@abcpros/bitcore-wallet-service

import { UNITS } from '@abcpros/crypto-wallet-core/ts_build/src/constants/units'; import * as async from 'async'; import * as _ from 'lodash'; import 'source-map-support/register'; import { BlockChainExplorer } from './blockchainexplorer'; import { V8 } from './blockchainexplorers/v8'; import { ChainService } from './chain/index'; import { ClientError } from './errors/clienterror'; import { FiatRateService } from './fiatrateservice'; import { Lock } from './lock'; import logger from './logger'; import { MessageBroker } from './messagebroker'; import { Advertisement, Copayer, INotification, ITxProposal, IWallet, Notification, Preferences, PushNotificationSub, Session, TxConfirmationSub, TxNote, TxProposal, Wallet } from './model'; import { Storage } from './storage'; import cuid from 'cuid'; import * as forge from 'node-forge'; import { Unit } from '@abcpros/bitcore-lib-xpi'; import { Validation } from '@abcpros/crypto-wallet-core'; import assert from 'assert'; import messageLib from 'bitcoinjs-message'; import { resolve } from 'dns'; import { link, read } from 'fs'; import { add, countBy, findIndex, isNumber } from 'lodash'; import moment, { relativeTimeThreshold } from 'moment'; import { openStdin } from 'process'; import { stringify } from 'querystring'; import { isArrowFunction, isIfStatement, isToken, Token } from 'typescript'; import { CONNECTING } from 'ws'; import { CurrencyRateService } from './currencyrate'; import { Config } from './model/config-model'; import { CoinConfig, ConfigSwap } from './model/config-swap'; import { ConversionOrder, IConversionOrder, Output, TxDetail } from './model/conversionOrder'; import { CoinDonationToAddress, DonationInfo, DonationStorage } from './model/donation'; import { MerchantInfo } from './model/merchantinfo'; import { IMerchantOrder, MerchantOrder, PaymentType } from './model/merchantorder'; import { Order } from './model/order'; import { OrderInfoNoti } from './model/OrderInfoNoti'; import { IQPayInfo } from './model/qpayinfo'; import { RaipayFee } from './model/raipayfee'; import { TokenInfo, TokenItem } from './model/tokenInfo'; import { IUser } from './model/user'; const Client = require('@abcpros/bitcore-wallet-client').default; const Key = Client.Key; const commonBWC = require('@abcpros/bitcore-wallet-client/ts_build/lib/common'); const walletLotus = require('../../../../wallet-lotus-donation.json'); const merchantList = require('../../../../merchant-list.json'); const raipayFee = require('../../../../raipay-fee.json'); // const keyFund = require('../../../../key-store.json'); const { dirname } = require('path'); const appDir = dirname(require.main.filename); // import * as swapConfigFile from './admin-config.json'; // var obj = JSON.parse(fs.readFileSync(swapConfig, 'utf8')); const config = require('../config'); const Uuid = require('uuid'); const $ = require('preconditions').singleton(); const deprecatedServerMessage = require('../deprecated-serverMessages'); const serverMessages = require('../serverMessages'); const BCHAddressTranslator = require('./bchaddresstranslator'); const EmailValidator = require('email-validator'); const sgMail = require('@sendgrid/mail'); sgMail.setApiKey(config.emailMerchant.SENDGRID_API_KEY); let checkOrderInSwapQueueInterval = null; let swapQueueInterval = null; let conversionQueueInterval = null; let merchantOrderQueueInterval = null; let clientsFundConversion = null; let bot = null; let botNotification = null; let botSwap = null; let clientsFund = null; let clientsReceive = null; let keyFund = null; let mnemonicKeyFund = null; let mnemonicKeyFundConversion = null; let isNotiSwapOutOfFundToTelegram = false; let isNotiFundXecBelowMinimumToTelegram = false; let isNotiFundTokenBelowMinimumToTelegram = false; let isNotiFundXecInsufficientMinimumToTelegram = false; let isNotiFundTokenInsufficientMinimumToTelegram = false; let listRateWithPromise = null; const GAP_RESTART_QUEUE = config.queueNoti.GAP_RESTART_QUEUE; const NOTI_AFTER_MANY_RESTART = config.queueNoti.NOTI_AFTER_MANY_RESTART; const MAXIMUM_NOTI = config.queueNoti.MAXIMUM_NOTI; const minsOfNoti = 5; let merchantQueueFailed = 0; let merchantNotiCount = 0; let conversionQueueFailed = 0; let conversionNotiCount = 0; let swapQueueFailed = 0; let swapNotiCount = 0; const bcrypt = require('bcrypt'); const saltRounds = 10; let txIdHandled = []; let ws = null; const Bitcore = require('@abcpros/bitcore-lib'); const Bitcore_ = { btc: Bitcore, bch: require('@abcpros/bitcore-lib-cash'), xec: require('@abcpros/bitcore-lib-xec'), eth: Bitcore, xrp: Bitcore, doge: require('@abcpros/bitcore-lib-doge'), xpi: require('@abcpros/bitcore-lib-xpi'), ltc: require('@abcpros/bitcore-lib-ltc') }; const Common = require('./common'); const Utils = Common.Utils; const Constants = Common.Constants; const Defaults = Common.Defaults; const Errors = require('./errors/errordefinitions'); const shell = require('shelljs'); const BCHJS = require('@abcpros/xpi-js'); const bchURL = config.supportToken.xec.bchUrl; const bchjs = new BCHJS({ restURL: bchURL }); const ecashaddr = require('ecashaddrjs'); let request = require('request'); let initialized = false; let doNotCheckV8 = false; let lock; let storage; let blockchainExplorer; let blockchainExplorerOpts; let messageBroker; let fiatRateService; let currencyRateService; let serviceVersion; let fundingWalletClients: any; let receivingWalletClients: any; interface IAddress { coin: string; network: string; address: string; hasActivity: boolean; isChange?: boolean; } export interface IWalletService { lock: any; storage: Storage; blockchainExplorer: any; blockchainExplorerOpts: any; messageBroker: any; fiatRateService: any; notifyTicker: number; userAgent: string; walletId: string; copayerId: string; appName: string; appVersion: string; parsedClientVersion: { agent: number; major: number; minor: number }; clientVersion: string; copayerIsSupportStaff: boolean; copayerIsMarketingStaff: boolean; } export interface ICoinConfigFilter { fromDate?: Date; toDate?: Date; fromCoinCode?: string; toCoinCode?: string; status?: string; fromNetwork?: string; toNetwork?: string; orderId?: string; isInQueue?: boolean; } function boolToNum(x: boolean) { return x ? 1 : 0; } /** * Creates an instance of the Bitcore Wallet Service. * @constructor */ export class WalletService { lock: any; storage: Storage; blockchainExplorer: V8; blockchainExplorerOpts: any; messageBroker: any; fiatRateService: any; notifyTicker: number; userAgent: string; walletId: string; copayerId: string; appName: string; appVersion: string; parsedClientVersion: { agent: string; major: number; minor: number }; clientVersion: string; copayerIsSupportStaff: boolean; copayerIsMarketingStaff: boolean; request; constructor() { if (!initialized) { throw new Error('Server not initialized'); } this.lock = lock; this.storage = storage; this.blockchainExplorer = blockchainExplorer; this.blockchainExplorerOpts = blockchainExplorerOpts; this.messageBroker = messageBroker; this.fiatRateService = fiatRateService; this.notifyTicker = 0; // for testing // this.request = request; } _checkingValidAddress(address): boolean { try { const { prefix, type, hash } = ecashaddr.decode(address); if (prefix === 'ecash' || prefix === 'etoken') { return true; } else { return false; } } catch { return false; } } /** * Gets the current version of BWS */ static getServiceVersion() { if (!serviceVersion) { serviceVersion = 'bws-' + require('../../package').version; } return serviceVersion; } /** * Initializes global settings for all instances. * @param {Object} opts * @param {Storage} [opts.storage] - The storage provider. * @param {Storage} [opts.blockchainExplorer] - The blockchainExporer provider. * @param {Storage} [opts.doNotCheckV8] - only for testing * @param {Callback} cb */ static initialize(opts, cb) { $.shouldBeFunction(cb, ''); opts = opts || {}; blockchainExplorer = opts.blockchainExplorer; blockchainExplorerOpts = opts.blockchainExplorerOpts; doNotCheckV8 = opts.doNotCheckV8; if (opts.request) { request = opts.request; } const initStorage = cb => { if (opts.storage) { storage = opts.storage; return cb(); } else { const newStorage = new Storage(); newStorage.connect(opts.storageOpts, err => { if (err) { return cb(err); } storage = newStorage; return cb(); }); } }; const initMessageBroker = cb => { messageBroker = opts.messageBroker || new MessageBroker(opts.messageBrokerOpts); if (messageBroker) { messageBroker.onMessage(WalletService.handleIncomingNotifications); } return cb(); }; const initFiatRateService = cb => { if (opts.fiatRateService) { fiatRateService = opts.fiatRateService; return cb(); } else { const newFiatRateService = new FiatRateService(); const opts2 = opts.fiatRateServiceOpts || {}; opts2.storage = storage; newFiatRateService.init(opts2, err => { if (err) { return cb(err); } fiatRateService = newFiatRateService; return cb(); }); } }; const initCurrencyRateService = cb => { if (opts.currency) { currencyRateService = opts.currencyRateService; return cb(); } else { const newCurrencyRateService = new CurrencyRateService(); const opts2 = opts.currencyRateServiceOpts || {}; opts2.storage = storage; newCurrencyRateService.init(opts2, err => { if (err) { return cb(err); } currencyRateService = newCurrencyRateService; return cb(); }); } }; async.series( [ next => { initStorage(next); }, next => { initMessageBroker(next); }, next => { initFiatRateService(next); }, next => { initCurrencyRateService(next); } ], err => { lock = opts.lock || new Lock(storage); if (err) { logger.error('Could not initialize', err); throw err; } initialized = true; return cb(); } ); } static handleIncomingNotifications(notification, cb) { cb = cb || function() {}; // do nothing here.... // bc height cache is cleared on bcmonitor return cb(); } static shutDown(cb) { if (!initialized) { return cb(); } storage.disconnect(err => { if (err) { return cb(err); } initialized = false; return cb(); }); } /** * Gets an instance of the server without authentication. * @param {Object} opts * @param {string} opts.clientVersion - A string that identifies the client issuing the request */ static getInstance(opts): WalletService { opts = opts || {}; const version = Utils.parseVersion(opts.clientVersion); if (version && version.agent === 'bwc') { if (version.major === 0 || (version.major === 1 && version.minor < 2)) { throw new ClientError(Errors.codes.UPGRADE_NEEDED, 'BWC clients < 1.2 are no longer supported.'); } } const server = new WalletService(); server._setClientVersion(opts.clientVersion); server._setAppVersion(opts.userAgent); server.userAgent = opts.userAgent; return server; } /** * Gets an instance of the server after authenticating the copayer. * @param {Object} opts * @param {string} opts.copayerId - The copayer id making the request. * @param {string} opts.message - (Optional) The contents of the request to be signed. * Only needed if no session token is provided. * @param {string} opts.signature - (Optional) Signature of message to be verified using * one of the copayer's requestPubKeys. * Only needed if no session token is provided. * @param {string} opts.session - (Optional) A valid session token previously obtained using * the #login method * @param {string} opts.clientVersion - A string that identifies the client issuing the request * @param {string} [opts.walletId] - The wallet id to use as current wallet * for this request (only when copayer is support staff). */ static getInstanceWithAuth(opts, cb) { const withSignature = cb => { if (!checkRequired(opts, ['copayerId', 'message', 'signature'], cb)) { return; } let server: WalletService; try { server = WalletService.getInstance(opts); } catch (ex) { return cb(ex); } server.storage.fetchCopayerLookup(opts.copayerId, (err, copayer) => { if (err) { return cb(err); } if (!copayer) { return cb(new ClientError(Errors.codes.NOT_AUTHORIZED, 'Copayer not found')); } const isValid = !!server._getSigningKey(opts.message, opts.signature, copayer.requestPubKeys); if (!isValid) { return cb(new ClientError(Errors.codes.NOT_AUTHORIZED, 'Invalid signature')); } server.walletId = copayer.walletId; // allow overwrite walletid if the copayer is from the support team if (copayer.isSupportStaff) { server.walletId = opts.walletId || copayer.walletId; server.copayerIsSupportStaff = true; } if (copayer.isMarketingStaff) { server.copayerIsMarketingStaff = true; } server.copayerId = opts.copayerId; return cb(null, server); }); }; const withSession = cb => { if (!checkRequired(opts, ['copayerId', 'session'], cb)) { return; } let server; try { server = WalletService.getInstance(opts); } catch (ex) { return cb(ex); } server.storage.getSession(opts.copayerId, (err, s) => { if (err) { return cb(err); } const isValid = s && s.id === opts.session && s.isValid(); if (!isValid) { return cb(new ClientError(Errors.codes.NOT_AUTHORIZED, 'Session expired')); } server.storage.fetchCopayerLookup(opts.copayerId, (err, copayer) => { if (err) { return cb(err); } if (!copayer) { return cb(new ClientError(Errors.codes.NOT_AUTHORIZED, 'Copayer not found')); } server.copayerId = opts.copayerId; server.walletId = copayer.walletId; return cb(null, server); }); }); }; const authFn = opts.session ? withSession : withSignature; return authFn(cb); } _runLocked(cb, task, waitTime?: number) { $.checkState(this.walletId, 'Failed state: this.walletId undefined at <_runLocked()>'); this.lock.runLocked(this.walletId, { waitTime }, cb, task); } logi(message, ...args) { if (!this || !this.walletId) { return logger.warn(message, ...args); } message = '<' + this.walletId + '>' + message; return logger.info(message, ...args); } logw(message, ...args) { if (!this || !this.walletId) { return logger.warn(message, ...args); } message = '<' + this.walletId + '>' + message; return logger.warn(message, ...args); } logd(message, ...args) { if (!this || !this.walletId) { return logger.verbose(message, ...args); } message = '<' + this.walletId + '>' + message; return logger.verbose(message, ...args); } login(opts, cb) { let session; async.series( [ next => { this.storage.getSession(this.copayerId, (err, s) => { if (err) { return next(err); } session = s; next(); }); }, next => { if (!session || !session.isValid()) { session = Session.create({ copayerId: this.copayerId, walletId: this.walletId }); } else { session.touch(); } next(); }, next => { this.storage.storeSession(session, next); } ], err => { if (err) { return cb(err); } if (!session) { return cb(new Error('Could not get current session for this copayer')); } return cb(null, session.id); } ); } logout(opts, cb) { // this.storage.removeSession(this.copayerId, cb); } /** * Creates a new wallet. * @param {Object} opts * @param {string} opts.id - The wallet id. * @param {string} opts.name - The wallet name. * @param {number} opts.m - Required copayers. * @param {number} opts.n - Total copayers. * @param {string} opts.pubKey - Public key to verify copayers joining have access to the wallet secret. * @param {string} opts.singleAddress[=false] - The wallet will only ever have one address. * @param {string} opts.coin[='btc'] - The coin for this wallet (btc, bch, eth, doge, ltc). * @param {string} opts.network[='livenet'] - The Bitcoin network for this wallet. * @param {string} opts.account[=0] - BIP44 account number * @param {string} opts.usePurpose48 - for Multisig wallet, use purpose=48 * @param {string} opts.useNativeSegwit - for Segwit address, set addressType to P2WPKH or P2WSH */ createWallet(opts, cb) { let pubKey; if (opts.coin === 'bch' && opts.n > 1) { const version = Utils.parseVersion(this.clientVersion); if (version && version.agent === 'bwc') { if (version.major < 8 || (version.major === 8 && version.minor < 3)) { return cb( new ClientError( Errors.codes.UPGRADE_NEEDED, 'BWC clients < 8.3 are no longer supported for multisig BCH wallets.' ) ); } } } if (!checkRequired(opts, ['name', 'm', 'n', 'pubKey'], cb)) { return; } if (_.isEmpty(opts.name)) { return cb(new ClientError('Invalid wallet name')); } if (!Wallet.verifyCopayerLimits(opts.m, opts.n)) { return cb(new ClientError('Invalid combination of required copayers / total copayers')); } opts.coin = opts.coin || Defaults.COIN; if (!Utils.checkValueInCollection(opts.coin, Constants.COINS)) { return cb(new ClientError('Invalid coin')); } opts.network = opts.network || 'livenet'; if (!Utils.checkValueInCollection(opts.network, Constants.NETWORKS)) { return cb(new ClientError('Invalid network')); } const derivationStrategy = Constants.DERIVATION_STRATEGIES.BIP44; let addressType = opts.n === 1 ? Constants.SCRIPT_TYPES.P2PKH : Constants.SCRIPT_TYPES.P2SH; if (opts.useNativeSegwit) { addressType = opts.n === 1 ? Constants.SCRIPT_TYPES.P2WPKH : Constants.SCRIPT_TYPES.P2WSH; } try { pubKey = new Bitcore.PublicKey.fromString(opts.pubKey); } catch (ex) { return cb(new ClientError('Invalid public key')); } if (opts.n > 1 && !ChainService.supportsMultisig(opts.coin)) { return cb(new ClientError('Multisig wallets are not supported for this coin')); } if (ChainService.isSingleAddress(opts.coin)) { opts.singleAddress = true; } let newWallet; async.series( [ acb => { if (!opts.id) { return acb(); } this.storage.fetchWallet(opts.id, (err, wallet) => { if (wallet) { return acb(Errors.WALLET_ALREADY_EXISTS); } return acb(err); }); }, acb => { const wallet = Wallet.create({ id: opts.id, name: opts.name, m: opts.m, n: opts.n, coin: opts.coin, network: opts.network, pubKey: pubKey.toString(), singleAddress: !!opts.singleAddress, derivationStrategy, addressType, nativeCashAddr: opts.nativeCashAddr, usePurpose48: opts.n > 1 && !!opts.usePurpose48, isSlpToken: !!opts.isSlpToken, isFromRaipay: !!opts.isFromRaipay, isPath899: !!opts.isPath899 }); this.storage.storeWallet(wallet, err => { this.logd('Wallet created', wallet.id, opts.network); newWallet = wallet; return acb(err); }); } ], err => { return cb(err, newWallet ? newWallet.id : null); } ); } /** * Retrieves a wallet from storage. * @param {Object} opts * * @param {string} opts.walletId - The wallet id. * @returns {Object} wallet */ getWallet(opts, cb) { let walletId = this.walletId; if (opts.walletId) { walletId = opts.walletId; } this.storage.fetchWallet(walletId, (err, wallet) => { if (err) return cb(err); if (!wallet) return cb(Errors.WALLET_NOT_FOUND); // cashAddress migration if (wallet.coin != 'bch' || wallet.nativeCashAddr) return cb(null, wallet); // only for testing if (opts.doNotMigrate) return cb(null, wallet); // remove someday... logger.info(`Migrating wallet ${wallet.id} to cashAddr`); this.storage.migrateToCashAddr(walletId, e => { if (e) return cb(e); wallet.nativeCashAddr = true; return this.storage.storeWallet(wallet, e => { if (e) return cb(e); return cb(e, wallet); }); }); }); } /** * Retrieves a wallet from storage. * @param {Object} opts * @returns {Object} wallet */ getWalletFromId(walletId, cb) { this.storage.fetchWallet(walletId, (err, wallet) => { if (err) return cb(err); if (!wallet) return cb(Errors.WALLET_NOT_FOUND); // cashAddress migration if (wallet.coin != 'bch' || wallet.nativeCashAddr) return cb(null, wallet); // remove someday... logger.info(`Migrating wallet ${wallet.id} to cashAddr`); this.storage.migrateToCashAddr(walletId, e => { if (e) return cb(e); wallet.nativeCashAddr = true; return this.storage.storeWallet(wallet, e => { if (e) return cb(e); return cb(e, wallet); }); }); }); } /** * Retrieves a wallet from storage. * @param {Object} opts * @param {string} opts.identifier - The identifier associated with the wallet (one of: walletId, address, txid). * @param {string} opts.walletCheck - Check v8 wallet sync * @returns {Object} wallet */ getWalletFromIdentifier(opts, cb) { if (!opts.identifier) return cb(); const end = (err, ret) => { if (opts.walletCheck && !err && ret) { return this.syncWallet(ret, cb); } else { return cb(err, ret); } }; let walletId; async.parallel( [ done => { this.storage.fetchWallet(opts.identifier, (err, wallet) => { if (wallet) walletId = wallet.id; return done(err); }); }, done => { this.storage.fetchAddressByCoin(Defaults.COIN, opts.identifier, (err, address) => { if (address) walletId = address.walletId; return done(err); }); }, done => { // sent txs this.storage.fetchTxByHash(opts.identifier, (err, tx) => { if (tx) walletId = tx.walletId; return done(err); }); } ], err => { if (err) return cb(err); if (walletId) { return this.storage.fetchWallet(walletId, end); } return cb(); } ); } /** * Retrieves wallet status. * @param {Object} opts * @param {Object} opts.includeExtendedInfo - Include PKR info & address managers for wallet & copayers * @param {Object} opts.includeServerMessages - Include server messages array * @param {Object} opts.tokenAddress - (Optional) Token contract address to pass in getBalance * @param {Object} opts.multisigContractAddress - (Optional) Multisig ETH contract address to pass in getBalance * @param {Object} opts.network - (Optional ETH MULTISIG) Multisig ETH contract address network * @returns {Object} status */ getStatus(opts, cb) { opts = opts || {}; const status: { wallet?: IWallet; serverMessage?: { title: string; body: string; link: string; id: string; dismissible: boolean; category: string; app: string; }; serverMessages?: Array<{ title: string; body: string; link: string; id: string; dismissible: boolean; category: string; app: string; priority: number; }>; balance?: string; pendingTxps?: ITxProposal[]; preferences?: boolean; } = {}; async.parallel( [ next => { this.getWallet({}, (err, wallet) => { if (err) return next(err); const walletExtendedKeys = ['publicKeyRing', 'pubKey', 'addressManager']; const copayerExtendedKeys = ['xPubKey', 'requestPubKey', 'signature', 'addressManager', 'customData']; wallet.copayers = _.map(wallet.copayers, copayer => { if (copayer.id == this.copayerId) return copayer; return _.omit(copayer, 'customData'); }); if (!opts.includeExtendedInfo) { wallet = _.omit(wallet, walletExtendedKeys); wallet.copayers = _.map(wallet.copayers, copayer => { return _.omit(copayer, copayerExtendedKeys); }); } status.wallet = wallet; if (opts.includeServerMessages) { status.serverMessages = serverMessages(wallet, this.appName, this.appVersion); } else { status.serverMessage = deprecatedServerMessage(wallet, this.appName, this.appVersion); } next(); }); }, next => { opts.wallet = status.wallet; this.getBalance(opts, (err, balance) => { // ignore WALLET_NEED_SCAN err is includeExtendedInfo is given // (to allow `importWallet` to import a wallet, while scan has // failed) if (opts.includeExtendedInfo) { if (err && err.code != 'WALLET_NEED_SCAN') { return next(err); } } else if (err) { return next(err); } status.balance = balance; next(); }); }, next => { this.getPendingTxs(opts, (err, pendingTxps) => { if (err) return next(err); status.pendingTxps = pendingTxps; next(); }); }, next => { this.getPreferences({}, (err, preferences) => { if (err) return next(err); status.preferences = preferences; next(); }); } ], err => { if (err) return cb(err); return cb(null, status); } ); } /* * Verifies a signature * @param text * @param signature * @param pubKeys */ _verifySignature(text, signature, pubkey) { return Utils.verifyMessage(text, signature, pubkey); } /* * Verifies a request public key * @param requestPubKey * @param signature * @param xPubKey */ _verifyRequestPubKey(requestPubKey, signature, xPubKey) { const pub = new Bitcore.HDPublicKey(xPubKey).deriveChild(Constants.PATHS.REQUEST_KEY_AUTH).publicKey; return Utils.verifyMessage(requestPubKey, signature, pub.toString()); } /* * Verifies signature againt a collection of pubkeys * @param text * @param signature * @param pubKeys */ _getSigningKey(text, signature, pubKeys) { return _.find(pubKeys, item => { return this._verifySignature(text, signature, item.key); }); } /** * _notify * * @param {String} type * @param {Object} data * @param {Object} opts * @param {Boolean} opts.isGlobal - If true, the notification is not issued on behalf of any particular copayer (defaults to false) */ _notify(type, data, opts, cb?: (err?: any, data?: any) => void) { if (_.isFunction(opts)) { cb = opts; opts = {}; } opts = opts || {}; // this.logi('Notification', type); cb = cb || function() {}; const walletId = this.walletId || data.walletId; const copayerId = this.copayerId || data.copayerId; $.checkState(walletId, 'Failed state: walletId undefined at <_notify()>'); const notification = Notification.create({ type, data, ticker: this.notifyTicker++, creatorId: opts.isGlobal ? null : copayerId, walletId }); this.storage.storeNotification(walletId, notification, () => { this.messageBroker.send(notification); return cb(); }); } _notifyTxProposalAction(type, txp, extraArgs, cb?: (err?: any, data?: any) => void) { if (_.isFunction(extraArgs)) { cb = extraArgs; extraArgs = {}; } const data = _.assign( { txProposalId: txp.id, creatorId: txp.creatorId, amount: txp.getTotalAmount(), message: txp.message, tokenAddress: txp.tokenAddress, multisigContractAddress: txp.multisigContractAddress }, extraArgs ); this._notify(type, data, {}, cb); } _addCopayerToWallet(wallet, opts, cb) { const copayer = Copayer.create({ coin: wallet.coin, name: opts.name, copayerIndex: wallet.copayers.length, xPubKey: opts.xPubKey, requestPubKey: opts.requestPubKey, signature: opts.copayerSignature, customData: opts.customData, derivationStrategy: wallet.derivationStrategy }); this.storage.fetchCopayerLookup(copayer.id, (err, res) => { if (err) return cb(err); if (res) return cb(Errors.COPAYER_REGISTERED); if (opts.dryRun) return cb(null, { copayerId: null, wallet }); wallet.addCopayer(copayer); this.storage.storeWalletAndUpdateCopayersLookup(wallet, err => { if (err) return cb(err); async.series( [ next => { this._notify( 'NewCopayer', { walletId: opts.walletId, copayerId: copayer.id, copayerName: copayer.name }, {}, next ); }, next => { if (wallet.isComplete() && wallet.isShared()) { this._notify( 'WalletComplete', { walletId: opts.walletId }, { isGlobal: true }, next ); } else { next(); } } ], () => { return cb(null, { copayerId: copayer.id, wallet }); } ); }); }); } _addKeyToCopayer(wallet, copayer, opts, cb) { wallet.addCopayerRequestKey(copayer.copayerId, opts.requestPubKey, opts.signature, opts.restrictions, opts.name); this.storage.storeWalletAndUpdateCopayersLookup(wallet, err => { if (err) return cb(err); return cb(null, { copayerId: copayer.id, wallet }); }); } /** * Adds access to a given copayer * * @param {Object} opts * @param {string} opts.copayerId - The copayer id * @param {string} opts.requestPubKey - Public Key used to check requests from this copayer. * @param {string} opts.copayerSignature - S(requestPubKey). Used by other copayers to verify the that the copayer is himself (signed with REQUEST_KEY_AUTH) * @param {string} opts.restrictions * - cannotProposeTXs * - cannotXXX TODO * @param {string} opts.name (name for the new access) */ addAccess(opts, cb) { if (!checkRequired(opts, ['copayerId', 'requestPubKey', 'signature'], cb)) return; this.storage.fetchCopayerLookup(opts.copayerId, (err, copayer) => { if (err) return cb(err); if (!copayer) return cb(Errors.NOT_AUTHORIZED); this.storage.fetchWallet(copayer.walletId, (err, wallet) => { if (err) return cb(err); if (!wallet) return cb(Errors.NOT_AUTHORIZED); const xPubKey = wallet.copayers.find(c => c.id === opts.copayerId).xPubKey; if (!this._verifyRequestPubKey(opts.requestPubKey, opts.signature, xPubKey)) { return cb(Errors.NOT_AUTHORIZED); } if (copayer.requestPubKeys.length > Defaults.MAX_KEYS) return cb(Errors.TOO_MANY_KEYS); this._addKeyToCopayer(wallet, copayer, opts, cb); }); }); } /** * Update user password and return recovery key * * @param {Object} opts * @param {string} opts.password - User password */ updateKeysPassword(opts, cb) { if (!opts.password) { return cb(new Error('Missing required parameter password')); } const storage = this.storage; bcrypt.hash(opts.password, saltRounds, function(err, hashPass) { // Store hash in your password DB. if (err) return cb(err); const recoveryKey = cuid(); bcrypt.hash(recoveryKey, saltRounds, function(err, hashKey) { // const user = { // email: opts.email, // hashPassword: hashPass, // recoveryKey: hashKey // } as IUser; storage.fetchKeys((err, result: Keys) => { if (err) return cb(err); if (result) { result.hashPassword = hashPass; storage.updateKeys(result, (err, result) => { if (err) return cb(err); if (result) return cb(null, recoveryKey); }); } else { const keys = { keyFund: null, keyReceive: null, hashPassword: hashPass, hashRecoveryKey: recoveryKey } as Keys; storage.storeKeys(keys, (err, result) => { if (err) return cb(err); return cb(null, recoveryKey); }); } }); }); }); } /** * Update user password and return recovery key * * @param {Object} opts * @param {string} opts.password - User password */ updateKeysPasswordConversion(opts, cb) { if (!opts.password) { return cb(new Error('Missing required parameter password')); } const storage = this.storage; bcrypt.hash(opts.password, saltRounds, function(err, hashPass) { // Store hash in your password DB. if (err) return cb(err); const recoveryKey = cuid(); bcrypt.hash(recoveryKey, saltRounds, function(err, hashKey) { // const user = { // email: opts.email, // hashPassword: hashPass, // recoveryKey: hashKey // } as IUser; storage.fetchKeysConversion((err, result: KeysConversion) => { if (err) return cb(err); if (result) { result.hashPassword = hashPass; storage.updateKeysConversion(result, (err, result) => { if (err) return cb(err); if (result) return cb(null, recoveryKey); }); } else { const keys = { keyFund: null, hashPassword: hashPass, hashRecoveryKey: recoveryKey } as Keys; storage.storeKeysConversion(keys, (err, result) => { if (err) return cb(err); return cb(null, recoveryKey); }); } }); }); }); } /** * Verify user password * * @param {Object} opts * @param {string} opts.email - User email * @param {string} opts.password - User password */ verifyPassword(opts, cb) { if (!opts.email) { return cb(new Error('Missing required parameter email')); } if (!opts.password) { return cb(new Error('Missing required parameter password')); } this.storage.fetchKeys((err, keys: Keys) => { if (err) return cb(err); bcrypt .compare(opts.password, keys.hashPassword) .then(result => { if (err) return cb(err); if (!result) return cb(new Error('Invalid password')); return cb(null, result); }) .catch(e => { return cb(e); }); }); } /** * Verify user password * * @param {Object} opts * @param {string} opts.email - User email * @param {string} opts.password - User password */ verifyConversionPassword(opts, cb) { if (!opts.email) { return cb(new Error('Missing required parameter email')); } if (!opts.password) { return cb(new Error('Missing required parameter password')); } this.storage.fetchKeysConversion((err, keys: Keys) => { if (err) return cb(err); bcrypt .compare(opts.password, keys.hashPassword) .then(result => { if (err) return cb(err); if (!result) return cb(new Error('Invalid password')); return cb(null, result); }) .catch(e => { return cb(e); }); }); } // return a Promise // sharedKey: Buffer, plainText: Uint8Array encrypt(sharedKey, plainText) { // Split shared key const iv = forge.util.createBuffer(sharedKey.slice(0, 16)); const key = forge.util.createBuffer(sharedKey.slice(0, 16)); const cipher = forge.cipher.createCipher('AES-CBC', key); cipher.start({ iv }); const rawBuffer = forge.util.createBuffer(plainText); cipher.update(rawBuffer); cipher.finish(); const cipherText = cipher.output.toHex(); return cipherText; } // return a Promise // sharedKey: Buffer, plainText: Uint8Array decrypt(sharedKey: Buffer, cipherText: string) { try { // Split shared key const iv = forge.util.createBuffer(sharedKey.slice(0, 16)); const key = forge.util.createBuffer(sharedKey.slice(0, 16)); // Encrypt entries const cipher = forge.cipher.createDecipher('AES-CBC', key); cipher.start({ iv }); const convertedCiphertext = forge.util.hexToBytes(cipherText); const rawBuffer = new forge.util.ByteBuffer(convertedCiphertext); cipher.update(rawBuffer); cipher.finish(); const plainText = Uint8Array.from(Buffer.from(cipher.output.toHex(), 'hex')); return plainText; } catch (e) { console.log(e); } } /** * Update key for swap * * @param {Object} opts * @param {string} opts.keyFund - key fund * @param {string} opts.keyReceive - key receive */ importSeed(opts, cb) { if (!opts.keyFund && !opts.keyReceive) { return cb(new Error('Missing required key')); } this.storage.fetchKeys((err, keys) => { if (keys) { if (opts.keyFund && opts.keyFund.length > 0) { keys.keyFund = this.encrypt(config.sharedKey, opts.keyFund); } if (opts.keyReceive && opts.keyReceive.length > 0) { keys.keyReceive = this.encrypt(config.sharedKey, opts.keyReceive); } this.storage.updateKeys(keys, (err, result) => { if (err) return cb(err); this.restartHandleSwapQueue(err => { if (err) return cb(err); return cb(null, true); }); }); } else { return cb(null, false); } }); } /** * Update key for conversion * * @param {Object} opts * @param {string} opts.keyFund - key fund */ importSeedConversion(opts, cb) { if (!opts.keyFund) { return cb(new Error('Missing required key')); } this.storage.fetchKeysConversion((err, keys) => { if (err) return cb(err); if (keys) { if (opts.keyFund && opts.keyFund.length > 0) { keys.keyFund = this.encrypt(config.sharedKey, opts.keyFund); } this.storage.updateKeysConversion(keys, (err, result) => { if (err) return cb(err); this.restartHandleConversionQueue(err => { if (err) return cb(err); return cb(null, true); }); }); } else { return cb(null, false); } }); } /** * Checking if exist deposit or swap fund */ checkingSeedExist(cb) { this.storage.fetchKeys((err, keys) => { if (err) return cb(err); if (!keys) { return cb(null, { isKeyExisted: false }); } else { return cb(null, { isKeyExisted: true }); } }); } /** * Checking if exist deposit or swap fund */ checkingSeedConversionExist(cb) { this.storage.fetchKeysConversion((err, keys) => { if (err) return cb(err); if (!keys) { return cb(null, { isKeyExisted: false }); } else { return cb(null, { isKeyExisted: true }); } }); } /** * Renew password for user and return new recovery key * * @param {Object} opts * @param {string} opts.oldPassword - User old password * @param {string} opts.newPassword - User new password * @param {string} opts.recoveryKey - User recovery key */ renewPassword(opts, cb) { if (!opts.newPassword) { return cb(new Error('Missing required parameter new password')); } if (!(opts.oldPassword || opts.recoveryKey)) { return cb(new Error('Missing requirement parameter password or recovery key to re new password')); } this.storage.fetchKeys((err, keys: Keys) => { if (err) return cb(err); const compareValue = { text: '', hash: '' }; if (opts.oldPassword.length > 0) { compareValue.text = opts.oldPassword; compareValue.hash = keys.hashPassword; } else if (opts.recoveryKey.length > 0) { compareValue.text = opts.recoveryKey; compareValue.hash = keys.hashRecoveryKey; } bcrypt .compare(compareValue.text, compareValue.hash) .then(result => { if (result) { this.updateKeysPassword({ password: opts.newPassword }, (err, recoveryKey) => { if (err) return cb(err); return cb(null, recoveryKey); }); } else { return cb(new Error('Invalid data. Please try again')); } }) .catch(e => { return cb(e); }); }); } /** * Renew password for user and return new recovery key * * @param {Object} opts * @param {string} opts.oldPassword - User old password * @param {string} opts.newPassword - User new password * @param {string} opts.recoveryKey - User recovery key */ renewPasswordConversion(opts, cb) { if (!opts.newPassword) { return cb(new Error('Missing required parameter new password')); } if (!