-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
R4R: Improve crypto/keys and add keys mnemonic
and keys new
commands
#2090
Conversation
some relevant background: tendermint/go-crypto#89 - it looks like the issue has been fixed both in tyler-smith and bartekn. tyler-smith repo is quite active again so we took the commit with the fix before all the new activity. |
Codecov Report
@@ Coverage Diff @@
## develop #2090 +/- ##
==========================================
- Coverage 60.13% 57.9% -2.24%
==========================================
Files 152 140 -12
Lines 8870 8119 -751
==========================================
- Hits 5334 4701 -633
+ Misses 3167 3121 -46
+ Partials 369 297 -72 |
} | ||
|
||
algo := keys.Secp256k1 // SigningAlgo(viper.GetString(flagType)) | ||
path := bip44Params.DerivationPath() // ccrypto.DerivationPath{44, 118, account, 0, index} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does the ledger enforce BIP44 (ie. it knows the first three fields are hardened) or do we need to pass in hardened values here ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The go client will harden first three bytes
https://github.com/ZondaX/ledger-goclient/blob/4296ee5701e945f9b3a7dbe51f402e0b9be57259/ledger.go#L245-L248
* add tendermint fork of golang.org/x/crypto * pin some transitive deps
* remove in favour of fork of golang.org/x/crypto/bcrypt at github.com/tendermint/crypto/bcrypt
* use fork cosmos/go-bip39 instead
It isn't clear in the client what the mnemonic password is vs the encryption password. Kinda think we should just not expose the mnemonic password for now... The KeyBase doesn't support it besides via the Derive function... |
keys mnemonic
and keys new
keys mnemonic
and keys new
commands
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will PR in my work now.
|
||
// if we're using ledger, only thing we need is the path. | ||
// generate key and we're done. | ||
if viper.GetBool(client.FlagUseLedger) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could be part of the prompt flow, no? I.e., Do you want to use Ledger [y/n]?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could be, but since its just boolean (and not really sensitive info) seems fine to leave as a flag
client/keys/new.go
Outdated
// get the mnemonic | ||
var mnemonic string | ||
if !useDefaults { | ||
fmt.Println("> Enter your bip39 mnemonic.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For all these prompts, I made a helper method in the client
package in my PR you can use to prompt the user - client.GetString()
. I'll merge that into this branch.
client/keys/mnemonic.go
Outdated
return err | ||
} | ||
fmt.Println("> Input length:", len(inputEntropy)) | ||
if len(inputEntropy) < 99 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want to require this amount of entropy from the user rather than warning them if the provided entropy is weak?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes
sup with this PR is it WIP or R4R? seems inactive |
Should be R4R as far as I know. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cool, I fixed the lint here are some superficial comments
if isHardened(spl[3]) || isHardened(spl[4]) { | ||
return nil, | ||
fmt.Errorf("fourth and fifth field in path must not be hardened (ie. not contain the suffix ', got %v and %v", spl[3], spl[4]) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
all these if statements could be lumped into a switch statement - make it a bit more concise
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How's that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Having all those if statements lined up (which have returns, so they effectively act as chained if-else statements) act identically as a switch statement - I like compactness where it's appropriate but doesn't super matter here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you show me what the switch statement would look like? Each of these conditions is on a different piece of the slice, so not clear to me what we could switch on
client/input.go
Outdated
// GetString simply returns the trimmed string output of a given reader. | ||
func GetString(prompt string, buf *bufio.Reader) (string, error) { | ||
if inputIsTty() && prompt != "" { | ||
fmt.Println(prompt) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please redirect the prompt to stderr
: fmt.Fprint(os.Stderr, prompt)
client/keys/new.go
Outdated
// nolint: gocyclo | ||
func runNewCmd(cmd *cobra.Command, args []string) error { | ||
|
||
if len(args) != 1 || len(args[0]) == 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd use cobra.ExactArgs(1)
From @NodeGuy #1442 (comment):
|
Lol bucky you're getting slashed for leaving this PR open (and almost ready to merge) for 2 months |
I had till midnight tonight and I totally made it. All comments addressed. Tests fail I think due to unrelated non-determinism ... |
@fedekunze sounds like this should be a new issue? |
Sorry for the massive PR and for letting it hang so long guys. Thanks for all the nice review. |
Yeah
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good - couple linting issues still need to pass before merge - but all my concerns addressed
@@ -133,5 +128,6 @@ func readLineFromBuf(buf *bufio.Reader) (string, error) { | |||
|
|||
// PrintPrefixed prints a string with > prefixed for use in prompts. | |||
func PrintPrefixed(msg string) { | |||
fmt.Printf("> %s\n", msg) | |||
msg = fmt.Sprintf("> %s\n", msg) | |||
fmt.Fprint(os.Stderr, msg) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe it's better to avoid modifying msg
and just do
fmt.Fprint(os.Stderr, fmt.Sprintf("> %s\n", msg))
Ref: #2089 and #2091
gaiacli keys mnemonic
andgaiacli keys new
commandsTagging @cwgoes @liamsi so they're aware
docs/
)PENDING.md
that include links to the relevant issue or PR that most accurately describes the change.cmd/gaia
andexamples/
For Admin Use: