Skip to content

Commit

Permalink
enabled hotkey password prompt and integration
Browse files Browse the repository at this point in the history
  • Loading branch information
kevinssgh committed Jan 15, 2024
1 parent 617804e commit 1cd3185
Show file tree
Hide file tree
Showing 9 changed files with 34 additions and 53 deletions.
5 changes: 4 additions & 1 deletion cmd/zetaclientd/keygen_tss.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@ func GenerateTss(logger zerolog.Logger,
priKey secp256k1.PrivKey,
ts *mc.TelemetryServer,
tssHistoricalList []observertypes.TSS,
metrics *metrics.Metrics, tssPassword string) (*mc.TSS, error) {
metrics *metrics.Metrics,
tssPassword string,
hotkeyPassword string) (*mc.TSS, error) {
keygenLogger := logger.With().Str("module", "keygen").Logger()

// Bitcoin chain ID is currently used for using the correct signature format
Expand All @@ -48,6 +50,7 @@ func GenerateTss(logger zerolog.Logger,
metrics,
bitcoinChainID,
tssPassword,
hotkeyPassword,
)
if err != nil {
keygenLogger.Error().Err(err).Msg("NewTSS error")
Expand Down
16 changes: 8 additions & 8 deletions cmd/zetaclientd/start.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ func start(_ *cobra.Command, _ []string) error {

// CreateZetaBridge: Zetabridge is used for all communication to zetacore , which this client connects to.
// Zetacore accumulates votes , and provides a centralized source of truth for all clients
zetaBridge, err := CreateZetaBridge(cfg, telemetryServer)
zetaBridge, err := CreateZetaBridge(cfg, telemetryServer, hotkeyPass)
if err != nil {
panic(err)
}
Expand Down Expand Up @@ -167,7 +167,7 @@ func start(_ *cobra.Command, _ []string) error {
}

telemetryServer.SetIPAddress(cfg.PublicIP)
tss, err := GenerateTss(masterLogger, cfg, zetaBridge, peers, priKey, telemetryServer, tssHistoricalList, metrics, tssKeyPass)
tss, err := GenerateTss(masterLogger, cfg, zetaBridge, peers, priKey, telemetryServer, tssHistoricalList, metrics, tssKeyPass, hotkeyPass)
if err != nil {
return err
}
Expand Down Expand Up @@ -319,11 +319,11 @@ func initPreParams(path string) {

func promptPasswords() (string, string, error) {
reader := bufio.NewReader(os.Stdin)
//fmt.Print("HotKey Password: ")
//hotKeyPass, err := reader.ReadString('\n')
//if err != nil {
// return "", "", err
//}
fmt.Print("HotKey Password: ")
hotKeyPass, err := reader.ReadString('\n')
if err != nil {
return "", "", err
}
fmt.Print("TSS Password: ")
TSSKeyPass, err := reader.ReadString('\n')
if err != nil {
Expand All @@ -334,5 +334,5 @@ func promptPasswords() (string, string, error) {
return "", "", errors.New("hotkey and tss passwords are required to start zetaclient")
}

return "", TSSKeyPass, err
return hotKeyPass, TSSKeyPass, err
}
6 changes: 3 additions & 3 deletions cmd/zetaclientd/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,15 @@ func CreateAuthzSigner(granter string, grantee sdk.AccAddress) {
zetaclient.SetupAuthZSignerList(granter, grantee)
}

func CreateZetaBridge(cfg *config.Config, telemetry *zetaclient.TelemetryServer) (*zetaclient.ZetaCoreBridge, error) {
func CreateZetaBridge(cfg *config.Config, telemetry *zetaclient.TelemetryServer, hotkeyPassword string) (*zetaclient.ZetaCoreBridge, error) {
hotKey := cfg.AuthzHotkey
if cfg.HsmMode {
hotKey = cfg.HsmHotKey
}

chainIP := cfg.ZetaCoreURL

kb, _, err := zetaclient.GetKeyringKeybase(cfg)
kb, _, err := zetaclient.GetKeyringKeybase(cfg, hotkeyPassword)
if err != nil {
return nil, err
}
Expand All @@ -33,7 +33,7 @@ func CreateZetaBridge(cfg *config.Config, telemetry *zetaclient.TelemetryServer)
return nil, err
}

k := zetaclient.NewKeysWithKeybase(kb, granterAddreess, cfg.AuthzHotkey)
k := zetaclient.NewKeysWithKeybase(kb, granterAddreess, cfg.AuthzHotkey, hotkeyPassword)

bridge, err := zetaclient.NewZetaCoreBridge(k, chainIP, hotKey, cfg.ChainID, cfg.HsmMode, telemetry)
if err != nil {
Expand Down
2 changes: 2 additions & 0 deletions contrib/localnet/scripts/password.file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
password
pass2
4 changes: 2 additions & 2 deletions contrib/localnet/scripts/start-zetaclientd-genesis.sh
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ then
rm ~/.tss/*
MYIP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
zetaclientd init --zetacore-url zetacore0 --chain-id athens_101-1 --operator "$operatorAddress" --log-format=text --public-ip "$MYIP" --keyring-backend "$BACKEND"
echo "tsspass" | zetaclientd start
zetaclientd start < /root/password.file
else
num=$(echo $HOSTNAME | tr -dc '0-9')
node="zetacore$num"
Expand All @@ -37,5 +37,5 @@ else
done
rm ~/.tss/*
zetaclientd init --peer /ip4/172.20.0.21/tcp/6668/p2p/"$SEED" --zetacore-url "$node" --chain-id athens_101-1 --operator "$operatorAddress" --log-format=text --public-ip "$MYIP" --log-level 0 --keyring-backend "$BACKEND"
echo "tsspass" | zetaclientd start
zetaclientd start < /root/password.file
fi
5 changes: 1 addition & 4 deletions zetaclient/broadcast.go
Original file line number Diff line number Diff line change
Expand Up @@ -135,10 +135,7 @@ func (b *ZetaCoreBridge) GetContext() (client.Context, error) {
}

// if password is needed, set it as input
password, err := b.keys.GetHotkeyPassword()
if err != nil {
return ctx, err
}
password := b.keys.GetHotkeyPassword()
if password != "" {
ctx = ctx.WithInput(strings.NewReader(fmt.Sprintf("%[1]s\n%[1]s\n", password)))
}
Expand Down
40 changes: 9 additions & 31 deletions zetaclient/keys.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ package zetaclient

import (
"bytes"
"errors"
"fmt"
"io"
"os"
Expand All @@ -20,22 +19,21 @@ import (
"github.com/zeta-chain/zetacore/zetaclient/config"
)

// HotkeyPasswordEnvVar is the environment variable used to retrieve the password for the hotkey
const HotkeyPasswordEnvVar = "HOTKEY_PASSWORD"

// Keys manages all the keys used by zeta client
type Keys struct {
signerName string
kb ckeys.Keyring
OperatorAddress sdk.AccAddress
hotkeyPassword string
}

// NewKeysWithKeybase create a new instance of Keys
func NewKeysWithKeybase(kb ckeys.Keyring, granterAddress sdk.AccAddress, granteeName string) *Keys {
func NewKeysWithKeybase(kb ckeys.Keyring, granterAddress sdk.AccAddress, granteeName string, hotkeyPassword string) *Keys {
return &Keys{
signerName: granteeName,
kb: kb,
OperatorAddress: granterAddress,
hotkeyPassword: hotkeyPassword,
}
}

Expand All @@ -44,7 +42,7 @@ func GetGranteeKeyName(signerName string) string {
}

// GetKeyringKeybase return keyring and key info
func GetKeyringKeybase(cfg *config.Config) (ckeys.Keyring, string, error) {
func GetKeyringKeybase(cfg *config.Config, hotkeyPassword string) (ckeys.Keyring, string, error) {
granteeName := cfg.AuthzHotkey
chainHomeFolder := cfg.ZetaCoreHome
logger := log.Logger.With().Str("module", "GetKeyringKeybase").Logger()
Expand All @@ -55,13 +53,9 @@ func GetKeyringKeybase(cfg *config.Config) (ckeys.Keyring, string, error) {
// read password from env if using keyring backend file
buf := bytes.NewBufferString("")
if cfg.KeyringBackend == config.KeyringBackendFile {
password, err := getHotkeyPassword()
if err != nil {
return nil, "", err
}
buf.WriteString(password)
buf.WriteString(hotkeyPassword)
buf.WriteByte('\n') // the library used by keyring is using ReadLine , which expect a new line
buf.WriteString(password)
buf.WriteString(hotkeyPassword)
buf.WriteByte('\n')
}

Expand Down Expand Up @@ -180,25 +174,9 @@ func (k *Keys) GetPubKeySet(password string) (common.PubKeySet, error) {

// GetHotkeyPassword returns the password to be used
// returns empty if no password is needed
func (k *Keys) GetHotkeyPassword() (string, error) {
func (k *Keys) GetHotkeyPassword() string {
if k.GetKeybase().Backend() == ckeys.BackendFile {
return getHotkeyPassword()
}
return "", nil
}

// getHotkeyPassword retrieves the HOTKEY_PASSWORD environment variable
// and returns an error if it's not defined or shorter than 8 characters.
func getHotkeyPassword() (string, error) {
password := os.Getenv(HotkeyPasswordEnvVar)

if password == "" {
return "", errors.New("HOTKEY_PASSWORD environment variable is not defined, use --keyring-backend-test to use the test keyring")
}

if len(password) < 8 {
return "", errors.New("HOTKEY_PASSWORD should be at least 8 characters long")
return k.hotkeyPassword
}

return password, nil
return ""
}
6 changes: 3 additions & 3 deletions zetaclient/keys_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ func (ks *KeysSuite) TestGetKeyringKeybase(c *C) {
AuthzHotkey: "bob",
ZetaCoreHome: "/Users/test/.zetacored/",
}
_, _, err := GetKeyringKeybase(cfg)
_, _, err := GetKeyringKeybase(cfg, "")
c.Assert(err, NotNil)
}

Expand All @@ -101,11 +101,11 @@ func (ks *KeysSuite) TestNewKeys(c *C) {
ZetaCoreHome: folder,
}

k, _, err := GetKeyringKeybase(cfg)
k, _, err := GetKeyringKeybase(cfg, "")
c.Assert(err, IsNil)
c.Assert(k, NotNil)
granter := cosmos.AccAddress(crypto.AddressHash([]byte("granter")))
ki := NewKeysWithKeybase(k, granter, signerNameForTest)
ki := NewKeysWithKeybase(k, granter, signerNameForTest, "")
kInfo := ki.GetSignerInfo()
c.Assert(kInfo, NotNil)
//c.Assert(kInfo.G, Equals, signerNameForTest)
Expand Down
3 changes: 2 additions & 1 deletion zetaclient/tss_signer.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ func NewTSS(
metrics *metrics.Metrics,
bitcoinChainID int64,
tssPassword string,
hotkeyPassword string,
) (*TSS, error) {
server, err := SetupTSSServer(peer, privkey, preParams, cfg, tssPassword)
if err != nil {
Expand All @@ -102,7 +103,7 @@ func NewTSS(
if err != nil {
return nil, err
}
_, pubkeyInBech32, err := GetKeyringKeybase(cfg)
_, pubkeyInBech32, err := GetKeyringKeybase(cfg, hotkeyPassword)
if err != nil {
return nil, err
}
Expand Down

0 comments on commit 1cd3185

Please sign in to comment.