prysm-pulse/validator/accounts/account.go

package accounts

import (
	"bytes"
	"crypto/rand"
	"encoding/hex"
	"errors"
	"fmt"
	"io"
	"os"

	"github.com/prysmaticlabs/prysm/shared/keystore"
	"github.com/prysmaticlabs/prysm/shared/params"
	"github.com/prysmaticlabs/prysm/shared/ssz"
	"github.com/sirupsen/logrus"
)

var log = logrus.WithField("prefix", "accounts")

// VerifyAccountNotExists checks if a validator has not yet created an account
// and keystore in the provided directory string.
func VerifyAccountNotExists(directory string, password string) error {
	if directory == "" || password == "" {
		return errors.New("expected a path to the validator keystore and password to be provided, received nil")
	}
	shardWithdrawalKeyFile := params.BeaconConfig().WithdrawalPrivkeyFileName
	validatorKeyFile := params.BeaconConfig().ValidatorPrivkeyFileName
	// First, if the keystore already exists, throws an error as there can only be
	// one keystore per validator client.
	ks := keystore.NewKeystore(directory)
	if _, err := ks.GetKeys(directory, shardWithdrawalKeyFile, password); err == nil {
		return fmt.Errorf("keystore at path already exists: %s", shardWithdrawalKeyFile)
	}
	if _, err := ks.GetKeys(directory, validatorKeyFile, password); err == nil {
		return fmt.Errorf("keystore at path already exists: %s", validatorKeyFile)
	}
	return nil
}

// NewValidatorAccount sets up a validator client's secrets and generates the necessary deposit data
// parameters needed to deposit into the deposit contract on the ETH1.0 chain. Specifically, this
// generates a BLS private and public key, and then logs the serialized deposit input hex string
// to be used in an ETH1.0 transaction by the validator.
func NewValidatorAccount(directory string, password string) error {
	shardWithdrawalKeyFile := directory + params.BeaconConfig().WithdrawalPrivkeyFileName
	validatorKeyFile := directory + params.BeaconConfig().ValidatorPrivkeyFileName
	ks := keystore.NewKeystore(directory)
	// If the keystore does not exists at the path, we create a new one for the validator.
	shardWithdrawalKey, err := keystore.NewKey(rand.Reader)
	if err != nil {
		return err
	}
	shardWithdrawalKeyFile = shardWithdrawalKeyFile + hex.EncodeToString(shardWithdrawalKey.PublicKey.Marshal())[:12]
	if err := ks.StoreKey(shardWithdrawalKeyFile, shardWithdrawalKey, password); err != nil {
		return fmt.Errorf("unable to store key %v", err)
	}
	log.WithField(
		"path",
		shardWithdrawalKeyFile,
	).Info("Keystore generated for shard withdrawals at path")
	validatorKey, err := keystore.NewKey(rand.Reader)
	if err != nil {
		return err
	}
	validatorKeyFile = validatorKeyFile + hex.EncodeToString(validatorKey.PublicKey.Marshal())[:12]
	if err := ks.StoreKey(validatorKeyFile, validatorKey, password); err != nil {
		return fmt.Errorf("unable to store key %v", err)
	}
	log.WithField(
		"path",
		validatorKeyFile,
	).Info("Keystore generated for validator signatures at path")

	data, err := keystore.DepositInput(validatorKey, shardWithdrawalKey)
	if err != nil {
		return fmt.Errorf("unable to generate deposit data: %v", err)
	}
	serializedData := new(bytes.Buffer)
	if err := ssz.Encode(serializedData, data); err != nil {
		return fmt.Errorf("could not serialize deposit data: %v", err)
	}
	log.Info(`Account creation complete! Copy and paste the deposit data shown below when issuing a transaction into the ETH1.0 deposit contract to activate your validator client`)
	fmt.Printf(`
========================Deposit Data=======================

%#x

===========================================================
`, serializedData)
	return nil
}

