Do not use local copy of wallet store when creating HD wallet

consistency

.dockerignore

@@ -0,0 +1,24 @@
+# Binaries for programs and plugins
+*.exe
+*.dll
+*.so
+*.dylib
+ethdo
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+coverage.html
+
+# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
+.glide/
+
+# Vim
+*.sw?
+
+# Local TODO
+TODO.md
+
+Dockerfile

Dockerfile

@@ -0,0 +1,19 @@
+FROM golang:1.14-buster as builder
+
+WORKDIR /app
+
+COPY go.mod go.sum ./
+
+RUN go mod download
+
+COPY . .
+
+RUN go build
+
+FROM debian:buster-slim
+
+WORKDIR /app
+
+COPY --from=builder /app/ethdo /app
+
+ENTRYPOINT ["/app/ethdo"]

README.md

@@ -10,6 +10,7 @@ A command-line tool for managing common tasks in Ethereum 2.
 ## Table of Contents
 
 - [Install](#install)
+  - [Docker](#docker)
 - [Usage](#usage)
 - [Maintainers](#maintainers)
 - [Contribute](#contribute)
@@ -27,6 +28,34 @@ Note that `ethdo` requires at least version 1.13 of go to operate.  The version
 
 If this does not work please see the [troubleshooting](https://github.com/wealdtech/ethdo/blob/master/docs/troubleshooting.md) page.
 
+### Docker
+
+You can obtain the latest version of `ethdo` using docker with:
+
+```
+docker pull wealdtech/ethdo
+```
+
+Or build `ethdo` using docker:
+
+```sh
+docker build -t ethdo .
+```
+
+You can run `ethdo` using docker after that. Example:
+
+```sh
+docker run -it ethdo --help
+```
+
+Note that that many `ethdo` commands connect to the beacon node to obtain information.  If the beacon node is running directly on the server this requires the `--network=host` command, for example:
+
+```sh
+docker run --network=host ethdo chain status
+```
+
+Alternatively, if the beacon node is running in a separate docker container a shared network can be created with `docker network create eth2` and accessed by adding `--network=eth2` added to both the beacon node and `ethdo` containers.
+
 ## Usage
 
 ethdo contains a large number of features that are useful for day-to-day interactions with the Ethereum 2 blockchain.
@@ -41,6 +70,14 @@ ethdo uses the [go-eth2-wallet](https://github.com/wealdtech/go-eth2-wallet) sys
 
 If using the filesystem store, the additional parameter `basedir` can be supplied to change this location.
 
+> If using docker as above you can make this directory accessible to docker to make wallets and accounts persistent.  For example, for linux you could use the following command to list your wallets on Linux:
+>
+> ```
+> docker run -v $HOME/.config/ethereum2/wallets:/data ethdo --basedir=/data wallet list
+> ```
+>
+> This will allow you to use `ethdo` with or without docker, with the same location for wallets and accounts.
+
 All ethdo comands take the following parameters:
 
   - `store`: the name of the storage system for wallets.  This can be one of "filesystem" (for local storage of the wallet) or "s3" (for remote storage of the wallet on [Amazon's S3](https://aws.amazon.com/s3/) storage system), and defaults to "filesystem"

cmd/blockinfo.go

@@ -23,6 +23,7 @@ import (
 	"unicode/utf8"
 
 	"github.com/prysmaticlabs/go-bitfield"
+	"github.com/prysmaticlabs/go-ssz"
 	"github.com/spf13/cobra"
 	"github.com/wealdtech/ethdo/grpc"
 	string2eth "github.com/wealdtech/go-string2eth"
@@ -62,6 +63,9 @@ In quiet mode this will return 0 if the block information is present and not ski
 		body := block.Body
 
 		// General info.
+		bodyRoot, err := ssz.HashTreeRoot(block)
+		errCheck(err, "Failed to calculate block body root")
+		fmt.Printf("Block root: %#x\n", bodyRoot)
 		outputIf(verbose, fmt.Sprintf("Parent root: %#x", block.ParentRoot))
 		outputIf(verbose, fmt.Sprintf("State root: %#x", block.StateRoot))
 		if len(body.Graffiti) > 0 && hex.EncodeToString(body.Graffiti) != "0000000000000000000000000000000000000000000000000000000000000000" {

cmd/chainstatus.go

@@ -82,7 +82,7 @@ In quiet mode this will return 0 if the chain status can be obtained, otherwise
 			}
 			if verbose {
 				fmt.Printf("Prior justified epoch: %d\n", info.GetPreviousJustifiedEpoch())
-				distance := (slot - info.GetPreviousJustifiedEpoch()) / slotsPerEpoch
+				distance := (slot - info.GetPreviousJustifiedSlot()) / slotsPerEpoch
 				fmt.Printf("Prior justified epoch distance: %d\n", distance)
 			}
 		}

cmd/root.go

@@ -57,6 +57,9 @@ var rootStorePassphrase string
 var rootWalletPassphrase string
 var rootAccountPassphrase string
 
+// Store for wallet actions.
+var store wtypes.Store
+
 // Remote connection.
 var remote bool
 var remoteAddr string
@@ -124,7 +127,6 @@ func persistentPreRun(cmd *cobra.Command, args []string) {
 
 	if viper.GetString("remote") == "" {
 		// Set up our wallet store
-		var store wtypes.Store
 		switch rootStore {
 		case "s3":
 			assert(rootBaseDir == "", "--basedir does not apply for the s3 store")
@@ -318,7 +320,8 @@ func accountFromPath(path string) (wtypes.Account, error) {
 		return nil, errors.New("no account name")
 	}
 
-	if wallet.Type() == "hierarchical deterministic" && strings.HasPrefix(accountName, "m/") && rootWalletPassphrase != "" {
+	if wallet.Type() == "hierarchical deterministic" && strings.HasPrefix(accountName, "m/") {
+		assert(rootWalletPassphrase != "", "--walletpassphrase is required for direct path derivations")
 		err = wallet.Unlock([]byte(rootWalletPassphrase))
 		if err != nil {
 			return nil, errors.New("invalid wallet passphrase")

cmd/validatordepositdata.go

@@ -14,12 +14,14 @@
 package cmd
 
 import (
+	"encoding/hex"
 	"fmt"
 	"os"
 	"strings"
 
 	"github.com/prysmaticlabs/go-ssz"
 	"github.com/spf13/cobra"
+	"github.com/wealdtech/ethdo/grpc"
 	e2types "github.com/wealdtech/go-eth2-types/v2"
 	util "github.com/wealdtech/go-eth2-util"
 	string2eth "github.com/wealdtech/go-string2eth"
@@ -27,8 +29,10 @@ import (
 
 var validatorDepositDataValidatorAccount string
 var validatorDepositDataWithdrawalAccount string
+var validatorDepositDataWithdrawalPubKey string
 var validatorDepositDataDepositValue string
 var validatorDepositDataRaw bool
+var validatorDepositDataForkVersion string
 
 var validatorDepositDataCmd = &cobra.Command{
 	Use:   "depositdata",
@@ -58,13 +62,23 @@ In quiet mode this will return 0 if the the data can be generated correctly, oth
 			}
 		}
 
-		assert(validatorDepositDataWithdrawalAccount != "", "--withdrawalaccount is required")
-		withdrawalAccount, err := accountFromPath(validatorDepositDataWithdrawalAccount)
-		errCheck(err, "Failed to obtain withdrawal account")
-		outputIf(debug, fmt.Sprintf("Withdrawal public key is %048x", withdrawalAccount.PublicKey().Marshal()))
-
-		withdrawalCredentials := util.SHA256(withdrawalAccount.PublicKey().Marshal())
-		errCheck(err, "Failed to hash withdrawal credentials")
+		assert(validatorDepositDataWithdrawalAccount != "" || validatorDepositDataWithdrawalPubKey != "", "--withdrawalaccount or --withdrawalpubkey is required")
+		var withdrawalCredentials []byte
+		if validatorDepositDataWithdrawalAccount != "" {
+			withdrawalAccount, err := accountFromPath(validatorDepositDataWithdrawalAccount)
+			errCheck(err, "Failed to obtain withdrawal account")
+			outputIf(debug, fmt.Sprintf("Withdrawal public key is %048x", withdrawalAccount.PublicKey().Marshal()))
+			withdrawalCredentials = util.SHA256(withdrawalAccount.PublicKey().Marshal())
+			errCheck(err, "Failed to hash withdrawal credentials")
+		} else {
+			withdrawalPubKeyBytes, err := hex.DecodeString(strings.TrimPrefix(validatorDepositDataWithdrawalPubKey, "0x"))
+			errCheck(err, "Invalid withdrawal public key")
+			assert(len(withdrawalPubKeyBytes) == 48, "Public key should be 48 bytes")
+			withdrawalPubKey, err := e2types.BLSPublicKeyFromBytes(withdrawalPubKeyBytes)
+			errCheck(err, "Value supplied with --withdrawalpubkey is not a valid public key")
+			withdrawalCredentials = util.SHA256(withdrawalPubKey.Marshal())
+			errCheck(err, "Failed to hash withdrawal credentials")
+		}
 		// This is hard-coded, to allow deposit data to be generated without a connection to the beacon node.
 		withdrawalCredentials[0] = byte(0) // BLS_WITHDRAWAL_PREFIX
 		outputIf(debug, fmt.Sprintf("Withdrawal credentials are %032x", withdrawalCredentials))
@@ -88,7 +102,24 @@ In quiet mode this will return 0 if the the data can be generated correctly, oth
 				Value:                 val,
 			}
 			outputIf(debug, fmt.Sprintf("Deposit data:\n\tPublic key: %x\n\tWithdrawal credentials: %x\n\tValue: %d", depositData.PubKey, depositData.WithdrawalCredentials, depositData.Value))
-			domain := e2types.Domain(e2types.DomainDeposit, e2types.ZeroForkVersion, e2types.ZeroGenesisValidatorsRoot)
+
+			var forkVersion []byte
+			if validatorDepositDataForkVersion != "" {
+				forkVersion, err = hex.DecodeString(strings.TrimPrefix(validatorDepositDataForkVersion, "0x"))
+				errCheck(err, fmt.Sprintf("Failed to decode fork version %s", validatorDepositDataForkVersion))
+				assert(len(forkVersion) == 4, "Fork version must be exactly four bytes")
+			} else {
+				err := connect()
+				errCheck(err, "Failed to connect to beacon node")
+				config, err := grpc.FetchChainConfig(eth2GRPCConn)
+				errCheck(err, "Failed to obtain chain configuration")
+				genesisForkVersion, exists := config["GenesisForkVersion"]
+				assert(exists, "Failed to obtain genesis fork version")
+				forkVersion = genesisForkVersion.([]byte)
+			}
+			outputIf(debug, fmt.Sprintf("Fork version is %x", forkVersion))
+
+			domain := e2types.Domain(e2types.DomainDeposit, forkVersion, e2types.ZeroGenesisValidatorsRoot)
 			outputIf(debug, fmt.Sprintf("Domain is %x", domain))
 			err = validatorAccount.Unlock([]byte(rootAccountPassphrase))
 			errCheck(err, "Failed to unlock validator account")
@@ -159,6 +190,8 @@ func init() {
 	validatorFlags(validatorDepositDataCmd)
 	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataValidatorAccount, "validatoraccount", "", "Account of the account carrying out the validation")
 	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataWithdrawalAccount, "withdrawalaccount", "", "Account of the account to which the validator funds will be withdrawn")
+	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataWithdrawalPubKey, "withdrawalpubkey", "", "Public key of the account to which the validator funds will be withdrawn")
 	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataDepositValue, "depositvalue", "", "Value of the amount to be deposited")
 	validatorDepositDataCmd.Flags().BoolVar(&validatorDepositDataRaw, "raw", false, "Print raw deposit data transaction data")
+	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataForkVersion, "forkversion", "", "Use a hard-coded fork version (default is to fetch it from the node)")
 }

cmd/version.go

@@ -30,7 +30,7 @@ var versionCmd = &cobra.Command{
 
     ethdo version.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		fmt.Println("1.4.11")
+		fmt.Println("1.4.13")
 		if viper.GetBool("verbose") {
 			buildInfo, ok := dbg.ReadBuildInfo()
 			if ok {

cmd/walletaccounts.go

@@ -32,7 +32,7 @@ var walletAccountsCmd = &cobra.Command{
 
 In quiet mode this will return 0 if the wallet holds any addresses, otherwise 1.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		assert(walletWallet != "", "wallet is required")
+		assert(walletWallet != "", "--wallet is required")
 
 		hasAccounts := false
 

cmd/walletcreate.go

@@ -21,7 +21,6 @@ import (
 	wallet "github.com/wealdtech/go-eth2-wallet"
 	keystorev4 "github.com/wealdtech/go-eth2-wallet-encryptor-keystorev4"
 	hd "github.com/wealdtech/go-eth2-wallet-hd/v2"
-	filesystem "github.com/wealdtech/go-eth2-wallet-store-filesystem"
 )
 
 var walletCreateType string
@@ -44,23 +43,10 @@ In quiet mode this will return 0 if the wallet is created successfully, otherwis
 		switch strings.ToLower(walletCreateType) {
 		case "non-deterministic", "nd":
 			assert(walletCreateSeed == "", "--seed is not allowed with non-deterministic wallets")
-			_, err = wallet.CreateWallet(walletWallet, wallet.WithType("nd"))
+			err = walletCreateND(walletWallet)
 		case "hierarchical deterministic", "hd":
 			assert(rootWalletPassphrase != "", "--walletpassphrase is required for hierarchical deterministic wallets")
-			store := filesystem.New()
-			encryptor := keystorev4.New()
-			if walletCreateSeed != "" {
-				// Creating wallet from a seed.
-				var seed []byte
-				seed, err = bip39.MnemonicToByteArray(walletCreateSeed)
-				errCheck(err, "Failed to decode seed")
-				// Strip checksum; last byte
-				seed = seed[:len(seed)-1]
-				assert(len(seed) == 32, "Seed must have 24 words")
-				_, err = hd.CreateWalletFromSeed(walletWallet, []byte(rootWalletPassphrase), store, encryptor, seed)
-			} else {
-				_, err = hd.CreateWallet(walletWallet, []byte(rootWalletPassphrase), store, encryptor)
-			}
+			err = walletCreateHD(walletWallet, rootWalletPassphrase, walletCreateSeed)
 		default:
 			die("unknown wallet type")
 		}
@@ -68,6 +54,31 @@ In quiet mode this will return 0 if the wallet is created successfully, otherwis
 	},
 }
 
+// walletCreateND creates a non-deterministic wallet.
+func walletCreateND(name string) error {
+	_, err := wallet.CreateWallet(name, wallet.WithType("nd"))
+	return err
+}
+
+// walletCreateND creates a hierarchical-deterministic wallet.
+func walletCreateHD(name string, passphrase string, seedPhrase string) error {
+	encryptor := keystorev4.New()
+	if seedPhrase != "" {
+		// Create wallet from a user-supplied seed.
+		var seed []byte
+		seed, err := bip39.MnemonicToByteArray(seedPhrase)
+		errCheck(err, "Failed to decode seed")
+		// Strip checksum; last byte.
+		seed = seed[:len(seed)-1]
+		assert(len(seed) == 32, "Seed must have 24 words")
+		_, err = hd.CreateWalletFromSeed(name, []byte(passphrase), store, encryptor, seed)
+		return err
+	}
+	// Create wallet with a random seed.
+	_, err := hd.CreateWallet(name, []byte(passphrase), store, encryptor)
+	return err
+}
+
 func init() {
 	walletCmd.AddCommand(walletCreateCmd)
 	walletFlags(walletCreateCmd)

cmd/walletinfo.go

@@ -32,7 +32,7 @@ var walletInfoCmd = &cobra.Command{
 In quiet mode this will return 0 if the wallet exists, otherwise 1.`,
 	Run: func(cmd *cobra.Command, args []string) {
 		assert(!remote, "wallet info not available with remote wallets")
-		assert(walletWallet != "", "Wallet is required")
+		assert(walletWallet != "", "--wallet is required")
 
 		wallet, err := walletFromPath(walletWallet)
 		errCheck(err, "unknown wallet")

docs/usage.md

@@ -339,7 +339,13 @@ Validator commands focus on interaction with Ethereum 2 validators.
 
 #### `depositdata`
 
-`ethdo validator depositdata` generates the data required to deposit one or more Ethereum 2 validators.
+`ethdo validator depositdata` generates the data required to deposit one or more Ethereum 2 validators.  Options include:
+  - `withdrawalaccount` specify the account to be used for the withdrawal credentials (if withdrawalpubkey is not supplied)
+  - `withdrawalpubkey` specify the public key to be used for the withdrawal credentials (if withdrawalaccount is not supplied)
+  - `validatoraccount` specify the account to be used for the validator
+  - `depositvalue` specify the amount of the deposit
+  - `forkversion` specify the fork version for the deposit signature; this should not be included unless the deposit is being generated offline.  Note that supplying an incorrect value could result in the loss of your deposit, so only supply this value if you are sure you know what you are doing
+  - `raw` generate raw hex output that can be supplied as the data to an Ethereum 1 deposit transaction
 
 #### `exit`
 
@@ -347,6 +353,7 @@ Validator commands focus on interaction with Ethereum 2 validators.
   - `epoch` specify an epoch before which this exit is not valid
   - `json-output` generate JSON output rather than sending a transaction immediately
   - `json` use JSON input created by the `--json-output` option rather than generate data from scratch
+  - `forkversion` specify a specific fork version; default is to fetch it from the chain but this can be used when generating offline deposits
 
 ```sh
 $ ethdo validator exit --account=Validators/1 --passphrase="my validator secret"