Merge release/6.0.0 into release/6.1.0

commander/src/bootstrapping/commands/genesis-block/create.ts

@@ -18,9 +18,10 @@ import { Application, PartialApplicationConfig } from 'lisk-framework';
 import { objects } from '@liskhq/lisk-utils';
 import { Command, Flags as flagParser } from '@oclif/core';
 import * as fs from 'fs-extra';
-import { join, resolve } from 'path';
+import { isAbsolute, join, resolve } from 'path';
 import { validator } from '@liskhq/lisk-validator';
 import { codec } from '@liskhq/lisk-codec';
+import { homedir } from 'os';
 import { GenesisAssetsInput, genesisAssetsSchema } from '../../../utils/genesis_creation';
 import { flagsWithParser } from '../../../utils/flags';
 import { getNetworkConfigFilesPath } from '../../../utils/path';
@@ -47,6 +48,10 @@ export abstract class BaseGenesisBlockCommand extends Command {
 			description: 'Path to file which contains genesis block asset in JSON format',
 			required: true,
 		}),
+		'export-json': flagParser.boolean({
+			description: 'Export genesis block as JSON format along with blob',
+			default: false,
+		}),
 		height: flagParser.integer({
 			char: 'h',
 			description: 'Genesis block height',
@@ -74,6 +79,7 @@ export abstract class BaseGenesisBlockCommand extends Command {
 				height,
 				timestamp,
 				'previous-block-id': previousBlockIDString,
+				'export-json': exportJSON,
 			},
 		} = await this.parse(BaseGenesisBlockCommand);
 		// validate folder name to not include camelcase or whitespace
@@ -95,7 +101,12 @@ export abstract class BaseGenesisBlockCommand extends Command {
 			config = objects.mergeDeep(config, customConfig);
 		}
 		// determine proper path
-		const configPath = join(process.cwd(), output);
+		let configPath = output;
+		if (output.includes('~')) {
+			configPath = configPath.replace('~', homedir());
+		} else if (!isAbsolute(output)) {
+			configPath = join(process.cwd(), output);
+		}
 		const app = this.getApplication(config);
 		// If assetsFile exist, create from assetsFile and default config/accounts are not needed
 		const assetsJSON = (await fs.readJSON(resolve(assetsFile))) as GenesisAssetsInput;
@@ -118,6 +129,15 @@ export abstract class BaseGenesisBlockCommand extends Command {
 		fs.writeFileSync(resolve(configPath, 'genesis_block.blob'), genesisBlock.getBytes(), {
 			mode: OWNER_READ_WRITE,
 		});
+		if (exportJSON) {
+			fs.writeFileSync(
+				resolve(configPath, 'genesis_block.json'),
+				JSON.stringify(genesisBlock.toJSON(), undefined, '  '),
+				{
+					mode: OWNER_READ_WRITE,
+				},
+			);
+		}
 		this.log(`Genesis block files saved at: ${configPath}`);
 	}
 

commander/src/bootstrapping/commands/keys/create.ts

@@ -14,7 +14,7 @@
  */
 
 import { codec } from '@liskhq/lisk-codec';
-import { bls, address as addressUtil, ed, encrypt } from '@liskhq/lisk-cryptography';
+import { bls, address as addressUtil, ed, encrypt, legacy } from '@liskhq/lisk-cryptography';
 import { Command, Flags as flagParser } from '@oclif/core';
 import * as fs from 'fs-extra';
 import * as path from 'path';
@@ -60,6 +60,9 @@ export class CreateCommand extends Command {
 			description: 'Chain id',
 			default: 0,
 		}),
+		'add-legacy': flagParser.boolean({
+			description: 'Add legacy key derivation path to the result',
+		}),
 	};
 
 	async run(): Promise<void> {
@@ -72,6 +75,7 @@ export class CreateCommand extends Command {
 				count,
 				offset,
 				chainid,
+				'add-legacy': addLegacy,
 			},
 		} = await this.parse(CreateCommand);
 
@@ -86,7 +90,37 @@ export class CreateCommand extends Command {
 		}
 
 		const keys = [];
-		for (let i = 0; i < count; i += 1) {
+		let i = 0;
+		if (addLegacy) {
+			const legacyKeyPath = 'legacy';
+			const { privateKey: accountPrivateKey, publicKey: accountPublicKey } =
+				legacy.getPrivateAndPublicKeyFromPassphrase(passphrase);
+			const address = addressUtil.getAddressFromPublicKey(accountPublicKey);
+			const generatorPrivateKey = accountPrivateKey;
+			const generatorPublicKey = ed.getPublicKeyFromPrivateKey(generatorPrivateKey);
+			const blsKeyPath = `m/12381/134/${chainid}/99999`;
+			const blsPrivateKey = await bls.getPrivateKeyFromPhraseAndPath(passphrase, blsKeyPath);
+			const blsPublicKey = bls.getPublicKeyFromPrivateKey(blsPrivateKey);
+			const result = await this._createEncryptedObject(
+				{
+					address,
+					keyPath: legacyKeyPath,
+					accountPrivateKey,
+					accountPublicKey,
+					generatorKeyPath: legacyKeyPath,
+					generatorPrivateKey,
+					generatorPublicKey,
+					blsKeyPath,
+					blsPrivateKey,
+					blsPublicKey,
+					password,
+				},
+				noEncrypt,
+			);
+			keys.push(result);
+			i += 1;
+		}
+		for (; i < count; i += 1) {
 			const accountKeyPath = `m/44'/134'/${offset + i}'`;
 			const generatorKeyPath = `m/25519'/134'/${chainid}'/${offset + i}'`;
 			const blsKeyPath = `m/12381/134/${chainid}/${offset + i}`;
@@ -102,37 +136,23 @@ export class CreateCommand extends Command {
 			const blsPrivateKey = await bls.getPrivateKeyFromPhraseAndPath(passphrase, blsKeyPath);
 			const blsPublicKey = bls.getPublicKeyFromPrivateKey(blsPrivateKey);
 
-			let encryptedMessageObject = {};
-			if (!noEncrypt) {
-				const plainGeneratorKeyData = {
-					generatorKey: generatorPublicKey,
+			const result = await this._createEncryptedObject(
+				{
+					address,
+					keyPath: accountKeyPath,
+					accountPrivateKey,
+					accountPublicKey,
+					generatorKeyPath,
 					generatorPrivateKey,
-					blsKey: blsPublicKey,
+					generatorPublicKey,
+					blsKeyPath,
 					blsPrivateKey,
-				};
-				const encodedGeneratorKeys = codec.encode(plainGeneratorKeysSchema, plainGeneratorKeyData);
-				encryptedMessageObject = await encrypt.encryptMessageWithPassword(
-					encodedGeneratorKeys,
+					blsPublicKey,
 					password,
-				);
-			}
-
-			keys.push({
-				address: addressUtil.getLisk32AddressFromAddress(address),
-				keyPath: accountKeyPath,
-				publicKey: accountPublicKey.toString('hex'),
-				privateKey: accountPrivateKey.toString('hex'),
-				plain: {
-					generatorKeyPath,
-					generatorKey: generatorPublicKey.toString('hex'),
-					generatorPrivateKey: generatorPrivateKey.toString('hex'),
-					blsKeyPath,
-					blsKey: blsPublicKey.toString('hex'),
-					blsProofOfPossession: bls.popProve(blsPrivateKey).toString('hex'),
-					blsPrivateKey: blsPrivateKey.toString('hex'),
 				},
-				encrypted: encryptedMessageObject,
-			});
+				noEncrypt,
+			);
+			keys.push(result);
 		}
 
