Merge branch 'main' into Flaxscrip-deployment-guide-1

KeychainMDIP · Dec 17, 2024 · feea79a · feea79a
2 parents f906964 + 9ce8d7f
commit feea79a
Show file tree

Hide file tree

Showing 32 changed files with 1,411 additions and 220 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,16 @@
+# Contributing to the MDIP Keychain open source project
+
+1. [Create an issue](https://github.com/KeychainMDIP/kc/issues) first
+    - Requirements and acceptance criteria should be discussed in the issue
+2. Create a development branch from the issue
+    - Branch name should start with issue number
+    - Github provides a link in the issue to [create the branch](https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/creating-a-branch-for-an-issue)
+3. Create a PR from the development branch
+    - All PRs must be linked to an issue
+4. If the PR contains code changes then do a smoke test before merge
+    - Use `./start-node` to build and run the containers
+    - Make sure the node syncs OK
+    - Check the service logs for any errors
+    - An easy check is to run `./kc perf-test` (to create 100 local ephemeral credentials) followed by `./admin verify-db` (to garbage-collect the test credentials)
+5. Merge the PR with squashed commits
+6. Use [conventional commit](https://www.conventionalcommits.org/en/v1.0.0/) prefixes for the merge commit message
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -44,6 +44,8 @@ services:
     environment:
       - KC_KEYMASTER_PORT=4226
       - KC_GATEKEEPER_URL=http://gatekeeper:4224
+      - KC_ENCRYPTED_PASSPHRASE=${KC_ENCRYPTED_PASSPHRASE}
+      - KC_WALLET_CACHE=${KC_WALLET_CACHE}
     volumes:
       - ./data:/app/keymaster/data
     user: "${KC_UID}:${KC_GID}"
@@ -60,6 +62,7 @@ services:
     environment:
       - KC_GATEKEEPER_URL=http://gatekeeper:4224
       - KC_NODE_NAME=${KC_NODE_NAME}
+      - KC_MDIP_PROTOCOL=${KC_MDIP_PROTOCOL}
     volumes:
       - ./data:/app/hyperswarm/data
     user: "${KC_UID}:${KC_GID}"
@@ -81,7 +84,9 @@ services:
     image: keychainmdip/satoshi-mediator
     environment:
       - KC_GATEKEEPER_URL=http://gatekeeper:4224
+      - KC_KEYMASTER_URL=http://keymaster:4226
       - KC_NODE_ID=${KC_NODE_ID}
+      - KC_ENCRYPTED_PASSPHRASE=${KC_ENCRYPTED_PASSPHRASE}
       - KC_SAT_CHAIN=TFTC
       - KC_SAT_NETWORK=testnet
       - KC_SAT_START_BLOCK=0
@@ -102,6 +107,7 @@ services:
     depends_on:
       - tftc-node
       - gatekeeper
+      - keymaster
 
   tbtc-node:
     image: keychainmdip/bitcoin-core:v28.0
@@ -115,7 +121,9 @@ services:
     image: keychainmdip/satoshi-mediator
     environment:
       - KC_GATEKEEPER_URL=http://gatekeeper:4224
+      - KC_KEYMASTER_URL=http://keymaster:4226
       - KC_NODE_ID=${KC_NODE_ID}
+      - KC_ENCRYPTED_PASSPHRASE=${KC_ENCRYPTED_PASSPHRASE}
       - KC_SAT_CHAIN=TBTC
       - KC_SAT_NETWORK=testnet
       - KC_SAT_HOST=tbtc-node
@@ -136,6 +144,7 @@ services:
     depends_on:
       - tbtc-node
       - gatekeeper
+      - keymaster
 
   ipfs-mediator:
     build:

diff --git a/packages/gatekeeper/src/gatekeeper-sdk.js b/packages/gatekeeper/src/gatekeeper-sdk.js
@@ -1,7 +1,7 @@
 import axios from 'axios';
 
-let URL = '';
-let API = '/api/v1';
+const VERSION = '/api/v1';
+let API = VERSION;
 
 function throwError(error) {
     if (error.response) {
@@ -13,8 +13,7 @@ function throwError(error) {
 
 export async function start(options = {}) {
     if (options.url) {
-        URL = options.url;
-        API = `${URL}${API}`;
+        API = `${options.url}${VERSION}`;
     }
 
     if (options.waitUntilReady) {
@@ -28,7 +27,7 @@ async function waitUntilReady(options = {}) {
     let retries = 0;
 
     if (chatty) {
-        console.log(`Connecting to gatekeeper at ${URL}`);
+        console.log(`Connecting to gatekeeper at ${API}`);
     }
 
     while (!ready) {
@@ -45,7 +44,7 @@ async function waitUntilReady(options = {}) {
         retries += 1;
 
         if (!chatty && becomeChattyAfter > 0 && retries > becomeChattyAfter) {
-            console.log(`Connecting to gatekeeper at ${URL}`);
+            console.log(`Connecting to gatekeeper at ${API}`);
             chatty = true;
         }
     }

diff --git a/packages/keymaster/package.json b/packages/keymaster/package.json
@@ -8,6 +8,7 @@
     "./sdk": "./src/keymaster-sdk.js",
     "./db/json": "./src/db-wallet-json.js",
     "./db/json/enc": "./src/db-wallet-json-enc.js",
+    "./db/cache": "./src/db-wallet-cache.js",
     "./db/web": "./src/db-wallet-web.js"
   },
   "scripts": {

diff --git a/packages/keymaster/src/db-wallet-cache.js b/packages/keymaster/src/db-wallet-cache.js
@@ -0,0 +1,19 @@
+let baseWallet;
+let cachedWallet;
+
+export function setWallet(wallet) {
+    baseWallet = wallet;
+}
+
+export function saveWallet(wallet, overwrite = false) {
+    cachedWallet = wallet;
+    return baseWallet.saveWallet(wallet, overwrite);
+}
+
+export function loadWallet() {
+    if (!cachedWallet) {
+        cachedWallet = baseWallet.loadWallet();
+    }
+
+    return cachedWallet;
+}
diff --git a/packages/keymaster/src/db-wallet-json-enc.js b/packages/keymaster/src/db-wallet-json-enc.js
@@ -1,31 +1,24 @@
-import fs from 'fs';
 import crypto from 'crypto';
 
-const dataFolder = 'data';
-const walletName = `${dataFolder}/wallet-enc.json`;
-
 const algorithm = 'aes-256-cbc';       // Algorithm
 const keyLength = 32;                 // 256 bit AES-256
 const ivLength = 16;                  // 128-bit AES block size
 const saltLength = 16;                // 128-bit salt
 const iterations = 200000;            // PBKDF2 iterations
 const digest = 'sha512';               // PBKDF2 hash function
 
+let baseWallet;
 let passphrase;
 
 export function setPassphrase(pp) {
     passphrase = pp;
 }
 
-export function saveWallet(wallet, overwrite = false) {
-    if (fs.existsSync(walletName) && !overwrite) {
-        return false;
-    }
-
-    if (!fs.existsSync(dataFolder)) {
-        fs.mkdirSync(dataFolder, { recursive: true });
-    }
+export function setWallet(wallet) {
+    baseWallet = wallet;
+}
 
+export function saveWallet(wallet, overwrite = false) {
     if (!passphrase) {
         throw new Error('KC_ENCRYPTED_PASSPHRASE not set');
     }
@@ -45,24 +38,20 @@ export function saveWallet(wallet, overwrite = false) {
         data: encrypted
     };
 
-    fs.writeFileSync(walletName, JSON.stringify(encryptedData, null, 4));
-
-    return true;
+    return baseWallet.saveWallet(encryptedData, overwrite);
 }
 
 export function loadWallet() {
-    if (!fs.existsSync(walletName)) {
-        return null;
-    }
-
     if (!passphrase) {
         throw new Error('KC_ENCRYPTED_PASSPHRASE not set');
     }
 
-    const encryptedJson = fs.readFileSync(walletName, 'utf8');
-    const encryptedData = JSON.parse(encryptedJson);
+    const encryptedData = baseWallet.loadWallet();
+    if (!encryptedData) {
+        return null;
+    }
 
-    if (!encryptedData || !encryptedData.salt || !encryptedData.iv || !encryptedData.data) {
+    if (!encryptedData.salt || !encryptedData.iv || !encryptedData.data) {
         throw new Error('Wallet not encrypted');
     }
 

diff --git a/packages/keymaster/src/db-wallet-json.js b/packages/keymaster/src/db-wallet-json.js
@@ -22,11 +22,6 @@ export function loadWallet() {
     }
 
     const walletJson = fs.readFileSync(walletName);
-    const walletData = JSON.parse(walletJson);
-
-    if (walletData && walletData.salt && walletData.iv && walletData.data) {
-        throw new Error('Wallet encrypted but KC_ENCRYPTED_PASSPHRASE not set');
-    }
-
-    return walletData;
+
+    return JSON.parse(walletJson);
 }
diff --git a/packages/keymaster/src/keymaster-lib.js b/packages/keymaster/src/keymaster-lib.js
@@ -1171,7 +1171,7 @@ export async function unpublishCredential(did) {
 
 export async function createChallenge(challenge = {}, options = {}) {
 
-    if (typeof challenge !== 'object' || Array.isArray(challenge)) {
+    if (!challenge || typeof challenge !== 'object' || Array.isArray(challenge)) {
         throw new InvalidParameterError('challenge');
     }
 

diff --git a/packages/keymaster/src/keymaster-sdk.js b/packages/keymaster/src/keymaster-sdk.js
@@ -316,6 +316,16 @@ export async function resolveDID(name) {
     }
 }
 
+export async function createAsset(data, options = {}) {
+    try {
+        const response = await axios.post(`${URL}/api/v1/assets`, { data, options });
+        return response.data.did;
+    }
+    catch (error) {
+        throwError(error);
+    }
+}
+
 export async function resolveAsset(name) {
     try {
         const response = await axios.get(`${URL}/api/v1/assets/${name}`);

diff --git a/python/.flake8 b/python/.flake8
@@ -0,0 +1,8 @@
+[flake8]
+exclude = 
+    __init__.py,
+    .git,
+    */.venv/,
+    */build/,
+    */dist/
+max-line-length = 88
diff --git a/python/config.py b/python/config.py
diff --git a/python/keymaster_sdk.py b/python/keymaster_sdk.py
diff --git a/python/.gitignore → python/keymaster_sdk/.gitignore b/python/.gitignore → python/keymaster_sdk/.gitignore
@@ -1,2 +1,4 @@
 __pycache__
 **/*.pyc
+*.egg-info/
+dist/
diff --git a/python/keymaster_sdk/LICENSE b/python/keymaster_sdk/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 MDIP
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/python/keymaster_sdk/README.md b/python/keymaster_sdk/README.md
@@ -0,0 +1,26 @@
+# MDIP Keymaster
+
+Keymaster is a client library for the MDIP.  It manages a wallet with any number of identities.
+
+### Installation
+
+```bash
+pip install keymaster-sdk
+```
+
+### Requirements
+
+- Running keymaster instance
+
+### Usage
+
+```python
+import keymaster_sdk as keymaster
+
+# Optional: URL defaults to http://localhost:4226 and can also
+# be set using the environment variable KC_KEYMASTER_URL
+keymaster.set_url('http://example.com:4226')
+
+ready = keymaster.is_ready()
+print(f'Keymaster is ready: {ready}')
+```
diff --git a/python/keymaster_sdk/pyproject.toml b/python/keymaster_sdk/pyproject.toml
@@ -0,0 +1,20 @@
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "keymaster-sdk"
+version = "0.1.0"
+description = "Keymaster is a client library for the MDIP"
+readme = "README.md"
+license = { file = "LICENSE" }
+authors = [
+  { name="David McFadzean", email="[email protected]" },
+  { name="Peter Bushnell", email="[email protected]" }
+]
+dependencies = [
+  "requests==2.32.0"
+]
+
+[project.urls]
+Homepage = "https://github.com/KeychainMDIP/kc/"