Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove encryption for Brave Rewards vBAT wallet #17571

Closed
tmancey opened this issue Aug 19, 2021 · 6 comments · Fixed by brave/brave-core#9868
Closed

Remove encryption for Brave Rewards vBAT wallet #17571

tmancey opened this issue Aug 19, 2021 · 6 comments · Fixed by brave/brave-core#9868
Assignees
@tmancey
Labels
enhancement feature/rewards OS/Android Fixes related to Android browser functionality OS/Desktop OS/iOS Fixes related to iOS browser functionality priority/P1 A very extremely bad problem. We might push a hotfix for it. QA Pass - Android ARM QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-All-Platforms QA/Yes release-notes/exclude
Milestone
1.31.x - Release

Comments

@tmancey
Copy link
Contributor

tmancey commented Aug 19, 2021
edited by Miyayes
Loading

Description (added Sept 30):

Removes encryption of the Rewards wallet. See here for specifics: #17571 (comment).

Test plan (from Sept 28):

See Stephen's comment below: https://gist.github.com/stephendonner/4b1cb47c4956a5d7b6fbf5b584d0f563
@tmancey tmancey added enhancement OS/Android Fixes related to Android browser functionality OS/Desktop OS/iOS Fixes related to iOS browser functionality labels Aug 19, 2021
@zenparsing zenparsing added the priority/P2 A bad problem. We might uplift this to the next planned release. label Aug 25, 2021
@tmancey tmancey self-assigned this Aug 26, 2021
@tmancey tmancey mentioned this issue Aug 26, 2021
Merged
24 tasks
@Miyayes Miyayes added priority/P1 A very extremely bad problem. We might push a hotfix for it. and removed priority/P2 A bad problem. We might uplift this to the next planned release. labels Sep 2, 2021
@tmancey tmancey added this to the 1.31.x - Nightly milestone Sep 6, 2021
@zenparsing zenparsing mentioned this issue Sep 8, 2021
Closed
@LaurenWags
Copy link
Member

LaurenWags commented Sep 21, 2021
edited
Loading

Marking as QA/Blocked per https://bravesoftware.slack.com/archives/C0YL5KMA8/p1632233994068700?thread_ts=1631744779.040800&cid=C0YL5KMA8

cc @tmancey @stephendonner

@stephendonner
Copy link

stephendonner commented Sep 28, 2021
edited
Loading

@tmancey I’ve put up a skeleton of a test plan here for review/feedback, please, when you get a moment?

Questions:

  1. I think I’ll need to add Ads to some cases, to confirm multiple wallets?
    https://gist.github.com/stephendonner/4b1cb47c4956a5d7b6fbf5b584d0f563
  2. can you help define the following, in terms of what to look for in brave.rewards.wallets.brave in Preferences?

unencrypted ==
decrypted ==
not decrypted ==

Thanks!

@zenparsing
Copy link

@stephendonner An unencrypted brave.rewards.wallets.brave entry in Preferences will look something like this:

"brave": "{\"payment_id\":\"374263e0-05d7-469c-ba23-b10af952a1b0\",\"recovery_seed\":\"i8BwvQzl8OHs9ecyNx2ixtJNg/o7rrMvtABi3VOCo+o=\"}"

An encrypted value for brave.rewards.wallet.brave will be base64-encoded binary data, perhaps something like:

"brave": "djEwAn6VRxTsKS05AM6/WLm2UGqEYIaEWuIml/VZVNusE3+YYhRLjwXSngeVS0vSXGs9aOmuoCIYN6Imtp0JqygDn+yS0/dFt5EySt2MUIHandfvTK+HZRKFnpO1lsoLu3v31a1gtOCFemhs4r5D48/+19fpSeECArKFOHywmYmboIUlUJW1OxvChBiUR9ml6kE1Z8KgW7sbWWzfbocWzIMC7upMgLU9TPZdEBuJrxr5M42SjDdUAxywAi1KregTtaIbd+xOgKTTAT+ch3kAlJzbzslukxKI3nDaqVdlO7rfJIAd68ezGmTbmOG+HDQC1NykNbePgAYyyeSLr7Bf6qtwa5bKnf0rkcJrVB3+G22/mKGGf6ZktAgu1AA7Utxjv/oEYDPVuSc6bgSZ1FbvcOLeW8IKOvLgolsePyOkue+VsFyz/hegrHJvJpyjHU2NKYKO5NIGzq+N2KwrsauDwlNHg+juNymdv2QDhizE6gAABrzl70dJ9FvsCUkffPVo6AqvNPmlnkCjDibODAnZeiam44jSiXeAQ1mQ3JiJ3+nxQb2VSz8fFOlJRK8PJOyNXFBF9fzFvhA1nGjB0mdJt2SlRT9Sx7hx4jj+BnPH5vCejej+8ryvjIGt6NiltCeszdN5GE+wxltqNRapGObD01E31ENAT1EYizTn/HOOJcPZXC8iFmlwFfNodbQrccmUo4Wmsb94p/wCFAauN9I5+V+iPlX7OsYw6KmmVqhw2fIZ1OkQ67suYje/my1+fo5wFnAGsJlReFirhHJgNTjp+FcyW6Wbf4FOv2cftz7ke06tmYP+1+cytW7QFeBX1De2JCcrwfH59eEnys4RkMWz+asRX9+ZfHsCWt0G64bbn0EYMF0+cZGZcl4jKbmMxxT4rQNz7dzK/7k9sL/spU3nvECyWPpTExF79CnzZvcUIB95XMjNBaK5a/l+WyNYD4O3MDo/cUZkei7UBbKYxUCZA09bLbsDPXV/NyslPiK7DBtDAfIN0PLpCrhpKyLnSk6V7U16/dFo3VR+ItuLk3iWX9Tpp+ttyXm4vyeJBfKzSp/LRT7kTJlL0BwKTetPalmG4l1dRR4YIzdjMnjXTosZT7K5k0hwjVxVMI+dq1oqRtxk0rDtwJE4xIMVkLe4NtZrMPuzFOci1saUAwO9PvHSAT6O3R5IQNrpNEejeli3s8jeoLmiivnHG/zxLVNGu2XzV7YZL2Y1SNcRqGmN+p+UsDiiOVWZ6jHFmaTYAWekBfI1fj5GPNvymRtLYJ8iejhRSFB6V4a5S0XO8WO5yJRrdGVkv6vJBnw75Id+5dze2AQmJLix/jcr+201CdmF02vvaLyG"

Your test cases look good to me. We may also want to ensure that for the upgrade cases, wallet actions do not result in any errors. Wallet actions might include fetching promotions (grants), tipping, etc.

@stephendonner stephendonner added the QA/In-Progress Indicates that QA is currently in progress for that particular issue label Sep 30, 2021
@tmancey
Copy link
Contributor Author

tmancey commented Sep 30, 2021

Looks good to me and thanks @zenparsing, much appreciated

@stephendonner
Copy link

stephendonner commented Sep 30, 2021
edited
Loading

Verified PASSED using

Brave 1.31.77 Chromium: 94.0.4606.71 (Official Build) beta (64-bit)
Revision 1d32b169326531e600d836bd395efc1b53d0f6ef-refs/branch-heads/4606@{#1256}
OS Linux

Steps:

Case One:

Check upgrade paths to confirm encrypted wallet(s) in the Preferences file are decrypted

  1. fresh install 1.27.111
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. accept UGP grant
  5. close Brave
  6. open Preferences in /home/stephendonner/.config/BraveSoftware/Brave-Browser-Beta/Default (confirm wallets are encrypted)
  7. upgrade to 1.31.68
  8. accepted UGP grant (2x 2.00 BAT)
  9. tipped and auto-contributed
  10. open Preferences in /home/stephendonner/.config/BraveSoftware/Brave-Browser-Beta/Default
  11. confirm brave.rewards.wallet.brave is unencrypted

Actual:

1.27.111 was encrypted:

     "wallets": {
        "brave": "djExz...74E1s=",
        "uphold": "djExj...9YOch/"
      }

1.31.68 upgrade was decrypted

      "wallets": {
        "brave": "{\"payment_id\":\"75522a22-4d5e-48a8-84c2-d3ba88e74515\",\"recovery_seed\":\"xlrsEs/6kUGpLrrA1n01ah3z4P4U5uIg/0U0CRTUgcg=\"}",
        "uphold": "djExj...2/jTvk="
      }
    },

Case Two:

Check upgrade paths to confirm corrupted wallets in the Preferences file are not decrypted

  1. fresh install 1.29.81
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. accept UGP grant
  5. close Brave
  6. corrupt the wallet by adding junk characters to the wallet in Preferences
  7. upgrade to 1.31.68
  8. open Preferences in /home/stephendonner/.config/BraveSoftware/Brave-Browser-Beta/Default
  9. confirm brave.rewards.wallet.brave is encrypted

Actual:

     "wallets": {
        "brave": "----JUNK_CHARACTERS---djEx803xj7MGDWVjYETG...8tMdc0=",
        "uphold": "djExj2Ju...74EEg4="
      }
    },

Confirmed I got the following in logs:

[20885:20885:1008/123130.615311:INFO:wallet.cc(260)] Parsing of brave wallet failed

Case Three:

Check fresh install that vBAT wallet is persisted unencrypted

  1. fresh install 1.31.68
  2. launch Brave using Rewards staging
  3. click on the BAT icon in the URL bar
  4. enable Rewards
  5. accept UGP grant
  6. close Brave
  7. open Preferences in /Users/stephendonner/Library/Application\ Support/BraveSoftware/Brave-Browser-Dev/default
  8. confirm brave.rewards.wallet.brave is unencrypted

Actual:

      "wallets": {
        "brave": "{\"payment_id\":\"6d3bcdf8-8...4e8-6d535d40ece9\",\"recovery_seed\":\"MmXxjD...oaM=\"}",
        "uphold": "djExj2J...oRGlA="
      }
    },

Case Four:

Check restoring a wallet is persisted unencrypted

  1. fresh install 1.31.68
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. click on Manage your wallet
  5. click on the Restore tab
  6. enter a recovery key (from QA wallet Ad grant spreadsheet ) and click Restore
  7. close Brave
  8. open Preferences in /home/stephendonner/.config/BraveSoftware/Brave-Browser-Beta/Default
  9. confirm brave.rewards.wallet.brave is unencrypted

Actual:

      "wallets": {
        "brave": "{\"payment_id\":\"d477c3b2-...b9619b6e0\",\"recovery_seed\":\"62ENi...2vf38=\"}",
        "uphold": "djExj2Ju...ZJUzc="
      }
    },

Verified PASSED using

Brave 1.31.68 Chromium: 94.0.4606.61 (Official Build) dev (x86_64)
Revision 418b78f5838ed0b1c69bb4e51ea0252171854915-refs/branch-heads/4606@{#1204}
OS macOS Version 11.6 (Build 20G165)

Steps:

Case One:

Check upgrade paths to confirm encrypted wallet(s) in the Preferences file are decrypted

  1. fresh install 1.27.111
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. accept UGP grant
  5. close Brave
  6. open Preferences in /Users/stephendonner/Library/Application\ Support/BraveSoftware/Brave-Browser-Dev/default (confirm wallets are encrypted)
  7. confirm the wallet is decrypted
  8. upgrade to 1.31.68
  9. accepted UGP grant (2x 2.00 BAT)
  10. tipped and auto-contributed
  11. open Preferences in /Users/stephendonner/Library/Application\ Support/BraveSoftware/Brave-Browser-Dev/default
  12. confirm brave.rewards.wallet.brave is unencrypted

Actual:

1.27.111 was encrypted:

"wallets": {
        "brave": "djEwW1...9QOyo=",
        "uphold": "djEwi8...IrIA=="
      }

1.31.68 upgrade was decrypted

"wallets": {
        "brave": "{\"payment_id\":\"a72952c9-c5d6-4177-a0ff-d8041a42cfcd\",\"recovery_seed\":\"FU3qO/25Hke0nF5BTWHvjObJrTrIhtKLU9vpbaq+qQQ=\"}",
example example
Screen Shot 2021-09-30 at 9 58 10 AM Screen Shot 2021-09-30 at 9 59 19 AM

Case Two:

Check upgrade paths to confirm corrupted wallets in the Preferences file are not decrypted

  1. fresh install 1.29.81
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. accept UGP grant
  5. close Brave
  6. corrupt the wallet by adding junk characters to the wallet in Preferences
  7. upgrade to 1.31.68
  8. open Preferences in /Users/stephendonner/Library/Application\ Support/BraveSoftware/Brave-Browser-Beta/default
  9. confirm brave.rewards.wallet.brave is encrypted

Actual:

"wallets": {
        "brave": "^H@@H@HH@[email protected]=",

Confirmed I got the following in logs:

[12977:259:0930/101840.179888:INFO:wallet.cc(260)] Parsing of brave wallet failed
[12977:259:0930/101840.180770:INFO:wallet_create.cc(32)] Wallet does not exist and could not be created
[12977:259:0930/101840.181386:INFO:promotion.cc(315)] Wallet couldn't be created
example example
Screen Shot 2021-09-30 at 10 15 13 AM Screen Shot 2021-09-30 at 10 19 24 AM

Case Three:

Check fresh install that vBAT wallet is persisted unencrypted

  1. fresh install 1.31.68
  2. launch Brave using Rewards staging
  3. click on the BAT icon in the URL bar
  4. enable Rewards
  5. accept UGP grant
  6. close Brave
  7. open Preferences in /Users/stephendonner/Library/Application\ Support/BraveSoftware/Brave-Browser-Dev/default
  8. confirm brave.rewards.wallet.brave is unencrypted

Actual:

"wallets": {
        "brave": "{\"payment_id\":\"71995091-ce62-49c0-819f-45fd5d52091d\",\"recovery_seed\":\"VAJ16s4PN6LRR7wgHPY+Yt2J3z4EY6pnL8hvYVI5s1s=\"}",

Case Four:

Check restoring a wallet is persisted unencrypted

  1. fresh install 1.31.68
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. click on Manage your wallet
  5. click on the Restore tab
  6. enter a recovery key (from QA wallet Ad grant spreadsheet ) and click Restore
  7. close Brave
  8. open Preferences in /Users/stephendonner/Library/Application\ Support/BraveSoftware/Brave-Browser-Beta/default
  9. confirm brave.rewards.wallet.brave is unencrypted

Actual:

"wallets": {
        "brave": "{\"payment_id\":\"108809fb-497e-4ed6-a0cd-abfc6224497d\",\"recovery_seed\":\"gqHvjgCit0fsn+VYOlluWRpdbcQeBh97YBv1C7sPZHc=\"}",

Verification passed on


Brave | 1.31.71 Chromium: 94.0.4606.71 (Official Build) beta (64-bit)
-- | --
Revision | 1d32b169326531e600d836bd395efc1b53d0f6ef-refs/branch-heads/4606@{#1256}
OS | Windows 10 Version 21H1 (Build 19043.1266)

Clean profile

Case 1: Check vBAT wallet is persisted unencrypted in a clean profile

  1. fresh install 1.31.68
  2. launch Brave using Rewards staging
  3. click on the BAT icon in the URL bar
  4. enable Rewards
  5. accept UGP grant
  6. close Brave
  7. open Preferences in ..\AppData\Local\BraveSoftware\Brave-Browser-Beta\User Data\Default
  8. confirm brave.rewards.wallet.brave is unencrypted
"wallets":{"brave":"{\"payment_id\":\"29b5a156-788f-4aaf-bddb-e2df3b731843\",\"recovery_seed\":\"1SOlQRZ9SarsHUWNfSQLK0ehLBcp6YLiOzKFvb+/4y8=\"}"

Case 2: Check restoring a wallet is persisted unencrypted

  1. fresh install 1.31.68
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. click on Manage your wallet
  5. click on the Restore tab
  6. enter a recovery key (from QA wallet Ad grant spreadsheet ) and click Restore
  7. close Brave
  8. open Preferences in ..\AppData\Local\BraveSoftware\Brave-Browser-Beta\User Data\Default
  9. confirm brave.rewards.wallet.brave is unencrypted
wallets":{"brave":"{\"payment_id\":\"6b754df1-caa0-4255-988e-88dd4b078c98\",\"recovery_seed\":\"tljsIOjVHv/M/oZWIPVpwIL8jlCDWWdRwkOc/IhkEQ0=\"}"

Upgrade profile

Case 1: Check upgrade paths to confirm encrypted wallet(s) in the Preferences file are decrypted in 1.31.x

  1. fresh install 1.30.87
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. accept UGP grant
  5. close Brave
  6. open Preferences in ...AppData\Local\BraveSoftware\Brave-Browser\User Data\Default (confirm wallets are encrypted)
  7. upgrade to 1.31.71
  8. open Preferences in ...\AppData\Local\BraveSoftware\Brave-Browser-Beta\User Data\Default
  9. confirm brave.rewards.wallet.brave is decrypted

1.30.87 - wallet is encrypted

wallets": {
"brave":"djEwtF.......+1SizFAyCGli.....bQ0T",
"uphold":"djEw.......+mau9KDyF3....dU01="}

After upgrade to 1.31.71 - wallet is decrypted

wallets":{"brave":"{\"payment_id\":\"cabcec37-ea27-469f-a2f7-0460f96da701\",\"recovery_seed\":\"+2hoxswKUKcjeHDDJtIb6ifzv54llm28FRNizqLzOx8=\"}"

Case 2: Check upgrade paths to confirm corrupted wallets in the Preferences file are not decrypted

  1. fresh install 1.30.87
  2. launch Brave using Rewards staging
  3. enable Rewards
  4. accept UGP grant
  5. close Brave
  6. corrupt the wallet by adding junk characters to the wallet in Preferences
  7. upgrade to 1.31.71
  8. open Preferences in ...AppData\Local\BraveSoftware\Brave-Browser-Beta\User Data\Default
  9. confirm brave.rewards.wallet.brave is encrypted

1.30.87 wallet was encrypted added junk characters to the wallet

wallets":{"brave":"@@@@@@@#$%HSi2dIm4gLER9Va7hSUHG0FQgcbNkqzQ/ANLwZyzEQTQXYWyz3+aT3JLpASk9gU4HrUoKElc3nmZoW/5ty4g5nViLSezk5xUK1EQ9exk2kRsa5ZxlPbgGQag/6+oYhc3vrlOBz1lVRliNOY/0ASImN5mZIcgMyA7fFRUTOh1/PKLUUb6KAdfXWRWbp"

After upgrade to 1.31.71 wallet remained encrypted

"wallets":{"brave":"@@@@@@@#$%HSi2dIm4gLER9Va7hSUHG0FQgcbNkqzQ/ANLwZyzEQTQXYWyz3+aT3JLpASk9gU4HrUoKElc3nmZoW/5ty4g5nViLSezk5xUK1EQ9exk2kRsa5ZxlPbgGQag/6+oYhc3vrlOBz1lVRliNOY/0ASImN5mZIcgMyA7fFRUTOh1/PKLUUb6KAdfXWRWbp"

@stephendonner stephendonner added QA Pass-macOS and removed QA/In-Progress Indicates that QA is currently in progress for that particular issue labels Sep 30, 2021
@stephendonner stephendonner added QA/In-Progress Indicates that QA is currently in progress for that particular issue QA Pass-Linux and removed QA/In-Progress Indicates that QA is currently in progress for that particular issue labels Oct 8, 2021
@srirambv
Copy link
Contributor

Verification passed on Oppo Reno 5 with Android 11 running 1.31.86 x64 build

  • Verified ads are successfully redeemed
2021-10-18 08:49:45.456 29267-29267/? V/chromium: [VERBOSE1:confirmations.cc(250)] Successfully redeemed unblinded token with confirmation id db60a298-bda1-4a0f-8c39-9ea9e75da04c, creative instance id 54592ab6-5a8e-42e6-8e11-9e9c04e9eecb and view
2021-10-18 08:49:45.460 29267-29267/? V/chromium: [VERBOSE1:confirmations.cc(273)] Added 1 unblinded payment token with an estimated redemption value of 0.05 BAT, you now have 1 unblinded payment tokens

@Miyayes Miyayes mentioned this issue Oct 26, 2021
Closed
@tmancey tmancey added this to Ads Jun 10, 2024
@tmancey tmancey moved this to Done in Ads Jun 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tmancey tmancey

Labels
enhancement feature/rewards OS/Android Fixes related to Android browser functionality OS/Desktop OS/iOS Fixes related to iOS browser functionality priority/P1 A very extremely bad problem. We might push a hotfix for it. QA Pass - Android ARM QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-All-Platforms QA/Yes release-notes/exclude
Projects
Ads
Archived in project
Milestone
1.31.x - Release
Development

Successfully merging a pull request may close this issue.

Remove encryption for Brave Rewards vBAT wallet brave/brave-core
7 participants
@stephendonner @tmancey @zenparsing @Miyayes @srirambv @LaurenWags @GeetaSarvadnya