Merge pull request #119 from skalenetwork/bug/SKALE-2844-backup-key

Bug/skale 2844 backup key
skalenetwork · Jul 2, 2020 · 47a2b90 · 47a2b90
2 parents 8f8749a + a852dff
commit 47a2b90
Show file tree

Hide file tree

Showing 9 changed files with 50 additions and 15 deletions.
diff --git a/LevelDB.cpp b/LevelDB.cpp
@@ -53,14 +53,15 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) {
         throw SGXException(NULL_DATABASE, "Null db");
     }
 
-    auto status = db->Get(readOptions, _key, &*result);
+    spdlog::info("key to read from db: {}",_key );
 
-    spdlog::debug("key to read from db: {}",_key );
+    auto status = db->Get(readOptions, _key, &*result);
 
     throwExceptionOnError(status);
 
-    if (status.IsNotFound())
+    if (status.IsNotFound()) {
         return nullptr;
+    }
 
     return result;
 }

diff --git a/SEKManager.cpp b/SEKManager.cpp
@@ -26,6 +26,7 @@
 #include "BLSCrypto.h"
 #include "LevelDB.h"
 
+#include <fstream>
 #include <iostream>
 #include <algorithm>
 
@@ -130,8 +131,13 @@ void gen_SEK(){
 
   carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
 
-  cout << "ATTENTION! THIS IS YOUR KEY FOR BACK UP. PLEASE COPY IT TO THE SAFE PLACE" << endl;
-  cout << "YOUR KEY IS " << SEK << endl;
+  std::ofstream sek_file("backup_key.txt");
+  sek_file.clear();
+
+  cout << "ATTENTION! YOUR BACKUP KEY WILL BE WRITTEN INTO backup_key.txt.\n" <<
+          "PLEASE COPY IT TO THE SAFE PLACE AND THEN DELETE THE FILE MANUALLY BY RUNNING THE FOLLOWING COMMAND:\n" <<
+          "`sudo apt-get install secure-delete && srm -vz backup_key.txt`" << endl;
+  sek_file << SEK;
 
   if (!autoconfirm) {
     std::string confirm_str = "I confirm";

diff --git a/SGXWalletServer.cpp b/SGXWalletServer.cpp
@@ -667,14 +667,18 @@ Json::Value SGXWalletServer::deleteBlsKeyImpl(const std::string& name) {
     result["deleted"] = false;
     try {
         if (!checkName(name, "BLS_KEY")) {
-            throw SGXException(INVALID_BLS_NAME, "Invalid BLSKey name");
+            throw SGXException(INVALID_BLS_NAME, "Invalid BLSKey name format");
         }
-        std::shared_ptr <std::string> bls_ptr = LevelDB::getLevelDb()->readString(name);
+        std::string key = "BLSKEYSHARE:" + name;
+        std::shared_ptr <std::string> bls_ptr = LevelDB::getLevelDb()->readString(key);
 
         if (bls_ptr != nullptr) {
             result["deleted"] = true;
             return result;
-        }
+        } else {
+            std::string error_msg = "BLS key with such name not found: " + name;
+            throw SGXException(INVALID_BLS_NAME, error_msg.c_str());
+          }
         LevelDB::getLevelDb()->deleteKey(name);
     } HANDLE_SGX_EXCEPTION(result)
     return result;

diff --git a/TestUtils.cpp b/TestUtils.cpp
@@ -424,4 +424,4 @@ void TestUtils::doDKG(StubClient &c, int n, int t,
         cerr << i << endl;
 
 
-}
+}
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.52.0
+1.53.0
diff --git a/docs/backup-procedure.md b/docs/backup-procedure.md
@@ -4,6 +4,11 @@
 
 When SGXWallet is initialized, the server will print the backup key. 
 **This key must be securely recorded and stored.**
+Be sure to store this key in a safe place, then securely remove it with the following command:
+
+```bash
+sudo apt-get install secure-delete && srm -vz backup_key.txt
+```
 
 Master-Slave replication is recommended to support the SGXWallet backup strategy. Below are general instructions for a basic backup and recovery process.
 

diff --git a/secure_enclave/DKGUtils.cpp b/secure_enclave/DKGUtils.cpp
@@ -57,8 +57,7 @@ string stringFromFr(libff::alt_bn128_Fr& _el) {
     return string(tmp);
 }
 
-template<class T>
-string ConvertToString(T field_elem, int base = 10) {
+template<class T> string ConvertToString(T field_elem, int base = 10) {
   mpz_t t;
   mpz_init(t);
 

diff --git a/testw.cpp b/testw.cpp
@@ -573,11 +573,29 @@ TEST_CASE_METHOD(TestFixture, "DKG_BLS test", "[dkg-bls]") {
     dkgID = TestUtils::randGen();
 
     TestUtils::doDKG(c, 16, 5, ecdsaKeyNames, blsKeyNames, schainID, dkgID);
+}
 
-    for (const auto& name : blsKeyNames) {
-      REQUIRE(c.deleteBlsKey(name)["deleted"] == true);
-    }
+TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") {
+    HttpClient client(RPC_ENDPOINT);
+    StubClient c(client, JSONRPC_CLIENT_V2);
+    std::string name = "BLS_KEY:SCHAIN_ID:123456789:NODE_ID:0:DKG_ID:0";
+    libff::alt_bn128_Fr key = libff::alt_bn128_Fr("6507625568967977077291849236396320012317305261598035438182864059942098934847");
+    std::string key_str = TestUtils::stringFromFr(key);
+    c.importBLSKeyShare(key_str, name, 1, 2, 1);
+
+    REQUIRE(c.deleteBlsKey(name)["deleted"] == true);
+}
+
+TEST_CASE_METHOD(TestFixture, "Backup Key", "[backup-key]") {
+    HttpClient client(RPC_ENDPOINT);
+    StubClient c(client, JSONRPC_CLIENT_V2);
+    std::ifstream sek_file("backup_key.txt");
+    REQUIRE(sek_file.good());
+
+    std::string sek;
+    sek_file >> sek;
 
+    REQUIRE(sek.size() == 32);
 }
 
 TEST_CASE_METHOD(TestFixture, "Get ServerStatus", "[get-server-status]") {

diff --git a/testw.py b/testw.py
@@ -32,6 +32,8 @@
 testList = [ "[cert-sign]",
             "[get-server-status]",
             "[get-server-version]",
+            "[backup-key]",
+            "[delete-bls-key]",
             "[ecdsa-key-gen]",
             "[ecdsa-aes-key-gen]",
             "[ecdsa-key-sig-gen]",