vault

package module
v1.7.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 2, 2022 License: Apache-2.0 Imports: 7 Imported by: 0

README

go-eth2-wallet-store-vault

Tag License GoDoc Travis CI codecov.io Go Report Card

Hashicorp Vault-based store for the Ethereum 2 wallet.

Table of Contents

Install

go-eth2-wallet-store-vault is a standard Go module which can be installed with:

go get github.com/wealdtech/go-eth2-wallet-store-vault

Usage

In normal operation this module should not be used directly. Instead, it should be configured to be used as part of go-eth2-wallet.

The Vault store has the following options:

  • id: an ID that is used to differentiate multiple stores created by the same account. If this is not configured an empty ID is used
  • passphrase: a key used to encrypt all data written to the store. If this is not configured data is written to the store unencrypted (although wallet- and account-specific private information may be protected by their own passphrases)
Example
package main

import (
	e2wallet "github.com/wealdtech/go-eth2-wallet"
	vault "github.com/Stakedllc/go-eth2-wallet-store-vault"
)

func main() {
    // Set up and use an encrypted store
    store, err := vault.New(vault.WithPassphrase([]byte("my secret")))
    if err != nil {
        panic(err)
    }
    e2wallet.UseStore(store)

    // Set up and use an encrypted store with a non-default vault address
    store, err = vault.New(vault.WithPassphrase([]byte("my secret")), vault.WithVaultAddress("https://my-secret-vault-server"))
    if err != nil {
        panic(err)
    }
    e2wallet.UseStore(store)

    // Set up and use an encrypted store with a different vault role
    store, err = vault.New(vault.WithPassphrase([]byte("my secret")), vault.WithRole("eth2role"))
    if err != nil {
        panic(err)
    }
    e2wallet.UseStore(store)

    // Set up and use an encrypted store with data stored in a different part of vault
    store, err = vault.New(vault.WithPassphrase([]byte("my secret")), vault.WithVaultSubPath("eth-secrets"))
    if err != nil {
        panic(err)
    }
    e2wallet.UseStore(store)
}

Maintainers

Max Bucci: @mbucci.

Contribute

Contributions welcome. Please check out the issues.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(opts ...Option) (wtypes.Store, error)

New creates a new Vault backed store. This takes the following options:

  • region: a string specifying the Amazon S3 region, defaults to "us-east-1", set with WithRegion()
  • id: a byte array specifying an identifying key for the store, defaults to nil, set with WithID()

This expects the access credentials to be in a standard place, e.g. ~/.aws/credentials

Types

type Option 

type Option interface {
	// contains filtered or unexported methods
}

Option gives options to New

func WithPassphrase 

func WithPassphrase(passphrase []byte) Option

WithPassphrase sets the passphrase for the store.

func WithRole 

func WithRole(role string) Option

WithRole sets the role for the store.

func WithVaultAddress 

func WithVaultAddress(vaultAddress string) Option

WithVaultAddress sets the vault address to connect to for the store

func WithVaultSubPath 

func WithVaultSubPath(vaultSubPath string) Option

WithVaultSubPath sets thewallet name for the Store

type Store 

type Store struct {
	// contains filtered or unexported fields
}

Store is the store for the wallet held encrypted on Amazon S3.

func (*Store) Authorize 

func (s *Store) Authorize() error

func (*Store) Location 

func (s *Store) Location() string

Location returns the location of this store.

func (*Store) Name 

func (s *Store) Name() string

Name returns the name of this store.

func (*Store) RetrieveAccount 

func (s *Store) RetrieveAccount(walletID uuid.UUID, accountID uuid.UUID) ([]byte, error)

RetrieveAccount retrieves account-level data. It will fail if it cannot retrieve the data.

func (*Store) RetrieveAccounts 

func (s *Store) RetrieveAccounts(walletID uuid.UUID) <-chan []byte

RetrieveAccounts retrieves all account-level data for a wallet.

func (*Store) RetrieveAccountsIndex 

func (s *Store) RetrieveAccountsIndex(walletID uuid.UUID) ([]byte, error)

RetrieveAccountsIndex retrieves the account index.

func (*Store) RetrieveWallet 

func (s *Store) RetrieveWallet(walletName string) ([]byte, error)

RetrieveWallet retrieves wallet-level data. It will fail if it cannot retrieve the data.

func (*Store) RetrieveWalletByID 

func (s *Store) RetrieveWalletByID(walletID uuid.UUID) ([]byte, error)

RetrieveWalletByID retrieves wallet-level data. It will fail if it cannot retrieve the data.

func (*Store) RetrieveWallets 

func (s *Store) RetrieveWallets() <-chan []byte

RetrieveWallets retrieves wallet-level data for all wallets.

func (*Store) StoreAccount 

func (s *Store) StoreAccount(walletID uuid.UUID, accountID uuid.UUID, data []byte) error

StoreAccount stores an account. It will fail if it cannot store the data. Note this will overwrite an existing account with the same ID. It will not, however, allow multiple accounts with the same name to co-exist in the same wallet.

func (*Store) StoreAccountsIndex 

func (s *Store) StoreAccountsIndex(walletID uuid.UUID, data []byte) error

StoreAccountsIndex stores the account index.

func (*Store) StoreWallet 

func (s *Store) StoreWallet(id uuid.UUID, name string, data []byte) error

StoreWallet stores wallet-level data. It will fail if it cannot store the data. Note that this will overwrite any existing data; it is up to higher-level functions to check for the presence of a wallet with the wallet name and handle clashes accordingly.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.