Skip to content
This repository has been archived by the owner on Nov 30, 2021. It is now read-only.

rpc: implement personal_importRawKey #552

Merged
merged 17 commits into from
Sep 30, 2020
6 changes: 5 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,13 @@ Ref: https://keepachangelog.com/en/1.0.0/

## Unreleased

### Features

* (rpc) [\#552](https://github.com/ChainSafe/ethermint/pull/552) Implement Eth Personal namespace `personal_importRawKey`.

### Bug fixes

* (app/ante) [\#550](https://github.com/ChainSafe/ethermint/pull/550) Update ante handler nonce verification to accept any nonce greater than or equal to the expected nonce to allow to successive transactions.
* (app/ante) [\#550](https://github.com/ChainSafe/ethermint/pull/550) Update ante handler nonce verification to accept any nonce greater than or equal to the expected nonce to allow to successive transactions.

## [v0.2.0] - 2020-09-24

Expand Down
4 changes: 3 additions & 1 deletion crypto/algorithm.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,10 @@ import (
)

const (
// EthSecp256k1Type string constant for the EthSecp256k1 algorithm
EthSecp256k1Type = "eth_secp256k1"
// EthSecp256k1 defines the ECDSA secp256k1 used on Ethereum
EthSecp256k1 = keys.SigningAlgo("eth_secp256k1")
EthSecp256k1 = keys.SigningAlgo(EthSecp256k1Type)
)

// SupportedAlgorithms defines the list of signing algorithms used on Ethermint:
Expand Down
2 changes: 1 addition & 1 deletion rpc/apis.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ func GetRPCAPIs(cliCtx context.CLIContext, keys []emintcrypto.PrivKeySecp256k1)
{
Namespace: PersonalNamespace,
Version: apiVersion,
Service: NewPersonalEthAPI(cliCtx, ethAPI, nonceLock, keys),
Service: NewPersonalEthAPI(ethAPI, nonceLock, keys),
Public: false,
},
{
Expand Down
112 changes: 63 additions & 49 deletions rpc/personal_api.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,47 +8,47 @@ import (
"sync"
"time"

sdkcontext "github.com/cosmos/cosmos-sdk/client/context"
"github.com/spf13/viper"

"github.com/tendermint/tendermint/libs/log"

"github.com/cosmos/cosmos-sdk/client/flags"
"github.com/cosmos/cosmos-sdk/crypto/keys"
"github.com/cosmos/cosmos-sdk/crypto/keys/mintkey"
sdk "github.com/cosmos/cosmos-sdk/types"
emintcrypto "github.com/cosmos/ethermint/crypto"
params "github.com/cosmos/ethermint/rpc/args"
"github.com/spf13/viper"
"github.com/tendermint/tendermint/libs/log"

"github.com/ethereum/go-ethereum/accounts"
"github.com/ethereum/go-ethereum/common"
"github.com/ethereum/go-ethereum/common/hexutil"
"github.com/ethereum/go-ethereum/crypto"

emintcrypto "github.com/cosmos/ethermint/crypto"
params "github.com/cosmos/ethermint/rpc/args"
)

// PersonalEthAPI is the eth_ prefixed set of APIs in the Web3 JSON-RPC spec.
// PersonalEthAPI is the personal_ prefixed set of APIs in the Web3 JSON-RPC spec.
type PersonalEthAPI struct {
logger log.Logger
cliCtx sdkcontext.CLIContext
ethAPI *PublicEthAPI
nonceLock *AddrLocker
keys []emintcrypto.PrivKeySecp256k1
keyInfos []keys.Info
keybaseLock sync.Mutex
}

// NewPersonalEthAPI creates an instance of the public ETH Web3 API.
func NewPersonalEthAPI(cliCtx sdkcontext.CLIContext, ethAPI *PublicEthAPI, nonceLock *AddrLocker, keys []emintcrypto.PrivKeySecp256k1) *PersonalEthAPI {
// NewPersonalEthAPI creates an instance of the public Personal Eth API.
func NewPersonalEthAPI(ethAPI *PublicEthAPI, nonceLock *AddrLocker, keys []emintcrypto.PrivKeySecp256k1) *PersonalEthAPI {
api := &PersonalEthAPI{
logger: log.NewTMLogger(log.NewSyncWriter(os.Stdout)).With("module", "json-rpc"),
cliCtx: cliCtx,
ethAPI: ethAPI,
nonceLock: nonceLock,
keys: keys,
}

infos, err := api.getKeybaseInfo()
if err != nil {
return api
}

api.ethAPI.keys = append(api.ethAPI.keys, keys...)
fedekunze marked this conversation as resolved.
Show resolved Hide resolved
api.keyInfos = infos
return api
}
Expand All @@ -57,35 +57,61 @@ func (e *PersonalEthAPI) getKeybaseInfo() ([]keys.Info, error) {
e.keybaseLock.Lock()
defer e.keybaseLock.Unlock()

