Fix: Add Zod Validation to Internal and External Endpoints (Issue #434)

[Roaring30s]

Add Comprehensive Zod Validation to API Endpoints

Fixes #434

Summary

This PR implements comprehensive Zod validation across all API endpoints mentioned in the original issue, covering input validation, output validation, and external API response validation. Additionally, several instances of unsafe destructuring have been fixed to prevent runtime crashes.

Changes

Validation Coverage

• ✅ Input validation: All user-provided data (query params, request bodies, path params)
• ✅ Output validation: All API responses before sending to client
• ✅ External API validation: All responses from external services (subgraph, Pinata, livepeer.com, etc.)
• ✅ Safe destructuring: Replaced unsafe destructuring with Zod safeParse() and explicit checks

Schema Organization

• Created centralized schema files:
  • lib/api/schemas/subgraph.ts - Subgraph response schemas
  • lib/api/schemas/ens.ts - ENS provider response schemas
  • lib/api/schemas/changefeed.ts - Changefeed GraphQL schemas
  • Enhanced existing schema files with stricter validation

Endpoints Validated

Fully Tested ✅

• /api/account-balance/[address]
• /api/ens-data/[address]
• /api/ens-data (bulk lookup)
• /api/ens-data/image/[name]
• /api/l1-delegator/[address]
• /api/pending-stake/[address]
• /api/pipelines
• /api/regions
• /api/treasury/* (4 endpoints)
• /api/contracts
• /api/current-round
• /api/generateProof (via Postman)
• /api/totalTokenSupply
• /api/upload-ipfs (via Postman, added 500KB limit)

Validated but Not Fully Tested ⚠️

• /api/score - Missing environment variables
• /api/score/[address] - Missing environment variables
• /api/changefeed - Missing environment variables
• /api/usage - Missing environment variables

Key Improvements

1. ENS Provider Validation: Added runtime validation for ENS resolver responses with graceful fallback
2. Subgraph Safety: All Apollo Client responses now validated before destructuring
3. Bounds Checking: Added array bounds checks in /api/usage to prevent crashes with insufficient data
4. Strict URL/Handle Validation: Using WebUrlSchema, TwitterHandleSchema, and GithubHandleSchema for social links
5. Security: Added 500KB limit to /api/upload-ipfs to prevent payload abuse

⚠️ Warning to Reviewers

The following endpoints could not be fully tested due to missing environment variables:

• /api/score
• /api/score/[address]
• /api/changefeed
• /api/usage

The validation logic has been implemented and follows the same patterns as tested endpoints, but happy path testing is recommended once environment variables are available.

Manual Testing URLs

For quick manual testing, use the following endpoints:

http://localhost:3000/api/account-balance/0x13364c017b282fb033107b3c0ccbf762332aceba

http://localhost:3000/api/ens-data/0x13364c017b282fb033107b3c0ccbf762332aceba

http://localhost:3000/api/ens-data

http://localhost:3000/api/ens-data/image/day-dreamer.eth

http://localhost:3000/api/l1-delegator/0x13364c017b282fb033107b3c0ccbf762332aceba

http://localhost:3000/api/pending-stake/0x13364c017b282fb033107b3c0ccbf762332aceba

http://localhost:3000/api/pipelines

http://localhost:3000/api/regions

http://localhost:3000/api/treasury/proposal/47675980806842999962173227987422002121354040219792725319563843023665050472833/state

http://localhost:3000/api/treasury/proposal/47675980806842999962173227987422002121354040219792725319563843023665050472833/votes/0x13364c017b282fb033107b3c0ccbf762332aceba

http://localhost:3000/api/treasury/votes/0x6cb1ce2516fb7d211038420a8cf9a843c7bd3b08

http://localhost:3000/api/treasury/votes/0x6cb1ce2516fb7d211038420a8cf9a843c7bd3b08/registered

http://localhost:3000/api/contracts

http://localhost:3000/api/current-round

http://localhost:3000/api/totalTokenSupply

Postman-only endpoints:

• /api/generateProof (POST with account, delegate, stake, fees)
• /api/upload-ipfs (POST with poll proposal shape)

Breaking Changes

None. All validation uses graceful fallbacks where appropriate.

[vercel]

@Roaring30s is attempting to deploy a commit to the Livepeer Foundation Team on Vercel.

A member of the Team first needs to authorize it.