New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot unlock account via Web3 #405

Closed
ju5tify opened this Issue Oct 22, 2017 · 13 comments

Comments

Projects
None yet
7 participants
@ju5tify

ju5tify commented Oct 22, 2017

Hi!
I'm starting testrpc with one locked account testrpc -n -a 1

Later I try to unlock this account using JSONRpc API in conjunction with Web3.
My payload looks something like
{ jsonrpc: '2.0', id: 1, method: 'personal_unlockAccount', params: [ '0x8xxxxxxxxxxx', 'xxxxxxxxxxxxxxx', 100 ] }

As a result I recieve
{ id: 1, jsonrpc: '2.0', error: { message: 'Account not found', code: -32000 } }

But I am pretty sure this account exists.

@benjamincburns benjamincburns added the bug label Nov 16, 2017

@benjamincburns

This comment has been minimized.

Show comment
Hide comment
@benjamincburns

benjamincburns Nov 16, 2017

Collaborator

@ju5tify thanks for reporting this problem! I managed to reproduce it easily. I'll add it to the backlog.

Collaborator

benjamincburns commented Nov 16, 2017

@ju5tify thanks for reporting this problem! I managed to reproduce it easily. I'll add it to the backlog.

@marcelomorgado

This comment has been minimized.

Show comment
Hide comment
@marcelomorgado

marcelomorgado Nov 16, 2017

I've got the same error using geth console:

> web3.eth.coinbase
"0xd8341e95a9ed5ef366426e472fbd5e7d74f1ecf2"
> personal.unlockAccount(web3.eth.coinbase, '');
Error: Account not found
> personal.sendTransaction({from: web3.eth.coinbase, to: web3.eth.accounts[1], value: web3.toWei(1, 'ether') }, '')
Error: Account not found
    at web3.js:3104:20
    at web3.js:6191:15
    at web3.js:5004:36
    at <anonymous>:1:1

marcelomorgado commented Nov 16, 2017

I've got the same error using geth console:

> web3.eth.coinbase
"0xd8341e95a9ed5ef366426e472fbd5e7d74f1ecf2"
> personal.unlockAccount(web3.eth.coinbase, '');
Error: Account not found
> personal.sendTransaction({from: web3.eth.coinbase, to: web3.eth.accounts[1], value: web3.toWei(1, 'ether') }, '')
Error: Account not found
    at web3.js:3104:20
    at web3.js:6191:15
    at web3.js:5004:36
    at <anonymous>:1:1

@Jacke

This comment has been minimized.

Show comment
Hide comment
@Jacke

Jacke Nov 26, 2017

I've got the same bug 👍

Jacke commented Nov 26, 2017

I've got the same bug 👍

@Freydal

This comment has been minimized.

Show comment
Hide comment
@Freydal

Freydal Dec 7, 2017

I have run into the same issue. I was also curious if the password can be anything for a successful response? I also assumed the 10 default accounts can be param for the unlock. I haven't seen any documentation on the method.

Freydal commented Dec 7, 2017

I have run into the same issue. I was also curious if the password can be anything for a successful response? I also assumed the 10 default accounts can be param for the unlock. I haven't seen any documentation on the method.

@Freydal

This comment has been minimized.

Show comment
Hide comment
@Freydal

Freydal Dec 9, 2017

I finally found some time to dig in to find the issue. I found that personal_unlockAccount looks to the state for personal_accounts and account_passwords. Both of these are set to an empty object. The test case will need to generate a new account with personal_newAccount providing the desired password, then use the address in the response as the address to unlock. Test setup may also need to pass that account some ether.

In the future adding the options into the cli and pave the way for that to be initialized from options in state manager.

Freydal commented Dec 9, 2017

I finally found some time to dig in to find the issue. I found that personal_unlockAccount looks to the state for personal_accounts and account_passwords. Both of these are set to an empty object. The test case will need to generate a new account with personal_newAccount providing the desired password, then use the address in the response as the address to unlock. Test setup may also need to pass that account some ether.

In the future adding the options into the cli and pave the way for that to be initialized from options in state manager.

@Jacke

This comment has been minimized.

Show comment
Hide comment
@Jacke

Jacke Dec 9, 2017

So can we solve this issue by passing cli option? Who wants to make a pull request for this feature?

Jacke commented Dec 9, 2017

So can we solve this issue by passing cli option? Who wants to make a pull request for this feature?

@Freydal

This comment has been minimized.

Show comment
Hide comment
@Freydal

Freydal Dec 9, 2017

I think that is a good set of options to provide, but I think handling that in this project will require change is made in ganache-core first. Initialization of personal_accounts and account_passwords when an option is present needs to be added within the statemanager.

The biggest obstacle will be determining what to pass in to generate or how to handle the key pair. Perhaps passing a json file of a testnet address you have already generated with geth? Perhaps just pass passwords and then provide the user with newly created matching accounts?

Also, don't forget to assign some ether after creation.

Freydal commented Dec 9, 2017

I think that is a good set of options to provide, but I think handling that in this project will require change is made in ganache-core first. Initialization of personal_accounts and account_passwords when an option is present needs to be added within the statemanager.

