signer: change the stdio jsonrpc to use legacy namespace conventions (#19047)
This PR will will break existing UIs, since it changes all calls like ApproveSignTransaction to be on the form ui_approveSignTransaction. This is to make it possible for the UI to reuse the json-rpc library from go-ethereum, which uses this convention. Also, this PR removes some unused structs, after import/export were removed from the external api (so no longer needs internal methods for approval) One more breaking change is introduced, removing passwords from the ApproveSignTxResponse and the likes. This makes the manual interface more like the rulebased interface, and integrates nicely with the credential storage. Thus, the way it worked before, it would be tempting for the UI to implement 'remember password' functionality. The way it is now, it will be easy instead to tell clef to store passwords and use them. If a pw is not found in the credential store, the user is prompted to provide the password.
This commit is contained in:
Martin Holst Swende
committed by
Péter Szilágyi
Péter Szilágyi
parent
eb199f1fc2
commit
5f94f8c7e7
@ -23,6 +23,7 @@ import (
|
||||
"fmt"
|
||||
"math/big"
|
||||
"reflect"
|
||||
"strings"
|
||||
|
||||
"github.com/ethereum/go-ethereum/accounts"
|
||||
"github.com/ethereum/go-ethereum/accounts/keystore"
|
||||
@ -32,6 +33,7 @@ import (
|
||||
"github.com/ethereum/go-ethereum/internal/ethapi"
|
||||
"github.com/ethereum/go-ethereum/log"
|
||||
"github.com/ethereum/go-ethereum/rlp"
|
||||
"github.com/ethereum/go-ethereum/signer/storage"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -40,7 +42,7 @@ const (
|
||||
// ExternalAPIVersion -- see extapi_changelog.md
|
||||
ExternalAPIVersion = "6.0.0"
|
||||
// InternalAPIVersion -- see intapi_changelog.md
|
||||
InternalAPIVersion = "4.0.0"
|
||||
InternalAPIVersion = "6s.0.0"
|
||||
)
|
||||
|
||||
// ExternalAPI defines the external API through which signing requests are made.
|
||||
@ -68,10 +70,6 @@ type UIClientAPI interface {
|
||||
ApproveTx(request *SignTxRequest) (SignTxResponse, error)
|
||||
// ApproveSignData prompt the user for confirmation to request to sign data
|
||||
ApproveSignData(request *SignDataRequest) (SignDataResponse, error)
|
||||
// ApproveExport prompt the user for confirmation to export encrypted Account json
|
||||
ApproveExport(request *ExportRequest) (ExportResponse, error)
|
||||
// ApproveImport prompt the user for confirmation to import Account json
|
||||
ApproveImport(request *ImportRequest) (ImportResponse, error)
|
||||
// ApproveListing prompt the user for confirmation to list accounts
|
||||
// the list of accounts to list can be modified by the UI
|
||||
ApproveListing(request *ListRequest) (ListResponse, error)
|
||||
@ -96,11 +94,12 @@ type UIClientAPI interface {
|
||||
|
||||
// SignerAPI defines the actual implementation of ExternalAPI
|
||||
type SignerAPI struct {
|
||||
chainID *big.Int
|
||||
am *accounts.Manager
|
||||
UI UIClientAPI
|
||||
validator *Validator
|
||||
rejectMode bool
|
||||
chainID *big.Int
|
||||
am *accounts.Manager
|
||||
UI UIClientAPI
|
||||
validator *Validator
|
||||
rejectMode bool
|
||||
credentials storage.Storage
|
||||
}
|
||||
|
||||
// Metadata about a request
|
||||
@ -187,25 +186,6 @@ type (
|
||||
//The UI may make changes to the TX
|
||||
Transaction SendTxArgs `json:"transaction"`
|
||||
Approved bool `json:"approved"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
// ExportRequest info about query to export accounts
|
||||
ExportRequest struct {
|
||||
Address common.Address `json:"address"`
|
||||
Meta Metadata `json:"meta"`
|
||||
}
|
||||
// ExportResponse response to export-request
|
||||
ExportResponse struct {
|
||||
Approved bool `json:"approved"`
|
||||
}
|
||||
// ImportRequest info about request to import an Account
|
||||
ImportRequest struct {
|
||||
Meta Metadata `json:"meta"`
|
||||
}
|
||||
ImportResponse struct {
|
||||
Approved bool `json:"approved"`
|
||||
OldPassword string `json:"old_password"`
|
||||
NewPassword string `json:"new_password"`
|
||||
}
|
||||
SignDataRequest struct {
|
||||
ContentType string `json:"content_type"`
|
||||
@ -217,14 +197,12 @@ type (
|
||||
}
|
||||
SignDataResponse struct {
|
||||
Approved bool `json:"approved"`
|
||||
Password string
|
||||
}
|
||||
NewAccountRequest struct {
|
||||
Meta Metadata `json:"meta"`
|
||||
}
|
||||
NewAccountResponse struct {
|
||||
Approved bool `json:"approved"`
|
||||
Password string `json:"password"`
|
||||
Approved bool `json:"approved"`
|
||||
}
|
||||
ListRequest struct {
|
||||
Accounts []accounts.Account `json:"accounts"`
|
||||
@ -240,8 +218,8 @@ type (
|
||||
Info map[string]interface{} `json:"info"`
|
||||
}
|
||||
UserInputRequest struct {
|
||||
Prompt string `json:"prompt"`
|
||||
Title string `json:"title"`
|
||||
Prompt string `json:"prompt"`
|
||||
IsPassword bool `json:"isPassword"`
|
||||
}
|
||||
UserInputResponse struct {
|
||||
@ -256,11 +234,11 @@ var ErrRequestDenied = errors.New("Request denied")
|
||||
// key that is generated when a new Account is created.
|
||||
// noUSB disables USB support that is required to support hardware devices such as
|
||||
// ledger and trezor.
|
||||
func NewSignerAPI(am *accounts.Manager, chainID int64, noUSB bool, ui UIClientAPI, abidb *AbiDb, advancedMode bool) *SignerAPI {
|
||||
func NewSignerAPI(am *accounts.Manager, chainID int64, noUSB bool, ui UIClientAPI, abidb *AbiDb, advancedMode bool, credentials storage.Storage) *SignerAPI {
|
||||
if advancedMode {
|
||||
log.Info("Clef is in advanced mode: will warn instead of reject")
|
||||
}
|
||||
signer := &SignerAPI{big.NewInt(chainID), am, ui, NewValidator(abidb), !advancedMode}
|
||||
signer := &SignerAPI{big.NewInt(chainID), am, ui, NewValidator(abidb), !advancedMode, credentials}
|
||||
if !noUSB {
|
||||
signer.startUSBListener()
|
||||
}
|
||||
@ -381,24 +359,27 @@ func (api *SignerAPI) New(ctx context.Context) (common.Address, error) {
|
||||
if len(be) == 0 {
|
||||
return common.Address{}, errors.New("password based accounts not supported")
|
||||
}
|
||||
var (
|
||||
resp NewAccountResponse
|
||||
err error
|
||||
)
|
||||
if resp, err := api.UI.ApproveNewAccount(&NewAccountRequest{MetadataFromContext(ctx)}); err != nil {
|
||||
return common.Address{}, err
|
||||
} else if !resp.Approved {
|
||||
return common.Address{}, ErrRequestDenied
|
||||
}
|
||||
|
||||
// Three retries to get a valid password
|
||||
for i := 0; i < 3; i++ {
|
||||
resp, err = api.UI.ApproveNewAccount(&NewAccountRequest{MetadataFromContext(ctx)})
|
||||
resp, err := api.UI.OnInputRequired(UserInputRequest{
|
||||
"New account password",
|
||||
fmt.Sprintf("Please enter a password for the new account to be created (attempt %d of 3)", i),
|
||||
true})
|
||||
if err != nil {
|
||||
return common.Address{}, err
|
||||
log.Warn("error obtaining password", "attempt", i, "error", err)
|
||||
continue
|
||||
}
|
||||
if !resp.Approved {
|
||||
return common.Address{}, ErrRequestDenied
|
||||
}
|
||||
if pwErr := ValidatePasswordFormat(resp.Password); pwErr != nil {
|
||||
if pwErr := ValidatePasswordFormat(resp.Text); pwErr != nil {
|
||||
api.UI.ShowError(fmt.Sprintf("Account creation attempt #%d failed due to password requirements: %v", (i + 1), pwErr))
|
||||
} else {
|
||||
// No error
|
||||
acc, err := be[0].(*keystore.KeyStore).NewAccount(resp.Password)
|
||||
acc, err := be[0].(*keystore.KeyStore).NewAccount(resp.Text)
|
||||
return acc.Address, err
|
||||
}
|
||||
}
|
||||
@ -452,6 +433,24 @@ func logDiff(original *SignTxRequest, new *SignTxResponse) bool {
|
||||
return modified
|
||||
}
|
||||
|
||||
func (api *SignerAPI) lookupPassword(address common.Address) string {
|
||||
return api.credentials.Get(strings.ToLower(address.String()))
|
||||
}
|
||||
func (api *SignerAPI) lookupOrQueryPassword(address common.Address, title, prompt string) (string, error) {
|
||||
if pw := api.lookupPassword(address); pw != "" {
|
||||
return pw, nil
|
||||
} else {
|
||||
pwResp, err := api.UI.OnInputRequired(UserInputRequest{title, prompt, true})
|
||||
if err != nil {
|
||||
log.Warn("error obtaining password", "error", err)
|
||||
// We'll not forward the error here, in case the error contains info about the response from the UI,
|
||||
// which could leak the password if it was malformed json or something
|
||||
return "", errors.New("internal error")
|
||||
}
|
||||
return pwResp.Text, nil
|
||||
}
|
||||
}
|
||||
|
||||
// SignTransaction signs the given Transaction and returns it both as json and rlp-encoded form
|
||||
func (api *SignerAPI) SignTransaction(ctx context.Context, args SendTxArgs, methodSelector *string) (*ethapi.SignTransactionResult, error) {
|
||||
var (
|
||||
@ -495,9 +494,14 @@ func (api *SignerAPI) SignTransaction(ctx context.Context, args SendTxArgs, meth
|
||||
}
|
||||
// Convert fields into a real transaction
|
||||
var unsignedTx = result.Transaction.toTransaction()
|
||||
|
||||
// Get the password for the transaction
|
||||
pw, err := api.lookupOrQueryPassword(acc.Address, "Account password",
|
||||
fmt.Sprintf("Please enter the password for account %s", acc.Address.String()))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// The one to sign is the one that was returned from the UI
|
||||
signedTx, err := wallet.SignTxWithPassphrase(acc, result.Password, unsignedTx, api.chainID)
|
||||
signedTx, err := wallet.SignTxWithPassphrase(acc, pw, unsignedTx, api.chainID)
|
||||
if err != nil {
|
||||
api.UI.ShowError(err.Error())
|
||||
return nil, err
|
||||
|
||||
Reference in New Issue
Block a user