if e.cliCtx.Keybase == nil {
if e.ethAPI.cliCtx.Keybase == nil {
keybase, err := keys.NewKeyring(
sdk.KeyringServiceName(),
viper.GetString(flags.FlagKeyringBackend),
viper.GetString(flags.FlagHome),
e.cliCtx.Input,
e.ethAPI.cliCtx.Input,
emintcrypto.EthSecp256k1Options()...,
)
if err != nil {
return nil, err
}

e.cliCtx.Keybase = keybase
e.ethAPI.cliCtx.Keybase = keybase
}

return e.cliCtx.Keybase.List()
return e.ethAPI.cliCtx.Keybase.List()
}

// ImportRawKey stores the given hex encoded ECDSA key into the key directory,
// encrypting it with the passphrase.
// Currently, this is not implemented since the feature is not supported by the keys.
// ImportRawKey armors and encrypts a given raw hex encoded ECDSA key and stores it into the key directory.
// The name of the key will have the format "personal_<length-keys>", where <length-keys> is the total number of
// keys stored on the keyring.
// NOTE: The key will be both armored and encrypted using the same passphrase.
func (e *PersonalEthAPI) ImportRawKey(privkey, password string) (common.Address, error) {
e.logger.Debug("personal_importRawKey", "error", "not implemented")
_, err := crypto.HexToECDSA(privkey)
e.logger.Debug("personal_importRawKey")
priv, err := crypto.HexToECDSA(privkey)
if err != nil {
return common.Address{}, err
}

privKey := emintcrypto.PrivKeySecp256k1(crypto.FromECDSA(priv))

armor := mintkey.EncryptArmorPrivKey(privKey, password, emintcrypto.EthSecp256k1Type)

// ignore error as we only care about the length of the list
list, _ := e.ethAPI.cliCtx.Keybase.List()
privKeyName := fmt.Sprintf("personal_%d", len(list))

if err := e.ethAPI.cliCtx.Keybase.ImportPrivKey(privKeyName, armor, password); err != nil {
return common.Address{}, err
}

addr := common.BytesToAddress(privKey.PubKey().Address().Bytes())

info, err := e.ethAPI.cliCtx.Keybase.Get(privKeyName)
if err != nil {
return common.Address{}, err
}

return common.Address{}, nil
// append key and info to be able to lock and list the account
e.ethAPI.keys = append(e.ethAPI.keys, privKey)
e.keyInfos = append(e.keyInfos, info)

e.logger.Info("key successfully imported", "name", privKeyName, "address", addr.String())

fedekunze marked this conversation as resolved.
Show resolved Hide resolved
return addr, nil
}

// ListAccounts will return a list of addresses for accounts this node manages.
Expand All @@ -103,18 +129,7 @@ func (e *PersonalEthAPI) ListAccounts() ([]common.Address, error) {
// LockAccount will lock the account associated with the given address when it's unlocked.
// It removes the key corresponding to the given address from the API's local keys.
func (e *PersonalEthAPI) LockAccount(address common.Address) bool {
e.logger.Debug("personal_lockAccount", "address", address)
for i, key := range e.keys {
if !bytes.Equal(key.PubKey().Address().Bytes(), address.Bytes()) {
continue
}

tmp := make([]emintcrypto.PrivKeySecp256k1, len(e.keys)-1)
copy(tmp[:i], e.keys[:i])
copy(tmp[i:], e.keys[i+1:])
e.keys = tmp
return true
}
e.logger.Debug("personal_lockAccount", "address", address.String())

for i, key := range e.ethAPI.keys {
if !bytes.Equal(key.PubKey().Address().Bytes(), address.Bytes()) {
Expand All @@ -125,6 +140,8 @@ func (e *PersonalEthAPI) LockAccount(address common.Address) bool {
copy(tmp[:i], e.ethAPI.keys[:i])
copy(tmp[i:], e.ethAPI.keys[i+1:])
e.ethAPI.keys = tmp

e.logger.Debug("account unlocked", "address", address.String())
return true
}

Expand All @@ -140,15 +157,13 @@ func (e *PersonalEthAPI) NewAccount(password string) (common.Address, error) {
}

name := "key_" + time.Now().UTC().Format(time.RFC3339)
info, _, err := e.cliCtx.Keybase.CreateMnemonic(name, keys.English, password, emintcrypto.EthSecp256k1)
info, _, err := e.ethAPI.cliCtx.Keybase.CreateMnemonic(name, keys.English, password, emintcrypto.EthSecp256k1)
if err != nil {
return common.Address{}, err
}

e.keyInfos = append(e.keyInfos, info)

