search

entropyxyz / cli

CLI utility to ease interactions with an Entropy network.
GNU Affero General Public License v3.0
5 stars 0 forks source link

Export account mnemonic. #131

Open johnnymatthews opened 5 months ago

johnnymatthews commented 5 months ago

A few users are asking how they can export their mnemonic. As far as I know, this isn't possible because the SDK (and by extension the CLI) don't deal with mnemonics.

While this isn't the end of the world, it is a bit of a hurdle since a few Substrate wallets only allow users to import their accounts using a wallet.

frankiebee commented 5 months ago

Key patterns are currently in flux. Derivation paths will be required for security purposes in the near future. we can export a mnemonic soon however the user will have to back up more than just the mnemonic they may also need to back up the derivation path. in that case it may be simpler to just store the seed. i know user desire the back up of mnemonics how ever i'd like to see us get away from this as a "security" necessity and would rather see more intelligent recovery systems in place.

Our long term goal with key and secret management is to see keys be more ephemeral. Currently in this stage of testnet. no keys on the network that have been registered will be persisted between network tear downs so effectively theses keys you are using at this moment are not only insecure but also should be treated with less severity and should not be consider safe for long term usage.

mixmix commented 2 weeks ago

This is a blocker for CLI completeness I think?

mixmix commented 3 days ago

CLI

entropy account import naynay --phrase "dave vile sand donkey ....."

TUI

- create account
- import account (seed or phrase)

check if it's a seed of mnemonic and if one succeeds 👌

Questions

johnnymatthews commented 3 days ago

what if there is an invalid word... show error?

If a user enters an invalid word, that's similar to entering an invalid string of text when importing a private seed. I wouldn't be concerned with figuring out whether or not all the words a user enter are valid mnemonic words. Just output the general invalid seed/mnemonic error.

If users keep hitting this error, they'll post about it. If it becomes a common enough problem then we can figure out how to deal with it in a better way.