Merge branch 'keystore-prompt' into staging-watchonly

Author: benma

appveyor.yml

@@ -4,14 +4,14 @@ environment:
   nodejs_version: "18"
   matrix:
     - QT: C:\Qt\5.15.2\msvc2019_64
-      GOROOT: C:\go119
+      GOROOT: C:\go120
       GOPATH: C:\gopath\
       PLATFORM: amd64
       COMPILER: msvc
 
 # https://www.appveyor.com/docs/windows-images-software/#golang
 # If you change this, also change the GOROOT variable above to point to the right installation folder.
-stack: go 1.19 # should be 1.20, but that is not available yet, see https://www.appveyor.com/docs/windows-images-software/#golang
+stack: go 1.20
 
 install:
   - ps: Install-Product node $env:nodejs_version

backend/accounts.go

@@ -20,6 +20,7 @@ import (
 	"math"
 	"sort"
 	"strings"
+	"time"
 
 	"github.com/btcsuite/btcd/btcutil/hdkeychain"
 	"github.com/digitalbitbox/bitbox-wallet-app/backend/accounts"
@@ -551,7 +552,66 @@ func (backend *Backend) createAndAddAccount(coin coinpkg.Coin, persistedConfig *
 		Config:      persistedConfig,
 		DBFolder:    backend.arguments.CacheDirectoryPath(),
 		NotesFolder: backend.arguments.NotesDirectoryPath(),
-		Keystore:    backend.keystore,
+		ConnectKeystore: func() (keystore.Keystore, error) {
+			type data struct {
+				Type         string `json:"typ"`
+				KeystoreName string `json:"keystoreName"`
+				ErrorCode    string `json:"errorCode"`
+				ErrorMessage string `json:"errorMessage"`
+			}
+			accountRootFingerprint, err := persistedConfig.SigningConfigurations.RootFingerprint()
+			if err != nil {
+				return nil, err
+			}
+			keystoreName := ""
+			persistedKeystore, err := backend.config.AccountsConfig().LookupKeystore(accountRootFingerprint)
+			if err == nil {
+				keystoreName = persistedKeystore.Name
+			}
+			backend.Notify(observable.Event{
+				Subject: "connect-keystore",
+				Action:  action.Replace,
+				Object: data{
+					Type:         "connect",
+					KeystoreName: keystoreName,
+				},
+			})
+			ks, err := backend.connectKeystore.connect(
+				backend.Keystore(),
+				accountRootFingerprint,
+				20*time.Minute,
+			)
+			switch {
+			case errp.Cause(err) == errReplaced:
+				// If a previous connect-keystore request is in progress, the previous request is
+				// failed, but we don't dismiss the prompt, as the new prompt has already been shown
+				// by the above "connect" notification.y
+			case err == nil || errp.Cause(err) == errUserAbort:
+				// Dismiss prompt after success or upon user abort.
+
+				backend.Notify(observable.Event{
+					Subject: "connect-keystore",
+					Action:  action.Replace,
+					Object:  nil,
+				})
+			default:
+				// Display error to user.
+				errorCode := ""
+				if errp.Cause(err) == errWrongKeystore {
+					errorCode = "wrongKeystore"
+				}
+				backend.Notify(observable.Event{
+					Subject: "connect-keystore",
+					Action:  action.Replace,
+					Object: data{
+						Type:         "error",
+						ErrorCode:    errorCode,
+						ErrorMessage: err.Error(),
+					},
+				})
+			}
+			return ks, err
+		},
 		OnEvent: func(event accountsTypes.Event) {
 			backend.events <- AccountEvent{
 				Type: "account", Code: persistedConfig.Code,

backend/accounts/baseaccount.go

@@ -45,7 +45,7 @@ type AccountConfig struct {
 	DBFolder string
 	// NotesFolder is the folder where the transaction notes are stored. Full path.
 	NotesFolder     string
-	Keystore        keystore.Keystore
+	ConnectKeystore func() (keystore.Keystore, error)
 	OnEvent         func(types.Event)
 	RateUpdater     *rates.RateUpdater
 	GetNotifier     func(signing.Configurations) Notifier

backend/accounts/baseaccount_test.go

@@ -65,7 +65,6 @@ func TestBaseAccount(t *testing.T) {
 		},
 		DBFolder:        test.TstTempDir("baseaccount_test_dbfolder"),
 		NotesFolder:     test.TstTempDir("baseaccount_test_notesfolder"),
-		Keystore:        nil,
 		OnEvent:         func(event types.Event) { events <- event },
 		RateUpdater:     nil,
 		GetNotifier:     nil,

backend/backend.go

@@ -164,7 +164,10 @@ type Backend struct {
 	accounts                accountsList
 	// keystore is nil if no keystore is connected.
 	keystore keystore.Keystore
-	aopp     AOPP
+
+	connectKeystore connectKeystore
+
+	aopp AOPP
 
