core

package
v5.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 7, 2022 License: GPL-3.0, LGPL-3.0, LGPL-3.0-or-later Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (

	// ExternalAPIVersion -- see extapi_changelog.md
	ExternalAPIVersion = "6.1.0"
	// InternalAPIVersion -- see intapi_changelog.md
	InternalAPIVersion = "7.0.1"
)

Variables

View Source
var ErrRequestDenied = errors.New("request denied")

Functions

func SignTextValidator

func SignTextValidator(validatorData apitypes.ValidatorData) (hexutil.Bytes, string)

SignTextValidator signs the given message which can be further recovered with the given validator. hash = keccak256("\x19\x00"${address}${data}).

func StartClefAccountManager

func StartClefAccountManager(ksLocation string, usb, lightKDF bool, scpath string) *accounts.Manager

func UnmarshalValidatorData

func UnmarshalValidatorData(data interface{}) (apitypes.ValidatorData, error)

UnmarshalValidatorData converts the bytes input to typed data

func ValidatePasswordFormat

func ValidatePasswordFormat(password string) error

ValidatePasswordFormat returns an error if the password is too short, or consists of characters outside the range of the printable 7bit ascii set

Types

type AuditLogger

type AuditLogger struct {
	// contains filtered or unexported fields
}

func NewAuditLogger

func NewAuditLogger(path string, api ExternalAPI) (*AuditLogger, error)

func (*AuditLogger) EcRecover

func (l *AuditLogger) EcRecover(ctx context.Context, data hexutil.Bytes, sig hexutil.Bytes) (common.Address, error)

func (*AuditLogger) List

func (l *AuditLogger) List(ctx context.Context) ([]common.Address, error)

func (*AuditLogger) New

func (l *AuditLogger) New(ctx context.Context) (common.Address, error)

func (*AuditLogger) SignData

func (l *AuditLogger) SignData(ctx context.Context, contentType string, addr common.MixedcaseAddress, data interface{}) (hexutil.Bytes, error)

func (*AuditLogger) SignGnosisSafeTx

func (l *AuditLogger) SignGnosisSafeTx(ctx context.Context, addr common.MixedcaseAddress, gnosisTx GnosisSafeTx, methodSelector *string) (*GnosisSafeTx, error)

func (*AuditLogger) SignTransaction

func (l *AuditLogger) SignTransaction(ctx context.Context, args apitypes.SendTxArgs, methodSelector *string) (*ethapi.SignTransactionResult, error)

func (*AuditLogger) SignTypedData

func (l *AuditLogger) SignTypedData(ctx context.Context, addr common.MixedcaseAddress, data apitypes.TypedData) (hexutil.Bytes, error)

func (*AuditLogger) Version

func (l *AuditLogger) Version(ctx context.Context) (string, error)

type CommandlineUI

type CommandlineUI struct {
	// contains filtered or unexported fields
}

func NewCommandlineUI

func NewCommandlineUI() *CommandlineUI

func (*CommandlineUI) ApproveListing

func (ui *CommandlineUI) ApproveListing(request *ListRequest) (ListResponse, error)

ApproveListing prompt the user for confirmation to list accounts the list of accounts to list can be modified by the UI

func (*CommandlineUI) ApproveNewAccount

func (ui *CommandlineUI) ApproveNewAccount(request *NewAccountRequest) (NewAccountResponse, error)

ApproveNewAccount prompt the user for confirmation to create new Account, and reveal to caller

func (*CommandlineUI) ApproveSignData

func (ui *CommandlineUI) ApproveSignData(request *SignDataRequest) (SignDataResponse, error)

ApproveSignData prompt the user for confirmation to request to sign data

func (*CommandlineUI) ApproveTx

func (ui *CommandlineUI) ApproveTx(request *SignTxRequest) (SignTxResponse, error)

ApproveTx prompt the user for confirmation to request to sign Transaction

func (*CommandlineUI) OnApprovedTx

func (ui *CommandlineUI) OnApprovedTx(tx ethapi.SignTransactionResult)

func (*CommandlineUI) OnInputRequired

func (ui *CommandlineUI) OnInputRequired(info UserInputRequest) (UserInputResponse, error)

func (*CommandlineUI) OnSignerStartup

func (ui *CommandlineUI) OnSignerStartup(info StartupInfo)

func (*CommandlineUI) RegisterUIServer

func (ui *CommandlineUI) RegisterUIServer(api *UIServerAPI)

func (*CommandlineUI) ShowError

func (ui *CommandlineUI) ShowError(message string)

ShowError displays error message to user

func (*CommandlineUI) ShowInfo

func (ui *CommandlineUI) ShowInfo(message string)

ShowInfo displays info message to user

type ExternalAPI

type ExternalAPI interface {
	// List available accounts
	List(ctx context.Context) ([]common.Address, error)
	// New request to create a new account
	New(ctx context.Context) (common.Address, error)
	// SignTransaction request to sign the specified transaction
	SignTransaction(ctx context.Context, args apitypes.SendTxArgs, methodSelector *string) (*ethapi.SignTransactionResult, error)
	// SignData - request to sign the given data (plus prefix)
	SignData(ctx context.Context, contentType string, addr common.MixedcaseAddress, data interface{}) (hexutil.Bytes, error)
	// SignTypedData - request to sign the given structured data (plus prefix)
	SignTypedData(ctx context.Context, addr common.MixedcaseAddress, data apitypes.TypedData) (hexutil.Bytes, error)
	// EcRecover - recover public key from given message and signature
	EcRecover(ctx context.Context, data hexutil.Bytes, sig hexutil.Bytes) (common.Address, error)
	// Version info about the APIs
	Version(ctx context.Context) (string, error)
	// SignGnosisSafeTransaction signs/confirms a gnosis-safe multisig transaction
	SignGnosisSafeTx(ctx context.Context, signerAddress common.MixedcaseAddress, gnosisTx GnosisSafeTx, methodSelector *string) (*GnosisSafeTx, error)
}

ExternalAPI defines the external API through which signing requests are made.

type GnosisSafeTx

type GnosisSafeTx struct {
	// These fields are only used on output
	Signature  hexutil.Bytes           `json:"signature"`
	SafeTxHash common.Hash             `json:"contractTransactionHash"`
	Sender     common.MixedcaseAddress `json:"sender"`
	// These fields are used both on input and output
	Safe           common.MixedcaseAddress `json:"safe"`
	To             common.MixedcaseAddress `json:"to"`
	Value          math.Decimal256         `json:"value"`
	GasPrice       math.Decimal256         `json:"gasPrice"`
	Data           *hexutil.Bytes          `json:"data"`
	Operation      uint8                   `json:"operation"`
	GasToken       common.Address          `json:"gasToken"`
	RefundReceiver common.Address          `json:"refundReceiver"`
	BaseGas        big.Int                 `json:"baseGas"`
	SafeTxGas      big.Int                 `json:"safeTxGas"`
	Nonce          big.Int                 `json:"nonce"`
	InputExpHash   common.Hash             `json:"safeTxHash"`
	ChainId        *math.HexOrDecimal256   `json:"chainId,omitempty"`
}

GnosisSafeTx is a type to parse the safe-tx returned by the relayer, it also conforms to the API required by the Gnosis Safe tx relay service. See 'SafeMultisigTransaction' on https://safe-transaction.mainnet.gnosis.io/

func (*GnosisSafeTx) ArgsForValidation

func (tx *GnosisSafeTx) ArgsForValidation() *apitypes.SendTxArgs

ArgsForValidation returns a SendTxArgs struct, which can be used for the common validations, e.g. look up 4byte destinations

func (*GnosisSafeTx) ToTypedData

func (tx *GnosisSafeTx) ToTypedData() apitypes.TypedData

ToTypedData converts the tx to a EIP-712 Typed Data structure for signing

type ListRequest

type ListRequest struct {
	Accounts []accounts.Account `json:"accounts"`
	Meta     Metadata           `json:"meta"`
}

types for the requests/response types between signer and UI

type ListResponse

type ListResponse struct {
	Accounts []accounts.Account `json:"accounts"`
}

types for the requests/response types between signer and UI

type Message

type Message struct {
	Text string `json:"text"`
}

types for the requests/response types between signer and UI

type Metadata

type Metadata struct {
	Remote    string `json:"remote"`
	Local     string `json:"local"`
	Scheme    string `json:"scheme"`
	UserAgent string `json:"User-Agent"`
	Origin    string `json:"Origin"`
}

