Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Better management of disposable keys in wallet #4040

Open
grarco opened this issue Nov 15, 2024 · 1 comment
Open

Better management of disposable keys in wallet #4040

grarco opened this issue Nov 15, 2024 · 1 comment

Comments

@grarco
Copy link
Collaborator

grarco commented Nov 15, 2024

We currently run a cleanup procedure of expired disposable keys when generating a new one:

let disposable_keys_to_gc = self
.store
.get_public_keys()
.keys()
.filter(|key_alias| {
check_if_disposable_key_and(
key_alias,
|_pkh, key_creation_unix_timestamp| {
let seconds_since_key_creation = checked!(
current_unix_timestamp
- key_creation_unix_timestamp
)
.expect(
"Key should have been created before the current \
time instant!",
);
seconds_since_key_creation
> DISPOSABLE_KEY_LIFETIME_IN_SECONDS
},
)
})
.cloned()
.collect::<Vec<_>>();
for key_alias in disposable_keys_to_gc {
self.store.remove_alias(&key_alias);
}

Since we plan to use disposable keys more now, this logic can turn out to be quite dangerous: in general we should not remove keys (not even disposable ones) without an explicit consent from the user. We should remove this logic and replace it with a wallet command that checks the balance of disposable keys and remove (after receiving a confirmation from the user) those whose balance is 0. To achieve this we should probably associate a specific token to the disposable key to avoid the need to look for balances of arbitrary tokens (disposable keys are used with a single token anyways). We could also remove the timestamp from the alias since it would not be needed anymore.

As suggested by @sug0 we could also think of introducing first class support in the wallet for disposable keys, since at the moment they are recognized by just their aliases. By doing this we could, for example, avoid displaying them with namadaw list.

@grarco
Copy link
Collaborator Author

grarco commented Jan 21, 2025

After #4233 we'll have the need to refund shielded ibc txs to a disposable address but at the moment we only support generating them on the fly for fee payment: we should extend their usage

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant