* add --force to keys delete for unattended execution
Skip password check when --force is on and delete
keys unconditionally.
Closes: #2961
* Forcibly cleanup keys on fixtures initialization
* Force password to 'yes' when deleting ledger-offline keys
* Improve UX, better docs on removing offline/ledger keys
* Ask for confirmation on offline/ledger keys deletion
* crypto/keys/hd: use btcec to remove dep on tendermint
* crypto/keys/bcrypt: improve comment about fork
* crypto/keys/bip39 -> crypto/keys/bip39/fundraiser
* crypto/keys/bip39: bring in fork of tyler-smith
* crypto/keys/hd: update dep
* crypto/keys: update deps
* crypto/keys: move mintkey.go into new crypto/keys/mintkey
* crypto/keys/hd: NewParamsFromPath
* crypto/keys: keybase.Derive takes a bip39 passphrase too
* crypto/keys/hd: BIP44Params.DerivationPath
* gaiacli keys: add commands new and mnemonic
* fix lints
* minor fixes from review
* update Gopkg.toml
* add tendermint fork of golang.org/x/crypto
* pin some transitive deps
* crypto/keys/bcrypt: remove
* remove in favour of fork of golang.org/x/crypto/bcrypt at github.com/tendermint/crypto/bcrypt
* crypto/keys/bip39: remove completely
* use fork cosmos/go-bip39 instead
* Gopkg.toml: dont use master
* Pull in changes from my PR
* fixes from review
* enforce min len for --unsafe-entropy
* lint fix
* feedback from review
* fix dep
* Allow --from to be a name or an address
Closes#1735.
* Post-rebase fixes
* Updates from code review
* Updates from code review
* Updates from code review
* Fix merge artifacts
* Fix merge conflicts
* Fix integration tests
* Add back GetFromName() check broken during merge
* Code review updates
* Fix failing test
* Updates from code review
The new CLI flag builds an unsigned transaction and writes it to STDOUT.
Likewise, REST clients can now append generate_only=true to a request's
query arguments list and expect a JSON response carrying the unsigned
transaction.
Closes: #966
* Start upgrade. Currently go test ./... hangs.
* (squash this) Fix staking tests
* wip
* note what changes need to be made to make this work on tm v0.23.0
* Fix addr -> pubkey map
* cleanup code
* Fix slashing test failures except for begin blocker
* fix all slashing tests
* fix lcd tests
* Address PR comments
* add link to changelog.
* (wip) start making addrToPubkey map persisted. Since amino can't handle maps,
we have to change from what this commit is doing.
* Use the correct method of storing a map
* (squash this) address PR comments
* Did you run 'make'?
* remove gaiadebug binary
Currently the crypto/keys tests take 2 minutes in circle CI.
A significant portion of this time is due to the bcrypt security
parameter. Changing it for these tests should reduce the time significantly.
* Update to tendermint v0.22.6-rc0
This is comprised of updating the crypto imports / API
* (squash this) switch to v0.22.6
If this passes tests, I'll squash this commit and update the PR.
* tools: Ensure Gopkg.lock is correct in linting
This adds dep status to the lint process. Also fixes linting errors
that existed earlier. (not sure why they didn't show up on CI)
Closes#1574
* Update dep, use the lock file new dep version creates
This is done so that the time spent on bcrypt during test cases
can be reduced. This change reduces the amount of time lcd tests
spend on bcrypt from 76% to 40%. (We need to reduce the number of
calls to bcrypt in a seperate PR, along with fixing other sources
of slowness)
Making the bcrypt security parameter a var shouldn't be a security issue:
One can't verify an invalid key by maliciously changing the bcrypt
parameter during a runtime vulnerability. The main security
threat this then exposes would be something that changes this during
runtime before the user creates their key. This vulnerability must
succeed to update this to that same value before every subsequent call
to gaiacli keys in future startups / or the attacker must get access
to the filesystem. However, with this same threat model (changing
variables in runtime), one can cause the user to sign a different tx
than what they see, which is a significantly cheaper attack then breaking
a bcrypt hash. (Recall that the nonce still exists to break rainbow
tables)
Merges the keybase and Ledger code from go-crypto (which is no more) into the SDK
Adds support for Ledger into gaiacli
Cherry-picks updated error handling from #1158
Alessio Treglia
Alessio Treglia
Juan Leni
Alexander Bezobchuk
Christopher Goes
HaoyangLiu
Ethan Buchman
Matthew Slipper
Dev Ojha
Sunny Aggarwal
Aleksandr Bezobchuk
ValarDragon