From 5e3300d38744964367b5f6f607725e1f663ad14b Mon Sep 17 00:00:00 2001
From: Carl Beekhuizen <carl@ethereum.org>
Date: Wed, 16 Sep 2020 22:38:44 +0200
Subject: [PATCH 1/4] Verify deposit_data.json amounts within [1, 32] ETH

---
 eth2deposit/credentials.py     | 5 +++++
 eth2deposit/utils/constants.py | 5 +++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/eth2deposit/credentials.py b/eth2deposit/credentials.py
index c76f867..1e0fb99 100644
--- a/eth2deposit/credentials.py
+++ b/eth2deposit/credentials.py
@@ -4,6 +4,7 @@ import json
 from typing import Dict, List
 from py_ecc.bls import G2ProofOfPossession as bls
 
+from eth2deposit.exceptions import ValidationError
 from eth2deposit.key_handling.key_derivation.path import mnemonic_and_path_to_key
 from eth2deposit.key_handling.keystore import (
     Keystore,
@@ -11,6 +12,8 @@ from eth2deposit.key_handling.keystore import (
 )
 from eth2deposit.utils.constants import (
     BLS_WITHDRAWAL_PREFIX,
+    ETH2GWEI,
+    MAX_DEPOSIT_AMOUNT,
 )
 from eth2deposit.utils.crypto import SHA256
 from eth2deposit.utils.ssz import (
@@ -57,6 +60,8 @@ class Credential:
 
     @property
     def deposit_message(self) -> DepositMessage:
+        if self.amount > MAX_DEPOSIT_AMOUNT:
+            raise ValidationError(f"{self.amount / ETH2GWEI} ETH is more than the maximum allowed deposit.")
         return DepositMessage(
             pubkey=self.signing_pk,
             withdrawal_credentials=self.withdrawal_credentials,
diff --git a/eth2deposit/utils/constants.py b/eth2deposit/utils/constants.py
index 8317d79..a0f40a5 100644
--- a/eth2deposit/utils/constants.py
+++ b/eth2deposit/utils/constants.py
@@ -7,8 +7,9 @@ ZERO_BYTES32 = b'\x00' * 32
 DOMAIN_DEPOSIT = bytes.fromhex('03000000')
 BLS_WITHDRAWAL_PREFIX = bytes.fromhex('00')
 
-MIN_DEPOSIT_AMOUNT = 2 ** 0 * 10 ** 9
-MAX_DEPOSIT_AMOUNT = 2 ** 5 * 10 ** 9
+ETH2GWEI = 10 ** 9
+MIN_DEPOSIT_AMOUNT = 2 ** 0 * ETH2GWEI
+MAX_DEPOSIT_AMOUNT = 2 ** 5 * ETH2GWEI
 
 
 # File/folder constants

From bc51a32eeecdd3e396a3d764cba9902fa02c6009 Mon Sep 17 00:00:00 2001
From: Carl Beekhuizen <carl@ethereum.org>
Date: Thu, 17 Sep 2020 12:47:37 +0200
Subject: [PATCH 2/4] Verify amount upper & lower bounds

---
 eth2deposit/credentials.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/eth2deposit/credentials.py b/eth2deposit/credentials.py
index 1e0fb99..cf5cd9b 100644
--- a/eth2deposit/credentials.py
+++ b/eth2deposit/credentials.py
@@ -14,6 +14,7 @@ from eth2deposit.utils.constants import (
     BLS_WITHDRAWAL_PREFIX,
     ETH2GWEI,
     MAX_DEPOSIT_AMOUNT,
+    MIN_DEPOSIT_AMOUNT,
 )
 from eth2deposit.utils.crypto import SHA256
 from eth2deposit.utils.ssz import (
@@ -60,8 +61,8 @@ class Credential:
 
     @property
     def deposit_message(self) -> DepositMessage:
-        if self.amount > MAX_DEPOSIT_AMOUNT:
-            raise ValidationError(f"{self.amount / ETH2GWEI} ETH is more than the maximum allowed deposit.")
+        if MIN_DEPOSIT_AMOUNT > self.amount > MAX_DEPOSIT_AMOUNT:
+            raise ValidationError(f"{self.amount / ETH2GWEI} ETH is not within the bounds of the deposit-cli.")
         return DepositMessage(
             pubkey=self.signing_pk,
             withdrawal_credentials=self.withdrawal_credentials,

From 8bfdd38aba2680a2ec990c7718309992d20b4e59 Mon Sep 17 00:00:00 2001
From: Carl Beekhuizen <carl@ethereum.org>
Date: Thu, 17 Sep 2020 14:55:15 +0200
Subject: [PATCH 3/4] Bounds json deposit ammounts correctly

---
 eth2deposit/credentials.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/eth2deposit/credentials.py b/eth2deposit/credentials.py
index cf5cd9b..abcb222 100644
--- a/eth2deposit/credentials.py
+++ b/eth2deposit/credentials.py
@@ -61,8 +61,8 @@ class Credential:
 
     @property
     def deposit_message(self) -> DepositMessage:
-        if MIN_DEPOSIT_AMOUNT > self.amount > MAX_DEPOSIT_AMOUNT:
-            raise ValidationError(f"{self.amount / ETH2GWEI} ETH is not within the bounds of the deposit-cli.")
+        if not MIN_DEPOSIT_AMOUNT <= self.amount <= MAX_DEPOSIT_AMOUNT:
+            raise ValidationError(f"{self.amount / ETH2GWEI} ETH deposits are not within the expected bounds of this cli.")
         return DepositMessage(
             pubkey=self.signing_pk,
             withdrawal_credentials=self.withdrawal_credentials,

From 77891acbe24a638500818a864173bb88655669a3 Mon Sep 17 00:00:00 2001
From: Carl Beekhuizen <carl@ethereum.org>
Date: Thu, 17 Sep 2020 15:03:34 +0200
Subject: [PATCH 4/4] Shorten amount-bound error message

---
 eth2deposit/credentials.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eth2deposit/credentials.py b/eth2deposit/credentials.py
index abcb222..e878647 100644
--- a/eth2deposit/credentials.py
+++ b/eth2deposit/credentials.py
@@ -62,7 +62,7 @@ class Credential:
     @property
     def deposit_message(self) -> DepositMessage:
         if not MIN_DEPOSIT_AMOUNT <= self.amount <= MAX_DEPOSIT_AMOUNT:
-            raise ValidationError(f"{self.amount / ETH2GWEI} ETH deposits are not within the expected bounds of this cli.")
+            raise ValidationError(f"{self.amount / ETH2GWEI} ETH deposits are not within the bounds of this cli.")
         return DepositMessage(
             pubkey=self.signing_pk,
             withdrawal_credentials=self.withdrawal_credentials,