feat: change master password (#2007)

* feat(db): migration framework This introduces a framework for tracking a database's version and migrating from one version to the next when the database schema needs to be modified. The migrations consist of an array of methods that each are responsible for upgrading from a particular version, and they are run in sequence when we detect that the current database version is lower than the latest version. * feat(db): migration to db v1 * refactor: cryptoUtils * test: cryptoUtils * feat: change master password This adds the ability to change the master password of an existing xud node. Changing the password re-encrypts the node key on disk and queues password changes for all lnd wallets. Lnd does not currently offer the ability to change the password of an unlocked, running instance. Instead lnd can only change its password right after being started while it is still locked. Xud therefore saves the old password for each lnd wallet to the xud database and encrypts the old password using the new passwords. On subsequent unlocks of xud, when we go to unlock lnd wallets we first check whether we have any old passwords in the database corresponding to any lnd wallets. If we do, we decrypt the old password and change the password for lnd, which in turn will unlock lnd. Closes #1981.
ExchangeUnion · Nov 30, 2020 · 7ecdd7e · 7ecdd7e
1 parent 22c474a
commit 7ecdd7e
Show file tree

Hide file tree

Showing 32 changed files with 1,375 additions and 481 deletions.
diff --git a/docs/api.md b/docs/api.md
diff --git a/lib/Xud.ts b/lib/Xud.ts
@@ -119,16 +119,16 @@ class Xud extends EventEmitter {
       const nodeKeyPath = NodeKey.getPath(this.config.xudir, this.config.instanceid);
       const nodeKeyExists = await fs.access(nodeKeyPath).then(() => true).catch(() => false);
 
-      this.swapClientManager = new SwapClientManager(this.config, loggers, this.unitConverter);
-      await this.swapClientManager.init(this.db.models);
+      this.swapClientManager = new SwapClientManager(this.config, loggers, this.unitConverter, this.db.models);
+      await this.swapClientManager.init();
 
       let nodeKey: NodeKey | undefined;
       if (this.config.noencrypt) {
         if (nodeKeyExists) {
           nodeKey = await NodeKey.fromFile(nodeKeyPath);
         } else {
-          nodeKey = await NodeKey.generate();
-          await nodeKey.toFile(nodeKeyPath);
+          nodeKey = await NodeKey.generate(nodeKeyPath);
+          await nodeKey.toFile();
         }
 
         // we need to initialize connext every time xud starts, even in noencrypt mode

diff --git a/lib/cli/command.ts b/lib/cli/command.ts
@@ -99,16 +99,16 @@ export const callback = (argv: Arguments, formatOutput?: Function, displayJson?:
       }
     } else {
       const responseObj = response.toObject();
-      if (Object.keys(responseObj).length === 0) {
-        console.log('success');
-      } else {
-        if (!argv.json && formatOutput) {
-          formatOutput(responseObj, argv);
+      if (argv.json || !formatOutput) {
+        if (Object.keys(responseObj).length === 0) {
+          console.log('success');
         } else {
           displayJson
-            ? displayJson(responseObj, argv)
-            : console.log(JSON.stringify(responseObj, undefined, 2));
+          ? displayJson(responseObj, argv)
+          : console.log(JSON.stringify(responseObj, undefined, 2));
         }
+      } else {
+        formatOutput(responseObj, argv);
       }
     }
   };

diff --git a/lib/cli/commands/changepass.ts b/lib/cli/commands/changepass.ts
@@ -0,0 +1,51 @@
+import readline from 'readline';
+import { Arguments } from 'yargs';
+import { ChangePasswordRequest } from '../../proto/xudrpc_pb';
+import { callback, loadXudClient } from '../command';
+
+export const command = 'changepass';
+
+export const describe = 'change the password for an existing xud instance';
+
+export const builder = {};
+
+const formatOutput = () => {
+  console.log('The master xud password was succesfully changed.');
+  console.log('Passwords for lnd wallets will be changed the next time xud is restarted and unlocked.');
+};
+
+export const handler = (argv: Arguments<any>) => {
+  const rl = readline.createInterface({
+    input: process.stdin,
+    terminal: true,
+  });
+
+  console.log(`\
+You are changing the master password for xud and underlying wallets.\
+`);
+  process.stdout.write('Enter old password: ');
+  rl.question('', (oldPassword) => {
+    process.stdout.write('\nEnter new password: ');
+    rl.question('', (password1) => {
+      process.stdout.write('\nRe-enter password: ');
+      rl.question('', async (password2) => {
+        process.stdout.write('\n\n');
+        rl.close();
+        if (password1 === password2) {
+          const request = new ChangePasswordRequest();
+          request.setNewPassword(password1);
+          request.setOldPassword(oldPassword);
+
+          const client = await loadXudClient(argv);
+          // wait up to 3 seconds for rpc server to listen before call in case xud was just started
+          client.waitForReady(Date.now() + 3000, () => {
+            client.changePassword(request, callback(argv, formatOutput));
+          });
+        } else {
+          process.exitCode = 1;
+          console.error('Passwords do not match, please try again');
+        }
+      });
+    });
+  });
+};
diff --git a/lib/db/DB.ts b/lib/db/DB.ts
@@ -1,8 +1,11 @@
-import { derivePairId } from '../utils/utils';
+import assert from 'assert';
+import { promises as fs } from 'fs';
 import { ModelCtor, Sequelize } from 'sequelize';
 import { XuNetwork } from '../constants/enums';
 import { defaultCurrencies, defaultNodes, defaultPairs } from '../db/seeds';
 import Logger from '../Logger';
+import { derivePairId } from '../utils/utils';
+import migrations from './migrations';
 import * as Models from './models';
 import * as db from './types';
 
@@ -14,6 +17,7 @@ type Models = {
   ReputationEvent: ModelCtor<db.ReputationEventInstance>;
   Order: ModelCtor<db.OrderInstance>;
   Trade: ModelCtor<db.TradeInstance>;
+  Password: ModelCtor<db.PasswordInstance>;
 };
 
 function loadModels(sequelize: Sequelize): Models {
@@ -25,6 +29,7 @@ function loadModels(sequelize: Sequelize): Models {
     ReputationEvent: Models.ReputationEvent(sequelize),
     SwapDeal: Models.SwapDeal(sequelize),
     Trade: Models.Trade(sequelize),
+    Password: Models.Password(sequelize),
   };
 
   models.Currency.hasMany(models.Pair, {
@@ -118,6 +123,8 @@ class DB {
   public sequelize: Sequelize;
   public models: Models;
 
+  private static VERSION = 1;
+
   /**
    * @param storage the file path for the sqlite database file, if ':memory:' or not specified the db is stored in memory
    */
@@ -136,19 +143,49 @@ class DB {
    * @param initDb whether to intialize a new database with default values if no database exists
    */
   public init = async (network = XuNetwork.SimNet, initDb = false): Promise<void> => {
+    const isNewDb = await this.isNewDb();
+
     try {
       await this.sequelize.authenticate();
       this.logger.info(`connected to database ${this.storage ? this.storage : 'in memory'}`);
     } catch (err) {
       this.logger.error('unable to connect to the database', err);
       throw err;
     }
-    const { Node, Currency, Pair, ReputationEvent, SwapDeal, Order, Trade } = this.models;
+
+    if (isNewDb) {
+      await this.sequelize.query(`PRAGMA user_version=${DB.VERSION};`);
+    }
+
+    // version is useful for tracking migrations & upgrades to the xud database when
+    // the database schema is modified or restructured
+    let version: number;
+    const userVersionPragma = (await this.sequelize.query('PRAGMA user_version;'));
+    assert(Array.isArray(userVersionPragma) && Array.isArray(userVersionPragma[0]));
+    const userVersion = userVersionPragma[0][0].user_version;
+    assert(typeof userVersion === 'number');
+    version = userVersion;
+    this.logger.trace(`db version is ${version}`);
+
+    if (version <= DB.VERSION) {
+      // if our db is not the latest version, we call each migration procedure necessary
+      // to bring us from our current version up to the latest version.
+      for (let n = version; n < DB.VERSION; n += 1) {
+        this.logger.info(`migrating db from version ${n} to version ${n + 1}`);
+        await migrations[n](this.sequelize);
+        await this.sequelize.query(`PRAGMA user_version=${n + 1};`);
+        this.logger.info(`migration to version ${n + 1} complete`);
+      }
+    }
+
+    const { Node, Currency, Pair, ReputationEvent, SwapDeal, Order, Trade, Password } = this.models;
     // sync schemas with the database in phases, according to FKs dependencies
     await Promise.all([
       Node.sync(),
       Currency.sync(),
+      Password.sync(),
     ]);
+
     // Pair is dependent on Currency, ReputationEvent is dependent on Node
     await Promise.all([
       Pair.sync(),
@@ -199,6 +236,26 @@ class DB {
     }
   }
 
+  /**
+   * Checks whether the database is new, in other words whether we are not
+   * loading a preexisting database from disk.
+   */
+  private isNewDb = async () => {
+    if (this.storage && this.storage !== ':memory:') {
+      // check if database file exists
+      try {
+        await fs.access(this.storage);
+        return false;
+      } catch (err) {
+        if (err.code !== 'ENOENT') {
+          // we ignore errors due to file not existing, otherwise throw
+          throw err;
+        }
+      }
+    }
+    return true;
+  }
+
   public close = () => {
     return this.sequelize.close();
   }

