identities.js 6.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246
  1. /*
  2. * This file is part of the storage node for the Joystream project.
  3. * Copyright (C) 2019 Joystream Contributors
  4. *
  5. * This program is free software: you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License as published by
  7. * the Free Software Foundation, either version 3 of the License, or
  8. * (at your option) any later version.
  9. *
  10. * This program is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. * GNU General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU General Public License
  16. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  17. */
  18. 'use strict'
  19. const path = require('path')
  20. const fs = require('fs')
  21. const debug = require('debug')('joystream:runtime:identities')
  22. const { Keyring } = require('@polkadot/keyring')
  23. const utilCrypto = require('@polkadot/util-crypto')
  24. /*
  25. * Add identity management to the substrate API.
  26. *
  27. * This loosely groups: accounts, key management, and membership.
  28. */
  29. class IdentitiesApi {
  30. static async create(base, { accountFile, passphrase, canPromptForPassphrase }) {
  31. const ret = new IdentitiesApi()
  32. ret.base = base
  33. await ret.init(accountFile, passphrase, canPromptForPassphrase)
  34. return ret
  35. }
  36. async init(accountFile, passphrase, canPromptForPassphrase) {
  37. debug('Init')
  38. // Creatre keyring
  39. this.keyring = new Keyring()
  40. this.canPromptForPassphrase = canPromptForPassphrase || false
  41. // Load account file, if possible.
  42. try {
  43. this.key = await this.loadUnlock(accountFile, passphrase)
  44. } catch (err) {
  45. debug('Error loading account file:', err.message)
  46. }
  47. }
  48. /*
  49. * Load a key file and unlock it if necessary.
  50. */
  51. async loadUnlock(accountFile, passphrase) {
  52. const fullname = path.resolve(accountFile)
  53. debug('Initializing key from', fullname)
  54. const key = this.keyring.addFromJson(require(fullname))
  55. await this.tryUnlock(key, passphrase)
  56. debug('Successfully initialized with address', key.address)
  57. return key
  58. }
  59. /*
  60. * Try to unlock a key if it isn't already unlocked.
  61. * passphrase should be supplied as argument.
  62. */
  63. async tryUnlock(key, passphrase) {
  64. if (!key.isLocked) {
  65. debug('Key is not locked, not attempting to unlock')
  66. return
  67. }
  68. // First try with an empty passphrase - for convenience
  69. try {
  70. key.decodePkcs8('')
  71. if (passphrase) {
  72. debug('Key was not encrypted, supplied passphrase was ignored')
  73. }
  74. return
  75. } catch (err) {
  76. // pass
  77. }
  78. // Then with supplied passphrase
  79. try {
  80. debug('Decrypting with supplied passphrase')
  81. key.decodePkcs8(passphrase)
  82. return
  83. } catch (err) {
  84. // pass
  85. }
  86. // If that didn't work, ask for a passphrase if appropriate
  87. if (this.canPromptForPassphrase) {
  88. passphrase = await this.askForPassphrase(key.address)
  89. key.decodePkcs8(passphrase)
  90. return
  91. }
  92. throw new Error('invalid passphrase supplied')
  93. }
  94. /*
  95. * Ask for a passphrase
  96. */
  97. /* eslint-disable class-methods-use-this */
  98. // Disable lint because the method used by a mocking library.
  99. askForPassphrase(address) {
  100. // Query for passphrase
  101. const prompt = require('password-prompt')
  102. return prompt(`Enter passphrase for ${address}: `, { required: false })
  103. }
  104. /*
  105. * Return true if the account is a root account of a member
  106. */
  107. async isMember(accountId) {
  108. const memberIds = await this.memberIdsOf(accountId) // return array of member ids
  109. return memberIds.length > 0 // true if at least one member id exists for the acccount
  110. }
  111. /*
  112. * Return all the member IDs of an account by the root account id
  113. */
  114. async memberIdsOf(accountId) {
  115. const decoded = this.keyring.decodeAddress(accountId)
  116. return this.base.api.query.members.memberIdsByRootAccountId(decoded)
  117. }
  118. /*
  119. * Return all the member IDs of an account by the controller account id
  120. */
  121. async memberIdsOfController(accountId) {
  122. const decoded = this.keyring.decodeAddress(accountId)
  123. return this.base.api.query.members.memberIdsByControllerAccountId(decoded)
  124. }
  125. /*
  126. * Return the first member ID of an account, or undefined if not a member root account.
  127. */
  128. async firstMemberIdOf(accountId) {
  129. const decoded = this.keyring.decodeAddress(accountId)
  130. const ids = await this.base.api.query.members.memberIdsByRootAccountId(decoded)
  131. return ids[0]
  132. }
  133. /*
  134. * Export a key pair to JSON. Will ask for a passphrase.
  135. */
  136. async exportKeyPair(accountId) {
  137. const passphrase = await this.askForPassphrase(accountId)
  138. // Produce JSON output
  139. return this.keyring.toJson(accountId, passphrase)
  140. }
  141. /*
  142. * Export a key pair and write it to a JSON file with the account ID as the
  143. * name.
  144. */
  145. async writeKeyPairExport(accountId, prefix) {
  146. // Generate JSON
  147. const data = await this.exportKeyPair(accountId)
  148. // Write JSON
  149. let filename = `${data.address}.json`
  150. if (prefix) {
  151. const path = require('path')
  152. filename = path.resolve(prefix, filename)
  153. }
  154. fs.writeFileSync(filename, JSON.stringify(data), {
  155. encoding: 'utf8',
  156. mode: 0o600,
  157. })
  158. return filename
  159. }
  160. /*
  161. * Register account id with userInfo as a new member
  162. * using default policy 0, returns new member id
  163. */
  164. async registerMember(accountId, userInfo) {
  165. const tx = this.base.api.tx.members.buyMembership(0, userInfo.handle, userInfo.avatarUri, userInfo.about)
  166. return this.base.signAndSendThenGetEventResult(accountId, tx, {
  167. module: 'members',
  168. event: 'MemberRegistered',
  169. type: 'MemberId',
  170. index: 0,
  171. })
  172. }
  173. /*
  174. * Injects a keypair and sets it as the default identity
  175. */
  176. useKeyPair(keyPair) {
  177. this.key = this.keyring.addPair(keyPair)
  178. }
  179. /*
  180. * Create a new role key. If no name is given,
  181. * default to 'storage'.
  182. */
  183. async createNewRoleKey(name) {
  184. name = name || 'storage-provider'
  185. // Generate new key pair
  186. const keyPair = utilCrypto.naclKeypairFromRandom()
  187. // Encode to an address.
  188. const addr = this.keyring.encodeAddress(keyPair.publicKey)
  189. debug('Generated new key pair with address', addr)
  190. // Add to key wring. We set the meta to identify the account as
  191. // a role key.
  192. const meta = {
  193. name: `${name} role account`,
  194. }
  195. const createPair = require('@polkadot/keyring/pair').default
  196. const pair = createPair('ed25519', keyPair, meta)
  197. this.keyring.addPair(pair)
  198. return pair
  199. }
  200. getSudoAccount() {
  201. return this.base.api.query.sudo.key()
  202. }
  203. }
  204. module.exports = {
  205. IdentitiesApi,
  206. }