1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-22 17:33:23 +01:00

Merge pull request #3409 from scsaba/seed-phrase-verification

Add seed phrase verification script into background process
This commit is contained in:
Dan Finlay 2018-03-07 16:47:13 -08:00 committed by GitHub
commit f4e5dd37b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 232 additions and 9 deletions

View File

@ -0,0 +1,48 @@
const KeyringController = require('eth-keyring-controller')
const seedPhraseVerifier = {
// Verifies if the seed words can restore the accounts.
//
// The seed words can recreate the primary keyring and the accounts belonging to it.
// The created accounts in the primary keyring are always the same.
// The keyring always creates the accounts in the same sequence.
verifyAccounts (createdAccounts, seedWords) {
return new Promise((resolve, reject) => {
if (!createdAccounts || createdAccounts.length < 1) {
return reject(new Error('No created accounts defined.'))
}
const keyringController = new KeyringController({})
const Keyring = keyringController.getKeyringClassForType('HD Key Tree')
const opts = {
mnemonic: seedWords,
numberOfAccounts: createdAccounts.length,
}
const keyring = new Keyring(opts)
keyring.getAccounts()
.then((restoredAccounts) => {
log.debug('Created accounts: ' + JSON.stringify(createdAccounts))
log.debug('Restored accounts: ' + JSON.stringify(restoredAccounts))
if (restoredAccounts.length !== createdAccounts.length) {
// this should not happen...
return reject(new Error('Wrong number of accounts'))
}
for (let i = 0; i < restoredAccounts.length; i++) {
if (restoredAccounts[i].toLowerCase() !== createdAccounts[i].toLowerCase()) {
return reject(new Error('Not identical accounts! Original: ' + createdAccounts[i] + ', Restored: ' + restoredAccounts[i]))
}
}
return resolve()
})
})
},
}
module.exports = seedPhraseVerifier

View File

@ -37,6 +37,7 @@ const version = require('../manifest.json').version
const BN = require('ethereumjs-util').BN
const GWEI_BN = new BN('1000000000')
const percentile = require('percentile')
const seedPhraseVerifier = require('./lib/seed-phrase-verifier')
module.exports = class MetamaskController extends EventEmitter {
@ -344,6 +345,7 @@ module.exports = class MetamaskController extends EventEmitter {
// primary HD keyring management
addNewAccount: nodeify(this.addNewAccount, this),
placeSeedWords: this.placeSeedWords.bind(this),
verifySeedPhrase: nodeify(this.verifySeedPhrase, this),
clearSeedWordCache: this.clearSeedWordCache.bind(this),
resetAccount: this.resetAccount.bind(this),
importAccountWithStrategy: this.importAccountWithStrategy.bind(this),
@ -565,14 +567,18 @@ module.exports = class MetamaskController extends EventEmitter {
// Opinionated Keyring Management
//
async addNewAccount (cb) {
async addNewAccount () {
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found'))
if (!primaryKeyring) {
throw new Error('MetamaskController - No HD Key Tree found')
}
const keyringController = this.keyringController
const oldAccounts = await keyringController.getAccounts()
const keyState = await keyringController.addNewAccount(primaryKeyring)
const newAccounts = await keyringController.getAccounts()
await this.verifySeedPhrase()
newAccounts.forEach((address) => {
if (!oldAccounts.includes(address)) {
this.preferencesController.setSelectedAddress(address)
@ -587,14 +593,43 @@ module.exports = class MetamaskController extends EventEmitter {
// Used when creating a first vault, to allow confirmation.
// Also used when revealing the seed words in the confirmation view.
placeSeedWords (cb) {
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found'))
primaryKeyring.serialize()
.then((serialized) => {
const seedWords = serialized.mnemonic
this.verifySeedPhrase()
.then((seedWords) => {
this.configManager.setSeedWords(seedWords)
cb(null, seedWords)
return cb(null, seedWords)
})
.catch((err) => {
return cb(err)
})
}
// Verifies the current vault's seed words if they can restore the
// accounts belonging to the current vault.
//
// Called when the first account is created and on unlocking the vault.
async verifySeedPhrase () {
const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0]
if (!primaryKeyring) {
throw new Error('MetamaskController - No HD Key Tree found')
}
const serialized = await primaryKeyring.serialize()
const seedWords = serialized.mnemonic
const accounts = await primaryKeyring.getAccounts()
if (accounts.length < 1) {
throw new Error('MetamaskController - No accounts found')
}
try {
await seedPhraseVerifier.verifyAccounts(accounts, seedWords)
return seedWords
} catch (err) {
log.error(err.message)
throw err
}
}
// ClearSeedWordCache

View File

@ -0,0 +1,133 @@
const assert = require('assert')
const clone = require('clone')
const KeyringController = require('eth-keyring-controller')
const firstTimeState = require('../../app/scripts/first-time-state')
const seedPhraseVerifier = require('../../app/scripts/lib/seed-phrase-verifier')
const mockEncryptor = require('../lib/mock-encryptor')
describe('SeedPhraseVerifier', function () {
describe('verifyAccounts', function () {
let password = 'passw0rd1'
let hdKeyTree = 'HD Key Tree'
let keyringController
let vault
let primaryKeyring
beforeEach(async function () {
keyringController = new KeyringController({
initState: clone(firstTimeState),
encryptor: mockEncryptor,
})
assert(keyringController)
vault = await keyringController.createNewVaultAndKeychain(password)
primaryKeyring = keyringController.getKeyringsByType(hdKeyTree)[0]
})
it('should be able to verify created account with seed words', async function () {
let createdAccounts = await primaryKeyring.getAccounts()
assert.equal(createdAccounts.length, 1)
let serialized = await primaryKeyring.serialize()
let seedWords = serialized.mnemonic
assert.notEqual(seedWords.length, 0)
let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords)
})
it('should be able to verify created account (upper case) with seed words', async function () {
let createdAccounts = await primaryKeyring.getAccounts()
assert.equal(createdAccounts.length, 1)
let upperCaseAccounts = [createdAccounts[0].toUpperCase()]
let serialized = await primaryKeyring.serialize()
let seedWords = serialized.mnemonic
assert.notEqual(seedWords.length, 0)
let result = await seedPhraseVerifier.verifyAccounts(upperCaseAccounts, seedWords)
})
it('should be able to verify created account (lower case) with seed words', async function () {
let createdAccounts = await primaryKeyring.getAccounts()
assert.equal(createdAccounts.length, 1)
let lowerCaseAccounts = [createdAccounts[0].toLowerCase()]
let serialized = await primaryKeyring.serialize()
let seedWords = serialized.mnemonic
assert.notEqual(seedWords.length, 0)
let result = await seedPhraseVerifier.verifyAccounts(lowerCaseAccounts, seedWords)
})
it('should return error with good but different seed words', async function () {
let createdAccounts = await primaryKeyring.getAccounts()
assert.equal(createdAccounts.length, 1)
let serialized = await primaryKeyring.serialize()
let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium'
try {
let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords)
assert.fail("Should reject")
} catch (err) {
assert.ok(err.message.indexOf('Not identical accounts!') >= 0, 'Wrong error message')
}
})
it('should return error with undefined existing accounts', async function () {
let createdAccounts = await primaryKeyring.getAccounts()
assert.equal(createdAccounts.length, 1)
let serialized = await primaryKeyring.serialize()
let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium'
try {
let result = await seedPhraseVerifier.verifyAccounts(undefined, seedWords)
assert.fail("Should reject")
} catch (err) {
assert.equal(err.message, 'No created accounts defined.')
}
})
it('should return error with empty accounts array', async function () {
let createdAccounts = await primaryKeyring.getAccounts()
assert.equal(createdAccounts.length, 1)
let serialized = await primaryKeyring.serialize()
let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium'
try {
let result = await seedPhraseVerifier.verifyAccounts([], seedWords)
assert.fail("Should reject")
} catch (err) {
assert.equal(err.message, 'No created accounts defined.')
}
})
it('should be able to verify more than one created account with seed words', async function () {
const keyState = await keyringController.addNewAccount(primaryKeyring)
const keyState2 = await keyringController.addNewAccount(primaryKeyring)
let createdAccounts = await primaryKeyring.getAccounts()
assert.equal(createdAccounts.length, 3)
let serialized = await primaryKeyring.serialize()
let seedWords = serialized.mnemonic
assert.notEqual(seedWords.length, 0)
let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords)
})
})
})

View File

@ -296,6 +296,13 @@ function tryUnlockMetamask (password) {
dispatch(actions.unlockSucceeded())
dispatch(actions.transitionForward())
forceUpdateMetamaskState(dispatch)
background.verifySeedPhrase((err) => {
if (err) {
dispatch(actions.displayWarning(err.message))
}
})
}
})
}