diff options
author | Dan Finlay <542863+danfinlay@users.noreply.github.com> | 2018-03-08 08:47:13 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-03-08 08:47:13 +0800 |
commit | f4e5dd37b172e954e40cd4683a92544393cb2983 (patch) | |
tree | 7c49fb2ec95befcec0c7254ce501f209ef6f1f73 /app | |
parent | ca047b1ea0bd6778fc3b0c05b86ff23d0964f98d (diff) | |
parent | 59007a6c36055f9197ad83ccb1741fa186b85f53 (diff) | |
download | tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.gz tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.bz2 tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.lz tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.xz tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.zst tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.zip |
Merge pull request #3409 from scsaba/seed-phrase-verification
Add seed phrase verification script into background process
Diffstat (limited to 'app')
-rw-r--r-- | app/scripts/lib/seed-phrase-verifier.js | 48 | ||||
-rw-r--r-- | app/scripts/metamask-controller.js | 53 |
2 files changed, 92 insertions, 9 deletions
diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js new file mode 100644 index 000000000..9cea22029 --- /dev/null +++ b/app/scripts/lib/seed-phrase-verifier.js @@ -0,0 +1,48 @@ +const KeyringController = require('eth-keyring-controller') + +const seedPhraseVerifier = { + + // Verifies if the seed words can restore the accounts. + // + // The seed words can recreate the primary keyring and the accounts belonging to it. + // The created accounts in the primary keyring are always the same. + // The keyring always creates the accounts in the same sequence. + verifyAccounts (createdAccounts, seedWords) { + + return new Promise((resolve, reject) => { + + if (!createdAccounts || createdAccounts.length < 1) { + return reject(new Error('No created accounts defined.')) + } + + const keyringController = new KeyringController({}) + const Keyring = keyringController.getKeyringClassForType('HD Key Tree') + const opts = { + mnemonic: seedWords, + numberOfAccounts: createdAccounts.length, + } + + const keyring = new Keyring(opts) + keyring.getAccounts() + .then((restoredAccounts) => { + + log.debug('Created accounts: ' + JSON.stringify(createdAccounts)) + log.debug('Restored accounts: ' + JSON.stringify(restoredAccounts)) + + if (restoredAccounts.length !== createdAccounts.length) { + // this should not happen... + return reject(new Error('Wrong number of accounts')) + } + + for (let i = 0; i < restoredAccounts.length; i++) { + if (restoredAccounts[i].toLowerCase() !== createdAccounts[i].toLowerCase()) { + return reject(new Error('Not identical accounts! Original: ' + createdAccounts[i] + ', Restored: ' + restoredAccounts[i])) + } + } + return resolve() + }) + }) + }, +} + +module.exports = seedPhraseVerifier diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index ad4e71792..0a5c1d36f 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -37,6 +37,7 @@ const version = require('../manifest.json').version const BN = require('ethereumjs-util').BN const GWEI_BN = new BN('1000000000') const percentile = require('percentile') +const seedPhraseVerifier = require('./lib/seed-phrase-verifier') module.exports = class MetamaskController extends EventEmitter { @@ -344,6 +345,7 @@ module.exports = class MetamaskController extends EventEmitter { // primary HD keyring management addNewAccount: nodeify(this.addNewAccount, this), placeSeedWords: this.placeSeedWords.bind(this), + verifySeedPhrase: nodeify(this.verifySeedPhrase, this), clearSeedWordCache: this.clearSeedWordCache.bind(this), resetAccount: this.resetAccount.bind(this), importAccountWithStrategy: this.importAccountWithStrategy.bind(this), @@ -565,14 +567,18 @@ module.exports = class MetamaskController extends EventEmitter { // Opinionated Keyring Management // - async addNewAccount (cb) { + async addNewAccount () { const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0] - if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found')) + if (!primaryKeyring) { + throw new Error('MetamaskController - No HD Key Tree found') + } const keyringController = this.keyringController const oldAccounts = await keyringController.getAccounts() const keyState = await keyringController.addNewAccount(primaryKeyring) const newAccounts = await keyringController.getAccounts() + await this.verifySeedPhrase() + newAccounts.forEach((address) => { if (!oldAccounts.includes(address)) { this.preferencesController.setSelectedAddress(address) @@ -587,14 +593,43 @@ module.exports = class MetamaskController extends EventEmitter { // Used when creating a first vault, to allow confirmation. // Also used when revealing the seed words in the confirmation view. placeSeedWords (cb) { + + this.verifySeedPhrase() + .then((seedWords) => { + this.configManager.setSeedWords(seedWords) + return cb(null, seedWords) + }) + .catch((err) => { + return cb(err) + }) + } + + // Verifies the current vault's seed words if they can restore the + // accounts belonging to the current vault. + // + // Called when the first account is created and on unlocking the vault. + async verifySeedPhrase () { + const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0] - if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found')) - primaryKeyring.serialize() - .then((serialized) => { - const seedWords = serialized.mnemonic - this.configManager.setSeedWords(seedWords) - cb(null, seedWords) - }) + if (!primaryKeyring) { + throw new Error('MetamaskController - No HD Key Tree found') + } + + const serialized = await primaryKeyring.serialize() + const seedWords = serialized.mnemonic + + const accounts = await primaryKeyring.getAccounts() + if (accounts.length < 1) { + throw new Error('MetamaskController - No accounts found') + } + + try { + await seedPhraseVerifier.verifyAccounts(accounts, seedWords) + return seedWords + } catch (err) { + log.error(err.message) + throw err + } } // ClearSeedWordCache |