Commit graph

35 commits

Author SHA1 Message Date
Daniel Krol
4f8a648cc4 Notes for auditor. 2022-07-22 16:37:27 -04:00
Daniel Krol
f10cc8aa26 Salt Seed, used to generate secrets on client 2022-07-21 19:10:16 -04:00
Daniel Krol
dbfdff167b Confirm scrypt parameters; remove comment 2022-07-13 06:44:42 -04:00
Daniel Krol
18e30bd6b1 Outdated comment; version is now in endpoint path 2022-07-08 13:17:44 -04:00
Daniel Krol
f9e3013e64 Test client: Don't allow password change if there are pending local wallet changes.
This is in line with:

https://github.com/orblivion/lbry-wallet-sync-draft/blob/master/spec/user-flows.md#push-local-password-change

This is the only rule we have to go out of our way to implement, and it's for UI simplicity, and/or to keep the hierarchy consistent. The rest of the rules you see there sort of automatically get enforced with the existing guardrails.
2022-07-08 12:55:57 -04:00
Daniel Krol
a9f88a552c Update test client README for change password 2022-07-07 12:33:45 -04:00
Daniel Krol
231cb1b79b Test client uses new password change endpoint 2022-07-06 17:55:15 -04:00
Daniel Krol
bb9b2b845e Rename some password variables 2022-06-27 21:16:07 -04:00
Daniel Krol
3d492d8b86 Update API: PostWallet no longer returns a wallet 2022-06-23 15:22:31 -04:00
Daniel Krol
cbcd629469 Switch to hashlib scrypt because it sounds less dangerous than "hazmat" 2022-06-22 16:46:21 -04:00
Daniel Krol
5c5b7b794c update scrypt params based on a stack overflow comment. still need to audit! 2022-06-22 12:02:48 -04:00
Daniel Krol
23bd804f97 API Version in the URL, not the payload. Duh. 2022-06-16 17:58:11 -04:00
Daniel Krol
2b60c1d5ac Proper hmac from what I can tell 2022-06-16 17:21:57 -04:00
Daniel Krol
0969860290 Comment 2022-06-16 17:14:27 -04:00
Daniel Krol
e2a4e18a43 Proper KDF, though I need to tweak parameters 2022-06-16 17:06:55 -04:00
Daniel Krol
5d14041c86 Always sleep after set_preference for gen-readme.py 2022-06-16 16:14:57 -04:00
Daniel Krol
64dfae6637 CURRENT_VERSION -> WalletSync.API_VERSION 2022-06-16 14:11:11 -04:00
Daniel Krol
027e0eadf6 Allow client to communicate with either local server or dev.lbry.id 2022-06-16 11:46:29 -04:00
Daniel Krol
21c1ed01de Update README! 2022-06-15 22:24:23 -04:00
Daniel Krol
64597dcc42 Specify wallet for set/get preferences. Add comment. 2022-06-15 22:21:00 -04:00
Daniel Krol
1f5a78717d gitignores 2022-06-15 16:14:19 -04:00
Daniel Krol
2628ec7e5f Update test client to use SDK. 2022-06-14 17:28:19 -04:00
Daniel Krol
f31135dd8e Fix derived keys 2022-06-14 10:59:15 -04:00
Daniel Krol
18af5e65de Throw exception from SDK API 2022-06-14 10:58:45 -04:00
Daniel Krol
ad1864e431 Simple interface to LBRY SDK 2022-06-13 20:42:56 -04:00
Daniel Krol
d699e718dc Cooler fake derivation functions 2022-06-12 20:51:09 -04:00
Daniel Krol
729ec3050d wallet_state -> synced_wallet_state. fix for update_wallet 2022-06-12 20:37:18 -04:00
Daniel Krol
d467559dcd test client: factor out wallet sync API into class
In preparation for adding the LBRY SDK api class
2022-06-10 21:08:24 -04:00
Daniel Krol
66e5cf7fe7 Hash for help with bringing back lastSynced later 2022-06-10 15:05:07 -04:00
Daniel Krol
512ebe3e95 Protocol changes
* Regress from `lastSynced` to just `sequence` to start with something simpler
* Simplified payload: separate metadata, assume canonical way to hmac it together
  * No more "wallet state" except as a simple wrapper on the front end
* Version number in wallet payloads
2022-06-10 15:04:31 -04:00
Daniel Krol
197e228d32 Better comment about encryption 2022-06-08 12:13:07 -04:00
Daniel Krol
eccef61d0b "Full" in Auth endpoint name is no longer useful 2022-06-07 18:24:01 -04:00
Daniel Krol
41721a8f70 Delete some things we don't need anymore 2022-06-07 18:15:46 -04:00
Daniel Krol
0bf11b059c Change to normal password auth, and various things 2022-06-07 17:47:38 -04:00
Daniel Krol
2fbcf6ee6d Get/Post WalletState, account recover, test client
A few things at once because it was faster to get a demo out the door. Skipping most test implementation though I made failing stubs so I know what to fill in later.

* Get/Post WalletState
* downloadKey/email so that a second client can log in, and/or recover from lost client
* Test client in Python to demonstrate the above
* Organize into packages
2022-01-04 16:07:23 -05:00