From 92453f8715b78c0e6e2cdb9b2e1cfe48c0b013ad Mon Sep 17 00:00:00 2001 From: Csaba Solya Date: Sat, 3 Mar 2018 00:32:57 +0100 Subject: seed phrase verifier --- app/scripts/lib/seed-phrase-verifier.js | 43 +++++++++++++++++++++++++++++++++ app/scripts/metamask-controller.js | 20 +++++++++++++-- 2 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 app/scripts/lib/seed-phrase-verifier.js (limited to 'app') diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js new file mode 100644 index 000000000..9bea2910e --- /dev/null +++ b/app/scripts/lib/seed-phrase-verifier.js @@ -0,0 +1,43 @@ +const KeyringController = require('eth-keyring-controller') + +const seedPhraseVerifier = { + + verifyAccounts(createdAccounts, seedWords) { + + return new Promise((resolve, reject) => { + + if (!createdAccounts || createdAccounts.length < 1) { + return reject(new Error('No created accounts defined.')) + } + + let keyringController = new KeyringController({}) + let Keyring = keyringController.getKeyringClassForType('HD Key Tree') + let opts = { + mnemonic: seedWords, + numberOfAccounts: createdAccounts.length, + } + + let keyring = new Keyring(opts) + keyring.getAccounts() + .then((restoredAccounts) => { + + log.debug('Created accounts: ' + JSON.stringify(createdAccounts)) + log.debug('Restored accounts: ' + JSON.stringify(restoredAccounts)) + + if (restoredAccounts.length != createdAccounts.length) { + // this should not happen... + return reject(new Error("Wrong number of accounts")) + } + + for (let i = 0; i < restoredAccounts.length; i++) { + if (restoredAccounts[i] !== createdAccounts[i]) { + return reject(new Error('Not identical accounts! Original: ' + createdAccounts[i] + ', Restored: ' + restoredAccounts[i])) + } + } + return resolve() + }) + }) + } +} + +module.exports = seedPhraseVerifier \ No newline at end of file diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index ad4e71792..89bcbd51b 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -37,6 +37,7 @@ const version = require('../manifest.json').version const BN = require('ethereumjs-util').BN const GWEI_BN = new BN('1000000000') const percentile = require('percentile') +const seedPhraseVerifier = require('./lib/seed-phrase-verifier') module.exports = class MetamaskController extends EventEmitter { @@ -592,8 +593,23 @@ module.exports = class MetamaskController extends EventEmitter { primaryKeyring.serialize() .then((serialized) => { const seedWords = serialized.mnemonic - this.configManager.setSeedWords(seedWords) - cb(null, seedWords) + + primaryKeyring.getAccounts() + .then((accounts) => { + if (accounts.length < 1) { + return cb(new Error('MetamaskController - No accounts found')) + } + + seedPhraseVerifier.verifyAccounts(accounts, seedWords) + .then(() => { + this.configManager.setSeedWords(seedWords) + cb(null, seedWords) + }) + .catch((err) => { + log.error(err) + cb(err) + }) + }) }) } -- cgit From 4bd7f1a37abcd09dc8816fc5b28ad41bc86b1aea Mon Sep 17 00:00:00 2001 From: Csaba Solya Date: Sat, 3 Mar 2018 00:40:40 +0100 Subject: fix lint issues --- app/scripts/lib/seed-phrase-verifier.js | 18 +++++++++--------- app/scripts/metamask-controller.js | 4 ++-- 2 files changed, 11 insertions(+), 11 deletions(-) (limited to 'app') diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js index 9bea2910e..97a433fd8 100644 --- a/app/scripts/lib/seed-phrase-verifier.js +++ b/app/scripts/lib/seed-phrase-verifier.js @@ -2,7 +2,7 @@ const KeyringController = require('eth-keyring-controller') const seedPhraseVerifier = { - verifyAccounts(createdAccounts, seedWords) { + verifyAccounts (createdAccounts, seedWords) { return new Promise((resolve, reject) => { @@ -10,23 +10,23 @@ const seedPhraseVerifier = { return reject(new Error('No created accounts defined.')) } - let keyringController = new KeyringController({}) - let Keyring = keyringController.getKeyringClassForType('HD Key Tree') - let opts = { + const keyringController = new KeyringController({}) + const Keyring = keyringController.getKeyringClassForType('HD Key Tree') + const opts = { mnemonic: seedWords, numberOfAccounts: createdAccounts.length, } - let keyring = new Keyring(opts) + const keyring = new Keyring(opts) keyring.getAccounts() .then((restoredAccounts) => { log.debug('Created accounts: ' + JSON.stringify(createdAccounts)) log.debug('Restored accounts: ' + JSON.stringify(restoredAccounts)) - if (restoredAccounts.length != createdAccounts.length) { + if (restoredAccounts.length !== createdAccounts.length) { // this should not happen... - return reject(new Error("Wrong number of accounts")) + return reject(new Error('Wrong number of accounts')) } for (let i = 0; i < restoredAccounts.length; i++) { @@ -37,7 +37,7 @@ const seedPhraseVerifier = { return resolve() }) }) - } + }, } -module.exports = seedPhraseVerifier \ No newline at end of file +module.exports = seedPhraseVerifier diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index 89bcbd51b..b9231aa3d 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -599,9 +599,9 @@ module.exports = class MetamaskController extends EventEmitter { if (accounts.length < 1) { return cb(new Error('MetamaskController - No accounts found')) } - + seedPhraseVerifier.verifyAccounts(accounts, seedWords) - .then(() => { + .then(() => { this.configManager.setSeedWords(seedWords) cb(null, seedWords) }) -- cgit From 3e05b693dbf55ea7ecb791e8f31b7599a6b89ffd Mon Sep 17 00:00:00 2001 From: Csaba Solya Date: Sat, 3 Mar 2018 14:11:02 +0100 Subject: verify addresses regardless case --- app/scripts/lib/seed-phrase-verifier.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js index 97a433fd8..1f35c2c67 100644 --- a/app/scripts/lib/seed-phrase-verifier.js +++ b/app/scripts/lib/seed-phrase-verifier.js @@ -30,7 +30,7 @@ const seedPhraseVerifier = { } for (let i = 0; i < restoredAccounts.length; i++) { - if (restoredAccounts[i] !== createdAccounts[i]) { + if (restoredAccounts[i].toLowerCase() !== createdAccounts[i].toLowerCase()) { return reject(new Error('Not identical accounts! Original: ' + createdAccounts[i] + ', Restored: ' + restoredAccounts[i])) } } -- cgit From 2b86d65d0c3266e8ddfe814abe1d1755fbf23fda Mon Sep 17 00:00:00 2001 From: Csaba Solya Date: Sat, 3 Mar 2018 22:08:10 +0100 Subject: verify seedwords on log in --- app/scripts/metamask-controller.js | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index b9231aa3d..df9adc248 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -345,6 +345,7 @@ module.exports = class MetamaskController extends EventEmitter { // primary HD keyring management addNewAccount: nodeify(this.addNewAccount, this), placeSeedWords: this.placeSeedWords.bind(this), + verifySeedPhrase: this.verifySeedPhrase.bind(this), clearSeedWordCache: this.clearSeedWordCache.bind(this), resetAccount: this.resetAccount.bind(this), importAccountWithStrategy: this.importAccountWithStrategy.bind(this), @@ -588,6 +589,19 @@ module.exports = class MetamaskController extends EventEmitter { // Used when creating a first vault, to allow confirmation. // Also used when revealing the seed words in the confirmation view. placeSeedWords (cb) { + + this.verifySeedPhrase((err, seedWords) => { + + if (err) { + return cb(err) + } + this.configManager.setSeedWords(seedWords) + return cb(null, seedWords) + }) + } + + verifySeedPhrase (cb) { + const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0] if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found')) primaryKeyring.serialize() @@ -602,12 +616,11 @@ module.exports = class MetamaskController extends EventEmitter { seedPhraseVerifier.verifyAccounts(accounts, seedWords) .then(() => { - this.configManager.setSeedWords(seedWords) - cb(null, seedWords) + return cb(null, seedWords) }) .catch((err) => { log.error(err) - cb(err) + return cb(err) }) }) }) -- cgit From f7d4a1080df6d1c8ea5f68f88b01caea065b5e92 Mon Sep 17 00:00:00 2001 From: Csaba Solya Date: Sun, 4 Mar 2018 08:47:46 +0100 Subject: add documentation --- app/scripts/lib/seed-phrase-verifier.js | 5 +++++ app/scripts/metamask-controller.js | 4 ++++ 2 files changed, 9 insertions(+) (limited to 'app') diff --git a/app/scripts/lib/seed-phrase-verifier.js b/app/scripts/lib/seed-phrase-verifier.js index 1f35c2c67..9cea22029 100644 --- a/app/scripts/lib/seed-phrase-verifier.js +++ b/app/scripts/lib/seed-phrase-verifier.js @@ -2,6 +2,11 @@ const KeyringController = require('eth-keyring-controller') const seedPhraseVerifier = { + // Verifies if the seed words can restore the accounts. + // + // The seed words can recreate the primary keyring and the accounts belonging to it. + // The created accounts in the primary keyring are always the same. + // The keyring always creates the accounts in the same sequence. verifyAccounts (createdAccounts, seedWords) { return new Promise((resolve, reject) => { diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index df9adc248..f523e3919 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -600,6 +600,10 @@ module.exports = class MetamaskController extends EventEmitter { }) } + // Verifies the current vault's seed words if they can restore the + // accounts belonging to the current vault. + // + // Called when the first account is created and on unlocking the vault. verifySeedPhrase (cb) { const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0] -- cgit From 59007a6c36055f9197ad83ccb1741fa186b85f53 Mon Sep 17 00:00:00 2001 From: Csaba Solya Date: Tue, 6 Mar 2018 15:56:27 +0100 Subject: modify verifySeedPhrase to async and call it from addNewAccount also --- app/scripts/metamask-controller.js | 66 ++++++++++++++++++++------------------ 1 file changed, 34 insertions(+), 32 deletions(-) (limited to 'app') diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index f523e3919..0a5c1d36f 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -345,7 +345,7 @@ module.exports = class MetamaskController extends EventEmitter { // primary HD keyring management addNewAccount: nodeify(this.addNewAccount, this), placeSeedWords: this.placeSeedWords.bind(this), - verifySeedPhrase: this.verifySeedPhrase.bind(this), + verifySeedPhrase: nodeify(this.verifySeedPhrase, this), clearSeedWordCache: this.clearSeedWordCache.bind(this), resetAccount: this.resetAccount.bind(this), importAccountWithStrategy: this.importAccountWithStrategy.bind(this), @@ -567,14 +567,18 @@ module.exports = class MetamaskController extends EventEmitter { // Opinionated Keyring Management // - async addNewAccount (cb) { + async addNewAccount () { const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0] - if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found')) + if (!primaryKeyring) { + throw new Error('MetamaskController - No HD Key Tree found') + } const keyringController = this.keyringController const oldAccounts = await keyringController.getAccounts() const keyState = await keyringController.addNewAccount(primaryKeyring) const newAccounts = await keyringController.getAccounts() + await this.verifySeedPhrase() + newAccounts.forEach((address) => { if (!oldAccounts.includes(address)) { this.preferencesController.setSelectedAddress(address) @@ -590,44 +594,42 @@ module.exports = class MetamaskController extends EventEmitter { // Also used when revealing the seed words in the confirmation view. placeSeedWords (cb) { - this.verifySeedPhrase((err, seedWords) => { - - if (err) { + this.verifySeedPhrase() + .then((seedWords) => { + this.configManager.setSeedWords(seedWords) + return cb(null, seedWords) + }) + .catch((err) => { return cb(err) - } - this.configManager.setSeedWords(seedWords) - return cb(null, seedWords) - }) + }) } // Verifies the current vault's seed words if they can restore the // accounts belonging to the current vault. // // Called when the first account is created and on unlocking the vault. - verifySeedPhrase (cb) { + async verifySeedPhrase () { const primaryKeyring = this.keyringController.getKeyringsByType('HD Key Tree')[0] - if (!primaryKeyring) return cb(new Error('MetamaskController - No HD Key Tree found')) - primaryKeyring.serialize() - .then((serialized) => { - const seedWords = serialized.mnemonic - - primaryKeyring.getAccounts() - .then((accounts) => { - if (accounts.length < 1) { - return cb(new Error('MetamaskController - No accounts found')) - } - - seedPhraseVerifier.verifyAccounts(accounts, seedWords) - .then(() => { - return cb(null, seedWords) - }) - .catch((err) => { - log.error(err) - return cb(err) - }) - }) - }) + if (!primaryKeyring) { + throw new Error('MetamaskController - No HD Key Tree found') + } + + const serialized = await primaryKeyring.serialize() + const seedWords = serialized.mnemonic + + const accounts = await primaryKeyring.getAccounts() + if (accounts.length < 1) { + throw new Error('MetamaskController - No accounts found') + } + + try { + await seedPhraseVerifier.verifyAccounts(accounts, seedWords) + return seedWords + } catch (err) { + log.error(err.message) + throw err + } } // ClearSeedWordCache -- cgit From e91a521b1b0cc9262ca31290f3df5778dd1a6919 Mon Sep 17 00:00:00 2001 From: kumavis Date: Tue, 6 Mar 2018 17:30:12 -0800 Subject: Version 4.2.0 --- app/manifest.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/manifest.json b/app/manifest.json index 2b3acf1b5..0c89c2b3e 100644 --- a/app/manifest.json +++ b/app/manifest.json @@ -1,7 +1,7 @@ { "name": "MetaMask", "short_name": "Metamask", - "version": "4.1.3", + "version": "4.2.0", "manifest_version": 2, "author": "https://metamask.io", "description": "Ethereum Browser Extension", @@ -59,7 +59,7 @@ "clipboardWrite", "http://localhost:8545/", "https://*.infura.io/" - ], + ], "web_accessible_resources": [ "scripts/inpage.js" ], @@ -68,4 +68,4 @@ "https://metamask.io/*" ] } -} +} \ No newline at end of file -- cgit From 57dc5a6e9b8ecc4414fe72397205d21cec13c5e1 Mon Sep 17 00:00:00 2001 From: Jeffrey Tong Date: Tue, 6 Mar 2018 20:37:26 -0800 Subject: fix typo in transaction.js --- app/scripts/controllers/transactions.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/app/scripts/controllers/transactions.js b/app/scripts/controllers/transactions.js index ef5578d5a..9c2ca0dc8 100644 --- a/app/scripts/controllers/transactions.js +++ b/app/scripts/controllers/transactions.js @@ -3,7 +3,7 @@ const ObservableStore = require('obs-store') const ethUtil = require('ethereumjs-util') const Transaction = require('ethereumjs-tx') const EthQuery = require('ethjs-query') -const TransactionStateManger = require('../lib/tx-state-manager') +const TransactionStateManager = require('../lib/tx-state-manager') const TxGasUtil = require('../lib/tx-gas-utils') const PendingTransactionTracker = require('../lib/pending-tx-tracker') const createId = require('../lib/random-id') @@ -38,7 +38,7 @@ module.exports = class TransactionController extends EventEmitter { this.query = new EthQuery(this.provider) this.txGasUtil = new TxGasUtil(this.provider) - this.txStateManager = new TransactionStateManger({ + this.txStateManager = new TransactionStateManager({ initState: opts.initState, txHistoryLimit: opts.txHistoryLimit, getNetwork: this.getNetwork.bind(this), -- cgit From cad5f5f0009713a1101194d964af7a1620ea158c Mon Sep 17 00:00:00 2001 From: Jeffrey Tong Date: Wed, 7 Mar 2018 10:24:36 -0800 Subject: fix typo in tests and tx-state-manager --- app/scripts/lib/tx-state-manager.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/scripts/lib/tx-state-manager.js b/app/scripts/lib/tx-state-manager.js index 051efd247..2eb006380 100644 --- a/app/scripts/lib/tx-state-manager.js +++ b/app/scripts/lib/tx-state-manager.js @@ -4,7 +4,7 @@ const ObservableStore = require('obs-store') const ethUtil = require('ethereumjs-util') const txStateHistoryHelper = require('./tx-state-history-helper') -module.exports = class TransactionStateManger extends EventEmitter { +module.exports = class TransactionStateManager extends EventEmitter { constructor ({ initState, txHistoryLimit, getNetwork }) { super() -- cgit