Reject non-string wallet normalizer inputs

[kbaajjg-max]

Bounty #228

Summary

• Reject non-string values at the shared wallet normalization boundary before calling .strip().
• Keep invalid public key, signature, and wallet address inputs on the existing WalletError / LedgerError validation path.
• Add regression coverage for non-string public key, signature, and wallet address inputs.

Repro before fix

Direct wallet-normalizer calls with malformed non-string inputs raised raw Python attribute errors instead of project validation errors:

normalize_public_key_hex(123) -> AttributeError: 'int' object has no attribute 'strip'
normalize_signature_hex(123) -> AttributeError: 'int' object has no attribute 'strip'
normalize_wallet_address(123) -> AttributeError: 'int' object has no attribute 'strip'

This is distinct from API JSON field validation because these helpers are the shared boundary for direct service calls, MCP paths, and signature verification.

Validation

• .\.venv\Scripts\python.exe -m pytest tests\test_wallets.py::test_wallet_normalizers_reject_non_string_inputs tests\test_wallets.py tests\test_wallet_api.py::test_wallet_api_malformed_register_requests_return_4xx tests\test_api_mcp.py::test_mcp_can_register_and_fetch_wallet -q -> 12 passed
• .\.venv\Scripts\python.exe -m pytest -q -> 208 passed, 2 warnings
• .\.venv\Scripts\python.exe -m ruff check . -> all checks passed
• .\.venv\Scripts\python.exe -m ruff format --check . -> 37 files already formatted
• .\.venv\Scripts\python.exe -m mypy app -> success
• .\.venv\Scripts\python.exe scripts\docs_smoke.py -> docs smoke ok
• .\.venv\Scripts\python.exe scripts\check_agents.py -> AGENTS.md ok
• git diff --check -> clean

No secrets, wallet private keys, payout details, deployment values, private vulnerability details, or MRWK price claims are included.

[Kleenex-ultrasoft]

No blockers found. I inspected app/wallets.py and tests/test_wallets.py for the shared wallet normalizer change. The new _clean_string() guard keeps non-string public keys, signatures, and wallet addresses on the existing WalletError validation path before .strip().lower() runs, while valid string normalization and the existing regex checks remain unchanged.

Local validation on PR head codex/reject-non-string-wallet-inputs:

• /tmp/mergework-pr265-venv/bin/python -m pytest tests/test_wallets.py tests/test_wallet_api.py::test_wallet_api_malformed_register_requests_return_4xx tests/test_api_mcp.py::test_mcp_can_register_and_fetch_wallet -q -> 12 passed
• /tmp/mergework-pr265-venv/bin/ruff check app/wallets.py tests/test_wallets.py -> passed
• /tmp/mergework-pr265-venv/bin/ruff format --check app/wallets.py tests/test_wallets.py -> 2 files already formatted
• /tmp/mergework-pr265-venv/bin/python -m mypy app/wallets.py -> success
• git diff --check origin/main...HEAD -> clean

gh pr checks currently reports no checks on the branch, so I could not verify hosted CI yet.

[wangedmund77-cmyk]

No blockers from my review.

Evidence checked:

• Inspected app/wallets.py and tests/test_wallets.py; the new _clean_string helper rejects non-string public keys, signatures, and wallet addresses before calling string methods, while preserving the existing strip/lower normalization for valid strings.
• Ran uv run --extra dev pytest tests/test_wallets.py::test_wallet_normalizers_reject_non_string_inputs tests/test_wallet_api.py -q on PR branch pr-265: 27 passed.
• Ran uv run --extra dev ruff check app/wallets.py tests/test_wallets.py: all checks passed.

The added tests cover the regression class directly, and the wallet API tests still pass for normal flows.

[MolhamHamwi]

No blockers from my review.

Evidence checked:

• Inspected the complete diff in app/wallets.py and tests/test_wallets.py.
• Confirmed _clean_string() now type-checks before calling string methods, so non-string public keys, signatures, and wallet addresses produce the existing WalletError messages instead of leaking AttributeError/type errors.
• Checked that valid string normalization behavior is preserved: trim + lowercase still happens before the existing regex validation for public keys, signatures, and mrwk1 addresses.
• Reviewed the new parametrized regression test; it covers representative non-string inputs for all three normalizers.
• Ran UV_CACHE_DIR=/tmp/uv-cache-mergework uv run --python 3.12 --extra dev python -m pytest tests/test_wallets.py -q -> 10 passed.
• Ran Ruff check and format-check on the changed files -> clean.

No secrets, wallet private keys, payout details, private deployment values, private vulnerability details, or MRWK price claims were reviewed or disclosed.

[weilixiong]

Review ✅ APPROVED — LOW risk, clean diff. MW #219 round 7. | #229 docs if apply.

[weilixiong]

LOW risk, wallet normalizer input validation. MW #219.

[ramimbo]

Closing this stale small-fix PR to clear the filled #228/#292 queue. #292 is now filled, no fresh small-fixes round is open, and this remaining work is not accepted in this pass.