(opts.oldPassword || opts.recoveryKey)) { return cb(new Error('Missing requirement parameter password or recovery key to re new password')); } this.storage.fetchKeysConversion((err, keys: KeysConversion) => { if (err) return cb(err); const compareValue = { text: '', hash: '' }; if (opts.oldPassword.length > 0) { compareValue.text = opts.oldPassword; compareValue.hash = keys.hashPassword; } else if (opts.recoveryKey.length > 0) { compareValue.text = opts.recoveryKey; compareValue.hash = keys.hashRecoveryKey; } bcrypt .compare(compareValue.text, compareValue.hash) .then(result => { if (result) { this.updateKeysPasswordConversion({ password: opts.newPassword }, (err, recoveryKey) => { if (err) return cb(err); return cb(null, recoveryKey); }); } else { return cb(new Error('Invalid data. Please try again')); } }) .catch(e => { return cb(e); }); }); } _setClientVersion(version) { delete this.parsedClientVersion; this.clientVersion = version; } _setAppVersion(userAgent) { const parsed = Utils.parseAppVersion(userAgent); if (!parsed) { this.appName = this.appVersion = null; } else { this.appName = parsed.app; this.appVersion = parsed; } } _parseClientVersion() { if (_.isUndefined(this.parsedClientVersion)) { this.parsedClientVersion = Utils.parseVersion(this.clientVersion); } return this.parsedClientVersion; } _clientSupportsPayProRefund() { const version = this._parseClientVersion(); if (!version) return false; if (version.agent != 'bwc') return true; if (version.major < 1 || (version.major == 1 && version.minor < 2)) return false; return true; } static _getCopayerHash(name, xPubKey, requestPubKey) { return [name, xPubKey, requestPubKey].join('|'); } /** * Joins a wallet in creation. * @param {Object} opts * @param {string} opts.walletId - The wallet id. * @param {string} opts.coin[='btc'] - The expected coin for this wallet (btc, bch, eth, doge, ltc). * @param {string} opts.name - The copayer name. * @param {string} opts.xPubKey - Extended Public Key for this copayer. * @param {string} opts.requestPubKey - Public Key used to check requests from this copayer. * @param {string} opts.copayerSignature - S(name|xPubKey|requestPubKey). Used by other copayers to verify that the copayer joining knows the wallet secret. * @param {string} opts.customData - (optional) Custom data for this copayer. * @param {string} opts.dryRun[=false] - (optional) Simulate the action but do not change server state. */ joinWallet(opts, cb) { if (!checkRequired(opts, ['walletId', 'name', 'xPubKey', 'requestPubKey', 'copayerSignature'], cb)) return; if (_.isEmpty(opts.name)) return cb(new ClientError('Invalid copayer name')); opts.coin = opts.coin || Defaults.COIN; if (!Utils.checkValueInCollection(opts.coin, Constants.COINS)) return cb(new ClientError('Invalid coin')); let xPubKey; try { xPubKey = Bitcore_[opts.coin].HDPublicKey(opts.xPubKey); } catch (ex) { return cb(new ClientError('Invalid extended public key')); } if (_.isUndefined(xPubKey.network)) { return cb(new ClientError('Invalid extended public key')); } this.walletId = opts.walletId; this._runLocked(cb, cb => { this.storage.fetchWallet(opts.walletId, (err, wallet) => { if (err) return cb(err); if (!wallet) return cb(Errors.WALLET_NOT_FOUND); if (opts.coin === 'bch' && wallet.n > 1) { const version = Utils.parseVersion(this.clientVersion); if (version && version.agent === 'bwc') { if (version.major < 8 || (version.major === 8 && version.minor < 3)) { return cb( new ClientError( Errors.codes.UPGRADE_NEEDED, 'BWC clients < 8.3 are no longer supported for multisig BCH wallets.' ) ); } } } if (wallet.n > 1 && wallet.usePurpose48) { const version = Utils.parseVersion(this.clientVersion); if (version && version.agent === 'bwc') { if (version.major < 8 || (version.major === 8 && version.minor < 4)) { return cb( new ClientError(Errors.codes.UPGRADE_NEEDED, 'Please upgrade your client to join this multisig wallet') ); } } } if (wallet.n > 1 && wallet.addressType === 'P2WSH') { const version = Utils.parseVersion(this.clientVersion); if (version && version.agent === 'bwc') { if (version.major < 8 || (version.major === 8 && version.minor < 17)) { return cb( new ClientError(Errors.codes.UPGRADE_NEEDED, 'Please upgrade your client to join this multisig wallet') ); } } } if (opts.coin != wallet.coin) { return cb(new ClientError('The wallet you are trying to join was created for a different coin')); } if (wallet.network != xPubKey.network.name) { return cb(new ClientError('The wallet you are trying to join was created for a different network')); } // New client trying to join legacy wallet if (wallet.derivationStrategy == Constants.DERIVATION_STRATEGIES.BIP45) { return cb( new ClientError('The wallet you are trying to join was created with an older version of the client app.') ); } const hash = WalletService._getCopayerHash(opts.name, opts.xPubKey, opts.requestPubKey); if (!this._verifySignature(hash, opts.copayerSignature, wallet.pubKey)) { return cb(new ClientError()); } if ( _.find(wallet.copayers, { xPubKey: opts.xPubKey }) ) return cb(Errors.COPAYER_IN_WALLET); if (wallet.copayers.length == wallet.n) return cb(Errors.WALLET_FULL); this._addCopayerToWallet(wallet, opts, cb); }); }); } /** * Save copayer preferences for the current wallet/copayer pair. * @param {Object} opts * @param {string} opts.email - Email address for notifications. * @param {string} opts.language - Language used for notifications. * @param {string} opts.unit -