feat(wallet): add change mnemonic password rpc#2317
Conversation
| let encrypted_data = encrypt_mnemonic(&mnemonic, &req.new_password)?; | ||
| // save new encrypted mnemonic data with new password | ||
| save_encrypted_passphrase(&ctx, &wallet_name, &encrypted_data).await?; | ||
|
|
There was a problem hiding this comment.
could u actually verify whether this would play well in wasm?
this call eventually does table.add_item, which if the item already exists will error ConstraintError (as per this).
We should use table.replace_item to be able to supported updates.
|
Why the result is bool and not Ok if password updated successfully or Err if failed? |
borngraced
changed the title
|
One thing I need @CharlVS's opinion on regarding this PR: Should we update the password using an RPC or during KDF initialization? I think the GUI will provide users the option to update the password before starting KDF. Also, some CLI users will not want to pass the encryption password through RPC at all. Can we have the two modes if possible @borngraced? |
For the GUI, I'd strongly prefer it to be via RPC. Doing via startup-config for GUI is not ideal because:
This is outside my domain, but I'd expect it to be a non-issue for CLI users since they face a similar issue with private key RPCs. Those concerned about this would/should be using HTTPS mode. However, the damage from a single coin's leaked private key could be far less than that from a leaked password. If you implement startup-config password changes, it's worth considering either terminating KDF after the password is updated, or make the fields named |
seems to be a good reason why we would want to have the both.
|
Why would the GUI want to provide such a feat considering that RPC comm is internal on the same device (well if you want a GUI to re-launch KDF with different config, this means that GUI runs KDF internally).
If KDF is on the same device that shouldn't be an issue for a CLI user. If it's on a different device, they could log into the device/machine hosting KDF and do the RPC there (well if they wanted to go with changing the config route, this means they must have access to that device hosting KDF). |
mariocynicys
left a comment
mariocynicys
left a comment
There was a problem hiding this comment.
Thanks! LGTM
non-blocking comments inline.
| "trade_preimage" => handle_mmrpc(ctx, request, trade_preimage_rpc).await, | ||
| "trezor_connection_status" => handle_mmrpc(ctx, request, trezor_connection_status).await, | ||
| "update_nft" => handle_mmrpc(ctx, request, update_nft).await, | ||
| "update_seed_storage_password" => handle_mmrpc(ctx, request, update_seed_storage_password_rpc).await, |
There was a problem hiding this comment.
i think we better drop the word storage here.
storage makes it feel as if the whole seed store (multiple seeds) is encrypted using a single pass and not just the single seed in question.
better alternatives imo: update_seed_password or update_seedphrase/passphrase_password
that's a non-blocking comment though since im not a certified linguist.
There was a problem hiding this comment.
We should use the word mnemonic not seed since we have get_mnemonic RPC. How about change_mnemonic_password
mm2src/mm2_main/src/lp_wallet.rs
Outdated
| ))))?; | ||
| // encrypt mnemonic with new passphrase. | ||
| let encrypted_data = encrypt_mnemonic(&mnemonic, &req.new_password)?; | ||
| // save new encrypted mnemonic data::default() with new password |
There was a problem hiding this comment.
data::default() what?
There was a problem hiding this comment.
well actually this is blocking 🤦♂️
I thought that updating password flow will be like some websites where you do it without logging in, but @CharlVS cleared that.
It's shouldn't be in the config file, it should be passed as args with the start KDF command. |
No need to, let's have the RPC command only for now like it is now. |
shamardy
left a comment
shamardy
left a comment
There was a problem hiding this comment.
A few comments from my side!
shamardy
left a comment
shamardy
left a comment
There was a problem hiding this comment.
LGTM! Only one nit.
Can you please add test coverage for the new RPC?
