ethereum / clef-ui Goto Github PK

Right now, we are only getting signed transaction response for OnApproveTx

Martin will be adding OnApproveSignData.

Steps:

1. Open Clef UI
2. Send a request
3. Click into request view
4. Click back
5. Repeat 3 + 4 until UI freezes

Force quit the UI to exit freezez for now

Currently we are not showing ORIGIN and USER AGENT from the rpc meta data.

ORIGIN shows where the domain that made the request come from
USER AGENT show the user agent of user

Neither will be present if request is made with IPC.

Additional Consideration:

• There can be any number of new meta field being added to RPC response. The UI should find a way to show all info in the future.

Please refer to ApproveListing API

• Add ApproveListing handler to pkg/rpc/rpc.go
• Implement ApproveListing UI. There is no mock, but you can refer to the reference UI down below. We don't have to be super polished on styling for now, as there is no real design for this yet. Refer to ApproveSignData for what's already implemented.
• I am not sure if the API allow us to response with a filtered list of account. If so, please also implement the ability to check/uncheck the account that users wish to return. If not, let's just return all accounts on Approve

Reference UI

Data come from call_info:message

There is CRITICAL, WARNING and INFO.

CRITICAL: show warning and don't allow user to advance. An example message is "message":"Tx destination is the zero address!","type":"CRITICAL" when to address is all zeros

INFO give you a human-readable string of the ABI call.

WARNING give you an error message, that we should surface to the user. The longest error message will likely be "Tx contains data, but provided ABI signature could not be matched: WARNING: Supplied data is stuffed with extra data. \nWant 0100000000000000000000000000000000000000000000000000000000000012\nHave 0000000000000000000000000000000000000000000000000000000000000012\nfor method safeSend(address)"

According to specs, Clef UI MUST show the blocky-identicon for ethereum addresses.

This task is just the implement the QWidget for the blocky identicon. We should be able to call something like NewBlocky(address string) *QWidget and get back a widget.

This task DOES NOT include adding blocky to other approval screens. But feel free to do so if it helps with development.

Currently we are using LOCAL ENDPOINT as a label for local. However, LOCAL ENDPOINT is not clear to the user what it actually means. We should find better names for these labels.

Repo:

1. Receive new account request
2. Create password that's less than 10 characters
3. see error
4. Now create password that is longer than 10 characters
5. see that the first request didn't go thru
6. Repeat step 4
7. See that request went thru

(Just tried to repo, but these repo steps does that reproduce the bug 100% of the time)

Tried to make a dev environment on debian-9, but ran into some errors:

user@debian-work:~/go/src/github.com/kyokan/clef-ui$ make deps
go get -u github.com/ethereum/go-ethereum
go get -u github.com/therecipe/qt
go get -u github.com/sirupsen/logrus
go get -u github.com/dchest/siphash
go get -u github.com/powerman/rpc-codec/jsonrpc2
go get -u golang.org/x/tools/imports
go install github.com/ethereum/go-ethereum/cmd/clef
go install github.com/therecipe/qt
go install github.com/therecipe/qt/cmd/qtdeploy
go install github.com/therecipe/qt/cmd/qtsetup
make: dep: Command not found
Makefile:6: recipe for target 'deps' failed
make: *** [deps] Error 127

Most of it seemed to work, so I continued anyway

user@debian-work:~/go/src/github.com/kyokan/clef-ui$ make run
go build -o ./build/clefui ./cmd/clefui/main.go
# github.com/therecipe/qt/quickcontrols2
quickcontrols2.cpp:9:22: fatal error: QByteArray: No such file or directory
 #include <QByteArray>
                      ^
compilation terminated.
# github.com/therecipe/qt/core
core.cpp:9:30: fatal error: QAbstractAnimation: No such file or directory
 #include <QAbstractAnimation>
                              ^
compilation terminated.
Makefile:26: recipe for target 'build' failed
make: ***
Error 2

I did install Qt 5.11.1 according to the instructions, using the official package. I did not install 'system package managers version' -- I thought that should not be needed, since it said:

Your applications won't run on a different distro than the one you used to deploy your application, but this is currently the only option to make your application look native on your distro.

And we want cross-platform, right?

Need to update the following two views:

• ApproveSignData
• ApproveTx

Clef UI API is changing

Pending PRs
ethereum/go-ethereum#17704
ethereum/go-ethereum#17554

MasterPassword
First of all OnMasterPassword(request *PasswordRequest) (PasswordResponse, error)

    PasswordRequest struct {
        Prompt string `json:"prompt"`
    }
    PasswordResponse struct {
        Password string `json:"password"`
    }

Secondly that OnAccounts or something like it

Thirdly, I'm leaning towards removing Import from the external API

Currently account listing only show addresses. We should show identicon next to address

1. If address match checksum, then return NO WARNING, else -->
2. If address is all lower case or all uppercase, then return NO CHECKSUM (yellow warning)
3. If address is mixed case, then return INVALID CHECKSUM (red warning)
   3a. If INVALID CHECKSUM, prevent user from advancing

Please refer to Show Error API

• Add support for ShowError in pkg/rpc/rpc.go. You can declare an empty struct as the reply parameters of the RPC handler, as this method does not expect a reply
• Add UI to show a pop up dialog on ShowError request
• The pop up dialog just need to show the error message (check out QErrorMessage) and an "x" button to allow user to close the message.

Approve Export API

• Implement handler in pkg/rpc/rpc.go
• Implement ApproveExport UI
• You will have to rely on a bit of creativity here. There is no prior views to reference, and there are no mocks. The goal of the UI is to display all request params to the user, and allow them to approve/reject. At minimal, the UI should include Request Info (refer to ApproveSignData), and Transaction Info that includes all others requst params from the RPC request.

https://github.com/KDE/snorenotify

According to specs, Clef UI SHOULD verify the permissions on the signer binary, and refuse to execute or warn if permissions allow non-user write.

For completion of this task, Clef UI should:

• Verify permission on signer binary
• If the permission allow non-user write, display a message that says "Your signer binary allows non-user write. Clef will not start"
• We should show the same button that allow the user to set their own directory to geth.

Please refer to #3 for maximum context.

Please refer to Show Info API

• Add support for ShowInfo in pkg/rpc/rpc.go. You can declare an empty struct as the reply parameters of the RPC handler, as this method does not expect a reply
• Add UI to show a pop up dialog on ShowInfo request
• The pop up dialog just need to show the error message (check out QT Dialog) and an "x" button to allow user to close the message.

• Clef-UI SHOULD try to start Clef with $GOPATH env var to see if go-ethereum is there
• Clef-UI SHOULD inform the user about the SHA256 or MD5 hash of the binary being executed
• Login UI SHOULD allow user to select GETH directory

Login UI should have the following state (sorry, no mocks):
READY TO START CLEF
In this case, GOPATH AND go-ethereum is found, and Clef is ready to be started. We should show the user the SHA256 or MD5 hash of the binary that is going to be executed. The user should be able to do the following actions:

1. Click "Start Clef" to start Clef
2. Click "Change Directroy" to use a File Dialog to select the right folder. After which, the UI will go back to #1

CLEF NOT FOUND
In this case, we cannot find GOPATH or go-ethereum. We should show the user a message that says "We cannot locate your go-ethereum directory." The user should be able to perform the following actions:

1. Click "Set Directory" to use a File Dialog to select the right folder. After which, the UI will go back to #1 of READY TO START CLEF
2. Click "Download Geth" and redirect user to the geth homepage.

According to specs, Clef UI MUST display approproate warning if the destination-account is formatted with invalid checksum.

This task should add a small (font-size 10px) warning message in color red below the destination address if the address has an invalid checksum. AFAIK, signTransaction should be the only view that requires this change, as it is the only view with a destination address.

This task DOES NOT include added warning message to sending ERC20 for now. In the future, we should add checksum validation for ERC20 transactions as well (Created #4 to track).