feat(cloud-sync): integrate keyless credential into sync credential system #9894
+2,243
−223
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sidmorizon
requested review from
ezailWang,
huhuanming,
originalix and
revan-zhang
as code owners
Contributor
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
|
All alerts resolved. Learn more about Socket for GitHub. This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
sidmorizon
force-pushed
the
feat/keyless-sync
branch
3 times, most recently
from
a5e866b to
415e922
Compare
Add keylessData and keylessDataTime fields to cloud sync schemas and types to support keyless wallet encryption alongside existing password-based encryption.
Add comprehensive keyless cloud sync methods to ServicePrimeCloudSync: - Keyless credential derivation and caching - Active sync mode detection (OnekeyId/Keyless/None) - Data source determination based on timestamps - Bidirectional encryption conversion between modes - Mode switch handling with automatic data migration This enables seamless switching between OneKey ID sync and Keyless wallet sync while preserving user data integrity.
Implement local mock storage and API methods for keyless cloud sync: - Add keylessMockApi with query, upload, and clear operations - Add mockApiDownloadItemsKeyless, mockApiUploadItemsKeyless methods - Add mockApiCheckServerStatusKeyless for status checking - Add getKeylessSyncAuth for authentication headers - Skip Lock/Reset/Flush operations in keyless mode - Fix null safety for convertServerItemToLocalItem return type
Allow cloud sync mode to proceed when enabled and register a new developer gallery route.
…ystem - Add keylessCredential to ICloudSyncCredential type for unified credential handling - Update cloudSyncItemBuilder to support keyless encryption/decryption - Modify getSyncCredentialWithCache to return keyless credential in Keyless mode - Update sync flow to properly handle keylessData and keylessDataTime fields - Fix LocalDbBase to persist keylessData and keylessDataTime on updates - Change IDBCloudSyncItem keyless fields from optional to explicit undefined type
- Disable swift-lsp plugin in settings - Update spell checker skip words with 'pwdhash' - Remove keylessData and keylessDataTime fields from LocalDbBase, RealmSchemaCloudSyncItem, and related types - Introduce pwdHash in relevant data structures for cloud sync
- Introduce a unified method for computing pwdHash based on sync mode. - Refactor cloud sync item handling to utilize the new pwdHash logic. - Update ServicePrimeCloudSync to streamline data conversion and encryption processes. - Remove deprecated keylessData and keylessDataTime fields, focusing on pwdHash for validation. - Enhance keyless credential management by integrating pwdHash computation into the sync workflow.
- Add keyless mock server build and start scripts to root package.json - Implement HTTP-based mock API with signature verification - Add onPressLoadingEnabled prop to Button component for async operations - Connect CloudSyncGallery to use loading-enabled buttons - Replace in-memory storage with mock server HTTP endpoints
- Create standalone keyless cloud sync mock server with HTTP API endpoints - Add build scripts and TypeScript config for mock server - Refactor keylessCloudSyncMockApi to use HTTP client instead of in-memory storage - Add environment variable support for mock server URL configuration - Support upload, download, check-status, and clear operations via HTTP - Add CLI entry point for starting mock server independently Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
…g and unified pwdHash - Add comprehensive BIP32 key encryption documentation - Fix keyless credential derivation to use deterministic decrypted keys - Remove keyless wallet filtering from sync flow managers - Unify pwdHash retrieval from sync credential across all modes - Clean up duplicate API calls in mock server - Add debug tools and UI improvements for keyless sync testing - Remove unused import in Button component
…ation - Add a guideline to avoid using JSON.stringify() for cryptographic operations, promoting the use of stringUtils.stableStringify() for deterministic serialization. - Refactor keylessCloudSyncUtils to export functions directly, improving usability and clarity. - Update BIP32 key documentation to clarify encryption states and usage. - Clean up ServiceMasterPassword and CloudSyncItemBuilder by removing unnecessary checks and improving error handling. - Adjust keyless sync constants to reflect updated derivation paths for better clarity and consistency.
sidmorizon
force-pushed
the
feat/keyless-sync
branch
from
415e922 to
18d0364
Compare
…ylessWallet - Comment out the createKeylessWallet function calls in both useKeylessWallet and FinalizeWalletSetupPage to prevent unintended execution during onboarding. - Add a new property `skipAddHDNextIndexedAccount` to IDBCreateHDWalletParams for improved wallet creation flexibility.
…ndling - Comment out the wait timer in getKeylessWallet for future removal. - Add checks for deviceId in context to enhance flow control. - Introduce skipAddHDNextIndexedAccount property to improve wallet creation parameters.
- Introduce timing logs for `isCloudSyncIsAvailable` and `getSyncCredentialSafe` methods to monitor performance. - Update `LocalDbBase` to handle existing sync items more robustly with optional chaining. - Add `IExistingSyncItemsInfo` type for improved type safety in sync item handling. - Implement a conditional check for `skipAddHDNextIndexedAccount` during indexed account addition to enhance wallet creation flexibility.
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
keylessCredentialtoICloudSyncCredentialtype for unified credential handlingcloudSyncItemBuilderto support keyless encryption/decryption based on credential typegetSyncCredentialWithCacheto return keyless credential when in Keyless sync modekeylessDataandkeylessDataTimefieldsLocalDbBaseto persist keyless data fields on updatesIDBCloudSyncItemkeyless fields from optional (?) to explicit| undefinedtypeTest plan
🤖 Generated with Claude Code