Public node with accounts and signing in Frontend

[maciejhirsz]

Disclaimer: The PR includes a copy of the dictionary for the frontend, hence the crazy diff. It's not that big.

Start parity with --public-node (suggestions for a better flag open):

• Disables account managing RPCs.
• UI account management is replicated in frontend. Accounts are stored in local storage in keythereum dump format.
• Creating accounts, recovering accounts from phrases and signing transactions all happens in the browser.

Some concerns and general notes:

• Generating keys in pure JS tends to be slow, and although there are avenues for optimization open there, a solution that re-uses Rust codebase via wasm or asm.js could potentially be better (less code to maintain). For the most part the UX feels fine as-is, although that's on a reasonable CPU, wouldn't try it on a phone.
• UI currently does a lot of requests, which might be both noticeable over the wire and reduce the amount of traffic the node can handle. Throttling things would be nice.
• Missing features, e.g. vaults, should either be hidden or implemented, although there seems to be little point to vaults in local storage?

[rphmeier]

While throttling the amount of requests the UI can make to the web node is definitely important, we should also be able to throttle the amount (and intensity) of RPC requests in general. It's fair to assume that any publicly-available RPC will be pummeled mercilessly sometimes by malicious actors.

[tomusdrw]

Looks good! I love the way you handled unsupported requests with AccountProvider, very clean!

Most important issue is that only a whitelist of APIs should be enabled, listed them in comment. Not sure how well GUI will work without those APIs.

[tomusdrw]

I think UI code uses store library exactly for that.

[tomusdrw]

=== null? Should be caught by linter anyway.

[maciejhirsz]

I tend to use == null as an existence check, since the only values it can coerce to are null and undefined. if (!account) would also work. Is there a specific way to catch existence of a value that fits the code style?

[tomusdrw]

I think if (!account) { is used everywhere.

[tomusdrw]

Is there a guarantee that this._last will be lowercased? I think it would be safer to do: address === this._last.toLowerCase()

[maciejhirsz]

It should be guaranteed to be lowercase as any inputs where address is passed are forced to lowercase before anything is done with it. That said, I'll add a setter to make it clearer it's an expected behavior.

[tomusdrw]

_.debounce?

[tomusdrw]

Can we push the dictionary as a separate library (JS and Rust?) It's already duplicated in native-signerand parity.
Will prepare a repo.

[tomusdrw]

Why is it not part of the instance? Or at least static fields if we want to share it between instances.

[tomusdrw]

What if nodeKind is changed during lifetime of the UI (e.g. Parity being restarted without closing tab window)?

[tomusdrw]

I tried to use helpers::errors::codes::UNSUPPORTED_REQUEST for such stuff in the past, might be good to stay consistent with the error codes.

[tomusdrw]

That's pretty clever solution! :) Loving it 👍

[tomusdrw]

Public node should have only subset of APIs enabled:
eth,net,parity,rpc,web3

Some of the disabled APIs are already useless because AccountProvider is missing, but stuff like parity_stopNetwork should also be disabled.

[maciejhirsz]

Resolved now: https://github.com/paritytech/parity/blob/fc31fdf3041c8b013b6e0a6fd794ff5378e935b0/parity/configuration.rs#L724-L731

[tomusdrw]

Just a grumble regarding nodeKind being changed during the lifetime of a website.

[gavofyork]

tests failing.

[maciejhirsz]

Yeah, not sure what's up with the tests:

ERROR: Job failed (system failure): Error response from daemon: invalid header field value "oci runtime error: container_linux.go:247: starting container process caused \"process_linux.go:258: applying cgroup configuration for process caused \\\"failed to write 15099 to cgroup.procs: write /sys/fs/cgroup/cpu,cpuacct/docker/8aa02970dbeed05350837980f150e91c801cdfde378419435f2ece4eb1b7af21/cgroup.procs: invalid argument\\\"\"\n"

@tomusdrw I talked about this with Jaco, will bundle it with network change in the FE, which triggers a full reload. UX shouldn't really be an issue as that's pretty far from standard behavior.