Merge pull request #638 from MetaMask/i555-SaltVault

Add new eth-lightwallet salting to vault.
feature/default_network_editable
Frankie 8 years ago committed by GitHub
commit fcc9ca812e
  1. 1
      CHANGELOG.md
  2. 125
      app/scripts/lib/idStore.js
  3. 81
      test/unit/idStore-test.js
  4. 13
      ui/app/accounts/account-list-item.js
  5. 4
      ui/app/accounts/index.js
  6. 4
      ui/app/components/shapeshift-form.js
  7. 6
      ui/app/first-time/restore-vault.js
  8. 6
      ui/app/send.js

@ -10,6 +10,7 @@
- MetaMask logo now renders as super lightweight SVG, improving compatibility and performance. - MetaMask logo now renders as super lightweight SVG, improving compatibility and performance.
- Now showing loading indication during vault unlocking, to clarify behavior for users who are experience slow unlocks. - Now showing loading indication during vault unlocking, to clarify behavior for users who are experience slow unlocks.
- Now only initially creates one wallet when restoring a vault, to reduce some users' confusion. - Now only initially creates one wallet when restoring a vault, to reduce some users' confusion.
- Improved the security of vault encryption by ensuring passwords are always uniquely salted.
## 2.10.2 2016-09-02 ## 2.10.2 2016-09-02

@ -3,7 +3,7 @@ const inherits = require('util').inherits
const async = require('async') const async = require('async')
const ethUtil = require('ethereumjs-util') const ethUtil = require('ethereumjs-util')
const EthQuery = require('eth-query') const EthQuery = require('eth-query')
const LightwalletKeyStore = require('eth-lightwallet').keystore const KeyStore = require('eth-lightwallet').keystore
const clone = require('clone') const clone = require('clone')
const extend = require('xtend') const extend = require('xtend')
const createId = require('web3-provider-engine/util/random-id') const createId = require('web3-provider-engine/util/random-id')
@ -50,15 +50,16 @@ IdentityStore.prototype.createNewVault = function (password, entropy, cb) {
if (serializedKeystore) { if (serializedKeystore) {
this.configManager.setData({}) this.configManager.setData({})
} }
this._createIdmgmt(password, null, entropy, (err) => { this._createIdmgmt(password, null, entropy, (err) => {
if (err) return cb(err) if (err) return cb(err)
this._loadIdentities()
this._didUpdate()
this._autoFaucet() this._autoFaucet()
this.configManager.setShowSeedWords(true) this.configManager.setShowSeedWords(true)
var seedWords = this._idmgmt.getSeed() var seedWords = this._idmgmt.getSeed()
cb(null, seedWords) cb(null, seedWords)
}) })
} }
@ -75,7 +76,6 @@ IdentityStore.prototype.recoverFromSeed = function (password, seed, cb) {
if (err) return cb(err) if (err) return cb(err)
this._loadIdentities() this._loadIdentities()
this._didUpdate()
cb(null, this.getState()) cb(null, this.getState())
}) })
} }
@ -125,7 +125,7 @@ IdentityStore.prototype.getSelectedAddress = function () {
return configManager.getSelectedAccount() return configManager.getSelectedAccount()
} }
IdentityStore.prototype.setSelectedAddress = function (address, cb) { IdentityStore.prototype.setSelectedAddressSync = function (address) {
const configManager = this.configManager const configManager = this.configManager
if (!address) { if (!address) {
var addresses = this._getAddresses() var addresses = this._getAddresses()
@ -133,7 +133,12 @@ IdentityStore.prototype.setSelectedAddress = function (address, cb) {
} }
configManager.setSelectedAccount(address) configManager.setSelectedAccount(address)
if (cb) return cb(null, address) return address
}
IdentityStore.prototype.setSelectedAddress = function (address, cb) {
const resultAddress = this.setSelectedAddressSync(address)
if (cb) return cb(null, resultAddress)
} }
IdentityStore.prototype.revealAccount = function (cb) { IdentityStore.prototype.revealAccount = function (cb) {
@ -143,6 +148,7 @@ IdentityStore.prototype.revealAccount = function (cb) {
keyStore.setDefaultHdDerivationPath(this.hdPathString) keyStore.setDefaultHdDerivationPath(this.hdPathString)
keyStore.generateNewAddress(derivedKey, 1) keyStore.generateNewAddress(derivedKey, 1)
configManager.setWallet(keyStore.serialize()) configManager.setWallet(keyStore.serialize())
this._loadIdentities() this._loadIdentities()
@ -393,7 +399,6 @@ IdentityStore.prototype._loadIdentities = function () {
var addresses = this._getAddresses() var addresses = this._getAddresses()
addresses.forEach((address, i) => { addresses.forEach((address, i) => {
// // add to ethStore // // add to ethStore
this._ethStore.addAccount(address)
// add to identities // add to identities
const defaultLabel = 'Wallet ' + (i + 1) const defaultLabel = 'Wallet ' + (i + 1)
const nickname = configManager.nicknameForWallet(address) const nickname = configManager.nicknameForWallet(address)
@ -412,7 +417,6 @@ IdentityStore.prototype.saveAccountLabel = function (account, label, cb) {
configManager.setNicknameForWallet(account, label) configManager.setNicknameForWallet(account, label)
this._loadIdentities() this._loadIdentities()
cb(null, label) cb(null, label)
this._didUpdate()
} }
// mayBeFauceting // mayBeFauceting
@ -436,77 +440,76 @@ IdentityStore.prototype._mayBeFauceting = function (i) {
// //
IdentityStore.prototype.tryPassword = function (password, cb) { IdentityStore.prototype.tryPassword = function (password, cb) {
this._createIdmgmt(password, null, null, cb) var serializedKeystore = this.configManager.getWallet()
} var keyStore = KeyStore.deserialize(serializedKeystore)
IdentityStore.prototype._createIdmgmt = function (password, seed, entropy, cb) {
const configManager = this.configManager
var keyStore = null keyStore.keyFromPassword(password, (err, pwDerivedKey) => {
LightwalletKeyStore.deriveKeyFromPassword(password, (err, derivedKey) => {
if (err) return cb(err) if (err) return cb(err)
var serializedKeystore = configManager.getWallet()
if (seed) {
try {
keyStore = this._restoreFromSeed(password, seed, derivedKey)
} catch (e) {
return cb(e)
}
// returning user, recovering from storage
} else if (serializedKeystore) {
keyStore = LightwalletKeyStore.deserialize(serializedKeystore)
var isCorrect = keyStore.isDerivedKeyCorrect(derivedKey)
if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))
// first time here
} else {
keyStore = this._createFirstWallet(entropy, derivedKey)
}
this._keyStore = keyStore const isCorrect = keyStore.isDerivedKeyCorrect(pwDerivedKey)
this._idmgmt = new IdManagement({ if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))
keyStore: keyStore,
derivedKey: derivedKey,
hdPathSTring: this.hdPathString,
configManager: this.configManager,
})
cb() cb()
}) })
} }
IdentityStore.prototype._restoreFromSeed = function (password, seed, derivedKey) { IdentityStore.prototype._createIdmgmt = function (password, seedPhrase, entropy, cb) {
const configManager = this.configManager const opts = {
var keyStore = new LightwalletKeyStore(seed, derivedKey, this.hdPathString) password,
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'}) hdPathString: this.hdPathString,
keyStore.setDefaultHdDerivationPath(this.hdPathString) }
keyStore.generateNewAddress(derivedKey, 1) if (seedPhrase) {
configManager.setWallet(keyStore.serialize()) opts.seedPhrase = seedPhrase
if (global.METAMASK_DEBUG) {
console.log('restored from seed. saved to keystore')
} }
return keyStore
KeyStore.createVault(opts, (err, keyStore) => {
if (err) return cb(err)
this._keyStore = keyStore
keyStore.keyFromPassword(password, (err, derivedKey) => {
if (err) return cb(err)
this.purgeCache()
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
this._createFirstWallet(derivedKey)
this._idmgmt = new IdManagement({
keyStore: keyStore,
derivedKey: derivedKey,
configManager: this.configManager,
})
this.setSelectedAddressSync()
cb()
})
})
} }
IdentityStore.prototype._createFirstWallet = function (entropy, derivedKey) { IdentityStore.prototype.purgeCache = function () {
const configManager = this.configManager this._getAddresses().forEach((address) => {
var secretSeed = LightwalletKeyStore.generateRandomSeed(entropy) this._ethStore.del(address)
var keyStore = new LightwalletKeyStore(secretSeed, derivedKey, this.hdPathString) })
keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'}) }
keyStore.setDefaultHdDerivationPath(this.hdPathString)
IdentityStore.prototype._createFirstWallet = function (derivedKey) {
const keyStore = this._keyStore
keyStore.setDefaultHdDerivationPath(this.hdPathString)
keyStore.generateNewAddress(derivedKey, 1) keyStore.generateNewAddress(derivedKey, 1)
configManager.setWallet(keyStore.serialize()) this.configManager.setWallet(keyStore.serialize())
console.log('saved to keystore') var addresses = keyStore.getAddresses()
return keyStore this._ethStore.addAccount(ethUtil.addHexPrefix(addresses[0]))
} }
// get addresses and normalize address hexString // get addresses and normalize address hexString
IdentityStore.prototype._getAddresses = function () { IdentityStore.prototype._getAddresses = function () {
return this._keyStore.getAddresses(this.hdPathString).map((address) => { return '0x' + address }) return this._keyStore.getAddresses(this.hdPathString).map((address) => {
return ethUtil.addHexPrefix(address)
})
} }
IdentityStore.prototype._autoFaucet = function () { IdentityStore.prototype._autoFaucet = function () {

@ -1,6 +1,8 @@
var assert = require('assert') var assert = require('assert')
var IdentityStore = require('../../app/scripts/lib/idStore') var IdentityStore = require('../../app/scripts/lib/idStore')
var configManagerGen = require('../lib/mock-config-manager') var configManagerGen = require('../lib/mock-config-manager')
const ethUtil = require('ethereumjs-util')
const async = require('async')
describe('IdentityStore', function() { describe('IdentityStore', function() {
@ -18,11 +20,12 @@ describe('IdentityStore', function() {
idStore = new IdentityStore({ idStore = new IdentityStore({
configManager: configManagerGen(), configManager: configManagerGen(),
ethStore: { ethStore: {
addAccount(acct) { accounts.push(acct) }, addAccount(acct) { accounts.push(ethUtil.addHexPrefix(acct)) },
}, },
}) })
idStore.createNewVault(password, entropy, (err, seeds) => { idStore.createNewVault(password, entropy, (err, seeds) => {
assert.ifError(err, 'createNewVault threw error')
seedWords = seeds seedWords = seeds
originalKeystore = idStore._idmgmt.keyStore originalKeystore = idStore._idmgmt.keyStore
done() done()
@ -38,7 +41,7 @@ describe('IdentityStore', function() {
idStore = new IdentityStore({ idStore = new IdentityStore({
configManager: configManagerGen(), configManager: configManagerGen(),
ethStore: { ethStore: {
addAccount(acct) { newAccounts.push(acct) }, addAccount(acct) { newAccounts.push(ethUtil.addHexPrefix(acct)) },
}, },
}) })
}) })
@ -57,33 +60,91 @@ describe('IdentityStore', function() {
}) })
describe('#recoverFromSeed BIP44 compliance', function() { describe('#recoverFromSeed BIP44 compliance', function() {
let seedWords = 'picnic injury awful upper eagle junk alert toss flower renew silly vague' const salt = 'lightwalletSalt'
let firstAccount = '0x5d8de92c205279c10e5669f797b853ccef4f739a'
let password = 'secret!' let password = 'secret!'
let accounts = [] let accounts = []
let idStore let idStore
var assertions = [
{
seed: 'picnic injury awful upper eagle junk alert toss flower renew silly vague',
account: '0x5d8de92c205279c10e5669f797b853ccef4f739a',
},
{
seed: 'radar blur cabbage chef fix engine embark joy scheme fiction master release',
account: '0xe15d894becb0354c501ae69429b05143679f39e0',
},
{
seed: 'phone coyote caught pattern found table wedding list tumble broccoli chief swing',
account: '0xb0e868f24bc7fec2bce2efc2b1c344d7569cd9d2',
},
{
seed: 'recycle tag bird palace blue village anxiety census cook soldier example music',
account: '0xab34a45920afe4af212b96ec51232aaa6a33f663',
},
{
seed: 'half glimpse tape cute harvest sweet bike voyage actual floor poet lazy',
account: '0x28e9044597b625ac4beda7250011670223de43b2',
},
{
seed: 'flavor tiger carpet motor angry hungry document inquiry large critic usage liar',
account: '0xb571be96558940c4e9292e1999461aa7499fb6cd',
},
]
before(function() { before(function() {
window.localStorage = {} // Hacking localStorage support into JSDom window.localStorage = {} // Hacking localStorage support into JSDom
idStore = new IdentityStore({ idStore = new IdentityStore({
configManager: configManagerGen(), configManager: configManagerGen(),
ethStore: { ethStore: {
addAccount(acct) { accounts.push(acct) }, addAccount(acct) { accounts.push(ethUtil.addHexPrefix(acct)) },
}, },
}) })
}) })
it('should return the expected first account', function (done) { beforeEach(function() {
accounts = []
})
idStore.recoverFromSeed(password, seedWords, (err) => { it('should enforce seed compliance with TestRPC', function (done) {
assert.ifError(err) const tests = assertions.map((assertion) => {
return function (cb) {
accounts = []
idStore.recoverFromSeed(password, assertion.seed, (err) => {
assert.ifError(err)
var received = accounts[0].toLowerCase()
var expected = assertion.account.toLowerCase()
assert.equal(received, expected)
cb()
})
}
})
let newKeystore = idStore._idmgmt.keyStore async.series(tests, function(err, results) {
assert.equal(accounts[0], firstAccount) assert.ifError(err)
done() done()
}) })
}) })
it('should allow restoring and unlocking again', function (done) {
const assertion = assertions[0]
idStore.recoverFromSeed(password, assertion.seed, (err) => {
assert.ifError(err)
var received = accounts[0].toLowerCase()
var expected = assertion.account.toLowerCase()
assert.equal(received, expected)
idStore.submitPassword(password, function(err, account) {
assert.ifError(err)
assert.equal(account, expected)
done()
})
})
})
}) })
}) })

@ -7,14 +7,14 @@ const EthBalance = require('../components/eth-balance')
const CopyButton = require('../components/copyButton') const CopyButton = require('../components/copyButton')
const Identicon = require('../components/identicon') const Identicon = require('../components/identicon')
module.exports = NewComponent module.exports = AccountListItem
inherits(NewComponent, Component) inherits(AccountListItem, Component)
function NewComponent () { function AccountListItem () {
Component.call(this) Component.call(this)
} }
NewComponent.prototype.render = function () { AccountListItem.prototype.render = function () {
const identity = this.props.identity const identity = this.props.identity
var isSelected = this.props.selectedAddress === identity.address var isSelected = this.props.selectedAddress === identity.address
var account = this.props.accounts[identity.address] var account = this.props.accounts[identity.address]
@ -23,9 +23,6 @@ NewComponent.prototype.render = function () {
return ( return (
h(`.accounts-list-option.flex-row.flex-space-between.pointer.hover-white${selectedClass}`, { h(`.accounts-list-option.flex-row.flex-space-between.pointer.hover-white${selectedClass}`, {
key: `account-panel-${identity.address}`, key: `account-panel-${identity.address}`,
style: {
flex: '1 0 auto',
},
onClick: (event) => this.props.onShowDetail(identity.address, event), onClick: (event) => this.props.onShowDetail(identity.address, event),
}, [ }, [
@ -73,7 +70,7 @@ NewComponent.prototype.render = function () {
) )
} }
NewComponent.prototype.pendingOrNot = function () { AccountListItem.prototype.pendingOrNot = function () {
const pending = this.props.pending const pending = this.props.pending
if (pending.length === 0) return null if (pending.length === 0) return null
return h('.pending-dot', pending.length) return h('.pending-dot', pending.length)

