mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-12-23 09:52:26 +01:00
Merge pull request #3409 from scsaba/seed-phrase-verification
Add seed phrase verification script into background process
This commit is contained in:
commit
f4e5dd37b1
48
app/scripts/lib/seed-phrase-verifier.js
Normal file
48
app/scripts/lib/seed-phrase-verifier.js
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
const KeyringController = require('eth-keyring-controller')
|
||||||
|
|
||||||
|
const seedPhraseVerifier = {
|
||||||
|
|
||||||
|
// Verifies if the seed words can restore the accounts.
|
||||||
|
//
|
||||||
|
// The seed words can recreate the primary keyring and the accounts belonging to it.
|
||||||
|
// The created accounts in the primary keyring are always the same.
|
||||||
|
// The keyring always creates the accounts in the same sequence.
|
||||||
|
verifyAccounts (createdAccounts, seedWords) {
|
||||||
|
|
||||||
|
return new Promise((resolve, reject) => {
|
||||||
|
|
||||||
|
if (!createdAccounts || createdAccounts.length < 1) {
|
||||||
|
return reject(new Error('No created accounts defined.'))
|
||||||
|
}
|
||||||
|
|
||||||
|
const keyringController = new KeyringController({})
|
||||||
|
const Keyring = keyringController.getKeyringClassForType('HD Key Tree')
|
||||||
|
const opts = {
|
||||||
|
mnemonic: seedWords,
|
||||||
|
numberOfAccounts: createdAccounts.length,
|
||||||
|
}
|
||||||
|
|
||||||
|
const keyring = new Keyring(opts)
|
||||||
|
keyring.getAccounts()
|
||||||
|
.then((restoredAccounts) => {
|
||||||
|
|
||||||
|
log.debug('Created accounts: ' + JSON.stringify(createdAccounts))
|
||||||
|
log.debug('Restored accounts: ' + JSON.stringify(restoredAccounts))
|
||||||
|
|
||||||
|
if (restoredAccounts.length !== createdAccounts.length) {
|
||||||
|
// this should not happen...
|
||||||
|
return reject(new Error('Wrong number of accounts'))
|
||||||
|
}
|
||||||
|
|
||||||
|
for (let i = 0; i < restoredAccounts.length; i++) {
|
||||||
|
if (restoredAccounts[i].toLowerCase() !== createdAccounts[i].toLowerCase()) {
|
||||||
|
return reject(new Error('Not identical accounts! Original: ' + createdAccounts[i] + ', Restored: ' + restoredAccounts[i]))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return resolve()
|
||||||
|
})
|
||||||
|
})
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = seedPhraseVerifier
|
@ -37,6 +37,7 @@ const version = require('../manifest.json').version
|
|||||||
const BN = require('ethereumjs-util').BN
|
const BN = require('ethereumjs-util').BN
|
||||||
const GWEI_BN = new BN('1000000000')
|
const GWEI_BN = new BN('1000000000')
|
||||||
const percentile = require('percentile')
|
const percentile = require('percentile')
|
||||||
|
const seedPhraseVerifier = require('./lib/seed-phrase-verifier')
|
||||||
|
|
||||||
module.exports = class MetamaskController extends EventEmitter {
|
module.exports = class MetamaskController extends EventEmitter {
|
||||||
|
|
||||||
@ -344,6 +345,7 @@ module.exports = class MetamaskController extends EventEmitter {
|
|||||||
// primary HD keyring management
|
// primary HD keyring management
|
||||||
addNewAccount: nodeify(this.addNewAccount, this),
|
addNewAccount: nodeify(this.addNewAccount, this),
|
||||||
placeSeedWords: this.placeSeedWords.bind(this),
|
placeSeedWords: this.placeSeedWords.bind(this),
|
||||||
|
verifySeedPhrase: nodeify(this.verifySeedPhrase, this),
|
||||||
clearSeedWordCache: this.clearSeedWordCache.bind(this),
|
clearSeedWordCache: this.clearSeedWordCache.bind(this),
|
||||||
resetAccount: this.resetAccount.bind(this),
|
resetAccount: this.resetAccount.bind(this),
|
||||||
importAccountWithStrategy: this.importAccountWithStrategy.bind(this),
|
importAccountWithStrategy: this.importAccountWithStrategy.bind(this),
|
||||||
@ -565,14 +567,18 @@ module.exports = class MetamaskController extends EventEmitter {
|
|||||||
// Opinionated Keyring Management
|
// Opinionated Keyring Management
|
||||||
//
|
//
|
||||||
|
|
||||||
async addNewAccount (cb) {
|
async addNewAccount () {
|
||||||
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
|
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
|
||||||
if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found'))
|
if (!primaryKeyring) {
|
||||||
|
throw new Error('MetamaskController - No HD Key Tree found')
|
||||||
|
}
|
||||||
const keyringController = this.keyringController
|
const keyringController = this.keyringController
|
||||||
const oldAccounts = await keyringController.getAccounts()
|
const oldAccounts = await keyringController.getAccounts()
|
||||||
const keyState = await keyringController.addNewAccount(primaryKeyring)
|
const keyState = await keyringController.addNewAccount(primaryKeyring)
|
||||||
const newAccounts = await keyringController.getAccounts()
|
const newAccounts = await keyringController.getAccounts()
|
||||||
|
|
||||||
|
await this.verifySeedPhrase()
|
||||||
|
|
||||||
newAccounts.forEach((address) => {
|
newAccounts.forEach((address) => {
|
||||||
if (!oldAccounts.includes(address)) {
|
if (!oldAccounts.includes(address)) {
|
||||||
this.preferencesController.setSelectedAddress(address)
|
this.preferencesController.setSelectedAddress(address)
|
||||||
@ -587,14 +593,43 @@ module.exports = class MetamaskController extends EventEmitter {
|
|||||||
// Used when creating a first vault, to allow confirmation.
|
// Used when creating a first vault, to allow confirmation.
|
||||||
// Also used when revealing the seed words in the confirmation view.
|
// Also used when revealing the seed words in the confirmation view.
|
||||||
placeSeedWords (cb) {
|
placeSeedWords (cb) {
|
||||||
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
|
|
||||||
if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found'))
|
this.verifySeedPhrase()
|
||||||
primaryKeyring.serialize()
|
.then((seedWords) => {
|
||||||
.then((serialized) => {
|
|
||||||
const seedWords = serialized.mnemonic
|
|
||||||
this.configManager.setSeedWords(seedWords)
|
this.configManager.setSeedWords(seedWords)
|
||||||
cb(null, seedWords)
|
return cb(null, seedWords)
|
||||||
})
|
})
|
||||||
|
.catch((err) => {
|
||||||
|
return cb(err)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// Verifies the current vault's seed words if they can restore the
|
||||||
|
// accounts belonging to the current vault.
|
||||||
|
//
|
||||||
|
// Called when the first account is created and on unlocking the vault.
|
||||||
|
async verifySeedPhrase () {
|
||||||
|
|
||||||
|
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
|
||||||
|
if (!primaryKeyring) {
|
||||||
|
throw new Error('MetamaskController - No HD Key Tree found')
|
||||||
|
}
|
||||||
|
|
||||||
|
const serialized = await primaryKeyring.serialize()
|
||||||
|
const seedWords = serialized.mnemonic
|
||||||
|
|
||||||
|
const accounts = await primaryKeyring.getAccounts()
|
||||||
|
if (accounts.length < 1) {
|
||||||
|
throw new Error('MetamaskController - No accounts found')
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
await seedPhraseVerifier.verifyAccounts(accounts, seedWords)
|
||||||
|
return seedWords
|
||||||
|
} catch (err) {
|
||||||
|
log.error(err.message)
|
||||||
|
throw err
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ClearSeedWordCache
|
// ClearSeedWordCache
|
||||||
|
133
test/unit/seed-phrase-verifier-test.js
Normal file
133
test/unit/seed-phrase-verifier-test.js
Normal file
@ -0,0 +1,133 @@
|
|||||||
|
const assert = require('assert')
|
||||||
|
const clone = require('clone')
|
||||||
|
const KeyringController = require('eth-keyring-controller')
|
||||||
|
const firstTimeState = require('../../app/scripts/first-time-state')
|
||||||
|
const seedPhraseVerifier = require('../../app/scripts/lib/seed-phrase-verifier')
|
||||||
|
const mockEncryptor = require('../lib/mock-encryptor')
|
||||||
|
|
||||||
|
describe('SeedPhraseVerifier', function () {
|
||||||
|
|
||||||
|
describe('verifyAccounts', function () {
|
||||||
|
|
||||||
|
let password = 'passw0rd1'
|
||||||
|
let hdKeyTree = 'HD Key Tree'
|
||||||
|
|
||||||
|
let keyringController
|
||||||
|
let vault
|
||||||
|
let primaryKeyring
|
||||||
|
|
||||||
|
beforeEach(async function () {
|
||||||
|
keyringController = new KeyringController({
|
||||||
|
initState: clone(firstTimeState),
|
||||||
|
encryptor: mockEncryptor,
|
||||||
|
})
|
||||||
|
|
||||||
|
assert(keyringController)
|
||||||
|
|
||||||
|
vault = await keyringController.createNewVaultAndKeychain(password)
|
||||||
|
primaryKeyring = keyringController.getKeyringsByType(hdKeyTree)[0]
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should be able to verify created account with seed words', async function () {
|
||||||
|
|
||||||
|
let createdAccounts = await primaryKeyring.getAccounts()
|
||||||
|
assert.equal(createdAccounts.length, 1)
|
||||||
|
|
||||||
|
let serialized = await primaryKeyring.serialize()
|
||||||
|
let seedWords = serialized.mnemonic
|
||||||
|
assert.notEqual(seedWords.length, 0)
|
||||||
|
|
||||||
|
let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords)
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should be able to verify created account (upper case) with seed words', async function () {
|
||||||
|
|
||||||
|
let createdAccounts = await primaryKeyring.getAccounts()
|
||||||
|
assert.equal(createdAccounts.length, 1)
|
||||||
|
|
||||||
|
let upperCaseAccounts = [createdAccounts[0].toUpperCase()]
|
||||||
|
|
||||||
|
let serialized = await primaryKeyring.serialize()
|
||||||
|
let seedWords = serialized.mnemonic
|
||||||
|
assert.notEqual(seedWords.length, 0)
|
||||||
|
|
||||||
|
let result = await seedPhraseVerifier.verifyAccounts(upperCaseAccounts, seedWords)
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should be able to verify created account (lower case) with seed words', async function () {
|
||||||
|
|
||||||
|
let createdAccounts = await primaryKeyring.getAccounts()
|
||||||
|
assert.equal(createdAccounts.length, 1)
|
||||||
|
let lowerCaseAccounts = [createdAccounts[0].toLowerCase()]
|
||||||
|
|
||||||
|
let serialized = await primaryKeyring.serialize()
|
||||||
|
let seedWords = serialized.mnemonic
|
||||||
|
assert.notEqual(seedWords.length, 0)
|
||||||
|
|
||||||
|
let result = await seedPhraseVerifier.verifyAccounts(lowerCaseAccounts, seedWords)
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should return error with good but different seed words', async function () {
|
||||||
|
|
||||||
|
let createdAccounts = await primaryKeyring.getAccounts()
|
||||||
|
assert.equal(createdAccounts.length, 1)
|
||||||
|
|
||||||
|
let serialized = await primaryKeyring.serialize()
|
||||||
|
let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium'
|
||||||
|
|
||||||
|
try {
|
||||||
|
let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords)
|
||||||
|
assert.fail("Should reject")
|
||||||
|
} catch (err) {
|
||||||
|
assert.ok(err.message.indexOf('Not identical accounts!') >= 0, 'Wrong error message')
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should return error with undefined existing accounts', async function () {
|
||||||
|
|
||||||
|
let createdAccounts = await primaryKeyring.getAccounts()
|
||||||
|
assert.equal(createdAccounts.length, 1)
|
||||||
|
|
||||||
|
let serialized = await primaryKeyring.serialize()
|
||||||
|
let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium'
|
||||||
|
|
||||||
|
try {
|
||||||
|
let result = await seedPhraseVerifier.verifyAccounts(undefined, seedWords)
|
||||||
|
assert.fail("Should reject")
|
||||||
|
} catch (err) {
|
||||||
|
assert.equal(err.message, 'No created accounts defined.')
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should return error with empty accounts array', async function () {
|
||||||
|
|
||||||
|
let createdAccounts = await primaryKeyring.getAccounts()
|
||||||
|
assert.equal(createdAccounts.length, 1)
|
||||||
|
|
||||||
|
let serialized = await primaryKeyring.serialize()
|
||||||
|
let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium'
|
||||||
|
|
||||||
|
try {
|
||||||
|
let result = await seedPhraseVerifier.verifyAccounts([], seedWords)
|
||||||
|
assert.fail("Should reject")
|
||||||
|
} catch (err) {
|
||||||
|
assert.equal(err.message, 'No created accounts defined.')
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should be able to verify more than one created account with seed words', async function () {
|
||||||
|
|
||||||
|
const keyState = await keyringController.addNewAccount(primaryKeyring)
|
||||||
|
const keyState2 = await keyringController.addNewAccount(primaryKeyring)
|
||||||
|
|
||||||
|
let createdAccounts = await primaryKeyring.getAccounts()
|
||||||
|
assert.equal(createdAccounts.length, 3)
|
||||||
|
|
||||||
|
let serialized = await primaryKeyring.serialize()
|
||||||
|
let seedWords = serialized.mnemonic
|
||||||
|
assert.notEqual(seedWords.length, 0)
|
||||||
|
|
||||||
|
let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords)
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
@ -296,6 +296,13 @@ function tryUnlockMetamask (password) {
|
|||||||
dispatch(actions.unlockSucceeded())
|
dispatch(actions.unlockSucceeded())
|
||||||
dispatch(actions.transitionForward())
|
dispatch(actions.transitionForward())
|
||||||
forceUpdateMetamaskState(dispatch)
|
forceUpdateMetamaskState(dispatch)
|
||||||
|
|
||||||
|
background.verifySeedPhrase((err) => {
|
||||||
|
if (err) {
|
||||||
|
dispatch(actions.displayWarning(err.message))
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user