feat(client/keys): support display discreetly for keys export

[Halimao]

Closes: #18668

[coderabbitai]

Walkthrough

The recent update focuses on enhancing the security and user experience of key handling within the client module. It introduces discreet display of sensitive information like private keys and mnemonics on alternate screens, with an option to disable this feature. Telemetry sinks have been activated, and the key export function now supports showing the unarmored hex private key discreetly, with a new --indiscreet flag to override the discreet behavior.

Changes

File(s)	Change Summary
CHANGELOG.md	Details added about improvements in key handling, discreet display options, and telemetry sinks activation.
client/keys/export.go	Removed import, modified function arguments, added a new flag for indiscreet display, and updated private key printing logic.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on X ?

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• You can reply to a review comment from CodeRabbit.
• You can also chat with CodeRabbit bot directly around the specific lines of code or files in the PR by tagging @coderabbitai in a new comment.
• You can tag @coderabbitai in a PR comment and ask questions about the PR and the codebase.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

[coderabbitai]

Review Status

Actionable comments generated: 1

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 8cfdabb and 142697d.

Files selected for processing (3)

• CHANGELOG.md (1 hunks)
• client/keys/export.go (3 hunks)
• client/keys/export_test.go (3 hunks)

Additional comments: 10

CHANGELOG.md (1)

• 56-62: > Note: This review was outside the patches, so it was mapped to the patch with the greatest overlap. Original lines [15-1255]

The provided changelog covers a wide range of updates across multiple versions of the Cosmos SDK, with a particular emphasis on the Stargate release (v0.40.0 and above). This release introduces significant features, improvements, and breaking changes, including the migration to Protobuf for state serialization, the introduction of gRPC and gRPC Gateway based APIs, and changes to the x/ibc module reflecting IBC alpha updates.

Key points to note for the Stargate release:

• Introduction of Protobuf-based state serialization.
• New gRPC and gRPC Gateway based APIs for querying app & module data.
• Changes to the x/ibc module from IBC alpha updates.
• Removal of Amino JSON support in certain areas.
• Introduction of the Capability module as per ADR 3.
• Changes to client CLI commands and REST endpoints.

For detailed information on previous versions and migrations, refer to the previous releases section of the changelog.

client/keys/export.go (5)

• 44-44: The function exportUnsafeUnarmored now takes client.Context as its first argument. Verify that all calls to this function have been updated accordingly.

• 84-92: The new flagIndiscreet is introduced to control the discreet printing of private keys. Ensure that the implementation of this feature does not inadvertently leak sensitive information.

• 9-13: The import github.com/cosmos/cosmos-sdk/crypto/keyring has been removed. Confirm that this does not affect other parts of the code that may rely on the keyring functionality.

• 74-94: The unsafeExportPrivKeyHex function is used for exporting private keys in an unarmored format. Review the usage of this function to ensure it is secure and that there are adequate warnings and confirmations for the user.

• 94-95: Review the unsafeExporter interface and its implementations to ensure they are secure and follow best practices for handling private key material.

client/keys/export_test.go (4)

• 23-30: The addition of the expectedOutputContain field in the test case struct is a good approach to validate the output when the exact match is not required, which can be useful for testing outputs that include dynamic or non-deterministic data.

• 53-66: The new test cases added appear to be comprehensive and well-structured, ensuring that the new functionality is tested under different conditions and with various flag combinations.

• 69-74: The test case for the file keyring backend with the --indiscreet flag is a good addition to ensure that the new feature works as expected across different keyring backends.

• 115-122: The error handling in the test cases is robust, correctly distinguishing between scenarios where an error is expected and those where the command should succeed. The additional checks for expectedOutput and expectedOutputContain are well-implemented.

[julienrbrt]

utACK