joinmarket: fix wallet creation
- Fix jm-wallet-seed being globally readable. - Handle seed extraction failures. If seed extraction fails, remove the newly created wallet. This guarantees that wallets always have an accompanying seed.
This commit is contained in:
parent
7458350108
commit
d9c87b6a8f
@ -185,18 +185,19 @@ in {
|
|||||||
# Generating wallets (jmclient/wallet.py) is only supported for mainnet or testnet
|
# Generating wallets (jmclient/wallet.py) is only supported for mainnet or testnet
|
||||||
ExecStartPost = mkIf (bitcoind.network == "mainnet") (nbLib.privileged ''
|
ExecStartPost = mkIf (bitcoind.network == "mainnet") (nbLib.privileged ''
|
||||||
walletname=wallet.jmdat
|
walletname=wallet.jmdat
|
||||||
|
wallet=${cfg.dataDir}/wallets/$walletname
|
||||||
|
if [[ ! -f $wallet ]]; then
|
||||||
|
echo "Create wallet"
|
||||||
pw=$(cat "${secretsDir}"/jm-wallet-password)
|
pw=$(cat "${secretsDir}"/jm-wallet-password)
|
||||||
mnemonic=${secretsDir}/jm-wallet-seed
|
cd ${cfg.dataDir}
|
||||||
if [[ ! -f ${cfg.dataDir}/wallets/$walletname ]]; then
|
if ! sudo -u ${cfg.user} ${nbPkgs.joinmarket}/bin/jm-genwallet --datadir=${cfg.dataDir} $walletname $pw \
|
||||||
echo Create joinmarket wallet
|
| grep 'recovery_seed' \
|
||||||
# Use bash variables so commands don't proceed on previous failures
|
| cut -d ':' -f2 \
|
||||||
# (like with pipes)
|
| (umask u=r,go=; cat > "${secretsDir}/jm-wallet-seed"); then
|
||||||
cd ${cfg.dataDir} && \
|
echo "wallet creation failed"
|
||||||
out=$(sudo -u ${cfg.user} \
|
rm -f "$wallet" "${secretsDir}/jm-wallet-seed"
|
||||||
${nbPkgs.joinmarket}/bin/jm-genwallet \
|
exit 1
|
||||||
--datadir=${cfg.dataDir} $walletname $pw)
|
fi
|
||||||
recoveryseed=$(echo "$out" | grep 'recovery_seed')
|
|
||||||
echo "$recoveryseed" | cut -d ':' -f2 > $mnemonic
|
|
||||||
fi
|
fi
|
||||||
'');
|
'');
|
||||||
ExecStart = "${nbPkgs.joinmarket}/bin/joinmarketd";
|
ExecStart = "${nbPkgs.joinmarket}/bin/joinmarketd";
|
||||||
|
Loading…
Reference in New Issue
Block a user