From ffb6e009a89504d3137e5c0bae5b992ddad4ab1c Mon Sep 17 00:00:00 2001
From: PuPha <nguyensanghso@gmail.com>
Date: Wed, 7 Aug 2024 15:28:29 +0700
Subject: [PATCH 1/2] Revert "Merge pull request #14 from
 bitmark-inc/Sang/security_audit/fix/did_signature"

This reverts commit 2b04cd9a005ef31cb0b774eb356238e191f48414, reversing
changes made to aee87f20cd3e4b288ac0b3e93f9388382d641bdc.
---
 .../bitmark/libauk/storage/WalletStorage.kt   | 27 +++++++++----------
 1 file changed, 12 insertions(+), 15 deletions(-)

diff --git a/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt b/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt
index d95419a..a34de0f 100644
--- a/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt
+++ b/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt
@@ -42,7 +42,7 @@ import kotlin.Pair
 const val SEED_FILE_NAME = "libauk_seed.dat"
 const val ETH_KEY_INFO_FILE_NAME = "libauk_eth_key_info.dat"
 const val SEED_PUBLIC_DATA_FILE_NAME = "libauk_seed_public_data.dat"
-const val PRE_GENERATE_ADDRESS_LIMIT = 10
+const val PRE_GENERATE_ADDRESS_LIMIT = 3
 interface WalletStorage {
     fun createKey(passphrase: String? = "", name: String, isPrivate: Boolean): Completable
     fun importKey(
@@ -78,6 +78,7 @@ interface WalletStorage {
     ): Single<ByteArray>
 
     fun readOnFilesDir(name: String): Single<ByteArray>
+
     fun writeOnFilesDir(name: String, data: ByteArray, isPrivate: Boolean)
     fun encryptFile(input: File, output: File): Completable
     fun decryptFile(input: File, output: File, usingLegacy: Boolean): Completable
@@ -176,8 +177,7 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
         /* accountDidKey */
         val accountDID = generateAccountDID(seed)
 
-        val seedByte = getSeedBytes(seed)
-        val accountDidPrivateKey = Bip32ECKeyPair.generateKeyPair(seedByte)
+        val accountDidPrivateKey = Bip32ECKeyPair.generateKeyPair(seed.data)
 
         /* pre-generate 100 eth addresses */
         val preGenerateEthAddresses = preGenerateETHAddresses(seed, 0, PRE_GENERATE_ADDRESS_LIMIT)
@@ -218,12 +218,6 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
         newGsonInstance().fromJson<Seed>(String(json))
     }
 
-    private fun getSeedBytes(walletSeed: Seed): ByteArray {
-        val mnemonic = MnemonicUtils.generateMnemonic(walletSeed.data)
-        val seed = MnemonicUtils.generateSeed(mnemonic, walletSeed.passphrase ?: "")
-        return seed
-    }
-
     private fun getSeedWithoutAuthentication(): Single<Seed> = Single.fromCallable(
         {secureFileStorage.readOnFilesDirWithoutAuthentication(SEED_FILE_NAME)}
     ).map { json ->
@@ -240,7 +234,9 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
         }
 
     private fun generateAccountDID(walletSeed: Seed) : String {
-        val seed = getSeedBytes(walletSeed)
+        val mnemonic = MnemonicUtils.generateMnemonic(walletSeed.data)
+
+        val seed = MnemonicUtils.generateSeed(mnemonic, walletSeed.passphrase ?: "")
         val masterKeypair = Bip32ECKeyPair.generateKeyPair(seed)
         val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, ACCOUNT_DERIVATION_PATH)
         val prefix: ByteArray = listOf(231, 1).map { it.toByte() }.toByteArray()
@@ -268,8 +264,7 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
             }
         }.onErrorResumeNext { error ->
             getSeed().map { seed ->
-                val seedByte = getSeedBytes(seed)
-                Bip32ECKeyPair.generateKeyPair(seedByte)
+                Bip32ECKeyPair.generateKeyPair(seed.data)
             }}
             .map { masterKeypair ->
                 val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, ACCOUNT_DERIVATION_PATH)
@@ -386,8 +381,9 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
     }
 
     private fun generateEncryptKey(walletSeed: Seed): ByteArray {
-        val seedB = getSeedBytes(walletSeed)
-        val masterKeypair = Bip32ECKeyPair.generateKeyPair(seedB)
+        val mnemonic = MnemonicUtils.generateMnemonic(walletSeed.data)
+        val seed = MnemonicUtils.generateSeed(mnemonic, walletSeed.passphrase ?: "")
+        val masterKeypair = Bip32ECKeyPair.generateKeyPair(seed)
         val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, ENCRYPT_KEY_DERIVATION_PATH)
         return Numeric.toBytesPadded(bip44Keypair.privateKey, 32)
     }
@@ -608,7 +604,8 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
     }
 
     private fun generateETHCredentialWithIndex(seed: Seed, index: Int): Credentials {
-        val seedB = getSeedBytes(seed)
+        val mnemonic = MnemonicUtils.generateMnemonic(seed.data)
+        val seedB = MnemonicUtils.generateSeed(mnemonic, seed.passphrase ?: "")
         val masterKeypair = Bip32ECKeyPair.generateKeyPair(seedB)
         val path = intArrayOf(
             44 or Bip32ECKeyPair.HARDENED_BIT,

From 3096c23140d96e5629559727b6c2f7c512058633 Mon Sep 17 00:00:00 2001
From: PuPha <nguyensanghso@gmail.com>
Date: Wed, 7 Aug 2024 15:28:50 +0700
Subject: [PATCH 2/2] Revert "Merge pull request #13 from
 bitmark-inc/security_audit_biometric"

This reverts commit aee87f20cd3e4b288ac0b3e93f9388382d641bdc, reversing
changes made to 444e75bf67479213b7182a3fdb2371bb99caea43.
---
 .idea/compiler.xml                            |   2 +-
 .idea/gradle.xml                              |   2 +-
 .idea/misc.xml                                |   3 +-
 app/build.gradle                              |   2 +-
 libauk/build.gradle                           |   1 -
 .../libauk/storage/SecureFileStorageTest.kt   |  10 +-
 .../java/com/bitmark/libauk/model/Keys.kt     |  84 +---
 .../libauk/storage/SecureFileStorage.kt       | 109 +----
 .../bitmark/libauk/storage/WalletStorage.kt   | 462 ++++++------------
 .../com/bitmark/libauk/util/BiometricUtil.kt  |  80 ---
 .../com/bitmark/libauk/util/SecurityFile.kt   |  47 --
 .../libauk/storage/WalletStorageUnitTest.kt   | 170 +++++--
 12 files changed, 323 insertions(+), 649 deletions(-)
 delete mode 100644 libauk/src/main/java/com/bitmark/libauk/util/BiometricUtil.kt
 delete mode 100644 libauk/src/main/java/com/bitmark/libauk/util/SecurityFile.kt

diff --git a/.idea/compiler.xml b/.idea/compiler.xml
index b589d56..fb7f4a8 100644
--- a/.idea/compiler.xml
+++ b/.idea/compiler.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
   <component name="CompilerConfiguration">
-    <bytecodeTargetLevel target="17" />
+    <bytecodeTargetLevel target="11" />
   </component>
 </project>
\ No newline at end of file
diff --git a/.idea/gradle.xml b/.idea/gradle.xml
index cb236bc..75955c7 100644
--- a/.idea/gradle.xml
+++ b/.idea/gradle.xml
@@ -8,7 +8,7 @@
         <option name="distributionType" value="DEFAULT_WRAPPED" />
         <option name="externalProjectPath" value="$PROJECT_DIR$" />
         <option name="gradleHome" value="/usr/local/Cellar/gradle/7.5.1_1/libexec" />
-        <option name="gradleJvm" value="jbr-17" />
+        <option name="gradleJvm" value="corretto-11" />
         <option name="modules">
           <set>
             <option value="$PROJECT_DIR$" />
diff --git a/.idea/misc.xml b/.idea/misc.xml
index adb8ae0..3986154 100644
--- a/.idea/misc.xml
+++ b/.idea/misc.xml
@@ -1,4 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
   <component name="ExternalStorageConfigurationManager" enabled="true" />
-  <component name="ProjectRootManager" version="2" languageLevel="JDK_17" default="true" project-jdk-name="jbr-17" project-jdk-type="JavaSDK" />
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_11" project-jdk-name="1.8" project-jdk-type="JavaSDK" />
 </project>
\ No newline at end of file
diff --git a/app/build.gradle b/app/build.gradle
index cb4b61a..54e6578 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -36,5 +36,5 @@ dependencies {
     testImplementation 'junit:junit:4.13.1'
     androidTestImplementation 'androidx.test.ext:junit:1.1.3'
     androidTestImplementation 'androidx.test.espresso:espresso-core:3.4.0'
-    api "androidx.biometric:biometric:1.1.0"
+
 }
\ No newline at end of file
diff --git a/libauk/build.gradle b/libauk/build.gradle
index dace7ba..9497a86 100644
--- a/libauk/build.gradle
+++ b/libauk/build.gradle
@@ -32,7 +32,6 @@ android {
 
 dependencies {
     implementation fileTree(dir: "libs", include: ["*.jar"])
-    api "androidx.biometric:biometric:1.1.0"
     implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
     implementation 'androidx.core:core-ktx:1.6.0'
     implementation 'androidx.appcompat:appcompat:1.3.1'
diff --git a/libauk/src/androidTest/java/com/bitmark/libauk/storage/SecureFileStorageTest.kt b/libauk/src/androidTest/java/com/bitmark/libauk/storage/SecureFileStorageTest.kt
index 565f433..b9c4993 100644
--- a/libauk/src/androidTest/java/com/bitmark/libauk/storage/SecureFileStorageTest.kt
+++ b/libauk/src/androidTest/java/com/bitmark/libauk/storage/SecureFileStorageTest.kt
@@ -36,15 +36,14 @@ class SecureFileStorageTest {
             secureFileStorage.rxCompletable { gw ->
                 gw.writeOnFilesDir(
                     d.key,
-                    d.value.toByteArray(),
-                    true
+                    d.value.toByteArray()
                 )
             }
                 .test()
                 .assertComplete()
                 .assertNoErrors()
 
-            secureFileStorage.readOnFilesDir(d.key).map { byteArray -> String(byteArray) }
+            secureFileStorage.rxSingle { gw -> String(gw.readOnFilesDir(d.key)) }
                 .test()
                 .assertComplete()
                 .assertNoErrors()
@@ -65,15 +64,14 @@ class SecureFileStorageTest {
             secureFileStorage.rxCompletable { gw ->
                 gw.writeOnFilesDir(
                     d.key,
-                    d.value.toByteArray(),
-                    true
+                    d.value.toByteArray()
                 )
             }
                 .test()
                 .assertComplete()
                 .assertNoErrors()
 
-            secureFileStorage.readOnFilesDir(d.key).map { byteArray -> String(byteArray) }
+            secureFileStorage.rxSingle { gw -> String(gw.readOnFilesDir(d.key)) }
                 .test()
                 .assertComplete()
                 .assertNoErrors()
diff --git a/libauk/src/main/java/com/bitmark/libauk/model/Keys.kt b/libauk/src/main/java/com/bitmark/libauk/model/Keys.kt
index 00d3bc3..816db42 100644
--- a/libauk/src/main/java/com/bitmark/libauk/model/Keys.kt
+++ b/libauk/src/main/java/com/bitmark/libauk/model/Keys.kt
@@ -3,92 +3,26 @@ package com.bitmark.libauk.model
 import com.fasterxml.jackson.databind.annotation.JsonSerialize
 import com.google.gson.annotations.Expose
 import com.google.gson.annotations.SerializedName
-import org.web3j.crypto.Bip32ECKeyPair
-import java.math.BigInteger
 import java.util.*
 
 @JsonSerialize
-data class KeyInfo(
+data class KeyIdentity(
     @Expose
-    @SerializedName("ethAddress")
-    val ethAddress: String,
+    @SerializedName("words")
+    val words: String,
 
     @Expose
-    @SerializedName("creationDate")
-    val creationDate: Date
+    @SerializedName("passphrase")
+    val passphrase: String
 )
+
 @JsonSerialize
-data class SeedPublicData(
+data class KeyInfo(
     @Expose
     @SerializedName("ethAddress")
     val ethAddress: String,
 
     @Expose
     @SerializedName("creationDate")
-    val creationDate: Date,
-
-    @Expose
-    @SerializedName("name")
-    val name: String?,
-
-    @Expose
-    @SerializedName("did")
-    val did: String,
-
-    @Expose
-    @SerializedName("preGenerateEthAddresses")
-    val preGenerateEthAddresses: Map<Int, String>,
-
-    @Expose
-    @SerializedName("preGenerateTezosAddresses")
-    val preGenerateTezosAddresses: Map<Int, String>,
-
-    @Expose
-    @SerializedName("preGenerateTezosPublicKeys")
-    val preGenerateTezosPublicKeys: Map<Int, String>,
-
-    @Expose
-    @SerializedName("encryptionPrivateKey")
-    val encryptionPrivateKey: ByteArray,
-
-    @Expose
-    @SerializedName("dIDPrivateKey")
-    private  var dIDPrivateKey: BigInteger,
-
-    @Expose
-    @SerializedName("chainCode")
-    private val chainCode: ByteArray
-
-) {
-    override fun equals(other: Any?): Boolean {
-        if (this === other) return true
-        if (javaClass != other?.javaClass) return false
-
-        other as SeedPublicData
-
-        if (ethAddress != other.ethAddress) return false
-        if (creationDate != other.creationDate) return false
-        if (name != other.name) return false
-        if (did != other.did) return false
-        if (preGenerateEthAddresses != other.preGenerateEthAddresses) return false
-        if (preGenerateTezosAddresses != other.preGenerateTezosAddresses) return false
-        if (!encryptionPrivateKey.contentEquals(other.encryptionPrivateKey)) return false
-
-        return true
-    }
-
-    override fun hashCode(): Int {
-        var result = ethAddress.hashCode()
-        result = 31 * result + creationDate.hashCode()
-        result = 31 * result + (name?.hashCode() ?: 0)
-        result = 31 * result + did.hashCode()
-        result = 31 * result + preGenerateEthAddresses.hashCode()
-        result = 31 * result + preGenerateTezosAddresses.hashCode()
-        result = 31 * result + encryptionPrivateKey.contentHashCode()
-        return result
-    }
-
-    fun getAccountDIDPrivateKey(): Bip32ECKeyPair {
-        return Bip32ECKeyPair.create(dIDPrivateKey, chainCode)
-    }
-}
\ No newline at end of file
+    val creationDate: Date
+)
\ No newline at end of file
diff --git a/libauk/src/main/java/com/bitmark/libauk/storage/SecureFileStorage.kt b/libauk/src/main/java/com/bitmark/libauk/storage/SecureFileStorage.kt
index 18d0582..e1c11d5 100644
--- a/libauk/src/main/java/com/bitmark/libauk/storage/SecureFileStorage.kt
+++ b/libauk/src/main/java/com/bitmark/libauk/storage/SecureFileStorage.kt
@@ -1,10 +1,8 @@
 package com.bitmark.libauk.storage
 
-import com.bitmark.libauk.util.BiometricUtil
 import android.content.Context
 import android.security.keystore.KeyGenParameterSpec
 import android.security.keystore.KeyProperties
-import androidx.fragment.app.FragmentActivity
 import androidx.security.crypto.EncryptedFile
 import androidx.security.crypto.MasterKey
 import io.reactivex.Completable
@@ -12,21 +10,17 @@ import io.reactivex.Single
 import java.io.ByteArrayOutputStream
 import java.io.File
 import java.security.KeyStore
-import java.util.UUID
+import java.util.*
 
 internal interface SecureFileStorage {
 
-    fun writeOnFilesDir(name: String, data: ByteArray, isPrivate: Boolean)
+    fun writeOnFilesDir(name: String, data: ByteArray)
 
-    fun readOnFilesDir(name: String): Single<ByteArray>
-
-    fun readOnFilesDirWithoutAuthentication(name: String): ByteArray
+    fun readOnFilesDir(name: String): ByteArray
 
     fun isExistingOnFilesDir(name: String): Boolean
 
     fun deleteOnFilesDir(name: String): Boolean
-
-    fun readFiles(names: List<String>): Single<Map<String, ByteArray>>
 }
 
 internal class SecureFileStorageImpl(
@@ -43,8 +37,8 @@ internal class SecureFileStorageImpl(
             value?.let { sharedPreferences.edit().putString(KEY_MASTER_KEY_ALIAS, it).apply() }
         }
 
-    private fun write(path: String, name: String, data: ByteArray, isPrivate: Boolean) {
-        val file = getEncryptedFile("$path/$name", false, isPrivate)
+    private fun write(path: String, name: String, data: ByteArray) {
+        val file = getEncryptedFile("$path/$name", false)
         file.openFileOutput().apply {
             write(data)
             flush()
@@ -52,13 +46,12 @@ internal class SecureFileStorageImpl(
         }
     }
 
-    override fun writeOnFilesDir(name: String, data: ByteArray, isPrivate: Boolean) {
-        write(context.filesDir.absolutePath, "$alias-$name", data, isPrivate)
+    override fun writeOnFilesDir(name: String, data: ByteArray) {
+        write(context.filesDir.absolutePath, "$alias-$name", data)
     }
 
-    private fun read(path: String, isPrivate: Boolean): ByteArray {
-
-        val file = getEncryptedFile(path, true, isPrivate)
+    private fun read(path: String): ByteArray {
+        val file = getEncryptedFile(path, true)
         if (File(path).length() == 0L) return byteArrayOf()
         val inputStream = file.openFileInput()
         val os = ByteArrayOutputStream()
@@ -70,54 +63,8 @@ internal class SecureFileStorageImpl(
         return os.toByteArray()
     }
 
-    override fun readOnFilesDir(name: String): Single<ByteArray> {
-        val isAuthenRequired = BiometricUtil.isAuthenReuired(listOf(name), context)
-        return if (isAuthenRequired) {
-            if (context is FragmentActivity) {
-                return BiometricUtil.withAuthenticate<ByteArray>(activity = context,
-                    onAuthenticationSucceeded = { result ->
-                        read(
-                            File(context.filesDir, "$alias-$name").absolutePath,
-                            isAuthenRequired
-                        )
-                    },
-                    onAuthenticationError = { _, _ -> byteArrayOf() },
-                    onAuthenticationFailed = { byteArrayOf() }
-                )
-            } else {
-                Single.error(IllegalStateException("Context is not an instance of FragmentActivity"))
-            }
-        } else {
-            return Single.fromCallable { read(File(context.filesDir, "$alias-$name").absolutePath, isAuthenRequired) }
-        }
-    }
-
-    override fun readOnFilesDirWithoutAuthentication(name: String): ByteArray {
-        return read(File(context.filesDir, "$alias-$name").absolutePath, false)
-    }
-
-    override fun readFiles(names: List<String>): Single<Map<String, ByteArray>> {
-        val isAuthenRequired = BiometricUtil.isAuthenReuired(names, context)
-
-        fun readFileContents(): Map<String, ByteArray> = names.associateWith { name ->
-            read(File(context.filesDir, "$alias-$name").absolutePath, isAuthenRequired)
-        }
-
-        return if (isAuthenRequired) {
-            if (context is FragmentActivity) {
-                BiometricUtil.withAuthenticate<Map<String, ByteArray>>(
-                    activity = context,
-                    onAuthenticationSucceeded = { readFileContents() },
-                    onAuthenticationError = { _, _ -> emptyMap() },
-                    onAuthenticationFailed = { emptyMap() }
-                )
-            } else {
-                Single.error(IllegalStateException("Context is not an instance of FragmentActivity"))
-            }
-        } else {
-            Single.fromCallable { readFileContents() }
-        }
-    }
+    override fun readOnFilesDir(name: String): ByteArray =
+        read(File(context.filesDir, "$alias-$name").absolutePath)
 
     private fun isExisting(path: String): Boolean = File(path).exists()
 
@@ -136,48 +83,44 @@ internal class SecureFileStorageImpl(
     override fun deleteOnFilesDir(name: String): Boolean =
         delete(File(context.filesDir, "$alias-$name").absolutePath)
 
-    private fun getEncryptedFile(path: String, read: Boolean, isPrivate: Boolean) = File(path).let { f ->
+    private fun getEncryptedFile(path: String, read: Boolean) = File(path).let { f ->
         if (f.isDirectory) throw IllegalArgumentException("do not support directory")
         if (read && !f.exists() && !f.createNewFile()) {
             throw IllegalStateException("cannot create new file for reading")
         } else if (!read && f.exists() && !f.delete()) {
             throw IllegalStateException("cannot delete file before writing")
         }
-        getEncryptedFileBuilder(f, isPrivate).build()
+        getEncryptedFileBuilder(f).build()
     }
 
-    private fun getEncryptedFileBuilder(f: File, isPrivate: Boolean) = EncryptedFile.Builder(
+    private fun getEncryptedFileBuilder(f: File) = EncryptedFile.Builder(
         context,
         f,
-        getMasterKey(isPrivate),
+        getMasterKey(),
         EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
     )
 
-    private fun getMasterKey(isPrivate: Boolean): MasterKey {
+    private fun getMasterKey(): MasterKey {
         keyStore.load(null)
+
         val keyAlias = masterKeyAlias ?: UUID.randomUUID().toString().also { masterKeyAlias = it }
-        val authenticationTimeoutInSeconds = 5
-        val parameterSpecBuilder = KeyGenParameterSpec.Builder(keyAlias, KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT).apply {
+
+        val parameterSpec = KeyGenParameterSpec.Builder(
+            keyAlias,
+            KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
+        ).apply {
             setKeySize(256)
             setDigests(KeyProperties.DIGEST_SHA512)
+            setUserAuthenticationRequired(false)
+            setUnlockedDeviceRequired(true)
+            setIsStrongBoxBacked(true)
             setRandomizedEncryptionRequired(true)
-            setInvalidatedByBiometricEnrollment(true)
             setBlockModes(KeyProperties.BLOCK_MODE_GCM)
             setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
-        }
-        // if android version is higher than 28
-        if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.P) {
-            parameterSpecBuilder.apply {
-                setUnlockedDeviceRequired(true)
-                setIsStrongBoxBacked(true)
-            }
-        }
-
-        val  parameterSpec = parameterSpecBuilder.build()
+        }.build()
 
         return MasterKey.Builder(context, keyAlias)
             .setKeyGenParameterSpec(parameterSpec)
-            .setUserAuthenticationRequired(isPrivate, authenticationTimeoutInSeconds)
             .build()
     }
 
diff --git a/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt b/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt
index a34de0f..8ff6c53 100644
--- a/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt
+++ b/libauk/src/main/java/com/bitmark/libauk/storage/WalletStorage.kt
@@ -1,6 +1,5 @@
 package com.bitmark.libauk.storage
 
-import androidx.lifecycle.Transformations.map
 import at.favre.lib.hkdf.HKDF
 import com.bitmark.apiservice.configuration.GlobalConfiguration
 import com.bitmark.apiservice.utils.Address
@@ -13,7 +12,6 @@ import com.bitmark.libauk.Const.ACCOUNT_DERIVATION_PATH
 import com.bitmark.libauk.Const.ENCRYPT_KEY_DERIVATION_PATH
 import com.bitmark.libauk.model.KeyInfo
 import com.bitmark.libauk.model.Seed
-import com.bitmark.libauk.model.SeedPublicData
 import com.bitmark.libauk.util.fromJson
 import com.bitmark.libauk.util.newGsonInstance
 import io.camlcase.kotlintezos.model.TezosError
@@ -39,26 +37,18 @@ import javax.crypto.spec.IvParameterSpec
 import javax.crypto.spec.SecretKeySpec
 import kotlin.Pair
 
-const val SEED_FILE_NAME = "libauk_seed.dat"
-const val ETH_KEY_INFO_FILE_NAME = "libauk_eth_key_info.dat"
-const val SEED_PUBLIC_DATA_FILE_NAME = "libauk_seed_public_data.dat"
-const val PRE_GENERATE_ADDRESS_LIMIT = 3
 interface WalletStorage {
-    fun createKey(passphrase: String? = "", name: String, isPrivate: Boolean): Completable
+    fun createKey(passphrase: String? = "", name: String): Completable
     fun importKey(
         words: List<String>,
         passphrase: String? = "",
         name: String,
-        creationDate: Date?,
-        isPrivate: Boolean
+        creationDate: Date?
     ): Completable
 
-    fun exportSeed(withAuthentication: Boolean): Single<Seed>
-
-    fun generateSeedPublicData(seed: Seed) : SeedPublicData
-
     fun isWalletCreated(): Single<Boolean>
     fun getName(): Single<String>
+    fun updateName(name: String): Completable
     fun getAccountDID(): Single<String>
     fun getAccountDIDSignature(message: String): Single<String>
     fun getETHAddress(): Single<String>
@@ -77,333 +67,227 @@ interface WalletStorage {
         index: Int
     ): Single<ByteArray>
 
-    fun readOnFilesDir(name: String): Single<ByteArray>
-
-    fun writeOnFilesDir(name: String, data: ByteArray, isPrivate: Boolean)
     fun encryptFile(input: File, output: File): Completable
     fun decryptFile(input: File, output: File, usingLegacy: Boolean): Completable
     fun exportMnemonicPassphrase(): Single<String>
     fun exportMnemonicWords(): Single<String>
+    fun getTezosPublicKey(): Single<String>
     fun tezosSignMessage(message: ByteArray): Single<ByteArray>
     fun tezosTransaction(forgedHex: String): Single<ByteArray>
     fun getTezosPublicKeyWithIndex(index: Int): Single<String>
     fun tezosSignMessageWithIndex(message: ByteArray, index: Int): Single<ByteArray>
     fun tezosTransactionWithIndex(forgedHex: String, index: Int): Single<ByteArray>
     fun removeKeys(): Completable
-
-    fun removeKey(name: String): Completable
 }
 
 internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorage) : WalletStorage {
 