@ -84,7 +84,7 @@ AccountsScreen.prototype.render = function () {
}) })
}), }),
h('hr.horizontal-line', {key: 'horizontal-line1'}), h('hr.horizontal-line'),
h('div.footer.hover-white.pointer', { h('div.footer.hover-white.pointer', {
key: 'reveal-account-bar', key: 'reveal-account-bar',
onClick: () => { onClick: () => {
@ -92,7 +92,6 @@ AccountsScreen.prototype.render = function () {
}, },
style: { style: {
display: 'flex', display: 'flex',
flex: '1 0 auto',
height: '40px', height: '40px',
paddint: '10px', paddint: '10px',
justifyContent: 'center', justifyContent: 'center',
@ -101,6 +100,7 @@ AccountsScreen.prototype.render = function () {
}, [ }, [
h('i.fa.fa-plus.fa-lg', {key: ''}), h('i.fa.fa-plus.fa-lg', {key: ''}),
]), ]),
h('hr.horizontal-line'),
]), ]),
unconfTxList.length ? ( unconfTxList.length ? (

@ -69,7 +69,7 @@ ShapeshiftForm.prototype.renderMain = function () {
h('input#fromCoin.buy-inputs.ex-coins', { h('input#fromCoin.buy-inputs.ex-coins', {
type: 'text', type: 'text',
list: 'coinList', list: 'coinList',
dataset: { dataSet: {
persistentFormId: 'input-coin', persistentFormId: 'input-coin',
}, },
style: { style: {
@ -165,7 +165,7 @@ ShapeshiftForm.prototype.renderMain = function () {
h('input#fromCoinAddress.buy-inputs', { h('input#fromCoinAddress.buy-inputs', {
type: 'text', type: 'text',
placeholder: `Your ${coin} Refund Address`, placeholder: `Your ${coin} Refund Address`,
dataset: { dataSet: {
persistentFormId: 'refund-address', persistentFormId: 'refund-address',
}, },
style: { style: {

@ -41,7 +41,7 @@ RestoreVaultScreen.prototype.render = function () {
// wallet seed entry // wallet seed entry
h('h3', 'Wallet Seed'), h('h3', 'Wallet Seed'),
h('textarea.twelve-word-phrase.letter-spacey', { h('textarea.twelve-word-phrase.letter-spacey', {
dataset: { dataSet: {
persistentFormId: 'wallet-seed', persistentFormId: 'wallet-seed',
}, },
placeholder: 'Enter your secret twelve word phrase here to restore your vault.', placeholder: 'Enter your secret twelve word phrase here to restore your vault.',
@ -52,7 +52,7 @@ RestoreVaultScreen.prototype.render = function () {
type: 'password', type: 'password',
id: 'password-box', id: 'password-box',
placeholder: 'New Password (min 8 chars)', placeholder: 'New Password (min 8 chars)',
dataset: { dataSet: {
persistentFormId: 'password', persistentFormId: 'password',
}, },
style: { style: {
@ -67,7 +67,7 @@ RestoreVaultScreen.prototype.render = function () {
id: 'password-box-confirm', id: 'password-box-confirm',
placeholder: 'Confirm Password', placeholder: 'Confirm Password',
onKeyPress: this.onMaybeCreate.bind(this), onKeyPress: this.onMaybeCreate.bind(this),
dataset: { dataSet: {
persistentFormId: 'password-confirmation', persistentFormId: 'password-confirmation',
}, },
style: { style: {

@ -138,7 +138,7 @@ SendTransactionScreen.prototype.render = function () {
h('input.large-input', { h('input.large-input', {
name: 'address', name: 'address',
placeholder: 'Recipient Address', placeholder: 'Recipient Address',
dataset: { dataSet: {
persistentFormId: 'recipient-address', persistentFormId: 'recipient-address',
}, },
}), }),
@ -154,7 +154,7 @@ SendTransactionScreen.prototype.render = function () {
style: { style: {
marginRight: 6, marginRight: 6,
}, },
dataset: { dataSet: {
persistentFormId: 'tx-amount', persistentFormId: 'tx-amount',
}, },
}), }),
@ -192,7 +192,7 @@ SendTransactionScreen.prototype.render = function () {
width: '100%', width: '100%',
resize: 'none', resize: 'none',
}, },
dataset: { dataSet: {
persistentFormId: 'tx-data', persistentFormId: 'tx-data',
}, },
}), }),

Loading…
Cancel
Save