go-ethereum/accounts/scwallet
Martin HS ab49f228ad
all: update to go version 1.22.1 (#28946)
Since Go 1.22 has deprecated certain elliptic curve operations, this PR removes 
references to the affected functions and replaces them with a custom implementation
in package crypto. This causes backwards-incompatible changes in some places.

---------

Co-authored-by: Marius van der Wijden <m.vanderwijden@live.de>
Co-authored-by: Felix Lange <fjl@twurst.com>
2024-03-18 17:36:50 +01:00
..
apdu.go More review feedback 2019-04-08 13:21:22 +02:00
hub.go all: fix typos in comments (#28881) 2024-02-05 22:16:32 +01:00
README.md accounts, cmd: fix typos (#28300) 2023-10-11 11:29:10 +03:00
securechannel.go all: update to go version 1.22.1 (#28946) 2024-03-18 17:36:50 +01:00
wallet.go all: replace some cases of strings.SplitN with strings.Cut (#28446) 2023-11-15 14:42:33 +01:00

Using the smartcard wallet

Requirements

  • A USB smartcard reader
  • A keycard that supports the status app
  • PCSCD version 4.3 running on your system Only version 4.3 is currently supported

Preparing the smartcard

WARNING: FOLLOWING THESE INSTRUCTIONS WILL DESTROY THE MASTER KEY ON YOUR CARD. ONLY PROCEED IF NO FUNDS ARE ASSOCIATED WITH THESE ACCOUNTS

You can use status' keycard-cli and you should get at least version 2.1.1 of their smartcard application

You also need to make sure that the PCSC daemon is running on your system.

Then, you can install the application to the card by typing:

keycard install -a keycard_v2.2.1.cap && keycard init

At the end of this process, you will be provided with a PIN, a PUK and a pairing password. Write them down, you'll need them shortly.

Start geth with the console command. You will notice the following warning:

WARN [04-09|16:58:38.898] Failed to open wallet                    url=keycard://044def09                          err="smartcard: pairing password needed"

Write down the URL (keycard://044def09 in this example). Then ask geth to open the wallet:

> personal.openWallet("keycard://044def09", "pairing password")

The pairing password has been generated during the card initialization process.

The process needs to be repeated once more with the PIN:

> personal.openWallet("keycard://044def09", "PIN number")

If everything goes well, you should see your new account when typing personal on the console:

> personal
WARN [04-09|17:02:07.330] Smartcard wallet account derivation failed url=keycard://044def09 err="Unexpected response status Cla=0x80, Ins=0xd1, Sw=0x6985"
{
  listAccounts: [],
  listWallets: [{
      status: "Empty, waiting for initialization",
      url: "keycard://044def09"
  }],
  ...
}

So the communication with the card is working, but there is no key associated with this wallet. Let's create it:

> personal.initializeWallet("keycard://044def09")
"tilt ... impact"

You should get a list of words, this is your seed so write them down. Your wallet should now be initialized:

> personal.listWallets
[{
  accounts: [{
      address: "0x678b7cd55c61917defb23546a41803c5bfefbc7a",
      url: "keycard://044d/m/44'/60'/0'/0/0"
  }],
  status: "Online",
  url: "keycard://044def09"
}]

You're all set!

Usage

  1. Start geth with the console command
  2. Check the card's URL by checking personal.listWallets:
  listWallets: [{
      status: "Online, can derive public keys",
      url: "keycard://a4d73015"
  }]
  1. Open the wallet, you will be prompted for your pairing password, then PIN:
personal.openWallet("keycard://a4d73015")
  1. Check that creation was successful by typing e.g. personal. Then use it like a regular wallet.

Known issues

  • Starting geth with a valid card seems to make firefox crash.
  • PCSC version 4.4 should work, but is currently untested