ Subscribe to [the **xrpl-announce** mailing list](https://groups.google.com/g/xr
 ## Unreleased
 
 ### Added
+* Guard check for signing algorithm used in `Wallet.generate()`
 * Null and undefined values in transactions are now treated as though the field was not passed in.
 
 ### Fixed

packages/xrpl/src/Wallet/index.ts

@@ -129,8 +129,13 @@ class Wallet {
    *
    * @param algorithm - The digital signature algorithm to generate an address for.
    * @returns A new Wallet derived from a generated seed.
+   *
+   * @throws ValidationError when signing algorithm isn't valid
    */
   public static generate(algorithm: ECDSA = DEFAULT_ALGORITHM): Wallet {
+    if (!Object.values(ECDSA).includes(algorithm)) {
+      throw new ValidationError('Invalid cryptographic signing algorithm')
+    }
     const seed = generateSeed({ algorithm })
     return Wallet.fromSeed(seed)
   }

packages/xrpl/test/wallet/index.test.ts

@@ -57,6 +57,15 @@ describe('Wallet', function () {
       assert.isTrue(wallet.classicAddress.startsWith(classicAddressPrefix))
     })
 
+    it('generates a new wallet using an invalid/unknown algorithm', function () {
+      const algorithm = 'test'
+
+      assert.throws(() => {
+        // @ts-expect-error -- We know it is an invalid algorithm
+        Wallet.generate(algorithm)
+      }, /Invalid cryptographic signing algorithm/u)
+    })
+
     it('generates a new wallet using algorithm ecdsa-secp256k1', function () {
       const algorithm = ECDSA.secp256k1
       const wallet = Wallet.generate(algorithm)