diff --git a/cmd/zetaclientd/encrypt_tss.go b/cmd/zetaclientd/encrypt_tss.go new file mode 100644 index 0000000000..6bab6f7bf9 --- /dev/null +++ b/cmd/zetaclientd/encrypt_tss.go @@ -0,0 +1,70 @@ +package main + +import ( + "crypto/aes" + "crypto/cipher" + "crypto/rand" + "crypto/sha256" + "encoding/json" + "errors" + "github.com/spf13/cobra" + "io" + "os" +) + +var encTssCmd = &cobra.Command{ + Use: "tss-encrypt", + Short: "Utility command to encrypt existing tss key-share file", + RunE: EncryptTSSFile, +} + +type TSSArgs struct { + secretKey string + filePath string +} + +var tssArgs = TSSArgs{} + +func init() { + RootCmd.AddCommand(encTssCmd) + + encTssCmd.Flags().StringVar(&tssArgs.secretKey, "secret", "", "tss-encrpyt --secret p@$$w0rd") + encTssCmd.Flags().StringVar(&tssArgs.filePath, "filepath", "", "tss-encrpyt --filepath ./file.json") +} + +func EncryptTSSFile(_ *cobra.Command, _ []string) error { + data, err := os.ReadFile(tssArgs.filePath) + if err != nil { + return err + } + + if !json.Valid(data) { + return errors.New("file does not contain valid json, may already be encrypted") + } + + block, err := aes.NewCipher(getFragmentSeed(tssArgs.secretKey)) + if err != nil { + return err + } + + // Creating GCM mode + gcm, err := cipher.NewGCM(block) + if err != nil { + return err + } + // Generating random nonce + nonce := make([]byte, gcm.NonceSize()) + if _, err := io.ReadFull(rand.Reader, nonce); err != nil { + return err + } + + cipherText := gcm.Seal(nonce, nonce, data, nil) + return os.WriteFile(tssArgs.filePath, cipherText, 0o600) +} + +func getFragmentSeed(password string) []byte { + h := sha256.New() + h.Write([]byte(password)) + seed := h.Sum(nil) + return seed +} diff --git a/cmd/zetaclientd/start.go b/cmd/zetaclientd/start.go index 483cab01ee..72d6c43b3f 100644 --- a/cmd/zetaclientd/start.go +++ b/cmd/zetaclientd/start.go @@ -333,9 +333,9 @@ func promptPasswords() (string, string, error) { return "", "", err } - if TSSKeyPass == "" { - return "", "", errors.New("tss password is required to start zetaclient") - } + //trim delimiters + hotKeyPass = strings.TrimSuffix(hotKeyPass, "\n") + TSSKeyPass = strings.TrimSuffix(TSSKeyPass, "\n") return hotKeyPass, TSSKeyPass, err } diff --git a/go.mod b/go.mod index 95525856ce..f61286739e 100644 --- a/go.mod +++ b/go.mod @@ -338,7 +338,7 @@ replace ( // use cometbft github.com/tendermint/tendermint => github.com/cometbft/cometbft v0.34.28 github.com/tendermint/tm-db => github.com/BlockPILabs/cosmos-db v0.0.3 - github.com/zeta-chain/go-tss => github.com/zeta-chain/go-tss v0.1.1-0.20240115203400-a5b80e5da933 + github.com/zeta-chain/go-tss => github.com/zeta-chain/go-tss v0.1.1-0.20240208204815-866e4a3bb5c2 ) diff --git a/go.sum b/go.sum index 5ebeddd613..9f10bf20fd 100644 --- a/go.sum +++ b/go.sum @@ -1848,7 +1848,6 @@ github.com/ipfs/go-datastore v0.6.0/go.mod h1:rt5M3nNbSO/8q1t4LNkLyUwRs8HupMeN/8 github.com/ipfs/go-detect-race v0.0.1 h1:qX/xay2W3E4Q1U7d9lNs1sU9nvguX0a7319XbyQ6cOk= github.com/ipfs/go-detect-race v0.0.1/go.mod h1:8BNT7shDZPo99Q74BpGMK+4D8Mn4j46UU0LZ723meps= github.com/ipfs/go-ipfs-util v0.0.2 h1:59Sswnk1MFaiq+VcaknX7aYEyGyGDAA73ilhEK2POp8= -github.com/ipfs/go-ipfs-util v0.0.2/go.mod h1:CbPtkWJzjLdEcezDns2XYaehFVNXG9zrdrtMecczcsQ= github.com/ipfs/go-log v1.0.5 h1:2dOuUCB1Z7uoczMWgAyDck5JLb72zHzrMnGnCNNbvY8= github.com/ipfs/go-log v1.0.5/go.mod h1:j0b8ZoR+7+R99LD9jZ6+AJsrzkPbSXbZfGakb5JPtIo= github.com/ipfs/go-log/v2 v2.1.3/go.mod h1:/8d0SH3Su5Ooc31QlL1WysJhvyOTDCjcCZ9Axpmri6g= @@ -2761,7 +2760,6 @@ github.com/sourcegraph/go-diff v0.5.1/go.mod h1:j2dHj3m8aZgQO8lMTcTnBcXkRRRqi34c github.com/sourcegraph/go-diff v0.5.3/go.mod h1:v9JDtjCE4HHHCZGId75rg8gkKKa98RVjBcBGsVmMmak= github.com/sourcegraph/go-diff v0.6.1/go.mod h1:iBszgVvyxdc8SFZ7gm69go2KDdt3ag071iBaWPF6cjs= github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA= -github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572/go.mod h1:w0SWMsp6j9O/dk4/ZpIhL+3CkG8ofA2vuv7k+ltqUMc= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= @@ -3035,10 +3033,8 @@ github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQ github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= -github.com/zeta-chain/go-tss v0.1.1-0.20240103170132-35850edf5dbd h1:wv+VGLFX8IhPuoqAVQGAQjlEPWqYjowJgJVNReolJTM= -github.com/zeta-chain/go-tss v0.1.1-0.20240103170132-35850edf5dbd/go.mod h1:+lJfk/qqt+oxXeVuJV+PzpUoxftUfoTRf2eF3qlbyFI= -github.com/zeta-chain/go-tss v0.1.1-0.20240115203400-a5b80e5da933 h1:cx6ZXVmV9LpkYRQER7+sTgu56wdmaU1U5VJcx3rsCwc= -github.com/zeta-chain/go-tss v0.1.1-0.20240115203400-a5b80e5da933/go.mod h1:+lJfk/qqt+oxXeVuJV+PzpUoxftUfoTRf2eF3qlbyFI= +github.com/zeta-chain/go-tss v0.1.1-0.20240208204815-866e4a3bb5c2 h1:8bN9xaYhZ8MnaHjAxtaijpJYkRua+sClSmirK8aAJj0= +github.com/zeta-chain/go-tss v0.1.1-0.20240208204815-866e4a3bb5c2/go.mod h1:+lJfk/qqt+oxXeVuJV+PzpUoxftUfoTRf2eF3qlbyFI= github.com/zeta-chain/keystone/keys v0.0.0-20231105174229-903bc9405da2 h1:gd2uE0X+ZbdFJ8DubxNqLbOVlCB12EgWdzSNRAR82tM= github.com/zeta-chain/keystone/keys v0.0.0-20231105174229-903bc9405da2/go.mod h1:x7Bkwbzt2W2lQfjOirnff0Dj+tykdbTG1FMJPVPZsvE= github.com/zeta-chain/protocol-contracts v1.0.2-athens3.0.20230816152528-db7d2bf9144b h1:aZRt5BtXdoDdyrUKwcv3B7mS30m/B854cjKjmnXBE5A=