// Exists checks if a validator account at a given keystore path exists.
func Exists(keystorePath string) (bool, error) {
	/* #nosec */
	f, err := os.Open(keystorePath)
	if err != nil {
		return false, nil
	}
	defer func() {
		if err := f.Close(); err != nil {
			log.Fatal(err)
		}
	}()

	_, err = f.Readdirnames(1) // Or f.Readdir(1)
	if err == io.EOF {
		return false, nil
	}
	return true, err
}
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`package accounts`

			`import (`
			`"bytes"`
			`"crypto/rand"`
keystore and account support for multi key (#2054) * keystore and account support for multi key * fix service issues * fix Potential file inclusion * fix Potential file inclusion try2 * Update shared/keystore/keystore.go remove security detection for file read Co-Authored-By: shayzluf <thezluf@gmail.com> * getkeys uses map to pt multiple copies of the same key * use 12 char of public key to differentiate file names * use map in test * fix changes from 2069 into here * add // #nosec G304 2019-03-29 22:26:41 +00:00			`"encoding/hex"`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`"errors"`
			`"fmt"`
Interactive Validator Client Onboarding (#2362) 2019-04-24 04:29:06 +00:00			`"io"`
			`"os"`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00
			`"github.com/prysmaticlabs/prysm/shared/keystore"`
Test Syncing with Another Fully Synced Service (#1594) * clean up test * adding test setup * add chainstart check to sync querier * goimports * goimports * backend cleanup * adding getters * lint * moving to db * gazelle * adding more services setup * adding more changes * adding different test setups * other merge issues * imports * fixing keys * get intial sync able to be set up * new changes and gazelle * use simulated p2p * everything finally works * unexport fields * revert changes from merge * remove mock server * add documentation * gazelle * add another node * review comments * fix tests 2019-02-23 06:06:20 +00:00			`"github.com/prysmaticlabs/prysm/shared/params"`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`"github.com/prysmaticlabs/prysm/shared/ssz"`
			`"github.com/sirupsen/logrus"`
			`)`

			`var log = logrus.WithField("prefix", "accounts")`

			`// VerifyAccountNotExists checks if a validator has not yet created an account`
			`// and keystore in the provided directory string.`
			`func VerifyAccountNotExists(directory string, password string) error {`
			`if directory == "" \|\| password == "" {`
			`return errors.New("expected a path to the validator keystore and password to be provided, received nil")`
			`}`
Validator-multiple key (#2069) * first version - broken * working proto changes * resolve review remarks * fix goimport issues * fix service issues * first logic version-broken * first running version - no new tests * fix validator client test * add wait group to goroutines * remove unused var in function call * fix review remarks and tests * merge master changes and fix conflicts * gazzele fix * fix prestonvanloon requested changes * merge and some of terenc3t remarks addressed * _,pk bug fix in log * fix account file name suffix and filter not active validator out * merge with master and fix missing parameters * run over all public keys in hasvalidators * add test for error when no all the validators has index in the db and hasvalidators is called * fix runner tests fail due to timing issues * goimports * smaller sleep time in proposer tests * fix UpdateAssignments loging * fix goimports * added && false commented TestUpdateAssignments_DoesNothingWhenNotEpochStartAndAlreadyExistingAssignments * hasvalidators without missing publickeys list * fix some of prestone review remarks * fixes for prestone comments * review changes applied * expect context call in TestWaitForActivation_ValidatorOriginallyExists * changed hasvalidators to return true if one validator exists * fix init problem to getkeys * hasvalidators requiers all validators to be in db * validator attest assignments update * fix ap var name * Change name to hasallvalidators * fix tests * update script, fix any vs all validator calls * fix wait for activation * filter validator * reuse the reply block * fix imports * Remove dup * better lookup of active validators * better filter active vlaidators, still need to fix committee assignment tests * lint * use activated keys * fix for postchainstart * fix logging * move state transitions * hasanyvalidator and hasallvalidators * fix tests with updatechainhead missing * add tests * fix TestCommitteeAssignment_OK * fix test * fix validator tests * fix TestCommitteeAssignment_multipleKeys_OK and TestWaitForActivation_ValidatorOriginallyExists * fix goimports * removed unused param from assignment * change string(pk) to hex.EncodeString(pk) fix change requests * add inactive validator status to assignments * fix logging mess due to multi validator setup * set no assignment to debug level * log assignments every epoch * logging fixes * fixed runtime by using the right assignments * correct activation request * fix the validator panic * correct assignment * fix test fail and waitforactivation * performance log issue fix * fix goimports * add log message with truncated pk for attest * add truncated pk to attest and propose logs * Add comment to script, change 9 to 8 * Update assignment log * Add comment, report number of assignments * Use WithError, add validator as field, merge block proposal log * Update validator_propose.go * fix * use entry.String() * fix fmt 2019-04-18 17:23:38 +00:00			`shardWithdrawalKeyFile := params.BeaconConfig().WithdrawalPrivkeyFileName`
			`validatorKeyFile := params.BeaconConfig().ValidatorPrivkeyFileName`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`// First, if the keystore already exists, throws an error as there can only be`
			`// one keystore per validator client.`
			`ks := keystore.NewKeystore(directory)`
Validator-multiple key (#2069) * first version - broken * working proto changes * resolve review remarks * fix goimport issues * fix service issues * first logic version-broken * first running version - no new tests * fix validator client test * add wait group to goroutines * remove unused var in function call * fix review remarks and tests * merge master changes and fix conflicts * gazzele fix * fix prestonvanloon requested changes * merge and some of terenc3t remarks addressed * _,pk bug fix in log * fix account file name suffix and filter not active validator out * merge with master and fix missing parameters * run over all public keys in hasvalidators * add test for error when no all the validators has index in the db and hasvalidators is called * fix runner tests fail due to timing issues * goimports * smaller sleep time in proposer tests * fix UpdateAssignments loging * fix goimports * added && false commented TestUpdateAssignments_DoesNothingWhenNotEpochStartAndAlreadyExistingAssignments * hasvalidators without missing publickeys list * fix some of prestone review remarks * fixes for prestone comments * review changes applied * expect context call in TestWaitForActivation_ValidatorOriginallyExists * changed hasvalidators to return true if one validator exists * fix init problem to getkeys * hasvalidators requiers all validators to be in db * validator attest assignments update * fix ap var name * Change name to hasallvalidators * fix tests * update script, fix any vs all validator calls * fix wait for activation * filter validator * reuse the reply block * fix imports * Remove dup * better lookup of active validators * better filter active vlaidators, still need to fix committee assignment tests * lint * use activated keys * fix for postchainstart * fix logging * move state transitions * hasanyvalidator and hasallvalidators * fix tests with updatechainhead missing * add tests * fix TestCommitteeAssignment_OK * fix test * fix validator tests * fix TestCommitteeAssignment_multipleKeys_OK and TestWaitForActivation_ValidatorOriginallyExists * fix goimports * removed unused param from assignment * change string(pk) to hex.EncodeString(pk) fix change requests * add inactive validator status to assignments * fix logging mess due to multi validator setup * set no assignment to debug level * log assignments every epoch * logging fixes * fixed runtime by using the right assignments * correct activation request * fix the validator panic * correct assignment * fix test fail and waitforactivation * performance log issue fix * fix goimports * add log message with truncated pk for attest * add truncated pk to attest and propose logs * Add comment to script, change 9 to 8 * Update assignment log * Add comment, report number of assignments * Use WithError, add validator as field, merge block proposal log * Update validator_propose.go * fix * use entry.String() * fix fmt 2019-04-18 17:23:38 +00:00			`if _, err := ks.GetKeys(directory, shardWithdrawalKeyFile, password); err == nil {`
			`return fmt.Errorf("keystore at path already exists: %s", shardWithdrawalKeyFile)`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`}`
Validator-multiple key (#2069) * first version - broken * working proto changes * resolve review remarks * fix goimport issues * fix service issues * first logic version-broken * first running version - no new tests * fix validator client test * add wait group to goroutines * remove unused var in function call * fix review remarks and tests * merge master changes and fix conflicts * gazzele fix * fix prestonvanloon requested changes * merge and some of terenc3t remarks addressed * _,pk bug fix in log * fix account file name suffix and filter not active validator out * merge with master and fix missing parameters * run over all public keys in hasvalidators * add test for error when no all the validators has index in the db and hasvalidators is called * fix runner tests fail due to timing issues * goimports * smaller sleep time in proposer tests * fix UpdateAssignments loging * fix goimports * added && false commented TestUpdateAssignments_DoesNothingWhenNotEpochStartAndAlreadyExistingAssignments * hasvalidators without missing publickeys list * fix some of prestone review remarks * fixes for prestone comments * review changes applied * expect context call in TestWaitForActivation_ValidatorOriginallyExists * changed hasvalidators to return true if one validator exists * fix init problem to getkeys * hasvalidators requiers all validators to be in db * validator attest assignments update * fix ap var name * Change name to hasallvalidators * fix tests * update script, fix any vs all validator calls * fix wait for activation * filter validator * reuse the reply block * fix imports * Remove dup * better lookup of active validators * better filter active vlaidators, still need to fix committee assignment tests * lint * use activated keys * fix for postchainstart * fix logging * move state transitions * hasanyvalidator and hasallvalidators * fix tests with updatechainhead missing * add tests * fix TestCommitteeAssignment_OK * fix test * fix validator tests * fix TestCommitteeAssignment_multipleKeys_OK and TestWaitForActivation_ValidatorOriginallyExists * fix goimports * removed unused param from assignment * change string(pk) to hex.EncodeString(pk) fix change requests * add inactive validator status to assignments * fix logging mess due to multi validator setup * set no assignment to debug level * log assignments every epoch * logging fixes * fixed runtime by using the right assignments * correct activation request * fix the validator panic * correct assignment * fix test fail and waitforactivation * performance log issue fix * fix goimports * add log message with truncated pk for attest * add truncated pk to attest and propose logs * Add comment to script, change 9 to 8 * Update assignment log * Add comment, report number of assignments * Use WithError, add validator as field, merge block proposal log * Update validator_propose.go * fix * use entry.String() * fix fmt 2019-04-18 17:23:38 +00:00			`if _, err := ks.GetKeys(directory, validatorKeyFile, password); err == nil {`
			`return fmt.Errorf("keystore at path already exists: %s", validatorKeyFile)`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`}`
			`return nil`
			`}`

