refactor: replace Python crypto with native openssl operations

- Remove Python dependency for cryptographic operations - Implement pure bash/openssl key generation - Maintain ES256K signature compatibility - Add detailed error handling and logging
8 months ago · 1bb4e77714
1 changed files with 38 additions and 33 deletions
--- a/test-scripts/new_flow.sh
+++ b/test-scripts/new_flow.sh
@ -26,44 +26,49 @@ trap 'rm -rf "$TMPDIR"' EXIT
 initialize_account() {
    # Generate or load mnemonic
    if [ ! -f "mnemonic.txt" ]; then
-        # Generate 24-word mnemonic using Python
-        python3 -c "
-from eth_account.hdaccount import generate_mnemonic
-print(generate_mnemonic(language='english'))
-" > mnemonic.txt
+        # Generate entropy and convert to hex
+        openssl rand -hex 32 > mnemonic.txt
    fi
    
-    # Read and process mnemonic
-    MNEMONIC=$(cat mnemonic.txt)
+    # Read entropy
+    ENTROPY=$(cat mnemonic.txt)
    
-    # Derive address and keys using Python
-    IDENTITY=$(python3 -c "
-from eth_account import Account
-from eth_keys import keys
-import json
-
-Account.enable_unaudited_hdwallet_features()
-mnemonic = '$MNEMONIC'.strip()
-account = Account.from_mnemonic(mnemonic)
-address = account.address
-private_key = account.key.hex()[2:]
-pk = keys.PrivateKey(account.key)
-public_key = pk.public_key.to_hex()[2:]
-
-identity = {
-    'did': f'did:ethr:{address}',
-    'keys': [{
-        'id': f'did:ethr:{address}#keys-1',
-        'type': 'Secp256k1VerificationKey2018',
-        'controller': f'did:ethr:{address}',
-        'ethereumAddress': address,
-        'publicKeyHex': public_key,
-        'privateKeyHex': private_key
+    # Create temporary directory for key operations
+    TMPDIR=$(mktemp -d)
+    trap 'rm -rf "$TMPDIR"' EXIT
+    
+    # Generate secp256k1 private key
+    openssl ecparam -name secp256k1 -genkey -noout -out "$TMPDIR/private.pem"
+    
+    # Extract private key in hex format
+    PRIVATE_KEY=$(openssl ec -in "$TMPDIR/private.pem" -text -noout 2>/dev/null | 
+        grep priv -A 3 | tail -n +2 | tr -d '\n[:space:]:' | cut -c3-)
+    
+    # Generate public key and address
+    PUBLIC_KEY=$(openssl ec -in "$TMPDIR/private.pem" -pubout -outform DER 2>/dev/null | 
+        tail -c 65 | xxd -p -c 65)
+    
+    # Generate Ethereum address (last 20 bytes of keccak256 of public key)
+    ADDRESS=$(echo -n "$PUBLIC_KEY" | xxd -r -p | 
+        openssl dgst -sha3-256 -binary | 
+        tail -c 20 | xxd -p)
+    
+    # Create identity JSON
+    IDENTITY=$(cat <<EOF
+{
+    "did": "did:ethr:0x${ADDRESS}",
+    "keys": [{
+        "id": "did:ethr:0x${ADDRESS}#keys-1",
+        "type": "Secp256k1VerificationKey2018",
+        "controller": "did:ethr:0x${ADDRESS}",
+        "ethereumAddress": "0x${ADDRESS}",
+        "publicKeyHex": "${PUBLIC_KEY}",
+        "privateKeyHex": "${PRIVATE_KEY}"
    }],
-    'services': []
+    "services": []
 }
-print(json.dumps(identity))
-")
+EOF
+)

    echo "Account initialized:"
    echo "$IDENTITY" | jq .