Support Multi-srp backups in SeedlessOnboardingController #5685
Conversation
| * @param password - The password to verify. | ||
| * @throws {Error} If the password is invalid or the vault is not initialized. | ||
| */ | ||
| async #verifyPassword(password: string) { |
There was a problem hiding this comment.
| async #verifyPassword(password: string) { | |
| async #verifyVaultPassword(password: string) { |
| @@ -94,6 +130,8 @@ export class SeedlessOnboardingController extends BaseController< | |||
|
|
|||
| readonly toprfClient: ToprfSecureBackup; | |||
|
|
|||
| #password?: string; | |||
There was a problem hiding this comment.
why are we storing password here? Does keyring controller also does this?
| } | ||
| await this.#vaultEncryptor.decrypt(password, this.state.vault); | ||
| } | ||
|
|
||
| /** | ||
| * Unlocks the encrypted vault using the provided password and returns the decrypted vault data. | ||
| * This method ensures thread-safety by using a mutex lock when accessing the vault. |
There was a problem hiding this comment.
Function description needs to be updated since we don't provide password anymore as arg
| @@ -423,25 +492,58 @@ export class SeedlessOnboardingController extends BaseController< | |||
| * - The password is incorrect (from encryptor.decrypt) | |||
| * - The decrypted vault data is malformed | |||
| */ | |||
| async #unlockVaultWithPassword(password: string): Promise<{ | |||
| async #unlockVaultAndGetBackupEncKey(): Promise<{ | |||
There was a problem hiding this comment.
it would be rather better to have password as optional param here, rather thn loading it from state inside the function
| }); | ||
|
|
||
| this.#password = password; |
There was a problem hiding this comment.
since we are setting vaultEncryptionKey above, do we really need to set password as well in class variable, wht the case when vaultEncryptionKey might be missing but password would be required instead?
| encryptedString: EncryptionResult, | ||
| ) => Promise<unknown>; | ||
| /** | ||
| * Generates an encryption key from exported key string. |
There was a problem hiding this comment.
| * Generates an encryption key from exported key string. | |
| * Generates an encryption key from imported key string. |
| /** | ||
| * Generates an encryption key from exported key string. | ||
| * | ||
| * @param key - The exported key string. |
There was a problem hiding this comment.
| * @param key - The exported key string. | |
| * @param key - The imported key string. |
…ler' into feat/seedless-multi-srp
Co-authored-by: himanshuchawla009 <[email protected]>
Explanation
Support multiple SeedPhrases backup under one user account (social).
addNewSeedPhraseBackupin controller to create backup for new SeedPhrase.EncryptionKey(which will be derived from the password) in the controller as non-persisted state, to unlock the Seedless Vault to retrieve theEncryption KeyandAuth Keywithout entering the password. The reason for storing this is that when user imports new SeedPhrase in the wallet, the newly imported SeedPhrase can be backed up automatically without needing to type the password.Lockand sync withKeyringController:lockandKeyringController:unlockeventsReferences
Changelog
@metamask/seedless-onboarding-controlleraddNewSeedPhraseBackupmethod in the controller to use for import new SeedPhraseEncryptorinterface with theExportableKeyEncryptorfromKeyringControllerencryptionKeyandencryptionSaltstate as non-persisted statelockto sync withKeyringController'slockandunlockeventsfetchAllSeedPhrasesmethod to be the same order asKeyringsMetadatafromKeyringControllerLockstateencryptoras required property inSeedlessOnboardingControllerOptionsChecklist