diff --git a/CHANGELOG.md b/CHANGELOG.md index 2586fdfc3..aac2a6694 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [10.12.2] +### Fixed +- Fix error where unlock failed after update to v10.12.0 + +## [10.12.1] +### Changed +- This version was used to rollback from v10.12.0 to v10.11.4. + ## [10.12.0] ### Added - Add a search feature to the settings page ([#13214](https://github.com/MetaMask/metamask-extension/pull/13214)) @@ -2841,7 +2849,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Uncategorized - Added the ability to restore accounts from seed words. -[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v10.12.0...HEAD +[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v10.12.2...HEAD +[10.12.2]: https://github.com/MetaMask/metamask-extension/compare/v10.12.1...v10.12.2 +[10.12.1]: https://github.com/MetaMask/metamask-extension/compare/v10.12.0...v10.12.1 [10.12.0]: https://github.com/MetaMask/metamask-extension/compare/v10.11.4...v10.12.0 [10.11.4]: https://github.com/MetaMask/metamask-extension/compare/v10.11.3...v10.11.4 [10.11.3]: https://github.com/MetaMask/metamask-extension/compare/v10.11.2...v10.11.3 diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js index 225a57896..e1c18c1eb 100644 --- a/app/scripts/lib/seed-phrase-verifier.js +++ b/app/scripts/lib/seed-phrase-verifier.js @@ -11,10 +11,10 @@ const seedPhraseVerifier = { * - The keyring always creates the accounts in the same sequence. * * @param {Array} createdAccounts - The accounts to restore - * @param {string} seedWords - The seed words to verify - * @returns {Promise} Promises undefined + * @param {Buffer} seedPhrase - The seed words to verify, encoded as a Buffer + * @returns {Promise} */ - async verifyAccounts(createdAccounts, seedWords) { + async verifyAccounts(createdAccounts, seedPhrase) { if (!createdAccounts || createdAccounts.length < 1) { throw new Error('No created accounts defined.'); } @@ -22,7 +22,7 @@ const seedPhraseVerifier = { const keyringController = new KeyringController({}); const Keyring = keyringController.getKeyringClassForType('HD Key Tree'); const opts = { - mnemonic: seedWords, + mnemonic: seedPhrase, numberOfAccounts: createdAccounts.length, }; diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index 8bb569897..58669935c 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -1839,13 +1839,16 @@ export default class MetamaskController extends EventEmitter { * Create a new Vault and restore an existent keyring. * * @param {string} password - * @param {string} seed + * @param {number[]} encodedSeedPhrase - The seed phrase, encoded as an array + * of UTF-8 bytes. */ - async createNewVaultAndRestore(password, seed) { + async createNewVaultAndRestore(password, encodedSeedPhrase) { const releaseLock = await this.createVaultMutex.acquire(); try { let accounts, lastBalance; + const seedPhraseAsBuffer = Buffer.from(encodedSeedPhrase); + const { keyringController } = this; // clear known identities @@ -1866,7 +1869,7 @@ export default class MetamaskController extends EventEmitter { // create new vault const vault = await keyringController.createNewVaultAndRestore( password, - seed, + seedPhraseAsBuffer, ); const ethQuery = new EthQuery(this.provider); @@ -2374,7 +2377,8 @@ export default class MetamaskController extends EventEmitter { * * Called when the first account is created and on unlocking the vault. * - * @returns {Promise} Seed phrase to be confirmed by the user. + * @returns {Promise} The seed phrase to be confirmed by the user, + * encoded as an array of UTF-8 bytes. */ async verifySeedPhrase() { const primaryKeyring = this.keyringController.getKeyringsByType( @@ -2385,7 +2389,7 @@ export default class MetamaskController extends EventEmitter { } const serialized = await primaryKeyring.serialize(); - const seedWords = serialized.mnemonic; + const seedPhraseAsBuffer = Buffer.from(serialized.mnemonic); const accounts = await primaryKeyring.getAccounts(); if (accounts.length < 1) { @@ -2393,8 +2397,8 @@ export default class MetamaskController extends EventEmitter { } try { - await seedPhraseVerifier.verifyAccounts(accounts, seedWords); - return seedWords; + await seedPhraseVerifier.verifyAccounts(accounts, seedPhraseAsBuffer); + return Array.from(seedPhraseAsBuffer.values()); } catch (err) { log.error(err.message); throw err; diff --git a/lavamoat/browserify/beta/policy.json b/lavamoat/browserify/beta/policy.json index 2b616f2e8..4d5410150 100644 --- a/lavamoat/browserify/beta/policy.json +++ b/lavamoat/browserify/beta/policy.json @@ -1178,6 +1178,9 @@ } }, "bip39": { + "globals": { + "console.log": true + }, "packages": { "buffer": true, "create-hash": true, @@ -1892,6 +1895,7 @@ "eth-hd-keyring": { "packages": { "bip39": true, + "buffer": true, "eth-sig-util": true, "eth-simple-keyring": true, "ethereumjs-wallet": true @@ -1950,6 +1954,7 @@ "packages": { "bip39": true, "browser-passworder": true, + "buffer": true, "eth-hd-keyring": true, "eth-sig-util": true, "eth-simple-keyring": true, diff --git a/lavamoat/browserify/flask/policy.json b/lavamoat/browserify/flask/policy.json index 92099f02c..abe69b023 100644 --- a/lavamoat/browserify/flask/policy.json +++ b/lavamoat/browserify/flask/policy.json @@ -1196,6 +1196,9 @@ } }, "bip39": { + "globals": { + "console.log": true + }, "packages": { "buffer": true, "create-hash": true, @@ -1910,6 +1913,7 @@ "eth-hd-keyring": { "packages": { "bip39": true, + "buffer": true, "eth-sig-util": true, "eth-simple-keyring": true, "ethereumjs-wallet": true @@ -1968,6 +1972,7 @@ "packages": { "bip39": true, "browser-passworder": true, + "buffer": true, "eth-hd-keyring": true, "eth-sig-util": true, "eth-simple-keyring": true, diff --git a/lavamoat/browserify/main/policy.json b/lavamoat/browserify/main/policy.json index 2b616f2e8..4d5410150 100644 --- a/lavamoat/browserify/main/policy.json +++ b/lavamoat/browserify/main/policy.json @@ -1178,6 +1178,9 @@ } }, "bip39": { + "globals": { + "console.log": true + }, "packages": { "buffer": true, "create-hash": true, @@ -1892,6 +1895,7 @@ "eth-hd-keyring": { "packages": { "bip39": true, + "buffer": true, "eth-sig-util": true, "eth-simple-keyring": true, "ethereumjs-wallet": true @@ -1950,6 +1954,7 @@ "packages": { "bip39": true, "browser-passworder": true, + "buffer": true, "eth-hd-keyring": true, "eth-sig-util": true, "eth-simple-keyring": true, diff --git a/package.json b/package.json index a10948d82..a30a0d52e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "metamask-crx", - "version": "10.12.0", + "version": "10.12.2", "private": true, "repository": { "type": "git", @@ -111,8 +111,8 @@ "@keystonehq/metamask-airgapped-keyring": "0.2.1", "@material-ui/core": "^4.11.0", "@metamask/contract-metadata": "^1.31.0", - "@metamask/design-tokens": "^1.3.0", "@metamask/controllers": "^27.0.0", + "@metamask/design-tokens": "^1.3.0", "@metamask/eth-ledger-bridge-keyring": "^0.10.0", "@metamask/eth-token-tracker": "^4.0.0", "@metamask/etherscan-link": "^2.1.0", diff --git a/patches/bip39+2.5.0.patch b/patches/bip39+2.5.0.patch new file mode 100644 index 000000000..2976f3bb2 --- /dev/null +++ b/patches/bip39+2.5.0.patch @@ -0,0 +1,99 @@ +diff --git a/node_modules/bip39/index.js b/node_modules/bip39/index.js +index aa0f29f..bee8008 100644 +--- a/node_modules/bip39/index.js ++++ b/node_modules/bip39/index.js +@@ -48,7 +48,9 @@ function salt (password) { + } + + function mnemonicToSeed (mnemonic, password) { +- var mnemonicBuffer = Buffer.from(unorm.nfkd(mnemonic), 'utf8') ++ var mnemonicBuffer = typeof mnemonic === 'string' ++ ? Buffer.from(unorm.nfkd(mnemonic), 'utf8') ++ : mnemonic + var saltBuffer = Buffer.from(salt(unorm.nfkd(password)), 'utf8') + + return pbkdf2(mnemonicBuffer, saltBuffer, 2048, 64, 'sha512') +@@ -61,12 +63,28 @@ function mnemonicToSeedHex (mnemonic, password) { + function mnemonicToEntropy (mnemonic, wordlist) { + wordlist = wordlist || DEFAULT_WORDLIST + +- var words = unorm.nfkd(mnemonic).split(' ') ++ var mnemonicAsBuffer = typeof mnemonic === 'string' ++ ? Buffer.from(unorm.nfkd(mnemonic), 'utf8') ++ : mnemonic ++ ++ var words = []; ++ var currentWord = []; ++ for (const byte of mnemonicAsBuffer.values()) { ++ // split at space or \u3000 (ideographic space, for Japanese wordlists) ++ if (byte === 0x20 || byte === 0x3000) { ++ words.push(Buffer.from(currentWord)); ++ currentWord = []; ++ } else { ++ currentWord.push(byte); ++ } ++ } ++ words.push(Buffer.from(currentWord)); ++ + if (words.length % 3 !== 0) throw new Error(INVALID_MNEMONIC) + + // convert word indices to 11 bit binary strings + var bits = words.map(function (word) { +- var index = wordlist.indexOf(word) ++ var index = wordlist.indexOf(word.toString('utf8')) + if (index === -1) throw new Error(INVALID_MNEMONIC) + + return lpad(index.toString(2), '0', 11) +@@ -104,12 +122,41 @@ function entropyToMnemonic (entropy, wordlist) { + + var bits = entropyBits + checksumBits + var chunks = bits.match(/(.{1,11})/g) +- var words = chunks.map(function (binary) { ++ var wordsAsBuffers = chunks.map(function (binary) { + var index = binaryToByte(binary) +- return wordlist[index] ++ return Buffer.from(wordlist[index], 'utf8') + }) + +- return wordlist === JAPANESE_WORDLIST ? words.join('\u3000') : words.join(' ') ++ var bufferSize = wordsAsBuffers.reduce(function (bufferSize, wordAsBuffer, i) { ++ var shouldAddSeparator = i < wordsAsBuffers.length - 1 ++ return ( ++ bufferSize + ++ wordAsBuffer.length + ++ (shouldAddSeparator ? 1 : 0) ++ ) ++ }, 0) ++ var separator = wordlist === JAPANESE_WORDLIST ? '\u3000' : ' ' ++ var result = wordsAsBuffers.reduce(function (result, wordAsBuffer, i) { ++ var shouldAddSeparator = i < wordsAsBuffers.length - 1 ++ result.workingBuffer.set(wordAsBuffer, result.offset) ++ if (shouldAddSeparator) { ++ result.workingBuffer.write( ++ separator, ++ result.offset + wordAsBuffer.length, ++ separator.length, ++ 'utf8' ++ ) ++ } ++ return { ++ workingBuffer: result.workingBuffer, ++ offset: ( ++ result.offset + ++ wordAsBuffer.length + ++ (shouldAddSeparator ? 1 : 0) ++ ) ++ } ++ }, { workingBuffer: Buffer.alloc(bufferSize), offset: 0 }) ++ return result.workingBuffer; + } + + function generateMnemonic (strength, rng, wordlist) { +@@ -124,6 +171,7 @@ function validateMnemonic (mnemonic, wordlist) { + try { + mnemonicToEntropy(mnemonic, wordlist) + } catch (e) { ++ console.log('could not validate mnemonic', e) + return false + } + diff --git a/patches/eth-hd-keyring+3.6.0.patch b/patches/eth-hd-keyring+3.6.0.patch new file mode 100644 index 000000000..211cb89dd --- /dev/null +++ b/patches/eth-hd-keyring+3.6.0.patch @@ -0,0 +1,43 @@ +diff --git a/node_modules/eth-hd-keyring/index.js b/node_modules/eth-hd-keyring/index.js +index 19d1d7f..350d6b8 100644 +--- a/node_modules/eth-hd-keyring/index.js ++++ b/node_modules/eth-hd-keyring/index.js +@@ -17,8 +17,11 @@ class HdKeyring extends SimpleKeyring { + } + + serialize () { ++ const mnemonicAsBuffer = typeof this.mnemonic === 'string' ++ ? Buffer.from(this.mnemonic, 'utf8') ++ : this.mnemonic + return Promise.resolve({ +- mnemonic: this.mnemonic, ++ mnemonic: Array.from(mnemonicAsBuffer.values()), + numberOfAccounts: this.wallets.length, + hdPath: this.hdPath, + }) +@@ -69,9 +72,22 @@ class HdKeyring extends SimpleKeyring { + + /* PRIVATE METHODS */ + +- _initFromMnemonic (mnemonic) { +- this.mnemonic = mnemonic +- const seed = bip39.mnemonicToSeed(mnemonic) ++ /** ++ * Sets appropriate properties for the keyring based on the given ++ * BIP39-compliant mnemonic. ++ * ++ * @param {string|Array|Buffer} mnemonic - A seed phrase represented ++ * as a string, an array of UTF-8 bytes, or a Buffer. ++ */ ++ _initFromMnemonic(mnemonic) { ++ if (typeof mnemonic === 'string') { ++ this.mnemonic = Buffer.from(mnemonic, 'utf8') ++ } else if (Array.isArray(mnemonic)) { ++ this.mnemonic = Buffer.from(mnemonic) ++ } else { ++ this.mnemonic = mnemonic ++ } ++ const seed = bip39.mnemonicToSeed(this.mnemonic) + this.hdWallet = hdkey.fromMasterSeed(seed) + this.root = this.hdWallet.derivePath(this.hdPath) + } diff --git a/patches/eth-keyring-controller+6.2.1.patch b/patches/eth-keyring-controller+6.2.1.patch new file mode 100644 index 000000000..aec0c7168 --- /dev/null +++ b/patches/eth-keyring-controller+6.2.1.patch @@ -0,0 +1,37 @@ +diff --git a/node_modules/eth-keyring-controller/index.js b/node_modules/eth-keyring-controller/index.js +index 250ab98..38615aa 100644 +--- a/node_modules/eth-keyring-controller/index.js ++++ b/node_modules/eth-keyring-controller/index.js +@@ -84,15 +84,20 @@ class KeyringController extends EventEmitter { + * + * @emits KeyringController#unlock + * @param {string} password - The password to encrypt the vault with +- * @param {string} seed - The BIP44-compliant seed phrase. ++ * @param {string|Array} seedPhrase - The BIP39-compliant seed phrase, ++ * either as a string or an array of UTF-8 bytes that represent the string. + * @returns {Promise} A Promise that resolves to the state. + */ +- createNewVaultAndRestore (password, seed) { ++ createNewVaultAndRestore(password, seedPhrase) { ++ const seedPhraseAsBuffer = typeof seedPhrase === 'string' ++ ? Buffer.from(seedPhrase, 'utf8') ++ : Buffer.from(seedPhrase) ++ + if (typeof password !== 'string') { + return Promise.reject(new Error('Password must be text.')) + } + +- if (!bip39.validateMnemonic(seed)) { ++ if (!bip39.validateMnemonic(seedPhraseAsBuffer)) { + return Promise.reject(new Error('Seed phrase is invalid.')) + } + +@@ -101,7 +106,7 @@ class KeyringController extends EventEmitter { + return this.persistAllKeyrings(password) + .then(() => { + return this.addNewKeyring('HD Key Tree', { +- mnemonic: seed, ++ mnemonic: seedPhraseAsBuffer, + numberOfAccounts: 1, + }) + }) diff --git a/ui/store/actions.js b/ui/store/actions.js index d17cca23e..418a2ceae 100644 --- a/ui/store/actions.js +++ b/ui/store/actions.js @@ -80,20 +80,39 @@ export function tryUnlockMetamask(password) { }; } -export function createNewVaultAndRestore(password, seed) { +/** + * Adds a new account where all data is encrypted using the given password and + * where all addresses are generated from a given seed phrase. + * + * @param {string} password - The password. + * @param {string} seedPhrase - The seed phrase. + * @returns {Object} The updated state of the keyring controller. + */ +export function createNewVaultAndRestore(password, seedPhrase) { return (dispatch) => { dispatch(showLoadingIndication()); log.debug(`background.createNewVaultAndRestore`); + + // Encode the secret recovery phrase as an array of integers so that it is + // serialized as JSON properly. + const encodedSeedPhrase = Array.from( + Buffer.from(seedPhrase, 'utf8').values(), + ); + let vault; return new Promise((resolve, reject) => { - background.createNewVaultAndRestore(password, seed, (err, _vault) => { - if (err) { - reject(err); - return; - } - vault = _vault; - resolve(); - }); + background.createNewVaultAndRestore( + password, + encodedSeedPhrase, + (err, _vault) => { + if (err) { + reject(err); + return; + } + vault = _vault; + resolve(); + }, + ); }) .then(() => dispatch(unMarkPasswordForgotten())) .then(() => { @@ -115,8 +134,8 @@ export function createNewVaultAndGetSeedPhrase(password) { try { await createNewVault(password); - const seedWords = await verifySeedPhrase(); - return seedWords; + const seedPhrase = await verifySeedPhrase(); + return seedPhrase; } catch (error) { dispatch(displayWarning(error.message)); throw new Error(error.message); @@ -132,9 +151,9 @@ export function unlockAndGetSeedPhrase(password) { try { await submitPassword(password); - const seedWords = await verifySeedPhrase(); + const seedPhrase = await verifySeedPhrase(); await forceUpdateMetamaskState(dispatch); - return seedWords; + return seedPhrase; } catch (error) { dispatch(displayWarning(error.message)); throw new Error(error.message); @@ -183,17 +202,9 @@ export function verifyPassword(password) { }); } -export function verifySeedPhrase() { - return new Promise((resolve, reject) => { - background.verifySeedPhrase((error, seedWords) => { - if (error) { - reject(error); - return; - } - - resolve(seedWords); - }); - }); +export async function verifySeedPhrase() { + const encodedSeedPhrase = await promisifiedBackground.verifySeedPhrase(); + return Buffer.from(encodedSeedPhrase).toString('utf8'); } export function requestRevealSeedWords(password) { @@ -203,11 +214,11 @@ export function requestRevealSeedWords(password) { try { await verifyPassword(password); - const seedWords = await verifySeedPhrase(); - return seedWords; + const seedPhrase = await verifySeedPhrase(); + return seedPhrase; } catch (error) { dispatch(displayWarning(error.message)); - throw new Error(error.message); + throw error; } finally { dispatch(hideLoadingIndication()); } diff --git a/ui/store/actions.test.js b/ui/store/actions.test.js index 0866713b4..727835ecf 100644 --- a/ui/store/actions.test.js +++ b/ui/store/actions.test.js @@ -111,7 +111,9 @@ describe('Actions', () => { actions._setBackgroundConnection(background); - await store.dispatch(actions.createNewVaultAndRestore()); + await store.dispatch( + actions.createNewVaultAndRestore('password', 'test'), + ); expect(createNewVaultAndRestore.callCount).toStrictEqual(1); }); @@ -134,7 +136,9 @@ describe('Actions', () => { { type: 'HIDE_LOADING_INDICATION' }, ]; - await store.dispatch(actions.createNewVaultAndRestore()); + await store.dispatch( + actions.createNewVaultAndRestore('password', 'test'), + ); expect(store.getActions()).toStrictEqual(expectedActions); }); @@ -155,7 +159,7 @@ describe('Actions', () => { ]; await expect( - store.dispatch(actions.createNewVaultAndRestore()), + store.dispatch(actions.createNewVaultAndRestore('password', 'test')), ).rejects.toThrow('error'); expect(store.getActions()).toStrictEqual(expectedActions); @@ -174,7 +178,7 @@ describe('Actions', () => { cb(), ); const verifySeedPhrase = background.verifySeedPhrase.callsFake((cb) => - cb(), + cb(null, Array.from(Buffer.from('test').values())), ); actions._setBackgroundConnection(background);