diff --git a/lib/db/migrations.ts b/lib/db/migrations.ts
@@ -0,0 +1,22 @@
+import Sequelize, { DataTypes } from 'sequelize';
+
+/**
+ * An ordered array of functions that will migrate the database from one
+ * version to the next. The 1st element (index 0) will migrate from version
+ * 0 to 1, the 2nd element will migrate from version 1 to 2, and so on...
+ * Each migration must be called in order and allowed to complete before
+ * calling the next.
+ */
+const migrations: ((sequelize: Sequelize.Sequelize) => Promise<void>)[] = [];
+
+migrations[0] = async (sequelize: Sequelize.Sequelize) => {
+  await sequelize.getQueryInterface().createTable('passwords', {
+    id: { type: DataTypes.INTEGER, primaryKey: true, autoIncrement: true },
+    encryptedPassword: { type: DataTypes.STRING, allowNull: false },
+    currency: { type: DataTypes.STRING(5), allowNull: true },
+    swapClient: { type: DataTypes.TINYINT, allowNull: false },
+    createdAt: { type: DataTypes.BIGINT, allowNull: false },
+  });
+};
+
+export default migrations;
diff --git a/lib/db/models/Password.ts b/lib/db/models/Password.ts
@@ -0,0 +1,21 @@
+import { DataTypes, ModelAttributes, ModelOptions, Sequelize } from 'sequelize';
+import { PasswordInstance } from '../types';
+
+export default function Password(sequelize: Sequelize) {
+  const attributes: ModelAttributes<PasswordInstance> = {
+    id: { type: DataTypes.INTEGER, primaryKey: true, autoIncrement: true },
+    encryptedPassword: { type: DataTypes.STRING, allowNull: false },
+    currency: { type: DataTypes.STRING(5), allowNull: true },
+    swapClient: { type: DataTypes.TINYINT, allowNull: false },
+    createdAt: { type: DataTypes.BIGINT, allowNull: false },
+  };
+
+  const options: ModelOptions = {
+    tableName: 'passwords',
+    timestamps: true,
+    updatedAt: false,
+  };
+
+  const Password = sequelize.define<PasswordInstance>('Password', attributes, options);
+  return Password;
+}
diff --git a/lib/db/models/index.ts b/lib/db/models/index.ts
@@ -5,3 +5,4 @@ export { default as Pair } from './Pair';
 export { default as ReputationEvent } from './ReputationEvent';
 export { default as SwapDeal } from './SwapDeal';
 export { default as Trade } from './Trade';
+export { default as Password } from './Password';
diff --git a/lib/db/types.ts b/lib/db/types.ts
@@ -1,5 +1,5 @@
 import { BelongsToGetAssociationMixin, Model } from 'sequelize';
-import { ReputationEvent } from '../constants/enums';
+import { ReputationEvent, SwapClientType } from '../constants/enums';
 import { Currency, Order, Pair } from '../orderbook/types';
 import { Address, NodeConnectionInfo } from '../p2p/types';
 import { SwapDeal } from '../swaps/types';
@@ -110,3 +110,17 @@ export type ReputationEventAttributes = ReputationEventCreationAttributes & {
 };
 
 export interface ReputationEventInstance extends Model<ReputationEventAttributes, ReputationEventCreationAttributes>, ReputationEventAttributes {}
+
+/* Passwords */
+export type PasswordCreationAttributes = {
+  encryptedPassword: string;
+  currency?: string;
+  swapClient: SwapClientType;
+};
+
+export type PasswordAttributes = PasswordCreationAttributes & {
+  createdAt: number;
+  id: number;
+};
+
+export interface PasswordInstance extends Model<PasswordAttributes, PasswordCreationAttributes>, PasswordAttributes {}
diff --git a/lib/grpc/GrpcService.ts b/lib/grpc/GrpcService.ts
@@ -877,6 +877,20 @@ class GrpcService {
     }
   }
 
+  public changePassword: grpc.handleUnaryCall<xudrpc.ChangePasswordRequest, xudrpc.ChangePasswordResponse> = async (call, callback) => {
+    if (!this.isReady(this.service, callback)) {
+      return;
+    }
+    try {
+      await this.service.changePassword(call.request.toObject());
+
+      const response = new xudrpc.ChangePasswordResponse();
+      callback(null, response);
+    } catch (err) {
+      callback(getGrpcError(err), null);
+    }
+  }
+
   public shutdown: grpc.handleUnaryCall<xudrpc.ShutdownRequest, xudrpc.ShutdownResponse> = (_, callback) => {
     if (!this.isReady(this.service, callback)) {
       return;

diff --git a/lib/grpc/getGrpcError.ts b/lib/grpc/getGrpcError.ts
@@ -67,6 +67,7 @@ const getGrpcError = (err: any) => {
       break;
     case serviceErrorCodes.NODE_ALREADY_EXISTS:
     case serviceErrorCodes.NODE_DOES_NOT_EXIST:
+    case serviceErrorCodes.NO_ENCRYPT_MODE_ENABLED:
       code = status.UNIMPLEMENTED;
       break;
     case p2pErrorCodes.POOL_CLOSED: