diff options
| -rw-r--r-- | app/scripts/lib/seed-phrase-verifier.js | 43 | ||||
| -rw-r--r-- | app/scripts/metamask-controller.js | 20 | ||||
| -rw-r--r-- | test/unit/seed-phrase-verifier-test.js | 136 |
3 files changed, 197 insertions, 2 deletions
diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js new file mode 100644 index 000000000..9bea2910e --- /dev/null +++ b/app/scripts/lib/seed-phrase-verifier.js @@ -0,0 +1,43 @@ +const KeyringController = require('eth-keyring-controller') + +const seedPhraseVerifier = { + + verifyAccounts(createdAccounts, seedWords) { + + return new Promise((resolve, reject) => { + + if (!createdAccounts || createdAccounts.length < 1) { + return reject(new Error('No created accounts defined.')) + } + + let keyringController = new KeyringController({}) + let Keyring = keyringController.getKeyringClassForType('HD Key Tree') + let opts = { + mnemonic: seedWords, + numberOfAccounts: createdAccounts.length, + } + + let keyring = new Keyring(opts) + keyring.getAccounts() + .then((restoredAccounts) => { + + log.debug('Created accounts: ' + JSON.stringify(createdAccounts)) + log.debug('Restored accounts: ' + JSON.stringify(restoredAccounts)) + + if (restoredAccounts.length != createdAccounts.length) { + // this should not happen... + return reject(new Error("Wrong number of accounts")) + } + + for (let i = 0; i < restoredAccounts.length; i++) { + if (restoredAccounts[i] !== createdAccounts[i]) { + return reject(new Error('Not identical accounts! Original: ' + createdAccounts[i] + ', Restored: ' + restoredAccounts[i])) + } + } + return resolve() + }) + }) + } +} + +module.exports = seedPhraseVerifier
\ No newline at end of file diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index ad4e71792..89bcbd51b 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -37,6 +37,7 @@ const version = require('../manifest.json').version const BN = require('ethereumjs-util').BN const GWEI_BN = new BN('1000000000') const percentile = require('percentile') +const seedPhraseVerifier = require('./lib/seed-phrase-verifier') module.exports = class MetamaskController extends EventEmitter { @@ -592,8 +593,23 @@ module.exports = class MetamaskController extends EventEmitter { primaryKeyring.serialize() .then((serialized) => { const seedWords = serialized.mnemonic - this.configManager.setSeedWords(seedWords) - cb(null, seedWords) + + primaryKeyring.getAccounts() + .then((accounts) => { + if (accounts.length < 1) { + return cb(new Error('MetamaskController - No accounts found')) + } + + seedPhraseVerifier.verifyAccounts(accounts, seedWords) + .then(() => { + this.configManager.setSeedWords(seedWords) + cb(null, seedWords) + }) + .catch((err) => { + log.error(err) + cb(err) + }) + }) }) } diff --git a/test/unit/seed-phrase-verifier-test.js b/test/unit/seed-phrase-verifier-test.js new file mode 100644 index 000000000..a7a463dd3 --- /dev/null +++ b/test/unit/seed-phrase-verifier-test.js @@ -0,0 +1,136 @@ +const assert = require('assert') +const clone = require('clone') +const KeyringController = require('eth-keyring-controller') +const firstTimeState = require('../../app/scripts/first-time-state') +const seedPhraseVerifier = require('../../app/scripts/lib/seed-phrase-verifier') +const mockEncryptor = require('../lib/mock-encryptor') + +describe('SeedPhraseVerifier', function () { + + describe('verifyAccounts', function () { + + var password = 'passw0rd1' + let hdKeyTree = 'HD Key Tree' + + it('should be able to verify created account with seed words', async function () { + + let keyringController = new KeyringController({ + initState: clone(firstTimeState), + encryptor: mockEncryptor, + }) + assert(keyringController) + + let vault = await keyringController.createNewVaultAndKeychain(password) + let primaryKeyring = keyringController.getKeyringsByType(hdKeyTree)[0] + + let createdAccounts = await primaryKeyring.getAccounts() + assert.equal(createdAccounts.length, 1) + + let serialized = await primaryKeyring.serialize() + let seedWords = serialized.mnemonic + assert.notEqual(seedWords.length, 0) + + let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords) + }) + + it('should return error with good but different seed words', async function () { + + let keyringController = new KeyringController({ + initState: clone(firstTimeState), + encryptor: mockEncryptor, + }) + assert(keyringController) + + let vault = await keyringController.createNewVaultAndKeychain(password) + let primaryKeyring = keyringController.getKeyringsByType(hdKeyTree)[0] + + let createdAccounts = await primaryKeyring.getAccounts() + assert.equal(createdAccounts.length, 1) + + let serialized = await primaryKeyring.serialize() + let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium' + + try { + let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords) + assert.fail("Should reject") + } catch (err) { + assert.ok(err.message.indexOf('Not identical accounts!') >= 0, 'Wrong error message') + } + }) + + it('should return error with undefined existing accounts', async function () { + + let keyringController = new KeyringController({ + initState: clone(firstTimeState), + encryptor: mockEncryptor, + }) + assert(keyringController) + + let vault = await keyringController.createNewVaultAndKeychain(password) + let primaryKeyring = keyringController.getKeyringsByType(hdKeyTree)[0] + + let createdAccounts = await primaryKeyring.getAccounts() + assert.equal(createdAccounts.length, 1) + + let serialized = await primaryKeyring.serialize() + let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium' + + try { + let result = await seedPhraseVerifier.verifyAccounts(undefined, seedWords) + assert.fail("Should reject") + } catch (err) { + assert.equal(err.message, 'No created accounts defined.') + } + }) + + it('should return error with empty accounts array', async function () { + + let keyringController = new KeyringController({ + initState: clone(firstTimeState), + encryptor: mockEncryptor, + }) + assert(keyringController) + + let vault = await keyringController.createNewVaultAndKeychain(password) + let primaryKeyring = keyringController.getKeyringsByType(hdKeyTree)[0] + + let createdAccounts = await primaryKeyring.getAccounts() + assert.equal(createdAccounts.length, 1) + + let serialized = await primaryKeyring.serialize() + let seedWords = 'debris dizzy just program just float decrease vacant alarm reduce speak stadium' + + try { + let result = await seedPhraseVerifier.verifyAccounts([], seedWords) + assert.fail("Should reject") + } catch (err) { + assert.equal(err.message, 'No created accounts defined.') + } + }) + + it('should be able to verify more than one created account with seed words', async function () { + + let keyringController = new KeyringController({ + initState: clone(firstTimeState), + encryptor: mockEncryptor, + }) + assert(keyringController) + + let vault = await keyringController.createNewVaultAndKeychain(password) + + let primaryKeyring = keyringController.getKeyringsByType(hdKeyTree)[0] + + const keyState = await keyringController.addNewAccount(primaryKeyring) + const keyState2 = await keyringController.addNewAccount(primaryKeyring) + + let createdAccounts = await primaryKeyring.getAccounts() + assert.equal(createdAccounts.length, 3) + + let serialized = await primaryKeyring.serialize() + let seedWords = serialized.mnemonic + assert.notEqual(seedWords.length, 0) + + let result = await seedPhraseVerifier.verifyAccounts(createdAccounts, seedWords) + }) + }) +}) |