Metadata about a request

func MetadataFromContext

func MetadataFromContext(ctx context.Context) Metadata

MetadataFromContext extracts Metadata from a given context.Context

func (Metadata) String

func (m Metadata) String() string

String implements Stringer interface

type NewAccountRequest

type NewAccountRequest struct {
	Meta Metadata `json:"meta"`
}

types for the requests/response types between signer and UI

type NewAccountResponse

type NewAccountResponse struct {
	Approved bool `json:"approved"`
}

types for the requests/response types between signer and UI

type SignDataRequest

type SignDataRequest struct {
	ContentType string                    `json:"content_type"`
	Address     common.MixedcaseAddress   `json:"address"`
	Rawdata     []byte                    `json:"raw_data"`
	Messages    []*apitypes.NameValueType `json:"messages"`
	Callinfo    []apitypes.ValidationInfo `json:"call_info"`
	Hash        hexutil.Bytes             `json:"hash"`
	Meta        Metadata                  `json:"meta"`
}

types for the requests/response types between signer and UI

type SignDataResponse

type SignDataResponse struct {
	Approved bool `json:"approved"`
}

types for the requests/response types between signer and UI

type SignTxRequest

type SignTxRequest struct {
	Transaction apitypes.SendTxArgs       `json:"transaction"`
	Callinfo    []apitypes.ValidationInfo `json:"call_info"`
	Meta        Metadata                  `json:"meta"`
}

SignTxRequest contains info about a Transaction to sign

type SignTxResponse

type SignTxResponse struct {
	//The UI may make changes to the TX
	Transaction apitypes.SendTxArgs `json:"transaction"`
	Approved    bool                `json:"approved"`
}

SignTxResponse result from SignTxRequest

type SignerAPI

type SignerAPI struct {
	UI UIClientAPI
	// contains filtered or unexported fields
}

SignerAPI defines the actual implementation of ExternalAPI

func NewSignerAPI

func NewSignerAPI(am *accounts.Manager, chainID int64, noUSB bool, ui UIClientAPI, validator Validator, advancedMode bool, credentials storage.Storage) *SignerAPI

NewSignerAPI creates a new API that can be used for Account management. ksLocation specifies the directory where to store the password protected private key that is generated when a new Account is created. noUSB disables USB support that is required to support hardware devices such as ledger and trezor.

func (*SignerAPI) EcRecover

func (api *SignerAPI) EcRecover(ctx context.Context, data hexutil.Bytes, sig hexutil.Bytes) (common.Address, error)

EcRecover recovers the address associated with the given sig. Only compatible with `text/plain`

func (*SignerAPI) List

func (api *SignerAPI) List(ctx context.Context) ([]common.Address, error)

List returns the set of wallet this signer manages. Each wallet can contain multiple accounts.

func (*SignerAPI) New

func (api *SignerAPI) New(ctx context.Context) (common.Address, error)

New creates a new password protected Account. The private key is protected with the given password. Users are responsible to backup the private key that is stored in the keystore location thas was specified when this API was created.

func (*SignerAPI) SignData

func (api *SignerAPI) SignData(ctx context.Context, contentType string, addr common.MixedcaseAddress, data interface{}) (hexutil.Bytes, error)

SignData signs the hash of the provided data, but does so differently depending on the content-type specified.

Different types of validation occur.

func (*SignerAPI) SignGnosisSafeTx

func (api *SignerAPI) SignGnosisSafeTx(ctx context.Context, signerAddress common.MixedcaseAddress, gnosisTx GnosisSafeTx, methodSelector *string) (*GnosisSafeTx, error)

func (*SignerAPI) SignTransaction

func (api *SignerAPI) SignTransaction(ctx context.Context, args apitypes.SendTxArgs, methodSelector *string) (*ethapi.SignTransactionResult, error)

SignTransaction signs the given Transaction and returns it both as json and rlp-encoded form

func (*SignerAPI) SignTypedData

func (api *SignerAPI) SignTypedData(ctx context.Context, addr common.MixedcaseAddress, typedData apitypes.TypedData) (hexutil.Bytes, error)

SignTypedData signs EIP-712 conformant typed data hash = keccak256("\x19${byteVersion}${domainSeparator}${hashStruct(message)}") It returns - the signature, - and/or any error

func (*SignerAPI) Version

func (api *SignerAPI) Version(ctx context.Context) (string, error)

Returns the external api version. This method does not require user acceptance. Available methods are available via enumeration anyway, and this info does not contain user-specific data

type StartupInfo

type StartupInfo struct {
	Info map[string]interface{} `json:"info"`
}

types for the requests/response types between signer and UI

type StdIOUI

type StdIOUI struct {
	// contains filtered or unexported fields
}

func NewStdIOUI

func NewStdIOUI() *StdIOUI

func (*StdIOUI) ApproveListing

func (ui *StdIOUI) ApproveListing(request *ListRequest) (ListResponse, error)

func (*StdIOUI) ApproveNewAccount

func (ui *StdIOUI) ApproveNewAccount(request *NewAccountRequest) (NewAccountResponse, error)

func (*StdIOUI) ApproveSignData

func (ui *StdIOUI) ApproveSignData(request *SignDataRequest) (SignDataResponse, error)

func (*StdIOUI) ApproveTx

func (ui *StdIOUI) ApproveTx(request *SignTxRequest) (SignTxResponse, error)

func (*StdIOUI) OnApprovedTx

func (ui *StdIOUI) OnApprovedTx(tx ethapi.SignTransactionResult)

func (*StdIOUI) OnInputRequired

func (ui *StdIOUI) OnInputRequired(info UserInputRequest) (UserInputResponse, error)

func (*StdIOUI) OnSignerStartup

func (ui *StdIOUI) OnSignerStartup(info StartupInfo)

func (*StdIOUI) RegisterUIServer

func (ui *StdIOUI) RegisterUIServer(api *UIServerAPI)

func (*StdIOUI) ShowError

func (ui *StdIOUI) ShowError(message string)

func (*StdIOUI) ShowInfo

func (ui *StdIOUI) ShowInfo(message string)

type UIClientAPI

type UIClientAPI interface {
	// ApproveTx prompt the user for confirmation to request to sign Transaction
	ApproveTx(request *SignTxRequest) (SignTxResponse, error)
	// ApproveSignData prompt the user for confirmation to request to sign data
	ApproveSignData(request *SignDataRequest) (SignDataResponse, error)
	// ApproveListing prompt the user for confirmation to list accounts
	// the list of accounts to list can be modified by the UI
	ApproveListing(request *ListRequest) (ListResponse, error)
	// ApproveNewAccount prompt the user for confirmation to create new Account, and reveal to caller
	ApproveNewAccount(request *NewAccountRequest) (NewAccountResponse, error)
	// ShowError displays error message to user
	ShowError(message string)
	// ShowInfo displays info message to user
	ShowInfo(message string)
	// OnApprovedTx notifies the UI about a transaction having been successfully signed.
	// This method can be used by a UI to keep track of e.g. how much has been sent to a particular recipient.
	OnApprovedTx(tx ethapi.SignTransactionResult)
	// OnSignerStartup is invoked when the signer boots, and tells the UI info about external API location and version
	// information
	OnSignerStartup(info StartupInfo)
	// OnInputRequired is invoked when clef requires user input, for example master password or
	// pin-code for unlocking hardware wallets
	OnInputRequired(info UserInputRequest) (UserInputResponse, error)
	// RegisterUIServer tells the UI to use the given UIServerAPI for ui->clef communication
	RegisterUIServer(api *UIServerAPI)
}

UIClientAPI specifies what method a UI needs to implement to be able to be used as a UI for the signer

type UIServerAPI

type UIServerAPI struct {
	// contains filtered or unexported fields
}

SignerUIAPI implements methods Clef provides for a UI to query, in the bidirectional communication channel. This API is considered secure, since a request can only ever arrive from the UI -- and the UI is capable of approving any action, thus we can consider these requests pre-approved. NB: It's very important that these methods are not ever exposed on the external service registry.

func NewUIServerAPI

func NewUIServerAPI(extapi *SignerAPI) *UIServerAPI

NewUIServerAPI creates a new UIServerAPI

func (*UIServerAPI) ChainId

func (s *UIServerAPI) ChainId() math.HexOrDecimal64

ChainId returns the chainid in use for Eip-155 replay protection Example call {"jsonrpc":"2.0","method":"clef_chainId","params":[], "id":8}

func (*UIServerAPI) DeriveAccount

func (s *UIServerAPI) DeriveAccount(url string, path string, pin *bool) (accounts.Account, error)

DeriveAccount requests a HD wallet to derive a new account, optionally pinning it for later reuse. Example call {"jsonrpc":"2.0","method":"clef_deriveAccount","params":["ledger://","m/44'/60'/0'", false], "id":6}

func (*UIServerAPI) Export

func (s *UIServerAPI) Export(ctx context.Context, addr common.Address) (json.RawMessage, error)

Export returns encrypted private key associated with the given address in web3 keystore format. Example {"jsonrpc":"2.0","method":"clef_export","params":["0x19e7e376e7c213b7e7e7e46cc70a5dd086daff2a"], "id":4}

func (*UIServerAPI) Import

func (api *UIServerAPI) Import(ctx context.Context, keyJSON json.RawMessage, oldPassphrase, newPassphrase string) (accounts.Account, error)

Import tries to import the given keyJSON in the local keystore. The keyJSON data is expected to be in web3 keystore format. It will decrypt the keyJSON with the given passphrase and on successful decryption it will encrypt the key with the given newPassphrase and store it in the keystore. Example (the address in question has privkey `11...11`): {"jsonrpc":"2.0","method":"clef_import","params":[{"address":"19e7e376e7c213b7e7e7e46cc70a5dd086daff2a","crypto":{"cipher":"aes-128-ctr","ciphertext":"33e4cd3756091d037862bb7295e9552424a391a6e003272180a455ca2a9fb332","cipherparams":{"iv":"b54b263e8f89c42bb219b6279fba5cce"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"e4ca94644fd30569c1b1afbbc851729953c92637b7fe4bb9840bbb31ffbc64a5"},"mac":"f4092a445c2b21c0ef34f17c9cd0d873702b2869ec5df4439a0c2505823217e7"},"id":"216c7eac-e8c1-49af-a215-fa0036f29141","version":3},"test","yaddayadda"], "id":4}

func (*UIServerAPI) ImportRawKey

func (s *UIServerAPI) ImportRawKey(privkey string, password string) (accounts.Account, error)

ImportRawKey stores the given hex encoded ECDSA key into the key directory, encrypting it with the passphrase. Example call (should fail on password too short) {"jsonrpc":"2.0","method":"clef_importRawKey","params":["1111111111111111111111111111111111111111111111111111111111111111","test"], "id":6}

func (*UIServerAPI) ListAccounts

func (s *UIServerAPI) ListAccounts(ctx context.Context) ([]accounts.Account, error)

List available accounts. As opposed to the external API definition, this method delivers the full Account object and not only Address. Example call {"jsonrpc":"2.0","method":"clef_listAccounts","params":[], "id":4}

func (*UIServerAPI) ListWallets

func (s *UIServerAPI) ListWallets() []rawWallet

ListWallets will return a list of wallets that clef manages Example call {"jsonrpc":"2.0","method":"clef_listWallets","params":[], "id":5}

func (*UIServerAPI) New

func (api *UIServerAPI) New(ctx context.Context) (common.Address, error)

New creates a new password protected Account. The private key is protected with the given password. Users are responsible to backup the private key that is stored in the keystore location that was specified when this API was created. This method is the same as New on the external API, the difference being that this implementation does not ask for confirmation, since it's initiated by the user

func (*UIServerAPI) OpenWallet

func (s *UIServerAPI) OpenWallet(url string, passphrase *string) error

OpenWallet initiates a hardware wallet opening procedure, establishing a USB connection and attempting to authenticate via the provided passphrase. Note, the method may return an extra challenge requiring a second open (e.g. the Trezor PIN matrix challenge). Example {"jsonrpc":"2.0","method":"clef_openWallet","params":["ledger://",""], "id":6}

func (*UIServerAPI) SetChainId

SetChainId sets the chain id to use when signing transactions. Example call to set Ropsten: {"jsonrpc":"2.0","method":"clef_setChainId","params":["3"], "id":8}

type UserInputRequest

type UserInputRequest struct {
	Title      string `json:"title"`
	Prompt     string `json:"prompt"`
	IsPassword bool   `json:"isPassword"`
}

types for the requests/response types between signer and UI

type UserInputResponse

type UserInputResponse struct {
	Text string `json:"text"`
}

types for the requests/response types between signer and UI

type Validator

type Validator interface {
	// ValidateTransaction does a number of checks on the supplied transaction, and
	// returns either a list of warnings, or an error (indicating that the transaction
	// should be immediately rejected).
	ValidateTransaction(selector *string, tx *apitypes.SendTxArgs) (*apitypes.ValidationMessages, error)
}

Validator defines the methods required to validate a transaction against some sanity defaults as well as any underlying 4byte method database.

Use fourbyte.Database as an implementation. It is separated out of this package to allow pieces of the signer package to be used without having to load the 7MB embedded 4byte dump.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL