feat: secp256k1 keys (#2499)

Implements SDK-595. In line with quill's preferred format, this changes the default identity creation command to use secp256k1 keypairs instead of ed25519 keypairs. Other than general bitcoin friendliness, this enables using bip39 seed phrases which allows for paper backups of the identity pem.
dfinity · Sep 2, 2022 · 4f10e12 · 4f10e12
1 parent 710e931
commit 4f10e12
Show file tree

Hide file tree

Showing 13 changed files with 265 additions and 83 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,10 @@
 
 ## DFX
 
+### feat: generate secp256k1 keys by default
+
+When creating a new identity with `dfx identity new`, whereas previously it would have generated an Ed25519 key, it now generates a secp256k1 key. This is to enable users to write down a BIP39-style seed phrase, to recover their key in case of emergency, which will be printed when the key is generated and can be used with a new `--seed-phrase` flag in `dfx identity import`. `dfx identity import` is however still capable of importing an Ed25519 key.
+
 ### chore: update Candid UI canister with commit 528a4b04807904899f67b919a88597656e0cd6fa
 
 * Allow passing did files larger than 2KB.

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/e2e/assets/ed25519/identity.pem b/e2e/assets/ed25519/identity.pem
@@ -0,0 +1,4 @@
+-----BEGIN PRIVATE KEY-----
+MFMCAQEwBQYDK2VwBCIEIODVjQrIvbt3PO3FPDKCZs2FarAbsRrLuiQZ+NBslV9U
+oSMDIQDVkl2stdaeyBDvfb0t4qy9vhsv6xLl1v7p7i0NO1+9pw==
+-----END PRIVATE KEY-----
diff --git a/e2e/tests-dfx/ed25519.bash b/e2e/tests-dfx/ed25519.bash
@@ -0,0 +1,29 @@
+#!/usr/bin/env bats
+
+load ../utils/_
+
+setup() {
+    standard_setup
+}
+
+teardown() {
+    dfx_stop
+
+    standard_teardown
+}
+
+@test "can call a canister using an ed25519 identity" {
+    install_asset ed25519
+    assert_command dfx identity import --disable-encryption ed25519 identity.pem
+    dfx_new # This installs replica and other binaries
+    dfx identity use ed25519
+    install_asset whoami
+    dfx_start
+    dfx canister create whoami
+    dfx build
+    dfx canister install whoami
+    assert_command dfx canister call whoami whoami
+    assert_eq '(principal "2nor3-keehi-duuup-d7jcn-onggn-3atzm-gejtl-5tlzn-k4g6c-nnbf7-7qe")'
+    assert_command dfx identity get-principal
+    assert_eq "2nor3-keehi-duuup-d7jcn-onggn-3atzm-gejtl-5tlzn-k4g6c-nnbf7-7qe"
+}
diff --git a/e2e/tests-dfx/identity_command.bash b/e2e/tests-dfx/identity_command.bash
@@ -76,7 +76,7 @@ frank'
     assert_command dfx identity new --disable-encryption alice
     assert_match 'Created identity: "alice".' "$stderr"
     assert_command head "$DFX_CONFIG_ROOT/.config/dfx/identity/alice/identity.pem"
-    assert_match "BEGIN PRIVATE KEY"
+    assert_match "BEGIN EC PRIVATE KEY"
 
     # does not change the default identity
     assert_command dfx identity whoami
@@ -129,7 +129,7 @@ frank'
     assert_command dfx identity new --disable-encryption alice
 
     assert_command head "$DFX_CONFIG_ROOT/.config/dfx/identity/alice/identity.pem"
-    assert_match "BEGIN PRIVATE KEY"
+    assert_match "BEGIN EC PRIVATE KEY"
     assert_command dfx identity list
     assert_match \
 'alice
@@ -168,7 +168,7 @@ default'
     assert_command_fail dfx identity remove alice
 
     assert_command head "$DFX_CONFIG_ROOT/.config/dfx/identity/alice/identity.pem"
-    assert_match "BEGIN PRIVATE KEY"
+    assert_match "BEGIN EC PRIVATE KEY"
     assert_command dfx identity list
     assert_match \
 'alice
@@ -211,7 +211,7 @@ default'
 anonymous
 default'
     assert_command head "$DFX_CONFIG_ROOT/.config/dfx/identity/alice/identity.pem"
-    assert_match "BEGIN PRIVATE KEY"
+    assert_match "BEGIN EC PRIVATE KEY"
     x=$(cat "$DFX_CONFIG_ROOT/.config/dfx/identity/alice/identity.pem")
     local key="$x"
 
@@ -225,7 +225,7 @@ bob
 default'
     assert_command cat "$DFX_CONFIG_ROOT/.config/dfx/identity/bob/identity.pem"
     assert_eq "$key" "$(cat "$DFX_CONFIG_ROOT/.config/dfx/identity/bob/identity.pem")"
-    assert_match "BEGIN PRIVATE KEY"
+    assert_match "BEGIN EC PRIVATE KEY"
     assert_command_fail cat "$DFX_CONFIG_ROOT/.config/dfx/identity/alice/identity.pem"
 }
 
@@ -236,7 +236,7 @@ default'
     assert_command dfx identity list
     assert_match 'bob'
     assert_command head "$DFX_CONFIG_ROOT/.config/dfx/identity/bob/identity.pem"
-    assert_match "BEGIN PRIVATE KEY"
+    assert_match "BEGIN EC PRIVATE KEY"
 
     assert_command dfx identity whoami
     assert_eq 'bob'
@@ -262,7 +262,7 @@ default'
     assert_eq 'charlie'
 
     assert_command head "$DFX_CONFIG_ROOT/.config/dfx/identity/charlie/identity.pem"
-    assert_match "BEGIN PRIVATE KEY"
+    assert_match "BEGIN EC PRIVATE KEY"
     assert_command_fail cat "$DFX_CONFIG_ROOT/.config/dfx/identity/alice/identity.pem"
 }
 
@@ -427,7 +427,7 @@ default'
     echo -n 1 >> bob.pem
     tail -n 3 alice.pem > bob.pem
     assert_command_fail dfx identity import --disable-encryption bob bob.pem
-    assert_match 'Invalid Ed25519 private key in PEM file' "$stderr"
+    assert_match 'Failed to validate PEM content' "$stderr"
 }
 
 @test "identity: can import an EC key without an EC PARAMETERS section (as quill generate makes)" {
@@ -452,3 +452,21 @@ XXX
     assert_file_exists export.pem
     assert_command dfx identity import --disable-encryption bob export.pem
 }
+
+@test "identity: can import a seed phrase" {
+    reg="seed phrase for identity 'alice': ([a-z ]+)"
+    assert_command dfx identity new --disable-encryption alice
+    [[ $stderr =~ $reg ]]
+    echo "${BASH_REMATCH[1]}" >seed.txt
+    principal=$(dfx identity get-principal --identity alice)
+    assert_command dfx identity import alice2 --seed-file seed.txt --disable-encryption
+    assert_command dfx identity get-principal --identity alice2
+    assert_eq "$principal"
+}
+
+@test "identity: consistently imports a known seed phrase" {
+    echo "hollow damage this yard journey anchor tool fat action school cash ridge oval beef tribe magnet apology cabbage leisure group sign around object exact">seed.txt
+    assert_command dfx identity import alice --seed-file seed.txt --disable-encryption
+    assert_command dfx identity get-principal --identity alice
+    assert_eq "zs7ty-uv4vo-rvgkk-srfjo-hjaxr-w55wx-ybo5x-qx7k3-noknf-wzwe5-pqe"
+}
diff --git a/e2e/tests-dfx/secp256k1.bash b/e2e/tests-dfx/secp256k1.bash
diff --git a/src/dfx/Cargo.toml b/src/dfx/Cargo.toml
@@ -23,6 +23,7 @@ anyhow = "1.0.56"
 argon2 = "0.4.0"
 atty = "0.2.13"
 base64 = "0.13.0"
+bip32 = "0.4.0"
 byte-unit = { version = "4.0.14", features = ["serde"] }
 candid = { version = "0.7.15", features = [ "random" ] }
 clap = { version = "3.1.6", features = [ "derive" ] }
@@ -45,6 +46,7 @@ ic-asset = { version = "0.20.0", path = "../canisters/frontend/ic-asset" }
 ic-wasm = { version = "0.1.3", default-features = false, features = ["optimize"]}
 indicatif = "0.16.0"
 itertools = "0.10.3"
+k256 = { version = "0.11.4", features = ["pem"] }
 lazy_static = "1.4.0"
 mime = "0.3.16"
 mime_guess = "2.0.4"
@@ -75,6 +77,7 @@ tempfile = "3.3.0"
 term = "0.7.0"
 thiserror = "1.0.20"
 time = { version = "0.3.9", features = ["serde", "macros", "serde-human-readable"] }
+tiny-bip39 = "1.0.0"
 tokio = { version = "1.17.0", features = [ "fs" ] }
 url = "2.1.0"
 walkdir = "2.2.9"