walletunlocker: check account in remote unlock

lnd.go

@@ -371,7 +371,7 @@ func Main(cfg *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) error {
 	if !cfg.NoSeedBackup || isRemoteWallet {
 		params, err := waitForWalletPassword(
 			cfg, cfg.RESTListeners, serverOpts, restDialOpts,
-			restProxyDest, tlsCfg, walletUnlockerListeners,
+			restProxyDest, tlsCfg, walletUnlockerListeners, remoteChanDB,
 		)
 		if err != nil {
 			err := fmt.Errorf("unable to set up wallet password "+
@@ -938,7 +938,7 @@ type WalletUnlockParams struct {
 func waitForWalletPassword(cfg *Config, restEndpoints []net.Addr,
 	serverOpts []grpc.ServerOption, restDialOpts []grpc.DialOption,
 	restProxyDest string, tlsConf *tls.Config,
-	getListeners rpcListeners) (*WalletUnlockParams, error) {
+	getListeners rpcListeners, chanDB *channeldb.DB) (*WalletUnlockParams, error) {
 
 	// Start a gRPC server listening for HTTP/2 connections, solely used
 	// for getting the encryption password from the client.
@@ -963,7 +963,7 @@ func waitForWalletPassword(cfg *Config, restEndpoints []net.Addr,
 	}
 	pwService := walletunlocker.New(
 		cfg.ChainDir, activeNetParams.Params, !cfg.SyncFreelist,
-		macaroonFiles, cfg.Dcrwallet.GRPCHost, cfg.Dcrwallet.CertPath,
+		macaroonFiles, chanDB, cfg.Dcrwallet.GRPCHost, cfg.Dcrwallet.CertPath,
 		cfg.Dcrwallet.ClientKeyPath, cfg.Dcrwallet.ClientCertPath,
 		cfg.Dcrwallet.AccountNumber,
 	)

walletunlocker/service.go

@@ -12,8 +12,10 @@ import (
 	"time"
 
 	"github.com/decred/dcrd/chaincfg/v3"
+	"github.com/decred/dcrd/hdkeychain/v3"
 	"github.com/decred/dcrlnd/aezeed"
 	"github.com/decred/dcrlnd/chanbackup"
+	"github.com/decred/dcrlnd/channeldb"
 	"github.com/decred/dcrlnd/keychain"
 	"github.com/decred/dcrlnd/lnrpc"
 	"github.com/decred/dcrlnd/lnwallet"
@@ -113,6 +115,7 @@ type UnlockerService struct {
 	chainDir       string
 	noFreelistSync bool
 	netParams      *chaincfg.Params
+	db             *channeldb.DB
 	macaroonFiles  []string
 
 	dcrwHost       string
@@ -124,7 +127,7 @@ type UnlockerService struct {
 
 // New creates and returns a new UnlockerService.
 func New(chainDir string, params *chaincfg.Params, noFreelistSync bool,
-	macaroonFiles []string, dcrwHost, dcrwCert, dcrwClientKey,
+	macaroonFiles []string, db *channeldb.DB, dcrwHost, dcrwCert, dcrwClientKey,
 	dcrwClientCert string, dcrwAccount int32) *UnlockerService {
 
 	return &UnlockerService{
@@ -133,6 +136,7 @@ func New(chainDir string, params *chaincfg.Params, noFreelistSync bool,
 		chainDir:       chainDir,
 		noFreelistSync: noFreelistSync,
 		netParams:      params,
+		db:             db,
 		macaroonFiles:  macaroonFiles,
 		dcrwHost:       dcrwHost,
 		dcrwCert:       dcrwCert,
@@ -405,11 +409,36 @@ func (u *UnlockerService) unlockRemoteWallet(ctx context.Context,
 		AccountNumber: uint32(u.dcrwAccount),
 		Passphrase:    in.WalletPassword,
 	}
-	_, err = wallet.GetAccountExtendedPrivKey(ctx, getAcctReq)
+	getAcctResp, err := wallet.GetAccountExtendedPrivKey(ctx, getAcctReq)
 	if err != nil {
 		return nil, fmt.Errorf("unable to get xpriv: %v", err)
 	}
 
+	// Ensure we don't attempt to use a keyring derived from a different
+	// account than previously used by comparing the first external public
+	// key with the one stored in the database.
+	acctXPriv, err := hdkeychain.NewKeyFromString(
+		getAcctResp.AccExtendedPrivKey, u.netParams,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("unable to create account xpriv: %v", err)
+	}
+
+	branchExtXPriv, err := acctXPriv.Child(0)
+	if err != nil {
+		return nil, fmt.Errorf("unable to derive the external branch xpriv: %v", err)
+	}
+
+	firstKey, err := branchExtXPriv.Child(0)
+	if err != nil {
+		return nil, fmt.Errorf("unable to derive first external key: %v", err)
+	}
+	firstPubKeyBytes := firstKey.SerializedPubKey()
+	if err = u.db.CompareAndStoreAccountID(firstPubKeyBytes); err != nil {
+		return nil, fmt.Errorf("account number %d failed to generate "+
+			"previously stored account ID: %v", u.dcrwAccount, err)
+	}
+
 	// We successfully opened the wallet and pass the instance back to
 	// avoid it needing to be unlocked again.
 	walletUnlockMsg := &WalletUnlockMsg{

walletunlocker/service_test.go

@@ -12,6 +12,7 @@ import (
 	"decred.org/dcrwallet/wallet"
 	"github.com/decred/dcrd/chaincfg/v3"
 	"github.com/decred/dcrlnd/aezeed"
+	"github.com/decred/dcrlnd/channeldb"
 	"github.com/decred/dcrlnd/keychain"
 	"github.com/decred/dcrlnd/lnrpc"
 	"github.com/decred/dcrlnd/lnwallet/dcrwallet"
@@ -64,8 +65,8 @@ func TestGenSeed(t *testing.T) {
 	}
 	defer os.RemoveAll(testDir)
 
-	service := walletunlocker.New(testDir, testNetParams, true, nil, "", "",
-		"", "", 0)
+	service := walletunlocker.New(
+		testDir, testNetParams, true, nil, &channeldb.DB{}, "", "", "", "", 0)
 
 	// Now that the service has been created, we'll ask it to generate a
 	// new seed for us given a test passphrase.
@@ -106,8 +107,8 @@ func TestGenSeedGenerateEntropy(t *testing.T) {
 	defer func() {
 		os.RemoveAll(testDir)
 	}()
-	service := walletunlocker.New(testDir, testNetParams, true, nil, "",
-		"", "", "", 0)
+	service := walletunlocker.New(
+		testDir, testNetParams, true, nil, &channeldb.DB{}, "", "", "", "", 0)
 
 	// Now that the service has been created, we'll ask it to generate a
 	// new seed for us given a test passphrase. Note that we don't actually
@@ -147,8 +148,8 @@ func TestGenSeedInvalidEntropy(t *testing.T) {
 	defer func() {
 		os.RemoveAll(testDir)
 	}()
-	service := walletunlocker.New(testDir, testNetParams, true, nil, "", "",
-		"", "", 0)
+	service := walletunlocker.New(testDir, testNetParams, true, nil,
+		&channeldb.DB{}, "", "", "", "", 0)
 
 	// Now that the service has been created, we'll ask it to generate a
 	// new seed for us given a test passphrase. However, we'll be using an
@@ -186,8 +187,8 @@ func TestInitWallet(t *testing.T) {
 	}()
 
 	// Create new UnlockerService.
-	service := walletunlocker.New(testDir, testNetParams, true, nil, "", "",
-		"", "", 0)
+	service := walletunlocker.New(testDir, testNetParams, true, nil,
+		&channeldb.DB{}, "", "", "", "", 0)
 
 	// Once we have the unlocker service created, we'll now instantiate a
 	// new cipher seed instance.
@@ -288,8 +289,8 @@ func TestCreateWalletInvalidEntropy(t *testing.T) {
 	}()
 
 	// Create new UnlockerService.
-	service := walletunlocker.New(testDir, testNetParams, true, nil, "", "",
-		"", "", 0)
+	service := walletunlocker.New(testDir, testNetParams, true, nil,
+		&channeldb.DB{}, "", "", "", "", 0)
 
 	// We'll attempt to init the wallet with an invalid cipher seed and
 	// passphrase.
@@ -322,8 +323,8 @@ func TestUnlockWallet(t *testing.T) {
 	}()
 
 	// Create new UnlockerService.
-	service := walletunlocker.New(testDir, testNetParams, true, nil, "", "",
-		"", "", 0)
+	service := walletunlocker.New(testDir, testNetParams, true, nil,
+		&channeldb.DB{}, "", "", "", "", 0)
 
 	ctx := context.Background()
 	req := &lnrpc.UnlockWalletRequest{
@@ -398,7 +399,7 @@ func TestChangeWalletPassword(t *testing.T) {
 
 	// Create a new UnlockerService with our temp files.
 	service := walletunlocker.New(testDir, testNetParams, true, tempFiles,
-		"", "", "", "", 0)
+		&channeldb.DB{}, "", "", "", "", 0)
 
 	ctx := context.Background()
 	newPassword := []byte("hunter2???")