feat: add keyfile support for RLN credentials secure storage

[s1fr0]

This PR adds support to keyfile defined according to Web3 Secret Storage Definition but extended in order to allow

• secure storage of arbitrary-long input data rather than fixed-size ethereum private key;
• multiple keyfiles stored in same file, which could be encrypted with different passwords;
• a retrieval mechanism to automatically decrypt the first keyfile encrypted with the input password among many;
• a skip mechanism to iterate among multiple keyfiles stored in same file and encrypted with same password;

The keyfile implementation is adapted from nim-eth for this purpose. In order to allow flexibility/compatibility with go-waku implementation, the keyfile fields id and version are omitted by default, but can be re-enabled by changing their respective flags.

Since the main purpose of keyfile introduction is to encrypt RLN credentials, this PR further implements their storage through keyfiles (re)definining the procs writeRlnCredentials and readRlnCredentials. Given that keyfiles process RLN credentials as arbitrary byte data, the format of RLN credentials can be changed anytime with minor modification to the code. Here a related comment.

In order to set a password to encrypt/decrypt RLN credentials, it suffices to pass the --rln-relay-cred-password=<PASSWORD> flag to the chat2 or wakunode2 instances. When this flag is not passed, the encryption/decryption password is set to "" (empty string).

This PR addresses and solve with respect to nwaku and go-waku cross-clients credentials the issue #1278

Note: keyfile.nim, by being a code adaptation coming from nim-eth doesn't seem to follow rigorously our nim guidelines, e.g. note use the result variable. Let me know if it is worth to align it to guidelines (would require some effort though).

[status-im-auto]

Jenkins Builds

Click to see older builds (41)

❔	Commit	#️⃣	Finished (UTC)	Duration	Platform	Result
✔️	7abe2fd	#1	2022-10-20 18:26:18	~16 min	linux	📦bin
✔️	7abe2fd	#1	2022-10-20 18:26:24	~16 min	macos	📦bin
❌	a6bf2be	#2	2022-10-21 15:37:21	~18 min	linux	📄log
✔️	a6bf2be	#2	2022-10-21 15:37:43	~18 min	macos	📦bin
✔️	0ded30f	#3	2022-10-22 00:32:27	~15 min	linux	📦bin
❌	0ded30f	#3	2022-10-22 00:32:32	~15 min	macos	📄log
❌	2a6464b	#4	2022-10-22 01:17:37	~17 min	linux	📄log
❌	2a6464b	#4	2022-10-22 01:18:52	~18 min	macos	📄log
❌	fc5f48f	#5	2022-10-22 01:19:19	~18 min	macos	📄log
❌	fc5f48f	#5	2022-10-22 01:20:34	~19 min	linux	📄log
✔️	7c2c1f9	#6	2022-10-22 01:22:50	~15 min	linux	📦bin
✔️	7c2c1f9	#6	2022-10-22 01:27:46	~20 min	macos	📦bin
✔️	589ee0d	#7	2022-10-24 10:00:36	~15 min	macos	📦bin
✔️	589ee0d	#7	2022-10-24 10:01:10	~16 min	linux	📦bin
✔️	517c3b1	#8	2022-10-24 23:19:34	~15 min	linux	📦bin
✔️	517c3b1	#8	2022-10-24 23:19:36	~15 min	macos	📦bin
❌	5a47ec3	#9	2022-10-25 17:18:04	~16 min	macos	📄log
❌	5a47ec3	#9	2022-10-25 17:20:50	~19 min	linux	📄log
❌	e74cc7e	#10	2022-10-25 17:20:26	~17 min	linux	📄log
✔️	e74cc7e	#10	2022-10-25 17:23:42	~20 min	macos	📦bin
✔️	e74cc7e	#11	2022-10-25 17:49:41	~14 min	linux	📦bin
✔️	08be67c	#12	2022-10-26 21:34:11	~15 min	linux	📦bin
✔️	08be67c	#11	2022-10-26 21:34:43	~15 min	macos	📦bin
✔️	d814f17	#13	2022-10-26 22:04:56	~16 min	linux	📦bin
✔️	d814f17	#12	2022-10-26 22:06:29	~17 min	macos	📦bin
✔️	4ff8a7f	#14	2022-10-26 22:11:04	~16 min	linux	📦bin
✔️	4ff8a7f	#13	2022-10-26 22:12:00	~17 min	macos	📦bin
✔️	01ebc54	#14	2022-10-26 22:25:23	~14 min	macos	📦bin
✔️	01ebc54	#15	2022-10-26 22:25:26	~14 min	linux	📦bin
✔️	9b6850e	#16	2022-10-27 13:15:34	~16 min	linux	📦bin
✔️	9b6850e	#15	2022-10-27 13:15:54	~16 min	macos	📦bin
✔️	6aa7805	#16	2022-10-27 14:27:53	~14 min	macos	📦bin
✔️	6aa7805	#17	2022-10-27 14:31:34	~18 min	linux	📦bin
❌	75c6ff6	#19	2022-10-27 15:28:06	~9 min	linux	📄log
❌	75c6ff6	#18	2022-10-27 15:29:42	~11 min	macos	📄log
✔️	112de23	#19	2022-10-27 17:26:11	~14 min	macos	📦bin
✔️	112de23	#20	2022-10-27 17:26:33	~14 min	linux	📦bin
✔️	239113c	#20	2022-10-27 18:46:14	~14 min	macos	📦bin
✔️	239113c	#21	2022-10-27 18:46:45	~15 min	linux	📦bin
✔️	ffad08b	#22	2022-10-27 20:24:47	~15 min	linux	📦bin
✔️	ffad08b	#21	2022-10-27 20:25:23	~16 min	macos	📦bin

❔	Commit	#️⃣	Finished (UTC)	Duration	Platform	Result
❌	78f2151	#23	2022-10-27 22:35:22	~14 min	linux	📄log
✔️	78f2151	#22	2022-10-27 22:35:31	~14 min	macos	📦bin
✔️	78f2151	#25	2022-10-27 23:38:52	~14 min	linux	📦bin
✔️	def10d0	#23	2022-10-28 07:51:35	~15 min	macos	📦bin
✔️	def10d0	#26	2022-10-28 07:53:55	~17 min	linux	📦bin

[LNSD]

Please, check my comments (and sorry for the nitpicking 🙏🏼)

[LNSD]

Here you are accessing a conf field. Using the conf object everywhere makes refactoring/decoupling work harder.

Can you specify a parameter in this function named rlnRelayCredentialsPassword and use it here?

[s1fr0]

I'm not sure I got the suggestion correctly: conf is passed as parameter to the mount function which in turn calls readRlnCredentials. If I add rlnRelayCredentialsPassword to mount I'll get no advantage. I got it wrong?

[LNSD]

The advantage is that you decouple the mount() procedure from the WakuConf type (char2 or wakunode2 conf type), which will ease the task of decoupling the RLN module from the chat2 and wakunode2 configuration types.

[s1fr0]

I understand, but currently the WakuConf is passed to mount(), and other conf options are used for other purposes. Unless you're thinking (in the long term) to move all these conf parameters used as parameters to mount?
If so does it make sense to do it in this PR or better a separate "decoupling" one?

[s1fr0]

Tracking issue #1294

[LNSD]

Same here:

Can you specify a parameter in this function named rlnRelayCredentialsPassword and use it here?

[s1fr0]

Tracking issue #1294

[LNSD]

Can this configuration option be within a when defined(rln): compilation guard?

The rest of the RLN conf options should also be under the when compilation guard; if this is allowed by Nim.

[s1fr0]

Possible, but the full Chat2Conf/WakuNodeConf object has to be redefined under/outside the flag, i.e. we duplicate all the remaining field definition. I agree that it should be the case, i.e. not have fields unless supported, but nim seems a bit unhandy for these tasks. No problem for me, but maybe not the right PR. Wdyt?

[LNSD]

I'm ok moving this to another PR. Not a blocker on this PR, but certainly, in the near future, we should put a when guard to RLN-specific configuration options (the same way we have it in the implementation).

cc @rymnc @staheri14

[s1fr0]

Tracking issue #1294

[staheri14]

One more relevant issue about the visibility of config options is #999 where it was suggested to use sub-commands to group all the rln-relay-related configs and make them available only when the rln-relay config option is set to true. Would that address your comment @LNSD ?

[LNSD]

but nim seems a bit unhandy for these tasks.

Now I see why you said that. It is an issue in nim-confutils macros 😫 Then, let's leave it as it is until we have a better way of doing this.

[s1fr0]

Oh! I thought was just not possible in nim (i.e. have object fields defined at compilation-time), but indeed with some macros it might be possible to achieve the same goal.

I agree that this has to be done in followup PRs! Thanks for pointing it out!

[staheri14]

@LNSD I see your point, that makes sense.

On a side note, I don't understand how subcommands will help here. We are not using subcommands in the nwaku node app (aka wakunode2). And I don't see any use case for them in wakunode2, at least in the near future.

It was suggested in one of the PRs and my understanding was that it is part of the plan to use subcommands: #992 (comment) @jm-clius

[staheri14]

Please let us know if the plan re subcommands has changed so that we deprioritize that issue i.e., #999 cc: @jm-clius @LNSD

[staheri14]

I don't understand how subcommands will help here.

@LNSD
I'd say all the rln-relay-related config options will get encapsulated (and only accessible) under the rln-relay command/subcommand, hence the CLI interface becomes less confusing for the users (I assume this is the desirable feature we are looking for)

[LNSD]

Can this configuration option be within a when defined(rln): compilation guard?

The rest of the RLN conf options should also be under the when compilation guard; if this is allowed by Nim.

[LNSD]

See my comment: #1285 (comment)

[alrevuelta]

looking great, just some final questions/comments

[alrevuelta]

Since there is a clear pattern here, perhaps just use a for loop?

for pass in @[pass1, passn]:
  let secret = randomSeqByte(rng[], 300)
  let keyfile = createKeyFileJson(secret, pass)
  check:
      keyfile.isOk()
      saveKeyFile(filepath, keyfile.get()).isOk()

you can even randomize the password for each iteration, or even include %,Aa-? and weird stuff just in case?

[s1fr0]

Sure, but then later checks on number of encryption under same password, the decrypted values and so one will get slightly more complicated. I would have been more open to make it more general in case we needed it in nwaku or needed to test hundreds of cases, but this is just a test and I don't see it as a valuable effort for just a stylistic advantage (which is unclear given the second part of the test).

[jm-clius]

LGTM! Thanks for addressing the error handling. :)

[alrevuelta]

lgtm! thank you for addressing the comments. I left this one open as a nice to have but not blocking.

[staheri14]

Looks good, I just left some minor comments.

[staheri14]

Can we have a test for decrypting a key file with a right password but with a tampered/wrong mac?

[s1fr0]

Sure. Test added in 239113c

[staheri14]

By keyfiles are created, you mean the encryption key is derived from a supplied password using PBKDF2?

[s1fr0]

Yes. Clarified in 239113c