EIP-2386 (draft): Eth2 wallet (#1117)

* Add test to understand flow of key storage

* First commit

* Committing to save trait stuff

* Working naive design

* Add keystore struct

* Move keystore files into their own module

* Add serde (de)serialize_with magic

* Add keystore test

* Fix tests

* Add comments and minor fixes

* Pass optional params to `to_keystore` function

* Add `path` field to keystore

* Add function to read Keystore from file

* Add test vectors and fix Version serialization

* Checksum params is empty object

* Add public key to Keystore

* Add function for saving keystore into file

* Deleted account_manager main.rs

* Move keystore module to validator_client

* Add save_keystore method to validator_directory

* Add load_keystore function. Minor refactorings

* Fixed dependencies

* Address some review comments

* Add Password newtype; derive Zeroize

* Fix test

* Move keystore into own crate

* Remove padding

* Add error enum, zeroize more things

* Fix comment

* Add keystore builder

* Remove keystore stuff from val client

* Add more tests, comments

* Add more comments, test vectors

* Progress on improving JSON validation

* More JSON verification

* Start moving JSON into own mod

* Remove old code

* Add more tests, reader/writers

* Tidy

* Move keystore into own file

* Move more logic into keystore file

* Tidy

* Tidy

* Allow for odd-character hex

* Add more json missing field checks

* Use scrypt by default

* Tidy, address comments

* Test path and uuid in vectors

* Fix comment

* Add checks for kdf params

* Enforce empty kdf message

* Expose json_keystore mod

* First commits on path derivation

* Progress with implementation

* More progress

* Passing intermediate test vectors

* Tidy, add comments

* Add DerivedKey structs

* Move key derivation into own crate

* Add zeroize structs

* Return error for empty seed

* Add tests

* Tidy

* First commits on path derivation

* Progress with implementation

* Move key derivation into own crate

* Start defining JSON wallet

* Add progress

* Split out encrypt/decrypt

* First commits on path derivation

* Progress with implementation

* More progress

* Passing intermediate test vectors

* Tidy, add comments

* Add DerivedKey structs

* Move key derivation into own crate

* Add zeroize structs

* Return error for empty seed

* Add tests

* Tidy

* Add progress

* Replace some password usage with slice

* First commits on path derivation

* Progress with implementation

* More progress

* Passing intermediate test vectors

* Tidy, add comments

* Add DerivedKey structs

* Move key derivation into own crate

* Add zeroize structs

* Return error for empty seed

* Add tests

* Tidy

* Add progress

* Expose PlainText struct

* First commits on path derivation

* Progress with implementation

* More progress

* Passing intermediate test vectors

* Tidy, add comments

* Add DerivedKey structs

* Move key derivation into own crate

* Add zeroize structs

* Return error for empty seed

* Add tests

* Tidy

* Add builder

* Expose consts, remove Password

* Minor progress

* Expose SALT_SIZE

* First compiling version

* Add test vectors

* Move dbg assert statement

* Add mnemonic, tidy

* Tidy

* Add testing

* Fix broken test

* Address review comments

Co-authored-by: pawan <pawandhananjay@gmail.com>

eth2/utils/eth2_keystore/src/keystore.rs

@@ -182,19 +182,13 @@ impl Keystore {
             });
         }
 
-        // Instantiate a `SecretKey`.
-        let sk =
-            SecretKey::from_bytes(plain_text.as_bytes()).map_err(Error::InvalidSecretKeyBytes)?;
-
-        // Derive a `PublicKey` from `SecretKey`.
-        let pk = PublicKey::from_secret_key(&sk);
-
+        let keypair = keypair_from_secret(plain_text.as_bytes())?;
         // Verify that the derived `PublicKey` matches `self`.
-        if pk.as_hex_string()[2..].to_string() != self.json.pubkey {
+        if keypair.pk.as_hex_string()[2..].to_string() != self.json.pubkey {
             return Err(Error::PublicKeyMismatch);
         }
 
-        Ok(Keypair { sk, pk })
+        Ok(keypair)
     }
 
     /// Returns the UUID for the keystore.
@@ -230,6 +224,18 @@ impl Keystore {
     }
 }
 
+/// Instantiates a BLS keypair from the given `secret`.
+///
+/// ## Errors
+///
+/// - If `secret.len() != 32`.
+/// - If `secret` does not represent a point in the BLS curve.
+pub fn keypair_from_secret(secret: &[u8]) -> Result<Keypair, Error> {
+    let sk = SecretKey::from_bytes(secret).map_err(Error::InvalidSecretKeyBytes)?;
+    let pk = PublicKey::from_secret_key(&sk);
+    Ok(Keypair { sk, pk })
+}
+
 /// Returns `Kdf` used by default when creating keystores.
 ///
 /// Currently this is set to scrypt due to its memory hardness properties.

eth2/utils/eth2_keystore/src/lib.rs

@@ -8,8 +8,8 @@ mod plain_text;
 pub mod json_keystore;
 
 pub use keystore::{
-    decrypt, default_kdf, encrypt, Error, Keystore, KeystoreBuilder, DKLEN, HASH_SIZE, IV_SIZE,
-    SALT_SIZE,
+    decrypt, default_kdf, encrypt, keypair_from_secret, Error, Keystore, KeystoreBuilder, DKLEN,
+    HASH_SIZE, IV_SIZE, SALT_SIZE,
 };
 pub use plain_text::PlainText;
 pub use uuid::Uuid;