[DDW-563] Re-enable wallet import feature (#2308)

* add utility code for decoding legacy keystores from cardano-sl

    Developed it as a standalone library, feel free to rip it apart the way
    you like.

    ```
    restore-keystore
    ├── index.spec.ts
    ├── index.ts
    ├── jest.config.ts
    ├── LICENSE
    ├── NOTICE
    ├── package.json
    ├── package-lock.json
    └── __test__
        └── secret.key
    ```

    It's shipped with a default test keystore that I've been previously
    using on input-output-hk/cardano-sl#4278 and a test suite which controls
    that this new implementation yield the same results.

    ```console
    > restore-keystore@1.0.0 test /home/ktorz/Documents/IOHK/restore-keystore
    > jest

     PASS  ./index.spec.ts
      walletId
        ✓ 0 (2 ms)
        ✓ 1
        ✓ 2 (1 ms)
        ✓ 3
      encryptedPayload
        ✓ 0
        ✓ 1 (1 ms)
        ✓ 2
        ✓ 3
      passphraseHash
        ✓ 0 (1 ms)
        ✓ 1
        ✓ 2
        ✓ 3
      isEmptyPassphrase
        ✓ 0
        ✓ 1
        ✓ 2
        ✓ 3

    Test Suites: 1 passed, 1 total
    Tests:       16 passed, 16 total
    Snapshots:   0 total
    Time:        2.3 s, estimated 3 s
    Ran all test suites.
    ```

    The magic is yours now and should help resolving #1234.

* add 'executable' to restore and show a keystore at a given path

  Can be used directly (after `npm install`) as an executable, e.g.:

  ```
  $ ./restore-keystore.ts __test__/secret.key
  [...]
  ```

  ```
  $ ./restore-keystore.ts $HOME/.local/share/Daedalus/mainnet/Secrets/secret.key
  [...]
  ```

* [DDW-563] Import TS

* [DDW-563] Integrate restore-keystore lib

* [DDW-563] Adds CHANGELOG, improves import

* [DDW-563] Improve import

* [DDW-563] Move restore-keystore.js into Release

* [DDW-563] Force add dist dir to GH

* [DDW-563] Remove unnecessary files

* [DDW-563] Styling fixes

* [DDW-563] Updates text copy

Co-authored-by: Nikola Glumac <niglumac@gmail.com>

Author: KtorZ

CHANGELOG.md

@@ -5,6 +5,7 @@ Changelog
 
 ### Features
 
+- Re-enabled "Wallet import" feature ([PR 2308](https://github.com/input-output-hk/daedalus/pull/2308))
 - Implemented Voting Centar ([PR 2315](https://github.com/input-output-hk/daedalus/pull/2315), [PR 2353](https://github.com/input-output-hk/daedalus/pull/2353), [PR 2354](https://github.com/input-output-hk/daedalus/pull/2354))
 - Implemented transaction metadata display ([PR 2338](https://github.com/input-output-hk/daedalus/pull/2338))
 - Displayed fee and deposit info in transaction details and in the delegation wizard ([PR 2339](https://github.com/input-output-hk/daedalus/pull/2339))

source/main/cardano/utils.js

@@ -6,6 +6,7 @@ import { spawnSync } from 'child_process';
 import { logger } from '../utils/logging';
 import { getTranslation } from '../utils/getTranslation';
 import ensureDirectoryExists from '../utils/ensureDirectoryExists';
+import { decodeKeystore } from '../utils/restoreKeystore';
 import type { LauncherConfig } from '../config';
 import type { ExportWalletsMainResponse } from '../../common/ipc/api';
 import type {
@@ -19,7 +20,6 @@ import {
   CardanoProcessNameOptions,
   CardanoNodeImplementationOptions,
   NetworkNameOptions,
-  TESTNET_MAGIC,
 } from '../../common/types/cardano-node.types';
 
 export type Process = {
@@ -176,7 +176,6 @@ export const exportWallets = async (
   locale: string
 ): Promise<ExportWalletsMainResponse> => {
   const {
-    exportWalletsBin,
     legacySecretKey,
     legacyWalletDB,
     stateDir,
@@ -186,7 +185,6 @@ export const exportWallets = async (
 
   logger.info('ipcMain: Starting wallets export...', {
     exportSourcePath,
-    exportWalletsBin,
     legacySecretKey,
     legacyWalletDB,
     stateDir,
@@ -226,41 +224,38 @@ export const exportWallets = async (
     }
   }
 
-  // Export tool flags
-  const exportWalletsBinFlags = [];
-
-  // Cluster flags
-  if (cluster === 'testnet') {
-    exportWalletsBinFlags.push('--testnet', TESTNET_MAGIC.toString());
-  } else {
-    exportWalletsBinFlags.push('--mainnet');
-  }
-
-  // Secret key flags
-  exportWalletsBinFlags.push('--keyfile', legacySecretKeyPath);
-
-  // Wallet DB flags
   const legacyWalletDBPathExists = await fs.pathExists(
     `${legacyWalletDBPath}-acid`
   );
-  if (legacyWalletDBPathExists) {
-    exportWalletsBinFlags.push('--wallet-db-path', legacyWalletDBPath);
-  }
 
   logger.info('ipcMain: Exporting wallets...', {
-    exportWalletsBin,
-    exportWalletsBinFlags,
+    legacySecretKeyPath,
+    legacyWalletDBPath,
+    legacyWalletDBPathExists,
   });
 
-  const { stdout, stderr } = spawnSync(exportWalletsBin, exportWalletsBinFlags);
-  const wallets = JSON.parse(stdout.toString() || '[]');
-  const errors = stderr.toString();
+  let wallets = [];
+  let errors = '';
+  try {
+    const legacySecretKeyFile = fs.readFileSync(legacySecretKeyPath);
+    // $FlowFixMe
+    const rawWallets = await decodeKeystore(legacySecretKeyFile);
+    wallets = rawWallets.map((w) => ({
+      name: null,
+      id: w.walletId,
+      isEmptyPassphrase: w.isEmptyPassphrase,
+      passphrase_hash: w.passphraseHash.toString('hex'),
+      encrypted_root_private_key: w.encryptedPayload.toString('hex'),
+    }));
+  } catch (error) {
+    errors = error.toString();
+  }
 
   logger.info(`ipcMain: Exported ${wallets.length} wallets`, {
     walletsData: wallets.map((w) => ({
       name: w.name,
       id: w.id,
-      hasPassword: w.is_passphrase_empty,
+      hasPassword: !w.isEmptyPassphrase,
     })),
     errors,
   });

source/main/config.js

@@ -69,7 +69,6 @@ export type LauncherConfig = {
   configPath: string,
   syncTolerance: string,
   cliBin: string,
-  exportWalletsBin: string,
   legacyStateDir: string,
   legacySecretKey: string,
   legacyWalletDB: string,

source/main/utils/restoreKeystore.js

@@ -0,0 +1,52 @@
+// @flow
+import * as cbor from 'cbor';
+import * as blake2b from 'blake2b';
+import * as crypto from 'crypto';
+
+export type EncryptedSecretKeys = Array<EncryptedSecretKey>;
+
+export type EncryptedSecretKey = {
+  encryptedPayload: Buffer,
+  passphraseHash: Buffer,
+  isEmptyPassphrase: boolean,
+  walletId: WalletId,
+};
+
+export type WalletId = string;
+
+export const decodeKeystore = async (
+  bytes: Buffer
+): Promise<EncryptedSecretKeys> => {
+  return cbor
+    .decodeAll(bytes)
+    .then((obj) => obj[0][2].map(toEncryptedSecretKey));
+};
+
+const toEncryptedSecretKey = ([encryptedPayload, passphraseHash]: [
+  Buffer,
+  Buffer
+]): EncryptedSecretKey => {
+  const isEmptyPassphrase = $isEmptyPassphrase(passphraseHash);
+  return {
+    walletId: mkWalletId(encryptedPayload),
+    encryptedPayload,
+    passphraseHash,
+    isEmptyPassphrase,
+  };
+};
+
+const mkWalletId = (xprv: Buffer): WalletId => {
+  const xpub = xprv.slice(64);
+  return blake2b(20).update(xpub).digest('hex');
+};
+
+const $isEmptyPassphrase = (pwd: Buffer): boolean => {
+  const cborEmptyBytes = Buffer.from('40', 'hex');
+  const [logN, r, p, salt, hashA] = pwd.toString('utf8').split('|');
+  const opts = { N: 2 ** Number(logN), r: Number(r), p: Number(p) };
+  // $FlowFixMe
+  const hashB = crypto
+    .scryptSync(cborEmptyBytes, Buffer.from(salt, 'base64'), 32, opts)
+    .toString('base64');
+  return hashA === hashB;
+};

source/renderer/app/components/wallet/WalletAdd.js

@@ -191,7 +191,6 @@ export default class WalletAdd extends Component<Props> {
               label={intl.formatMessage(messages.importLabel)}
               description={intl.formatMessage(messages.importDescription)}
               isDisabled={
-                true || // This feature is currently unavailable as export tool is disabled
                 isMaxNumberOfWalletsReached ||
                 (isProduction && !(isMainnet || isTestnet))
               }

source/renderer/app/components/wallet/wallet-import/WalletSelectImportDialog.js

@@ -149,7 +149,7 @@ export default class WalletSelectImportDialog extends Component<Props> {
       walletStatus = alreadyExistsStatus;
     } else if (wallet.import.status === WalletImportStatuses.COMPLETED) {
       walletStatus = walletImportedStatus;
-    } else if (wallet.is_passphrase_empty) {
+    } else if (wallet.isEmptyPassphrase) {
       walletStatus = noPasswordStatus;
     } else {
       walletStatus = hasPasswordStatus;

source/renderer/app/components/wallet/wallet-import/WalletSelectImportDialog.scss

@@ -184,6 +184,12 @@
           display: flex;
           padding-right: 20px;
 