The biggest obstacle will be determining what to pass in to generate or how to handle the key pair. Perhaps passing a json file of a testnet address you have already generated with geth? Perhaps just pass passwords and then provide the user with newly created matching accounts?

Also, don't forget to assign some ether after creation.

@petarjs

This comment has been minimized.

Show comment
Hide comment
@petarjs

petarjs Jan 1, 2018

Is there a workaround around this issue? I'm trying to create a new account and unlock it right after, something like:

let account = web3.eth.accounts.create()
web3.eth.personal.unlockAccount(account.address, '', 1)

petarjs commented Jan 1, 2018

Is there a workaround around this issue? I'm trying to create a new account and unlock it right after, something like:

let account = web3.eth.accounts.create()
web3.eth.personal.unlockAccount(account.address, '', 1)
@benjamincburns

This comment has been minimized.

Show comment
Hide comment
@benjamincburns

benjamincburns Jan 2, 2018

Collaborator

@petarjs if it helps any, you can look to our tests to see how we support runtime creation and unlocking of personal accounts.

Note that web3.eth.accounts.create doesn't make any RPC calls. It generates an account entirely in your process's memory, and uses that private key to sign transactions (to be sent via eth_sendRawTransaction.

You likely want (web3.eth.personal.newAccount](https://web3js.readthedocs.io/en/1.0/web3-eth-personal.html#newaccount).

Collaborator

benjamincburns commented Jan 2, 2018

@petarjs if it helps any, you can look to our tests to see how we support runtime creation and unlocking of personal accounts.

Note that web3.eth.accounts.create doesn't make any RPC calls. It generates an account entirely in your process's memory, and uses that private key to sign transactions (to be sent via eth_sendRawTransaction.

You likely want (web3.eth.personal.newAccount](https://web3js.readthedocs.io/en/1.0/web3-eth-personal.html#newaccount).

@benjamincburns

This comment has been minimized.

Show comment
Hide comment
@benjamincburns

benjamincburns Jan 2, 2018

Collaborator

And to answer your original question, the workaround is to use the combination of the --secure and --unlock command line arguments, as specified by the README in the command line section under "Special Options."

Collaborator

benjamincburns commented Jan 2, 2018

And to answer your original question, the workaround is to use the combination of the --secure and --unlock command line arguments, as specified by the README in the command line section under "Special Options."

@benjamincburns

This comment has been minimized.

Show comment
Hide comment
@benjamincburns

benjamincburns Jan 2, 2018

Collaborator

Back to the original bug, I think there are a couple of concerns here:

  1. How to lock/unlock autogenerated accounts at runtime via RPC
  2. How to unlock "impersonated" accounts (accounts for which you don't have the private key) at runtime via RPC.

I think it might make sense to add a --personalAccount flag which can be repeated multiple times and which allows you to specify a comma-delimited address or account index and password. This would let you run @ju5tify's original example above like the following:

ganache-cli -n -a 1 --personalAccount=0,hunter2

Likewise, if you wanted to be able to simulate, say, stealing funds from Poloniex's cold wallet, you could do:

ganache-cli -n --personalAccount=0xb794F5eA0ba39494cE839613fffBA74279579268,allUrEthRBelongToUsButNotReallyBCauseTestNet --fork https://mainnet.infura.io@latest

@ju5tify & @Freydal - does this proposal work for you guys?

Collaborator

benjamincburns commented Jan 2, 2018

Back to the original bug, I think there are a couple of concerns here:

  1. How to lock/unlock autogenerated accounts at runtime via RPC
  2. How to unlock "impersonated" accounts (accounts for which you don't have the private key) at runtime via RPC.

I think it might make sense to add a --personalAccount flag which can be repeated multiple times and which allows you to specify a comma-delimited address or account index and password. This would let you run @ju5tify's original example above like the following:

ganache-cli -n -a 1 --personalAccount=0,hunter2

Likewise, if you wanted to be able to simulate, say, stealing funds from Poloniex's cold wallet, you could do:

ganache-cli -n --personalAccount=0xb794F5eA0ba39494cE839613fffBA74279579268,allUrEthRBelongToUsButNotReallyBCauseTestNet --fork https://mainnet.infura.io@latest

@ju5tify & @Freydal - does this proposal work for you guys?

@benjamincburns benjamincburns added enhancement and removed bug labels Jan 2, 2018

@dolgiyspb

This comment has been minimized.

Show comment
Hide comment
@dolgiyspb

dolgiyspb Jan 5, 2018

Hi!
@benjamincburns, proposal with personalAccount does not work for me:

$ ganache-cli -n -a 1 --personalAccount=0,testpw
Ganache CLI v6.0.3 (ganache-core: 2.0.2)

Available Accounts
==================
(0) 0x2c826f3b5c80f620726f7d40098b3c924f611893 🔒

Private Keys
==================
(0) a0f6bf87b2f84e0c5f0273ee0538593d9adbb14a1ac3902d832edeb14ce674b1

HD Wallet
==================
Mnemonic:      loop entry mass choose better coin foam reward finish wrist cliff congress
Base HD Path:  m/44'/60'/0'/0/{account_index}

Listening on localhost:8545

I tried to unlock:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_unlockAccount","params":["0x2c826f3b5c80f620726f7d40098b3c924f611893", "testpw", 0],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "id" : 1,
   "jsonrpc" : "2.0",`
   "error" : {
      "message" : "Account not found",
      "code" : -32000
   }
}

Next i tried to look at account list and it is empty:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_listAccounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp  
{
   "id" : 1,
   "result" : [],
   "jsonrpc" : "2.0"
}

But eth_accounts lloks like it's expected:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"eth_accounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp 
   "result" : [
      "0x2c826f3b5c80f620726f7d40098b3c924f611893"
   ],
   "jsonrpc" : "2.0",
   "id" : 1
}

BTW, in case with account, created by personal_newAccount, all works fine:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_newAccount","params":["testpw"],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "result" : "0x23bd291f2dbaa4729212cd42433892c1f6362758",
   "id" : 1,
   "jsonrpc" : "2.0"
}
$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_unlockAccount","params":["0x23bd291f2dbaa4729212cd42433892c1f6362758", "testpw", 0],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "jsonrpc" : "2.0",
   "result" : true,
   "id" : 1
}
$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_listAccounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp   
{
   "id" : 1,
   "jsonrpc" : "2.0",
   "result" : [
      "0x23bd291f2dbaa4729212cd42433892c1f6362758"
   ]
}
$ curl -X POST --data '{"jsonrpc":"2.0","method":"eth_accounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "id" : 1,
   "jsonrpc" : "2.0",
   "result" : [
      "0x2c826f3b5c80f620726f7d40098b3c924f611893",
      "0x23bd291f2dbaa4729212cd42433892c1f6362758"
   ]
}

Why i don't find autogenerated accounts in personal_listAccounts and can't unlock it?

dolgiyspb commented Jan 5, 2018

Hi!
@benjamincburns, proposal with personalAccount does not work for me:

$ ganache-cli -n -a 1 --personalAccount=0,testpw
Ganache CLI v6.0.3 (ganache-core: 2.0.2)

Available Accounts
==================
(0) 0x2c826f3b5c80f620726f7d40098b3c924f611893 🔒

Private Keys
==================
(0) a0f6bf87b2f84e0c5f0273ee0538593d9adbb14a1ac3902d832edeb14ce674b1

HD Wallet
==================
Mnemonic:      loop entry mass choose better coin foam reward finish wrist cliff congress
Base HD Path:  m/44'/60'/0'/0/{account_index}

Listening on localhost:8545

I tried to unlock:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_unlockAccount","params":["0x2c826f3b5c80f620726f7d40098b3c924f611893", "testpw", 0],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "id" : 1,
   "jsonrpc" : "2.0",`
   "error" : {
      "message" : "Account not found",
      "code" : -32000
   }
}

Next i tried to look at account list and it is empty:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_listAccounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp  
{
   "id" : 1,
   "result" : [],
   "jsonrpc" : "2.0"
}

But eth_accounts lloks like it's expected:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"eth_accounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp 
   "result" : [
      "0x2c826f3b5c80f620726f7d40098b3c924f611893"
   ],
   "jsonrpc" : "2.0",
   "id" : 1
}

BTW, in case with account, created by personal_newAccount, all works fine:

$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_newAccount","params":["testpw"],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "result" : "0x23bd291f2dbaa4729212cd42433892c1f6362758",
   "id" : 1,
   "jsonrpc" : "2.0"
}
$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_unlockAccount","params":["0x23bd291f2dbaa4729212cd42433892c1f6362758", "testpw", 0],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "jsonrpc" : "2.0",
   "result" : true,
   "id" : 1
}
$ curl -X POST --data '{"jsonrpc":"2.0","method":"personal_listAccounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp   
{
   "id" : 1,
   "jsonrpc" : "2.0",
   "result" : [
      "0x23bd291f2dbaa4729212cd42433892c1f6362758"
   ]
}
$ curl -X POST --data '{"jsonrpc":"2.0","method":"eth_accounts","params":[],"id":1}' http://127.0.0.1:8545 | json_pp 
{
   "id" : 1,
   "jsonrpc" : "2.0",
   "result" : [
      "0x2c826f3b5c80f620726f7d40098b3c924f611893",
      "0x23bd291f2dbaa4729212cd42433892c1f6362758"
   ]
}

Why i don't find autogenerated accounts in personal_listAccounts and can't unlock it?

@benjamincburns

This comment has been minimized.

Show comment
Hide comment
@benjamincburns

benjamincburns Feb 14, 2018

Collaborator

This was fixed by trufflesuite/ganache-core#62. Autogenerated accounts will now unlock with any password when locked.

Collaborator

benjamincburns commented Feb 14, 2018

This was fixed by trufflesuite/ganache-core#62. Autogenerated accounts will now unlock with any password when locked.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment