Merge #157

157: feat: Persist wallet seed on disk r=klochowicz a=klochowicz

The same seed is persisted across multiple runs of the application.

XXX: This seed is not encrypted on disk, and should as such not be used in production.

Co-authored-by: Mariusz Klochowicz <mariusz@klochowicz.com>

Author: bors[bot]

rust/src/seed.rs

@@ -1,3 +1,6 @@
+use std::path::Path;
+
+use anyhow::bail;
 use anyhow::Result;
 use bdk::bitcoin;
 use bdk::bitcoin::util::bip32::ExtendedPrivKey;
@@ -9,47 +12,84 @@ use sha2::Sha256;
 
 #[derive(Clone)]
 pub struct Bip39Seed {
-    pub seed: [u8; 64],
-    pub mnemonic: Mnemonic,
+    mnemonic: Mnemonic,
 }
 
 impl Bip39Seed {
-    pub fn new() -> Result<Bip39Seed> {
+    pub fn new() -> Result<Self> {
         let mut rng = rand::thread_rng();
         let mnemonic = Mnemonic::generate_in_with(&mut rng, Language::English, 12)?;
+        Ok(Self { mnemonic })
+    }
 
+    /// Initialise a [`Seed`] from a path.
+    /// Generates new seed if there was no seed found in the given path
+    pub fn initialize(seed_file: &Path) -> Result<Self> {
+        let seed = if !seed_file.exists() {
+            tracing::info!("No seed found. Generating new seed");
+            let seed = Self::new()?;
+            seed.write_to(seed_file)?;
+            seed
+        } else {
+            Bip39Seed::read_from(seed_file)?
+        };
+        Ok(seed)
+    }
+
+    pub fn seed(&self) -> [u8; 64] {
         // passing an empty string here is the expected argument if the seed should not be
         // additionally password protected (according to https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#from-mnemonic-to-seed)
-        let seed = mnemonic.to_seed_normalized("");
-
-        Ok(Bip39Seed { seed, mnemonic })
+        self.mnemonic.to_seed_normalized("")
     }
 
     pub fn derive_extended_priv_key(&self, network: Network) -> Result<ExtendedPrivKey> {
         let mut ext_priv_key_seed = [0u8; 64];
 
-        Hkdf::<Sha256>::new(None, &self.seed)
+        Hkdf::<Sha256>::new(None, &self.seed())
             .expand(b"BITCOIN_WALLET_SEED", &mut ext_priv_key_seed)
             .expect("array is of correct length");
 
         let ext_priv_key = ExtendedPrivKey::new_master(network, &ext_priv_key_seed)?;
-
         Ok(ext_priv_key)
     }
 
     pub fn get_seed_phrase(&self) -> Vec<String> {
-        let phrase = self
-            .mnemonic
-            .to_string()
-            .split(' ')
-            .map(|word| word.into())
-            .collect();
-        phrase
+        self.mnemonic.word_iter().map(|word| word.into()).collect()
+    }
+
+    // Read the entropy used to generate Mnemonic from disk
+    fn read_from(path: &Path) -> Result<Self> {
+        let bytes = std::fs::read(path)?;
+
+        let seed: Bip39Seed = TryInto::try_into(bytes)
+            .map_err(|_| anyhow::anyhow!("Cannot read the stored entropy"))?;
+        Ok(seed)
+    }
+
+    // Store the entropy used to generate Mnemonic on disk
+    fn write_to(&self, path: &Path) -> Result<()> {
+        if path.exists() {
+            let path = path.display();
+            bail!("Refusing to overwrite file at {path}")
+        }
+        std::fs::write(path, &self.mnemonic.to_entropy())?;
+
+        Ok(())
+    }
+}
+
+impl TryFrom<Vec<u8>> for Bip39Seed {
+    type Error = anyhow::Error;
+    fn try_from(bytes: Vec<u8>) -> Result<Self, Self::Error> {
+        let mnemonic = Mnemonic::from_entropy(&bytes)?;
+        Ok(Bip39Seed { mnemonic })
     }
 }
 
 #[cfg(test)]
 mod tests {
+    use std::env::temp_dir;
+
     use crate::seed::Bip39Seed;
 
     #[test]
@@ -58,4 +98,21 @@ mod tests {
         let phrase = seed.get_seed_phrase();
         assert_eq!(12, phrase.len());
     }
+
+    #[test]
+    fn reinitialised_seed_is_the_same() {
+        let mut path = temp_dir();
+        path.push("seed");
+        let seed_1 = Bip39Seed::initialize(&path).unwrap();
+        let seed_2 = Bip39Seed::initialize(&path).unwrap();
+        assert_eq!(
+            seed_1.mnemonic, seed_2.mnemonic,
+            "Reinitialised wallet should contain the same mnemonic"
+        );
+        assert_eq!(
+            seed_1.seed(),
+            seed_2.seed(),
+            "Seed derived from mnemonic should be the same"
+        );
+    }
 }

rust/src/wallet.rs

@@ -43,14 +43,16 @@ impl From<Network> for bitcoin::Network {
 }
 
 impl Wallet {
-    pub fn new(network: Network) -> Result<Wallet> {
+    pub fn new(network: Network, data_dir: &Path) -> Result<Wallet> {
         let electrum_url = match network {
             Network::Mainnet => MAINNET_ELECTRUM,
             Network::Testnet => TESTNET_ELECTRUM,
             _ => bail!("Only public networks are supported"),
         };
 
-        let seed = Bip39Seed::new()?;
+        let mut path = data_dir.to_owned();
+        path.push("seed");
+        let seed = Bip39Seed::initialize(&path)?;
         let ext_priv_key = seed.derive_extended_priv_key(network.into())?;
 
         let client = Client::new(electrum_url)?;
@@ -91,7 +93,7 @@ fn get_wallet() -> Result<MutexGuard<'static, Wallet>> {
 
 pub fn init_wallet(network: Network, data_dir: &Path) -> Result<()> {
     tracing::debug!(?data_dir, "Wallet will be stored on disk");
-    WALLET.set(Mutex::new(Wallet::new(network)?));
+    WALLET.set(Mutex::new(Wallet::new(network, data_dir)?));
     Ok(())
 }