chore: hide private values in debug and serialize (#3905)

Description
---
Added `derivative` macro to get rid of the debug prints.

Motivation and Context
---
Hide all private values that can be exposed accidentally via debug or serializing.

How Has This Been Tested?
---
integration tests only

applications/launchpad/backend/Cargo.toml

@@ -30,6 +30,7 @@ tor-hash-passwd = "1.0.1"
 thiserror = "1.0.30"
 tokio = { version = "1.9", features= ["sync"] }
 futures = "0.3"
+derivative = "2.2.0"
 
 [features]
 default = [ "custom-protocol" ]

applications/launchpad/backend/src/commands/launch_docker.rs

@@ -23,6 +23,7 @@
 
 use std::{convert::TryFrom, path::PathBuf, time::Duration};
 
+use derivative::Derivative;
 use log::*;
 use serde::{Deserialize, Serialize};
 use tauri::{AppHandle, Manager, Wry};
@@ -45,7 +46,8 @@ use crate::{
     error::LauncherError,
 };
 
-#[derive(Debug, Serialize, Deserialize)]
+#[derive(Derivative, Serialize, Deserialize)]
+#[derivative(Debug)]
 pub struct WorkspaceLaunchOptions {
     root_folder: String,
     tari_network: String,
@@ -55,10 +57,14 @@ pub struct WorkspaceLaunchOptions {
     has_mm_proxy: bool,
     has_xmrig: bool,
     wait_for_tor: Option<u64>,
+    #[derivative(Debug = "ignore")]
+    #[serde(skip_serializing)]
     wallet_password: Option<String>,
     sha3_mining_threads: Option<usize>,
     monerod_url: Option<String>,
     monero_username: Option<String>,
+    #[derivative(Debug = "ignore")]
+    #[serde(skip_serializing)]
     monero_password: Option<String>,
     monero_use_auth: Option<bool>,
     monero_mining_address: Option<String>,

applications/launchpad/backend/src/commands/service.rs

@@ -24,6 +24,7 @@
 use std::{convert::TryFrom, path::PathBuf, time::Duration};
 
 use bollard::Docker;
+use derivative::Derivative;
 use futures::StreamExt;
 use log::*;
 use serde::{Deserialize, Serialize};
@@ -52,18 +53,21 @@ use crate::{
 };
 
 /// "Global" settings from the launcher front-end
-#[derive(Clone, Debug, Deserialize)]
+#[derive(Clone, Derivative, Deserialize)]
+#[derivative(Debug)]
 #[serde(rename_all = "camelCase")]
 pub struct ServiceSettings {
     pub tari_network: String,
     pub root_folder: String,
+    #[derivative(Debug = "ignore")]
     pub wallet_password: String,
     pub monero_mining_address: Option<String>,
     pub num_mining_threads: i64,
     pub docker_registry: Option<String>,
     pub docker_tag: Option<String>,
     pub monerod_url: Option<String>,
     pub monero_username: Option<String>,
+    #[derivative(Debug = "ignore")]
     pub monero_password: Option<String>,
     pub monero_use_auth: Option<bool>,
 }

applications/launchpad/backend/src/docker/settings.rs

@@ -25,6 +25,7 @@ use std::{collections::HashMap, path::PathBuf, time::Duration};
 
 use bollard::models::{Mount, MountTypeEnum, PortBinding, PortMap};
 use config::ConfigError;
+use derivative::Derivative;
 use serde::{Deserialize, Serialize};
 use thiserror::Error;
 use tor_hash_passwd::EncryptedKey;
@@ -43,11 +44,14 @@ pub struct BaseNodeConfig {
     pub delay: Duration,
 }
 
-#[derive(Default, Debug, Serialize, Deserialize)]
+#[derive(Default, Derivative, Serialize, Deserialize)]
+#[derivative(Debug)]
 pub struct WalletConfig {
     /// The time delay before starting the container and running the wallet executable
     pub delay: Duration,
     /// The password to de/en-crypt the wallet database
+    #[serde(skip_serializing)]
+    #[derivative(Debug = "ignore")]
     pub password: String,
 }
 
@@ -67,7 +71,8 @@ pub struct Sha3MinerConfig {
     pub num_mining_threads: usize,
 }
 
-#[derive(Debug, Serialize, Deserialize)]
+#[derive(Derivative, Serialize, Deserialize)]
+#[derivative(Debug)]
 pub struct MmProxyConfig {
     /// The time delay before starting the container and running the proxy executable
     pub delay: Duration,
@@ -76,6 +81,8 @@ pub struct MmProxyConfig {
     /// If required, the monero username for the monero daemon
     pub monero_username: String,
     /// If required, the password needed to access the monero deamon
+    #[serde(skip_serializing)]
+    #[derivative(Debug = "ignore")]
     pub monero_password: String,
     /// If true, provide the monero username and password to the daemon. Otherwise those strings are ignored.
     pub monero_use_auth: bool,

applications/tari_collectibles/src-tauri/Cargo.toml

@@ -26,6 +26,7 @@ tari_utilities = { git = "https://github.com/tari-project/tari_utilities.git", t
 tari_dan_common_types = { path = "../../../dan_layer/common_types"}
 
 blake2 = "^0.9.0"
+derivative = "2.2.0"
 diesel = { version = "1.4.8", features = ["sqlite"] }
 diesel_migrations = "1.4.0"
 futures = "0.3.17"

applications/tari_collectibles/src-tauri/src/models/wallet.rs

@@ -20,14 +20,18 @@
 //  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 //  USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+use derivative::Derivative;
 use serde::{Deserialize, Serialize};
 use tari_key_manager::cipher_seed::CipherSeed;
 use uuid::Uuid;
 
-#[derive(Serialize, Deserialize, Debug, Clone)]
+#[derive(Serialize, Deserialize, Derivative, Clone)]
+#[derivative(Debug)]
 pub struct Wallet {
   pub id: Uuid,
   pub name: Option<String>,
+  #[serde(skip_serializing)]
+  #[derivative(Debug = "ignore")]
   pub cipher_seed: CipherSeed,
 }
 

applications/tari_merge_mining_proxy/Cargo.toml

@@ -25,6 +25,7 @@ bincode = "1.3.1"
 bytes = "1.1"
 chrono = { version = "0.4.6", default-features = false }
 config = { version = "0.9.3" }
+derivative = "2.2.0"
 env_logger = { version = "0.7.1", optional = true }
 futures = "0.3.5"
 hex = "0.4.2"

applications/tari_merge_mining_proxy/src/proxy.rs

@@ -37,6 +37,7 @@ use std::{
 };
 
 use bytes::Bytes;
+use derivative::Derivative;
 use hyper::{header::HeaderValue, service::Service, Body, Method, Request, Response, StatusCode, Uri};
 use json::json;
 use jsonrpc::error::StandardError;
@@ -62,11 +63,13 @@ pub(crate) const MMPROXY_AUX_KEY_NAME: &str = "_aux";
 /// The identifier used to identify the tari aux chain data
 const TARI_CHAIN_ID: &str = "xtr";
 
-#[derive(Debug, Clone)]
+#[derive(Derivative, Clone)]
+#[derivative(Debug)]
 pub struct MergeMiningProxyConfig {
     pub network: Network,
     pub monerod_url: Vec<String>,
     pub monerod_username: String,
+    #[derivative(Debug = "ignore")]
     pub monerod_password: String,
     pub monerod_use_auth: bool,
     pub grpc_base_node_address: SocketAddr,

applications/tari_mining_node/Cargo.toml

@@ -33,6 +33,7 @@ native-tls = "0.2"
 bufstream = "0.1"
 chrono = { version = "0.4.19", default-features = false }
 hex = "0.4.2"
+derivative = "2.2.0"
 
 [dev-dependencies]
 prost-types = "0.9"

applications/tari_mining_node/src/stratum/stratum_types/login_params.rs

@@ -20,11 +20,15 @@
 // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 // USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 //
+use derivative::Derivative;
 use serde::{Deserialize, Serialize};
 
-#[derive(Serialize, Deserialize, Debug)]
+#[derive(Serialize, Deserialize, Derivative)]
+#[derivative(Debug)]
 pub struct LoginParams {
     pub login: String,
+    #[derivative(Debug = "ignore")]
+    #[serde(skip_serializing)]
     pub pass: String,
     pub agent: String,
 }

base_layer/core/Cargo.toml

@@ -42,6 +42,7 @@ bytes = "0.5"
 chrono = { version = "0.4.19", default-features = false, features = ["serde"] }
 croaring = { version = "=0.4.5", optional = true }
 decimal-rs = "0.1.20"
+derivative = "2.2.0"
 derive_more = "0.99.16"
 digest = "0.9.0"
 fs2 = "0.3.0"

base_layer/core/src/transactions/transaction_components/unblinded_output_builder.rs

@@ -20,6 +20,7 @@
 //  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 //  USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+use derivative::Derivative;
 use tari_common_types::types::{BlindingFactor, ComSignature, PrivateKey, PublicKey};
 use tari_crypto::commitment::HomomorphicCommitmentFactory;
 use tari_script::{ExecutionStack, TariScript};
@@ -34,14 +35,17 @@ use crate::{
     },
 };
 
-#[derive(Debug, Clone)]
+#[derive(Derivative, Clone)]
+#[derivative(Debug)]
 pub struct UnblindedOutputBuilder {
     pub value: MicroTari,
+    #[derivative(Debug = "ignore")]
     spending_key: BlindingFactor,
     pub features: OutputFeatures,
     pub script: Option<TariScript>,
     covenant: Covenant,
     input_data: Option<ExecutionStack>,
+    #[derivative(Debug = "ignore")]
     script_private_key: Option<PrivateKey>,
     sender_offset_public_key: Option<PublicKey>,
     metadata_signature: Option<ComSignature>,

base_layer/core/src/transactions/transaction_protocol/mod.rs

@@ -82,6 +82,7 @@
 
 // #![allow(clippy::op_ref)]
 
+use derivative::Derivative;
 use digest::Digest;
 use serde::{Deserialize, Serialize};
 use tari_common_types::types::{MessageHash, PrivateKey, PublicKey};
@@ -140,9 +141,12 @@ pub struct TransactionMetadata {
     pub lock_height: u64,
 }
 
-#[derive(Debug, Clone)]
+#[derive(Derivative, Clone)]
+#[derivative(Debug)]
 pub struct RewindData {
+    #[derivative(Debug = "ignore")]
     pub rewind_key: PrivateKey,
+    #[derivative(Debug = "ignore")]
     pub rewind_blinding_key: PrivateKey,
     pub recovery_byte_key: PrivateKey,
     pub proof_message: [u8; REWIND_USER_MESSAGE_LENGTH],

base_layer/core/src/transactions/transaction_protocol/sender.rs

@@ -22,6 +22,7 @@
 
 use std::fmt;
 
+use derivative::Derivative;
 use digest::{Digest, FixedOutput};
 use serde::{Deserialize, Serialize};
 use tari_common_types::{
@@ -70,7 +71,8 @@ use crate::{
 /// Transaction construction process.
 // TODO: Investigate necessity to use the 'Serialize' and 'Deserialize' traits here; this could potentially leak
 // TODO:   information when least expected. #LOGGED
-#[derive(Clone, Debug, Serialize, Deserialize, PartialEq)]
+#[derive(Clone, Derivative, Serialize, Deserialize, PartialEq)]
+#[derivative(Debug)]
 pub(super) struct RawTransactionInfo {
     pub num_recipients: usize,
     // The sum of self-created outputs plus change
@@ -79,9 +81,11 @@ pub(super) struct RawTransactionInfo {
     pub amounts: Vec<MicroTari>,
     pub recipient_scripts: Vec<TariScript>,
     pub recipient_output_features: Vec<OutputFeatures>,
+    #[derivative(Debug = "ignore")]
     pub recipient_sender_offset_private_keys: Vec<PrivateKey>,
     pub recipient_covenants: Vec<Covenant>,
     // The sender's portion of the public commitment nonce
+    #[derivative(Debug = "ignore")]
     pub private_commitment_nonces: Vec<PrivateKey>,
     pub change: MicroTari,
     pub change_output_metadata_signature: Option<ComSignature>,
@@ -93,9 +97,11 @@ pub(super) struct RawTransactionInfo {
     pub offset: BlindingFactor,
     // The sender's blinding factor shifted by the sender-selected offset
     pub offset_blinding_factor: BlindingFactor,
+    #[derivative(Debug = "ignore")]
     pub gamma: PrivateKey,
     pub public_excess: PublicKey,
     // The sender's private nonce
+    #[derivative(Debug = "ignore")]
     pub private_nonce: PrivateKey,
     // The sender's public nonce
     pub public_nonce: PublicKey,

base_layer/key_manager/Cargo.toml

@@ -22,6 +22,7 @@ chrono = { version = "0.4.19", default-features = false, features = ["serde"] }
 clear_on_drop = "=0.2.4"
 console_error_panic_hook = "0.1.7"
 crc32fast = "1.2.1"
+derivative = "2.2.0"
 digest = "0.9.0"
 getrandom = { version = "0.2.3", optional = true }
 js-sys = { version = "0.3.55", optional = true }