mobilecoinfoundation · wjuan-mob · Apr 25, 2022 · Mar 22, 2022 · Mar 22, 2022 · Mar 23, 2022
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/account-keys/slip10/src/lib.rs b/account-keys/slip10/src/lib.rs
@@ -19,7 +19,7 @@ use zeroize::Zeroize;
 
 /// An enumeration of errors which can occur while working with SLIP-0010 key
 /// derivation
-#[derive(Debug, Display, Eq, PartialEq)]
+#[derive(Clone, Debug, Display, Eq, Hash, Ord, PartialEq, PartialOrd)]
 pub enum Error {
     /// There was an error creating the account key: {0}
     AccountKey(AccountKeyError),
@@ -665,11 +665,6 @@ mod test {
     #[test]
     fn mnemonic_into_account_key() {
         for data in EN_MNEMONIC_STRINGS.iter() {
-            std::eprintln!(
-                "Generating for phrase {} at path m/44'/866'/{}'",
-                data.phrase,
-                data.account_index
-            );
             let mnemonic = Mnemonic::from_phrase(data.phrase, Language::English)
                 .expect("Could not read test phrase into mnemonic");
             let key = mnemonic.derive_slip10_key(data.account_index);

diff --git a/account-keys/src/error.rs b/account-keys/src/error.rs
@@ -9,7 +9,7 @@ use displaydoc::Display;
 pub type Result<T> = StdResult<T, Error>;
 
 /// Errors which can occur when a field isn't well formed.
-#[derive(Debug, Display, Eq, Hash, PartialEq, PartialOrd, Ord)]
+#[derive(Clone, Debug, Display, Eq, Hash, PartialEq, PartialOrd, Ord)]
 pub enum Error {
     /// The Fog Report URL is too long
     ReportUrlLength,

diff --git a/fog/distribution/src/main.rs b/fog/distribution/src/main.rs
@@ -120,24 +120,18 @@ fn main() {
 
     let config = Config::from_args();
 
-    // Read account root_entropies from disk
-    let src_accounts: Vec<AccountKey> = mc_util_keyfile::keygen::read_default_root_entropies(
+    // Read account keys from disk
+    let src_accounts: Vec<AccountKey> = mc_util_keyfile::keygen::read_default_mnemonics(
         config.sample_data_dir.join(Path::new("keys")),
     )
-    .expect("Could not read default root entropies from keys")
-    .iter()
-    .map(AccountKey::from)
-    .collect();
+    .expect("Could not read default mnemonics from keys");
 
-    let dest_accounts: Vec<AccountKey> = mc_util_keyfile::keygen::read_default_root_entropies(
+    let dest_accounts: Vec<AccountKey> = mc_util_keyfile::keygen::read_default_mnemonics(
         config
             .sample_data_dir
             .join(Path::new(&config.fog_keys_subdir)),
     )
-    .expect("Could not read fog keys")
-    .iter()
-    .map(AccountKey::from)
-    .collect();
+    .expect("Could not read fog keys");
 
     // Open the ledger_db to process the bootstrapped ledger
     log::info!(logger, "Loading ledger");

diff --git a/fog/sample-paykit/proto/remote_wallet.proto b/fog/sample-paykit/proto/remote_wallet.proto
@@ -32,8 +32,8 @@ service RemoteWalletApi {
 }
 
 message FreshBalanceCheckRequest {
-    /// Root entropy for the account the new client will be using.
-    bytes root_entropy = 1;
+    /// Slip10 key for the account the new client will be using.
+    bytes slip10_key = 1;
 
     /// FOG URI (should have view and ledger servers accessible).
     string fog_uri = 2;

diff --git a/fog/sample-paykit/src/bin/balance_check.rs b/fog/sample-paykit/src/bin/balance_check.rs
@@ -14,7 +14,6 @@
 //! didn't have the expected value). See fog-conformance-test documentation for
 //! more details.
 
-use mc_account_keys::AccountKey;
 use mc_common::logger::{create_root_logger, log};
 use mc_fog_sample_paykit::ClientBuilder;
 use mc_fog_uri::{FogLedgerUri, FogViewUri};
@@ -50,9 +49,8 @@ fn main() {
     let config = Config::from_args();
     let logger = create_root_logger();
 
-    let root_identity =
+    let account_key =
         mc_util_keyfile::read_keyfile(config.keyfile).expect("Could not read private key file");
-    let account_key = AccountKey::from(&root_identity);
 
     // Note: The balance check program is not supposed to submit anything to
     // consensus or talk to consensus, so this is just a dummy value

diff --git a/fog/sample-paykit/src/bin/sample_paykit_remote_wallet.rs b/fog/sample-paykit/src/bin/sample_paykit_remote_wallet.rs
@@ -5,7 +5,7 @@
 //! the sample paykit.
 
 use grpcio::{RpcContext, RpcStatus, UnarySink};
-use mc_account_keys::{AccountKey, RootEntropy, RootIdentity};
+use mc_account_keys::AccountKey;
 use mc_common::logger::{create_root_logger, log, Logger};
 use mc_fog_sample_paykit::{
     empty::Empty,
@@ -21,9 +21,10 @@ use mc_transaction_core::{tokens::Mob, Token};
 use mc_util_grpc::{
     rpc_internal_error, rpc_invalid_arg_error, send_result, ConnectionUriGrpcioServer,
 };
+use mc_util_keyfile::Slip10IdentityJson;
 use mc_util_uri::{ConsensusClientUri, Uri, UriScheme};
 use std::{
-    convert::TryFrom,
+    convert::{TryFrom, TryInto},
     str::FromStr,
     sync::{Arc, Mutex},
     thread::sleep,
@@ -77,12 +78,16 @@ impl RemoteWalletService {
         &self,
         request: FreshBalanceCheckRequest,
     ) -> Result<BalanceCheckResponse, RpcStatus> {
-        let root_entropy = RootEntropy::try_from(&request.root_entropy[..])
-            .map_err(|err| rpc_invalid_arg_error("root_entropy", err, &self.logger))?;
-
-        let root_identity = RootIdentity::from(&root_entropy);
+        let id = Slip10IdentityJson {
+            slip10_key: (&request.slip10_key[..])
+                .try_into()
+                .map_err(|err| rpc_invalid_arg_error("slip10 key", err, &self.logger))?,
+            ..Default::default()
+        };
 
-        let account_key = AccountKey::from(&root_identity);
+        let account_key = AccountKey::try_from(&id).map_err(|err| {
+            rpc_invalid_arg_error("could not build account key", err, &self.logger)
+        })?;
 
         // Note: The balance check program is not supposed to submit anything to
         // consensus or talk to consensus, so this is just a dummy value

diff --git a/fog/test-client/src/config.rs b/fog/test-client/src/config.rs
@@ -12,6 +12,10 @@ use serde::Serialize;
 use std::{path::PathBuf, time::Duration};
 use structopt::StructOpt;
 
+// Hack to work around Vec special handling in structopt
+#[allow(dead_code)]
+type VecBytes = Vec<u8>;
+
 /// StructOpt for test-client binary
 ///
 /// Serialize is used to create a json summary
@@ -135,12 +139,11 @@ impl TestClientConfig {
 
         // Load the key files
         log::info!(logger, "Loading account keys from {:?}", key_dir);
-        mc_util_keyfile::keygen::read_default_root_entropies(&key_dir)
+        mc_util_keyfile::keygen::read_default_mnemonics(&key_dir)
             .unwrap()
-            .iter()
+            .into_iter()
             .take(self.num_clients)
-            .map(AccountKey::from)
-            .collect()
+            .collect::<_>()
     }
 }
 

diff --git a/fog/test_infra/src/bin/add_test_block.rs b/fog/test_infra/src/bin/add_test_block.rs
@@ -25,7 +25,7 @@
 //! is returned.
 
