Closed tiero closed 4 months ago
I think an env var like OCEAN_PASSWORD=<password>
would be better as it doesn't disclose the mnemonic. I mean, at least the mnemonic is not evident in config.
Also, the ocean wallet is meant to be always protected by a password. The change proposed initially would require a refactor of the wallet domain.
the non-interactivity is also to be refer to the entire lifecycle on a clean host, you can automatize the running of the daemon also the first time, without requiring to use the CLI as now for "creation/restore" using mnemonic.
Can't simply be an extension check on "top" that choose a standard password that exports in ENV for the auto-unlock on startup? So this issue can be a follow up of "add auto-unlock mode".
My idea would be that the daemon has a OCEAN_WALLET_PASSWORD=xxx
and if OCEAN_WALLET_WORDS=yyy
is also passed the initial creation is skipped (and also if there is no volume with wallet initialized mounted)
this issue is not prioritary, but useful in HA deployment scenario (where you need to spinup many replicas of the same wallet in a programmatic way and you can't mount the same volume in the same docker host)
This can be done sooner https://github.com/vulpemventures/ocean/issues/83
for example
Should automatically load the mnemonic in-memory and keep the wallet in an unlocked state, useful in dockerized deployment environment