mmgen-autosign: move help notes to separate module
This commit is contained in:
parent
91e10be951
commit
47b2a2e338
GPG key ID:
3F8B1861E32B7DA2
3 changed files with 136 additions and 119 deletions
|
|
@ -60,10 +60,10 @@ def gen_arg_tuple(cfg, func, text):
|
|||
return getattr(importlib.import_module(
|
||||
f'{cfg._help_pkg}.help_notes').help_notes(proto, cfg), k)(*args, **kwargs)
|
||||
|
||||
def help_mod(modname):
|
||||
def help_mod(modname, *args, **kwargs):
|
||||
import importlib
|
||||
return importlib.import_module(
|
||||
f'{cfg._opts.help_pkg}.{modname}').help(proto, cfg)
|
||||
f'{cfg._opts.help_pkg}.{modname}').help(proto, cfg, *args, **kwargs)
|
||||
|
||||
from ..protocol import init_proto_from_cfg
|
||||
proto = init_proto_from_cfg(cfg, need_amt=True)
|
||||
|
|
|
|||
131
mmgen/help/autosign.py
Executable file
131
mmgen/help/autosign.py
Executable file
|
|
@ -0,0 +1,131 @@
|
|||
#!/usr/bin/env python3
|
||||
#
|
||||
# MMGen Wallet, a terminal-based cryptocurrency wallet
|
||||
# Copyright (C)2013-2026 The MMGen Project <mmgen@tuta.io>
|
||||
# Licensed under the GNU General Public License, Version 3:
|
||||
# https://www.gnu.org/licenses
|
||||
# Public project repositories:
|
||||
# https://github.com/mmgen/mmgen-wallet
|
||||
# https://gitlab.com/mmgen/mmgen-wallet
|
||||
|
||||
"""
|
||||
help.autosign: autosign help notes for the MMGen Wallet suite
|
||||
"""
|
||||
|
||||
def help(proto, cfg, *, asi):
|
||||
return f"""
|
||||
|
||||
OPERATIONS
|
||||
|
||||
clean - clean the removable device of unneeded files, removing only non-
|
||||
essential data
|
||||
gen_key - generate the wallet encryption key and copy it to the removable
|
||||
device mounted at mountpoint ‘{asi.mountpoint}’ (as currently
|
||||
configured)
|
||||
setup - full setup: run ‘gen_key’ and create temporary signing wallet(s)
|
||||
for all configured coins
|
||||
xmr_setup - set up Monero temporary signing wallet(s). Not required during
|
||||
normal operation: use ‘setup’ with --xmrwallets instead
|
||||
macos_ramdisk_setup - set up the ramdisk used for storing the temporary signing
|
||||
wallet(s) (macOS only). Required only when creating the wallet(s)
|
||||
manually, without ‘setup’
|
||||
macos_ramdisk_delete - delete the macOS ramdisk
|
||||
disable_swap - disable disk swap to prevent potentially sensitive data in
|
||||
volatile memory from being swapped to disk. Applicable only when
|
||||
creating temporary signing wallet(s) manually, without ‘setup’
|
||||
enable_swap - reenable disk swap. For testing only, should not be invoked in
|
||||
a production environment
|
||||
wait - start in loop mode: wait-mount-sign-unmount-wait
|
||||
wipe_key - wipe the wallet encryption key on the removable device, making
|
||||
signing transactions or stealing the user’s seed impossible.
|
||||
The operation is intended as a ‘kill switch’ and thus performed
|
||||
without prompting
|
||||
list_led - list boards with tested LED signaling support
|
||||
test_led - test the current board for LED signaling support
|
||||
|
||||
|
||||
USAGE NOTES
|
||||
|
||||
If no operation is specified, this program mounts a removable device
|
||||
(typically a USB flash drive) containing unsigned MMGen transactions, message
|
||||
files, and/or XMR wallet output files, signs them, unmounts the removable
|
||||
device and exits.
|
||||
|
||||
If invoked with ‘wait’, the program waits in a loop, mounting the removable
|
||||
device, performing signing operations and unmounting the device every time it
|
||||
is inserted.
|
||||
|
||||
The removable device must have a partition with a filesystem labeled MMGEN_TX
|
||||
and a user-writable root directory. For interoperability between OS-es, it’s
|
||||
recommended to use the exFAT file system.
|
||||
|
||||
On both the signing and online machines the mountpoint ‘{asi.mountpoint}’
|
||||
(as currently configured) must exist. Linux (not macOS) machines must have
|
||||
an ‘/etc/fstab’ with the following entry:
|
||||
|
||||
LABEL=MMGEN_TX {asi.mountpoint} auto noauto,user 0 0
|
||||
|
||||
Signing is performed with a temporary wallet created in volatile memory in
|
||||
the directory ‘{asi.wallet_dir}’ (as currently configured). The wallet is
|
||||
encrypted with a 32-byte password saved in the file ‘autosign.key’ in the
|
||||
root of the removable device’s filesystem.
|
||||
|
||||
|
||||
LED SIGNALING SUPPORT
|
||||
|
||||
On supported platforms (selected Orange Pi, Rock Pi, Banana Pi, Nano Pi and
|
||||
Raspberry Pi boards), a flashing LED indicates whether signing is in progress
|
||||
or the program is in standby mode, i.e. ready for device insertion or removal.
|
||||
|
||||
The operation ‘test_led’ tests the current installation for LED support, while
|
||||
‘list_led’ displays a list of supported board/OS combinations. Note that this
|
||||
list is not exhaustive: signaling may work with other boards, especially those
|
||||
produced by the listed manufacturers. If ‘test_led’ reports that your board is
|
||||
not supported, please submit an issue to the mmgen-wallet repository on Github
|
||||
or via e-mail, including the board model, OS version and output of the
|
||||
following shell command:
|
||||
|
||||
ls -RH /sys/class/leds/{{*status*,*led*}}
|
||||
|
||||
In the absence of LED support, the user must observe the signing progress
|
||||
on-screen and wait for the “safe to extract” message to appear.
|
||||
|
||||
|
||||
The password and temporary wallet may be created in one operation by invoking
|
||||
‘mmgen-autosign setup’ with the removable device inserted. In this case, the
|
||||
temporary wallet is created from the user’s default wallet, if it exists and
|
||||
the user so desires. If not, the user is prompted to enter a seed phrase.
|
||||
|
||||
Alternatively, the password and temporary wallet may be created separately by
|
||||
first invoking ‘mmgen-autosign gen_key’ and then creating and encrypting the
|
||||
wallet using the -P (--passwd-file) option:
|
||||
|
||||
$ mmgen-walletconv -iwords -d{asi.wallet_dir} -p1 -N -P{asi.mountpoint}/autosign.key -Lfoo
|
||||
|
||||
Note that the hash preset must be ‘1’. To use a wallet file as the source
|
||||
instead of an MMGen seed phrase, omit the ‘-i’ option and add the wallet
|
||||
file path to the end of the command line. Multiple temporary wallets may
|
||||
be created in this way and used for signing (note, however, that for XMR
|
||||
operations only one wallet is supported).
|
||||
|
||||
Autosigning is currently supported on Linux and macOS only.
|
||||
|
||||
|
||||
SECURITY NOTE
|
||||
|
||||
By placing wallet and password on separate devices, this program creates
|
||||
a two-factor authentication setup whereby an attacker must gain physical
|
||||
control of both the removable device and signing machine in order to sign
|
||||
transactions. It’s therefore recommended to always keep the removable device
|
||||
secure, separated from the signing machine and hidden (in your pocket, for
|
||||
example) when not transacting. In addition, since login access on the
|
||||
signing machine is required to steal the user’s seed, it’s good practice
|
||||
to lock the signing machine’s screen once the setup process is complete.
|
||||
|
||||
As a last resort, cutting power to the signing machine will destroy the
|
||||
volatile memory where the temporary wallet resides and foil any attack,
|
||||
even if you’ve lost control of the removable device.
|
||||
|
||||
Always remember to power off the signing machine when your signing session
|
||||
is over.
|
||||
"""
|
||||
|
|
@ -69,129 +69,15 @@ opts_data = {
|
|||
-x, --xmrwallets=L Range or list of wallet numbers to be used for XMR
|
||||
autosigning
|
||||
""",
|
||||
'notes': """
|
||||
|
||||
OPERATIONS
|
||||
|
||||
clean - clean the removable device of unneeded files, removing only non-
|
||||
essential data
|
||||
gen_key - generate the wallet encryption key and copy it to the removable
|
||||
device mounted at mountpoint ‘{asi.mountpoint}’ (as currently
|
||||
configured)
|
||||
setup - full setup: run ‘gen_key’ and create temporary signing wallet(s)
|
||||
for all configured coins
|
||||
xmr_setup - set up Monero temporary signing wallet(s). Not required during
|
||||
normal operation: use ‘setup’ with --xmrwallets instead
|
||||
macos_ramdisk_setup - set up the ramdisk used for storing the temporary signing
|
||||
wallet(s) (macOS only). Required only when creating the wallet(s)
|
||||
manually, without ‘setup’
|
||||
macos_ramdisk_delete - delete the macOS ramdisk
|
||||
disable_swap - disable disk swap to prevent potentially sensitive data in
|
||||
volatile memory from being swapped to disk. Applicable only when
|
||||
creating temporary signing wallet(s) manually, without ‘setup’
|
||||
enable_swap - reenable disk swap. For testing only, should not be invoked in
|
||||
a production environment
|
||||
wait - start in loop mode: wait-mount-sign-unmount-wait
|
||||
wipe_key - wipe the wallet encryption key on the removable device, making
|
||||
signing transactions or stealing the user’s seed impossible.
|
||||
The operation is intended as a ‘kill switch’ and thus performed
|
||||
without prompting
|
||||
list_led - list boards with tested LED signaling support
|
||||
test_led - test the current board for LED signaling support
|
||||
|
||||
|
||||
USAGE NOTES
|
||||
|
||||
If no operation is specified, this program mounts a removable device
|
||||
(typically a USB flash drive) containing unsigned MMGen transactions, message
|
||||
files, and/or XMR wallet output files, signs them, unmounts the removable
|
||||
device and exits.
|
||||
|
||||
If invoked with ‘wait’, the program waits in a loop, mounting the removable
|
||||
device, performing signing operations and unmounting the device every time it
|
||||
is inserted.
|
||||
|
||||
The removable device must have a partition with a filesystem labeled MMGEN_TX
|
||||
and a user-writable root directory. For interoperability between OS-es, it’s
|
||||
recommended to use the exFAT file system.
|
||||
|
||||
On both the signing and online machines the mountpoint ‘{asi.mountpoint}’
|
||||
(as currently configured) must exist. Linux (not macOS) machines must have
|
||||
an ‘/etc/fstab’ with the following entry:
|
||||
|
||||
LABEL=MMGEN_TX {asi.mountpoint} auto noauto,user 0 0
|
||||
|
||||
Signing is performed with a temporary wallet created in volatile memory in
|
||||
the directory ‘{asi.wallet_dir}’ (as currently configured). The wallet is
|
||||
encrypted with a 32-byte password saved in the file ‘autosign.key’ in the
|
||||
root of the removable device’s filesystem.
|
||||
|
||||
|
||||
LED SIGNALING SUPPORT
|
||||
|
||||
On supported platforms (selected Orange Pi, Rock Pi, Banana Pi, Nano Pi and
|
||||
Raspberry Pi boards), a flashing LED indicates whether signing is in progress
|
||||
or the program is in standby mode, i.e. ready for device insertion or removal.
|
||||
|
||||
The operation ‘test_led’ tests the current installation for LED support, while
|
||||
‘list_led’ displays a list of supported board/OS combinations. Note that this
|
||||
list is not exhaustive: signaling may work with other boards, especially those
|
||||
produced by the listed manufacturers. If ‘test_led’ reports that your board is
|
||||
not supported, please submit an issue to the mmgen-wallet repository on Github
|
||||
or via e-mail, including the board model, OS version and output of the
|
||||
following shell command:
|
||||
|
||||
ls -RH /sys/class/leds/{{*status*,*led*}}
|
||||
|
||||
In the absence of LED support, the user must observe the signing progress
|
||||
on-screen and wait for the “safe to extract” message to appear.
|
||||
|
||||
|
||||
The password and temporary wallet may be created in one operation by invoking
|
||||
‘mmgen-autosign setup’ with the removable device inserted. In this case, the
|
||||
temporary wallet is created from the user’s default wallet, if it exists and
|
||||
the user so desires. If not, the user is prompted to enter a seed phrase.
|
||||
|
||||
Alternatively, the password and temporary wallet may be created separately by
|
||||
first invoking ‘mmgen-autosign gen_key’ and then creating and encrypting the
|
||||
wallet using the -P (--passwd-file) option:
|
||||
|
||||
$ mmgen-walletconv -iwords -d{asi.wallet_dir} -p1 -N -P{asi.mountpoint}/autosign.key -Lfoo
|
||||
|
||||
Note that the hash preset must be ‘1’. To use a wallet file as the source
|
||||
instead of an MMGen seed phrase, omit the ‘-i’ option and add the wallet
|
||||
file path to the end of the command line. Multiple temporary wallets may
|
||||
be created in this way and used for signing (note, however, that for XMR
|
||||
operations only one wallet is supported).
|
||||
|
||||
Autosigning is currently supported on Linux and macOS only.
|
||||
|
||||
|
||||
SECURITY NOTE
|
||||
|
||||
By placing wallet and password on separate devices, this program creates
|
||||
a two-factor authentication setup whereby an attacker must gain physical
|
||||
control of both the removable device and signing machine in order to sign
|
||||
transactions. It’s therefore recommended to always keep the removable device
|
||||
secure, separated from the signing machine and hidden (in your pocket, for
|
||||
example) when not transacting. In addition, since login access on the
|
||||
signing machine is required to steal the user’s seed, it’s good practice
|
||||
to lock the signing machine’s screen once the setup process is complete.
|
||||
|
||||
As a last resort, cutting power to the signing machine will destroy the
|
||||
volatile memory where the temporary wallet resides and foil any attack,
|
||||
even if you’ve lost control of the removable device.
|
||||
|
||||
Always remember to power off the signing machine when your signing session
|
||||
is over.
|
||||
"""
|
||||
'notes': '{n_as}'
|
||||
},
|
||||
'code': {
|
||||
'options': lambda s: s.format(
|
||||
asi = asi,
|
||||
mn_fmts = fmt_list(asi.mn_fmts, fmt='no_spc'),
|
||||
),
|
||||
'notes': lambda s: s.format(asi=asi)
|
||||
'notes': lambda s, help_mod: s.format(
|
||||
n_as = help_mod('autosign', asi=asi))
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue