This repository has been archived by the owner on Nov 6, 2020. It is now read-only.
secret store separated from util #1304
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
||
| let from = GethDirectory::create(dir_type).unwrap(); | ||
| let to = DiskDirectory::create(self.keys_path()).unwrap(); | ||
| import_accounts(&from, &to).expect("TODO: error here"); |
NikVolf
added
A4-gotissues 💥
| Some(res) | ||
|
|
||
| let sender = request.from; | ||
| if let Err(_) = accounts.unlock_account_temporarily(sender, pass) { |
There was a problem hiding this comment.
can't attacker who is spamming send transaction request take advantage of this temporal unlock?
There was a problem hiding this comment.
Unlikely, temp unlock unlocks account only for 1 signing.
But, because this code may appear suspicious, I will alter it to sign the transaction directly, without unlocking.
There was a problem hiding this comment.
and this one could be attacker's one? :)
debris
added
A0-pleasereview 🤓
|
Fixed most of the issues. For remaining one mentioned by Nikolay, created a separate issue. |
|
As discussed in slack, key store should be kept in parity repo |
gavofyork
added
A4-gotissues 💥
debris
added
A0-pleasereview 🤓
|
(yes, but i think you already did it) |
NikVolf
added
A7-looksgoodcantmerge 🙄
gavofyork
added
A0-pleasereview 🤓
arkpar
pushed a commit
that referenced
this pull request
Jun 20, 2016
* bump rust-crypto * initial version of account provider utilizing secret store * update lazy_static to latest version * AccountProvider accounts method * new AccountProvider tests in progress * basic tests for new AccountProvider * ethcore compiles with new account provider and secret store * ethcore-rpc build now compiling with new AccountProvider * most rpc tests passing with new accounts_provider * fixed basic_authority tests * fixed eth_transaction_count rpc test * fixed mocked/eth.rs tests * fixed personal tests * fixed personal signer rpc tests * removed warnings * parity compiling fine with new sstore * fixed import direction * do not unlock temporarily when we have the password * removed TODO in account import * display warning on auto account import failure * fixed compiling of ethstore on windows * ethstore as a part of parity repo * added ethkey
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In this PR is separated secret store from util. It's now a part of standalone library ethstore. The library itself is much more modular than it used to be.
Few key features:
account_secret).timeunlockingWhat further improvements this pr enables:
todo:
This pr allows us to remove much more than 2k lines of code. I will do this in next prs.