Feat/os keychain followup

[elizabethengelman]

What

This PR is based on #1703 and adds some additional compatibility with the secure store like keys rm and keys add.

• keys rm
• keys add
• manual test on Mac OS
  • add the key: cargo run keys add --secure-store alice (will be prompted for a seed phrase)
  • make sure we can get the address from the new key: cargo run keys address alice
  • make sure we can sign & send with the new key:

      stello contract deploy --wasm target/test-wasms/hello_world.wasm  --build-only --network testnet --source alice | \
      stello tx simulate --network testnet --source alice | \
      stello tx sign --network testnet --sign-with-key alice | \
      stello tx send --network testnet
  

  • remove the key: stello keys rm alice
  • make sure it is no longer in the list or the keychain
• manual test on Linux
• manual test on Windows

Why

I wanted to keep #1703 from getting too big so it was easier to review.

Known limitations

[TODO or N/A]

[willemneal]

I still need to try this out locally, but correct me if I'm wrong, but it's possible to have the name used in keys add differ from what is used in entry-name?

[elizabethengelman]

@willemneal

... it's possible to have the name used in keys add differ from what is used in entry-name?

Good call! Yeah, at the moment, this is possible. It still ends up working because we are saving the value of --entry-name in the <NAME>.toml file, like this: entry_name = "secure_store:org.stellar.cli-<NAME>. And then getting that entry_name from the toml file when accessing the public key, or using the private key.

Though, this may be confusing. 🤔

Instead, we could remove the --entry-name flag, and when adding a new key, require that the key name is the same as the entry name in the OS's secure store. So, this command would change to be: cargo run keys add alice.

But, now I'm starting to wonder if we shouldn't allow users to add keys from the keychain at all. If we do, we'd need to make sure that users add the keys to their secure store with:

1. the key name prepended with secure_store:org.stellar.cli-
2. the key saved as a base64 encoded ed25519_dalek::SigningKey

And we could probably do that, but I'm not sure how necessary this feature is. 🤔

[elizabethengelman]

Since we are now planning to store the seed phrase instead of the signing key in the OS secure storage, I think that a more useful feature would be to allow a user to add a new key with their seed phrase, which is saved in secure storage instead of in the local file. So the command could look like this:

cargo run keys add <NAME> --secure-store

which would then prompt the user to enter their seed phrase:

Type a 12/24 word seed phrase:
...

[elizabethengelman]

moved this here from config/secret.rs - i was seeing an interesting cyclical dependency, and moving this here helped that be a bit less confusing.

[elizabethengelman]

At the moment I only added support for a user to add a new seed phrase to secure storage. I'm happy to make a change so that this supports adding a private key directly as well, but wanted to get some more eyes on this to see if folks thought it was worth the effort.

[willemneal]

I think it's always a mistake to use a private key directly when storing keys. It has no recovery method and almost all wallets to my knowledge use a seed phrase so if users would be importing it wouldn't be a Secret Key.

[elizabethengelman]

i'm not sure if this needs its own mod, or exactly where to put this, but I wanted to pull the code out where both add and generate could use it

[willemneal]

Suggested change

	entry_name: &String,
	entry_name: &str,

[willemneal]

Not sure this will be an issue, but it seems like it could be possible for the keyring to successfully delete the key but not the Identity file? I think we can assume this isn't the case since we read the id first.

[willemneal]

🎉