Add new eth-lightwallet salting to vault.

eth-lightwallet was previously not salting vault passwords, potentially making it easier to crack them once obtained. This branch incorporates the API changes to allow us to take advantage of the new salting logic. This is still throwing deprecation warnings, but that's actually a bug in eth-lightwallet I wrote, [I've submitted a PR for that here](https://github.com/ConsenSys/eth-lightwallet/pull/116). Fixes #555
8 years ago · 36dc63bc04
parent 153b6b73d8
commit 36dc63bc04
2 changed files with 46 additions and 58 deletions
--- a/app/scripts/lib/idStore.js
+++ b/app/scripts/lib/idStore.js
@ -3,7 +3,7 @@ const inherits = require('util').inherits
 const async = require('async')
 const ethUtil = require('ethereumjs-util')
 const EthQuery = require('eth-query')
-const LightwalletKeyStore = require('eth-lightwallet').keystore
+const KeyStore = require('eth-lightwallet').keystore
 const clone = require('clone')
 const extend = require('xtend')
 const createId = require('web3-provider-engine/util/random-id')
@ -50,15 +50,15 @@ IdentityStore.prototype.createNewVault = function (password, entropy, cb) {
  if (serializedKeystore) {
    this.configManager.setData({})
  }
+
  this._createIdmgmt(password, null, entropy, (err) => {
    if (err) return cb(err)

-    this._loadIdentities()
-    this._didUpdate()
    this._autoFaucet()

    this.configManager.setShowSeedWords(true)
    var seedWords = this._idmgmt.getSeed()
+
    cb(null, seedWords)
  })
 }
@ -143,6 +143,7 @@ IdentityStore.prototype.revealAccount = function (cb) {

  keyStore.setDefaultHdDerivationPath(this.hdPathString)
  keyStore.generateNewAddress(derivedKey, 1)
+
  configManager.setWallet(keyStore.serialize())

  this._loadIdentities()
@ -436,72 +437,57 @@ IdentityStore.prototype._mayBeFauceting = function (i) {
 //

 IdentityStore.prototype.tryPassword = function (password, cb) {
-  this._createIdmgmt(password, null, null, cb)
-}
-
-IdentityStore.prototype._createIdmgmt = function (password, seed, entropy, cb) {
-  const configManager = this.configManager
+  var serializedKeystore = this.configManager.getWallet()
+  var keyStore = KeyStore.deserialize(serializedKeystore)

-  var keyStore = null
-  LightwalletKeyStore.deriveKeyFromPassword(password, (err, derivedKey) => {
+  keyStore.keyFromPassword(password, (err, pwDerivedKey) => {
    if (err) return cb(err)
-    var serializedKeystore = configManager.getWallet()
-
-    if (seed) {
-      try {
-        keyStore = this._restoreFromSeed(password, seed, derivedKey)
-      } catch (e) {
-        return cb(e)
-      }

-    // returning user, recovering from storage
-    } else if (serializedKeystore) {
-      keyStore = LightwalletKeyStore.deserialize(serializedKeystore)
-      var isCorrect = keyStore.isDerivedKeyCorrect(derivedKey)
+    const isCorrect = keyStore.isDerivedKeyCorrect(pwDerivedKey)
    if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))

-   // first time here
-    } else {
-      keyStore = this._createFirstWallet(entropy, derivedKey)
+    cb()
+  })
+}
+
+IdentityStore.prototype._createIdmgmt = function (password, seedPhrase, entropy, cb) {
+  const opts = { password }
+  if (seedPhrase) {
+    opts.seedPhrase = seedPhrase
  }

+  KeyStore.createVault(opts, (err, keyStore) => {
+    if (err) return cb(err)
+
    this._keyStore = keyStore
+
+    keyStore.keyFromPassword(password, (err, derivedKey) => {
+      if (err) return cb(err)
+
+      keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
+
+      this._createFirstWallet(derivedKey)
+
      this._idmgmt = new IdManagement({
        keyStore: keyStore,
        derivedKey: derivedKey,
-      hdPathSTring: this.hdPathString,
        configManager: this.configManager,
      })

      cb()
+      this._loadIdentities()
+      this._didUpdate()
+    })
  })
 }

-IdentityStore.prototype._restoreFromSeed = function (password, seed, derivedKey) {
-  const configManager = this.configManager
-  var keyStore = new LightwalletKeyStore(seed, derivedKey, this.hdPathString)
-  keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
-  keyStore.setDefaultHdDerivationPath(this.hdPathString)
-
-  keyStore.generateNewAddress(derivedKey, 1)
-  configManager.setWallet(keyStore.serialize())
-  if (global.METAMASK_DEBUG) {
-    console.log('restored from seed. saved to keystore')
-  }
-  return keyStore
-}
-
-IdentityStore.prototype._createFirstWallet = function (entropy, derivedKey) {
-  const configManager = this.configManager
-  var secretSeed = LightwalletKeyStore.generateRandomSeed(entropy)
-  var keyStore = new LightwalletKeyStore(secretSeed, derivedKey, this.hdPathString)
-  keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
+IdentityStore.prototype._createFirstWallet = function (derivedKey) {
+  const keyStore = this._keyStore
  keyStore.setDefaultHdDerivationPath(this.hdPathString)
-
-  keyStore.generateNewAddress(derivedKey, 1)
-  configManager.setWallet(keyStore.serialize())
-  console.log('saved to keystore')
-  return keyStore
+  keyStore.generateNewAddress(derivedKey)
+  var addresses = keyStore.getAddresses()
+  this._ethStore.addAccount(addresses[0])
+  this.configManager.setWallet(keyStore.serialize())
 }

 // get addresses and normalize address hexString
--- a/test/unit/idStore-test.js
+++ b/test/unit/idStore-test.js
@ -23,6 +23,7 @@ describe('IdentityStore', function() {
      })

      idStore.createNewVault(password, entropy, (err, seeds) => {
+        assert.ifError(err, 'createNewVault threw error')
        seedWords = seeds
        originalKeystore = idStore._idmgmt.keyStore
        done()
@ -59,6 +60,7 @@ describe('IdentityStore', function() {
  describe('#recoverFromSeed BIP44 compliance', function() {
    let seedWords =  'picnic injury awful upper eagle junk alert toss flower renew silly vague'
    let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a'
+    const salt = 'lightwalletSalt'

    let password = 'secret!'
    let accounts = []
@ -70,7 +72,7 @@ describe('IdentityStore', function() {
      idStore = new IdentityStore({
        configManager: configManagerGen(),
        ethStore: {
-          addAccount(acct) { accounts.push(acct) },
+          addAccount(acct) { accounts.push('0x' + acct) },
        },
      })
    })