Replace address with keyUid in accounts db

Account's address was used as a primary key in accounts db and as a deterministic id of an account in some API calls. Also it was used as a part of the name of the account specific database. This revealed some extra information about the account and wasn't necessary. At first the hash of the address was planned to be used as a deterministic id, but we already have a keyUid which is calculated as sha256 hash of account's public key and has similar properties: - it is deterministic - doesn't reveal accounts public key or address in plain
status-im · Dec 5, 2019 · 1897dae · 1897dae
1 parent fd49b01
commit 1897dae
Show file tree

Hide file tree

Showing 7 changed files with 41 additions and 52 deletions.
diff --git a/api/geth_backend.go b/api/geth_backend.go
@@ -178,7 +178,7 @@ func (b *GethStatusBackend) ensureAppDBOpened(account multiaccounts.Account, pas
 	if len(b.rootDataDir) == 0 {
 		return errors.New("root datadir wasn't provided")
 	}
-	path := filepath.Join(b.rootDataDir, fmt.Sprintf("app-%x.sql", account.Address))
+	path := filepath.Join(b.rootDataDir, fmt.Sprintf("app-%x.sql", account.KeyUID))
 	b.appDB, err = appdatabase.InitializeDB(path, password)
 	if err != nil {
 		return err
@@ -235,7 +235,7 @@ func (b *GethStatusBackend) startNodeWithKey(acc multiaccounts.Account, password
 	if err != nil {
 		return err
 	}
-	err = b.multiaccountsDB.UpdateAccountTimestamp(acc.Address, time.Now().Unix())
+	err = b.multiaccountsDB.UpdateAccountTimestamp(acc.KeyUID, time.Now().Unix())
 	if err != nil {
 		return err
 	}
@@ -291,7 +291,7 @@ func (b *GethStatusBackend) startNodeWithAccount(acc multiaccounts.Account, pass
 	if err != nil {
 		return err
 	}
-	err = b.multiaccountsDB.UpdateAccountTimestamp(acc.Address, time.Now().Unix())
+	err = b.multiaccountsDB.UpdateAccountTimestamp(acc.KeyUID, time.Now().Unix())
 	if err != nil {
 		return err
 	}

diff --git a/mobile/status.go b/mobile/status.go
@@ -326,13 +326,13 @@ func Login(accountData, password string) string {
 		return makeJSONResponse(err)
 	}
 	api.RunAsync(func() error {
-		log.Debug("start a node with account", "address", account.Address)
+		log.Debug("start a node with account", "key-uid", account.KeyUID)
 		err := statusBackend.StartNodeWithAccount(account, password)
 		if err != nil {
-			log.Error("failed to start a node", "address", account.Address, "error", err)
+			log.Error("failed to start a node", "key-uid", account.KeyUID, "error", err)
 			return err
 		}
-		log.Debug("started a node with", "address", account.Address)
+		log.Debug("started a node with", "key-uid", account.KeyUID)
 		return nil
 	})
 	return makeJSONResponse(nil)
@@ -356,13 +356,13 @@ func SaveAccountAndLogin(accountData, password, configJSON, subaccountData strin
 		return makeJSONResponse(err)
 	}
 	api.RunAsync(func() error {
-		log.Debug("starting a node, and saving account with configuration", "address", account.Address)
+		log.Debug("starting a node, and saving account with configuration", "key-uid", account.KeyUID)
 		err := statusBackend.StartNodeWithAccountAndConfig(account, password, &conf, subaccs)
 		if err != nil {
-			log.Error("failed to start node and save account", "address", account.Address, "error", err)
+			log.Error("failed to start node and save account", "key-uid", account.KeyUID, "error", err)
 			return err
 		}
-		log.Debug("started a node, and saved account", "address", account.Address)
+		log.Debug("started a node, and saved account", "key-uid", account.KeyUID)
 		return nil
 	})
 	return makeJSONResponse(nil)
@@ -387,13 +387,13 @@ func SaveAccountAndLoginWithKeycard(accountData, password, configJSON, keyHex st
 		return makeJSONResponse(err)
 	}
 	api.RunAsync(func() error {
-		log.Debug("starting a node, and saving account with configuration", "address", account.Address)
+		log.Debug("starting a node, and saving account with configuration", "key-uid", account.KeyUID)
 		err := statusBackend.SaveAccountAndStartNodeWithKey(account, &conf, password, keyHex)
 		if err != nil {
-			log.Error("failed to start node and save account", "address", account.Address, "error", err)
+			log.Error("failed to start node and save account", "key-uid", account.KeyUID, "error", err)
 			return err
 		}
-		log.Debug("started a node, and saved account", "address", account.Address)
+		log.Debug("started a node, and saved account", "key-uid", account.KeyUID)
 		return nil
 	})
 	return makeJSONResponse(nil)
@@ -408,13 +408,13 @@ func LoginWithKeycard(accountData, password, keyHex string) string {
 		return makeJSONResponse(err)
 	}
 	api.RunAsync(func() error {
-		log.Debug("start a node with account", "address", account.Address)
+		log.Debug("start a node with account", "key-uid", account.KeyUID)
 		err := statusBackend.StartNodeWithKey(account, password, keyHex)
 		if err != nil {
-			log.Error("failed to start a node", "address", account.Address, "error", err)
+			log.Error("failed to start a node", "key-uid", account.KeyUID, "error", err)
 			return err
 		}
-		log.Debug("started a node with", "address", account.Address)
+		log.Debug("started a node with", "key-uid", account.KeyUID)
 		return nil
 	})
 	return makeJSONResponse(nil)