-    override fun createKey(passphrase: String?, name: String, isPrivate: Boolean): Completable = secureFileStorage.rxSingle { storage ->
-        storage.isExistingOnFilesDir(SEED_FILE_NAME) && storage.isExistingOnFilesDir(
-            SEED_PUBLIC_DATA_FILE_NAME
-        )
+    companion object {
+        const val SEED_FILE_NAME = "libauk_seed.dat"
+        const val ETH_KEY_INFO_FILE_NAME = "libauk_eth_key_info.dat"
     }
-        .map { isExisting ->
-            if (!isExisting) {
-                val mnemonic = generateMnemonic()
-                val entropy = MnemonicUtils.generateEntropy(mnemonic)
-                val seed = Seed(entropy, Date(), name, passphrase ?: "")
-                val seedPublicData = generateSeedPublicData(seed)
-                Pair(seed, seedPublicData)
-            } else {
-                throw Throwable("Wallet is already created!")
-            }
+
+    override fun createKey(passphrase: String?, name: String): Completable =
+        secureFileStorage.rxSingle { storage ->
+            storage.isExistingOnFilesDir(SEED_FILE_NAME) && storage.isExistingOnFilesDir(
+                ETH_KEY_INFO_FILE_NAME
+            )
         }
-        .flatMapCompletable { (seed, seedPublicData) ->
-            secureFileStorage.rxCompletable { storage ->
-                storage.writeOnFilesDir(
-                    SEED_FILE_NAME,
-                    newGsonInstance().toJson(seed).toByteArray(),
-                    isPrivate
-                )
-                storage.writeOnFilesDir(
-                    SEED_PUBLIC_DATA_FILE_NAME,
-                    newGsonInstance().toJson(seedPublicData).toByteArray(),
-                    false
-                )
+            .map { isExisting ->
+                if (!isExisting) {
+                    val mnemonic = generateMnemonic()
+                    val entropy = MnemonicUtils.generateEntropy(mnemonic)
+                    val seed = Seed(entropy, Date(), name, passphrase ?: "")
+
+                    val credential =
+                        Bip44WalletUtils.loadBip44Credentials(passphrase ?: "", mnemonic)
+
+                    val keyInfo = KeyInfo(credential.address, Date())
+                    Pair(seed, keyInfo)
+                } else {
+                    throw Throwable("Wallet is already created!")
+                }
+            }
+            .flatMapCompletable { (seed, keyInfo) ->
+                secureFileStorage.rxCompletable { storage ->
+                    storage.writeOnFilesDir(
+                        SEED_FILE_NAME,
+                        newGsonInstance().toJson(seed).toByteArray()
+                    )
+                    storage.writeOnFilesDir(
+                        ETH_KEY_INFO_FILE_NAME,
+                        newGsonInstance().toJson(keyInfo).toByteArray()
+                    )
+                }
             }
-        }
 
-    override fun importKey(words: List<String>, passphrase: String?, name: String, creationDate: Date?, isPrivate: Boolean): Completable =
-        isWalletCreated()
+    override fun importKey(
+        words: List<String>,
+        passphrase: String?,
+        name: String,
+        creationDate: Date?
+    ): Completable =
+        secureFileStorage.rxSingle { storage ->
+            storage.isExistingOnFilesDir(SEED_FILE_NAME) && storage.isExistingOnFilesDir(
+                ETH_KEY_INFO_FILE_NAME
+            )
+        }
             .map { isExisting ->
                 if (!isExisting) {
                     val mnemonic = words.joinToString(separator = " ")
                     val entropy = MnemonicUtils.generateEntropy(mnemonic)
                     val seed = Seed(entropy, Date(), name, passphrase ?: "")
-                    val seedPublicData = generateSeedPublicData(seed)
-                    Pair(seed, seedPublicData)
+
+                    val credential =
+                        Bip44WalletUtils.loadBip44Credentials(passphrase ?: "", mnemonic)
+                    val keyInfo = KeyInfo(credential.address, Date())
+                    Pair(seed, keyInfo)
                 } else {
                     throw Throwable("Wallet is already created!")
                 }
             }
-            .flatMapCompletable { (seed, seedPublicData) ->
+            .flatMapCompletable { (seed, keyInfo) ->
                 secureFileStorage.rxCompletable { storage ->
                     storage.writeOnFilesDir(
                         SEED_FILE_NAME,
-                        newGsonInstance().toJson(seed).toByteArray(),
-                        isPrivate
+                        newGsonInstance().toJson(seed).toByteArray()
                     )
                     storage.writeOnFilesDir(
-                        SEED_PUBLIC_DATA_FILE_NAME,
-                        newGsonInstance().toJson(seedPublicData).toByteArray(),
-                        false
+                        ETH_KEY_INFO_FILE_NAME,
+                        newGsonInstance().toJson(keyInfo).toByteArray()
                     )
                 }
             }
 
-    override fun exportSeed(withAuthentication: Boolean): Single<Seed> = if (withAuthentication) {
-        getSeed()
-    } else {
-        getSeedWithoutAuthentication()
-    }
-
     override fun isWalletCreated(): Single<Boolean> = secureFileStorage.rxSingle { storage ->
         storage.isExistingOnFilesDir(SEED_FILE_NAME) && storage.isExistingOnFilesDir(
-            SEED_PUBLIC_DATA_FILE_NAME
-        )
-    }
-
-    override fun generateSeedPublicData(seed: Seed) : SeedPublicData {
-        /* ethAddress */
-        val ethAddress = generateETHAddress(seed)
-
-        /* seed name */
-        val seedName = seed.name
-
-        /* accountDidKey */
-        val accountDID = generateAccountDID(seed)
-
-        val accountDidPrivateKey = Bip32ECKeyPair.generateKeyPair(seed.data)
-
-        /* pre-generate 100 eth addresses */
-        val preGenerateEthAddresses = preGenerateETHAddresses(seed, 0, PRE_GENERATE_ADDRESS_LIMIT)
-
-        val preGenerateTezosAddresses = preGenerateTezosAddresses(seed, 0, PRE_GENERATE_ADDRESS_LIMIT)
-
-        /* encrytion private key */
-        val encryptionPrivateKey = generateEncryptKey(seed)
-
-        /* tezos public keys */
-        val preGenerateTezosPublicKeys = generateTezosPublicKeys(seed, 0, PRE_GENERATE_ADDRESS_LIMIT)
-
-        return SeedPublicData(
-            ethAddress,
-            Date(),
-            seedName,
-            accountDID,
-            preGenerateEthAddresses,
-            preGenerateTezosAddresses,
-            preGenerateTezosPublicKeys,
-            encryptionPrivateKey,
-            accountDidPrivateKey.privateKey,
-            accountDidPrivateKey.chainCode
+            ETH_KEY_INFO_FILE_NAME
         )
     }
 
-    private fun getSeedPublicData(): Single<SeedPublicData> =
-        secureFileStorage.readOnFilesDir(SEED_PUBLIC_DATA_FILE_NAME).map { json ->
-            try{
-            val seedPublicData = newGsonInstance().fromJson<SeedPublicData>(String(json))
-            seedPublicData
-            } catch (e: Exception) {
-                throw Throwable("Failed to get seedPublicData")
-        }
+    override fun getName(): Single<String> = secureFileStorage.rxSingle { storage ->
+        val json = storage.readOnFilesDir(SEED_FILE_NAME)
+        val seed = newGsonInstance().fromJson<Seed>(String(json))
+        seed.name
     }
 
-    private fun getSeed(): Single<Seed> = secureFileStorage.readOnFilesDir(SEED_FILE_NAME).map { json ->
-        newGsonInstance().fromJson<Seed>(String(json))
-    }
+    override fun updateName(name: String): Completable =
+        secureFileStorage.rxCompletable { storage ->
+            val json = storage.readOnFilesDir(SEED_FILE_NAME)
+            val seed = newGsonInstance().fromJson<Seed>(String(json))
 
-    private fun getSeedWithoutAuthentication(): Single<Seed> = Single.fromCallable(
-        {secureFileStorage.readOnFilesDirWithoutAuthentication(SEED_FILE_NAME)}
-    ).map { json ->
-        newGsonInstance().fromJson<Seed>(String(json))
-    }
+            seed.name = name
 
-    override fun getName(): Single<String> = getSeedPublicData()
-        .map { seedPublicData ->
-            // Process seedPublicData and extract the name
-            seedPublicData.name ?: ""
-        }
-        .onErrorResumeNext { error ->
-            Single.fromCallable { ""  }
+            storage.writeOnFilesDir(
+                SEED_FILE_NAME,
+                newGsonInstance().toJson(seed).toByteArray()
+            )
         }
 
-    private fun generateAccountDID(walletSeed: Seed) : String {
-        val mnemonic = MnemonicUtils.generateMnemonic(walletSeed.data)
-
-        val seed = MnemonicUtils.generateSeed(mnemonic, walletSeed.passphrase ?: "")
+    override fun getAccountDID(): Single<String> = secureFileStorage.rxSingle { storage ->
+        val seed = getWalletSeed(storage);
         val masterKeypair = Bip32ECKeyPair.generateKeyPair(seed)
         val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, ACCOUNT_DERIVATION_PATH)
+
         val prefix: ByteArray = listOf(231, 1).map { it.toByte() }.toByteArray()
         val compressedPubKey = compressPubKey(bip44Keypair.publicKey)
-        return "did:key:z${Base58.BASE_58.encode(prefix + compressedPubKey.hexStringToByteArray())}"
+        "did:key:z${Base58.BASE_58.encode(prefix + compressedPubKey.hexStringToByteArray())}"
     }
 
-    override fun getAccountDID(): Single<String> = getSeedPublicData()
-        .map { seedPublicData ->
-            // Process seedPublicData and extract the accountDID
-            seedPublicData.did
-        }
-        .onErrorResumeNext {
-            getSeed().map { seed ->
-                generateAccountDID(seed)
-            }
-        }
+    override fun getAccountDIDSignature(message: String): Single<String> =
+        secureFileStorage.rxSingle { storage ->
+            val seed = getWalletSeed(storage);
+            val masterKeypair = Bip32ECKeyPair.generateKeyPair(seed)
+            val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, ACCOUNT_DERIVATION_PATH)
 
-    override fun getAccountDIDSignature(message: String): Single<String> {
-        return getSeedPublicData().map { seedPublicData ->
-            try {
-                seedPublicData.getAccountDIDPrivateKey()
-            } catch (e: Exception) {
-                throw Throwable("Failed to get accountDIDPrivateKey")
-            }
-        }.onErrorResumeNext { error ->
-            getSeed().map { seed ->
-                Bip32ECKeyPair.generateKeyPair(seed.data)
-            }}
-            .map { masterKeypair ->
-                val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, ACCOUNT_DERIVATION_PATH)
-
-                val sigData = Sign.signMessage(
-                    Sha256.hash(message.toByteArray(Charsets.UTF_8)),
-                    bip44Keypair,
-                    false
-                )
-                derSignature(sigData)
-            }
-    }
-
-    private fun generateETHAddress(seed: Seed): String
-    {
-        val mnemonic = MnemonicUtils.generateMnemonic(seed.data)
-        val credential = Bip44WalletUtils.loadBip44Credentials(seed.passphrase ?: "", mnemonic)
-        return credential.address
-    }
-
-     override fun getETHAddress(): Single<String> = getSeedPublicData()
-        .map { seedPublicData ->
-            // Process seedPublicData and extract the ethAddress
-            seedPublicData.ethAddress
-        }
-        .onErrorResumeNext { error ->
-            getSeed().map { seed ->
-                generateETHAddress(seed)
-            }
-        }
+            val sigData = Sign.signMessage(
+                Sha256.hash(message.toByteArray(Charsets.UTF_8)),
+                bip44Keypair,
+                false
+            )
 
-    private fun preGenerateETHAddresses(seed: Seed, start: Int, end: Int): Map<Int, String>
-    {
-        val addresses = mutableMapOf<Int, String>()
-        for (i in start until end) {
-            val credential = generateETHCredentialWithIndex(seed, i)
-            addresses[i] = credential.address
+            derSignature(sigData)
         }
-        return addresses
-    }
 
-    private fun preGenerateTezosAddresses(seed: Seed, start: Int, end: Int): Map<Int, String>
-    {
-        val addresses = mutableMapOf<Int, String>()
-        for (i in start until end) {
-            val wallet = getTezosWalletWithIndexFromSeed(seed, i)
-            addresses[i] = wallet.publicKey.base58Representation
-        }
-        return addresses
+    override fun getETHAddress(): Single<String> = secureFileStorage.rxSingle { storage ->
+        val json = storage.readOnFilesDir(ETH_KEY_INFO_FILE_NAME)
+        val keyInfo = newGsonInstance().fromJson<KeyInfo>(String(json))
+        keyInfo.ethAddress
     }
 
     override fun getETHAddressWithIndex(index: Int): Single<String> =
-        getSeedPublicData()
-            .map { seedPublicData ->
-                // Process seedPublicData and extract the ethAddress with index
-                val address = seedPublicData.preGenerateEthAddresses[index]
-                if (address.isNullOrEmpty()) {
-                    throw Throwable("Failed to get ethAddress with index: $index")
-                } else {
-                    address
-                }
-            }.onErrorResumeNext { _ ->
-                createETHCredentialWithIndex(index).map { credential ->
-                    credential.address
-                }
-            }
+        secureFileStorage.rxSingle { storage ->
+            val credential = createETHCredentialWithIndex(storage, index)
+            credential.address
+        }
 
     override fun ethSignMessage(
         message: ByteArray,
         needToHash: Boolean
-    ): Single<Sign.SignatureData> {
-        return getSeed().map { seed ->
+    ): Single<Sign.SignatureData> =
+        secureFileStorage.rxSingle { storage ->
+            val json = storage.readOnFilesDir(SEED_FILE_NAME)
+            val seed = newGsonInstance().fromJson<Seed>(String(json))
             val mnemonic = MnemonicUtils.generateMnemonic(seed.data)
             val credential =
                 Bip44WalletUtils.loadBip44Credentials(seed.passphrase ?: "", mnemonic)
 
             Sign.signMessage(message, credential.ecKeyPair, needToHash)
         }
-    }
 
     override fun ethSignMessageWithIndex(
         message: ByteArray,
         needToHash: Boolean,
         index: Int
     ): Single<Sign.SignatureData> =
-        createETHCredentialWithIndex(index).map { credential ->
+        secureFileStorage.rxSingle { storage ->
+            val credential = createETHCredentialWithIndex(storage, index)
             Sign.signMessage(message, credential.ecKeyPair, needToHash)
         }
 
-    override fun ethSignTransaction(transaction: RawTransaction, chainId: Long): Single<ByteArray> {
-        return getSeed().map { seed ->
+    override fun ethSignTransaction(transaction: RawTransaction, chainId: Long): Single<ByteArray> =
+        secureFileStorage.rxSingle { storage ->
+            val json = storage.readOnFilesDir(SEED_FILE_NAME)
+            val seed = newGsonInstance().fromJson<Seed>(String(json))
             val mnemonic = MnemonicUtils.generateMnemonic(seed.data)
             val credential =
                 Bip44WalletUtils.loadBip44Credentials(seed.passphrase ?: "", mnemonic)
             TransactionEncoder.signMessage(transaction, chainId, credential)
         }
-    }
 
     override fun ethSignTransactionWithIndex(
         transaction: RawTransaction,
         chainId: Long,
         index: Int
     ): Single<ByteArray> =
-        createETHCredentialWithIndex(index).map { credential ->
+        secureFileStorage.rxSingle { storage ->
+            val credential = createETHCredentialWithIndex(storage, index)
             TransactionEncoder.signMessage(transaction, chainId, credential)
         }
 
-    override fun readOnFilesDir(name: String): Single<ByteArray> {
-        return secureFileStorage.readOnFilesDir(name)
-    }
-
-    override fun writeOnFilesDir(name: String, data: ByteArray, isPrivate: Boolean){
-        secureFileStorage.writeOnFilesDir(name, data, isPrivate)
-    }
-
-    private fun generateEncryptKey(walletSeed: Seed): ByteArray {
-        val mnemonic = MnemonicUtils.generateMnemonic(walletSeed.data)
-        val seed = MnemonicUtils.generateSeed(mnemonic, walletSeed.passphrase ?: "")
-        val masterKeypair = Bip32ECKeyPair.generateKeyPair(seed)
-        val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, ENCRYPT_KEY_DERIVATION_PATH)
-        return Numeric.toBytesPadded(bip44Keypair.privateKey, 32)
-    }
     private fun getEncryptKey(usingLegacy: Boolean = false): Single<ByteArray> {
-        return getSeedPublicData().map { seedPublicData ->
-            seedPublicData.encryptionPrivateKey
-        }.onErrorResumeNext { error ->
-            getSeed().map { seed ->
-                generateEncryptKey(seed)
-            }
-        }
-            .map {
+        return secureFileStorage.rxSingle { storage ->
+            val seed = getWalletSeed(storage)
+            val masterKeypair = Bip32ECKeyPair.generateKeyPair(seed)
+            val bip44Keypair =
+                Bip32ECKeyPair.deriveKeyPair(masterKeypair, ENCRYPT_KEY_DERIVATION_PATH)
+            val bytes = Numeric.toBytesPadded(bip44Keypair.privateKey, 32)
+
             if (usingLegacy) {
-                it
+                bytes
             } else {
-                HKDF.fromHmacSha256().extractAndExpand(ByteArray(0), it, null, 32)
+                HKDF.fromHmacSha256().extractAndExpand(ByteArray(0), bytes, null, 32)
             }
         }
     }
 
+    private fun getWalletSeed(storage: SecureFileStorage): ByteArray {
+        val json = storage.readOnFilesDir(SEED_FILE_NAME)
+        val seed = newGsonInstance().fromJson<Seed>(String(json))
+        val mnemonic = MnemonicUtils.generateMnemonic(seed.data)
+        return MnemonicUtils.generateSeed(mnemonic, seed.passphrase ?: "")
+    }
+
     private fun getNonce(): ByteArray {
         val nonce = ByteArray(12)
         SecureRandom().nextBytes(nonce)
@@ -446,68 +330,47 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
             Completable.complete()
         }
     }
-    override fun exportMnemonicPassphrase(): Single<String> = getSeed().map { seed ->
+
+    override fun exportMnemonicPassphrase(): Single<String> = secureFileStorage.rxSingle { storage ->
+        val json = storage.readOnFilesDir(SEED_FILE_NAME)
+        val seed = newGsonInstance().fromJson<Seed>(String(json))
         seed.passphrase ?: ""
     }
 
-    override fun exportMnemonicWords(): Single<String> {
-        return getSeed().map { seed ->
-            MnemonicUtils.generateMnemonic(seed.data)
-        }
+    override fun exportMnemonicWords(): Single<String> = secureFileStorage.rxSingle { storage ->
+        val json = storage.readOnFilesDir(SEED_FILE_NAME)
+        val seed = newGsonInstance().fromJson<Seed>(String(json))
+        MnemonicUtils.generateMnemonic(seed.data)
     }
 
-    private fun exportMnemonicWordsToBackup(): Single<String> {
-        return getSeedWithoutAuthentication().map { seed ->
-            MnemonicUtils.generateMnemonic(seed.data)
-        }
+    private fun getTezosWallet(): Single<HDWallet> = secureFileStorage.rxSingle { storage ->
+        val json = storage.readOnFilesDir(SEED_FILE_NAME)
+        val seed = newGsonInstance().fromJson<Seed>(String(json))
+        val mnemonic = MnemonicUtils.generateMnemonic(seed.data);
+        Pair(mnemonic, seed.passphrase)
+    }.map { (mnemonic, passphrase) ->
+        HDWallet(mnemonic.split(" "), passphrase = passphrase);
     }
 
-    private fun getTezosWallet(): Single<HDWallet> {
-        return getSeed().map { seed ->
+    private fun getTezosWalletWithIndex(index: Int): Single<HDWallet> =
+        secureFileStorage.rxSingle { storage ->
+            val json = storage.readOnFilesDir(SEED_FILE_NAME)
+            val seed = newGsonInstance().fromJson<Seed>(String(json))
             val mnemonic = MnemonicUtils.generateMnemonic(seed.data);
             Pair(mnemonic, seed.passphrase)
         }.map { (mnemonic, passphrase) ->
-            HDWallet(mnemonic.split(" "), passphrase = passphrase);
+            val path = "m/44\'/1729\'/${index}\'/0\'"
+            HDWallet(mnemonic.split(" "), derivationPath = path, passphrase = passphrase);
         }
-    }
 
-    private fun getTezosWalletWithIndex(index: Int): Single<HDWallet> {
-        return getSeed().map { seed ->
-            getTezosWalletWithIndexFromSeed(seed, index)
-        }
-    }
-
-    private fun getTezosWalletWithIndexFromSeed(seed: Seed, index: Int): HDWallet {
-        val mnemonic = MnemonicUtils.generateMnemonic(seed.data)
-        val path = "m/44\'/1729\'/${index}\'/0\'"
-        return HDWallet(mnemonic.split(" "), derivationPath = path, passphrase = seed.passphrase)
-    }
-
-    private fun generateTezosPublicKeys(walletSeed: Seed, start: Int, end: Int): Map<Int, String> {
-        val publicKeys = mutableMapOf<Int, String>()
-        for (i in start until end) {
-            val path = "m/44\'/1729\'/${i}\'/0\'"
-            val wallet = HDWallet(MnemonicUtils.generateMnemonic(walletSeed.data).split(" "), derivationPath = path, passphrase = walletSeed.passphrase)
-            publicKeys[i] = wallet.publicKey.base58Representation
-        }
-        return publicKeys
+    override fun getTezosPublicKey(): Single<String> = getTezosWallet().map {
+        it.publicKey.base58Representation
     }
 
     override fun getTezosPublicKeyWithIndex(index: Int): Single<String> =
-        getSeedPublicData().map {
-            val address = it.preGenerateTezosPublicKeys[index]
-            if (address.isNullOrEmpty()) {
-                throw Throwable("Failed to get tezosPublicKey with index: $index")
-            } else {
-                address
-            }
-        }.onErrorResumeNext(
-            getSeed().map { seed ->
-                val wallet = getTezosWalletWithIndexFromSeed(seed, index)
-                val publicKey = wallet.publicKey.base58Representation
-                publicKey
-            }
-        )
+        getTezosWalletWithIndex(index).map {
+            it.publicKey.base58Representation
+        }
 
     override fun tezosSignMessage(message: ByteArray): Single<ByteArray> = getTezosWallet().map {
         val hashedMessage = SodiumFacade.hash(message, 32)
@@ -534,7 +397,11 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
             PrivateKey(it.secretKey.encoded).sign(bytesToSign, Curve.ED25519)
         }
 
-    override fun removeKeys(): Completable = isWalletCreated()
+    override fun removeKeys(): Completable = secureFileStorage.rxSingle { storage ->
+        storage.isExistingOnFilesDir(SEED_FILE_NAME) && storage.isExistingOnFilesDir(
+            ETH_KEY_INFO_FILE_NAME
+        )
+    }
         .map { isExisting ->
             if (isExisting) {
                 true
@@ -545,14 +412,10 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
         .flatMapCompletable {
             secureFileStorage.rxCompletable { storage ->
                 storage.deleteOnFilesDir(SEED_FILE_NAME)
-                storage.deleteOnFilesDir(SEED_PUBLIC_DATA_FILE_NAME)
+                storage.deleteOnFilesDir(ETH_KEY_INFO_FILE_NAME)
             }
         }
 
-    override fun removeKey(name: String): Completable = secureFileStorage.rxCompletable { storage ->
-        storage.deleteOnFilesDir(name)
-    }
-
     private fun generateMnemonic(): String {
         val initialEntropy = ByteArray(16)
         SecureRandom().nextBytes(initialEntropy)
@@ -603,10 +466,9 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
         return derBytes.toHexString()
     }
 
-    private fun generateETHCredentialWithIndex(seed: Seed, index: Int): Credentials {
-        val mnemonic = MnemonicUtils.generateMnemonic(seed.data)
-        val seedB = MnemonicUtils.generateSeed(mnemonic, seed.passphrase ?: "")
-        val masterKeypair = Bip32ECKeyPair.generateKeyPair(seedB)
+    private fun createETHCredentialWithIndex(storage: SecureFileStorage, index: Int): Credentials {
+        val seed = getWalletSeed(storage)
+        val masterKeypair = Bip32ECKeyPair.generateKeyPair(seed)
         val path = intArrayOf(
             44 or Bip32ECKeyPair.HARDENED_BIT,
             60 or Bip32ECKeyPair.HARDENED_BIT,
@@ -617,10 +479,4 @@ internal class WalletStorageImpl(private val secureFileStorage: SecureFileStorag
         val bip44Keypair = Bip32ECKeyPair.deriveKeyPair(masterKeypair, path)
         return Credentials.create(bip44Keypair)
     }
-
-    private fun createETHCredentialWithIndex(index: Int): Single<Credentials> {
-        return getSeed().map {seed ->
-            generateETHCredentialWithIndex(seed, index)
-        }
-    }
 }
\ No newline at end of file
diff --git a/libauk/src/main/java/com/bitmark/libauk/util/BiometricUtil.kt b/libauk/src/main/java/com/bitmark/libauk/util/BiometricUtil.kt
deleted file mode 100644
index d24ab22..0000000
--- a/libauk/src/main/java/com/bitmark/libauk/util/BiometricUtil.kt
+++ /dev/null
@@ -1,80 +0,0 @@
-package com.bitmark.libauk.util
-
-import android.content.Context
-import androidx.annotation.UiThread
-import androidx.annotation.WorkerThread
-import androidx.biometric.BiometricPrompt
-import androidx.core.content.ContextCompat
-import androidx.fragment.app.FragmentActivity
-import com.bitmark.libauk.storage.SEED_FILE_NAME
-import io.reactivex.Single
-import io.reactivex.subjects.PublishSubject
-
-class BiometricUtil {
-    companion object {
-
-        fun isAuthenReuired(fileNames: List<String>, context: Context): Boolean {
-            return fileNames.any { it.contains(SEED_FILE_NAME) } && isDevicePasscodeEnabled(context)
-        }
-
-        private fun isDevicePasscodeEnabled(context: Context): Boolean {
-            val sharedPreferences = context.getSharedPreferences(
-                "FlutterSharedPreferences",
-                Context.MODE_PRIVATE
-            )
-
-            return sharedPreferences.getBoolean("flutter.device_passcode", false)
-        }
-
-        @UiThread
-        fun <T : Any> withAuthenticate(
-            activity: FragmentActivity,
-            onAuthenticationSucceeded: (BiometricPrompt.AuthenticationResult) -> T,
-            onAuthenticationFailed: () -> T,
-            onAuthenticationError: (Int, CharSequence) -> T
-        ): Single<T> {
-            val subject = PublishSubject.create<T>()
-            val executor = ContextCompat.getMainExecutor(activity)
-            val biometricPrompt = BiometricPrompt(
-                activity,
-                executor,
-                object : BiometricPrompt.AuthenticationCallback() {
-                    override fun onAuthenticationSucceeded(result: BiometricPrompt.AuthenticationResult) {
-                        try{
-                            val data = onAuthenticationSucceeded(result)
-                            subject.onNext(data)
-                        } catch (e: Exception) {
-                            subject.onError(e)
-                        }
-                    }
-
-                    override fun onAuthenticationFailed() {
-                        onAuthenticationFailed()
-                    }
-
-                    override fun onAuthenticationError(
-                        errorCode: Int,
-                        errString: CharSequence
-                    ) {
-                        try{
-                            val data = onAuthenticationError(errorCode, errString)
-                            subject.onNext(data)
-                        } catch (e: Exception) {
-                            subject.onError(e)
-                        }
-                    }
-                }
-            )
-
-            val promptInfoBuilder = BiometricPrompt.PromptInfo.Builder()
-                .setTitle("Authenticate")
-                .setSubtitle("Authenticate to access the data")
-                .setNegativeButtonText("Cancel")
-
-            val promptInfo = promptInfoBuilder.build()
-            biometricPrompt.authenticate(promptInfo)
-
-            return subject.firstOrError()
-        }
-    }
-}
\ No newline at end of file
diff --git a/libauk/src/main/java/com/bitmark/libauk/util/SecurityFile.kt b/libauk/src/main/java/com/bitmark/libauk/util/SecurityFile.kt
deleted file mode 100644
index b295d94..0000000
--- a/libauk/src/main/java/com/bitmark/libauk/util/SecurityFile.kt
+++ /dev/null
@@ -1,47 +0,0 @@
-package com.bitmark.libauk.util
-
-import android.content.Context
-import androidx.fragment.app.FragmentActivity
-import com.bitmark.libauk.storage.SecureFileStorageImpl
-import io.reactivex.Single
-import java.io.File
-import java.util.UUID
-
-class SecurityFileUtil {
-    fun readAllFiles(context: Context, nameFilterFunc: (String) -> Boolean): Single<Map<String, ByteArray>> {
-        val map = mutableMapOf<String, ByteArray>()
-        val listFileName = context.filesDir.list()
-        val isAuthenRequired = BiometricUtil.isAuthenReuired(listFileName.toList(), context)
-        val readFunc: (File) -> ByteArray? = { file ->
-            if (nameFilterFunc(file.name)) {
-                val uuid = file.name.substringBefore("-")
-                SecureFileStorageImpl(
-                    context,
-                    UUID.fromString(uuid)
-                ).readOnFilesDirWithoutAuthentication(file.name)
-            }
-            else{
-                null
-            }
-        }
-        if (isAuthenRequired) {
-            BiometricUtil.withAuthenticate(
-                activity = context as FragmentActivity,
-                onAuthenticationSucceeded = { result ->
-                    context.filesDir.listFiles()?.forEach { file ->
-                        readFunc(file)?.also { map[file.name] = it }
-                    }
-                    map
-                },
-                onAuthenticationError = { _, _ -> map },
-                onAuthenticationFailed = { map }
-            )
-        }
-        return Single.fromCallable {
-            context.filesDir.listFiles()?.forEach { file ->
-                readFunc(file)?.also { map[file.name] = it }
-            }
-            map
-        }
-    }
-}
\ No newline at end of file
diff --git a/libauk/src/test/java/com/bitmark/libauk/storage/WalletStorageUnitTest.kt b/libauk/src/test/java/com/bitmark/libauk/storage/WalletStorageUnitTest.kt
index d80ded2..628451a 100644
--- a/libauk/src/test/java/com/bitmark/libauk/storage/WalletStorageUnitTest.kt
+++ b/libauk/src/test/java/com/bitmark/libauk/storage/WalletStorageUnitTest.kt
@@ -1,9 +1,9 @@
 package com.bitmark.libauk.storage
 
+import com.bitmark.libauk.model.KeyInfo
 import com.bitmark.libauk.model.Seed
 import com.bitmark.libauk.util.newGsonInstance
 import com.nhaarman.mockitokotlin2.*
-import io.reactivex.Single
 import org.junit.Before
 import org.junit.Test
 import org.web3j.crypto.MnemonicUtils
@@ -23,28 +23,28 @@ class WalletStorageUnitTest {
 
     @Test
     fun createKey() {
-        given(secureFileStorage.isExistingOnFilesDir(SEED_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
             false
         )
-        given(secureFileStorage.isExistingOnFilesDir(ETH_KEY_INFO_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
             false
         )
-        doNothing().`when`(secureFileStorage).writeOnFilesDir(any(), any(), any())
+        doNothing().`when`(secureFileStorage).writeOnFilesDir(any(), any())
 
-        walletStorage.createKey(name = "Hello", passphrase = "", isPrivate = true).test()
+        walletStorage.createKey(name = "Hello", passphrase = "").test()
             .assertComplete()
     }
 
     @Test
     fun createKeyExistingError() {
-        given(secureFileStorage.isExistingOnFilesDir(SEED_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
             true
         )
-        given(secureFileStorage.isExistingOnFilesDir(ETH_KEY_INFO_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
             true
         )
 
-        walletStorage.createKey(name = "Hello", passphrase = "", isPrivate = true)
+        walletStorage.createKey(name = "Hello", passphrase = "")
             .test()
             .assertError {
                 it.message == "Wallet is already created!"
@@ -53,33 +53,69 @@ class WalletStorageUnitTest {
 
     @Test
     fun importKey() {
-        val words = listOf("victory", "fatigue", "diet", "funny", "senior", "coral", "motion", "canal", "leg", "elite", "hen", "model")
+        val words = listOf(
+            "victory",
+            "fatigue",
+            "diet",
+            "funny",
+            "senior",
+            "coral",
+            "motion",
+            "canal",
+            "leg",
+            "elite",
+            "hen",
+            "model"
+        )
 
-        given(secureFileStorage.isExistingOnFilesDir(SEED_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
             false
         )
-        given(secureFileStorage.isExistingOnFilesDir(ETH_KEY_INFO_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
             false
         )
-        doNothing().`when`(secureFileStorage).writeOnFilesDir(any(), any(), any())
+        doNothing().`when`(secureFileStorage).writeOnFilesDir(any(), any())
 
-        walletStorage.importKey(words = words, passphrase = "", name = "Hello", creationDate = Date(), isPrivate = true)
+        walletStorage.importKey(
+            words = words,
+            passphrase = "",
+            name = "Hello",
+            creationDate = Date()
+        )
             .test()
             .assertComplete()
     }
 
