aboutsummaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
authorDan Finlay <dan@danfinlay.com>2016-09-10 10:42:18 +0800
committerDan Finlay <dan@danfinlay.com>2016-09-10 10:42:18 +0800
commit36dc63bc048e62b5ef0d1b0385e530afdad3fefa (patch)
tree27f882027551792a05c2aa7be992a806e6d38255 /app
parent153b6b73d8244e3e30d25784ad9ef937048e2d1b (diff)
downloadtangerine-wallet-browser-36dc63bc048e62b5ef0d1b0385e530afdad3fefa.tar
tangerine-wallet-browser-36dc63bc048e62b5ef0d1b0385e530afdad3fefa.tar.gz
tangerine-wallet-browser-36dc63bc048e62b5ef0d1b0385e530afdad3fefa.tar.bz2
tangerine-wallet-browser-36dc63bc048e62b5ef0d1b0385e530afdad3fefa.tar.lz
tangerine-wallet-browser-36dc63bc048e62b5ef0d1b0385e530afdad3fefa.tar.xz
tangerine-wallet-browser-36dc63bc048e62b5ef0d1b0385e530afdad3fefa.tar.zst
tangerine-wallet-browser-36dc63bc048e62b5ef0d1b0385e530afdad3fefa.zip
Add new eth-lightwallet salting to vault.
eth-lightwallet was previously not salting vault passwords, potentially making it easier to crack them once obtained. This branch incorporates the API changes to allow us to take advantage of the new salting logic. This is still throwing deprecation warnings, but that's actually a bug in eth-lightwallet I wrote, [I've submitted a PR for that here](https://github.com/ConsenSys/eth-lightwallet/pull/116). Fixes #555
Diffstat (limited to 'app')
-rw-r--r--app/scripts/lib/idStore.js100
1 files changed, 43 insertions, 57 deletions
diff --git a/app/scripts/lib/idStore.js b/app/scripts/lib/idStore.js
index 26aa02ef7..9f4961b0b 100644
--- a/app/scripts/lib/idStore.js
+++ b/app/scripts/lib/idStore.js
@@ -3,7 +3,7 @@ const inherits = require('util').inherits
const async = require('async')
const ethUtil = require('ethereumjs-util')
const EthQuery = require('eth-query')
-const LightwalletKeyStore = require('eth-lightwallet').keystore
+const KeyStore = require('eth-lightwallet').keystore
const clone = require('clone')
const extend = require('xtend')
const createId = require('web3-provider-engine/util/random-id')
@@ -50,15 +50,15 @@ IdentityStore.prototype.createNewVault = function (password, entropy, cb) {
if (serializedKeystore) {
this.configManager.setData({})
}
+
this._createIdmgmt(password, null, entropy, (err) => {
if (err) return cb(err)
- this._loadIdentities()
- this._didUpdate()
this._autoFaucet()
this.configManager.setShowSeedWords(true)
var seedWords = this._idmgmt.getSeed()
+
cb(null, seedWords)
})
}
@@ -143,6 +143,7 @@ IdentityStore.prototype.revealAccount = function (cb) {
keyStore.setDefaultHdDerivationPath(this.hdPathString)
keyStore.generateNewAddress(derivedKey, 1)
+
configManager.setWallet(keyStore.serialize())
this._loadIdentities()
@@ -436,72 +437,57 @@ IdentityStore.prototype._mayBeFauceting = function (i) {
//
IdentityStore.prototype.tryPassword = function (password, cb) {
- this._createIdmgmt(password, null, null, cb)
-}
-
-IdentityStore.prototype._createIdmgmt = function (password, seed, entropy, cb) {
- const configManager = this.configManager
+ var serializedKeystore = this.configManager.getWallet()
+ var keyStore = KeyStore.deserialize(serializedKeystore)
- var keyStore = null
- LightwalletKeyStore.deriveKeyFromPassword(password, (err, derivedKey) => {
+ keyStore.keyFromPassword(password, (err, pwDerivedKey) => {
if (err) return cb(err)
- var serializedKeystore = configManager.getWallet()
-
- if (seed) {
- try {
- keyStore = this._restoreFromSeed(password, seed, derivedKey)
- } catch (e) {
- return cb(e)
- }
-
- // returning user, recovering from storage
- } else if (serializedKeystore) {
- keyStore = LightwalletKeyStore.deserialize(serializedKeystore)
- var isCorrect = keyStore.isDerivedKeyCorrect(derivedKey)
- if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))
-
- // first time here
- } else {
- keyStore = this._createFirstWallet(entropy, derivedKey)
- }
- this._keyStore = keyStore
- this._idmgmt = new IdManagement({
- keyStore: keyStore,
- derivedKey: derivedKey,
- hdPathSTring: this.hdPathString,
- configManager: this.configManager,
- })
+ const isCorrect = keyStore.isDerivedKeyCorrect(pwDerivedKey)
+ if (!isCorrect) return cb(new Error('Lightwallet - password incorrect'))
cb()
})
}
-IdentityStore.prototype._restoreFromSeed = function (password, seed, derivedKey) {
- const configManager = this.configManager
- var keyStore = new LightwalletKeyStore(seed, derivedKey, this.hdPathString)
- keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
- keyStore.setDefaultHdDerivationPath(this.hdPathString)
-
- keyStore.generateNewAddress(derivedKey, 1)
- configManager.setWallet(keyStore.serialize())
- if (global.METAMASK_DEBUG) {
- console.log('restored from seed. saved to keystore')
+IdentityStore.prototype._createIdmgmt = function (password, seedPhrase, entropy, cb) {
+ const opts = { password }
+ if (seedPhrase) {
+ opts.seedPhrase = seedPhrase
}
- return keyStore
+
+ KeyStore.createVault(opts, (err, keyStore) => {
+ if (err) return cb(err)
+
+ this._keyStore = keyStore
+
+ keyStore.keyFromPassword(password, (err, derivedKey) => {
+ if (err) return cb(err)
+
+ keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
+
+ this._createFirstWallet(derivedKey)
+
+ this._idmgmt = new IdManagement({
+ keyStore: keyStore,
+ derivedKey: derivedKey,
+ configManager: this.configManager,
+ })
+
+ cb()
+ this._loadIdentities()
+ this._didUpdate()
+ })
+ })
}
-IdentityStore.prototype._createFirstWallet = function (entropy, derivedKey) {
- const configManager = this.configManager
- var secretSeed = LightwalletKeyStore.generateRandomSeed(entropy)
- var keyStore = new LightwalletKeyStore(secretSeed, derivedKey, this.hdPathString)
- keyStore.addHdDerivationPath(this.hdPathString, derivedKey, {curve: 'secp256k1', purpose: 'sign'})
+IdentityStore.prototype._createFirstWallet = function (derivedKey) {
+ const keyStore = this._keyStore
keyStore.setDefaultHdDerivationPath(this.hdPathString)
-
- keyStore.generateNewAddress(derivedKey, 1)
- configManager.setWallet(keyStore.serialize())
- console.log('saved to keystore')
- return keyStore
+ keyStore.generateNewAddress(derivedKey)
+ var addresses = keyStore.getAddresses()
+ this._ethStore.addAccount(addresses[0])
+ this.configManager.setWallet(keyStore.serialize())
}
// get addresses and normalize address hexString