chore: refactoring & tests for ensureDelegatedIdentityKey with Secure Store

Author: peter-sanderson

suite-common/secure-storage/src/index.ts

@@ -6,3 +6,4 @@ export type {
     EncryptionError,
 } from './secureStorage';
 export { asEncryptedHex, EncryptionUnavailable, DecryptionFailed } from './secureStorage';
+export type { SecureStorageDep } from './secureStorage';

suite-common/secure-storage/src/secureStorage.ts

@@ -27,6 +27,8 @@ export const DecryptionFailed = (): DecryptionFailed => ({
 export type EncryptionError = EncryptionUnavailable;
 export type DecryptionError = EncryptionUnavailable | DecryptionFailed;
 
+export type SecureStorageDep = { secureStorage: SecureStorage };
+
 export interface SecureStorage {
     encrypt: <T extends EncryptableBranded>(params: {
         value: T;

suite-common/suite-sync-storage/src/Owner.ts

@@ -11,3 +11,5 @@ export const CreateSuiteSyncOwnerError = (message: string): CreateSuiteSyncOwner
 export type CreateSuiteSyncOwner = (params: {
     data: string;
 }) => Result<SuiteSyncOwner, CreateSuiteSyncOwnerError>;
+
+export type CreateSuiteSyncOwnerDep = { createSuiteSyncOwner: CreateSuiteSyncOwner };

suite-common/suite-sync-storage/src/index.ts

@@ -2,10 +2,11 @@ export type {
     SuiteSyncStorageRepository,
     CreateSuiteSyncStorageRepository,
     CreateSuiteStorage,
+    CreateSuiteStorageDep,
 } from './SuiteSyncStorageRepository';
 export { createSuiteSyncStorageRepositoryFactory } from './SuiteSyncStorageRepository';
 export type { SuiteSyncStorage } from './SuiteSyncStorage';
-export type { CreateSuiteSyncOwner } from './Owner';
+export type { CreateSuiteSyncOwner, CreateSuiteSyncOwnerDep } from './Owner';
 export { CreateSuiteSyncOwnerError } from './Owner';
 export type {
     SuiteSync,

suite-common/suite-sync/src/createSuiteSyncCompositionRoot.ts

@@ -1,17 +1,18 @@
 import { Dispatch } from '@reduxjs/toolkit';
 
-import { SecureStorage } from '@suite-common/secure-storage';
+import { SecureStorageDep } from '@suite-common/secure-storage';
 import {
-    CreateSuiteStorage,
-    CreateSuiteSyncOwner,
+    CreateSuiteStorageDep,
+    CreateSuiteSyncOwnerDep,
     SuiteSync,
     createSuiteSyncStorageRepositoryFactory,
 } from '@suite-common/suite-sync-storage';
 import {
     createEnsureDelegatedIdentityKey,
-    createGetDelegatedIdentityKey,
+    createLoadDelegatedIdentityKeyFromState,
     createSaveDelegatedIdentityKey,
     selectAllDeviceOwners,
+    selectDeviceDelegatedIdentityKey,
 } from '@suite-common/wallet-core';
 
 import {
@@ -29,13 +30,12 @@ import { selectSuiteSyncRelayUrl } from './suiteSyncSelectors';
 import { createTurnOffSuiteSync } from './turnOffSuiteSync';
 
 type CreateSuiteSyncCompositionRootDeps = {
-    createSuiteStorage: CreateSuiteStorage;
-    createSuiteSyncOwner: CreateSuiteSyncOwner;
     getState: () => any;
     dispatch: Dispatch;
     trezorConnect: EnsureSuiteSyncOwnerDeps['trezorConnect'];
-    secureStorage: SecureStorage;
-};
+} & CreateSuiteStorageDep &
+    CreateSuiteSyncOwnerDep &
+    SecureStorageDep;
 
 export const createSuiteSyncCompositionRoot = (
     deps: CreateSuiteSyncCompositionRootDeps,
@@ -61,10 +61,11 @@ export const createSuiteSyncCompositionRoot = (
 
     // Todo: this shall be extracted upstream in the composition root
     const ensureDelegatedIdentityKey = createEnsureDelegatedIdentityKey({
-        getDelegatedIdentityKey: createGetDelegatedIdentityKey({
+        loadDelegatedIdentityKeyFromState: createLoadDelegatedIdentityKeyFromState({
             dispatch: deps.dispatch,
-            getState: deps.getState,
             secureStorage: deps.secureStorage,
+            getDeviceDelegatedIdentityKey: deviceId =>
+                selectDeviceDelegatedIdentityKey(deps.getState(), deviceId),
         }),
         saveDelegatedIdentityKey: createSaveDelegatedIdentityKey({
             dispatch: deps.dispatch,

suite-common/suite-sync/src/device/ensureSuiteSyncOwnerKeys.ts

@@ -35,6 +35,10 @@ export type EnsureSuiteSyncOwnerKeys = (
     >
 >;
 
+export type EnsureSuiteSyncOwnerDep = {
+    ensureSuiteSyncOwnerKeys: EnsureSuiteSyncOwnerKeys;
+};
+
 export const createEnsureSuiteSyncOwnerKeys =
     (deps: EnsureSuiteSyncOwnerDeps): EnsureSuiteSyncOwnerKeys =>
     async ({ device, delegatedKey }) => {

suite-common/suite-sync/src/refreshSuiteSyncKeys.ts

@@ -1,27 +1,25 @@
 import { Dispatch } from '@reduxjs/toolkit';
 
-import { EncryptionUnavailable } from '@suite-common/secure-storage';
 import { CreateSuiteSyncOwnerError } from '@suite-common/suite-sync-storage';
 import { TrezorDevice } from '@suite-common/suite-types';
 import {
     DeviceCancelledErr,
     DeviceError,
-    EnsureDelegatedIdentityKey,
+    EnsureDelegatedIdentityKeyDep,
     ProofOfDelegatedSignFailed,
     deviceActions,
     selectDevices,
 } from '@suite-common/wallet-core';
 import { isTrezorDeviceWithState } from '@suite-common/wallet-utils';
 import { Result, err, ok } from '@trezor/type-utils';
 
-import { EnsureSuiteSyncOwnerKeys } from './device/ensureSuiteSyncOwnerKeys';
+import { EnsureSuiteSyncOwnerDep } from './device/ensureSuiteSyncOwnerKeys';
 
 export type RefreshSuiteSyncKeysDeps = {
     getState: () => any;
     dispatch: Dispatch;
-    ensureDelegatedIdentityKey: EnsureDelegatedIdentityKey;
-    ensureSuiteSyncOwnerKeys: EnsureSuiteSyncOwnerKeys;
-};
+} & EnsureSuiteSyncOwnerDep &
+    EnsureDelegatedIdentityKeyDep;
 
 type RefreshSuiteSyncKeysParams = {
     device: TrezorDevice;
@@ -42,7 +40,6 @@ export type RefreshSuiteSyncKeys = (
         void,
         | DeviceError
         | DeviceCancelledErr
-        | EncryptionUnavailable
         | DeviceDoesNotSupportSuiteSyncErr
         | ProofOfDelegatedSignFailed
         | CreateSuiteSyncOwnerError
@@ -69,9 +66,7 @@ export const createRefreshSuiteSyncKeys =
             return err(DeviceDoesNotSupportSuiteSyncErr());
         }
 
-        const delegatedKeyResult = await deps.ensureDelegatedIdentityKey({
-            device,
-        });
+        const delegatedKeyResult = await deps.ensureDelegatedIdentityKey({ device });
 
         if (!delegatedKeyResult.ok) {
             return delegatedKeyResult;

suite-common/suite-sync/src/storage/subscribeSuiteSyncStorage.ts

@@ -51,8 +51,9 @@ export const createSubscribeSuiteSyncStorage =
                         );
 
                         return;
+
+                    // Those errors are most likely due to Bug in the code or data corruption
                     case 'CreateSuiteSyncOwnerError':
-                    case 'EncryptionUnavailable':
                     case 'ProofOfDelegatedSignFailed':
                         console.error(result.error);
                         // Todo: dispatch better notification

suite-common/wallet-core/src/device/delegatedIdentityKey/ensureDelegatedIdentityKey.ts

@@ -1,34 +1,32 @@
-import { EncryptionUnavailable } from '@suite-common/secure-storage';
 import { DelegatedIdentityKey, TrezorDeviceWithState } from '@suite-common/suite-types';
 // Circular issue, see: https://github.com/trezor/trezor-suite/issues/21553
 import { selectThp } from '@suite-common/thp/src/thpSelectors';
 import { Result, ok } from '@trezor/type-utils';
 
 import { DeviceCancelledErr, DeviceError } from '../deviceUtils';
-import { GetDelegatedIdentityKey } from './getDelegatedIdentityKey';
-import { retrieveDelegatedIdentityKey } from './retrieveDelegatedIdentityKey';
-import { SaveDelegatedIdentityKey } from './saveDelegatedIdentityKey';
+import { LoadDelegatedIdentityKeyFromStateDep } from './loadDelegatedIdentityKeyFromState';
+import { retrieveDelegatedIdentityKeyFromDevice } from './retrieveDelegatedIdentityKeyFromDevice';
+import { SaveDelegatedIdentityKeyDep } from './saveDelegatedIdentityKey';
 
 type EnsureDelegatedIdentityKeyParams = {
     device: TrezorDeviceWithState;
 };
 
 export type EnsureDelegatedIdentityKey = (
     params: EnsureDelegatedIdentityKeyParams,
-) => Promise<
-    Result<DelegatedIdentityKey, DeviceError | DeviceCancelledErr | EncryptionUnavailable>
->;
-
-type EnsureDelegatedIdentityKeyDeps = {
-    getState: () => any;
-    getDelegatedIdentityKey: GetDelegatedIdentityKey;
-    saveDelegatedIdentityKey: SaveDelegatedIdentityKey;
+) => Promise<Result<DelegatedIdentityKey, DeviceError | DeviceCancelledErr>>;
+
+type EnsureDelegatedIdentityKeyDeps = { getState: () => any } & SaveDelegatedIdentityKeyDep &
+    LoadDelegatedIdentityKeyFromStateDep;
+
+export type EnsureDelegatedIdentityKeyDep = {
+    ensureDelegatedIdentityKey: EnsureDelegatedIdentityKey;
 };
 
 export const createEnsureDelegatedIdentityKey =
     (deps: EnsureDelegatedIdentityKeyDeps): EnsureDelegatedIdentityKey =>
     async ({ device }) => {
-        const currentDelegatedKey = await deps.getDelegatedIdentityKey({
+        const currentDelegatedKey = await deps.loadDelegatedIdentityKeyFromState({
             deviceId: device.id,
         });
 
@@ -37,7 +35,7 @@ export const createEnsureDelegatedIdentityKey =
         }
 
         const thpStaticHostKey = selectThp(deps.getState()).staticKey;
-        const result = await retrieveDelegatedIdentityKey({ device, thpStaticHostKey });
+        const result = await retrieveDelegatedIdentityKeyFromDevice({ device, thpStaticHostKey });
 
         if (!result.ok) {
             return result;

suite-common/wallet-core/src/device/delegatedIdentityKey/getDelegatedIdentityKey.ts renamed to suite-common/wallet-core/src/device/delegatedIdentityKey/loadDelegatedIdentityKeyFromState.ts

@@ -1,33 +1,32 @@
 import { Dispatch } from '@reduxjs/toolkit';
 
-import { SecureStorage } from '@suite-common/secure-storage';
+import { EncryptedHex, SecureStorageDep } from '@suite-common/secure-storage';
 import { DelegatedIdentityKey } from '@suite-common/suite-types';
 import { exhaustive } from '@trezor/type-utils';
 
 import { deviceActions } from '../deviceActions';
-import { selectPersistentDeviceData } from '../deviceSelectors';
 
-export type GetCurrentDelegatedIdentityKeyDeps = {
-    getState: () => any;
-    secureStorage: SecureStorage;
+export type LoadDelegatedIdentityKeyFromStateDeps = {
+    getDeviceDelegatedIdentityKey: (deviceId: string) => EncryptedHex<DelegatedIdentityKey> | null;
     dispatch: Dispatch;
-};
+} & SecureStorageDep;
 
-export type GetDelegatedIdentityKeyParams = {
+export type LoadDelegatedIdentityKeyFromStateParams = {
     deviceId: string;
 };
 
-export type GetDelegatedIdentityKey = (
-    params: GetDelegatedIdentityKeyParams,
+export type LoadDelegatedIdentityKeyFromStateDep = {
+    loadDelegatedIdentityKeyFromState: LoadDelegatedIdentityKeyFromState;
+};
+
+export type LoadDelegatedIdentityKeyFromState = (
+    params: LoadDelegatedIdentityKeyFromStateParams,
 ) => Promise<DelegatedIdentityKey | null>;
 
-export const createGetDelegatedIdentityKey =
-    (deps: GetCurrentDelegatedIdentityKeyDeps): GetDelegatedIdentityKey =>
+export const createLoadDelegatedIdentityKeyFromState =
+    (deps: LoadDelegatedIdentityKeyFromStateDeps): LoadDelegatedIdentityKeyFromState =>
     async ({ deviceId }) => {
-        const persistedData = selectPersistentDeviceData(deps.getState());
-        const devicePersistedData = persistedData.find(it => it.device_id === deviceId);
-
-        const encryptedCurrentDelegatedKey = devicePersistedData?.delegatedIdentityKey ?? null;
+        const encryptedCurrentDelegatedKey = deps.getDeviceDelegatedIdentityKey(deviceId);
 
         if (encryptedCurrentDelegatedKey === null) {
             return null;