R4R: Improve crypto/keys and add keys mnemonic and keys new commands

[ebuchman]

Ref: #2089 and #2091

• Various minor cleanup (comments, move mintkey into its own pkg)
• Remove bip39 pkg in favour of a fork of the upstream
• Remove bcrypt pkg in favour of fork of x/crypto (Change ed25519 and bcrypt to be forked off golang/x/crypto tendermint/tendermint#1959)
• Add BIP39 passphrase to KeyBase.Derive
• Add gaiacli keys mnemonic and gaiacli keys new commands

Tagging @cwgoes @liamsi so they're aware

• Linked to github-issue with discussion and accepted design OR link to spec that describes this work.
• Updated all relevant documentation (docs/)
• Updated all relevant code comments
• Wrote tests
• Added entries in PENDING.md that include links to the relevant issue or PR that most accurately describes the change.
• Updated cmd/gaia and examples/

---

For Admin Use:

• Added appropriate labels to PR (ex. wip, ready-for-review, docs)
• Reviewers Assigned
• Squashed all commits, uses message "Merge pull request #XYZ: [title]" (coding standards)

[ebuchman]

some relevant background: tendermint/go-crypto#89 - it looks like the issue has been fixed both in tyler-smith and bartekn. tyler-smith repo is quite active again so we took the commit with the fix before all the new activity.

[codecov]

Codecov Report

Merging #2090 into develop will decrease coverage by 2.23%.
The diff coverage is 71.25%.

@@            Coverage Diff             @@
##           develop   #2090      +/-   ##
==========================================
- Coverage    60.13%   57.9%   -2.24%     
==========================================
  Files          152     140      -12     
  Lines         8870    8119     -751     
==========================================
- Hits          5334    4701     -633     
+ Misses        3167    3121      -46     
+ Partials       369     297      -72

[ebuchman]

Does the ledger enforce BIP44 (ie. it knows the first three fields are hardened) or do we need to pass in hardened values here ?

[jleni]

The go client will harden first three bytes
https://github.com/ZondaX/ledger-goclient/blob/4296ee5701e945f9b3a7dbe51f402e0b9be57259/ledger.go#L245-L248

[jaekwon]

It isn't clear in the client what the mnemonic password is vs the encryption password.
Also, we should probably have the user enter these passwords twice to verify...

Kinda think we should just not expose the mnemonic password for now... The KeyBase doesn't support it besides via the Derive function...

[mslipper]

Will PR in my work now.

[mslipper]

Could be part of the prompt flow, no? I.e., Do you want to use Ledger [y/n]?

[ebuchman]

Could be, but since its just boolean (and not really sensitive info) seems fine to leave as a flag

[mslipper]

For all these prompts, I made a helper method in the client package in my PR you can use to prompt the user - client.GetString(). I'll merge that into this branch.

[mslipper]

Do we want to require this amount of entropy from the user rather than warning them if the provided entropy is weak?

[ebuchman]

Yes

[rigelrozanski]

sup with this PR is it WIP or R4R? seems inactive

[mslipper]

Should be R4R as far as I know.

[rigelrozanski]

Cool, I fixed the lint here are some superficial comments

[rigelrozanski]

all these if statements could be lumped into a switch statement - make it a bit more concise

[ebuchman]

How's that?

[rigelrozanski]

Having all those if statements lined up (which have returns, so they effectively act as chained if-else statements) act identically as a switch statement - I like compactness where it's appropriate but doesn't super matter here

[ebuchman]

Can you show me what the switch statement would look like? Each of these conditions is on a different piece of the slice, so not clear to me what we could switch on

[alessio]

Please redirect the prompt to stderr: fmt.Fprint(os.Stderr, prompt)

[alessio]

I'd use cobra.ExactArgs(1)

[fedekunze]

From @NodeGuy #1442 (comment):

There's a bug in the current design:
POST /keys a new key with name Chris.
GET /keys/Chris returns the new key.
POST /keys a new key with name seed.
GET /keys/seed does not return the new key, violating the REST abstraction of keys as a collection.
This confused a contract test I wrote and I had to add extra code to work around the bug.

[rigelrozanski]

Lol bucky you're getting slashed for leaving this PR open (and almost ready to merge) for 2 months

[ebuchman]

Lol bucky you're getting slashed for leaving this PR open (and almost ready to merge) for 2 months

I had till midnight tonight and I totally made it. All comments addressed. Tests fail I think due to unrelated non-determinism ...

[ebuchman]

From @NodeGuy #1442 (comment):

There's a bug in the current design:
POST /keys a new key with name Chris.
GET /keys/Chris returns the new key.
POST /keys a new key with name seed.
GET /keys/seed does not return the new key, violating the REST abstraction of keys as a collection.
This confused a contract test I wrote and I had to add extra code to work around the bug.

@fedekunze sounds like this should be a new issue?

[ebuchman]

Sorry for the massive PR and for letting it hang so long guys. Thanks for all the nice review.

[rigelrozanski]

Yeah test_cover is failing due to lcd non-deterministic test (lcd_test.go:577)

CI:lint failing looks like a go-dep issue which should be addressed b4 merge

Gopkg.lock is out of sync with imports and/or Gopkg.toml. Run `dep check` for details.
input-digest mismatch
Makefile:193: recipe for target 'test_lint' failed

[rigelrozanski]

looks good - couple linting issues still need to pass before merge - but all my concerns addressed

[melekes]

maybe it's better to avoid modifying msg and just do

fmt.Fprint(os.Stderr, fmt.Sprintf("> %s\n", msg))