 		if (output) {
@@ -141,4 +161,52 @@ export class CreateCommand extends Command {
 			this.log(JSON.stringify({ keys }, undefined, '  '));
 		}
 	}
+	private async _createEncryptedObject(
+		input: {
+			address: Buffer;
+			keyPath: string;
+			accountPublicKey: Buffer;
+			accountPrivateKey: Buffer;
+			generatorKeyPath: string;
+			generatorPublicKey: Buffer;
+			generatorPrivateKey: Buffer;
+			blsKeyPath: string;
+			blsPublicKey: Buffer;
+			blsPrivateKey: Buffer;
+			password: string;
+		},
+		noEncrypt: boolean,
+	) {
+		let encryptedMessageObject = {};
+		if (!noEncrypt) {
+			const plainGeneratorKeyData = {
+				generatorKey: input.generatorPublicKey,
+				generatorPrivateKey: input.generatorPrivateKey,
+				blsKey: input.blsPublicKey,
+				blsPrivateKey: input.blsPrivateKey,
+			};
+			const encodedGeneratorKeys = codec.encode(plainGeneratorKeysSchema, plainGeneratorKeyData);
+			encryptedMessageObject = await encrypt.encryptMessageWithPassword(
+				encodedGeneratorKeys,
+				input.password,
+			);
+		}
+
+		return {
+			address: addressUtil.getLisk32AddressFromAddress(input.address),
+			keyPath: input.keyPath,
+			publicKey: input.accountPublicKey.toString('hex'),
+			privateKey: input.accountPrivateKey.toString('hex'),
+			plain: {
+				generatorKeyPath: input.generatorKeyPath,
+				generatorKey: input.generatorPublicKey.toString('hex'),
+				generatorPrivateKey: input.generatorPrivateKey.toString('hex'),
+				blsKeyPath: input.blsKeyPath,
+				blsKey: input.blsPublicKey.toString('hex'),
+				blsProofOfPossession: bls.popProve(input.blsPrivateKey).toString('hex'),
+				blsPrivateKey: input.blsPrivateKey.toString('hex'),
+			},
+			encrypted: encryptedMessageObject,
+		};
+	}
 }

commander/src/bootstrapping/commands/transaction/sign.ts

@@ -14,7 +14,6 @@
  */
 import { Command, Flags as flagParser } from '@oclif/core';
 import * as apiClient from '@liskhq/lisk-api-client';
-import * as cryptography from '@liskhq/lisk-cryptography';
 import {
 	Application,
 	blockHeaderSchema,
@@ -37,7 +36,6 @@ import {
 	getParamsSchema,
 } from '../../../utils/transaction';
 import { getDefaultPath } from '../../../utils/path';
-import { isApplicationRunning } from '../../../utils/application';
 import { PromiseResolvedType } from '../../../types';
 import { DEFAULT_KEY_DERIVATION_PATH } from '../../../utils/config';
 import { deriveKeypair } from '../../../utils/commons';
@@ -78,7 +76,7 @@ const signTransaction = async (
 
 	const chainIDBuffer = Buffer.from(chainID as string, 'hex');
 	const passphrase = flags.passphrase ?? (await getPassphraseFromPrompt('passphrase'));
-	const edKeys = cryptography.legacy.getPrivateAndPublicKeyFromPassphrase(passphrase);
+	const edKeys = await deriveKeypair(passphrase, flags['key-derivation-path']);
 
 	let signedTransaction: Record<string, unknown>;
 	if (flags['mandatory-keys'] || flags['optional-keys']) {
@@ -203,7 +201,7 @@ export abstract class SignCommand extends Command {
 		let signedTransaction: Record<string, unknown>;
 
 		if (flags.offline) {
-			const app = this.getApplication({}, {});
+			const app = this.getApplication({ genesis: { chainID: flags['chain-id'] } });
 			this._metadata = app.getMetadata();
 			this._schema = {
 				header: blockHeaderSchema,
@@ -256,18 +254,12 @@ export abstract class SignCommand extends Command {
 
 	async finally(error?: Error | string): Promise<void> {
 		if (error) {
-			if (this._dataPath && !isApplicationRunning(this._dataPath)) {
-				throw new Error(`Application at data path ${this._dataPath} is not running.`);
-			}
 			this.error(error instanceof Error ? error.message : error);
 		}
 		if (this._client) {
 			await this._client.disconnect();
 		}
 	}
 
-	abstract getApplication(
-		genesisBlock: Record<string, unknown>,
-		config: PartialApplicationConfig,
-	): Application;
+	abstract getApplication(config: PartialApplicationConfig): Application;
 }

commander/test/bootstrapping/commands/keys/create.spec.ts

@@ -91,6 +91,7 @@ describe('keys:create command', () => {
 		jest.spyOn(process.stdout, 'write').mockImplementation(val => stdout.push(val as string) > -1);
 		jest.spyOn(process.stderr, 'write').mockImplementation(val => stderr.push(val as string) > -1);
 		jest.spyOn(cryptography.ed, 'getPrivateKeyFromPhraseAndPath');
+		jest.spyOn(cryptography.legacy, 'getPrivateAndPublicKeyFromPassphrase');
 		jest.spyOn(cryptography.ed, 'getPublicKeyFromPrivateKey');
 		jest.spyOn(cryptography.address, 'getAddressFromPublicKey');
 		jest.spyOn(cryptography.bls, 'getPrivateKeyFromPhraseAndPath');
@@ -176,6 +177,71 @@ describe('keys:create command', () => {
 		});
 	});
 
+	describe('keys:create --add-legacy --passphrase', () => {
+		it('should create valid keys', async () => {
+			const legacyKeys =
+				cryptography.legacy.getPrivateAndPublicKeyFromPassphrase(defaultPassphrase);
+			const legacyBLSKeyPath = 'm/12381/134/0/99999';
+			const legacyBLSPrivateKey = await cryptography.bls.getPrivateKeyFromPhraseAndPath(
+				defaultPassphrase,
+				legacyBLSKeyPath,
+			);
+			await CreateCommand.run(['--add-legacy', '--passphrase', defaultPassphrase], config);
+			const loggedData = JSON.parse(stdout[0]);
+
+			expect(cryptography.legacy.getPrivateAndPublicKeyFromPassphrase).toHaveBeenCalledWith(
+				defaultPassphrase,
+			);
+			expect(cryptography.address.getAddressFromPublicKey).toHaveBeenCalledWith(
+				legacyKeys.publicKey,
+			);
+			expect(cryptography.ed.getPublicKeyFromPrivateKey).not.toHaveBeenCalledWith(
+				defaultAccountPrivateKey,
+			);
+			expect(cryptography.ed.getPrivateKeyFromPhraseAndPath).not.toHaveBeenCalledWith(
+				defaultPassphrase,
+				defaultGeneratorKeyPath,
+			);
+			expect(cryptography.ed.getPublicKeyFromPrivateKey).not.toHaveBeenCalledWith(
+				defaultGeneratorPrivateKey,
+			);
+			expect(cryptography.bls.getPrivateKeyFromPhraseAndPath).toHaveBeenCalledWith(
+				defaultPassphrase,
+				legacyBLSKeyPath,
+			);
+			expect(cryptography.bls.getPublicKeyFromPrivateKey).toHaveBeenCalledWith(legacyBLSPrivateKey);
+			expect(readerUtils.getPassphraseFromPrompt).not.toHaveBeenCalledWith('passphrase', true);
+			expect(readerUtils.getPasswordFromPrompt).toHaveBeenCalledWith('password', true);
+
+			expect(loggedData).toMatchObject({
+				keys: [
+					{
+						address: cryptography.address.getLisk32AddressFromPublicKey(legacyKeys.publicKey),
+						keyPath: 'legacy',
+						publicKey: legacyKeys.publicKey.toString('hex'),
+						privateKey: legacyKeys.privateKey.toString('hex'),
+						plain: {
+							generatorKeyPath: 'legacy',
+							generatorKey: legacyKeys.publicKey.toString('hex'),
+							generatorPrivateKey: legacyKeys.privateKey.toString('hex'),
+							blsKeyPath: legacyBLSKeyPath,
+							blsPrivateKey: legacyBLSPrivateKey.toString('hex'),
+						},
+					},
+				],
+			});
+			expect(loggedData.keys[0].encrypted).toBeDefined();
+			expect(loggedData.keys[0].encrypted).toHaveProperty('ciphertext');
+			expect(loggedData.keys[0].encrypted).toHaveProperty('mac');
+			expect(loggedData.keys[0].encrypted).toHaveProperty('cipherparams');
+			expect(loggedData.keys[0].encrypted).toHaveProperty('kdfparams');
+			expect(loggedData.keys[0].encrypted.cipher).toBe('aes-128-gcm');
+			expect(loggedData.keys[0].encrypted.kdf).toBe('argon2id');
+			expect(loggedData.keys[0].encrypted.version).toBe('1');
+			expect(consoleWarnSpy).toHaveBeenCalledTimes(0);
+		});
+	});
+
 	describe('keys:create --no-encrypt true', () => {
 		it('should create valid keys', async () => {
 			await CreateCommand.run(['--no-encrypt'], config);