search

ethersphere / swarm-cli

Manage your Bee node and interact with the Swarm network via the CLI
BSD 3-Clause "New" or "Revised" License
48 stars 21 forks source link

Add an option to import an identity from a private key instead of a wallet file #313

Closed filoozom closed 2 years ago

filoozom commented 2 years ago

Would it be possible to add an option to import an identity based on a private key instead of an encrypted wallet?

This would be quite useful for automation, see https://github.com/ethersphere/beeload-action/issues/13#issuecomment-1020013257 for example.

I'd happy to write a PR for it.

agazso commented 2 years ago

Currently swarm-cli supports two types of identities (wallets): password-protected and keypair-only. The password protected ones are in standard JSON V3 format, but the keypair-only identities are just storing the private keys as plain text. Therefore it is not recommended in general to use the keypair-only identities for security sensitive use-cases.

I would maybe either extend the identity import command to accept a private key argument with an additional required password argument to convert it internally a password protected identity. I can imagine also an optional argument to omit the password, in that case it would be only imported as keypair-only identity.

However that may mess up the internal logic of the identity import command so it may be better to introduce a new identity import-key command with the semantics described above. Wdyt @Cafe137 ?

Cafe137 commented 2 years ago

Having a single import command which works intuitively is very much worth the implementation upon the existing internal logic IMO. It can be refactored easily to keep the code clean.

identity import

This is the minimal UX I think:

Now for security, I would not make it mandatory to have the private keys converted to V3 wallets.

However, when running in interactive mode (which is the normal use case and the default), I would print a y/n prompt "This is not secure, you should set up a password and convert this private key into a wallet, would you like to do it now" which then provides a wizard or just imports as keypair-only.

We already have similar wizards for identity and feed commands, so this is nothing new to swarm-cli.

If this gets accepted I would also like to open a new issue for extracting this conversion flow as an identity convert standalone command.

BTW, I allocated 2-3 days for swarm-cli this week with the same plan, to revisit the identity commands, since we added some features to bee-dashboard which are currently not supported here just yet. So I can gladly take on this since this was among my current todos. 🙂

filoozom commented 2 years ago

So I can gladly take on this since this was among my current todos. 🙂

That would be awesome, thank you!