feat(crypto): mnemonic generation/encryption/decryption/storage#2014
feat(crypto): mnemonic generation/encryption/decryption/storage#2014
Conversation
artemii235
left a comment
There was a problem hiding this comment.
Amazing work! I have a few minor comments 🙂
mm2src/mm2_main/src/lp_wallet.rs
Outdated
| // The passphrase will then be encrypted and saved whether it was generated or provided. | ||
| let wallet_name = deserialize_config_field::<Option<String>>(&ctx, "wallet_name")?; | ||
|
|
||
| let passphrase = match (wallet_name, passphrase) { |
There was a problem hiding this comment.
Relying on existence of wallet_name might a bit confusing (just IMHO/nitpick). What do you think about using more explicit config field like "use_encrypted_wallet"?
There was a problem hiding this comment.
Do you mean that use_encrypted_wallet is a bool?
I wanted to cover the multi seed support for GUIs, so we need different wallet names as identifiers.
1 - For new wallet creation, only a wallet name and a password is passed, a seed is generated by mm2 and saved in wallet_name.dat
2 - If a wallet name already exists, we decrypt the wallet_name.dat using the password
3 - To import a wallet, we use wallet_name, passphrase and password
I guess I didn't cover the case where a seed file is uploaded, so it will be provided as encrypted to mm2, I can add this case I guess. Also, I can maybe use a struct for all the wallet data, so the parameter passed can look like the below:
"wallet": {
"name": "wallet_name", // Optional for legacy operations where the passphrase is provided each time from GUIs
"password": "PASSWORD",
"passphrase": "PASSPHRASE" // This is an optional enum for either encrypted or plaintext
}This will not be easy to use on cli though.
One more note: For GUIs to migrate, they will need to provide the seed phrase, wallet name, password from their files similar to how importing a wallet works. GUIs can then delete their seed file which uses different encryption algorithms that we plan to deprecate.
What is your opinion on all this @artemii235 :)
There was a problem hiding this comment.
I just understood now that you meant to use use_encrypted_wallet in addition to wallet_name, Will this be needed if I used a struct as shown in the previous comment?
There was a problem hiding this comment.
I think it's not needed actually 🙂 Thanks for the detailed explanation!
There was a problem hiding this comment.
Yeah, I also shouldn't use a struct as I suggested to maintain backward compatibility for the passphrase field. I will add the option to pass an encrypted passphrase for the case of uploading a seed file in next iteration, so I will leave this unresolved until then.
There was a problem hiding this comment.
I will add the option to pass an encrypted passphrase for the case of uploading a seed file in next iteration, so I will leave this unresolved until then.
Done
|
Do I understand it right that we sometimes call 'mnemonic' as 'passphrase' in the code (as I can see in bip39 'passphrase' is an optional extra string to additionally protect the mnemonic)? |
laruh
left a comment
There was a problem hiding this comment.
Impressive work!
I have just comment now
Yeah, |
It was a bit confusing for me first time. Maybe we could make a separate PR for this |
I meant |
…DEFAULT_WORD_COUNT = 12
|
I changed the default word count of mnemonics to |
mm2src/mm2_main/src/lp_wallet.rs
Outdated
| MnemonicError(String), | ||
| #[display(fmt = "Error initializing crypto context: {}", _0)] | ||
| CryptoInitError(String), | ||
| Internal(String), |
There was a problem hiding this comment.
Maybe good to name internal errors everywhere identically ('InternalError')
- Rename `SYMMETRIC_KEY_SEED` to `MASTER_NODE_HMAC_KEY` for clarity - Change `initialize_wallet_passphrase` to take a reference to `MmArc` - Remove unnecessary comments and fix some errors
onur-ozkan
left a comment
There was a problem hiding this comment.
Left some dependency information (please note that I haven't checked for sec advisories on them).
| doctest = false | ||
|
|
||
| [dependencies] | ||
| aes = "0.8.3" |
There was a problem hiding this comment.
Q: Can we use version 0.7.5 instead of duplicating this dependency?
There was a problem hiding this comment.
I wanted to use the latest version for such an important encryption, after this #1957 is merged I can try to update 0.7.5 to 0.8.3 instead in librustzcash
|
Copied none finished items in this checklist to the parent issue #1939 (comment). Will resolve conflicts then write docs for QA and merge this PR. |
|
@KomodoPlatform/qa This Pull Request introduces a new optional parameter, When
So, when wallet_name is passed, seed management is completely handled by mm2 instead of GUIs. If it's not passed, it's the legacy approach where seed is managed by GUIs and the passphrase/mnemonic is passed to mm2 during initialization. A new API method called Request for encrypted passphrase:{
"userpass": "{{userpass}}",
"mmrpc": "2.0",
"method": "get_mnemonic",
"params": {
"format": "encrypted"
}
}Response for encrypted passphrase request:{
"format": "encrypted",
"encrypted_mnemonic_data": {
// Encrypted data
}
}Request for plaintext passphrase:{
"userpass": "{{userpass}}",
"mmrpc": "2.0",
"method": "get_mnemonic",
"params": {
"format": "plaintext",
"password": "password123" // The password used to encrypt the passphrase when the wallet was created
}
}Response for plaintext passphrase request:{
"format": "plaintext",
"mnemonic": "your_mnemonic_here"
} |
* dev: feat(nft-swap): nft swap protocol v2 POC (GLEECBTC#2084) fix(zcoin): syncing and activation improvements (GLEECBTC#2089) feat(crypto): mnemonic generation/encryption/decryption/storage (GLEECBTC#2014) fix(eth): error handling in RPCs (GLEECBTC#2090)
#1939
Checklist
aes,cbc,cipher,hmacTodo:
wallet_rmd160.tiny-bip39crate and usebip39instead in adex-cli.aeshas some features to optimize compilation size vs performance on certain architectures.Future: