From af99ee0e19870844bb6229634e28da4fc365d00d Mon Sep 17 00:00:00 2001
From: Samuel Laferriere <samlaf92@gmail.com>
Date: Tue, 8 Oct 2024 00:19:01 +0100
Subject: [PATCH] opsec: prevent private key from being logged

---
 cmd/server/entrypoint.go | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/cmd/server/entrypoint.go b/cmd/server/entrypoint.go
index cca67c7..e26259a 100644
--- a/cmd/server/entrypoint.go
+++ b/cmd/server/entrypoint.go
@@ -8,6 +8,7 @@ import (
 	"github.com/Layr-Labs/eigenda-proxy/flags"
 	"github.com/Layr-Labs/eigenda-proxy/metrics"
 	"github.com/Layr-Labs/eigenda-proxy/server"
+	"github.com/ethereum/go-ethereum/log"
 	"github.com/urfave/cli/v2"
 
 	"github.com/ethereum-optimism/optimism/op-service/ctxinterrupt"
@@ -23,14 +24,13 @@ func StartProxySvr(cliCtx *cli.Context) error {
 	if err := cfg.Check(); err != nil {
 		return err
 	}
-	ctx, ctxCancel := context.WithCancel(cliCtx.Context)
-	defer ctxCancel()
-
-	configJSON, err := json.MarshalIndent(cfg, "", "  ")
+	err := prettyPrintConfig(cliCtx, log)
 	if err != nil {
-		return fmt.Errorf("failed to marshal config: %w", err)
+		return fmt.Errorf("failed to pretty print config: %w", err)
 	}
-	log.Info(fmt.Sprintf("Initializing EigenDA proxy server with config: %v", string(configJSON)))
+
+	ctx, ctxCancel := context.WithCancel(cliCtx.Context)
+	defer ctxCancel()
 
 	daRouter, err := server.LoadStoreRouter(ctx, cfg, log)
 	if err != nil {
@@ -70,3 +70,18 @@ func StartProxySvr(cliCtx *cli.Context) error {
 
 	return ctxinterrupt.Wait(cliCtx.Context)
 }
+
+// TODO: we should probably just change EdaClientConfig struct definition in eigenda-client
+// to have a `json:"-"` tag on the SignerPrivateKeyHex field, to prevent the privateKey from being marshaled at all
+func prettyPrintConfig(cliCtx *cli.Context, log log.Logger) error {
+	// we read a new config which we modify to hide private info in order to log the rest
+	cfg := server.ReadCLIConfig(cliCtx)
+	cfg.EigenDAConfig.EdaClientConfig.SignerPrivateKeyHex = "<HIDDEN>"
+
+	configJSON, err := json.MarshalIndent(cfg, "", "  ")
+	if err != nil {
+		return fmt.Errorf("failed to marshal config: %w", err)
+	}
+	log.Info(fmt.Sprintf("Initializing EigenDA proxy server with config: %v", string(configJSON)))
+	return nil
+}