KarpelesLab / libwallet / 26147422913
22%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 121
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 22.26% (+0.2%) from 22.105%
26147422913

push

github

MagicalTux 
wltwallet: device-to-device wallet transfer over Spot

Tibane needed a way to copy a wallet (including its device share
private key) from an old phone to a new phone without forcing the
user through the auto-reshare path, which adds a round trip and
isn't useful when the user has both phones in hand. Add four
endpoints driving a QR-scanned, single-Spot-roundtrip transfer:

  Wallet:exportToDevice          (old) opens a 5-minute session,
                                 returns an opaque pairingCode for
                                 the host to render as QR
  Wallet:exportToDevice:confirm  (old) after biometric + keystore
                                 read, hand the device-share bytes
                                 to libwallet
  Wallet:exportToDevice:cancel   (old) decline the pending request
  Wallet:importFromDevice        (new) takes the scanned code,
                                 returns wallet id + device shares

Payload is AES-256-GCM-sealed with a key derived from the QR-borne
32-byte token via HKDF-SHA-256 (sid binds the key per session and
also acts as AEAD additional-data). Layered on top of Spot's own
bottle encryption so a future bottle-layer leak doesn't expose the
device share; the QR is the proof-of-possession factor an attacker
on the Spot transport can't forge.

The old-device handler emits wallet:transfer:pair_received the
moment the new device connects, carrying { sid, wallet_id,
peer_spot_id, peer_fingerprint }, so the host can paint a
confirmation prompt before deciding whether to release the
payload. The handler blocks on confirm/cancel with a 90-second
ceiling — long enough for the user to read the prompt and pass
biometric, short enough that an abandoned session doesn't sit
forever.

The new device's importFromDevice writes the wallet JSON through
the standard restoreSingleWalletFile path (same path
Wallet:restore uses) so the host's existing wallet:restored
listener fires automatically. The device shares come back i... (continued)

120 of 419 new or added lines in 2 files covered. (28.64%)

3918 of 17601 relevant lines covered (22.26%)

107.16 hits per line

Uncovered Changes

Lines Coverage File
282
21.23
 wltwallet/transfer.go
17
72.13
 wltwallet/transfer_crypto.go
Jobs
ID Job ID Ran Files Coverage
1 26147422913.1 121
22.26
 GitHub Action Run
Source Files on build 26147422913