Enable passwords for constellation keys

[Lsquared13]

Problem

We need password protection on our constellation keys

The previous issue we had might have been due to machines being too small, so we should try again before we start troubleshooting.

[Lsquared13]

Okay I just realized we need to do the vault thing we did for quorum in Issue #14 .

Assigning this to @john-osullivan to work the same magic as done on quorum

Acceptance Criteria

• Constellation generates a random UUID as its password
• Constellation can fetch the password for its key from Vault when it starts running
• Constellation takes command line arguments to determine where to fetch the password from
• The Constellation password is not persisted to disk

[john-osullivan]

Hey, so I was just talking shit with Juan (@eximchain137 ) and just discovered there's a Go version of Constellation named crux, written by blk.io from London. They wrote it because people were having a lot of trouble working with Haskell (I'm shocked). Its interface is essentially the same, implementation is allegedly identical. A rough skim over the code holds that up, it's got a very similar file structure.

Needless to say, modifying Golang source would be much easier than picking apart the Haskell. Open question is how much painful the infra transition would be. FWIW, the binary seems to support all the arguments we're using:

Usage of ./bin/crux:
      crux.config              Optional config file
      --alwayssendto string    List of public keys for nodes to send all transactions too
      --berkeleydb             Use Berkeley DB for storage
      --generate-keys string   Generate a new keypair
      --othernodes string      "Boot nodes" to connect to to discover the network
      --port int               The local port to listen on (default -1)
      --privatekeys string     Private keys hosted by this node
      --publickeys string      Public keys hosted by this node
      --socket string          IPC socket to create for access to the Private API
      --storage string         Database storage file name (default "crux.db")
      --url string             The URL to advertise to other nodes (reachable by them)
      --verbosity int          Verbosity level of logs (default 1)
      --workdir string         The folder to put stuff in (default: .) (default ".")
      --grpc                   Use protobuf + gRPC for communication between nodes
      --tls                    Use TLS to secure HTTP communications
      --tlsservercert          TLS server certificate
      --tlsserverkey           TLS server key

Ironically, though, no password support at all yet. Much easier to bring into this Golang code, though!

Let's maybe all sit down in the next couple days to talk through the potential value of making this swap?

[Lsquared13]

May eventually want to move to CRUX for individual nodes.

We probably just want to disable constellation for mainnet launch