borngraced
changed the title
|
@borngraced please resolve conflicts |
|
please update this comment #2317 (comment) @borngraced |
borngraced
force-pushed
the
implement-update-seed-storage-rpc
branch
from
965a020 to
8f87cdd
Compare
* dev: fix(derive_key_from_path): check length of current_key_material (#2356) chore(release): bump mm2 version to 2.4.0-beta (#2346) fix(tests): add additional testnet sepolia nodes to test code (#2358) fix(swaps): maintain legacy compatibility for negotiation messages (#2353) refactor(SwapOps): impl defaults for protocol specific swapops fns (#2354) feat(tpu-v2): provide swap protocol versioning (#2324) feat(wallet): add change mnemonic password rpc (#2317) fix(tpu-v2): fix tpu-v2 wait for payment spend and extract secret (#2261) feat(tendermint): unstaking/undelegation (#2330) fix(utxo-withdraw): get hw ctx only when `PrivKeyPolicy` is trezor (#2333) feat(event-streaming): API-driven subscription management (#2172) fix(hash-types): remove panic, enforce fixed-size arrays (#2279) fix(ARRR): store unconfirmed change output (#2276) feat(tendermint): staking/delegation (#2322) chore(deps): `timed-map` migration (#2247) fix(mem-leak): `running_swap` never shrinks (#2301) chore(dep-bump): libp2p (#2326) refactor(build script): rewrite the main build script (#2319)
* dev: fix(derive_key_from_path): check length of current_key_material (#2356) chore(release): bump mm2 version to 2.4.0-beta (#2346) fix(tests): add additional testnet sepolia nodes to test code (#2358) fix(swaps): maintain legacy compatibility for negotiation messages (#2353) refactor(SwapOps): impl defaults for protocol specific swapops fns (#2354) feat(tpu-v2): provide swap protocol versioning (#2324) feat(wallet): add change mnemonic password rpc (#2317) fix(tpu-v2): fix tpu-v2 wait for payment spend and extract secret (#2261) feat(tendermint): unstaking/undelegation (#2330) fix(utxo-withdraw): get hw ctx only when `PrivKeyPolicy` is trezor (#2333) feat(event-streaming): API-driven subscription management (#2172) fix(hash-types): remove panic, enforce fixed-size arrays (#2279) fix(ARRR): store unconfirmed change output (#2276) feat(tendermint): staking/delegation (#2322) chore(deps): `timed-map` migration (#2247) fix(mem-leak): `running_swap` never shrinks (#2301) chore(dep-bump): libp2p (#2326) refactor(build script): rewrite the main build script (#2319)
* dev: (24 commits) fix(eth-tpu): remove state from funding validation (GLEECBTC#2334) improvement(rpc-server): rpc server dynamic port allocation (GLEECBTC#2342) fix(tests): fix or ignore unstable tests (GLEECBTC#2365) fix(fs): make `filter_files_by_extension` return only files (GLEECBTC#2364) fix(derive_key_from_path): check length of current_key_material (GLEECBTC#2356) chore(release): bump mm2 version to 2.4.0-beta (GLEECBTC#2346) fix(tests): add additional testnet sepolia nodes to test code (GLEECBTC#2358) fix(swaps): maintain legacy compatibility for negotiation messages (GLEECBTC#2353) refactor(SwapOps): impl defaults for protocol specific swapops fns (GLEECBTC#2354) feat(tpu-v2): provide swap protocol versioning (GLEECBTC#2324) feat(wallet): add change mnemonic password rpc (GLEECBTC#2317) fix(tpu-v2): fix tpu-v2 wait for payment spend and extract secret (GLEECBTC#2261) feat(tendermint): unstaking/undelegation (GLEECBTC#2330) fix(utxo-withdraw): get hw ctx only when `PrivKeyPolicy` is trezor (GLEECBTC#2333) feat(event-streaming): API-driven subscription management (GLEECBTC#2172) fix(hash-types): remove panic, enforce fixed-size arrays (GLEECBTC#2279) fix(ARRR): store unconfirmed change output (GLEECBTC#2276) feat(tendermint): staking/delegation (GLEECBTC#2322) chore(deps): `timed-map` migration (GLEECBTC#2247) fix(mem-leak): `running_swap` never shrinks (GLEECBTC#2301) ...
* dev: feat(rpc): add is_success field to legacy MySwapStatusResponse (#2371) fix(key-derivation): use stored Argon2 parameters instead of default values (#2360) fix(tests): stabilize `tendermint_coin::test_claim_staking_rewards` (#2373) improvement(RPCs): group staking rpcs under a namespace (#2372) feat(tendermint): claim delegation rewards (#2351) fix(eth-tpu): remove state from funding validation (#2334) improvement(rpc-server): rpc server dynamic port allocation (#2342) fix(tests): fix or ignore unstable tests (#2365) fix(fs): make `filter_files_by_extension` return only files (#2364) fix(derive_key_from_path): check length of current_key_material (#2356) chore(release): bump mm2 version to 2.4.0-beta (#2346) fix(tests): add additional testnet sepolia nodes to test code (#2358) fix(swaps): maintain legacy compatibility for negotiation messages (#2353) refactor(SwapOps): impl defaults for protocol specific swapops fns (#2354) feat(tpu-v2): provide swap protocol versioning (#2324) feat(wallet): add change mnemonic password rpc (#2317)
6 participants
implement functionality to change the password for seed storage in kdf with it's
rpcmethodExample JSON Request
{ "method": "change_mnemonic_password", "userpass": "rpc_password", "mmrpc": "2.0", "params": { "current_password": "old_password123", "new_password": "new_password456" } }Example JSON Response
{ "result": null }