Skip to content

v0.0.5-beta

Pre-release
Pre-release
Compare
Choose a tag to compare
@The-Sycorax The-Sycorax released this 31 Dec 09:11
· 34 commits to main since this release
v0.0.5-beta
b10a9af

Overview:

This is the 5th beta release of the Denaro Wallet Client, developed by The Sycorax. This release introduces a number of significant features and enhancements, marking a major milestone in the ongoing commitment to develop a robust, efficient, and secure wallet client for the Denaro cryptocurrency.

This release brings a comprehensive overhaul to the wallet client and introduces a wide range of new features such as transaction support, balance checking, choosing a Denaro node, the ability to import wallet entries, multi-address generation, Wallet Annihilation, and new CLI options. This release also introduces numerous improvements and additions to core features, organizational restructuring of the internal code-base, and changes to the JSON data structure of wallet files.

Due to the amount of new features and changes that have been made, there is an increased likelihood of encountering bugs in this version. As such, this beta release is considered experimental. It is recommended that users thoroughly read the disclaimer and changelog before using this version.

DISCLAIMER:

Neither The-Sycorax nor contributors of this project assume liability for any loss of funds incurred through the use of this software! Be advised that this is an experimental beta release, and is not recommended for production use.

User are solely responsible for the security and management of their assets! Therefore, it is strongly recommended that users back up their cryptographic keys and wallets before using this software.

The use of this software implies acceptance of ALL associated risks, including financial losses, with no liability on The-Sycorax or contributors of this project. This software is provided 'as is' under the MIT License without guarantees or warranties of any kind, express or implied.

Full Changelog:

Organizational Changes:

  • Restructured cryptographic_util.py:
    • Divided various classes into separate utility modules for enhanced optimization and organization.
    • Renamed 'TOTP_Utils' to 'TOTP'.
    • Renamed 'CryptoWallet' to 'EncryptDecryptUtils'.
    • Merged 'EncryptionUtils' class methods into 'EncryptDecryptUtils'.
    • Renamed 'VerificationUtils' to 'Verification' and relocated to a new module verification_utils.py.
    • Moved 'DataManipulation' class to a new module data_manipulation_util.py.
    • Retained 'ProofOfWork', 'TOTP', and 'EncryptDecryptUtils' classes in cryptographic_util.py.
    • Renamed 'key_generation.py' to 'wallet_generation_util.py'.
    • Relocated all utility modules to denaro/wallet/utils directory.

Transaction Support:

  • New modules have been added to facilitate transaction support.

    • These new modules include: transaction.py, transaction_input.py, transaction_output.py, and coinbase_transaction.py.

  • Various functions have been added to wallet_client.py to facilitate transaction and balance management.

    • These new functions include: prepareTransaction, create_transaction, get_address_info, checkBalance, get_balance_info, validate_and_select_node, and initialize_wallet.

New Sub-commands and Options:

Note: This changelog dose not include full usage documentation. Documentation will be made available at a later time to reflect these changes.

  • A send sub-command with multiple options has been added, allowing users to initiate transactions.

  • A balance sub-command with multiple options has been added, allowing users to check the balance of addresses associated with their wallet.

  • An import sub-command has been added to facilitate the import of wallet entries based on the private key associated with an address.

  • Introduced a -show option to the decryptwallet filter and balance sub-commands, allowing users to selectively filter wallet entries based on their origin (See the 'Changes to Wallet JSON Data' section for more information). This option includes two choices:

    • -show generated: Retrieves only wallet entries that have been internally generated.
    • -show imported: Retrieves only wallet entries that have been imported by the user.

  • Introduced a -node option for the send and balance sub-commands, allowing users to choose a preferred Denaro node for conducting transactions or checking balances. This option requires a valid IP or URL string. If a node is not specified by the user, then the wallet client will use the default Denaro node (https://denaro-node.gaetano.eu.org)

  • Introduced an -amount option to the generateaddress sub-command, enabling users to generate multiple addresses in a single command, with a maximum limit of 256 addresses (subject to change).

Improvements and Additions:

  • Conducted a thorough refactoring of verbose logging mechanisms within the generateAddressHelper function for improved clarity and efficiency.

  • Enhanced the generateAddressHelper function to support multi-address generation and to streamline the process of importing wallet entries.

  • After wallet data has been generated, a warning about the risks of disclosing mnemonic phrases or private keys will be shown to the user.

  • After wallet data has been generated, the cryptographic keys along with the Denaro address associated with the data will be shown to the user. For non-deterministic wallet data, the mnemonic phrase, private key, and address are displayed, while for deterministic wallet data, only the private key and address are shown. The master mnemonic is also displayed but only when a new wallet is generated.

  • Added a generate_from_private_key function to wallet_generation_util.py for generating wallet data directly from a private key.

  • Refactored the decryptWalletEntries function to allow for both the output of unencrypted wallet data and the capability to filter and process wallet entries based on their origin (See the 'Changes to Wallet JSON Data' section and the new -show option for more information).

  • Incorporated various messages within the decryptWalletEntries function to accommodate the newly introduced transaction and balance checking features.

  • Integrated a feature in the wallet decryption process to display a count of decrypted entries out of the total number of entries (e.g. "Decrypting wallet entry 3 of 15").

  • Implemented validation of wallet addresses and private keys using regular expression patterns.

  • Modified the sort_arguments_based_on_input and check_args functions to ensure proper usage of CLI arguments and to prevent erroneous combinations that could lead to errors.

  • Addressed and corrected various typos throughout the codebase.

  • Slightly optimized some functions for enhanced efficiency and performance.

  • The Wallet Annihilation feature now only performs a single deletion pass instead of two, reducing operational overhead.

  • Eliminated repetitive code in the update_failed_attempts and reset_failed_attempts methods by consolidating common functionalities into a singular get_failed_attempts method, thereby reducing code redundancy.

  • Implemented robust validation using regular expressions for IP addresses, URLs, and port numbers. This specifically applies when utilizing the -node option. The validation process rigorously checks the format of the entered values, ensuring they conform to standard IP, URL, and port number patterns. This also ensures secure and error-free connections for subsequent web requests.

    • Node verification has also been implemented to check if the user-provided IP or URL might be associated with actual Denaro node (See the 'Denaro Node Verification' section for more information).

Wallet Annihilation:

Changes to Wallet JSON Data Structure:

  • The imported_entries object array is a new addition to the wallet architecture, and has been implemented to accommodate the new import feature. This array is used specifically for storing wallet entries that have been imported by the user, and will be added to the JSON structure of a wallet file whenever a user first performs an import. The imported_entries is distinct from the entries array which holds internally generated wallet entries. The introduction of imported_entries serves several critical purposes:

    1. Data Segregation: It provides a clear separation between entries originating from what has been internally generated by the wallet client (stored in entries) and those imported by the user (stored in imported_entries). This segregation is vital for maintaining data organization and clarity within wallet JSON data.

    2. Deterministic Wallet Data Generation: The deterministic generation of wallet data relies on the total number of objects stored in the entries array. Specifically, this count (+1) is used as an index in the address derivation path for generating child keys and their corresponding addresses. Introducing data from external sources into the entries array would disrupt this deterministic process. The separation of imported_entries ensures the integrity and consistency of the deterministic generation of wallet data by isolating imported data from the internal generation process.

    3. Operational Integrity: By keeping imported entries in a separate array, the wallet system avoids potential conflicts and errors that could arise from mixing externally sourced data with internally generated data. This separation is fundamental to the reliable and secure operation of the wallet.

In summary, imported_entries enhances the wallet's functionality by providing a dedicated space for user-imported entries, thereby protecting the integrity of the deterministic generation process and ensuring the wallet's overall operational efficiency and security.

Denaro Node Verification:

  • A verification procedure has been introduced to confirm the authenticity of a Denaro node specified by the user. This specifically applies when utilizing the -node option. This process is critical for ensuring secure and accurate network connections. However this process is not 100% foolproof (See 'Potential Security Implication').

  • Initial Verification Step:

    • The process begins by retrieving the latest block number from a trusted Denaro node (e.g., https://denaro-node.gaetano.eu.org/get_mining_info). This block number serves as a reference point for the validation process.

  • Random Block Number Generation:

    • A random block number is generated, ranging between 0 and the latest block number retrieved. This step introduces a layer of unpredictability, enhancing the robustness of the verification process.

  • Block Hash Retrieval and Comparison:

    • The trusted Denaro node is queried to obtain the block hash corresponding to the randomly selected block number (e.g. https://denaro-node.gaetano.eu.org/get_block?block=123456).
    • A subsequent request is made to the user-provided IP or URL to retrieve the block hash for the same block number.
    • The hashes obtained from both the trusted and user-provided nodes are then compared.

  • Final Verification:

    • If the block hash from the user-provided node is the same as that from the trusted node, then it is a strong indicator that the user-provided node is a legitimate Denaro node.
    • After the process is complete then all subsequent requests for transactions or balance checking will be made using the user-provided node.
    • If verification fails then the wallet client will use the default Denaro node (https://denaro-node.gaetano.eu.org).

  • Potential Security Implication – Proxy/Relay Nodes:

    • It's crucial to recognize that this method is not 100% foolproof. A server could function as a proxy or relay, forwarding requests to the trusted node. This behavior could mask the server's identity, making it appear as a legitimate Denaro node.

    • This means that even if the block hashes match, there is a possibility that the user-provided node might not be an actual Denaro node, but rather a malicious server relaying information from a genuine node. This can deceive users into believing they are interacting with a trusted node.

    • While the relayed data might be accurate, the intermediary server (proxy/relay) could potentially intercept, log, or even manipulate the data being transmitted between the user and the Denaro blockchain. This could lead to sensitive information being compromised, incorrect balance information, or even the execution of malicious transactions.

    • In light of the potential security implication it is imperative for users to protect their assets and security by being well-informed, vigilant, and to use trusted Denaro Nodes.

Installation:

For detailed installation procedures, CLI usage, and example commands, refer to the README.md file in the repository.

Feedback:

Testing and feedback are invaluable for the ongoing development of this project. Users are encouraged to report any issues, bugs, or provide feedback for improvement.

Assets 2
Loading