feat: add secret keys for imported accounts in encrypted wallet file

Author: 0xnullifier

src/app/pages/Welcome.tsx

@@ -42,6 +42,7 @@ const Welcome: FC = () => {
   const [importedWithFile, setImportedWithFile] = useState(false);
   const [isLoading, setIsLoading] = useState(false);
   const [importedWalletAccounts, setImportedWalletAccounts] = useState<WalletAccount[]>([]);
+  const [skForImportedAccounts, setSkForImportedAccounts] = useState<Record<string, string>>({});
   const { registerWallet, importWalletFromClient } = useMidenContext();
   const { trackEvent } = useAnalytics();
   const syncFromBackend = useWalletStore(s => s.syncFromBackend);
@@ -62,7 +63,7 @@ const Welcome: FC = () => {
       } else {
         try {
           console.log('importing wallet from client');
-          await importWalletFromClient(password, seedPhraseFormatted, importedWalletAccounts);
+          await importWalletFromClient(password, seedPhraseFormatted, importedWalletAccounts, skForImportedAccounts);
         } catch (e) {
           console.error(e);
         }
@@ -75,7 +76,8 @@ const Welcome: FC = () => {
     registerWallet,
     onboardingType,
     importWalletFromClient,
-    importedWalletAccounts
+    importedWalletAccounts,
+    skForImportedAccounts
   ]);
 
   const onAction = async (action: OnboardingAction) => {
@@ -100,6 +102,7 @@ const Welcome: FC = () => {
         const seedPhrase = action.payload.split(' ');
         setSeedPhrase(seedPhrase);
         setImportedWalletAccounts(action.walletAccounts);
+        setSkForImportedAccounts(action.skForImportedAccounts);
         setImportedWithFile(true);
         navigate('/#create-password');
         break;

src/lib/miden/back/actions.ts

@@ -76,9 +76,14 @@ export function registerNewWallet(password: string, mnemonic?: string, ownMnemon
   });
 }
 
-export function registerImportedWallet(password: string, mnemonic: string, walletAccounts: WalletAccount[]) {
+export function registerImportedWallet(
+  password: string,
+  mnemonic: string,
+  walletAccounts: WalletAccount[],
+  skForImportedAccounts: Record<string, string>
+) {
   return withInited(async () => {
-    await Vault.spawnFromMidenClient(password, mnemonic, walletAccounts);
+    await Vault.spawnFromMidenClient(password, mnemonic, walletAccounts, skForImportedAccounts);
     await unlock(password);
   });
 }

src/lib/miden/back/main.ts

@@ -39,7 +39,7 @@ async function processRequest(req: WalletRequest, port: Runtime.Port): Promise<W
       await Actions.registerNewWallet(req.password, req.mnemonic, req.ownMnemonic);
       return { type: WalletMessageType.NewWalletResponse };
     case WalletMessageType.ImportFromClientRequest:
-      await Actions.registerImportedWallet(req.password, req.mnemonic, req.walletAccounts);
+      await Actions.registerImportedWallet(req.password, req.mnemonic, req.walletAccounts, req.skForImportedAccounts);
       return { type: WalletMessageType.ImportFromClientResponse };
     case WalletMessageType.UnlockRequest:
       await Actions.unlock(req.password);

src/lib/miden/back/vault.ts

@@ -134,7 +134,12 @@ export class Vault {
     });
   }
 
-  static async spawnFromMidenClient(password: string, mnemonic: string, walletAccounts: WalletAccount[]) {
+  static async spawnFromMidenClient(
+    password: string,
+    mnemonic: string,
+    walletAccounts: WalletAccount[],
+    skForImportedAccounts: Record<string, string>
+  ) {
     return withError('Failed to spawn from miden client', async () => {
       await clearStorage(false);
 
@@ -160,9 +165,18 @@ export class Vault {
           if (!walletAccount) {
             throw new PublicError('Account from Miden Client not found in provided wallet accounts');
           }
-          const walletSeed = deriveClientSeed(walletAccount.type, mnemonic, walletAccount.hdIndex);
-          const secretKey = SecretKey.rpoFalconWithRNG(walletSeed);
-          await midenClient.webClient.addAccountSecretKeyToWebStore(secretKey);
+          if (walletAccount.hdIndex === -1) {
+            const skHex = skForImportedAccounts[walletAccount.publicKey];
+            if (!skHex) {
+              throw new PublicError('Secret key for imported account not found');
+            }
+            const sk = SecretKey.deserialize(new Uint8Array(Buffer.from(skHex, 'hex')));
+            await midenClient.webClient.addAccountSecretKeyToWebStore(sk);
+          } else {
+            const walletSeed = deriveClientSeed(walletAccount.type, mnemonic, walletAccount.hdIndex);
+            const secretKey = SecretKey.rpoFalconWithRNG(walletSeed);
+            await midenClient.webClient.addAccountSecretKeyToWebStore(secretKey);
+          }
         }
       });
 
@@ -348,11 +362,16 @@ export class Vault {
   static async revealPrivateKey(accPublicKey: string, password: string) {
     const passKey = await Vault.toValidPassKey(password);
     return await withError('Failed to reveal private key', async () => {
-      const secretKeyHex = await fetchAndDecryptOneWithLegacyFallBack<string>(
-        accAuthSecretKeyStrgKey(accPublicKey),
-        passKey
-      );
-      return secretKeyHex;
+      try {
+        const secretKeyHex = await fetchAndDecryptOneWithLegacyFallBack<string>(
+          accAuthSecretKeyStrgKey(accPublicKey),
+          passKey
+        );
+        return secretKeyHex;
+      } catch (e) {
+        console.error('Error fetching and decrypting private key:', e);
+        throw e;
+      }
     });
   }
 
@@ -363,12 +382,10 @@ export class Vault {
       const pubKeyWord = secretKey.publicKey().toCommitment();
 
       const pubKeyHex = pubKeyWord.toHex().slice(2); // remove '0x' prefix
-      console.log({ pubKeyHex });
       const publicKey = await withWasmClientLock(async () => {
         const midenClient = await getMidenClient();
         return await midenClient.importPublicAccountFromPrivateKey(secretKey);
       });
-      console.log({ publicKey });
       const newAccount: WalletAccount = {
         publicKey,
         name: getNewAccountName(allAccounts),

src/lib/miden/front/client.ts

@@ -103,8 +103,13 @@ export const [MidenContextProvider, useMidenContext] = constate(() => {
   );
 
   const importWalletFromClient = useCallback(
-    async (password: string, mnemonic: string, walletAccounts: WalletAccount[]) => {
-      await storeImportWalletFromClient(password, mnemonic, walletAccounts);
+    async (
+      password: string,
+      mnemonic: string,
+      walletAccounts: WalletAccount[],
+      skForImportedAccounts: Record<string, string>
+    ) => {
+      await storeImportWalletFromClient(password, mnemonic, walletAccounts, skForImportedAccounts);
     },
     [storeImportWalletFromClient]
   );

src/lib/miden/sdk/miden-client-interface.ts

@@ -149,14 +149,12 @@ export class MidenClientInterface {
   }
 
   async importPublicAccountFromPrivateKey(privateKey: SecretKey): Promise<string> {
-    console.log('Importing public account from private key, secret key:', privateKey);
     const accountBuilder = new AccountBuilder(new Uint8Array(32).fill(0))
       .accountType(AccountType.RegularAccountImmutableCode)
       .storageMode(AccountStorageMode.public())
       .withAuthComponent(AccountComponent.createAuthComponent(privateKey))
       .withBasicWalletComponent();
     const wallet = accountBuilder.build().account;
-    console.log('Importing public account from private key, account id:', wallet.id().toString());
     // add the secret key to the web client's keystore
     await this.webClient.addAccountSecretKeyToWebStore(privateKey);
     // register the new account in the web client
@@ -199,6 +197,15 @@ export class MidenClientInterface {
     return result;
   }
 
+  async getAccountPkcByPublicKey(publicKey: string): Promise<string> {
+    const acc = await this.webClient.getAccount(accountIdStringToSdk(publicKey));
+    if (!acc) {
+      throw new Error('Account not found');
+    }
+    const result = acc.getPublicKeys()[0].toHex();
+    return result.slice(2); // remove 0x prefix
+  }
+
   async importAccountById(accountId: string) {
     const result = await this.webClient.importAccountById(accountIdStringToSdk(accountId));
     return result;

src/lib/shared/types.ts

@@ -503,6 +503,7 @@ export interface ImportFromClientRequest extends WalletMessageBase {
   password: string;
   mnemonic: string;
   walletAccounts: WalletAccount[];
+  skForImportedAccounts: Record<string, string>;
 }
 
 export interface ImportFromClientResponse extends WalletMessageBase {

src/lib/store/index.ts

@@ -93,12 +93,13 @@ export const useWalletStore = create<WalletStore>()(
       // State will be synced via StateUpdated notification
     },
 
-    importWalletFromClient: async (password, mnemonic, walletAccounts) => {
+    importWalletFromClient: async (password, mnemonic, walletAccounts, skForImportedAccounts) => {
       const res = await request({
         type: WalletMessageType.ImportFromClientRequest,
         password,
         mnemonic,
-        walletAccounts
+        walletAccounts,
+        skForImportedAccounts
       });
       assertResponse(res.type === WalletMessageType.ImportFromClientResponse);
     },
@@ -187,12 +188,10 @@ export const useWalletStore = create<WalletStore>()(
     },
 
     importPublicAccountByPrivateKey: async privateKey => {
-      console.log(privateKey);
       const res = await request({
         type: WalletMessageType.ImportAccountRequest,
         privateKey
       });
-      console.log(res);
       assertResponse(res.type === WalletMessageType.ImportAccountResponse);
     },
 

src/lib/store/types.ts

@@ -73,7 +73,12 @@ export interface WalletActions {
 
   // Auth actions
   registerWallet: (password: string, mnemonic?: string, ownMnemonic?: boolean) => Promise<void>;
-  importWalletFromClient: (password: string, mnemonic: string, walletAccounts: WalletAccount[]) => Promise<void>;
+  importWalletFromClient: (
+    password: string,
+    mnemonic: string,
+    walletAccounts: WalletAccount[],
+    skForImportedAccounts: Record<string, string>
+  ) => Promise<void>;
   unlock: (password: string) => Promise<void>;
 
   // Account actions

src/screens/encrypted-file-flow/ExportFileComplete.tsx

@@ -32,7 +32,7 @@ const ExportFileComplete: React.FC<ExportFileCompleteProps> = ({
 }) => {
   const { t } = useTranslation();
   const { midenClient, midenClientLoading } = useMidenClient();
-  const { revealMnemonic, accounts } = useMidenContext();
+  const { revealMnemonic, accounts, revealPrivateKey } = useMidenContext();
   const { fullPage } = useAppEnv();
 
   const getExportFile = useCallback(async () => {
@@ -42,14 +42,22 @@ const ExportFileComplete: React.FC<ExportFileCompleteProps> = ({
     const walletDbDump = await exportDb();
 
     const seedPhrase = await revealMnemonic(walletPassword);
-
+    const secretKeysForImportedAccounts: Record<string, string> = {};
+
+    for (const account of accounts) {
+      if (account.hdIndex === -1) {
+        const pubKey = await midenClient.getAccountPkcByPublicKey(account.publicKey);
+        const sk = await revealPrivateKey(pubKey, walletPassword);
+        secretKeysForImportedAccounts[account.publicKey] = sk;
+      }
+    }
     const filePayload: DecryptedWalletFile = {
       seedPhrase,
       midenClientDbContent: midenClientDbDump,
       walletDbContent: walletDbDump,
-      accounts
+      accounts,
+      secretKeysForImportedAccounts
     };
-
     const salt = generateSalt();
     const passKey = await generateKey(filePassword);
     const derivedKey = await deriveKey(passKey, salt);