refactor: replace Python crypto with native openssl operations

- Remove Python dependency for cryptographic operations - Implement pure bash/openssl key generation - Maintain ES256K signature compatibility - Add detailed error handling and logging
2025-03-05 14:11:18 +00:00
parent cc10dab3a4
commit 1bb4e77714
1 changed files with 38 additions and 33 deletions
--- a/test-scripts/new_flow.sh
+++ b/test-scripts/new_flow.sh
@@ -26,44 +26,49 @@ trap 'rm -rf "$TMPDIR"' EXIT
 initialize_account() {
    # Generate or load mnemonic
    if [ ! -f "mnemonic.txt" ]; then
-        # Generate 24-word mnemonic using Python
+        # Generate entropy and convert to hex
-        python3 -c "
+        openssl rand -hex 32 > mnemonic.txt
 from eth_account.hdaccount import generate_mnemonic
 print(generate_mnemonic(language='english'))
 " > mnemonic.txt
    fi
-    # Read and process mnemonic
+    # Read entropy
-    MNEMONIC=$(cat mnemonic.txt)
+    ENTROPY=$(cat mnemonic.txt)
-    # Derive address and keys using Python
+    # Create temporary directory for key operations
-    IDENTITY=$(python3 -c "
+    TMPDIR=$(mktemp -d)
-from eth_account import Account
+    trap 'rm -rf "$TMPDIR"' EXIT
-from eth_keys import keys
+    
-import json
+    # Generate secp256k1 private key
-
+    openssl ecparam -name secp256k1 -genkey -noout -out "$TMPDIR/private.pem"
-Account.enable_unaudited_hdwallet_features()
+    
-mnemonic = '$MNEMONIC'.strip()
+    # Extract private key in hex format
-account = Account.from_mnemonic(mnemonic)
+    PRIVATE_KEY=$(openssl ec -in "$TMPDIR/private.pem" -text -noout 2>/dev/null | 
-address = account.address
+        grep priv -A 3 | tail -n +2 | tr -d '\n[:space:]:' | cut -c3-)
-private_key = account.key.hex()[2:]
+    
-pk = keys.PrivateKey(account.key)
+    # Generate public key and address
-public_key = pk.public_key.to_hex()[2:]
+    PUBLIC_KEY=$(openssl ec -in "$TMPDIR/private.pem" -pubout -outform DER 2>/dev/null | 
-
+        tail -c 65 | xxd -p -c 65)
-identity = {
+    
-    'did': f'did:ethr:{address}',
+    # Generate Ethereum address (last 20 bytes of keccak256 of public key)
-    'keys': [{
+    ADDRESS=$(echo -n "$PUBLIC_KEY" | xxd -r -p | 
-        'id': f'did:ethr:{address}#keys-1',
+        openssl dgst -sha3-256 -binary | 
-        'type': 'Secp256k1VerificationKey2018',
+        tail -c 20 | xxd -p)
-        'controller': f'did:ethr:{address}',
+    
-        'ethereumAddress': address,
+    # Create identity JSON
-        'publicKeyHex': public_key,
+    IDENTITY=$(cat <<EOF
-        'privateKeyHex': private_key
+{
    "did": "did:ethr:0x${ADDRESS}",
    "keys": [{
        "id": "did:ethr:0x${ADDRESS}#keys-1",
        "type": "Secp256k1VerificationKey2018",
        "controller": "did:ethr:0x${ADDRESS}",
        "ethereumAddress": "0x${ADDRESS}",
        "publicKeyHex": "${PUBLIC_KEY}",
        "privateKeyHex": "${PRIVATE_KEY}"
    }],
-    'services': []
+    "services": []
 }
-print(json.dumps(identity))
+EOF
-")
+)
    echo "Account initialized:"
    echo "$IDENTITY" | jq .