diff --git a/common/account_utils/src/validator_definitions.rs b/common/account_utils/src/validator_definitions.rs index c0addb0568..d323707819 100644 --- a/common/account_utils/src/validator_definitions.rs +++ b/common/account_utils/src/validator_definitions.rs @@ -16,7 +16,7 @@ use std::fs::{self, File}; use std::io; use std::path::{Path, PathBuf}; use types::{graffiti::GraffitiString, Address, PublicKey}; -use validator_dir::VOTING_KEYSTORE_FILE; +use validator_dir::{write_password_to_file, VOTING_KEYSTORE_FILE}; /// The file name for the serialized `ValidatorDefinitions` struct. pub const CONFIG_FILENAME: &str = "validator_definitions.yml"; @@ -47,6 +47,7 @@ pub enum Error { UnableToCreateValidatorDir(PathBuf), UnableToReadKeystorePassword(String), KeystoreWithoutPassword, + UnableToCreatePassword(validator_dir::BuilderError), } /// Defines how a password for a validator keystore will be persisted. @@ -350,6 +351,42 @@ impl ValidatorDefinitions { Ok(new_defs_count) } + // TODO(paul): remove this + pub fn migrate_passwords_to_secrets_dir>( + &mut self, + validators_dir: P, + secrets_dir: P, + ) -> Result<(), Error> { + for def in &mut self.0 { + match &mut def.signing_definition { + SigningDefinition::LocalKeystore { + voting_keystore_path, + voting_keystore_password_path, + voting_keystore_password, + } => { + if voting_keystore_password_path.is_some() { + continue; + } + + let keystore = Keystore::from_json_file(&voting_keystore_path) + .map_err(Error::UnableToOpenKeystore)?; + + if let Some(password) = voting_keystore_password { + let password_path = default_keystore_password_path(&keystore, &secrets_dir); + if !password_path.exists() { + write_password_to_file(&password_path, password.as_ref()) + .map_err(Error::UnableToCreatePassword)?; + *voting_keystore_password_path = Some(password_path); + *voting_keystore_password = None; + } + } + } + SigningDefinition::Web3Signer { .. } => (), + } + } + self.save(validators_dir) + } + /// Encodes `self` as a YAML string and atomically writes it to the `CONFIG_FILENAME` file in /// the `validators_dir` directory. /// diff --git a/common/validator_dir/src/lib.rs b/common/validator_dir/src/lib.rs index 4aa0d590a1..df0fc81b9b 100644 --- a/common/validator_dir/src/lib.rs +++ b/common/validator_dir/src/lib.rs @@ -15,6 +15,6 @@ pub use crate::validator_dir::{ ETH1_DEPOSIT_TX_HASH_FILE, }; pub use builder::{ - keystore_password_path, Builder, Error as BuilderError, ETH1_DEPOSIT_DATA_FILE, - VOTING_KEYSTORE_FILE, WITHDRAWAL_KEYSTORE_FILE, + keystore_password_path, write_password_to_file, Builder, Error as BuilderError, + ETH1_DEPOSIT_DATA_FILE, VOTING_KEYSTORE_FILE, WITHDRAWAL_KEYSTORE_FILE, }; diff --git a/validator_client/src/lib.rs b/validator_client/src/lib.rs index b6956bc6a6..f6dca6e14f 100644 --- a/validator_client/src/lib.rs +++ b/validator_client/src/lib.rs @@ -162,6 +162,11 @@ impl ProductionValidatorClient { let mut validator_defs = ValidatorDefinitions::open_or_create(&config.validator_dir) .map_err(|e| format!("Unable to open or create validator definitions: {:?}", e))?; + // TODO(paul): remove this + validator_defs + .migrate_passwords_to_secrets_dir(&config.validator_dir, &config.secrets_dir) + .map_err(|e| format!("Unable to migrate passwords: {:?}", e))?; + if !config.disable_auto_discover { let new_validators = validator_defs .discover_local_keystores(&config.validator_dir, &config.secrets_dir, &log)