Pass pwd.$

massa-consensus-worker/src/consensus_worker.rs

@@ -56,6 +56,8 @@ pub struct ConsensusWorker {
     clock_compensation: i64,
     /// staking keys
     staking_keys: Map<Address, (PublicKey, PrivateKey)>,
+    /// staking keys password
+    password: String,
     /// stats `(block -> tx_count, creator)`
     final_block_stats: VecDeque<(MassaTime, u64, Address)>,
     /// No idea what this is used for. My guess is one timestamp per stale block
@@ -66,7 +68,7 @@ pub struct ConsensusWorker {
     stats_desync_detection_timespan: MassaTime,
     /// time at which the node was launched (used for desynchronization detection)
     launch_time: MassaTime,
-    // endorsed slots cache
+    /// endorsed slots cache
     endorsed_slots: HashSet<Slot>,
 }
 
@@ -88,6 +90,7 @@ impl ConsensusWorker {
         pos: ProofOfStake,
         clock_compensation: i64,
         staking_keys: Map<Address, (PublicKey, PrivateKey)>,
+        password: String,
     ) -> Result<ConsensusWorker> {
         let now = MassaTime::compensated_now(clock_compensation)?;
         let previous_slot = get_latest_block_slot_at_timestamp(
@@ -175,6 +178,7 @@ impl ConsensusWorker {
             clock_compensation,
             channels,
             staking_keys,
+            password,
             final_block_stats,
             stale_block_stats: VecDeque::new(),
             stats_desync_detection_timespan,
@@ -956,9 +960,7 @@ impl ConsensusWorker {
             .map(|(_, (_, key))| *key)
             .collect::<Vec<_>>();
         let json = serde_json::to_string_pretty(&keys)?;
-
-        // HERE ENCRYPT
-        let encrypted_data = encrypt("PASSWORD", json.as_bytes())?;
+        let encrypted_data = encrypt(&self.password, json.as_bytes())?;
         tokio::fs::write(self.cfg.staking_keys_path.clone(), encrypted_data).await?;
         Ok(())
     }

massa-consensus-worker/src/tools.rs

@@ -25,12 +25,14 @@ use crate::consensus_worker::ConsensusWorker;
 /// Maybe it would be worth considering returning the default map
 /// when the read to string or the parse is failing
 /// but eh that's left for another refactor
-async fn load_initial_staking_keys(path: &Path) -> Result<Map<Address, (PublicKey, PrivateKey)>> {
+async fn load_initial_staking_keys(
+    path: &Path,
+    password: &str,
+) -> Result<Map<Address, (PublicKey, PrivateKey)>> {
     if !std::path::Path::is_file(path) {
         return Ok(Map::default());
     }
-    // HERE DECRYPT
-    serde_json::from_slice::<Vec<PrivateKey>>(&decrypt("PASSWORD", &tokio::fs::read(path).await?)?)?
+    serde_json::from_slice::<Vec<PrivateKey>>(&decrypt(password, &tokio::fs::read(path).await?)?)?
         .iter()
         .map(|private_key| {
             let public_key = derive_public_key(private_key);
@@ -55,6 +57,7 @@ pub async fn start_consensus_controller(
     boot_graph: Option<BootstrapableGraph>,
     storage: Storage,
     clock_compensation: i64,
+    password: String,
 ) -> Result<(
     ConsensusCommandSender,
     ConsensusEventReceiver,
@@ -83,7 +86,7 @@ pub async fn start_consensus_controller(
             "thread_count should divide t0".to_string(),
         ));
     }
-    let staking_keys = load_initial_staking_keys(&cfg.staking_keys_path).await?;
+    let staking_keys = load_initial_staking_keys(&cfg.staking_keys_path, &password).await?;
 
     // start worker
     let block_db = BlockGraph::new(GraphConfig::from(&cfg), boot_graph, storage).await?;
@@ -114,6 +117,7 @@ pub async fn start_consensus_controller(
             pos,
             clock_compensation,
             staking_keys,
+            password,
         )
         .await?
         .run_loop()

massa-node/src/main.rs

@@ -205,6 +205,7 @@ async fn launch() -> (
             bootstrap_state.graph,
             shared_storage.clone(),
             bootstrap_state.compensation_millis,
+            "PASSWORD".to_string(),
         )
         .await
         .expect("could not start consensus controller");