 	// makeBtcAccount creates a BTC account. In production this is `btc.NewAccount`, but can be
 	// overridden in unit tests for mocking.
@@ -505,7 +508,11 @@ func (backend *Backend) Keystore() keystore.Keystore {
 func (backend *Backend) registerKeystore(keystore keystore.Keystore) {
 	defer backend.accountsAndKeystoreLock.Lock()()
 	// Only for logging, if there is an error we continue anyway.
-	fingerprint, _ := keystore.RootFingerprint()
+	fingerprint, err := keystore.RootFingerprint()
+	if err != nil {
+		backend.log.WithError(err).Error("could not retrieve keystore fingerprint")
+		return
+	}
 	log := backend.log.WithField("rootFingerprint", fingerprint)
 	log.Info("registering keystore")
 	backend.keystore = keystore
@@ -515,19 +522,10 @@ func (backend *Backend) registerKeystore(keystore keystore.Keystore) {
 	})
 
 	belongsToKeystore := func(account *config.Account) bool {
-		fingerprint, err := keystore.RootFingerprint()
-		if err != nil {
-			log.WithError(err).Error("Could not retrieve root fingerprint")
-			return false
-		}
 		return account.SigningConfigurations.ContainsRootFingerprint(fingerprint)
 	}
 
 	persistKeystore := func(accountsConfig *config.AccountsConfig) error {
-		fingerprint, err := keystore.RootFingerprint()
-		if err != nil {
-			return errp.WithMessage(err, "could not retrieve root fingerprint")
-		}
 		keystoreName, err := keystore.Name()
 		if err != nil {
 			return errp.WithMessage(err, "could not retrieve keystore name")
@@ -538,7 +536,7 @@ func (backend *Backend) registerKeystore(keystore keystore.Keystore) {
 		return nil
 	}
 
-	err := backend.config.ModifyAccountsConfig(func(accountsConfig *config.AccountsConfig) error {
+	err = backend.config.ModifyAccountsConfig(func(accountsConfig *config.AccountsConfig) error {
 		// Persist keystore with its name in the config.
 		if err := persistKeystore(accountsConfig); err != nil {
 			log.WithError(err).Error("Could not persist keystore")
@@ -559,6 +557,8 @@ func (backend *Backend) registerKeystore(keystore keystore.Keystore) {
 	backend.initAccounts(false)
 
 	backend.aoppKeystoreRegistered()
+
+	backend.connectKeystore.onConnect(backend.keystore)
 }
 
 // DeregisterKeystore removes the registered keystore.
@@ -784,3 +784,8 @@ func (backend *Backend) GetAccountFromCode(code string) (accounts.Interface, err
 
 	return acct, nil
 }
+
+// CancelConnectKeystore cancels a pending keystore connection request if one exists.
+func (backend *Backend) CancelConnectKeystore() {
+	backend.connectKeystore.cancel(errUserAbort)
+}

backend/coins/btc/account.go

@@ -721,6 +721,12 @@ func (account *Account) VerifyAddress(addressID string) (bool, error) {
 		return false, errp.New("account must be initialized")
 	}
 	account.Synchronizer.WaitSynchronized()
+
+	keystore, err := account.Config().ConnectKeystore()
+	if err != nil {
+		return false, err
+	}
+
 	scriptHashHex := blockchain.ScriptHashHex(addressID)
 	var address *addresses.AccountAddress
 	for _, subacc := range account.subaccounts {
@@ -732,19 +738,23 @@ func (account *Account) VerifyAddress(addressID string) (bool, error) {
 	if address == nil {
 		return false, errp.New("unknown address not found")
 	}
-	canVerifyAddress, _, err := account.Config().Keystore.CanVerifyAddress(account.Coin())
+	canVerifyAddress, _, err := keystore.CanVerifyAddress(account.Coin())
 	if err != nil {
 		return false, err
 	}
 	if canVerifyAddress {
-		return true, account.Config().Keystore.VerifyAddress(address.Configuration, account.Coin())
+		return true, keystore.VerifyAddress(address.Configuration, account.Coin())
 	}
 	return false, nil
 }
 
 // CanVerifyAddresses wraps Keystores().CanVerifyAddresses(), see that function for documentation.
 func (account *Account) CanVerifyAddresses() (bool, bool, error) {
-	return account.Config().Keystore.CanVerifyAddress(account.Coin())
+	keystore, err := account.Config().ConnectKeystore()
+	if err != nil {
+		return false, false, err
+	}
+	return keystore.CanVerifyAddress(account.Coin())
 }
 
 type byValue struct {
@@ -799,7 +809,11 @@ func (account *Account) VerifyExtendedPublicKey(signingConfigIndex int) (bool, e
 		return false, errp.New("account not initialized")
 	}
 
-	keystore := account.Config().Keystore
+	keystore, err := account.Config().ConnectKeystore()
+	if err != nil {
+		return false, err
+	}
+
 	if keystore.CanVerifyExtendedPublicKey() {
 		return true, keystore.VerifyExtendedPublicKey(
 			account.Coin(),

backend/coins/btc/account_test.go

@@ -73,7 +73,6 @@ func TestAccount(t *testing.T) {
 				SigningConfigurations: signingConfigurations,
 			},
 			DBFolder:        dbFolder,
-			Keystore:        nil,
 			OnEvent:         func(accountsTypes.Event) {},
 			RateUpdater:     nil,
 			GetNotifier:     func(signing.Configurations) accounts.Notifier { return nil },

backend/coins/btc/handlers/handlers.go

@@ -16,6 +16,7 @@
 package handlers
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"math/big"
@@ -69,6 +70,7 @@ func NewHandlers(
 	handleFunc("/has-secure-output", handlers.ensureAccountInitialized(handlers.getHasSecureOutput)).Methods("GET")
 	handleFunc("/propose-tx-note", handlers.ensureAccountInitialized(handlers.postProposeTxNote)).Methods("POST")
 	handleFunc("/notes/tx", handlers.ensureAccountInitialized(handlers.postSetTxNote)).Methods("POST")
+	handleFunc("/connect-keystore", handlers.ensureAccountInitialized(handlers.postConnectKeystore)).Methods("POST")
 	return handlers
 }
 
@@ -541,6 +543,10 @@ func (handlers *Handlers) postVerifyExtendedPublicKey(r *http.Request) (interfac
 		}, nil
 	}
 	canVerify, err := btcAccount.VerifyExtendedPublicKey(input.SigningConfigIndex)
+	// User canceled keystore connect prompt - no special action or message needed in the frontend.
+	if errp.Cause(err) == context.Canceled {
+		return result{Success: true}, nil
+	}
 	if err != nil {
 		return result{Success: false, ErrorMessage: err.Error()}, nil
 	}
@@ -584,3 +590,12 @@ func (handlers *Handlers) postSetTxNote(r *http.Request) (interface{}, error) {
 
 	return nil, handlers.account.SetTxNote(args.InternalTxID, args.Note)
 }
+
+func (handlers *Handlers) postConnectKeystore(r *http.Request) (interface{}, error) {
+	type response struct {
+		Success bool `json:"success"`
+	}
+
+	_, err := handlers.account.Config().ConnectKeystore()
+	return response{Success: err == nil}, nil
+}

backend/coins/btc/sign.go

@@ -63,7 +63,11 @@ func (account *Account) signTransaction(
 		FormatUnit:                   account.coin.formatUnit,
 	}
 
-	if err := account.Config().Keystore.SignTransaction(proposedTransaction); err != nil {
+	keystore, err := account.Config().ConnectKeystore()
+	if err != nil {
+		return err
+	}
+	if err := keystore.SignTransaction(proposedTransaction); err != nil {
 		return err
 	}
 

backend/coins/eth/account.go

@@ -642,8 +642,13 @@ func (account *Account) SendTx() error {
 		return errp.New("No active tx proposal")
 	}
 
+	keystore, err := account.Config().ConnectKeystore()
+	if err != nil {
+		return err
+	}
+
 	account.log.Info("Signing and sending transaction")
-	if err := account.Config().Keystore.SignTransaction(txProposal); err != nil {
+	if err := keystore.SignTransaction(txProposal); err != nil {
 		return err
 	}
 	// By experience, at least with the Etherscan backend, this can succeed and still the
@@ -802,17 +807,26 @@ func (account *Account) VerifyAddress(addressID string) (bool, error) {
 	if !account.isInitialized() {
 		return false, errp.New("account must be initialized")
 	}
-	canVerifyAddress, _, err := account.Config().Keystore.CanVerifyAddress(account.Coin())
+	keystore, err := account.Config().ConnectKeystore()
+	if err != nil {
+		return false, err
+	}
+	canVerifyAddress, _, err := keystore.CanVerifyAddress(account.Coin())
 	if err != nil {
 		return false, err
 	}
 	if canVerifyAddress {
-		return true, account.Config().Keystore.VerifyAddress(account.signingConfiguration, account.Coin())
+		return true, keystore.VerifyAddress(account.signingConfiguration, account.Coin())
 	}
 	return false, nil
 }
 
 // CanVerifyAddresses implements accounts.Interface.
 func (account *Account) CanVerifyAddresses() (bool, bool, error) {
-	return account.Config().Keystore.CanVerifyAddress(account.Coin())
+	keystore, err := account.Config().ConnectKeystore()
+	if err != nil {
+		return false, false, err
+	}
+
+	return keystore.CanVerifyAddress(account.Coin())
 }