service

package
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 9, 2023 License: MIT Imports: 31 Imported by: 0

README

Wallet API

Authentication

Logging in to a wallet

POST api/v1/auth/token

Logging in to a wallet is done using the wallet name and passphrase. The operation fails if the wallet not exist, or if the passphrase used is incorrect. On success, the wallet is loaded, a session is created and a JWT is returned to the user.

Example
Request
{
  "wallet": "your_wallet_name",
  "passphrase": "super-secret"
}
Command
curl -s -XPOST -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/auth/token
Response
{
  "token": "abcd.efgh.ijkl"
}
Logging out from a wallet

DELETE api/v1/auth/token

Using the JWT returned when logging in, the session is recovered and removed from the service. The wallet can no longer be accessed using the token from this point on.

Example
Command
curl -s -XDELETE -H 'Authorization: Bearer abcd.efgh.ijkl' http://127.0.0.1:1789/api/v1/auth/token
Response
{
  "success": true
}

Network management

Get current network configuration

GET api/v1/network

Example
Command
curl -s -XPOST -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/network
Response
{
  "network": {
    "name": "mainnet"
  }
}

Wallet management

Create a wallet

POST api/v1/wallets

Creating a wallet is done using a name and passphrase. If a wallet with the same name already exists, the action is aborted. The new wallets is encrypted (using the passphrase) and saved to a file on the file system. A session and accompanying JWT is created, and the JWT is returned to the user.

Example
Request
{
  "wallet": "your_wallet_name",
  "passphrase": "super-secret"
}
Command
curl -s -XPOST -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/wallets
Response
{
  "token": "abcd.efgh.ijkl"
}
Import a wallet

POST api/v1/wallets/import

Import a wallet is done using a name, a passphrase, and a recoveryPhrase. If a wallet with the same name already exists, the action is aborted. The imported wallet is encrypted (using the passphrase) and saved to a file on the file system. A session and accompanying JWT is created, and the JWT is returned to the user.

Example
Request
{
  "wallet": "your_wallet_name",
  "passphrase": "super-secret",
  "recoveryPhrase": "my twenty four words recovery phrase"
}
Command
curl -s -XPOST -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/wallets
Response
{
  "token": "abcd.efgh.ijkl"
}

Key management

Generate a key pair

POST api/v1/keys

Authentication required.

It generates a new key pair into the logged wallet, and returns the generated public key.

Example
Request
{
  "passphrase": "super-secret",
  "meta": [
    {
      "key": "somekey",
      "value": "somevalue"
    }
  ]
}
Command
curl -s -XPOST -H 'Authorization: Bearer abcd.efgh.ijkl' -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/keys
Response
{
  "key": {
    "pub": "1122aabb",
    "algo": "ed25519",
    "tainted": false,
    "meta": [
      {
        "key": "somekey",
        "value": "somevalue"
      }
    ]
  }
}
List keys

GET api/v1/keys

Authentication required.

Users can list all the public keys (with taint status, and metadata) of the logged wallet.

Example
Command
curl -s -XGET -H "Authorization: Bearer abcd.efgh.ijkl" http://127.0.0.1:1789/api/v1/keys
Response
{
  "keys": [
    {
      "pub": "1122aabb",
      "algo": "ed25519",
      "tainted": false,
      "meta": [
        {
          "key": "somekey",
          "value": "somevalue"
        }
      ]
    }
  ]
}
Describe a key pair

GET api/v1/keys/:keyid

Authentication required.

Return the information associated the public key :keyid, from the logged wallet. The private key is not returned.

Example
Command
  curl -s -XPUT -H "Authorization: Bearer abcd.efgh.ijkl" -d 'YOUR_REQUEST' http://127.0.0.1:1789api/v1/keys/1122aabb
Response
{
  "key": {
    "index": 1,
    "pub": "1122aabb"
  }
}
Taint a key pair

PUT api/v1/keys/:keyid/taint

Authentication required.

Taint the key pair matching the public key :keyid, from the logged wallet. The key pair must belong to the logged wallet.

Example
Request
{
  "passphrase": "super-secret"
}
Command
  curl -s -XPUT -H "Authorization: Bearer abcd.efgh.ijkl" -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/keys/1122aabb/taint
Response
{
  "success": true
}
Annotate a key pair

PUT api/v1/keys/:keyid/metadata

Authentication required.

Annotating a key pair replace the metadata matching the public key :keyid, from the logged wallet. The key pair must belong to the logged wallet.

Example
Request
{
  "passphrase": "super-secret",
  "meta": [
    {
      "key": "newkey",
      "value": "newvalue"
    }
  ]
}
Command
  curl -s -XPUT -H "Authorization: Bearer abcd.efgh.ijkl" -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/keys/1122aabb/metadata
Response
{
  "success": true
}

Commands

Sign a command

POST api/v1/command

Authentication required.

Sign a Vega command using the specified key pair, and returns the signed transaction. The key pair must belong to the logged wallet.

Example
Request
{
  "pubKey": "1122aabb",
  "propagate": true,
  "orderCancellation": {
    "marketId": "YESYESYES"
  }
}
Command
  curl -s -XPOST -H "Authorization: Bearer abcd.efgh.ijkl" -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/command
Response
{
  "transaction": {
    "inputData": "dGVzdGRhdG9837420b4b3yb23ybc4o1ui23yEK",
    "signature": {
      "value": "7f6g9sf8f8s76dfa867fda",
      "algo": "vega/ed25519",
      "version": 1
    },
    "from": {
      "pubKey": "1122aabb"
    },
    "version": 1
  }
}
Propagate

In the request payload, when the propagate field can be set to true, the wallet service send the transaction on your behalf to the registered nodes after signing it successfully.

Sign data

POST api/v1/sign

Authentication required.

Sign any base64-encoded data using the specified key pair, and returns the signed transaction. The key pair must belong to the logged wallet.

Example
Request
{
  "inputData": "dGVzdGRhdGEK==",
  "pubKey": "1122aabb"
}
Command
  curl -s -XPOST -H "Authorization: Bearer abcd.efgh.ijkl" -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/sign
Response
{
  "hexSignature": "0xhafdsf86df876af",
  "base64Signature": "fad7h34k1jh3g413g=="
}
Verify data

POST api/v1/verify

Verify any base64-encoded data using the specified public key, and returns the confirmation.

Example
Request
{
  "inputData": "dGVzdGRhdGEK==",
  "pubKey": "1122aabb"
}
Command
  curl -s -XPOST -H "Authorization: Bearer abcd.efgh.ijkl" -d 'YOUR_REQUEST' http://127.0.0.1:1789/api/v1/sign
Response
{
  "hexSignature": "0xhafdsf86df876af",
  "base64Signature": "fad7h34k1jh3g413g=="
}

Documentation

Index

Constants

View Source 
const (
	LengthForSessionHashSeed = 10
)
View Source 
const TXIDLENGTH = 20

Variables

View Source 
var (
	ErrInvalidToken              = errors.New("invalid token")
	ErrInvalidClaims             = errors.New("invalid claims")
	ErrInvalidOrMissingToken     = newErrorResponse("invalid or missing token")
	ErrCouldNotReadRequest       = errors.New("couldn't read request")
	ErrCouldNotGetBlockHeight    = errors.New("couldn't get last block height")
	ErrShouldBeBase64Encoded     = errors.New("should be base64 encoded")
	ErrRSAKeysAlreadyExists      = errors.New("RSA keys already exist")
	ErrRejectedSignRequest       = errors.New("user rejected sign request")
	ErrInterruptedConsentRequest = errors.New("process to request consent has been interrupted")
)
View Source 
var ErrSessionNotFound = errors.New("session not found")

Functions

func InitialiseService 

func InitialiseService(store Store, overwrite bool) error

func IsInitialised added in v0.11.0 

func IsInitialised(store Store) (bool, error)

func NewAuth 

func NewAuth(log *zap.Logger, cfgStore RSAStore, tokenExpiry time.Duration) (*auth, error)

func ParseSubmitTransactionRequest 

func ParseSubmitTransactionRequest(r *http.Request) (*walletpb.SubmitTransactionRequest, commands.Errors)

Types

type Auth 

type Auth interface {
	NewSession(name string) (string, error)
	VerifyToken(token string) (string, error)
	Revoke(token string) (string, error)
}

Auth ...

type AutomaticConsentPolicy added in v0.14.0 

type AutomaticConsentPolicy struct{}

func (*AutomaticConsentPolicy) Ask added in v0.14.0 

func (p *AutomaticConsentPolicy) Ask(_ *v1.SubmitTransactionRequest, _ string, _ time.Time) (bool, error)

func (*AutomaticConsentPolicy) Report added in v0.15.0 

func (p *AutomaticConsentPolicy) Report(_ SentTransaction)

type Claims 

type Claims struct {
	jwt.StandardClaims
	Session string
	Wallet  string
}

type ConsentConfirmation added in v0.14.0 

type ConsentConfirmation struct {
	TxID     string
	Decision bool
}

type ConsentRequest added in v0.14.0 

type ConsentRequest struct {
	TxID         string
	Tx           *v1.SubmitTransactionRequest
	ReceivedAt   time.Time
	Confirmation chan ConsentConfirmation
}

type CreateWalletRequest 

type CreateWalletRequest struct {
	Wallet     string `json:"wallet"`
	Passphrase string `json:"passphrase"`
}

CreateWalletRequest describes the request for CreateWallet.

func ParseCreateWalletRequest 

func ParseCreateWalletRequest(r *http.Request) (*CreateWalletRequest, commands.Errors)

type CreateWalletResponse 

type CreateWalletResponse struct {
	RecoveryPhrase string `json:"recoveryPhrase"`
	Token          string `json:"token"`
}

CreateWalletResponse returns the authentication token and the auto-generated recovery phrase of the created wallet.

type ErrorResponse 

type ErrorResponse struct {
	ErrorStr string   `json:"error"`
	Details  []string `json:"details,omitempty"`
}

func (ErrorResponse) Error 

func (e ErrorResponse) Error() string

type ErrorsResponse 

type ErrorsResponse struct {
	Errors commands.Errors `json:"errors"`
}

type ExplicitConsentPolicy added in v0.14.0 

type ExplicitConsentPolicy struct {
	// contains filtered or unexported fields
}

func (*ExplicitConsentPolicy) Ask added in v0.14.0 

func (p *ExplicitConsentPolicy) Ask(tx *v1.SubmitTransactionRequest, txID string, receivedAt time.Time) (bool, error)

func (*ExplicitConsentPolicy) Report added in v0.15.0 

func (p *ExplicitConsentPolicy) Report(tx SentTransaction)

type GenKeyPairRequest 

type GenKeyPairRequest struct {
	Passphrase string        `json:"passphrase"`
	Meta       []wallet.Meta `json:"meta"`
}

GenKeyPairRequest describes the request for GenerateKeyPair.

func ParseGenKeyPairRequest 

func ParseGenKeyPairRequest(r *http.Request) (*GenKeyPairRequest, commands.Errors)

type ImportWalletRequest 

type ImportWalletRequest struct {
	Wallet         string `json:"wallet"`
	Passphrase     string `json:"passphrase"`
	RecoveryPhrase string `json:"recoveryPhrase"`
	Version        uint32 `json:"version"`
}

ImportWalletRequest describes the request for ImportWallet.

func ParseImportWalletRequest 

func ParseImportWalletRequest(r *http.Request) (*ImportWalletRequest, commands.Errors)

type KeyResponse 

type KeyResponse struct {
	Key wallet.PublicKey `json:"key"`
}

KeyResponse describes the response to a request that returns a single key.

type KeysResponse 

type KeysResponse struct {
	Keys []wallet.PublicKey `json:"keys"`
}

KeysResponse describes the response to a request that returns a list of keys.

type LoginWalletRequest 

type LoginWalletRequest struct {
	Wallet     string `json:"wallet"`
	Passphrase string `json:"passphrase"`
}

LoginWalletRequest describes the request for CreateWallet, LoginWallet.

func ParseLoginWalletRequest 

func ParseLoginWalletRequest(r *http.Request) (*LoginWalletRequest, commands.Errors)

type NetworkResponse 

type NetworkResponse struct {
	Network network.Network `json:"network"`
}

NetworkResponse describes the response to a request that returns app hosts info.

type NodeForward 

type NodeForward interface {
	SendTx(context.Context, *commandspb.Transaction, api.SubmitTransactionRequest_Type, int) (string, error)
	CheckTx(context.Context, *commandspb.Transaction, int) (*api.CheckTransactionResponse, error)
	HealthCheck(context.Context) error
	LastBlockHeightAndHash(context.Context) (*api.LastBlockHeightResponse, int, error)
}

NodeForward ...

type Policy added in v0.14.0 

type Policy interface {
	Ask(tx *v1.SubmitTransactionRequest, txID string, receivedAt time.Time) (bool, error)
	Report(tx SentTransaction)
}

func NewAutomaticConsentPolicy added in v0.14.0 

func NewAutomaticConsentPolicy() Policy

func NewExplicitConsentPolicy added in v0.14.0 

func NewExplicitConsentPolicy(ctx context.Context, consentRequests chan ConsentRequest, sentTransactions chan SentTransaction) Policy

type RSAKeys 

type RSAKeys struct {
	Pub  []byte
	Priv []byte
}

func GenerateRSAKeys 

func GenerateRSAKeys() (*RSAKeys, error)

type RSAStore 

type RSAStore interface {
	GetRsaKeys() (*RSAKeys, error)
}

type SentTransaction added in v0.15.0 

type SentTransaction struct {
	TxHash string
	TxID   string
	Tx     *commandspb.Transaction
	Error  error
	SentAt time.Time
}

type Service 

type Service struct {
	*httprouter.Router
	// contains filtered or unexported fields
}

func NewService 

func NewService(log *zap.Logger, net *network.Network, h WalletHandler, a Auth, n NodeForward, policy Policy) (*Service, error)

func (*Service) CheckTx added in v0.15.0 

func (s *Service) CheckTx(token string, w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) CreateWallet 

func (s *Service) CreateWallet(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) GenerateKeyPair 

func (s *Service) GenerateKeyPair(t string, w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) GetNetwork 

func (s *Service) GetNetwork(w http.ResponseWriter, _ *http.Request, _ httprouter.Params)

func (*Service) GetPublicKey 

func (s *Service) GetPublicKey(t string, w http.ResponseWriter, _ *http.Request, ps httprouter.Params)

func (*Service) Health 

func (s *Service) Health(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) ImportWallet 

func (s *Service) ImportWallet(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) ListPublicKeys 

func (s *Service) ListPublicKeys(t string, w http.ResponseWriter, _ *http.Request, _ httprouter.Params)

func (*Service) Login 

func (s *Service) Login(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) Revoke 

func (s *Service) Revoke(t string, w http.ResponseWriter, _ *http.Request, _ httprouter.Params)

func (*Service) SignAny 

func (s *Service) SignAny(t string, w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) SignTx 

func (s *Service) SignTx(token string, w http.ResponseWriter, r *http.Request, p httprouter.Params)

func (*Service) SignTxCommit 

func (s *Service) SignTxCommit(token string, w http.ResponseWriter, r *http.Request, p httprouter.Params)

func (*Service) SignTxSync 

func (s *Service) SignTxSync(token string, w http.ResponseWriter, r *http.Request, p httprouter.Params)

func (*Service) Start 

func (s *Service) Start() error

func (*Service) Stop 

func (s *Service) Stop() error

func (*Service) TaintKey 

func (s *Service) TaintKey(t string, w http.ResponseWriter, r *http.Request, ps httprouter.Params)

func (*Service) UpdateMeta 

func (s *Service) UpdateMeta(t string, w http.ResponseWriter, r *http.Request, ps httprouter.Params)

func (*Service) VerifyAny 

func (s *Service) VerifyAny(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Service) Version 

func (s *Service) Version(w http.ResponseWriter, _ *http.Request, _ httprouter.Params)

type SignAnyRequest 

type SignAnyRequest struct {
	// InputData is the payload to generate a signature from. I should be
	// base 64 encoded.
	InputData string `json:"inputData"`
	// PubKey is used to retrieve the private key to sign the InputDate.
	PubKey string `json:"pubKey"`
	// contains filtered or unexported fields
}

SignAnyRequest describes the request for SignAny.

func ParseSignAnyRequest 

func ParseSignAnyRequest(r *http.Request) (*SignAnyRequest, commands.Errors)

type SignAnyResponse 

type SignAnyResponse struct {
	HexSignature    string `json:"hexSignature"`
	Base64Signature string `json:"base64Signature"`
}

SignAnyResponse describes the response for SignAny.

type Store 

type Store interface {
	RSAKeysExists() (bool, error)
	SaveRSAKeys(*RSAKeys) error
}

type SuccessResponse 

type SuccessResponse struct {
	Success bool `json:"success"`
}

SuccessResponse describes the response to a request that returns a simple true/false answer.

type TaintKeyRequest 

type TaintKeyRequest struct {
	Passphrase string `json:"passphrase"`
}

TaintKeyRequest describes the request for TaintKey.

func ParseTaintKeyRequest 

func ParseTaintKeyRequest(r *http.Request, keyID string) (*TaintKeyRequest, commands.Errors)

type TokenResponse 

type TokenResponse struct {
	Token string `json:"token"`
}

TokenResponse describes the response to a request that returns a token.

type UpdateMetaRequest 

type UpdateMetaRequest struct {
	Passphrase string        `json:"passphrase"`
	Meta       []wallet.Meta `json:"meta"`
}

UpdateMetaRequest describes the request for UpdateMeta.

func ParseUpdateMetaRequest 

func ParseUpdateMetaRequest(r *http.Request, keyID string) (*UpdateMetaRequest, commands.Errors)

type VerifyAnyRequest 

type VerifyAnyRequest struct {
	// InputData is the payload to be verified. It should be base64 encoded.
	InputData string `json:"inputData"`
	// Signature is the signature to check against the InputData. It should be
	// base64 encoded.
	Signature string `json:"signature"`
	// PubKey is the public key used along the signature to check the InputData.
	PubKey string `json:"pubKey"`
	// contains filtered or unexported fields
}

VerifyAnyRequest describes the request for VerifyAny.

func ParseVerifyAnyRequest 

func ParseVerifyAnyRequest(r *http.Request) (*VerifyAnyRequest, commands.Errors)

type VerifyAnyResponse added in v0.9.2 

type VerifyAnyResponse struct {
	Valid bool `json:"success"`
}

VerifyAnyResponse describes the response for VerifyAny.

type VersionResponse 

type VersionResponse struct {
	Version     string `json:"version"`
	VersionHash string `json:"versionHash"`
}

VersionResponse describes the response to a request that returns app version info.

type WalletHandler 

type WalletHandler interface {
	CreateWallet(name, passphrase string) (string, error)
	ImportWallet(name, passphrase, recoveryPhrase string, version uint32) error
	LoginWallet(name, passphrase string) error
	LogoutWallet(name string)
	SecureGenerateKeyPair(name, passphrase string, meta []wallet.Meta) (string, error)
	GetPublicKey(name, pubKey string) (wallet.PublicKey, error)
	ListPublicKeys(name string) ([]wallet.PublicKey, error)
	SignTx(name string, req *walletpb.SubmitTransactionRequest, height uint64) (*commandspb.Transaction, error)
	SignAny(name string, inputData []byte, pubKey string) ([]byte, error)
	VerifyAny(inputData, sig []byte, pubKey string) (bool, error)
	TaintKey(name, pubKey, passphrase string) error
	UpdateMeta(name, pubKey, passphrase string, meta []wallet.Meta) error
}

WalletHandler ...

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
store
v1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.