lotus/cmd/lotus-wallet/main.go

297 lines
6.7 KiB
Go
Raw Normal View History

2020-09-05 19:36:32 +00:00
package main
import (
"context"
2021-05-31 11:38:14 +00:00
"fmt"
2020-09-05 19:36:32 +00:00
"net"
"net/http"
"os"
2021-05-31 11:38:14 +00:00
"github.com/gbrlsnchs/jwt/v3"
2020-09-05 19:36:32 +00:00
"github.com/gorilla/mux"
logging "github.com/ipfs/go-log/v2"
"github.com/urfave/cli/v2"
2020-10-21 08:37:50 +00:00
"go.opencensus.io/stats/view"
"go.opencensus.io/tag"
2021-05-31 11:38:14 +00:00
"golang.org/x/xerrors"
2020-09-05 19:36:32 +00:00
"github.com/filecoin-project/go-jsonrpc"
2021-05-31 11:38:14 +00:00
"github.com/filecoin-project/go-jsonrpc/auth"
"github.com/filecoin-project/lotus/api"
2022-06-14 15:00:51 +00:00
"github.com/filecoin-project/lotus/api/v0api"
2020-09-05 19:36:32 +00:00
"github.com/filecoin-project/lotus/build"
2021-05-31 11:38:14 +00:00
"github.com/filecoin-project/lotus/chain/types"
2020-09-05 19:36:32 +00:00
"github.com/filecoin-project/lotus/chain/wallet"
ledgerwallet "github.com/filecoin-project/lotus/chain/wallet/ledger"
2020-09-05 19:36:32 +00:00
lcli "github.com/filecoin-project/lotus/cli"
"github.com/filecoin-project/lotus/lib/lotuslog"
2020-10-21 08:37:50 +00:00
"github.com/filecoin-project/lotus/metrics"
"github.com/filecoin-project/lotus/metrics/proxy"
2021-05-31 11:38:14 +00:00
"github.com/filecoin-project/lotus/node/modules"
2020-09-05 19:36:32 +00:00
"github.com/filecoin-project/lotus/node/repo"
)
var log = logging.Logger("main")
const FlagWalletRepo = "wallet-repo"
2021-05-31 11:38:14 +00:00
type jwtPayload struct {
Allow []auth.Permission
}
2020-09-05 19:36:32 +00:00
func main() {
lotuslog.SetupLogLevels()
local := []*cli.Command{
runCmd,
2021-05-31 11:38:14 +00:00
getApiKeyCmd,
2020-09-05 19:36:32 +00:00
}
app := &cli.App{
Name: "lotus-wallet",
Usage: "Basic external wallet",
Version: build.UserVersion(),
2021-05-31 12:33:54 +00:00
Description: `
lotus-wallet provides a remote wallet service for lotus.
To configure your lotus node to use a remote wallet:
* Run 'lotus-wallet get-api-key' to generate API key
* Start lotus-wallet using 'lotus-wallet run' (see --help for additional flags)
* Edit lotus config (~/.lotus/config.toml)
* Find the '[Wallet]' section
* Set 'RemoteBackend' to '[api key]:http://[wallet ip]:[wallet port]'
(the default port is 1777)
* Start (or restart) the lotus daemon`,
2020-09-05 19:36:32 +00:00
Flags: []cli.Flag{
&cli.StringFlag{
Name: FlagWalletRepo,
EnvVars: []string{"WALLET_PATH"},
Value: "~/.lotuswallet", // TODO: Consider XDG_DATA_HOME
},
2020-12-17 15:45:32 +00:00
&cli.StringFlag{
Name: "repo",
EnvVars: []string{"LOTUS_PATH"},
Hidden: true,
Value: "~/.lotus",
},
2020-09-05 19:36:32 +00:00
},
Commands: local,
}
app.Setup()
if err := app.Run(os.Args); err != nil {
log.Warnf("%+v", err)
return
}
}
2021-05-31 11:38:14 +00:00
var getApiKeyCmd = &cli.Command{
Name: "get-api-key",
2021-05-31 12:33:54 +00:00
Usage: "Generate API Key",
2021-05-31 11:38:14 +00:00
Action: func(cctx *cli.Context) error {
lr, ks, err := openRepo(cctx)
if err != nil {
return err
}
defer lr.Close() // nolint
p := jwtPayload{
Allow: []auth.Permission{api.PermAdmin},
}
authKey, err := modules.APISecret(ks, lr)
if err != nil {
return xerrors.Errorf("setting up api secret: %w", err)
}
k, err := jwt.Sign(&p, (*jwt.HMACSHA)(authKey))
if err != nil {
return xerrors.Errorf("jwt sign: %w", err)
}
fmt.Println(string(k))
return nil
},
}
2020-09-05 19:36:32 +00:00
var runCmd = &cli.Command{
Name: "run",
Usage: "Start lotus wallet",
Flags: []cli.Flag{
&cli.StringFlag{
Name: "listen",
Usage: "host address and port the wallet api will listen on",
Value: "0.0.0.0:1777",
},
&cli.BoolFlag{
Name: "ledger",
Usage: "use a ledger device instead of an on-disk wallet",
},
2020-12-17 15:45:32 +00:00
&cli.BoolFlag{
2020-12-17 15:45:41 +00:00
Name: "interactive",
2020-12-17 15:45:32 +00:00
Usage: "prompt before performing actions (DO NOT USE FOR MINER WORKER ADDRESS)",
},
&cli.BoolFlag{
2020-12-17 15:45:41 +00:00
Name: "offline",
2020-12-17 15:45:32 +00:00
Usage: "don't query chain state in interactive mode",
},
2021-05-31 11:38:14 +00:00