			`// NewValidatorAccount sets up a validator client's secrets and generates the necessary deposit data`
			`// parameters needed to deposit into the deposit contract on the ETH1.0 chain. Specifically, this`
			`// generates a BLS private and public key, and then logs the serialized deposit input hex string`
			`// to be used in an ETH1.0 transaction by the validator.`
			`func NewValidatorAccount(directory string, password string) error {`
Provide Real Keystore to Validator Service for Public/Private Key Access at Runtime (#1570) * provide validator with real keystore public key * fmt * build errors buildkite * readd imports removed by goimport * gazelle * address broken tests * make reference to filename a param * fmt * imports * gazelle * os remove all * Use better Temp storage for tests * testmain approach to avoid repeating expensive operation for each test * travis lint * fix test * nokeystore in status test * passing * fix goimports 2019-02-13 23:49:06 +00:00			`shardWithdrawalKeyFile := directory + params.BeaconConfig().WithdrawalPrivkeyFileName`
			`validatorKeyFile := directory + params.BeaconConfig().ValidatorPrivkeyFileName`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`ks := keystore.NewKeystore(directory)`
			`// If the keystore does not exists at the path, we create a new one for the validator.`
			`shardWithdrawalKey, err := keystore.NewKey(rand.Reader)`
			`if err != nil {`
			`return err`
			`}`
keystore and account support for multi key (#2054) * keystore and account support for multi key * fix service issues * fix Potential file inclusion * fix Potential file inclusion try2 * Update shared/keystore/keystore.go remove security detection for file read Co-Authored-By: shayzluf <thezluf@gmail.com> * getkeys uses map to pt multiple copies of the same key * use 12 char of public key to differentiate file names * use map in test * fix changes from 2069 into here * add // #nosec G304 2019-03-29 22:26:41 +00:00			`shardWithdrawalKeyFile = shardWithdrawalKeyFile + hex.EncodeToString(shardWithdrawalKey.PublicKey.Marshal())[:12]`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`if err := ks.StoreKey(shardWithdrawalKeyFile, shardWithdrawalKey, password); err != nil {`
			`return fmt.Errorf("unable to store key %v", err)`
			`}`
			`log.WithField(`
			`"path",`
			`shardWithdrawalKeyFile,`
			`).Info("Keystore generated for shard withdrawals at path")`
			`validatorKey, err := keystore.NewKey(rand.Reader)`
			`if err != nil {`
			`return err`
			`}`
keystore and account support for multi key (#2054) * keystore and account support for multi key * fix service issues * fix Potential file inclusion * fix Potential file inclusion try2 * Update shared/keystore/keystore.go remove security detection for file read Co-Authored-By: shayzluf <thezluf@gmail.com> * getkeys uses map to pt multiple copies of the same key * use 12 char of public key to differentiate file names * use map in test * fix changes from 2069 into here * add // #nosec G304 2019-03-29 22:26:41 +00:00			`validatorKeyFile = validatorKeyFile + hex.EncodeToString(validatorKey.PublicKey.Marshal())[:12]`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`if err := ks.StoreKey(validatorKeyFile, validatorKey, password); err != nil {`
			`return fmt.Errorf("unable to store key %v", err)`
			`}`
			`log.WithField(`
			`"path",`
			`validatorKeyFile,`
			`).Info("Keystore generated for validator signatures at path")`

DepositInput: Proof of possession, withdrawal credentials (#1675) * move deposit input to keystore pkg, add proof of possession and withdrawal addr * Add spec details for deposit input * Use ssz * actually use withdrawal key 2019-02-22 20:24:31 +00:00			`data, err := keystore.DepositInput(validatorKey, shardWithdrawalKey)`
			`if err != nil {`
			`return fmt.Errorf("unable to generate deposit data: %v", err)`
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`}`
			`serializedData := new(bytes.Buffer)`
			`if err := ssz.Encode(serializedData, data); err != nil {`
			`return fmt.Errorf("could not serialize deposit data: %v", err)`
			`}`
			log.Info(`Account creation complete! Copy and paste the deposit data shown below when issuing a transaction into the ETH1.0 deposit contract to activate your validator client`)
Print a better copy/paste version of the deposit data (#1629) 2019-02-18 23:06:55 +00:00			fmt.Printf(`
			`========================Deposit Data=======================`

			`%#x`

			`===========================================================`
			`, serializedData)
Validator Secret Initialization (#1436) * begin validator initialization * utilize keystore * cli create * add items * validator accounts package * completed tests * linter * fix broken build 2019-01-31 11:57:57 +00:00			`return nil`
			`}`
Interactive Validator Client Onboarding (#2362) 2019-04-24 04:29:06 +00:00
			`// Exists checks if a validator account at a given keystore path exists.`
			`func Exists(keystorePath string) (bool, error) {`
			`/* #nosec */`
			`f, err := os.Open(keystorePath)`
			`if err != nil {`
			`return false, nil`
			`}`
			`defer func() {`
			`if err := f.Close(); err != nil {`
			`log.Fatal(err)`
			`}`
			`}()`

			`_, err = f.Readdirnames(1) // Or f.Readdir(1)`
			`if err == io.EOF {`
			`return false, nil`
			`}`
			`return true, err`
			`}`