feat(wallet): B1.3 mir wallet commands + prf-rooted CLI identity#39
Merged
Conversation
Makes the CLI identity wallet-capable. Per the decided model: new identities are prf-rooted — owner.json gains a 32-byte `secret` that derives BOTH the X25519 transport key (DeriveOwnerKey) and the Solana wallet (DeriveWallet). Legacy identities (no secret) keep working for transport; re-key with `mir keygen --wallet` to get a wallet (changes owner_id → re-pair, matching Fork 2). - bip39: MnemonicToEntropy (Go+JS), checksum-validated — the import path. - identity: DeriveWalletAccount (m/44'/501'/i'/0') for HD sub-accounts. - client/store: prf-rooted Identity (secret/wallet_address), SetFromSecret, SaveIdentity, Rekey, Wallet/HasWallet/Secret. owner.json stays 0600. - cli: `mir wallet address|accounts|export-phrase|import-phrase` and `mir keygen --wallet`. Reveal/restore gate on --yes with explicit warnings. CLI test ties import-phrase to the external anchor: the known phrase restores wallet C2XYPf… and owner_id 269863f7… (same prf derives both, end-to-end). go test ./... green; web 83/83. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Makes the CLI identity wallet-capable. The client previously stored a directly-generated X25519 owner key with no prf root, so there was nothing to derive a wallet from. Per the decided model (option A):
owner.jsongains a 32-bytesecretthat derives both the X25519 transport key (DeriveOwnerKey) and the Solana wallet (DeriveWallet). One root, two keys.secret) keep working for transport;mir walletreports they have no wallet, andmir keygen --walletre-keys into a prf-rooted identity (newowner_id→ re-pair, matching Fork 2's "re-pair to upgrade"). No forced migration.What's added
MnemonicToEntropy(Go and JS), checksum-validated — the import path; round-tripsentropyToMnemonic.DeriveWalletAccount(m/44'/501'/i'/0') for HD sub-accounts.Identity(secret/wallet_address),SetFromSecret,SaveIdentity,Rekey,Wallet/HasWallet/Secret.owner.jsonstays0600.mir wallet address|accounts|export-phrase|import-phrase+mir keygen --wallet. Reveal (export-phrase) and replace (import-phrase) gate on--yeswith explicit warnings.The gate
A CLI test ties
import-phraseto the external anchor: importing the known phrase restores walletC2XYPf…and owner_id269863f7…— the same prf derives both keys, verified end-to-end through the real command. Real-binary smoke confirmed (wallet addresson a fresh dir creates a prf-rooted identity;accountslists sub-accounts;export-phraserefuses without--yes).Notes / not in this PR
owner.jsonschema additively; legacy identities are untouched until re-keyed.owner_idthrough relay routing + agent pinning + registration proof, accepting both forms; wallet auth sig on pair/attach) is the next slice and is live-infra adjacent — checkpoint before deploy.Test Plan
go test ./...green; gofmt + vet cleannpm test— 83/83 (+1mnemonicToEntropy)testworkflow green🤖 Generated with Claude Code