fix(wallet): do not decrypt private key on InMemoryKeyAgent restoration

input-output-hk · Jan 18, 2022 · 1316d4b · 1316d4b
1 parent 022f284
commit 1316d4b
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 24 deletions.
diff --git a/packages/wallet/src/KeyManagement/restoreKeyAgent.ts b/packages/wallet/src/KeyManagement/restoreKeyAgent.ts
@@ -38,14 +38,12 @@ export async function restoreKeyAgent<T extends SerializableKeyAgentData>(
       if (!getPassword) {
         throw new InvalidSerializableDataError('Expected "getPassword" in RestoreKeyAgentProps for InMemoryKeyAgent"');
       }
-      const keyAgent = new InMemoryKeyAgent({
+      return new InMemoryKeyAgent({
         accountIndex: data.accountIndex,
         encryptedRootPrivateKey: new Uint8Array(data.encryptedRootPrivateKeyBytes),
         getPassword,
         networkId: data.networkId
       });
-      await keyAgent.getExtendedAccountPublicKey(); // attempt to decrypt the key
-      return keyAgent;
     }
     default:
       throw new InvalidSerializableDataError(

diff --git a/packages/wallet/test/KeyManagement/restoreKeyAgent.test.ts b/packages/wallet/test/KeyManagement/restoreKeyAgent.test.ts
@@ -1,4 +1,4 @@
-import { AuthenticationError, InvalidSerializableDataError } from '../../src/KeyManagement/errors';
+import { InvalidSerializableDataError } from '../../src/KeyManagement/errors';
 import { KeyManagement } from '../../src';
 
 describe('KeyManagement/restoreKeyAgent', () => {
@@ -24,33 +24,17 @@ describe('KeyManagement/restoreKeyAgent', () => {
       await expect(KeyManagement.restoreKeyAgent(inMemoryKeyAgentData, getPassword)).resolves.not.toThrow();
     });
 
-    it('throws when attempting to restore key manager from invalid data', async () => {
-      await expect(() =>
-        KeyManagement.restoreKeyAgent(
-          {
-            ...inMemoryKeyAgentData,
-            encryptedRootPrivateKeyBytes: [...inMemoryKeyAgentData.encryptedRootPrivateKeyBytes, 0]
-          },
-          getPassword
-        )
-      ).rejects.toThrowError(
-        // Review: testing errors like is probably too specific and brittle.
-        // I think the sweet spot would be asserting 'error instanceof InvalidSerializableDataError'
-        // however I didn't find a way to do that in jest, might need to create a custom matcher for that.
-        new InvalidSerializableDataError('Expected encrypted root private key in "agentData" for InMemoryKeyAgent"')
-      );
-    });
-
     it('throws when attempting to restore key manager from valid data and no password', async () => {
       await expect(() => KeyManagement.restoreKeyAgent(inMemoryKeyAgentData)).rejects.toThrowError(
         new InvalidSerializableDataError('Expected "getPassword" in RestoreKeyAgentProps for InMemoryKeyAgent"')
       );
     });
 
-    it('throws when attempting to restore key manager from valid data and invalid password', async () => {
-      await expect(() =>
+    it('does not attempt to decrypt private key on restoration', async () => {
+      // invalid password, would throw if it attempts to decrypt
+      await expect(
         KeyManagement.restoreKeyAgent(inMemoryKeyAgentData, async () => Buffer.from('123'))
-      ).rejects.toThrowError(new AuthenticationError('Failed to decrypt root private key'));
+      ).resolves.not.toThrow();
     });
 
     it('throws when attempting to restore key manager of unsupported __typename', async () => {