Skip to content
This repository has been archived by the owner on Mar 1, 2019. It is now read-only.

hasSpendingPassword is Wrongly Reported as "True" After DB Migration #96

Closed
KtorZ opened this issue Nov 23, 2018 · 0 comments
Closed

hasSpendingPassword is Wrongly Reported as "True" After DB Migration #96

KtorZ opened this issue Nov 23, 2018 · 0 comments
Labels
BUG Something isn't working
Milestone
Release 2.0.0

Comments

@KtorZ
Copy link
Contributor

KtorZ commented Nov 23, 2018

Context
Commit Hash / Release Tag input-output-hk/cardano-sl@release/2.0.0
Operating System (Windows, OSX, Linux)

When I create a wallet without a password on the 1.3.1 build and then upgrade\migrate to 2.0.0; the resulting wallet has a spending password enforced.

When migrating from an old data-layer, we don't have much information about whether there was a password defined on a wallet. So, we use to apply some heuristic based on the password last upate timestamp.

This is rather unreliable and can return misleading metadata for wallets which don't have passwords. Because there's no such thing as "no password" (secret keys are actually encrypted with an empty passphrase), it is possible to assess whether a key was encrypted with a password by trying to decrypt with an empty one. If it succeeds, then we can tell for sure that there's no password defined for the given key.

Steps to Reproduce

  1. Create wallets using the legacy data layer with and without passwords
  2. Migrate them to the new data layer (i.e. restart a node using the new data-layer)
  3. Query the API and control the hasSpendingPassword metadata attribute and / or observe logs

Expected behavior

[2018-11-20 14:05:21.03 UTC] Starting acid state migration
[2018-11-20 14:05:21.03 UTC] Starting wallet worker.
[2018-11-20 14:05:21.04 UTC] Found 2 rootAddress(es) to migrate.
[2018-11-20 14:05:21.11 UTC] Migrating HdRoot { id: HdRootId Ae2...8DD, name: With Password, hasPassword: updated 1542722721058256, assurance: normal, createdAt: 1542722721058256} with balance 0 coin(s)
[2018-11-20 14:05:21.15 UTC] Migrating HdRoot { id: HdRootId Ae2...jxk, name: Without Password, hasPassword: no, assurance: normal, createdAt: 1542722721113537} with balance 0 coin(s)
[2018-11-20 14:05:21.15 UTC] acid state migration succeeded. Old db backup can be found at ./state-demo/wallet-db/wallet-backup-2018-11-20T14_05_21

Actual behavior

Wallet without passwords are actually flagged as having one.

PR

Number Base
input-output-hk/cardano-sl#3876 develop

Retrospective

Migration issues are hard to test and aren't covered in any unit or integration tests we have. For the next release, we've reduced migration down to a wallet restoration and have ditched away the recovery of metadata from an old wallet. This also removes a whole class of bugs like this one.
@KtorZ KtorZ added the BUG Something isn't working label Nov 23, 2018
@KtorZ KtorZ added this to the Bugs (Release 2.0.0) milestone Nov 23, 2018
@KtorZ KtorZ closed this as completed Nov 23, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
BUG Something isn't working
Projects
None yet
Milestone
Release 2.0.0
Development

No branches or pull requests
1 participant
@KtorZ