Giter Club home page Giter Club logo

codechain-keystore-js's Introduction

CodeChain keystore Build Status

CodeChain keystore is a private key management library. It saves CodeChain's asset transfer address safely in a disk. If you want to manage CodeChain keys using nodejs, you should use this.

Example

var CCKey = require('codechain-keystore');

async function example() {
  const cckey = await CCKey.create();
  const savedKeys = await cckey.platform.getKeys();
  console.dir(savedKeys);
  await cckey.platform.createKey({ passphrase: "my password" });
  const savedKeys_ = await cckey.platform.getKeys();
  console.dir(savedKeys_);

  await cckey.close();
};
example();

How your private key is saved

We use a JSON file to save an encrypted private key. You can find the file in ./keystore.db

codechain-keystore-js's People

Contributors

joojis avatar kseo avatar majecty avatar remagpie avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

majecty kseo sgkim126 joojis hyunsikjeong baumstern hoongee kkc90

codechain-keystore-js's Issues

Why is secret stringified when stored?

Currently, the keystore format looks like a below. I can't find a reason to stringify the secret field.

{
  "platform_keys": [
    {
      "secret": "{\"crypto\":{\"ciphertext\":\"e5bc2edb24c39ca7ab93797de1c69bff4bc10116307a4c709fa03964cb1f05c9\",\"cipherparams\":{\"iv\":\"f95cc95d42f23d3dc23fd806e0dda5b4\"},\"cipher\":\"aes-128-ctr\",\"kdf\":\"pbkdf2\",\"kdfparams\":{\"dklen\":32,\"salt\":\"fad7cf1a0bb90752a7c8670b192f7257c6d16807e1290cf8915fd09d5dd47ab5\",\"c\":262144,\"prf\":\"hmac-sha256\"},\"mac\":\"9af7457f7eb41537182bcdc704471f3f08e6ea5ee6af15e8df63f93920b7ee2c\"},\"id\":\"e4fa910b-b6ea-411b-9e34-cde4241beb94\",\"version\":3}",
      "publicKey": "b1d9d3079416c50a1ed51b9a7b6bfe5966a158a4b65d9a51472134cba26ca7ff00bbc7a76c023b879a2abac199c9b7d9fb5fbb25bc31850d06dfa9362f68d8f7"
    }
  ],
  "asset_keys": [],
  "mapping": {
    "09880ce815b65b3f73a1ffad14e3fb6bbee7f380": "b1d9d3079416c50a1ed51b9a7b6bfe5966a158a4b65d9a51472134cba26ca7ff00bbc7a76c023b879a2abac199c9b7d9fb5fbb25bc31850d06dfa9362f68d8f7"
  }
}

Exclude yarn.lock

codechain-keystore should not include yarn.lock file in the repo because it is a library.

tsfmt fails 

$ tsfmt
Error: Invalid "extends" configuration value - could not require "tslint-config-prettier". Review the Node lookup algorithm (https://nodejs.org/api/modules.html#modules_all_together) for the approximate method TSLint uses to find the referenced configuration file.
    at resolveConfigurationPath (/usr/local/lib/node_modules/tslint/lib/configuration.js:223:19)
    at loadExtendsRecursive (/usr/local/lib/node_modules/tslint/lib/configuration.js:414:32)
    at parseConfigFile (/usr/local/lib/node_modules/tslint/lib/configuration.js:403:12)
    at Object.loadConfigurationFromPath (/usr/local/lib/node_modules/tslint/lib/configuration.js:161:16)
    at /usr/local/lib/node_modules/typescript-formatter/lib/provider/tslintjson.js:134:43
    at step (/usr/local/lib/node_modules/typescript-formatter/lib/provider/tslintjson.js:32:23)
    at Object.next (/usr/local/lib/node_modules/typescript-formatter/lib/provider/tslintjson.js:13:53)
    at fulfilled (/usr/local/lib/node_modules/typescript-formatter/lib/provider/tslintjson.js:4:58)

Introduce HD wallets

Introduce HD(Hierarchical Deterministic) Wallets.

Related documents

BIP(Bitcoin Improvement Proposal)

  • BIP-0032 Hierarchical Deterministic Wallets Link
  • BIP-0043 Purpose Field for Deterministic Wallets Link
  • BIP-0044 Multi-Account Hierarchy for Deterministic Wallets Link

SLIP(SatoshiLabs Improvement Proposal)

  • SLIP-0044 Registered coin types for BIP-0044 Link

Library to use

To-do

Master Key Generation

In BIP-0032, master key generation is defined as:

  • Generate a seed byte sequence S of a chosen length (between 128 and 512 bits; 256 bits is advised) from a (P)RNG.
  • Calculate I = HMAC-SHA512(Key = "Bitcoin seed", Data = S)
  • Split I into two 32-byte sequences, IL and IR.
  • Use parse256(IL) as master secret key, and IR as master chain code.
    In case IL is 0 or ≥n, the master key is invalid.

CodeChain may use a different key instead of "Bitcoin seed".

Path levels

This will follow BIP 0044:

m / purpose' / coin_type' / account' / change / address_index
  • purpose is 44, as BIP 0043.
  • coin_types vary by coins, and SLIP-0044 provides the list of registered coin types for BIP-0044. I suggest 0x80003485 for the keystore.

Wallet name

A master seed or a master node should be private, so there should be a tag to distinguish between seeds.
It may be

  • Hash value of a seed
  • Hash value of a master node (private key + chain code)
  • String given by a user

Seed

The format of seeds will follow the serialization format from BIP-0032.

Functions

New functions should be introduced.

  • importSeed, exportSeed
  • createSeed, deleteSeed
  • getPublicKeyFromSeed, getPrivateKeyFromSeed
    • This exports only a key, not a chain code, to use it on CodeChain.
  • signFromSeed

Errors on the travis CI

https://travis-ci.org/CodeChain-io/codechain-wallet/jobs/442266609

TypeError: Cannot read property 'getItem' of undefined
    at SessionStorage.read (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/lowdb-session-storag$
-adapter/index.js:9:37)
    at LodashWrapper.db.read (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/lowdb/lib/main.js:$
2:21)
    at Object.<anonymous>.module.exports (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/lowdb/$
ib/main.js:51:13)
    at Object.<anonymous> (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/li$
/context.js:73:46)
    at step (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/lib/context.js:3$
:23)
    at Object.next (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/lib/conte$
t.js:13:53)
    at /Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/lib/context.js:7:71
    at new Promise (<anonymous>)
    at Object.<anonymous>.__awaiter (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-ke
ystore/lib/context.js:3:12)
    at Object.storageExist (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/li
b/context.js:69:12)
    at Function.<anonymous> (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/l
ib/index.js:88:49)
    at step (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/lib/index.js:43:2
3)
    at Object.next (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/lib/index.
js:24:53)
    at /Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-keystore/lib/index.js:18:71
    at new Promise (<anonymous>)
    at Object.<anonymous>.__awaiter (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/codechain-ke
ystore/lib/index.js:14:12)
    at Function.Object.<anonymous>.CCKey.exist (/Users/gilyoungkim/Documents/workspace/codechain-wallet/node_modules/c
odechain-keystore/lib/index.js:83:16)

Clear secret keys when they are not needed anymore

Currently, private key type is string but string type variables cannot be explicitly dropped or cleared. Change the type of secret key to Buffer and clear(fill zeros to the memory it holds) when the necessity of them ends to enhance security.

Add verify()

Add a function that verifies a signature.

Parameters

  • key
  • signature
  • message

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.