krux icon indicating copy to clipboard operation
krux copied to clipboard

Published 20 hours ago verified publisher icon selfcustody

Wallet sans key

Open jdlcdl opened this issue 1 year ago • 2 comments

DRAFT

Description

POC: A Wallet Descriptor can be loaded without the user sharing private key material... to verify/view addresses.

  • A wallet can be loaded with key=None (ie: krux is in watch-only mode... still in login())
  • wallet has a notion of "persisted" so that redundant offers of "save to sdcard" can be reduced.
  • pages that, currently -- arguably, should ONLY be available once user has logged in, are being re-used prior to login.
  • Still undecided about how to determine "network". krux has a default wallet-network setting... but wallet descriptors and xpubs also have a specific network. Using krux settings currently -- but it doesn't feel correct... or maybe it should fail to load when in conflict with krux settings?
  • Using tools/wallet-addresses to load a wallet descriptor before logging in does NOT interfere with loading a mnemonic. A new wallet will be initialized w/o the previously loaded descriptor.

I'm expecting some push-back, or at least discussion among other devs... since this pr breaks some existing conventions about what is available and when (and/or where re-used modules reside).

What is the purpose of this pull request?

  • [ ] Bug fix
  • [X] New Feature
  • [ ] Documentation update
  • [ ] Other

jdlcdl avatar May 12 '24 10:05 jdlcdl

This looks great! About the network, as any other path attribute, IMO it should use descriptor's. Maybe descriptor path attributes could be displayed in an "infobox" like it's done with wallets before user enters addresses menu.

odudex avatar May 12 '24 12:05 odudex

I was testing the feature and I think the infobox could appear on the address menu, no need for a interaction or a new screen "before", also if the user is using multiple devices it can forget what is loaded on what and the infobox appearing on the address menu would solve that issue

tadeubas avatar May 12 '24 14:05 tadeubas

Attached: a compressed tar file that will create a "./sd-wallet_sans_key/" directory wherever it is unpacked. This directory holds:

  • seeds.json w/ 3 mnemonics w/o passphrases for, "Grampa", "Grampa85c0" and "Grampa85c1". The key is "abc".
  • settings.json for settings storage on sdcard and user-interface in english,
  • MAINNET directory with subdirectories for krux-supported script types, each containing usefully-named text-files that can be loaded in this branch as wallet descriptors for verifying/viewing addresses.
  • TESTNET directory with same as above, for testnet.

note: files named like "REKT..." are loadable but too vague to be used as wallet descriptors. The user should be prompted to accept an assumption which is incorrect, and would be best served to decline (I didn't think of a better way; ~~it's the way this branch is handling ability to load blue-wallet's vague legacy wallet xpubs~~). [UPDATE] commit a1c2cf294527d18ae1bb252631b16daccf966143 changes the assumption for key-origin-less xpubs from legacy bip44 to native-segwit bip84. This means that BlueWallet users will NOT be able to use the tools/descriptor-addresses feature for legacy wallets via the BlueWallet backup xpub... however if they export an xpub from krux (which includes key-origin info), then it would work just fine.

You may put the contents of "./sd-wallet_sans_key/" onto an sdcard for testing on a krux device, or into the "~/krux/simulator/sd" directory for testing via the simulator.

The following gist was used in testing this branch and creating these files. https://gist.github.com/jdlcdl/8675f0f1e748d06274d31c27cc7474d0

sd-wallet_sans_key.tar.gz

jdlcdl avatar May 30 '24 17:05 jdlcdl

Commit ca84389 corrects a bug found by Odudex where bech32 addresses were incorrect for testnet (they were regtest bech32 addresses instead) when derived from a wallet descriptor only.

It was about an assumption made in wallet.which_network() that different implementations of python might sort dictionary keys similarly (main, test, signet, regtest), but on k210, "regtest" came first and this branch was unable to determine between testnet/signet/regtest based on the extended-public-key version alone, assuming regtest gave "bcrt" addresses instead of "tb" addresses.

The fix includes:

  • what appears to be more looping ~~but it's not, it's just slightly~~ and it is, but also easier to read w/o comprehensions,
  • a hard coded list of supported embit.networks.NETWORKS keys ("main", "test")
  • a hard coded list of extended-public-key version keys ("xpub", "zpub", "ypub", "Zpub", "Ypub")

This bug would have appeared only for testnet, only for bech32 addresses, and the wrong addresses would not have been valid for the wrong network. Still, my sloppy mistake is solely mine.

Thank you Odudex!

jdlcdl avatar Jun 06 '24 20:06 jdlcdl

Thank you for this great feature and overall improvements on the wallet descriptor loading process!

odudex avatar Jun 07 '24 13:06 odudex

Hi @jdlcdl, amazing work! I just made a few suggestions because it doesn't make sense for a Boolean variable to take None as a value. It was either persisted or NOT (if it was created recently, it was NOT)

I was using 3 values for: None=i don't know if it's persisted or not, False=doesn't appear to be persisted, and True=Im sure it's already persisted.

But None and False are effectively the same: "I'm not sure that it's persisted" (because even if we set it False, it could be persisted as another file on sdcard or elsewhere... and we'll set it True if/when we load or save it.

Thank you Tadeu, I'll issue a pr for your suggestions.

jdlcdl avatar Jun 19 '24 13:06 jdlcdl