diff --git a/multiaccounts/database.go b/multiaccounts/database.go
@@ -3,19 +3,17 @@ package multiaccounts
 import (
 	"database/sql"
 
-	"github.com/ethereum/go-ethereum/common"
 	"github.com/status-im/status-go/multiaccounts/migrations"
 	"github.com/status-im/status-go/sqlite"
 )
 
 // Account stores public information about account.
 type Account struct {
-	Name           string         `json:"name"`
-	Address        common.Address `json:"address"`
-	Timestamp      int64          `json:"timestamp"`
-	PhotoPath      string         `json:"photo-path"`
-	KeycardPairing string         `json:"keycard-pairing"`
-	KeyUID         string         `json:"key-uid"`
+	Name           string `json:"name"`
+	Timestamp      int64  `json:"timestamp"`
+	PhotoPath      string `json:"photo-path"`
+	KeycardPairing string `json:"keycard-pairing"`
+	KeyUID         string `json:"key-uid"`
 }
 
 // InitializeDB creates db file at a given path and applies migrations.
@@ -40,15 +38,15 @@ func (db *Database) Close() error {
 }
 
 func (db *Database) GetAccounts() ([]Account, error) {
-	rows, err := db.db.Query("SELECT address, name, loginTimestamp, photoPath, keycardPairing, keyUid from accounts ORDER BY loginTimestamp DESC")
+	rows, err := db.db.Query("SELECT name, loginTimestamp, photoPath, keycardPairing, keyUid from accounts ORDER BY loginTimestamp DESC")
 	if err != nil {
 		return nil, err
 	}
 	rst := []Account{}
 	inthelper := sql.NullInt64{}
 	for rows.Next() {
 		acc := Account{}
-		err = rows.Scan(&acc.Address, &acc.Name, &inthelper, &acc.PhotoPath, &acc.KeycardPairing, &acc.KeyUID)
+		err = rows.Scan(&acc.Name, &inthelper, &acc.PhotoPath, &acc.KeycardPairing, &acc.KeyUID)
 		if err != nil {
 			return nil, err
 		}
@@ -59,21 +57,21 @@ func (db *Database) GetAccounts() ([]Account, error) {
 }
 
 func (db *Database) SaveAccount(account Account) error {
-	_, err := db.db.Exec("INSERT OR REPLACE INTO accounts (address, name, photoPath, keycardPairing, keyUid) VALUES (?, ?, ?, ?, ?)", account.Address, account.Name, account.PhotoPath, account.KeycardPairing, account.KeyUID)
+	_, err := db.db.Exec("INSERT OR REPLACE INTO accounts (name, photoPath, keycardPairing, keyUid) VALUES (?, ?, ?, ?)", account.Name, account.PhotoPath, account.KeycardPairing, account.KeyUID)
 	return err
 }
 
 func (db *Database) UpdateAccount(account Account) error {
-	_, err := db.db.Exec("UPDATE accounts SET name = ?, photoPath = ?, keycardPairing = ?, keyUid = ? WHERE address = ?", account.Name, account.PhotoPath, account.KeycardPairing, account.KeyUID, account.Address)
+	_, err := db.db.Exec("UPDATE accounts SET name = ?, photoPath = ?, keycardPairing = ? WHERE keyUid = ?", account.Name, account.PhotoPath, account.KeycardPairing, account.KeyUID)
 	return err
 }
 
-func (db *Database) UpdateAccountTimestamp(address common.Address, loginTimestamp int64) error {
-	_, err := db.db.Exec("UPDATE accounts SET loginTimestamp = ? WHERE address = ?", loginTimestamp, address)
+func (db *Database) UpdateAccountTimestamp(keyUID string, loginTimestamp int64) error {
+	_, err := db.db.Exec("UPDATE accounts SET loginTimestamp = ? WHERE keyUid = ?", loginTimestamp, keyUID)
 	return err
 }
 
-func (db *Database) DeleteAccount(address common.Address) error {
-	_, err := db.db.Exec("DELETE FROM accounts WHERE address = ?", address)
+func (db *Database) DeleteAccount(keyUID string) error {
+	_, err := db.db.Exec("DELETE FROM accounts WHERE keyUid = ?", keyUID)
 	return err
 }
diff --git a/multiaccounts/database_test.go b/multiaccounts/database_test.go
@@ -5,7 +5,6 @@ import (
 	"os"
 	"testing"
 
-	"github.com/ethereum/go-ethereum/common"
 	"github.com/stretchr/testify/require"
 )
 
@@ -23,7 +22,7 @@ func setupTestDB(t *testing.T) (*Database, func()) {
 func TestAccounts(t *testing.T) {
 	db, stop := setupTestDB(t)
 	defer stop()
-	expected := Account{Name: "string", Address: common.Address{0xff}}
+	expected := Account{Name: "string", KeyUID: "string"}
 	require.NoError(t, db.SaveAccount(expected))
 	accounts, err := db.GetAccounts()
 	require.NoError(t, err)
@@ -34,7 +33,7 @@ func TestAccounts(t *testing.T) {
 func TestAccountsUpdate(t *testing.T) {
 	db, stop := setupTestDB(t)
 	defer stop()
-	expected := Account{Address: common.Address{0x01}}
+	expected := Account{KeyUID: "string"}
 	require.NoError(t, db.SaveAccount(expected))
 	expected.PhotoPath = "chars"
 	require.NoError(t, db.UpdateAccount(expected))
@@ -48,12 +47,12 @@ func TestLoginUpdate(t *testing.T) {
 	db, stop := setupTestDB(t)
 	defer stop()
 
-	accounts := []Account{{Name: "first", Address: common.Address{0xff}}, {Name: "second", Address: common.Address{0xf1}}}
+	accounts := []Account{{Name: "first", KeyUID: "0x1"}, {Name: "second", KeyUID: "0x2"}}
 	for _, acc := range accounts {
 		require.NoError(t, db.SaveAccount(acc))
 	}
-	require.NoError(t, db.UpdateAccountTimestamp(accounts[0].Address, 100))
-	require.NoError(t, db.UpdateAccountTimestamp(accounts[1].Address, 10))
+	require.NoError(t, db.UpdateAccountTimestamp(accounts[0].KeyUID, 100))
+	require.NoError(t, db.UpdateAccountTimestamp(accounts[1].KeyUID, 10))
 	accounts[0].Timestamp = 100
 	accounts[1].Timestamp = 10
 	rst, err := db.GetAccounts()

diff --git a/multiaccounts/migrations/bindata.go b/multiaccounts/migrations/bindata.go
diff --git a/multiaccounts/migrations/sql/0001_accounts.up.sql b/multiaccounts/migrations/sql/0001_accounts.up.sql
@@ -1,8 +1,7 @@
 CREATE TABLE IF NOT EXISTS accounts (
-address VARCHAR PRIMARY KEY,
+keyUid VARCHAR PRIMARY KEY,
 name TEXT NOT NULL,
 loginTimestamp BIG INT,
 photoPath TEXT,
-keycardPairing TEXT,
-keyUid TEXT
+keycardPairing TEXT
 ) WITHOUT ROWID;
diff --git a/services/accounts/multiaccounts.go b/services/accounts/multiaccounts.go
@@ -23,12 +23,5 @@ type MultiAccountsAPI struct {
 }
 
 func (api *MultiAccountsAPI) UpdateAccount(account multiaccounts.Account) error {
-	expected, err := api.manager.MainAccountAddress()
-	if err != nil {
-		return err
-	}
-	if account.Address != expected {
-		return ErrUpdatingWrongAccount
-	}
 	return api.db.UpdateAccount(account)
 }