     @Test
     fun importKeyExistingError() {
-        val words = listOf("victory", "fatigue", "diet", "funny", "senior", "coral", "motion", "canal", "leg", "elite", "hen", "model")
+        val words = listOf(
+            "victory",
+            "fatigue",
+            "diet",
+            "funny",
+            "senior",
+            "coral",
+            "motion",
+            "canal",
+            "leg",
+            "elite",
+            "hen",
+            "model"
+        )
 
-        given(secureFileStorage.isExistingOnFilesDir(SEED_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
             true
         )
-        given(secureFileStorage.isExistingOnFilesDir(ETH_KEY_INFO_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
             true
         )
 
-        walletStorage.importKey(words = words, passphrase = "", name = "Hello", creationDate = Date(), isPrivate = true)
+        walletStorage.importKey(
+            words = words,
+            passphrase = "",
+            name = "Hello",
+            creationDate = Date()
+        )
             .test()
             .assertError {
                 it.message == "Wallet is already created!"
@@ -88,10 +124,10 @@ class WalletStorageUnitTest {
 
     @Test
     fun isWalletCreated() {
-        given(secureFileStorage.isExistingOnFilesDir(SEED_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
             true
         )
-        given(secureFileStorage.isExistingOnFilesDir(ETH_KEY_INFO_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
             true
         )
 
@@ -105,11 +141,11 @@ class WalletStorageUnitTest {
     fun getAccountDID() {
         val words = "daring mix cradle palm crowd sea observe whisper rubber either uncle oak"
         val entropy = MnemonicUtils.generateEntropy(words)
-        val seed = Seed(entropy, Date(), "Test", passphrase = "")
+        val seed = Seed(entropy, Date(), "Test", "")
         val seedString = newGsonInstance().toJson(seed)
 
-        given(secureFileStorage.readOnFilesDir(SEED_FILE_NAME)).willReturn(
-            Single.just(seedString.toByteArray())
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+            seedString.toByteArray()
         )
 
         walletStorage.getAccountDID()
@@ -122,11 +158,11 @@ class WalletStorageUnitTest {
     fun getAccountDIDSignature() {
         val words = "daring mix cradle palm crowd sea observe whisper rubber either uncle oak"
         val entropy = MnemonicUtils.generateEntropy(words)
-        val seed = Seed(entropy, Date(), "Test", passphrase = "")
+        val seed = Seed(entropy, Date(), "Test", "")
         val seedString = newGsonInstance().toJson(seed)
 
-        given(secureFileStorage.readOnFilesDir(SEED_FILE_NAME)).willReturn(
-            Single.just(seedString.toByteArray())
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+            seedString.toByteArray()
         )
 
         walletStorage.getAccountDIDSignature("hello")
@@ -137,30 +173,29 @@ class WalletStorageUnitTest {
 
     @Test
     fun getETHAddress() {
-        val words = "victory fatigue diet funny senior coral motion canal leg elite hen model"
-        val entropy = MnemonicUtils.generateEntropy(words)
-        val seed = Seed(entropy, Date(), "Test", passphrase = "")
-        val seedString = newGsonInstance().toJson(seed)
+        val ethAddress = "0x79a633e7d70e1676b5884a027a485aae4bd46136"
+        val keyInfo = KeyInfo(ethAddress, Date())
+        val keyInfoString = newGsonInstance().toJson(keyInfo)
 
-        given(secureFileStorage.readOnFilesDir(SEED_FILE_NAME)).willReturn(
-            Single.just(seedString.toByteArray())
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
+            keyInfoString.toByteArray()
         )
 
         walletStorage.getETHAddress()
             .test()
             .assertComplete()
-            .assertResult("0x647ae57a3f1b6acaa02a4aa58ae6ccf8d3dba766")
+            .assertResult(ethAddress)
     }
 
     @Test
     fun getETHAddressWithIndex() {
         val words = "victory fatigue diet funny senior coral motion canal leg elite hen model"
         val entropy = MnemonicUtils.generateEntropy(words)
-        val seed = Seed(entropy, Date(), "Test", passphrase = "")
+        val seed = Seed(entropy, Date(), "Test", "")
         val seedString = newGsonInstance().toJson(seed)
 
-        given(secureFileStorage.readOnFilesDir(SEED_FILE_NAME)).willReturn(
-            Single.just(seedString.toByteArray())
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+            seedString.toByteArray()
         )
 
         walletStorage.getETHAddressWithIndex(1)
@@ -173,11 +208,11 @@ class WalletStorageUnitTest {
     fun signPersonalMessage() {
         val words = "victory fatigue diet funny senior coral motion canal leg elite hen model"
         val entropy = MnemonicUtils.generateEntropy(words)
-        val seed = Seed(entropy, Date(), "Test", passphrase = "")
+        val seed = Seed(entropy, Date(), "Test", "")
         val seedString = newGsonInstance().toJson(seed)
 
-        given(secureFileStorage.readOnFilesDir(SEED_FILE_NAME)).willReturn(
-            Single.just(seedString.toByteArray())
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+            seedString.toByteArray()
         )
 
         walletStorage.ethSignMessage("hello".toByteArray(), true)
@@ -189,11 +224,11 @@ class WalletStorageUnitTest {
     fun signTransaction() {
         val words = "victory fatigue diet funny senior coral motion canal leg elite hen model"
         val entropy = MnemonicUtils.generateEntropy(words)
-        val seed = Seed(entropy, Date(), "Test", passphrase = "")
+        val seed = Seed(entropy, Date(), "Test", "")
         val seedString = newGsonInstance().toJson(seed)
 
-        given(secureFileStorage.readOnFilesDir(SEED_FILE_NAME)).willReturn(
-            Single.just(seedString.toByteArray())
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+            seedString.toByteArray()
         )
 
         val transaction = RawTransaction.createEtherTransaction(
@@ -209,14 +244,31 @@ class WalletStorageUnitTest {
     }
 
     @Test
-    fun exportSeed() {
+    fun exportMnemonicPassphrase() {
+        val words = "victory fatigue diet funny senior coral motion canal leg elite hen model"
+        val passphrase = "passphrase1"
+        val entropy = MnemonicUtils.generateEntropy(words)
+        val seed = Seed(entropy, Date(), "Test", passphrase)
+        val seedString = newGsonInstance().toJson(seed)
+
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+            seedString.toByteArray()
+        )
+
+        walletStorage.exportMnemonicPassphrase()
+            .test()
+            .assertResult(passphrase)
+    }
+
+    @Test
+    fun exportMnemonicWords() {
         val words = "victory fatigue diet funny senior coral motion canal leg elite hen model"
         val entropy = MnemonicUtils.generateEntropy(words)
-        val seed = Seed(entropy, Date(), "Test", passphrase = "")
+        val seed = Seed(entropy, Date(), "Test", "")
         val seedString = newGsonInstance().toJson(seed)
 
-        given(secureFileStorage.readOnFilesDir(SEED_FILE_NAME)).willReturn(
-            Single.just(seedString.toByteArray())
+        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+            seedString.toByteArray()
         )
 
         walletStorage.exportMnemonicWords()
@@ -226,15 +278,33 @@ class WalletStorageUnitTest {
             )
     }
 
+//    @Test
+//    fun getTezosWallet() {
+//        val words = "victory fatigue diet funny senior coral motion canal leg elite hen model"
+//        val entropy = MnemonicUtils.generateEntropy(words)
+//        val seed = Seed(entropy, Date(), "Test")
+//        val seedString = newGsonInstance().toJson(seed)
+//
+//        given(secureFileStorage.readOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
+//            seedString.toByteArray()
+//        )
+//
+//        walletStorage.getTezosWallet()
+//            .test()
+//            .assertValue {
+//                it.mainAddress == "tz10000"
+//            }
+//    }
+
     @Test
     fun removeKeys() {
-        given(secureFileStorage.isExistingOnFilesDir(SEED_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
             true
         )
-        given(secureFileStorage.isExistingOnFilesDir(ETH_KEY_INFO_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
             true
         )
-        doNothing().`when`(secureFileStorage).writeOnFilesDir(any(), any(), any())
+        doNothing().`when`(secureFileStorage).writeOnFilesDir(any(), any())
 
         walletStorage.removeKeys()
             .test()
@@ -243,10 +313,10 @@ class WalletStorageUnitTest {
 
     @Test
     fun removeKeysError() {
-        given(secureFileStorage.isExistingOnFilesDir(SEED_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.SEED_FILE_NAME)).willReturn(
             false
         )
-        given(secureFileStorage.isExistingOnFilesDir(ETH_KEY_INFO_FILE_NAME)).willReturn(
+        given(secureFileStorage.isExistingOnFilesDir(WalletStorageImpl.ETH_KEY_INFO_FILE_NAME)).willReturn(
             false
         )