Comments (9)
selimyanat
commented on August 30, 2024
1
Update on the issue:
I have managed to install and enable the plugin through the following command:
vault write sys/plugins/catalog/secret/ethereum-plugin \
command="vault-ethereum --ca-cert=/Users/selim/etc/vault/file/root.crt --client-cert=/Users/selim/etc/vault/file/vault.crt \
--client-key=/Users/selim/etc/vault/file/vault.key" sha_256="${SHASUM256}"
vault secrets enable ethereum-plugin
Success! Enabled the ethereum-plugin secrets engine at: ethereum-plugin/
In order to enable the plugin with Vault 1.1.0 you need to update the go-plugin dependency to the latest version to overcome a bug introduced in the previous versions.
Once i have everything up and running i will issue a PR.
from vault-ethereum.
cypherhat
commented on August 30, 2024
I haven't tested with the latest release of Vault yet. I will this weekend. Possibly, I will have to re-release the plugin based on changes to Vault.
My suggestion is to use a version of Vault < 1.1.0. I will let you know my experience with 1.1.0 later.
from vault-ethereum.
selimyanat
commented on August 30, 2024
all right thank you, i will let you know about my progress as well.
from vault-ethereum.
selimyanat
commented on August 30, 2024
Hello there,
I have downgraded Vault to the version 0.11.3 and i managed to go further in the installation but i could not enable the plugin. Running the command down below
vault secrets enable -path=ethereum -description="Immutability's Ethereum Wallet" -plugin-name=ethereum-plugin plugin
produces the following log
2019-03-22T15:33:10.250+0100 [DEBUG] secrets.plugin.plugin_d024ecf4.ethereum-plugin: starting plugin: metadata=true path=/Users/selim/etc/vault/file/plugins/vault-ethereum args="[/Users/selim/etc/vault/file/plugins/vault-ethereum --tls-skip-verify --ca-cert=/Users/selim/etc/vault/file/root.crt --client-cert=/Users/selim/etc/vault/file/vault.crt \
--client-key=/Users/selim/etc/vault/file/vault.key]"
2019-03-22T15:33:10.253+0100 [DEBUG] secrets.plugin.plugin_d024ecf4.ethereum-plugin: waiting for RPC address: metadata=true path=/Users/selim/etc/vault/file/plugins/vault-ethereum
2019-03-22T15:33:10.285+0100 [DEBUG] secrets.plugin.plugin_d024ecf4.ethereum-plugin.vault-ethereum: plugin address: metadata=true address=/var/folders/p0/kyz821fx23dfh2wq6wgk67_w0000gn/T/plugin722266914 network=unix timestamp=2019-03-22T15:33:10.285+0100
2019-03-22T15:33:10.285+0100 [TRACE] secrets.plugin.plugin_d024ecf4.ethereum-plugin: setup: transport=gRPC status=started
2019-03-22T15:33:15.290+0100 [TRACE] secrets.plugin.plugin_d024ecf4.ethereum-plugin: setup: transport=gRPC status=finished err="rpc error: code = Unknown desc = timeout waiting for connection info" took=5.005082611s
2019-03-22T15:33:15.290+0100 [ERROR] secrets.system.system_a10c9e43: mount failed: path=ethereum-plugin/ error="rpc error: code = Unknown desc = timeout waiting for connection info"
The audit log produces:
{
"time": "2019-03-22T14:33:15.291436Z",
"type": "response",
"auth": {
"client_token": "hmac-sha256:c3a13acb2a66d323030857c0d846a06fc62b540c310f923cb981de0aba5a18e7",
"accessor": "hmac-sha256:82721cb10bdb40d1b7773adcd53d0a12bfaf738df2e53d8396a8b50b2129ba25",
"display_name": "root",
"policies": [
"root"
],
"token_policies": [
"root"
],
"metadata": null,
"entity_id": ""
},
"request": {
"id": "2d9b217f-de92-9c47-0fcc-a7d909c8e724",
"operation": "update",
"client_token": "hmac-sha256:c3a13acb2a66d323030857c0d846a06fc62b540c310f923cb981de0aba5a18e7",
"client_token_accessor": "hmac-sha256:82721cb10bdb40d1b7773adcd53d0a12bfaf738df2e53d8396a8b50b2129ba25",
"namespace": {
"id": "root",
"path": ""
},
"path": "sys/mounts/ethereum-plugin",
"data": {
"plugin_name": "hmac-sha256:d56d111ae02d61148b2da5b2615581272cfd93aa035e96558d9b62ada0c196ca",
"type": "hmac-sha256:842f9fd3eebbcca077043da0c637575dcbd4f45c400ccad531f58bd487ba2c75"
},
"policy_override": false,
"remote_address": "127.0.0.1",
"wrap_ttl": 0,
"headers": {
}
},
"response": {
"data": {
"error": "hmac-sha256:5af5367a3b685ce3e4e29d36e86621f25b497d79b2343c4983793c672aaf443a"
}
},
"error": "1 error occurred:\n\n* invalid request"
}
You can see that the messages in the logs are not the same, one is arguing that the request is invalid whereas the other is complaining about a timeout connection. Note that am using for my tests the root token.
Let me know if you need more clarification.
Thank you
from vault-ethereum.
cypherhat
commented on August 30, 2024
I tested this afternoon:
OS:Mojave 10.14.3
Golang: go1.12 darwin/amd64
Vault: Vault v1.1.0 ('36aa8c8dd1936e10ebd7a4c1d412ae0e6f7900bd')
I built the plugin after I pulled the latest vault and go-ethereum code.
$ vault write sys/plugins/catalog/ethereum-plugin \
sha_256="$(shasum -a 256 "$HOME/etc/vault.d/vault_plugins/vault-ethereum" | cut -d' ' -f1)" \
command="vault-ethereum --ca-cert=$HOME/etc/vault.d/root.crt --client-cert=$HOME/etc/vault.d/vault.crt --client-key=$HOME/etc/vault.d/vault.key"
$ vault secrets enable -path=ethereum/prod -description="Immutability's Ethereum Wallet - PROD" -plugin-name=ethereum-plugin plugin
$ vault write ethereum/prod/config rpc_url="https://mainnet.infura.io" chain_id="1" api_key=$MY_API_KEY
Everything worked.
$ vault write ethereum/prod/convert unit_from=eth amount=1 unit_to=usd
Key Value
--- -----
amount_from 1
amount_to 137.737830017
unit_from ether
unit_to usd
from vault-ethereum.
cypherhat
commented on August 30, 2024
I will re-release the binary today.
from vault-ethereum.
selimyanat
commented on August 30, 2024
Hello there,
I have updated the source and give another try, unfortunately i always have the same error described in my original message. Am not a vault expert but it s like vault is not able to communicate with the plugin ?? is there an issue with the certificate generation ? or am i missing something ? Note that the warning message down below appears whenever invoking the command to write the plugin in vault:
received plugin exited before we could connect attempting as db plugin, attempting as auth/secret plugin
from vault-ethereum.
selimyanat
commented on August 30, 2024
So it turned out that the command to register a plugin in vault > 1.0 should include the plugin type
vault write sys/plugins/catalog/secret/ethereum-plugin \
command="vault-ethereum --ca-cert=/Users/selim/etc/vault/file/root.crt --client-cert=/Users/selim/etc/vault/file/vault.crt \
--client-key=/Users/selim/etc/vault/file/vault.key" sha_256=9c60deec1d20264d69e88bd6e42dcc75a323fee9bd699fdc70ffe93d731f3032
Success! Data written to: sys/plugins/catalog/secret/ethereum-plugin
However, the command to enable the plugin is not working it gives the a 400 http code
vault secrets enable -path=ethereum-api -description="Immutability's Ethereum Wallet" ethereum-plugin
Error enabling: Error making API request.
URL: POST https://localhost:8200/v1/sys/mounts/ethereum-api
Code: 400. Errors:
* rpc error: code = Unknown desc = timeout waiting for connection info
The logs
2019-03-25T19:53:32.046+0100 [TRACE] secrets.ethereum-plugin.ethereum-plugin_58936b78.ethereum-plugin: setup: transport=gRPC status=started
2019-03-25T19:53:37.048+0100 [TRACE] secrets.ethereum-plugin.ethereum-plugin_58936b78.ethereum-plugin: setup: transport=gRPC status=finished err="rpc error: code = Unknown desc = timeout waiting for connection info" took=5.001443042s
2019-03-25T19:53:37.048+0100 [ERROR] secrets.system.system_4ba6fc24: mount failed: path=ethereum-api/ error="rpc error: code = Unknown desc = timeout waiting for connection info"
The audit log
{
"time": "2019-03-25T18:53:37.049039Z",
"type": "response",
"auth": {
"client_token": "hmac-sha256:e6d899de896cf18f232bae0f4d1c96495296c89536e58cd7aa28c80359ec8ae3",
"accessor": "hmac-sha256:eaebdc29a3400595b1e77cc667545c1c80c6d0ab4c09181d73941fc5a0ce4960",
"display_name": "root",
"policies": [
"root"
],
"token_policies": [
"root"
],
"metadata": null,
"entity_id": "",
"token_type": "service"
},
"request": {
"id": "59f69044-cc0f-5b3f-2c4d-d12f90985e2c",
"operation": "update",
"client_token": "hmac-sha256:e6d899de896cf18f232bae0f4d1c96495296c89536e58cd7aa28c80359ec8ae3",
"client_token_accessor": "hmac-sha256:eaebdc29a3400595b1e77cc667545c1c80c6d0ab4c09181d73941fc5a0ce4960",
"namespace": {
"id": "root",
"path": ""
},
"path": "sys/mounts/ethereum-api",
"data": {
"config": {
"default_lease_ttl": "hmac-sha256:8955ad6bac76f49f628889c71625b44a2ab3823be867320ff1007d2cc2bb6d61",
"force_no_cache": false,
"max_lease_ttl": "hmac-sha256:8955ad6bac76f49f628889c71625b44a2ab3823be867320ff1007d2cc2bb6d61",
"options": null
},
"description": "hmac-sha256:5d0d9bc126695aad21be6d2574942684f1d67db7a27aa581c6577725dd44c6b8",
"local": false,
"options": null,
"seal_wrap": false,
"type": "hmac-sha256:c906fe92c4ced2164320c0707ead2a5c73f29f4e3c98e1a31762ee44feb5d86d"
},
"policy_override": false,
"remote_address": "127.0.0.1",
"wrap_ttl": 0,
"headers": {
}
},
"response": {
"data": {
"error": "hmac-sha256:fbc5664a6bdcf4a463839d2dd6c6aae54d4dd0b0b01c86a555e9c73f75998bae"
},
"headers": null
},
"error": "1 error occurred:\n\t* invalid request\n\n"
}
from vault-ethereum.
cypherhat
commented on August 30, 2024
Fixed: https://github.com/immutability-io/vault-ethereum/releases/tag/v0.2.8
from vault-ethereum.
Related Issues (20)
- Unable to use Self Signed Certificate
- Can we save string data inside ethereum HOT 1
- How to pass hex string data to sign-tx HOT 7
- Finding Logs for the ethereum plugin HOT 3
- Error in path_blocks.go HOT 1
- Feature questions: importing ABI, filtering, and logging HOT 2
- Unrecognized remote plugin message HOT 15
- Error writing data to ethereum-plugin/config: Error making API request. HOT 2
- Error when setting config HOT 1
- When "address_to" is not mentioned during the transaction signing, the funds are transferred to NULL address. HOT 1
- Can I use vault plugin for quorum? HOT 1
- unusable message signing (ethereum/accounts/:name/sign and ethereum/accounts/:name/verify) HOT 9
- unable to install
- sign-tx function sign transaction incorrectly.
- Sign message & verify signed message are not working properly HOT 1
- Unable to modify gas_limit parameter on sign-tx request HOT 1
- Curl not working properly for Erc20, Erc721 HOT 1
- How to backup data
- Unable to enable secrets path using newer version of Vault and ethereum plugin binary
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vault-ethereum.