From 1cd31859150edd12b6b8c76678c6d1f1ba3a8ff9 Mon Sep 17 00:00:00 2001 From: kevinssgh Date: Mon, 15 Jan 2024 15:14:20 -0500 Subject: [PATCH] enabled hotkey password prompt and integration --- cmd/zetaclientd/keygen_tss.go | 5 ++- cmd/zetaclientd/start.go | 16 ++++---- cmd/zetaclientd/utils.go | 6 +-- contrib/localnet/scripts/password.file | 2 + .../scripts/start-zetaclientd-genesis.sh | 4 +- zetaclient/broadcast.go | 5 +-- zetaclient/keys.go | 40 +++++-------------- zetaclient/keys_test.go | 6 +-- zetaclient/tss_signer.go | 3 +- 9 files changed, 34 insertions(+), 53 deletions(-) create mode 100644 contrib/localnet/scripts/password.file diff --git a/cmd/zetaclientd/keygen_tss.go b/cmd/zetaclientd/keygen_tss.go index b5594d379b..1c77086f59 100644 --- a/cmd/zetaclientd/keygen_tss.go +++ b/cmd/zetaclientd/keygen_tss.go @@ -27,7 +27,9 @@ func GenerateTss(logger zerolog.Logger, priKey secp256k1.PrivKey, ts *mc.TelemetryServer, tssHistoricalList []observertypes.TSS, - metrics *metrics.Metrics, tssPassword string) (*mc.TSS, error) { + metrics *metrics.Metrics, + tssPassword string, + hotkeyPassword string) (*mc.TSS, error) { keygenLogger := logger.With().Str("module", "keygen").Logger() // Bitcoin chain ID is currently used for using the correct signature format @@ -48,6 +50,7 @@ func GenerateTss(logger zerolog.Logger, metrics, bitcoinChainID, tssPassword, + hotkeyPassword, ) if err != nil { keygenLogger.Error().Err(err).Msg("NewTSS error") diff --git a/cmd/zetaclientd/start.go b/cmd/zetaclientd/start.go index 9f43837eb3..98827d6e62 100644 --- a/cmd/zetaclientd/start.go +++ b/cmd/zetaclientd/start.go @@ -84,7 +84,7 @@ func start(_ *cobra.Command, _ []string) error { // CreateZetaBridge: Zetabridge is used for all communication to zetacore , which this client connects to. // Zetacore accumulates votes , and provides a centralized source of truth for all clients - zetaBridge, err := CreateZetaBridge(cfg, telemetryServer) + zetaBridge, err := CreateZetaBridge(cfg, telemetryServer, hotkeyPass) if err != nil { panic(err) } @@ -167,7 +167,7 @@ func start(_ *cobra.Command, _ []string) error { } telemetryServer.SetIPAddress(cfg.PublicIP) - tss, err := GenerateTss(masterLogger, cfg, zetaBridge, peers, priKey, telemetryServer, tssHistoricalList, metrics, tssKeyPass) + tss, err := GenerateTss(masterLogger, cfg, zetaBridge, peers, priKey, telemetryServer, tssHistoricalList, metrics, tssKeyPass, hotkeyPass) if err != nil { return err } @@ -319,11 +319,11 @@ func initPreParams(path string) { func promptPasswords() (string, string, error) { reader := bufio.NewReader(os.Stdin) - //fmt.Print("HotKey Password: ") - //hotKeyPass, err := reader.ReadString('\n') - //if err != nil { - // return "", "", err - //} + fmt.Print("HotKey Password: ") + hotKeyPass, err := reader.ReadString('\n') + if err != nil { + return "", "", err + } fmt.Print("TSS Password: ") TSSKeyPass, err := reader.ReadString('\n') if err != nil { @@ -334,5 +334,5 @@ func promptPasswords() (string, string, error) { return "", "", errors.New("hotkey and tss passwords are required to start zetaclient") } - return "", TSSKeyPass, err + return hotKeyPass, TSSKeyPass, err } diff --git a/cmd/zetaclientd/utils.go b/cmd/zetaclientd/utils.go index 9b17b1ef80..c1a4dfa069 100644 --- a/cmd/zetaclientd/utils.go +++ b/cmd/zetaclientd/utils.go @@ -15,7 +15,7 @@ func CreateAuthzSigner(granter string, grantee sdk.AccAddress) { zetaclient.SetupAuthZSignerList(granter, grantee) } -func CreateZetaBridge(cfg *config.Config, telemetry *zetaclient.TelemetryServer) (*zetaclient.ZetaCoreBridge, error) { +func