&cli.BoolFlag{
2021-05-31 11:44:15 +00:00
Name: "disable-auth",
Usage: "(insecure) disable api auth",
2021-05-31 11:38:14 +00:00
Hidden: true,
},
2020-09-05 19:36:32 +00:00
},
Description: "Needs FULLNODE_API_INFO env-var to be set before running (see lotus-wallet --help for setup instructions)",
2020-09-05 19:36:32 +00:00
Action: func(cctx *cli.Context) error {
log.Info("Starting lotus wallet")
ctx := lcli.ReqContext(cctx)
ctx, cancel := context.WithCancel(ctx)
defer cancel()
2020-10-21 08:37:50 +00:00
// Register all metric views
if err := view.Register(
metrics.DefaultViews...,
); err != nil {
log.Fatalf("Cannot register the view: %v", err)
}
2021-05-31 11:38:14 +00:00
lr, ks, err := openRepo(cctx)
2020-09-05 19:36:32 +00:00
if err != nil {
return err
}
2021-05-31 11:38:14 +00:00
defer lr.Close() // nolint
2020-09-05 19:36:32 +00:00
lw, err := wallet.NewWallet(ks)
if err != nil {
return err
}
var w api.Wallet = lw
if cctx.Bool("ledger") {
2021-01-26 10:25:34 +00:00
ds, err := lr.Datastore(context.Background(), "/metadata")
if err != nil {
return err
}
w = wallet.MultiWallet{
Local: lw,
Ledger: ledgerwallet.NewWallet(ds),
}
}
2020-09-05 19:36:32 +00:00
address := cctx.String("listen")
mux := mux.NewRouter()
log.Info("Setting up API endpoint at " + address)
2020-12-17 15:45:32 +00:00
if cctx.Bool("interactive") {
2021-04-05 11:23:46 +00:00
var ag func() (v0api.FullNode, jsonrpc.ClientCloser, error)
2020-12-17 15:45:32 +00:00
if !cctx.Bool("offline") {
2021-04-05 11:23:46 +00:00
ag = func() (v0api.FullNode, jsonrpc.ClientCloser, error) {
2020-12-17 15:45:32 +00:00
return lcli.GetFullNodeAPI(cctx)
}
}
w = &InteractiveWallet{
2020-12-17 15:45:41 +00:00
under: w,
2020-12-17 15:45:32 +00:00
apiGetter: ag,
}
} else {
w = &LoggedWallet{under: w}
}
rpcApi := proxy.MetricedWalletAPI(w)
2021-05-31 11:44:15 +00:00
if !cctx.Bool("disable-auth") {
rpcApi = api.PermissionedWalletAPI(rpcApi)
}
2020-09-05 19:36:32 +00:00
rpcServer := jsonrpc.NewServer()
2021-05-31 11:44:15 +00:00
rpcServer.Register("Filecoin", rpcApi)
2020-09-05 19:36:32 +00:00
mux.Handle("/rpc/v0", rpcServer)
mux.PathPrefix("/").Handler(http.DefaultServeMux) // pprof
2021-05-31 11:38:14 +00:00
var handler http.Handler = mux
2021-05-31 11:44:15 +00:00
if !cctx.Bool("disable-auth") {
2021-05-31 11:38:14 +00:00
authKey, err := modules.APISecret(ks, lr)
if err != nil {
return xerrors.Errorf("setting up api secret: %w", err)
}
authVerify := func(ctx context.Context, token string) ([]auth.Permission, error) {
var payload jwtPayload
if _, err := jwt.Verify([]byte(token), (*jwt.HMACSHA)(authKey), &payload); err != nil {
return nil, xerrors.Errorf("JWT Verification failed: %w", err)
}
return payload.Allow, nil
}
2021-05-31 11:44:15 +00:00
log.Info("API auth enabled, use 'lotus-wallet get-api-key' to get API key")
2021-05-31 11:38:14 +00:00
handler = &auth.Handler{
Verify: authVerify,
Next: mux.ServeHTTP,
}
}
2020-09-05 19:36:32 +00:00
srv := &http.Server{
2021-05-31 11:38:14 +00:00
Handler: handler,
2020-09-05 19:36:32 +00:00
BaseContext: func(listener net.Listener) context.Context {
2020-10-21 08:37:50 +00:00
ctx, _ := tag.New(context.Background(), tag.Upsert(metrics.APIInterface, "lotus-wallet"))
2020-09-05 19:36:32 +00:00
return ctx
},
}
go func() {
<-ctx.Done()
log.Warn("Shutting down...")
if err := srv.Shutdown(context.TODO()); err != nil {
log.Errorf("shutting down RPC server failed: %s", err)
}
log.Warn("Graceful shutdown successful")
}()
nl, err := net.Listen("tcp", address)
if err != nil {
return err
}
return srv.Serve(nl)
},
}
2021-05-31 11:38:14 +00:00
2021-05-31 11:44:15 +00:00
func openRepo(cctx *cli.Context) (repo.LockedRepo, types.KeyStore, error) {
2021-05-31 11:38:14 +00:00
repoPath := cctx.String(FlagWalletRepo)
r, err := repo.NewFS(repoPath)
if err != nil {
return nil, nil, err
}
ok, err := r.Exists()
if err != nil {
return nil, nil, err
}
if !ok {
if err := r.Init(repo.Wallet); err != nil {
2021-05-31 11:38:14 +00:00
return nil, nil, err
}
}
lr, err := r.Lock(repo.Wallet)
if err != nil {
return nil, nil, err
}
ks, err := lr.KeyStore()
if err != nil {
return nil, nil, err
}
return lr, ks, nil
}