electrum

Electrum Bitcoin wallet
git clone https://git.parazyd.org/electrum
Log | Files | Refs | Submodules
commit 9350709f13bc7e3d79b8e0f1515a3fdba4f2cbff
parent ff454ab29dd374fb2998ef748ab3969e13e0f172
Author: SomberNight <somber.night@protonmail.com>
Date:   Mon,  3 Dec 2018 13:02:14 +0100

wallet creation: take care not to write plaintext keys to disk

when creating imported privkey wallets the privkeys
were written to disk unencrypted first, then overwritten with ciphertext

Diffstat:

Melectrum/base_wizard.py | 3++-


Melectrum/commands.py | 3++-


Melectrum/wallet.py | 6+++---


3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/electrum/base_wizard.py b/electrum/base_wizard.py
@@ -200,7 +200,7 @@ class BaseWizard(object):
             self.storage.put('keystore', k.dump())
             w = Imported_Wallet(self.storage)
             keys = keystore.get_private_keys(text)
-            good_inputs, bad_inputs = w.import_private_keys(keys, None)
+            good_inputs, bad_inputs = w.import_private_keys(keys, None, write_to_disk=False)
             self.keystores.append(w.keystore)
         else:
             return self.terminate()
@@ -510,6 +510,7 @@ class BaseWizard(object):
 
     def on_password(self, password, *, encrypt_storage,
                     storage_enc_version=STO_EV_USER_PW, encrypt_keystore):
+        assert not self.storage.file_exists(), "file was created too soon! plaintext keys might have been written to disk"
         self.storage.set_keystore_encryption(bool(password) and encrypt_keystore)
         if encrypt_storage:
             self.storage.set_password(password, enc_version=storage_enc_version)
diff --git a/electrum/commands.py b/electrum/commands.py
@@ -176,7 +176,7 @@ class Commands:
             storage.put('keystore', k.dump())
             wallet = Imported_Wallet(storage)
             keys = keystore.get_private_keys(text)
-            good_inputs, bad_inputs = wallet.import_private_keys(keys, None)
+            good_inputs, bad_inputs = wallet.import_private_keys(keys, None, write_to_disk=False)
             # FIXME tell user about bad_inputs
             if not good_inputs:
                 raise Exception("None of the given privkeys can be imported")
@@ -191,6 +191,7 @@ class Commands:
             storage.put('wallet_type', 'standard')
             wallet = Wallet(storage)
 
+        assert not storage.file_exists(), "file was created too soon! plaintext keys might have been written to disk"
         wallet.update_password(old_pw=None, new_pw=password, encrypt_storage=encrypt_file)
         wallet.synchronize()
 
diff --git a/electrum/wallet.py b/electrum/wallet.py
@@ -1379,8 +1379,8 @@ class Imported_Wallet(Simple_Wallet):
     def get_public_key(self, address):
         return self.addresses[address].get('pubkey')
 
-    def import_private_keys(self, keys: List[str], password: Optional[str]) -> Tuple[List[str],
-                                                                                     List[Tuple[str, str]]]:
+    def import_private_keys(self, keys: List[str], password: Optional[str],
+                            write_to_disk=True) -> Tuple[List[str], List[Tuple[str, str]]]:
         good_addr = []  # type: List[str]
         bad_keys = []  # type: List[Tuple[str, str]]
         for key in keys:
@@ -1398,7 +1398,7 @@ class Imported_Wallet(Simple_Wallet):
             self.add_address(addr)
         self.save_keystore()
         self.save_addresses()
-        self.save_transactions(write=True)
+        self.save_transactions(write=write_to_disk)
         return good_addr, bad_keys
 
     def import_private_key(self, key: str, password: Optional[str]) -> str: