arrayio / array-io-keychain Goto Github PK

Linux version of keychain has password entry window. This function had been added in task #5.

Within this task passentry submodule had been added to keychain solution. From security considerations passentry gui window executes from user context (not from keychain service user).

Next we need to add gravatar function on Linux platform. For this you need:

1. implement receiving hex representation of transaction in passetry gui submodule
2. calculate gravatar for hex array
3. print this gravatar on password entry window.

Also, we need to make test tool for this solution.
Test tools must have following functions:

1. Paste hex transaction (input data)
2. calculate and print gravatar for hex transaction in test gui window
3. launch and connection to keychain_cmd_app. For this purpose it need to add test binary file, that will fork, set set uid and replaces themself with gui test tool and keychain_cmd_app binary files.

Also I have additional question: what about implementation gravatar function on windows platfrom. Is it in our plans? Who will implement this?

Now, keychain uses reflection from fc library for serialisation json-packet.
It is supposed to do "reflection" independent from fc.

The gui must have:

• a copy/pastable raw transaction
• a verifieble against raw transaction user friendly transaction representation (e.g. ray.transfer(str('vasia'),uint256(100))
• a gravatar of raw transaction
• a button to get a qr code of raw transaction
• "cancel" button
• "sign with wallet1.dat" button with a dropdown that will let you select a different wallet to sign with.

after signature another text should appear

• with signed raw transaction
• also gravatar of the signed raw trasnaction
• qr code to get the raw transaction

Attacker can grab pass secret by displaying fake password entry window for user. User will pass secret to the fake window and attacker will can to grab secret.

We need to implement protection mechanism like alt+ctrl+del in windows OS. User must enter specific keyboard shortcut, that attacker can not capture. If attacker will try to print fake pass entry window user will press a key combination. Our service will capture this keyboard shortcut, kill fake pass entry window and display truly pass entry window.

We must to figure out how to implement this protection mechanism on Windows, Linux and MacOS.

Need to implement signing transaction for bitcoin.

Parent task: #11

It is necesary to create keychain installer for Windows

Parent task: #7

It is necessary to integrate source files of terminal program "password entry" and GUI into project array-io-keychain

Linux version of keychain has password entry window. This function had been added in task #5.

Within this task passentry submodule had been added to keychain solution. From security considerations passentry gui window executes from user context (not from keychain service user).

Next we need to add gravatar function on Linux platform. For this you need:

1. implement receiving hex representation of transaction in passetry gui submodule
2. calculate gravatar for hex array
3. print this gravatar on password entry window.

Also, we need to make test tool for this solution.
Test tools must have following functions:

1. Paste hex transaction (input data)
2. calculate and print gravatar for hex transaction in test gui window
3. launch and connection to keychain_cmd_app. For this purpose it need to add test binary file, that will fork, set set uid and replaces themself with gui test tool and keychain_cmd_app binary files.

Also I have additional question: what about implementation gravatar function on windows platfrom. Is it in our plans? Who will implement this?

Need to implement lock/unlock behavior in keychain.

Keychain must store decrypted private key in memory during the specified time (unlock timeout). Store time is configured value. At this step this value may be hardcoded. Next unlock timeout value will be able to set by configuration. Storing decrypted private key in memory provide as sign next user transactions without necessary of entering key password every time.

Decrypted private key must store in keychain memory

• while pipe is open
• while timeout is not expired

Also it need to add lock command to keychain API.

lock command must have following parameters:

• username - string param, providing key name to be locked

1. - MacOS
2. - Windows
3. - Linux

Need to create websocket server for all platforms.

WS server will run as service (linux daemon). WS server will install into the OS by keychain package jointly with keychain app (keychain service on Windows)

How it work:
WS server
client app => receive rpc request by web socket transport - it may be requests from client apps =>
=> open pipe channel with keychain (keychain service on windows) =>
=> send keychain commands (json format) =>
=> receive keychain response =>
=> translate keychain response to the websocket => client app

Need to create installer for Windows 7/8/10. Installer for Win10 is priority target.