 use core::convert::TryFrom;
-use mc_account_keys::{AccountKey, DEFAULT_SUBADDRESS_INDEX};
+use mc_account_keys::DEFAULT_SUBADDRESS_INDEX;
 use mc_common::logger::create_root_logger;
 use mc_crypto_hashes::{Blake2b256, Digest};
 use mc_crypto_keys::{Ed25519Pair, RistrettoPrivate, RistrettoPublic};
@@ -100,13 +100,10 @@ fn main() {
     let fog_pubkey = RistrettoPublic::try_from(&config.fog_pubkey)
         .expect("Could not parse fog_pubkey as Ristretto");
 
-    // Read user root entropy keys from disk
-    let root_entropies = mc_util_keyfile::keygen::read_default_root_entropies(config.keys)
-        .expect("Could not read root identity files");
-    assert_ne!(0, root_entropies.len());
-
-    // Create account keys from this
-    let account_keys: Vec<AccountKey> = root_entropies.iter().map(AccountKey::from).collect();
+    // Read account keys from disk
+    let account_keys = mc_util_keyfile::keygen::read_default_mnemonics(config.keys)
+        .expect("Could not read slip10 identity files");
+    assert_ne!(0, account_keys.len());
 
     // Open the ledger db
     let mut ledger = LedgerDB::open(&config.ledger).expect("Could not open ledger db");

diff --git a/fog/view/load-test/src/main.rs b/fog/view/load-test/src/main.rs
@@ -81,9 +81,8 @@ fn main() {
     let config = Config::from_args();
     let logger = create_root_logger();
 
-    let root_identity =
+    let account_key =
         mc_util_keyfile::read_keyfile(config.keyfile).expect("Could not read private key file");
-    let account_key = AccountKey::from(&root_identity);
 
     let num_reqs = Arc::new(AtomicU64::new(0));
     for _ in 0..config.num_workers {

diff --git a/mobilecoind/api/proto/mobilecoind_api.proto b/mobilecoind/api/proto/mobilecoind_api.proto
@@ -26,6 +26,7 @@ service MobilecoindAPI {
     rpc GenerateRootEntropy (google.protobuf.Empty) returns (GenerateRootEntropyResponse) {}
     rpc GenerateMnemonic (google.protobuf.Empty) returns (GenerateMnemonicResponse) {}
     rpc GetAccountKeyFromRootEntropy (GetAccountKeyFromRootEntropyRequest) returns (GetAccountKeyResponse) {}
+    rpc GetAccountKeyFromSlip10 (GetAccountKeyFromSlip10Request) returns (GetAccountKeyResponse) {}
     rpc GetAccountKeyFromMnemonic (GetAccountKeyFromMnemonicRequest) returns (GetAccountKeyResponse) {}
     rpc GetPublicAddress (GetPublicAddressRequest) returns (GetPublicAddressResponse) {}
 
@@ -336,6 +337,12 @@ message GenerateMnemonicResponse {
 message GetAccountKeyFromRootEntropyRequest {
     bytes root_entropy = 1;
 }
+
+// Generate an AccountKey from a 32 byte slip10 value.
+message GetAccountKeyFromSlip10Request {
+    bytes slip10_key = 1;
+}
+
 // Generate an AccountKey from a mnemonic.
 message GetAccountKeyFromMnemonicRequest {
     string mnemonic = 1;
@@ -767,4 +774,4 @@ message SetDbPasswordRequest {
 // Unlock a currently password-protected database.
 message UnlockDbRequest {
     bytes password = 1;
-}
+}
diff --git a/mobilecoind/src/service.rs b/mobilecoind/src/service.rs
@@ -17,7 +17,7 @@ use crate::{
 use bip39::{Language, Mnemonic, MnemonicType};
 use grpcio::{EnvBuilder, RpcContext, RpcStatus, RpcStatusCode, ServerBuilder, UnarySink};
 use mc_account_keys::{AccountKey, PublicAddress, RootIdentity, DEFAULT_SUBADDRESS_INDEX};
-use mc_account_keys_slip10::Slip10KeyGenerator;
+use mc_account_keys_slip10::{Slip10Key, Slip10KeyGenerator};
 use mc_common::{
     logger::{log, Logger},
     HashMap,
@@ -394,6 +394,30 @@ impl<T: BlockchainConnection + UserTxConnection + 'static, FPR: FogPubkeyResolve
         Ok(response)
     }
 
+    fn get_account_key_from_slip10_impl(
+        &mut self,
+        request: mc_mobilecoind_api::GetAccountKeyFromSlip10Request,
+    ) -> Result<mc_mobilecoind_api::GetAccountKeyResponse, RpcStatus> {
+        // Get the entropy.
+        if request.get_slip10_key().len() != 32 {
+            return Err(RpcStatus::with_message(
+                RpcStatusCode::INVALID_ARGUMENT,
+                "entropy".into(),
+            ));
+        }
+
+        // Use slip10_key to construct AccountKey.
+        let mut slip10_key = [0u8; 32];
+        slip10_key.copy_from_slice(request.get_slip10_key());
+        let key = Slip10Key::from(slip10_key);
+        let account_key = AccountKey::from(key);
+
+        // Return response.
+        let mut response = mc_mobilecoind_api::GetAccountKeyResponse::new();
+        response.set_account_key((&account_key).into());
+        Ok(response)
+    }
+
     fn get_account_key_from_mnemonic_impl(
         &mut self,
         request: mc_mobilecoind_api::GetAccountKeyFromMnemonicRequest,
@@ -1904,6 +1928,7 @@ build_api! {
     generate_root_entropy Empty GenerateRootEntropyResponse generate_root_entropy_impl,
     generate_mnemonic Empty GenerateMnemonicResponse generate_mnemonic_impl,
     get_account_key_from_root_entropy GetAccountKeyFromRootEntropyRequest GetAccountKeyResponse get_account_key_from_root_entropy_impl,
+    get_account_key_from_slip10 GetAccountKeyFromSlip10Request GetAccountKeyResponse get_account_key_from_slip10_impl,
     get_account_key_from_mnemonic GetAccountKeyFromMnemonicRequest GetAccountKeyResponse get_account_key_from_mnemonic_impl,
     get_public_address GetPublicAddressRequest GetPublicAddressResponse get_public_address_impl,
 

diff --git a/mobilecoind/strategies/accounts.py b/mobilecoind/strategies/accounts.py
@@ -37,8 +37,8 @@ def connect(host, port):
 def register_account(key_data, stub) -> AccountData:
     # Generate an account key from this root entropy
     resp = stub.GetAccountKeyFromRootEntropy(
-        mobilecoind_api_pb2.GetAccountKeyFromRootEntropyRequest(
-            root_entropy=bytes(key_data['root_entropy'])))
+        mobilecoind_api_pb2.GetAccountKeyFromSlip10Request(
+            slip10_key=bytes.fromhex(key_data['slip10_key'])))
     account_key = resp.account_key
 
     # Add this account to the wallet

diff --git a/sgx/css-dump/src/main.rs b/sgx/css-dump/src/main.rs
@@ -32,7 +32,7 @@ fn main() {
     let input = if config.input.is_some() {
         std::fs::read(config.input.unwrap()).expect("Could not read input file")
     } else {
-        // sigstruct structures are 1 x86_64 page
+        // sigstruct structures should be 1208 bytes
         let mut bytes = vec![0u8; mem::size_of::<Signature>()];
         io::stdin()
             .read_exact(&mut bytes)

diff --git a/tools/fog-local-network/fog_conformance_tests.py b/tools/fog-local-network/fog_conformance_tests.py
@@ -154,7 +154,7 @@ def start(self):
         with grpc.insecure_channel(self.remote_wallet_host_port) as channel:
             stub = remote_wallet_pb2_grpc.RemoteWalletApiStub(channel)
             response = self._retrying_grpc_request(stub.FreshBalanceCheck, remote_wallet_pb2.FreshBalanceCheckRequest(
-                root_entropy=bytes(key['root_entropy']),
+                slip10_key=bytes.fromhex(key['slip10_key']),
                 fog_uri=self.fog_url,
             ))
 

diff --git a/util/from-random/src/lib.rs b/util/from-random/src/lib.rs
@@ -13,3 +13,11 @@ pub trait FromRandom: Sized {
     /// Using a mutable RNG, take it's output to securely initialize the object
     fn from_random<R: CryptoRng + RngCore>(csprng: &mut R) -> Self;
 }
+
+impl FromRandom for [u8; 32] {
+    fn from_random<R: CryptoRng + RngCore>(csprng: &mut R) -> [u8; 32] {
+        let mut result = [0u8; 32];
+        csprng.fill_bytes(&mut result);
+        result
+    }
+}
diff --git a/util/keyfile/Cargo.toml b/util/keyfile/Cargo.toml
@@ -25,22 +25,28 @@ path = "src/bin/read_pubfile.rs"
 
 [dependencies]
 mc-account-keys = { path = "../../account-keys" }
+mc-account-keys-slip10 = { path = "../../account-keys/slip10" }
 mc-api = { path = "../../api" }
 mc-crypto-rand = { path = "../../crypto/rand" }
 mc-util-from-random = { path = "../../util/from-random" }
 mc-util-serial = { path = "../../util/serial", features = ["std"] }
 
 base64 = "0.13"
+displaydoc = "0.2"
 hex = "0.4"
 pem = "1.0"
+prost = "0.9.0"
 rand = "0.8"
+rand_core = "0.6.3"
 rand_hc = "0.3"
 serde = "1.0"
 serde_json = "1.0"
 structopt = "0.3"
+tiny-bip39 = "0.8"
 x509-signature = "0.5"
 
 [dev-dependencies]
+mc-crypto-x509-test-vectors = { path = "../../crypto/x509/test-vectors" }
 mc-util-test-helper = { path = "../../util/test-helper" }
 
-tempdir = "0.3"
+tempfile = "3.2"
diff --git a/util/keyfile/src/backwards_compatibility.json b/util/keyfile/src/backwards_compatibility.json
@@ -0,0 +1 @@
+[{"mnemonic":"exist profit best motion party reform discover garden mountain entire sing fire real owner common punch label rubber sunny gap invest void snack estate","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"action sphere soft mercy month frown learn renew bottom pattern attend level chat neglect miracle cause decorate convince hand bread live execute grass palace","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"file cupboard accuse solve dad clip diesel unveil burden eye renew slam bring nurse click zero shock cabin urge finger claw volcano found bag","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"include library rigid pause panther deal style shuffle then dumb pumpkin pelican join coach flower situate slender exit figure jelly torch scissors dish begin","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"typical shine grocery luggage lizard latin food warrior achieve leave season furnace seminar else verify toy result style captain cotton spare survey fame panther","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"execute grant hazard aim true anxiety expect uncle muscle stairs around extend jelly column manage grit panda quiz assume modify error faith never broccoli","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"music display finger thrive aspect genius obtain reason jar chimney someone brisk resemble pulp coast spawn border much focus autumn logic pave win liberty","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"broccoli venture whale lizard antique title leader sick hedgehog skirt until happy this furnace admit siege man lawn toe enforce elder negative suggest treat","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"buffalo strike film school celery embody cinnamon spot night uncover monitor useless uncle eager purpose brother essence lion vital doll cattle transfer dynamic turtle","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null},{"mnemonic":"ethics wash coil hello never harsh one brand side chaos cause blood course orange write beach seat fat park enforce feed reward airport cement","account_index":0,"fog_report_url":null,"fog_report_id":null,"fog_authority_spki":null}]