bob-wallet icon indicating copy to clipboard operation
bob-wallet copied to clipboard

Published 20 hours ago verified publisher icon kyokan

passphrase not sanitized in log when using Exchange

Open pinheadmz opened this issue 3 years ago • 2 comments

On regtest, I'm guilty of using pretty simple wallet passphrase. Can you find it in this log output to stdout? ;-)

Executing IPC method. {
  jsonrpc: '2.0',
  method: 'Shakedex.fulfillSwap',
  params: [
    {
      name: 'cool_name',
      lockingTxHash: '7d6e9b51fd472c1a9525234ce544fa6eef7507a07f5db318bfed7fc94df86c93',
      lockingOutputIdx: 0,
      publicKey: '021f5c2973a19ebb54e1d999f0d257fb7e4100af2207287271402d6e0a9ffd0ea8',
      paymentAddr: 'rs1qzfd8t5hxy8kku9zc2mzghk00l9vgl9aslpjaes',
      bids: [Array]
    },
    {
      price: 23154916967,
      lockTime: 1643836266000,
      signature: 'fd3b53bc33346f222bc10696e5ce20e91d54e4c0a489ecd24f8c8fbd34c3f3e84b56523c36dcdfa9d830d3ed7043b5b7080d9cf6ed158c7972fd59cb6981c79684'
    },
    '123456789'
  ],
  id: 39
}

pinheadmz avatar Feb 03 '22 02:02 pinheadmz

Hehe min length is 8 chars, so can actually do 12345678

Other methods with sensitive params use suppressLogging that scrubs all parameters. Wasn't sure if we'd lose out on a lot useful information while debugging shakedex, but should be fine I think?

I think we can suppress for:

- fulfillSwap
- finalizeSwap
- transferLock
- finalizeLock
- finalizeCancel
- transferCancel
- launchAuction

rithvikvibhu avatar Feb 03 '22 08:02 rithvikvibhu

another option is maybe to refactor the shakedex actions so we unlock the wallet first before sending IPC commands to shakedex. I know the shakedex lib has context which handles its own wallet rpc calls... maybe that can be bypassed or pass null for the passphrase after we unlock it form bob UI using rpc.

pinheadmz avatar Feb 03 '22 13:02 pinheadmz