Need to test keychain ethereum sign format on ethereum node

1. - MacOS
2. - Windows
3. - Linux

Need to create key manager GUI for all platforms
Prototype for gui is here

We'll have next fields on main table

• full keyname (min size = 18 symbols)
• description
• date: last usage date or creation date if not usage yet

Key info window:

1. full keyname
2. descryption
3. last usage date
4. public key
5. location
6. cipher type or non-encrypted flag
7. creation date
8. keychain version

Functions must be implemented:

1. show list of all keys
2. show key information
3. edit key description -- need successful unlock before delete
4. delete key -- need successful unlock before delete
5. export all keys -- need to ecrypt archive on mnemonic or user password
6. import all keys (with decryption key archive)
7. show keychain websocket service status
8. show logs and last error info
9. about function

1. - MacOS
2. - Windows
3. - Linux

At this moment keychain store key files in file system. Keys are protected from copying by symmetric encryption. But at this moment this solutions does not provide proper level of protection from following risks:

• unauthorized removal of the key
• compromising key (for example by modify and overwriting key files).

It is preferable to use native secure mechanisms in OS for reliable and secure storing of keys.

Need to implement secure password entry.
Platforms must be supported:

1. windows 7 and newer
2. macos 10.11 and newer
3. linux: ubuntu 16.04 and newer (list of distributions can be extended)

Platform should be supported in future:

1. android
2. ios

Design features

Windows

• run keychain as service,
• using jsonrpc interface to permorm keychain operations,
• keychain service call password window in secure mode.
  The immediate task: Need to figure out how to implement password window call in secure mode.

Macos
The immediate task: Need to figure out design features for secure password entry on Macos.

Linux (X11)

• using suid bit, to launch keychain app on behalf of the keychain user,
• keychain app call password window in secure mode.
  The immediate task: Need to figure out how to implement password window call in secure mode on X11 systems.

Parent task: #11

It is necesary to create keychain installer for Mac

https://github.com/arrayio/array-io-keychain/wiki/keychain-sample-commands

• remove CMD_ prefix
• remove CAPS.

CMD_SIGN -> sign

Bug has been detected: keychain_pass_entry_app can not start password entry window on Win10.

keychain_pass_entry_app successfully run and show pass entry window on Win7, but does not work on Win10.

Need to fix it.

Need to run WS server https://github.com/joewalnes/websocketd/wiki/Ten-minute-tutorial on Windows. In this configuration we can run keychain on windows without keychain_service_win.
Need to modify existing keychain command line app. This app will run by ws server in system user context and can run pass_ent_app utility.

Need to try run keychain in this configuration.

Parent task: #11

It is necesary to create keychain deb-package for ubuntu/debian/mint

Parent task: #7

Some keyboard layout have key modifiers (French, for example). This provides the ability to press more one key for one symbol. It is necessary to implement read this symbols on low-level.

The task is pending.

Need to implement parse transaction mechanism in keychain.
Description wil come soon...

Need to run WS server https://github.com/joewalnes/websocketd/wiki/Ten-minute-tutorial on MacOS and try to run keychain app by ws server.

Need to run ws server on Linux
https://github.com/joewalnes/websocketd/wiki/Ten-minute-tutorial

Need to run keychain app by ws server.

it is necesary to implement bitcoin signature to keychain

Parent task: #9

websocket interface will be used for signing transaction from web-interface.

Need to implement signature for Ripple blockchain.

It is need to implement signing transaction for graphene blockchains without bitashares core libraries.

We don't want to link:

• libfc.a
• graphene_utitlities.a
• libsecp256k1.a -- bitshares version of this library.

We need to use secp256k1 library from https://github.com/bitcoin-core/secp256k1.git, not from https://github.com/bitshares/secp256k1-zkp.git.

It is possible to add required function to bitcoin-core/secp256k1 if it is necessary to sign graphene transactions.

All mentions of Algorithm that relate to symmetric encryption should be renamed to 'cipher'.

This shiould be done inside code, and .md files.

{ "command": "create", "params": { "keyname": "test1", "encrypted": true, "algo": "CIPHER_AES256", "curve": "CURVE_SECP256K1" } }

should look like this:

{ "command": "create", "params": { "keyname": "test1", "encrypted": true, "cipher": "aes256", "curve": "secp256k1" } }

also

remove relics such as prefixes in the name of cipherss and curves, and make them lower case letters.

• rename to cipher
• remove CIPHER_ prefix
• remove CURVE_ prefix
• make names of curves and ciphers lowercase

Setup CI/CD (Jenkins) For supported platforms:

• Linux
• OS X
• Windows

I try to run WS server and start keychain app by server on incoming ws connection.

Keychain send to the clien json response in human readable form like this

{
  "command": "create",
  "params":
   {
      "keyname": "test1",
      "encrypted": true,
      "curve": "secp256k1",
      "cipher": "aes256"
  }
}

But ws client don't receive last brace.

{
"command": "create",
"params":
{
"keyname": "test1",
"encrypted": true,
"curve": "secp256k1",
"cipher": "aes256"
}

If keychain send response in one string this response does not reach the client at all.

Need to fix it.

It is necessary to run putty client with admin privileges to connect to named pipe on Windows. Need to reduce this requirements.

Keychain can not built on windows in release mode. In release mode compiler do not produce fc_light::~iostream destructor for some reason.

Need to fix it.

AIP: -
  Title: Keychain application
  Status: Draft
  Type: Client
  Author: @vladiuz1 ([email protected])
  Created: 2018-03-20

Abstract

A keychain is a multiformart multiplatform secure keystore application. At the moment a developer of multichain functionality is using different formats of storing keys. bitcoind, geth keystore, electrum's keyfiles all use the same public/private key standards but store them in different file formats, and have different interfaces to interract with keys.

Motivation

• Multi-blockchain wallets. Same key - multiple currencies.
• Keep your crypto in same keystore, and manage with one (or more) client application.
• Separate client application from keystore for added security.
• Use the keychain for cold wallets.
• Unified interface to sign a transaction generated for any crypto currency.

Most blockchain project's wallets have duplicate functionality, and many differ only in the hash function signing transactions and generating addresses. However functionally it is the same public/private key cryptography with repeating functionality. create/sign/get public key.

Array.io client application can eventually be used for design of multi-blockchain applications. For example direct atomic swaps, lightning network applications, multi-blockchain wallets, etc. A keystorage that can keep and sign a key from any blockchain is extremely helpful. Security of keeping the key in a dapps environment is of utmost importance. Hence keychain environment must be separated from client application.

Summary

An Array.io Keychain is an application that creates and manages private/public key pairs and signs transactions. It is a standalone application that can be run in commandline or gui mode.

The most important functionality of the keychain is ability to sign transactions. Most blockchain projects today are using the same public/private key algorithm - secp256k1. And one key may be used for many different blockchains. The keychain must be modular application that knows how to sign trsansactions of multiple blockchains. It must understand multiple raw transaction formats eventually.

Another important command of the keychain is generation key pairs. As part of generation flow, a user must be prompted to write down a 12 word mnemonic seed.

And since the generation of keys is the main feature, we must also allow adding functionality to recognize multiple wallet formats, so keys could be conveniently imported into keychain from other client formats. E.g. electrum, ethereum, bitcoind's wallet.dat, etc...

Even though this is a standalone application it will rarely be launched by a user in either GUI or command line mode. It will most often be used by dapps server or array-io-node to sign transaction in a pipeline mode. Where the output of node or server is piped to the input of array-io-keychain.

Specification

Synopsis

arrayio-keychain command [options] [arguments]

List of commands:

Modes of operation

• command line
• pipeline
• websocket

Example usage:

Commandline:

$ array-io-keychain sign —keyname=test0 --chainid=1 --in-format=hex --out-format=hex 871689d060721b5cec5a010080841e00000000000011130065cd1d0000000000000000
< 1f3314428fe189b2a5424b874dc4ef25c8df65c9d13504ede32a2b2c4c8ada5041161705139e81b981c5c31336d719cf40bd5619a24d890c89b1772944c3fffcc4

Pipeline:

$ array-io-keychain —keyname=test0
> sign --chainid=1 --in-format=hex --out-format=hex 871689d060721b5cec5a010080841e00000000000011130065cd1d0000000000000000
< 1f3314428fe189b2a5424b874dc4ef25c8df65c9d13504ede32a2b2c4c8ada5041161705139e81b981c5c31336d719cf40bd5619a24d890c89b1772944c3fffcc4

For compability with Ethereum account it is need calculate address of account using non-standard SHA3 algorithm. For this need to replace openssl::SHA3 to ethash::SHA3 in toAddress() function.

libsecp256k1 - берём самую свежую и продвинутую и пробуем интегрировать в свою ноду,
для чего необходимо будет допилить библиотеку fc, чтобы поддерживать новые сигнатуры из новой библиотеки secp256k1

This task follows from #1

Linux version of keychain has password entry window. This function had been added in task #5.

Within this task passentry submodule had been added to keychain solution. From security considerations passentry gui window executes from user context (not from keychain service user).

Next we need to add gravatar function on Linux platform. For this you need:

1. implement receiving hex representation of transaction in passetry gui submodule
2. calculate gravatar for hex array
3. print this gravatart on password entry window.

Also, we need to make test tool for this solution.
Test tools must have following functions:

1. Paste hex transaction (input data)
2. calculate and print gravatar for hex transaction in test gui window
3. launch and connection to keychain_cmd_app. For this purpose it need to add test binary file, that will fork, set set uid and replaces themself with gui test tool and keychain_cmd_app binary files.

Also I have additional question: what about implementation gravatar function on windows platfrom. Is it in our plans? Who will implement this?

Need to implement signing transaction for ethereum.

Need to run bitcoin testnet -- is it possible to start ethereum node on local machine without connection to testnet?
Need to modify ethereum cli_wallet to generate unsigned binary transaction.

It is necessary to implement a call to keychain from web site (swap.online, for example) to sign the transaction. The Keychain must return the signed transaction to site. The POST method is supposed to be used.
The keychain must have command-line interface: #15

Need to implement basic functions of keychain declared in #2.

the public_key must be returned in one of these formats:

• hex
• base64
• base58
• wif (with optional params: --prefix, --compression, --version from this page.)

For wif (wallet import format) you shall use the following default option values:

--prefix      = ''
--version     = 0x80
--compression = 0x01

--hd option will return a hierachical deterministic public key derived from either saved public key [un]encrypted private key.

Another option to implement is --derive. This will return a public key derived from private key rather than returning the saved public key from wallet storage (derived during the creation of the key pair).

If this option is selected and the private key is encrypted such request will prompt user for password.

Once hierarchical deterministic wallets are ready, the --derive option will similarly derive the public key directly from private key rather than from saved public key in the wallet storage.

• hex format
• base64 format
• wif format according to http://learnmeabitcoin.com/glossary/wif
• --compression option for wif format
• --version option for wif format
• --prefix option for wif format
• --hd option
• --derive option

Parent task: #7

For enhanced security, program "password entry" should not have GUI. It is proposed to implement GUI in another programm, that started and controlled through pipe.
It is proposed to use QT for cross-platform GUI implementation.

GUI is complete. It is necessary to implement of the interface with the terminal program.
Source files:
https://github.com/arrayio/array-io-keychain/tree/research/app/linux/passentry_gui

Enviroment: Windows 10, SDK 10.0.17763.0, UAC is disabled, LLVM-2017

While using Putty and enter next command like:

{
"command": "create",
"params":
{
"keyname": "test1",
"encrypted": true,
"curve": "secp256k1",
"cipher": "aes256"
}
}

1. keychainservice cant create and handle new process with existed binary keychain_pass_entry_app.exe (but if you run only this binary it works). If keychain_pass_entry_app cant start keychain_service_win cant process next commands in current session.

2. If keychain_pass_entry_app cant start, for example, in runtime CreateProcessAsUser WINAPI method (processthreadsapi.h) returns 0, and programm write out 183 error (by GetLastError()) in log file, but there no outcoming error message about this execption in Putty dialog. It must be current exception handling.

Test with positive result was only on Windows 7, x64 (on VirtualBox) from root user.
Test with negative result only on Windows 10, x64 (on VirtualBox and host OS) from root and common user.

Need to implement logging system for collect errors and warnings from keychain and array-io-core submodules.
Most probably, boost log library will be integrated into keychain.

We need to develop GUI for manipulationg transactions and its information.

Global steps for realization:

• create draft classes (maybe abstract class with defined methods for manipulating inupt/output forms and data serialization)
• create UI form by Qt Designer
• implement each method for parsing transaction or other common information

Keychain service (windows) crashes on pipe client disconnect.
Test case:

1. start win service
2. connect by putty client
3. exec some commands, for example, "create command"
4. close putty client => crash.

Need to fix it.

The integrator has a need to call pipe line command in asynchronouse mode. For this purpose, we need to add the id field in the pipeline command. Then integrator will be able to match requests and responses.

Parent task: #7

It is necessary to implement pipe-interface between terminal program and GUI. For this purpose it is supposed to use JSON-format

Linux version of keychain has password entry window. This function had been added in task #5.

Within this task passentry submodule had been added to keychain solution. From security considerations passentry gui window executes from user context (not from keychain service user).

Next we need to add gravatar function on Linux platform. For this you need:

1. implement receiving hex representation of transaction in passetry gui submodule
2. calculate gravatar for hex array
3. print this gravatar on password entry window.

Also, we need to make test tool for this solution.
Test tools must have following functions:

1. Paste hex transaction (input data)
2. calculate and print gravatar for hex transaction in test gui window
3. launch and connection to keychain_cmd_app. For this purpose it need to add test binary file, that will fork, set set uid and replaces themself with gui test tool and keychain_cmd_app binary files.

Also I have additional question: what about implementation gravatar function on windows platfrom. Is it in our plans? Who will implement this?