Skip to content

Feat: create/import keystore wallet (password-encrypted) + docstrings#164

Draft
philogicae wants to merge 1 commit intomainfrom
feature-keystore-wallet
Draft

Feat: create/import keystore wallet (password-encrypted) + docstrings#164
philogicae wants to merge 1 commit intomainfrom
feature-keystore-wallet

Conversation

@philogicae
Copy link
Member

@philogicae philogicae commented Sep 9, 2024
edited
Loading

  • Add keystore wallet compatibility: Encrypt the private key with a password and store it as a JSON file.
  • When private key file is missing, prompt user to either:
    1. Create a new private key
    2. Import an existing one
    3. Import it from a passphrase.
  • lru_cache for the last loaded private key (to avoid reentering password too often)

@philogicae philogicae requested review from hoh and nesitor September 9, 2024 14:13
@github-actions github-actions bot added the RED This PR is complex and may require more time to review. label Sep 9, 2024
@github-actions
Copy link

github-actions bot commented Sep 9, 2024

"summary": "PR introduces new key management functions and refactors existing code for better security and usability.",
"details": [
"The PR introduces two new functions, create_key and save_key, which provide a more user-friendly way to manage private keys.",
"create_key allows the user to either import an existing private key or generate a new one.",
"save_key saves the private key to a file, supporting both unencrypted .key files and encrypted .json keystore files.",
"The existing get_fallback_private_key function has been refactored to use the new load_key function, which supports loading keys from both unencrypted and encrypted files.",
"The PR also includes changes to the configuration settings to support the new file formats for private keys.",
"The refactoring aims to improve the security and usability of the private key management in the SDK."
],
"highlight": [
"def create_key() -> bytes:",
"def save_key(private_key: bytes, path: Path):",
"def load_key(private_key_path: Path) -> bytes:",
"settings.PRIVATE_KEY_FILE = Path(settings.CONFIG_HOME, "private-keys", pk_file)"
]
}

@philogicae philogicae force-pushed the feature-keystore-wallet branch from d5aba50 to 30bf7a4 Compare September 9, 2024 15:18
hoh
hoh reviewed Sep 11, 2024
View reviewed changes
Copy link
Member

@hoh hoh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interesting feature to add.

I added some comments regarding the structure of the code, as a clearer separation of concert would make the code easier to test and reuse by not prompting the user within "deep" functions.

I am confused regarding the terms of password, passphrase and mnemonic in these changes.
Still regarding the use of passphrases and passwords, can thos be of length 64 or start with 0x ?

These new features have no test coverage yet, would it be better to mark the Pull Request as Draft while waiting for those to be implemented ?

src/aleph/sdk/chains/common.py
Returns:
bytes: The private key as bytes. 7e0c27fff7e434ec5aa47127e7bcdce81c4eba6f3ce980f425b60b1cd019a947
"""
if Prompt.ask("Import an existing wallet", choices=["y", "n"], default="n") == "y":
Copy link
Member

@hoh hoh Sep 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Users should be prompted in the CLI, not in the SDK.

src/aleph/sdk/chains/common.py
"""
address = None
path.parent.mkdir(exist_ok=True, parents=True)
if path.name.endswith(".key") or "pytest" in sys.modules:
Copy link
Member

@hoh hoh Sep 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why or "pytest" in sys.modules ?

src/aleph/sdk/chains/common.py
Comment on lines +209 to +213
password = Prompt.ask(
"Enter a password to encrypt your keystore", password=True
)
Copy link
Member

@hoh hoh Sep 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Users should be prompted in the CLI, not in the SDK.

src/aleph/sdk/chains/common.py

private_key = (
generate_key()
if path.name.endswith(".key") or "pytest" in sys.modules
Copy link
Member

@hoh hoh Sep 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why this mention of pytest here ?

@hoh
Copy link
Member

hoh commented Sep 11, 2024

I will update my comments about the prompts, I forgot that this branch is regarding the SDK and user interactions should go in the CLI aleph-client.

@philogicae philogicae marked this pull request as draft September 11, 2024 08:57
@philogicae philogicae force-pushed the feature-keystore-wallet branch from 30bf7a4 to 3c62dda Compare September 11, 2024 09:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hoh hoh hoh left review comments

@nesitor nesitor Awaiting requested review from nesitor

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

RED This PR is complex and may require more time to review.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@philogicae @hoh