aboutsummaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
authorDan Finlay <542863+danfinlay@users.noreply.github.com>2018-03-08 08:47:13 +0800
committerGitHub <noreply@github.com>2018-03-08 08:47:13 +0800
commitf4e5dd37b172e954e40cd4683a92544393cb2983 (patch)
tree7c49fb2ec95befcec0c7254ce501f209ef6f1f73 /app
parentca047b1ea0bd6778fc3b0c05b86ff23d0964f98d (diff)
parent59007a6c36055f9197ad83ccb1741fa186b85f53 (diff)
downloadtangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar
tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.gz
tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.bz2
tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.lz
tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.xz
tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.tar.zst
tangerine-wallet-browser-f4e5dd37b172e954e40cd4683a92544393cb2983.zip
Merge pull request #3409 from scsaba/seed-phrase-verification
Add seed phrase verification script into background process
Diffstat (limited to 'app')
-rw-r--r--app/scripts/lib/seed-phrase-verifier.js48
-rw-r--r--app/scripts/metamask-controller.js53
2 files changed, 92 insertions, 9 deletions
diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js
new file mode 100644
index 000000000..9cea22029
--- /dev/null
+++ b/app/scripts/lib/seed-phrase-verifier.js
@@ -0,0 +1,48 @@
+const KeyringController = require('eth-keyring-controller')
+
+const seedPhraseVerifier = {
+
+ // Verifies if the seed words can restore the accounts.
+ //
+ // The seed words can recreate the primary keyring and the accounts belonging to it.
+ // The created accounts in the primary keyring are always the same.
+ // The keyring always creates the accounts in the same sequence.
+ verifyAccounts (createdAccounts, seedWords) {
+
+ return new Promise((resolve, reject) => {
+
+ if (!createdAccounts || createdAccounts.length < 1) {
+ return reject(new Error('No created accounts defined.'))
+ }
+
+ const keyringController = new KeyringController({})
+ const Keyring = keyringController.getKeyringClassForType('HD Key Tree')
+ const opts = {
+ mnemonic: seedWords,
+ numberOfAccounts: createdAccounts.length,
+ }
+
+ const keyring = new Keyring(opts)
+ keyring.getAccounts()
+ .then((restoredAccounts) => {
+
+ log.debug('Created accounts: ' + JSON.stringify(createdAccounts))
+ log.debug('Restored accounts: ' + JSON.stringify(restoredAccounts))
+
+ if (restoredAccounts.length !== createdAccounts.length) {
+ // this should not happen...
+ return reject(new Error('Wrong number of accounts'))
+ }
+
+ for (let i = 0; i < restoredAccounts.length; i++) {
+ if (restoredAccounts[i].toLowerCase() !== createdAccounts[i].toLowerCase()) {
+ return reject(new Error('Not identical accounts! Original: ' + createdAccounts[i] + ', Restored: ' + restoredAccounts[i]))
+ }
+ }
+ return resolve()
+ })
+ })
+ },
+}
+
+module.exports = seedPhraseVerifier
diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js
index ad4e71792..0a5c1d36f 100644
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@@ -37,6 +37,7 @@ const version = require('../manifest.json').version
const BN = require('ethereumjs-util').BN
const GWEI_BN = new BN('1000000000')
const percentile = require('percentile')
+const seedPhraseVerifier = require('./lib/seed-phrase-verifier')
module.exports = class MetamaskController extends EventEmitter {
@@ -344,6 +345,7 @@ module.exports = class MetamaskController extends EventEmitter {
// primary HD keyring management
addNewAccount: nodeify(this.addNewAccount, this),
placeSeedWords: this.placeSeedWords.bind(this),
+ verifySeedPhrase: nodeify(this.verifySeedPhrase, this),
clearSeedWordCache: this.clearSeedWordCache.bind(this),
resetAccount: this.resetAccount.bind(this),
importAccountWithStrategy: this.importAccountWithStrategy.bind(this),
@@ -565,14 +567,18 @@ module.exports = class MetamaskController extends EventEmitter {
// Opinionated Keyring Management
//
- async addNewAccount (cb) {
+ async addNewAccount () {
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
- if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found'))
+ if (!primaryKeyring) {
+ throw new Error('MetamaskController - No HD Key Tree found')
+ }
const keyringController = this.keyringController
const oldAccounts = await keyringController.getAccounts()
const keyState = await keyringController.addNewAccount(primaryKeyring)
const newAccounts = await keyringController.getAccounts()
+ await this.verifySeedPhrase()
+
newAccounts.forEach((address) => {
if (!oldAccounts.includes(address)) {
this.preferencesController.setSelectedAddress(address)
@@ -587,14 +593,43 @@ module.exports = class MetamaskController extends EventEmitter {
// Used when creating a first vault, to allow confirmation.
// Also used when revealing the seed words in the confirmation view.
placeSeedWords (cb) {
+
+ this.verifySeedPhrase()
+ .then((seedWords) => {
+ this.configManager.setSeedWords(seedWords)
+ return cb(null, seedWords)
+ })
+ .catch((err) => {
+ return cb(err)
+ })
+ }
+
+ // Verifies the current vault's seed words if they can restore the
+ // accounts belonging to the current vault.
+ //
+ // Called when the first account is created and on unlocking the vault.
+ async verifySeedPhrase () {
+
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
- if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found'))
- primaryKeyring.serialize()
- .then((serialized) => {
- const seedWords = serialized.mnemonic
- this.configManager.setSeedWords(seedWords)
- cb(null, seedWords)
- })
+ if (!primaryKeyring) {
+ throw new Error('MetamaskController - No HD Key Tree found')
+ }
+
+ const serialized = await primaryKeyring.serialize()
+ const seedWords = serialized.mnemonic
+
+ const accounts = await primaryKeyring.getAccounts()
+ if (accounts.length < 1) {
+ throw new Error('MetamaskController - No accounts found')
+ }
+
+ try {
+ await seedPhraseVerifier.verifyAccounts(accounts, seedWords)
+ return seedWords
+ } catch (err) {
+ log.error(err.message)
+ throw err
+ }
}
// ClearSeedWordCache