// update ethAPI
privKey, err := e.cliCtx.Keybase.ExportPrivateKeyObject(name, password)
privKey, err := e.ethAPI.cliCtx.Keybase.ExportPrivateKeyObject(name, password)
if err != nil {
return common.Address{}, err
}
Expand All @@ -157,11 +172,12 @@ func (e *PersonalEthAPI) NewAccount(password string) (common.Address, error) {
if !ok {
return common.Address{}, fmt.Errorf("invalid private key type: %T", privKey)
}

e.keyInfos = append(e.keyInfos, info)
e.ethAPI.keys = append(e.ethAPI.keys, emintKey)
e.logger.Debug("personal_newAccount", "address", fmt.Sprintf("0x%x", emintKey.PubKey().Address().Bytes()))

addr := common.BytesToAddress(info.GetPubKey().Address().Bytes())
e.logger.Info("Your new key was generated", "address", addr)
e.logger.Info("Your new key was generated", "address", addr.String())
e.logger.Info("Please backup your key file!", "path", os.Getenv("HOME")+"/.ethermintcli/"+name)
e.logger.Info("Please remember your password!")
return addr, nil
Expand All @@ -171,8 +187,8 @@ func (e *PersonalEthAPI) NewAccount(password string) (common.Address, error) {
// the given password for duration seconds. If duration is nil it will use a
// default of 300 seconds. It returns an indication if the account was unlocked.
// It exports the private key corresponding to the given address from the keyring and stores it in the API's local keys.
func (e *PersonalEthAPI) UnlockAccount(ctx context.Context, addr common.Address, password string, _ *uint64) (bool, error) {
e.logger.Debug("personal_unlockAccount", "address", addr)
func (e *PersonalEthAPI) UnlockAccount(ctx context.Context, addr common.Address, password string, _ *uint64) (bool, error) { // nolint: interfacer
e.logger.Debug("personal_unlockAccount", "address", addr.String())
// TODO: use duration

name := ""
Expand All @@ -184,11 +200,11 @@ func (e *PersonalEthAPI) UnlockAccount(ctx context.Context, addr common.Address,
}

if name == "" {
return false, fmt.Errorf("cannot find key with given address")
return false, fmt.Errorf("cannot find key with given address %s", addr.String())
}

// TODO: this only works on local keys
privKey, err := e.cliCtx.Keybase.ExportPrivateKeyObject(name, password)
privKey, err := e.ethAPI.cliCtx.Keybase.ExportPrivateKeyObject(name, password)
if err != nil {
return false, err
}
Expand All @@ -198,10 +214,8 @@ func (e *PersonalEthAPI) UnlockAccount(ctx context.Context, addr common.Address,
return false, fmt.Errorf("invalid private key type: %T", privKey)
}

e.keys = append(e.keys, emintKey)
e.ethAPI.keys = append(e.ethAPI.keys, emintKey)
e.logger.Debug("personal_unlockAccount", "address", fmt.Sprintf("0x%x", emintKey.PubKey().Address().Bytes()))

e.logger.Debug("account unlocked", "address", addr.String())
return true, nil
}

Expand All @@ -222,9 +236,9 @@ func (e *PersonalEthAPI) SendTransaction(ctx context.Context, args params.SendTx
//
// https://github.com/ethereum/go-ethereum/wiki/Management-APIs#personal_sign
func (e *PersonalEthAPI) Sign(ctx context.Context, data hexutil.Bytes, addr common.Address, passwd string) (hexutil.Bytes, error) {
e.logger.Debug("personal_sign", "data", data, "address", addr)
e.logger.Debug("personal_sign", "data", data, "address", addr.String())

key, ok := checkKeyInKeyring(e.keys, addr)
key, ok := checkKeyInKeyring(e.ethAPI.keys, addr)
if !ok {
return nil, fmt.Errorf("cannot find key with given address")
}
Expand Down
19 changes: 19 additions & 0 deletions tests/personal_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (

"github.com/ethereum/go-ethereum/common"
"github.com/ethereum/go-ethereum/common/hexutil"
ethcrypto "github.com/ethereum/go-ethereum/crypto"

"github.com/stretchr/testify/require"
)
Expand Down Expand Up @@ -42,6 +43,24 @@ func TestPersonal_Sign(t *testing.T) {
// TODO: check that signature is same as with geth, requires importing a key
}

func TestPersonal_ImportRawKey(t *testing.T) {
privkey, err := ethcrypto.GenerateKey()
require.NoError(t, err)

// parse priv key to hex
hexPriv := common.Bytes2Hex(ethcrypto.FromECDSA(privkey))
rpcRes := call(t, "personal_importRawKey", []string{hexPriv, "password"})

var res hexutil.Bytes
err = json.Unmarshal(rpcRes.Result, &res)
require.NoError(t, err)

addr := ethcrypto.PubkeyToAddress(privkey.PublicKey)
resAddr := common.BytesToAddress(res)

require.Equal(t, addr.String(), resAddr.String())
}

func TestPersonal_EcRecover(t *testing.T) {
data := hexutil.Bytes{0x88}
rpcRes := call(t, "personal_sign", []interface{}{data, hexutil.Bytes(from), ""})
Expand Down