CreateZetaBridge(cfg *config.Config, telemetry *zetaclient.TelemetryServer, hotkeyPassword string) (*zetaclient.ZetaCoreBridge, error) { hotKey := cfg.AuthzHotkey if cfg.HsmMode { hotKey = cfg.HsmHotKey @@ -23,7 +23,7 @@ func CreateZetaBridge(cfg *config.Config, telemetry *zetaclient.TelemetryServer) chainIP := cfg.ZetaCoreURL - kb, _, err := zetaclient.GetKeyringKeybase(cfg) + kb, _, err := zetaclient.GetKeyringKeybase(cfg, hotkeyPassword) if err != nil { return nil, err } @@ -33,7 +33,7 @@ func CreateZetaBridge(cfg *config.Config, telemetry *zetaclient.TelemetryServer) return nil, err } - k := zetaclient.NewKeysWithKeybase(kb, granterAddreess, cfg.AuthzHotkey) + k := zetaclient.NewKeysWithKeybase(kb, granterAddreess, cfg.AuthzHotkey, hotkeyPassword) bridge, err := zetaclient.NewZetaCoreBridge(k, chainIP, hotKey, cfg.ChainID, cfg.HsmMode, telemetry) if err != nil { diff --git a/contrib/localnet/scripts/password.file b/contrib/localnet/scripts/password.file new file mode 100644 index 0000000000..96b3814661 --- /dev/null +++ b/contrib/localnet/scripts/password.file @@ -0,0 +1,2 @@ +password +pass2 diff --git a/contrib/localnet/scripts/start-zetaclientd-genesis.sh b/contrib/localnet/scripts/start-zetaclientd-genesis.sh index 5d9fec112e..1cca789894 100755 --- a/contrib/localnet/scripts/start-zetaclientd-genesis.sh +++ b/contrib/localnet/scripts/start-zetaclientd-genesis.sh @@ -25,7 +25,7 @@ then rm ~/.tss/* MYIP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) zetaclientd init --zetacore-url zetacore0 --chain-id athens_101-1 --operator "$operatorAddress" --log-format=text --public-ip "$MYIP" --keyring-backend "$BACKEND" - echo "tsspass" | zetaclientd start + zetaclientd start < /root/password.file else num=$(echo $HOSTNAME | tr -dc '0-9') node="zetacore$num" @@ -37,5 +37,5 @@ else done rm ~/.tss/* zetaclientd init --peer /ip4/172.20.0.21/tcp/6668/p2p/"$SEED" --zetacore-url "$node" --chain-id athens_101-1 --operator "$operatorAddress" --log-format=text --public-ip "$MYIP" --log-level 0 --keyring-backend "$BACKEND" - echo "tsspass" | zetaclientd start + zetaclientd start < /root/password.file fi diff --git a/zetaclient/broadcast.go b/zetaclient/broadcast.go index f9faf1d9a2..5b07ea08b3 100644 --- a/zetaclient/broadcast.go +++ b/zetaclient/broadcast.go @@ -135,10 +135,7 @@ func (b *ZetaCoreBridge) GetContext() (client.Context, error) { } // if password is needed, set it as input - password, err := b.keys.GetHotkeyPassword() - if err != nil { - return ctx, err - } + password := b.keys.GetHotkeyPassword() if password != "" { ctx = ctx.WithInput(strings.NewReader(fmt.Sprintf("%[1]s\n%[1]s\n", password))) } diff --git a/zetaclient/keys.go b/zetaclient/keys.go index 07927aac8f..77f424eac7 100644 --- a/zetaclient/keys.go +++ b/zetaclient/keys.go @@ -2,7 +2,6 @@ package zetaclient import ( "bytes" - "errors" "fmt" "io" "os" @@ -20,22 +19,21 @@ import ( "github.com/zeta-chain/zetacore/zetaclient/config" ) -// HotkeyPasswordEnvVar is the environment variable used to retrieve the password for the hotkey -const HotkeyPasswordEnvVar = "HOTKEY_PASSWORD" - // Keys manages all the keys used by zeta client type Keys struct { signerName string kb ckeys.Keyring OperatorAddress sdk.AccAddress + hotkeyPassword string } // NewKeysWithKeybase create a new instance of Keys -func NewKeysWithKeybase(kb ckeys.Keyring, granterAddress sdk.AccAddress, granteeName string) *Keys { +func NewKeysWithKeybase(kb ckeys.Keyring, granterAddress sdk.AccAddress, granteeName string, hotkeyPassword string) *Keys { return &Keys{ signerName: granteeName, kb: kb, OperatorAddress: granterAddress, + hotkeyPassword: hotkeyPassword, } } @@ -44,7 +42,7 @@ func GetGranteeKeyName(signerName string) string { } // GetKeyringKeybase return keyring and key info -func GetKeyringKeybase(cfg *config.Config) (ckeys.Keyring, string, error) { +func GetKeyringKeybase(cfg *config.Config, hotkeyPassword string) (ckeys.Keyring, string, error) { granteeName := cfg.AuthzHotkey chainHomeFolder := cfg.ZetaCoreHome logger := log.Logger.With().Str("module", "GetKeyringKeybase").Logger() @@ -55,13 +53,9 @@ func GetKeyringKeybase(cfg *config.Config) (ckeys.Keyring, string, error) { // read password from env if using keyring backend file buf := bytes.NewBufferString("") if cfg.KeyringBackend == config.KeyringBackendFile { - password, err := getHotkeyPassword() - if err != nil { - return nil, "", err - } - buf.WriteString(password) + buf.WriteString(hotkeyPassword) buf.WriteByte('\n') // the library used by keyring is using ReadLine , which expect a new line - buf.WriteString(password) + buf.WriteString(hotkeyPassword) buf.WriteByte('\n') } @@ -180,25 +174,9 @@ func (k *Keys) GetPubKeySet(password string) (common.PubKeySet, error) { // GetHotkeyPassword returns the password to be used // returns empty if no password is needed -func (k *Keys) GetHotkeyPassword() (string, error) { +func (k *Keys) GetHotkeyPassword() string { if k.GetKeybase().Backend() == ckeys.BackendFile { - return getHotkeyPassword() - } - return "", nil -} - -// getHotkeyPassword retrieves the HOTKEY_PASSWORD environment variable -// and returns an error if it's not defined or shorter than 8 characters. -func getHotkeyPassword() (string, error) { - password := os.Getenv(HotkeyPasswordEnvVar) - - if password == "" { - return "", errors.New("HOTKEY_PASSWORD environment variable is not defined, use --keyring-backend-test to use the test keyring") - } - - if len(password) < 8 { - return "", errors.New("HOTKEY_PASSWORD should be at least 8 characters long") + return k.hotkeyPassword } - - return password, nil + return "" } diff --git a/zetaclient/keys_test.go b/zetaclient/keys_test.go index 8740e5995c..74bb9b970b 100644 --- a/zetaclient/keys_test.go +++ b/zetaclient/keys_test.go @@ -80,7 +80,7 @@ func (ks *KeysSuite) TestGetKeyringKeybase(c *C) { AuthzHotkey: "bob", ZetaCoreHome: "/Users/test/.zetacored/", } - _, _, err := GetKeyringKeybase(cfg) + _, _, err := GetKeyringKeybase(cfg, "") c.Assert(err, NotNil) } @@ -101,11 +101,11 @@ func (ks *KeysSuite) TestNewKeys(c *C) { ZetaCoreHome: folder, } - k, _, err := GetKeyringKeybase(cfg) + k, _, err := GetKeyringKeybase(cfg, "") c.Assert(err, IsNil) c.Assert(k, NotNil) granter := cosmos.AccAddress(crypto.AddressHash([]byte("granter"))) - ki := NewKeysWithKeybase(k, granter, signerNameForTest) + ki := NewKeysWithKeybase(k, granter, signerNameForTest, "") kInfo := ki.GetSignerInfo() c.Assert(kInfo, NotNil) //c.Assert(kInfo.G, Equals, signerNameForTest) diff --git a/zetaclient/tss_signer.go b/zetaclient/tss_signer.go index 1f63fbe47a..237faf496a 100644 --- a/zetaclient/tss_signer.go +++ b/zetaclient/tss_signer.go @@ -84,6 +84,7 @@ func NewTSS( metrics *metrics.Metrics, bitcoinChainID int64, tssPassword string, + hotkeyPassword string, ) (*TSS, error) { server, err := SetupTSSServer(peer, privkey, preParams, cfg, tssPassword) if err != nil { @@ -102,7 +103,7 @@ func NewTSS( if err != nil { return nil, err } - _, pubkeyInBech32, err := GetKeyringKeybase(cfg) + _, pubkeyInBech32, err := GetKeyringKeybase(cfg, hotkeyPassword) if err != nil { return nil, err }