Merge pull request #295 from Lamden/fix_change_password

HOTFIX: Fix change password

Author: JeffWScott

package.json

@@ -1,6 +1,6 @@
 {
   "name": "lamden-wallet",
-  "version": "2.5.0",
+  "version": "2.5.1",
   "description": "A secure wallet for making transactions on the Lamden blockchain.",
   "author": "Jeff Scott <[email protected]>",
   "license": "",

src/js/backgroundControllers/accountsController.js

@@ -32,20 +32,21 @@ export const accountsController = (utils) => {
     const changePassword = async (oldpd, newpd) => {
         let { accountStore } = await getAccountsData()
         let { current } = await getSessionData()
+
+        if (oldpd != current) return false
         try{
             if (utils.validateTypes.isStringWithValue(oldpd) && utils.validateTypes.isStringWithValue(newpd)){
-                await setCurrent(oldpd)
                 let accounts = utils.stripRef(accountStore).map( account => {
                     let decryptedKey;
                     if (account.sk === "watchOnly") return account
-                    decryptedKey = decryptString(account.sk, current);
+                    decryptedKey = decryptString(account.sk, oldpd);
                     if (decryptedKey) account.sk = decryptedKey
                     else throw("Old password error")
                     return account
                 })
                 await setCurrent(newpd)
                 accounts.forEach(account => {
-                    if (account.sk !== 'watchOnly') account.sk = encryptString(account.sk, current)
+                    if (account.sk !== 'watchOnly') account.sk = encryptString(account.sk, newpd)
                 })
                 accountStore = accounts
                 await refreshAccountStore(accountStore)
@@ -464,7 +465,36 @@ export const accountsController = (utils) => {
         await chrome.storage.session.set({current: string});
     }
 
+    // for version 2.5.0
+    const repairVault = async (oldpd) => {
+        let { accountStore } = await getAccountsData()
+        let { current } = await getSessionData()
+
+        try{
+            if (utils.validateTypes.isStringWithValue(oldpd) && utils.validateTypes.isStringWithValue(current)){
+                let accounts = utils.stripRef(accountStore).map( account => {
+                    let decryptedKey;
+                    if (account.sk === "watchOnly") return account
+                    decryptedKey = decryptString(account.sk, oldpd);
+                    if (decryptedKey) account.sk = decryptedKey
+                    else throw("Old password error")
+                    return account
+                })
+                accounts.forEach(account => {
+                    if (account.sk !== 'watchOnly') account.sk = encryptString(account.sk, current)
+                })
+                accountStore = accounts
+                await refreshAccountStore(accountStore)
+                return true;
+            }
+            return false
+        } catch (e){
+            return false
+        }
+    }
+
     return {
+        repairVault,
         changePassword,
         createPassword,
         checkPassword,

src/js/backgroundControllers/masterController.js

@@ -534,7 +534,8 @@ export const masterController = () => {
       isVaultCreated: accounts.isVaultCreated,
       getMnemonic: accounts.getMnemonic,
       addVaultAccount: accounts.addVaultAccount,
-      auth: accounts.auth
+      auth: accounts.auth,
+      repairVault: accounts.repairVault
     },
     dapps: {
       initiateTrustedApp: dapps.initiateTrustedApp,

src/js/backgroundControllers/messagesHandler.js

@@ -100,6 +100,12 @@ export const messagesHandler = () => {
                     sendResponse(await masterController.changePassword(message.data))
                     return true;
                 }
+
+                // Reapir vault
+                if (message.type === 'repairVault') {
+                    sendResponse(await masterController.accounts.repairVault(message.data)) 
+                    return true;
+                }
                 //Check if the wallet has been setup yet
                 if(message.type === 'isFirstRun') {
                     sendResponse(await masterController.accounts.firstRun())

src/js/latest_event.json

@@ -1,26 +1,19 @@
 {
-	"title": "Manifest V3 Update",
-	"type": "feature",
-	"version": "2.5.0",
+	"title": "Change Password Hotfix",
+	"type": "hotfix",
+	"version": "2.5.1",
 	"body": [
-		"Updated the Lamden Wallet to use the new Manifest V3 standard.",
-		"Also enabled the auth endpoint in the Lamden Vault API."
+		"Hotfix for the change password bug."
 	],
 	"buttons": [
 		{
 			"class": "primary",
-			"link": "https://github.com/Lamden/wallet/releases/tag/v2.5.0",
+			"link": "https://github.com/Lamden/wallet/releases/tag/v2.5.1",
 			"name": "Release Info"
-		},
-		{
-			"class": "secondary",
-			"link": "https://docs.lamden.io/develop/wallet_api/auth/",
-			"name": "Auth Documentation"
 		}
 	],
-	"date_added": 1684243931195,
-	"new_features": [
-		"Added a new event called 'auth' to the Lamden Vault API. This allows dapps to call the wallet for user login. See documentation for more info.",
-		"Updated the Lamden Wallet to use the new Manifest V3 standard."
+	"date_added": 1686843863024,
+	"fixes": [
+		"The change password feature would change the loging password but fail to re-encrypt the keys in the legacy vault storage."
 	]
 }

src/svelte/App.svelte

@@ -67,6 +67,7 @@
     "ContinueSwap",
     "ChangePassword",
     "ManageNetwork",
+    "RepairVault"
   ];
   const redirect = {
     FirstRunRestoreMain: "FirstRunMain",

src/svelte/Router.svelte

@@ -140,6 +140,7 @@ import IdeMethodTx from './IDE/IdeMethodTx.svelte';
 //Misc
 import LockScreen from './misc/LockScreen.svelte';
 import About from './misc/About.svelte';
+import RepairVault from './misc/RepairVault.svelte';
 
 //Token
 import TokenDetails from './tokens/TokenDetails.svelte';
@@ -252,6 +253,7 @@ export const Pages = {
     DashboardMain,
     DashboardNodeList,
     NodeDetails,
+    RepairVault,
     ...FirstRun 
 };
 

src/svelte/firstrun/FirstRunCreatePW.svelte

@@ -23,7 +23,7 @@
     //PROPS
     export let restore = false;
 
-    let pattern = `(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*()_+\\-=\\[\\]{};':\"\\\|,.<>\\/? ]).{10,}`;
+    let pattern = "(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*\\(\\)_+\\-=\\[\\]\\{\\};':\"\\|,.<>\\/\\?]).{10,}";
     let pwd = '';
 
 	const formValidation = () => {

src/svelte/misc/RepairVault.svelte

@@ -0,0 +1,159 @@
+<script>
+    import { getContext, onDestroy, onMount} from 'svelte';
+	//Components
+    import { Components, LeftSideFullPage }  from '../Router.svelte'
+    import NavLogo from '../nav/NavLogo.svelte';
+    import { fade } from 'svelte/transition';
+
+    //Stores
+	import { SettingsStore } from '../../js/stores/stores.js';
+
+    //Utils
+    import { hashStringValue } from '../../js/utils.js'
+
+    //Context
+    const { switchPage, appHome} = getContext('app_functions');
+
+    const { Button, InputBox } = Components;
+
+    let oldPwd;
+
+    let password;
+    let vaultExist = false;
+    let step = 1;
+    let repairSuccess = false;
+
+    onMount(() => {
+		chrome.runtime.sendMessage({type: 'isVaultCreated'}, (ok) => {
+			vaultExist = ok;
+		})
+	});
+
+
+    onDestroy(()=> password = "")
+
+    const repair = () => {
+        chrome.runtime.sendMessage({
+            type: "repairVault",
+            data: hashStringValue(oldPwd.value),
+        }, (success) => {
+            if (!success || chrome.runtime.lastError) {
+                repairSuccess = false
+            } else {
+                repairSuccess = true
+            }
+            step = 2
+        });
+    }
+    
+</script>
+
+<style>
+.layout{
+    display: flex;
+    flex-direction: column;
+    flex-grow: 1;
+}
+
+.content{
+    flex-grow: 1;
+    display: flex;
+}
+
+.header{
+    display: flex;
+    flex-direction: row;
+    position: absolute;
+    left: 0%;
+    right: 0%;
+    top: 0%;
+    bottom: 0%;
+    right: 0;
+    height: 97px;
+    border-bottom: 1px solid var(--divider-light);
+}
+.alignc {
+    align-items: center;
+}
+</style>
+
+<div class="layout">
+    <div class="header">
+        <NavLogo />
+    </div>
+    <div class="content">
+        <LeftSideFullPage title={`Repair Vault`}>
+        <div slot="body">
+            <div class="text-body1 weight-400 desc">
+                This process will allow you to repair your vault if you have changed your password in version 2.5.0
+            </div>
+        </div>
+        <div class="flex-row flow-page flex-just-center" in:fade="{{delay: 0, duration: 200}}" slot="content">
+            <div class="flex-column">
+                {#if step === 1} 
+                <h6 class="text-primary text-center">Repair Vault</h6>
+                <div class="flex-column flow-buttons">
+                    {#if vaultExist}
+                    <InputBox 
+                        id="oldPwd"
+                        bind:thisInput={oldPwd}
+                        label={"Old Password"}
+                        placeholder={"The password you previously used"}
+                        inputType={'password'}
+                        width={"347px"}
+                        height={"56px"}
+                        margin="0 0 0.5rem 0"
+                        disabledPWShowBtn={false}
+                        required={true}/>
+                    <Button id={'confirm-btn'}
+                        classes={'button__solid button__primary'}
+                        margin="1rem 0 1rem"
+                        name="Repair" 
+                        width={'347px'}
+                        click={repair} />
+                    {:else}
+                    <div class="flow-text-box text-body1">Valut not exists</div>
+                    <Button id={'back-btn'}
+                        classes={'button__solid button__primary'}
+                        margin="1rem 0 1rem"
+                        name="Home" 
+                        width={'347px'}
+                        click={appHome} />
+                    {/if}
+                </div>
+                {:else}
+                <div class="flex-column flow-buttons alignc">
+                    {#if repairSuccess}
+                    
+                        <h3 class="flow-text-box text-body1 text-green">  Your vault has been successfully repaired!</h3>
+                        <Button id={'home-btn'}
+                            classes={'button__solid button__primary'}
+                            margin="1rem 0 1rem"
+                            name="Home" 
+                            width={'347px'}
+                            click={appHome} />
+                    {:else}
+                        <h3 class="flow-text-box text-body1 text-error"> Repair vault failed. Please try again or contact the developer</h3>
+                        <Button id={'back-btn'}
+                            classes={'button__solid button__primary'}
+                            margin="1rem 0 1rem"
+                            name="Back" 
+                            width={'347px'}
+                            click={() => { step = 1}} />
+                        <Button id={'home-btn'}
+                            classes={'button__solid button__primary'}
+                            margin="1rem 0 1rem"
+                            name="Home" 
+                            width={'347px'}
+                            click={appHome} />
+                    {/if}
+                </div>
+                {/if} 
+            </div>
+
+        </div>
+
+        </LeftSideFullPage>
+    </div>
+</div>
+

src/svelte/misc/Settings.svelte

@@ -59,6 +59,13 @@
         desc: "Keep your wallet safe by locking it after you’re done using it.",
         btnName: "Sign Out & Lock",
         page: "LockScreen"
+    },{
+        id: "fix-vaulte-btn",
+        logo: "signout",
+        title: "Fix Vault",
+        desc: "If you have changed your password in version 2.5, you can use this feature to repair your vault.",
+        btnName: "Fix Vault",
+        page: "RepairVault"
     }]
 
     const settingIcons = {