-
Notifications
You must be signed in to change notification settings - Fork 20.4k
Accounts key storage specification
This is an attempt to compile a single, written specification from the multiple sources which have so far been used for accounts / key storage specs:
- Skype calls
- Skype chats
- Email conversations
- Github issues
- Github pull request comments
- Github commits
- Lively in-person discussions in the Amsterdam office.
- Several past instances of the Amsterdam office whiteboard contents.
Up until Ethereum PoC 8, the Go client has used a single, default key in plaintext on disk for use as wallet and for signing all txs. We want to extend this to have a more generic key storage supporting multiple keys. We also want an "accounts" abstraction over these keys where an account corresponds to a key, and a user can have multiple accounts and be able to send / receive to any of them.
The goal of this is to support better wallet / account functionality both in Mist as well as in DAPPs.
The key storage must support:
- Generation of new keys
- Deletion of keys.
- Multiple, uniquely identifiable keys.
- Password protection of keys.
- Persistence of keys (e.g. on disk)
- Export & Import of keys.
- Import of pre-sale keys (generated by https://github.com/ethereum/pyethsaletool) NOTE: this is a different import functionality than general import (6)
- Proper use of secure cryptography for key generation, password protection, key persistence and export format of keys.
- Mechanism for Backing the keys up – maybe automatically
The account manager must support:
- Account creation & deletion
- Multiple, unique accounts.
- Persistence of accounts (e.g. on disk)
- An account is mapped to a single key.
- The account is identifiable by some public, non-sensitive data. E.g. the Ethereum address of a EC keypair can be used as account identifier / address.
The Mist UI must support:
- Creation of a new account.
- Display a list of all available accounts (addresses)
- Copy-paste of account addresses to easily use when receiving funds.
- Choosing one of the available accounts when sending a tx.
- Typing password when accessing one of the hot wallet keys
- Showing the possible ways to temporarily input wallet keys when needed
The RPC API must support:
- The list of accounts is exposed through the eth_accounts API: https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_accounts
- Using any of the available accounts as from/sender with the eth_transact API: https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_transact (NOTE: the current API definition on that wiki page does not include a from/sender field!)
TODO: