mirror of
https://github.com/ethereum/go-ethereum.git
synced 2026-07-18 02:40:45 +00:00
accounts: support for external signer API (#18079)
This commit is contained in:
parent
fe14069bd7
commit
07935ce124
5 changed files with 24 additions and 24 deletions
|
|
@ -89,6 +89,19 @@ type Wallet interface {
|
||||||
// chain state reader.
|
// chain state reader.
|
||||||
SelfDerive(base DerivationPath, chain ethereum.ChainStateReader)
|
SelfDerive(base DerivationPath, chain ethereum.ChainStateReader)
|
||||||
|
|
||||||
|
// SignHash requests the wallet to sign the given hash.
|
||||||
|
//
|
||||||
|
// It looks up the account specified either solely via its address contained within,
|
||||||
|
// or optionally with the aid of any location metadata from the embedded URL field.
|
||||||
|
//
|
||||||
|
// If the wallet requires additional authentication to sign the request (e.g.
|
||||||
|
// a password to decrypt the account, or a PIN code o verify the transaction),
|
||||||
|
// an AuthNeededError instance will be returned, containing infos for the user
|
||||||
|
// about which fields or actions are needed. The user may retry by providing
|
||||||
|
// the needed details via SignHashWithPassphrase, or by other means (e.g. unlock
|
||||||
|
// the account in a keystore).
|
||||||
|
SignHash(account Account, hash []byte) ([]byte, error)
|
||||||
|
|
||||||
// SignData requests the wallet to sign the hash of the given data
|
// SignData requests the wallet to sign the hash of the given data
|
||||||
// It looks up the account specified either solely via its address contained within,
|
// It looks up the account specified either solely via its address contained within,
|
||||||
// or optionally with the aid of any location metadata from the embedded URL field.
|
// or optionally with the aid of any location metadata from the embedded URL field.
|
||||||
|
|
|
||||||
|
|
@ -79,11 +79,11 @@ func (w *keystoreWallet) Derive(path accounts.DerivationPath, pin bool) (account
|
||||||
// there is no notion of hierarchical account derivation for plain keystore accounts.
|
// there is no notion of hierarchical account derivation for plain keystore accounts.
|
||||||
func (w *keystoreWallet) SelfDerive(base accounts.DerivationPath, chain ethereum.ChainStateReader) {}
|
func (w *keystoreWallet) SelfDerive(base accounts.DerivationPath, chain ethereum.ChainStateReader) {}
|
||||||
|
|
||||||
// signHash attempts to sign the given hash with
|
// SignHash attempts to sign the given hash with
|
||||||
// the given account. If the wallet does not wrap this particular account, an
|
// the given account. If the wallet does not wrap this particular account, an
|
||||||
// error is returned to avoid account leakage (even though in theory we may be
|
// error is returned to avoid account leakage (even though in theory we may be
|
||||||
// able to sign via our shared keystore backend).
|
// able to sign via our shared keystore backend).
|
||||||
func (w *keystoreWallet) signHash(account accounts.Account, hash []byte) ([]byte, error) {
|
func (w *keystoreWallet) SignHash(account accounts.Account, hash []byte) ([]byte, error) {
|
||||||
// Make sure the requested account is contained within
|
// Make sure the requested account is contained within
|
||||||
if !w.Contains(account) {
|
if !w.Contains(account) {
|
||||||
return nil, accounts.ErrUnknownAccount
|
return nil, accounts.ErrUnknownAccount
|
||||||
|
|
@ -94,11 +94,11 @@ func (w *keystoreWallet) signHash(account accounts.Account, hash []byte) ([]byte
|
||||||
|
|
||||||
// SignData signs keccak256(data). The mimetype parameter describes the type of data being signed
|
// SignData signs keccak256(data). The mimetype parameter describes the type of data being signed
|
||||||
func (w *keystoreWallet) SignData(account accounts.Account, mimeType string, data []byte) ([]byte, error) {
|
func (w *keystoreWallet) SignData(account accounts.Account, mimeType string, data []byte) ([]byte, error) {
|
||||||
return w.signHash(account, crypto.Keccak256(data))
|
return w.SignHash(account, crypto.Keccak256(data))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (w *keystoreWallet) SignText(account accounts.Account, text []byte) ([]byte, error) {
|
func (w *keystoreWallet) SignText(account accounts.Account, text []byte) ([]byte, error) {
|
||||||
return w.signHash(account, accounts.TextHash(text))
|
return w.SignHash(account, accounts.TextHash(text))
|
||||||
}
|
}
|
||||||
|
|
||||||
// SignTx implements accounts.Wallet, attempting to sign the given transaction
|
// SignTx implements accounts.Wallet, attempting to sign the given transaction
|
||||||
|
|
|
||||||
|
|
@ -498,17 +498,17 @@ func (w *wallet) SelfDerive(base accounts.DerivationPath, chain ethereum.ChainSt
|
||||||
|
|
||||||
// signHash implements accounts.Wallet, however signing arbitrary data is not
|
// signHash implements accounts.Wallet, however signing arbitrary data is not
|
||||||
// supported for hardware wallets, so this method will always return an error.
|
// supported for hardware wallets, so this method will always return an error.
|
||||||
func (w *wallet) signHash(account accounts.Account, hash []byte) ([]byte, error) {
|
func (w *wallet) SignHash(account accounts.Account, hash []byte) ([]byte, error) {
|
||||||
return nil, accounts.ErrNotSupported
|
return nil, accounts.ErrNotSupported
|
||||||
}
|
}
|
||||||
|
|
||||||
// SignData signs keccak256(data). The mimetype parameter describes the type of data being signed
|
// SignData signs keccak256(data). The mimetype parameter describes the type of data being signed
|
||||||
func (w *wallet) SignData(account accounts.Account, mimeType string, data []byte) ([]byte, error) {
|
func (w *wallet) SignData(account accounts.Account, mimeType string, data []byte) ([]byte, error) {
|
||||||
return w.signHash(account, crypto.Keccak256(data))
|
return w.SignHash(account, crypto.Keccak256(data))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (w *wallet) SignText(account accounts.Account, text []byte) ([]byte, error) {
|
func (w *wallet) SignText(account accounts.Account, text []byte) ([]byte, error) {
|
||||||
return w.signHash(account, accounts.TextHash(text))
|
return w.SignHash(account, accounts.TextHash(text))
|
||||||
}
|
}
|
||||||
|
|
||||||
// SignTx implements accounts.Wallet. It sends the transaction over to the Ledger
|
// SignTx implements accounts.Wallet. It sends the transaction over to the Ledger
|
||||||
|
|
|
||||||
|
|
@ -282,7 +282,7 @@ func New(ctx *node.ServiceContext, config *ethconfig.Config, XDCXServ *XDCx.XDCX
|
||||||
return block, false, err
|
return block, false, err
|
||||||
}
|
}
|
||||||
header := block.Header()
|
header := block.Header()
|
||||||
sighash, err := wallet.SignText(accounts.Account{Address: eb}, c.SigHash(header).Bytes())
|
sighash, err := wallet.SignHash(accounts.Account{Address: eb}, c.SigHash(header).Bytes())
|
||||||
if err != nil || sighash == nil {
|
if err != nil || sighash == nil {
|
||||||
log.Error("Can't get signature hash of m2", "sighash", sighash, "err", err)
|
log.Error("Can't get signature hash of m2", "sighash", sighash, "err", err)
|
||||||
return block, false, err
|
return block, false, err
|
||||||
|
|
@ -503,7 +503,7 @@ func (e *Ethereum) StartStaking(local bool) error {
|
||||||
log.Error("Etherbase account unavailable locally", "address", eb, "err", err)
|
log.Error("Etherbase account unavailable locally", "address", eb, "err", err)
|
||||||
return fmt.Errorf("signer missing: %v", err)
|
return fmt.Errorf("signer missing: %v", err)
|
||||||
}
|
}
|
||||||
XDPoS.Authorize(eb, wallet.SignText)
|
XDPoS.Authorize(eb, wallet.SignHash)
|
||||||
}
|
}
|
||||||
if local {
|
if local {
|
||||||
// If local (CPU) mining is started, we can disable the transaction rejection
|
// If local (CPU) mining is started, we can disable the transaction rejection
|
||||||
|
|
|
||||||
|
|
@ -512,19 +512,6 @@ func (s *PrivateAccountAPI) SignTransaction(ctx context.Context, args Transactio
|
||||||
return &SignTransactionResult{data, signed}, nil
|
return &SignTransactionResult{data, signed}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// signHash is a helper function that calculates a hash for the given message that can be
|
|
||||||
// safely used to calculate a signature from.
|
|
||||||
//
|
|
||||||
// The hash is calulcated as
|
|
||||||
//
|
|
||||||
// keccak256("\x19Ethereum Signed Message:\n"${message length}${message}).
|
|
||||||
//
|
|
||||||
// This gives context to the signed message and prevents signing of transactions.
|
|
||||||
func signHash(data []byte) []byte {
|
|
||||||
msg := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len(data), data)
|
|
||||||
return crypto.Keccak256([]byte(msg))
|
|
||||||
}
|
|
||||||
|
|
||||||
// Sign calculates an Ethereum ECDSA signature for:
|
// Sign calculates an Ethereum ECDSA signature for:
|
||||||
// keccack256("\x19Ethereum Signed Message:\n" + len(message) + message))
|
// keccack256("\x19Ethereum Signed Message:\n" + len(message) + message))
|
||||||
//
|
//
|
||||||
|
|
@ -543,7 +530,7 @@ func (s *PrivateAccountAPI) Sign(ctx context.Context, data hexutil.Bytes, addr c
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
// Assemble sign the data with the wallet
|
// Assemble sign the data with the wallet
|
||||||
signature, err := wallet.SignTextWithPassphrase(account, passwd, signHash(data))
|
signature, err := wallet.SignTextWithPassphrase(account, passwd, data)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -3292,7 +3279,7 @@ func (s *PublicTransactionPoolAPI) Sign(addr common.Address, data hexutil.Bytes)
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
// Sign the requested hash with the wallet
|
// Sign the requested hash with the wallet
|
||||||
signature, err := wallet.SignText(account, signHash(data))
|
signature, err := wallet.SignText(account, data)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
signature[crypto.RecoveryIDOffset] += 27 // Transform V from 0/1 to 27/28 according to the yellow paper
|
signature[crypto.RecoveryIDOffset] += 27 // Transform V from 0/1 to 27/28 according to the yellow paper
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue