-
-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace withAppKeyOrigin
option with getAppKey
#35
Conversation
The new `getAppKeyring` method will return a new SimpleKeyring created with an app key derived from the provided origin. This serves as an alternative to optionally augmenting each wallet method with a set of options that may contain a `withAppKeyOrigin` value, which would be used to generate a new wallet on-demand. Moving app key generation to a single place makes it easier to limit access to sensitive information, such as the primary private keys. It also allows the consumer to use app keys more efficiently by using the same wallet for successive operations, rather than generating a new private key each time with `keccak`.
c42e7e8
to
427ff1a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs a major version bump, then corresponding changes in eth-hd-keyring and eth-keyring-controller, but overall looks like it improves readability and maintainability of the app key feature.
withAppKeyOrigin
option with getAppKeying
withAppKeyOrigin
option with getAppKey
I've updated this to return a private key instead of a keyring. The private key can easily be used to construct a keyring, or an |
I would prefer that publishing of v4.0.0 wait until this change has also been considered, as it also includes a breaking change. I'm hoping it'll be fairly straightforward to review. I haven't put it up yet because it conflicts with this PR a fair bit. |
return reject(e) | ||
} | ||
}) | ||
async getAppKey (address, origin) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thoughts on this method name? Would getPrivateAppKey
or exportAppkey
be better?
I was hoping that the "Key" part would suffice for communicating that this is a private key, but maybe not.
const appKeyOriginBuffer = Buffer.from(origin, 'utf8') | ||
const appKeyBuffer = Buffer.concat([privKey, appKeyOriginBuffer]) | ||
const appKeyPrivKey = ethUtil.keccak(appKeyBuffer, 256) | ||
return appKeyPrivKey |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This currently returns a Buffer
. Let me know if it'd be more appropriate to return a hex string instead, like exportAccount
does.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I'd love if we used buffers internally, but until we do, I lean towards being more consistent in the interface.
A private key is now returned instead of a keyring. This private app key is less restrictive, as it can be used to construct a SimpleKeyring or any other keyring/wallet the consumer might prefer to use.
db1135d
to
9b6cb6b
Compare
I'd be in favor of adding a |
I'm going to close this for now, pending further updates. |
The new
getAppKeyring
method will return a new SimpleKeyring created with an app key derived from the provided origin. This serves as an alternative to optionally augmenting each wallet method with a set of options that may contain awithAppKeyOrigin
value, which would be used to generate a new wallet on-demand.Moving app key generation to a single place makes it easier to limit access to sensitive information, such as the primary private keys. It also allows the consumer to use app keys more efficiently by using the same wallet for successive operations, rather than generating a new private key each time with
keccak
.Update: A private key is now returned instead of a keyring. This private app key is less restrictive, as it can be used to construct a SimpleKeyring or any other keyring/wallet the consumer might prefer to use.