+          :global {
+            .InlineEditingSmallInput_component {
+              margin-bottom: 0 !important;
+            }
+          }
+
           .walletsInputFieldInner {
             input {
               color: var(--theme-wallet-import-button-text-color);
@@ -258,6 +264,14 @@
                 margin-top: -3px;
               }
             }
+
+            .LoadingSpinner_component {
+              margin: 0 !important;
+
+              .LoadingSpinner_icon svg path {
+                fill: var(--theme-wallet-import-button-text-color) !important;
+              }
+            }
           }
 
           .walletsStatusIconCheckmark {

source/renderer/app/config/walletsConfig.js

@@ -34,5 +34,8 @@ export const RECOVERY_PHRASE_WORD_COUNT_OPTIONS = {
 export const WALLET_PUBLIC_KEY_NOTIFICATION_SEGMENT_LENGTH = 15;
 export const WALLET_PUBLIC_KEY_SHARING_ENABLED = false;
 
+// Automatic wallet migration from pre Daedalus 1.0.0 versions has been disabled
+export const IS_AUTOMATIC_WALLET_MIGRATION_ENABLED = false;
+
 // Byron wallet migration has been temporarily disabled due to missing Api support after Mary HF
 export const IS_BYRON_WALLET_MIGRATION_ENABLED = false;

source/renderer/app/i18n/locales/en-US.json

@@ -767,7 +767,7 @@
   "wallet.hardware.deviceStatus.wrong_firmware.link.label": "Firmware update instructions",
   "wallet.hardware.deviceStatus.wrong_firmware.link.url": "https://trezor.io/start/",
   "wallet.import.file.dialog.buttonLabel": "Import wallets",
-  "wallet.import.file.dialog.description": "<p>This feature enables you to import wallets from the previous version of Daedalus, from the Daedalus state directory, or from a ‘secret.key’ file.</p> <p>It can be used to import wallets quickly without entering the wallet recovery phrase for each wallet, or to import wallets for which you have lost your wallet recovery phrase.</p> <p>After importing a wallet for which you have lost your wallet recovery phrase, please create a new wallet and transfer all funds from the old wallet to the new wallet. <strong>Keep the wallet recovery phrase for your new wallet secure.</strong></p>",
+  "wallet.import.file.dialog.description": "<p>This feature enables you to import wallets from ‘secret.key’ files of old versions of Daedalus (Daedalus version 0.15.1 and previous). Importing wallets from state directories of version Daedalus 1.0 onwards is currently not supported.</p> <p>It can be used to import wallets quickly without entering the wallet recovery phrase for each wallet, or to import wallets for which you have lost your wallet recovery phrase.</p> <p>After importing a wallet for which you have lost your wallet recovery phrase, please create a new wallet and transfer all funds from the old wallet to the new wallet. <strong>Keep the wallet recovery phrase for your new wallet secure.</strong></p>",
   "wallet.import.file.dialog.importFromLabel": "Import from:",
   "wallet.import.file.dialog.linkLabel": "Learn more",
   "wallet.import.file.dialog.linkUrl": "https://iohk.zendesk.com/hc/en-us/articles/900000623463",

source/renderer/app/i18n/locales/ja-JP.json

@@ -767,7 +767,7 @@
   "wallet.hardware.deviceStatus.wrong_firmware.link.label": "ファームウェア更新ガイド",
   "wallet.hardware.deviceStatus.wrong_firmware.link.url": "https://trezor.io/start/",
   "wallet.import.file.dialog.buttonLabel": "ウォレットをインポートする",
-  "wallet.import.file.dialog.description": "<p>この機能により、Daedalusの旧バージョン、Daedalusステータスディレクトリー、またはsecret.keyファイルからウォレットをインポートすることができます。</p> <p>各ウォレットの復元フレーズを入力せずに素早くウォレットをインポートできるほか、復元フレーズを紛失したウォレットのインポートも可能です。</p> <p>復元フレーズを紛失したウォレットをインポートした場合は、インポート後に新規ウォレットを作成してすべての資金を旧ウォレットから移し、<strong>新しいウォレットの復元フレーズを安全な場所に保管してください。</strong></p>",
+  "wallet.import.file.dialog.description": "<p>この機能により、Daedalus旧バージョン（Daedalus 0.15.1以前）の「secret.key」からウォレットをインポートすることができます。Daedalus 1.0以降のステータスディレクトリーからのウォレットインポートは現在サポートされていません。</p> <p>各ウォレットの復元フレーズを入力せずに素早くウォレットをインポートできるほか、復元フレーズを紛失したウォレットのインポートも可能です。</p> <p>復元フレーズを紛失したウォレットをインポートした場合は、インポート後に新規ウォレットを作成してすべての資金を旧ウォレットから移し、<strong>新しいウォレットの復元フレーズを安全な場所に保管してください。</strong></p>",
   "wallet.import.file.dialog.importFromLabel": "インポート元：",
   "wallet.import.file.dialog.linkLabel": "もっと知る",
   "wallet.import.file.dialog.linkUrl": "https://iohk.zendesk.com/hc/ja/articles/900000623463",