feat(taker): import seed

[holzeis]

• allows to import a seed from a file.
• only supports a 256 bytes seed file - umbrel seeds are actively rejected.
• splits the identity from the wallet seed for taker and maker.
• extended the wallet info event for a managed_wallet flag, indicating if the seed was externally provided or generated by ItchySats.
• creates an backup file of the old seed file before overwriting it with the imported one.

resolves #2989

see also #3048

[bonomat]

Had a quick look and added some comments. Will need to have a nother look though :)

[bonomat]

Given this test will run now regularly we should check if this seed indeed does not hold any Bitcoin 🤑

[holzeis]

@bonomat what do you have in mind exactly?

[bonomat]

I'm not sure this is a good idea: this will run an online test against testnet using public infrastructure.
Besides that it can have random side effects if the server is down, it might slow down our test executions.

Do you think we can use our test wallet for this?

[holzeis]

well.. we could do that, but I have the feeling we would very quickly end up with testing only test code. however, I can give it a try.

[holzeis]

@bonomat have a look at 01f62ef. It uses the test wallet now, and does not sync with electrum for balance, but I guess checking on the restored address is sufficient.

[luckysori]

Nice work!

I am mostly unsure about:

1. Importing leading to overwriting the current wallet seed.
2. The way we determine the environment.

[luckysori]

🙃 Since it's only used in one test I would just inline it.

[luckysori]

❓ Why can't it be a random seed with the right length?

[holzeis]

@luckysori I am asserting on the address. To ensure that from the same import seed we will always derive the same address. Before, it was also used to check the balance (it owns 0.001 btc)

[luckysori]

Do we need to assert on the address? Maybe it's enough to just check that it changes as that implies that a new wallet has been loaded.

[holzeis]

what benefits would we get by that - i feel like the test would be less effective without that assertion.

[luckysori]

I suppose it is valuable to check that importing a wallet is deterministic.

I would then suggest to move the expected seed into the specific test (I believe it is only used once). It's a bit noisy otherwise.

[luckysori]

❓ Why is this field an Option? I would expect to always be able to provide the database.

[holzeis]

@luckysori well, I don't like it either, but I didn't find a better way of doing it with the existing tests. Since the tests mainly use a MemoryDatabase, I do not have a Db available there. Do you have a suggestion?

[luckysori]

Hmm, I didn't come up with anything after some limited experimenting. I might come back to this later myself.

[holzeis]

@luckysori

I am mostly unsure about:

1. Importing leading to overwriting the current wallet seed.

I've committed a change 84a510c which will automatically copy the existing seed file into a backup file with the timestamp in its name. e.g. taker_seed.1666082503.back

2. The way we determine the environment.

Alternatively to the environment variable, I could make use of the app seed argument, meaning if the seed is provided from extern we are not managing it in terms of importing or exporting. This will then be reflect with a simple boolean.

e.g. something like that.

let managed_seed = match opts.app_seed {
    Some(_) => false,
    None => true,
};

I will wait for your feedback before implementing that path though, as I am not sure if this is a much better approach than the current one.

[luckysori]

Alternatively to the environment variable, I could make use of the app seed argument, meaning if the seed is provided from extern we are not managing it in terms of importing or exporting. This will then be reflect with a simple boolean.

e.g. something like that.

let managed_seed = match opts.app_seed {
    Some(_) => false,
    None => true,
};

I will wait for your feedback before implementing that path though, as I am not sure if this is a much better approach than the current one.

I think it is better to rely on the presence of the app seed argument, because that is the reason why importing (and perhaps even exporting?) a seed shouldn't be allowed. On the other hand, the environment variable was introduced for metrics.

What I also care about is disabling the route based on this information, rather than exposing an event via SSE that the client has to interpret. It removes an event that doesn't really belong there imo and it also means that the API is unavailable even if you don't go through the UI.

[holzeis]

What I also care about is disabling the route based on this information, rather than exposing an event via SSE that the client has to interpret. It removes an event that doesn't really belong there imo and it also means that the API is unavailable even if you don't go through the UI.

That's actually a very good point. I will adapt that - however i still need to transfer the information about the disabled import / export feature. I will implement it using the app seed argument. Thanks for the feedback!

[holzeis]

@luckysori have a look at a98bdb5.

I've introduced a managed_wallet flag and added it to the WalletInfo event. Additionally the export / import routes will only be added in case the wallet is managed. I like it much better now, wdyt?

[luckysori]

I've introduced a managed_wallet flag and added it to the WalletInfo event. Additionally the export / import routes will only be added in case the wallet is managed. I like it much better now, wdyt?

Nice work! I like it much better too. It makes sense for it to go with the WalletInfo event!

[luckysori]

Thanks for addressing my comments!

[holzeis]

Thanks for addressing my comments!

Thanks for taking the time and give me comments 🙂 👍

[holzeis]

bors r+

[bors]

Build succeeded:

• CI
• formatting
• lint-commits