Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce gaiacli keys export / gaiacli keys import #2020

Closed
cwgoes opened this issue Aug 14, 2018 · 14 comments · Fixed by #4436
Closed

Introduce gaiacli keys export / gaiacli keys import #2020

cwgoes opened this issue Aug 14, 2018 · 14 comments · Fixed by #4436
Assignees
@alessio
Labels
C:CLI C:Keys Keybase, KMS and HSMs T: UX

Comments

@cwgoes
Copy link
Contributor

cwgoes commented Aug 14, 2018
edited
Loading

We definitely need these prelaunch. They can come with extensive warnings.

Ideally we should do this in a standard format; the ASCII-armored one currently in the keybase implementation should be fine for now.
@cwgoes
Copy link
Contributor Author

cwgoes commented Aug 14, 2018

Brought up by @alessio - cc @ebuchman was this controversial?

@cwgoes cwgoes added C:CLI T: UX C:Keys Keybase, KMS and HSMs prelaunch labels Aug 14, 2018
@zmanian
Copy link
Member

zmanian commented Aug 15, 2018

Our view has that people need to store their words and that's our portability solution.

I disagree that this is prelaunch cause no one will be able to transfer funds at launch.

@rigelrozanski
Copy link
Contributor

second zmanian, exporting the seed phrase should be sufficient

@cwgoes
Copy link
Contributor Author

cwgoes commented Aug 28, 2018
edited
Loading

second zmanian, exporting the seed phrase should be sufficient

That would be fine if it were possible but it isn't because we don't store the seed phrase. I think we want some export method that can happen after you first create the key, otherwise users who fail to write down their seed phrase - but still have the gaiacli DB and their password - will find it very difficult to recover their keys.

It's a non-breaking change - so OK on post-launch - I expect we'll get requests for this pretty quickly.

@alessio alessio mentioned this issue Sep 19, 2018
Closed
@jackzampolin
Copy link
Member

Sounds like we still don't have gaiacli keys export

@alexanderbez
Copy link
Contributor

alexanderbez commented May 28, 2019
edited
Loading

Correct, we do not have this atm. As I see it, we can:

  1. Expect users to write down/safely store their seeds (as they should as it is up to them) and this is generally a good practice users should be doing anyway. If they lose a seed -- they're screwed.
  2. Potentially store the seed and allow that to be exported. I'm less worried about this now since we updated the permissions on the keys DB, so only a system user with the correct privileges would be able to execute such a command.

@alessio
Copy link
Contributor

alessio commented May 28, 2019

We can export the private key in ASCII format - provided that the user supply the correct mnemonic.

@alessio
Copy link
Contributor

alessio commented May 28, 2019

@alexanderbez storing the seed is in my opinion the most riskiest of all options

@alexanderbez
Copy link
Contributor

alexanderbez commented May 28, 2019
edited
Loading

The problem is that the users doesn't know the seed. They were silly and forgot to save it in a safe location.

@alessio
Copy link
Contributor

alessio commented May 28, 2019

I'll spike on this and demo something soon

@sabau
Copy link
Contributor

sabau commented May 29, 2019
edited
Loading

So would the seed phrase be accessible in clear text or GPG signed -> requiring password to access it?

@alessio
Copy link
Contributor

alessio commented May 29, 2019

[Brain dump mode ON]

A malicious actor sits next to me. By mistake I run gaiacli keys export mykey and the seed is printed out. The seed is 24 word long, human intelligible text - not too hard to memorise/remember.
Had export generated a GPG- ASCII armored string of bytes it'd have been a way harder for them to memorise it.

[brain dump mode OFF]

alessio added a commit that referenced this issue May 29, 2019
@alessio
Implement private keys export/import symmetric functionalities
9fb6d2d 
Ref #2020
@alessio alessio mentioned this issue May 29, 2019
Merged
5 tasks
@alessio alessio self-assigned this May 29, 2019
alessio pushed a commit that referenced this issue May 30, 2019
Implement private keys export/import symmetric functionalities (#4436)
85ebf5f 
Add Keybase's ExportPrivKey()/ImportPrivKey() API calls to export/import
ASCII-armored private keys. Relevant keys subcommands are provided as well.

Closes: #2020
@Kwaskoff
Copy link

and how import key when you saved generated key and didn't save "export" file?

@Kwaskoff
Copy link

gaiacli keys unsafe-import-eth-key keyname key

chillyvee pushed a commit to chillyvee/cosmos-sdk that referenced this issue Mar 1, 2024
@dependabot
chore(deps): bump docker/metadata-action from 4.1.1 to 4.3.0 (cosmos#…
8eecb1d 
…2020)

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4.1.1 to 4.3.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@v4.1.1...v4.3.0)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alessio alessio

Labels
C:CLI C:Keys Keybase, KMS and HSMs T: UX
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Implement private keys export/import symmetric functionalities cosmos/cosmos-sdk
8 participants
@zmanian @alessio @sabau @alexanderbez @jackzampolin @Kwaskoff @rigelrozanski @cwgoes