Add CLI command for retrieving root private keys from mnemonics #1316
Comments
piotr-iohk
added this to the (ADP-81) Wallet: Command-line utils for key derivation milestone
|
@piotr-iohk @paweljakubas any thoughts on the following plan: Extract root xprvs (this ticket)using same flow as the existing reward-credentials, i.e cardano-wallet-jormungandr mnemonic extract-root-xprv --type shelley
cardano-wallet-jormungandr mnemonic extract-root-xprv --type byron
cardano-wallet-jormungandr mnemonic extract-root-xprv --type icarus
cardano-wallet-jormungandr mnemonic extract-root-xprv --type ledger
cardano-wallet-jormungandr mnemonic extract-root-xprv --type trezorExtract address keys (not this ticket technically)# Extracting the 100th address xprv for the mnemonic's default account
cardano-wallet-jormungandr mnemonic extract-address-xprv 100 --type byronPros:
Cons:
|
|
I think that the fact that it uses the same flow as the existing reward-credentials is very strong argument in favor. Prompting to enter mnemonics in stdin also seems right - I agree here. |
|
lgtm. Question about the part: Extract address keys (not this ticket technically) I mean like: I think that would be more useful? |
|
That is an interesting idea! I believe this should be fairly straight-forward to do with random addresses (e.g. byron). For sequential addresses we'd need to generate a range (say for indices [0, 1000]) of keys, and check if each corresponds to the address. Maybe that could even help this user brute-force search for his missing seed word. |
|
For the record: New requirements from Matthias in ADP-81 For this ticket this means taking the mnemonic words as arguments instead of via a secure Regarding "Extract address keys (not this ticket technically)", this will be more generic. From the provided examples: |
1343: Introduce SomeMnemonic as source of root keys (instead of entropy) r=Anviking a=Anviking # Issue Number #1316, preliminary work to unblock #1321 <!-- Put here a reference to the issue this PR relates to and which requirements it tackles --> # Overview - Add SomeMnemonic as return type of fromMnemonic - Make e.g. unsafeGenerateKeyFromSeed take a SomeMnemonic instead entropy. This is more similar to `Icarus.generateKeyFromHardwareLedger` - Add genMnemonic helper in a shared location # Comments <!-- Additional comments or screenshots to attach if any --> <!-- Don't forget to: ✓ Self-review your changes to make sure nothing unexpected slipped through ✓ Assign yourself to the PR ✓ Assign one or several reviewer(s) ✓ Once created, link this PR to its corresponding ticket ✓ Assign the PR to a corresponding milestone ✓ Acknowledge any changes required to the Wiki --> Co-authored-by: Johannes Lund <johannes.lund@iohk.io>
1343: Introduce SomeMnemonic as source of root keys (instead of entropy) r=Anviking a=Anviking # Issue Number #1316, preliminary work to unblock #1321 <!-- Put here a reference to the issue this PR relates to and which requirements it tackles --> # Overview - Add SomeMnemonic as return type of fromMnemonic - Make e.g. unsafeGenerateKeyFromSeed take a SomeMnemonic instead entropy. This is more similar to `Icarus.generateKeyFromHardwareLedger` - Add genMnemonic helper in a shared location # Comments <!-- Additional comments or screenshots to attach if any --> <!-- Don't forget to: ✓ Self-review your changes to make sure nothing unexpected slipped through ✓ Assign yourself to the PR ✓ Assign one or several reviewer(s) ✓ Once created, link this PR to its corresponding ticket ✓ Assign the PR to a corresponding milestone ✓ Acknowledge any changes required to the Wiki --> Co-authored-by: Johannes Lund <johannes.lund@iohk.io>
1343: Introduce SomeMnemonic as source of root keys (instead of entropy) r=Anviking a=Anviking # Issue Number #1316, preliminary work to unblock #1321 <!-- Put here a reference to the issue this PR relates to and which requirements it tackles --> # Overview - Add SomeMnemonic as return type of fromMnemonic - Make e.g. unsafeGenerateKeyFromSeed take a SomeMnemonic instead entropy. This is more similar to `Icarus.generateKeyFromHardwareLedger` - Add genMnemonic helper in a shared location # Comments <!-- Additional comments or screenshots to attach if any --> <!-- Don't forget to: ✓ Self-review your changes to make sure nothing unexpected slipped through ✓ Assign yourself to the PR ✓ Assign one or several reviewer(s) ✓ Once created, link this PR to its corresponding ticket ✓ Assign the PR to a corresponding milestone ✓ Acknowledge any changes required to the Wiki --> Co-authored-by: Johannes Lund <johannes.lund@iohk.io>
1369: Add unXPrvStripPub (& inverse) that matches jcli r=Anviking a=Anviking # Issue Number #1316 # Overview - [x] Added ```haskell unXPrvStripPub :: XPrv -> Either ErrUnXPrvStripPub ByteString xPrvFromStrippedPubXPrv :: ByteString -> Either ErrXPrvFromStrippedPubXPrv XPrv ``` To convert `XPrv` (`prv <> pub <> cc`) to a 96-byte bytestring of the form `prv <> cc`, and back. Unusually, _both_ functions may fail. `unXPrvStripPub` fails if the resulting byte string cannot be converted back to the _same_ `XPrv` using `xPrvFromStrippedPubXPrv` (i.e. roundtrip) - [x] Roundtrip properties. - `either roundtrips or fails (if xprv is encrypted)` - `(xPrvFromStrippedPubXPrv bs) fails if (BS.length bs) /= 96` - [x] Integration test verifying that this format works with jcli # Comments - We need to convert between 96-byte long hex-encoded bytestrings and XPrvs when implementing the `key root` and `key child` CLI commands. Example showing that we cannot `unXPrvStripPub` encrypted XPrvs: ```haskell λ> bytes = "(\134\242|I\141L\EM\NUL\128\173\252q\191\172\167>f \218\222\167.\136\DC4\216\191\253r8cD8&I\STX;\185&\177\172E\241\185\241\157\226\r\163+\EM\GS\232-\188\250[E^N\129J\158\STX\242s\215\149\142\217;\168P\DLE\159jHO\149'\ENQ\ETX!\129\CAN\140\176\221\DEL'*\DC4=<B\226\134\188!\241\DLEzt\222\199\247U\143\ETB\128,\226Q\"\230\234\"\191\177\250\230\167\n\214X\244z\\" :: BS.ByteString λ> unXPrvStripPub k Right "(\134\242|I\141L\EM\NUL\128\173\252q\191\172\167>f \218\222\167.\136\DC4\216\191\253r8cD8&I\STX;\185&\177\172E\241\185\241\157\226\r\163+\EM\GS\232-\188\250[E^N\129J\158\STX\134\188!\241\DLEzt\222\199\247U\143\ETB\128,\226Q\"\230\234\"\191\177\250\230\167\n\214X\244z\\" λ> unXPrvStripPub $ CC.xPrvChangePass (""::BS.ByteString) ("newpass"::BS.ByteString) k Left ErrNoRoundtripMismatch ``` <!-- Don't forget to: ✓ Self-review your changes to make sure nothing unexpected slipped through ✓ Assign yourself to the PR ✓ Assign one or several reviewer(s) ✓ Once created, link this PR to its corresponding ticket ✓ Assign the PR to a corresponding milestone ✓ Acknowledge any changes required to the Wiki --> Co-authored-by: Johannes Lund <johannes.lund@iohk.io>
1315: Add shutdown handler for new launcher r=KtorZ a=rvl Relates to #1314. # Overview This adds a simpler way of ensuring clean shutdown of the wallet on windows (and linux), which doesn't require DaedalusIPC. The mechanism will be used by cardano-launcher. - Adds the shutdown handler thread. - Needed to rearrange startup functions around a little bit. - Unit tests and an integration test. # Comments [Hydra jobset](https://hydra.iohk.io/jobset/Cardano/cardano-wallet-pr-1315) 1321: Add CLI command for extracting root xprvs r=Anviking a=Anviking # Issue Number #1316 # Overview <!-- Detail in a few bullet points the work accomplished in this PR --> - [x] I have added `cardano-wallet-jormungandr key root --type random <mnemonic words>` - [x] I added unit tests for help-text and actual usage. - [x] I added a *pending* test making sure keys are compatible with jcli (which would fail) # Comments ```bash $ cardano-wallet-jormungandr key --help Usage: cardano-wallet-jormungandr key COMMAND Derive keys from mnemonics. Available options: -h,--help Show this help text Available commands: root Extract root xprv as hex (64 bytes private key + 32 bytes chain code) $ cardano-wallet-jormungandr key root --help Usage: cardano-wallet-jormungandr key root --type KEYTYPE MNEMONIC_WORDS... Extract root xprv as hex (64 bytes private key + 32 bytes chain code) Available options: -h,--help Show this help text --type KEYTYPE Any of the following: random (Daedalus, 12 words) icarus (15 words) trezor (12, 15, 18, 21, or 24 words) ledger (12, 15, 18, 21, or 24 words) $ cardano-wallet-jormungandr key root --type random flock advance execute country leader exotic mix twenty six margin orient meat 68a0f29e6bd5d8af7ffd00a55006afa8af6fbdbded07984ddf7fb1c31c66f7460685e5d1016553fccc9724f5ee95dd8d66facd2ac1bb2f6fcd7fa5e53c97a57f50c592fcd18b67bf3393a16184d009fb25450b2de8079f870222874e804584a8 ``` <!-- Additional comments or screenshots to attach if any --> <!-- Don't forget to: ✓ Self-review your changes to make sure nothing unexpected slipped through ✓ Assign yourself to the PR ✓ Assign one or several reviewer(s) ✓ Once created, link this PR to its corresponding ticket ✓ Assign the PR to a corresponding milestone ✓ Acknowledge any changes required to the Wiki --> Co-authored-by: Rodney Lorrimar <rodney.lorrimar@iohk.io> Co-authored-by: KtorZ <matthias.benkort@gmail.com> Co-authored-by: Johannes Lund <johannes.lund@iohk.io>
1321: Add CLI command for extracting root xprvs r=Anviking a=Anviking # Issue Number #1316 # Overview <!-- Detail in a few bullet points the work accomplished in this PR --> - [x] I have added `cardano-wallet-jormungandr key root --type random <mnemonic words>` - [x] I added unit tests for help-text and actual usage. - [x] I added a *pending* test making sure keys are compatible with jcli (which would fail) # Comments ```bash $ cardano-wallet-jormungandr key --help Usage: cardano-wallet-jormungandr key COMMAND Derive keys from mnemonics. Available options: -h,--help Show this help text Available commands: root Extract root xprv as hex (64 bytes private key + 32 bytes chain code) $ cardano-wallet-jormungandr key root --help Usage: cardano-wallet-jormungandr key root --type KEYTYPE MNEMONIC_WORDS... Extract root xprv as hex (64 bytes private key + 32 bytes chain code) Available options: -h,--help Show this help text --type KEYTYPE Any of the following: random (Daedalus, 12 words) icarus (15 words) trezor (12, 15, 18, 21, or 24 words) ledger (12, 15, 18, 21, or 24 words) $ cardano-wallet-jormungandr key root --type random flock advance execute country leader exotic mix twenty six margin orient meat 68a0f29e6bd5d8af7ffd00a55006afa8af6fbdbded07984ddf7fb1c31c66f7460685e5d1016553fccc9724f5ee95dd8d66facd2ac1bb2f6fcd7fa5e53c97a57f50c592fcd18b67bf3393a16184d009fb25450b2de8079f870222874e804584a8 ``` <!-- Additional comments or screenshots to attach if any --> <!-- Don't forget to: ✓ Self-review your changes to make sure nothing unexpected slipped through ✓ Assign yourself to the PR ✓ Assign one or several reviewer(s) ✓ Once created, link this PR to its corresponding ticket ✓ Assign the PR to a corresponding milestone ✓ Acknowledge any changes required to the Wiki --> Co-authored-by: Johannes Lund <johannes.lund@iohk.io>
Don't you think that's a bit of a security concern? Also it is not consistent with how we handle mnemonics in CLI in other places, e.g.:
|
Ah. I guess that is not intentional👍
Tbh, yes. I was worried when I tested with a real old Byron mnemonic, and upgraded my shell to have a I think being able to provide the mnemonic as stdin or argument should still be possible. But an interactive "secure option" might be nice. Perhaps marketed as default. I would also like to support piping between wallet key commands such that I can more conveniently perform: cardano-wallet key root | cardano-wallet key child --path "44'/1815'/0'/0" | cardano-wallet key publicwithout ever having an intermediary private key or mnemonic in the history. Perhaps we (I) could create a follow-up U/S for this? |
|
I should note: I don't really feel confident about what security concerns there are, or how intricate shell details might interplay. I mostly just know that the interactive prompt way of reading mnemonics avoids putting them in the shell history, and I'm extrapolating from there. |
|
Re: #1316 (comment)
I think that if we think that having mnemonic in arg is a security concern we shouldn't support it. (the only advantage is that such CLI is easier to automate I think, but I don't suppose that is a big advantage over security). Also, I think that we should be consistent in the way we treat mnemonics in CLI, and I think that having it in the form of "interactive CLI" in other CLI commands was the result of previous discussions over security. 🤷♂️
I'm going from the same place :).
Indeed, that sounds like a separate story. -- I think that these are not integration tests actually, because they do not excercise the system e2e enforcing "integration" of all components in order to get the result (unless I'm missing something). Having said that, I think there are actually no integration tests for this requirement. Perhaps at least a few scenarios could be handy. (similar as here -> https://github.com/input-output-hk/cardano-wallet/tree/master/lib/core-integration/src/Test/Integration/Scenario/CLI). What do you think? :) |
1409: Enable `key` cli commands for cardano-wallet-byron executable r=Anviking a=Anviking # Issue Number #1316 # Overview <!-- Detail in a few bullet points the work accomplished in this PR --> - [x] enable `key` cli commands for cardano-wallet-byron # Comments <!-- Additional comments or screenshots to attach if any --> <!-- Don't forget to: ✓ Self-review your changes to make sure nothing unexpected slipped through ✓ Assign yourself to the PR ✓ Assign one or several reviewer(s) ✓ Once created, link this PR to its corresponding ticket ✓ Assign the PR to a corresponding milestone ✓ Acknowledge any changes required to the Wiki --> Co-authored-by: Johannes Lund <johannes.lund@iohk.io>
They do launch
Are these not enough as integration tests? (They don't actually call a wallet executable, but they result in the full cli handlers being invoked. But I think that is just fine.) |
Ok, in my opinion the fact that they use
Allright, I'll base on your assessment. |
|
ok, lgtm. |
Context
ADP-81
It is currently possible to retrieve the reward account private key of a (shelley) mnemonic.
We want to make it possible to expose the root private key (and later address keys) given a mnemonic. And not just for shelley.
Decision
As a meaningful first step in the story, add command(s) for retrieving the root private key.
Acceptance Criteria
Development
XPrvto be converted to and from a 96-byte long representation suitable for usage in CLI, and that matches jcli Add unXPrvStripPub (& inverse) that matches jcli #1369key rootcommand Add CLI command for extracting root xprvs #1321QA
icarus,trezor, andledgerstyles.byronsupport was dropped (https://jira.iohk.io/browse/ADP-81?focusedCommentId=13669&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13669)unXPrvStripPub-output is compatible withjclihttps://github.com/input-output-hk/cardano-wallet/blob/c392526ffdf063290580bc2d108d5ffdfc29bd74/lib/jormungandr/test/integration/Test/Integration/Jormungandr/Scenario/CLI/Keys.hs#L61-L67key childcommand where Byron-derivation (now dropped) would produce non-roundtripping children for roundtripping parents.)scheme == mapKey (fromHex . toHex) schemehttps://github.com/input-output-hk/cardano-wallet/blob/c392526ffdf063290580bc2d108d5ffdfc29bd74/lib/cli/test/unit/Cardano/CLISpec.hs#L603-L606The text was updated successfully, but these errors were encountered: