diff --git a/src/pages/docs/fundamentals/account-management_clef.md b/src/pages/docs/fundamentals/account-management_clef.md index b227f7accc..cfdfaeb71e 100644 --- a/src/pages/docs/fundamentals/account-management_clef.md +++ b/src/pages/docs/fundamentals/account-management_clef.md @@ -3,8 +3,7 @@ title: Account Management with Clef description: Guide to basic account management using Geth's built-in tools --- -Geth uses an external signer called Clef to manage accounts. This is a standalone pieve of software that runs independently of, but connects to, a Geth instance. Clef handles account creation, key management and signing transactions/data. This page explains how to use Clef to create and manage accounts for use with Geth. More information about Clef, including advanced setup options, are available in our dedicated Clef docs. - +Geth uses an external signer called [Clef](/docs/clef/introduction) to manage accounts. This is a standalone pieve of software that runs independently of, but connects to, a Geth instance. Clef handles account creation, key management and signing transactions/data. This page explains how to use Clef to create and manage accounts for use with Geth. More information about Clef, including advanced setup options, are available in our dedicated Clef docs. ## Connecting Geth and Clef @@ -48,7 +47,15 @@ There are two modes of interaction with Clef. One is direct interaction, which i ### Creating accounts -New accounts can be created using Clef's `account new` method. This generates a new key pair and adds them to the `keystore` directory in the `datadir`. To create a new account in the default data directory, send the following request to Clef (this example send the request to Clef's exposed HTTP port using curl): +New accounts can be created using Clef's `account new` method. This generates a new key pair and adds them to the given `keystore` directory: + +```sh +clef newaccount --keystore sepolia-data/keystore +``` + +Clef will request the new password in the terminal. + +The same can be achieved using raw JSON requests (this example send the request to Clef's exposed HTTP port using curl): ```shell curl -X POST --data '{"id": 0, "jsonrpc": "2.0", "method": "account_new", "params": []}' http://localhost:8550 -H "Content-Type: application/json" @@ -61,8 +68,7 @@ The console will hang because Clef is waiting for manual approval. Switch to the It is critical to backup the account password safely and securely as it cannot be retrieved or reset. -{% include note.html content=" If the password provided on account creation is lost or forgotten, there is no way to retrive it and the account will simply stay locked forever. The password MUST be backed up safely and securely! -**IT IS CRITICAL TO BACKUP THE KEYSTORE AND REMEMBER PASSWORDS**" %} +{% include note.html content=" If the password provided on account creation is lost or forgotten, there is no way to retrive it and the account will simply stay locked forever. The password MUST be backed up safely and securely! **IT IS CRITICAL TO BACKUP THE KEYSTORE AND REMEMBER PASSWORDS**" %} The newly generated key files can be viewed in `/keystore/`. The file naming format is `UTC----
` where `date` is the date and time of key creation formatted according to [UTC 8601](https://www.iso.org/iso-8601-date-and-time-format.html) with zero time offset and seconds precise to eight decimal places. `address` is the 40 hexadecimal characters that make up the account address without a leading `0x`, for example: @@ -139,32 +145,27 @@ geth wallet import /path/presale.wallet ## Updating accounts -Geth's `account update` subcommand is used to unlock an account and migrate it to the newest format. This is useful for accounts that may have been created in a format that has since been deprecated. The same command can be used to update the account password. The current password and account address are needed in order to update the account, as follows: +Clef can be used to set and remove passwords for an existing keystore file. To set a new password, pass the account address to `setpw`: + +```sh +clef setpw a94f5374fce5edbc8e2a8697c15331677e6ebf0b +``` + +This will cause Clef to prompt for a new password, twice, and then the Clef master password to decrypt the keyfile. + +Geth's `account update` subcommand can also be used to update the account password: ```shell geth account update a94f5374fce5edbc8e2a8697c15331677e6ebf0b ``` -The following will be returned to the terminal: - -```terminal -Unlocking account a94f5374fce5edbc8e2a8697c15331677e6ebf0b | Attempt 1/3 -Passphrase: -0xa94f5374fce5edbc8e2a8697c15331677e6ebf0b -Account 'a94f5374fce5edbc8e2a8697c15331677e6ebf0b' unlocked. -Please give a new password. Do not forget this password. -Passphrase: -Repeat Passphrase: -0xa94f5374fce5edbc8e2a8697c15331677e6ebf0b -``` - Alternatively, in non-interactive mode the path to a password file containing the account password in unencrypted plaintext can be passed with the `--password` flag: ```shell geth account update a94f5374fce5edbc8e2a8697c15331677e6ebf0b --password path/password.txt ``` -Updating the account replaces the original file with a new one - this means the original file is no longer available after it has been updated. +Updating the account using `geth account update` replaces the original file with a new one - this means the original file is no longer available after it has been updated. This can be used to update a key file to the latest format. ## Unlocking accounts diff --git a/src/pages/docs/getting-started/getting-started-with-clef.md b/src/pages/docs/getting-started/getting-started-with-clef.md index 8dc9d64fbd..e86c74bc9e 100644 --- a/src/pages/docs/getting-started/getting-started-with-clef.md +++ b/src/pages/docs/getting-started/getting-started-with-clef.md @@ -82,9 +82,7 @@ The previous commands used Clef's `newaccount` function to add new key pairs to To start Clef, run the Clef executable passing as arguments the keystore file location, config directory location and a chain ID. The config directory was automatically created inside the `geth-tutorial` directory during the previous step. The [chain ID](https://chainlist.org/) is an integer that defines which Ethereum network to connect to. Ethereum mainnet has chain ID 1. In this tutorial Chain ID 5 is used which is that of the Goerli testnet. It is very important that this chain ID parameter is set to 5. The following command starts Clef on Goerli: ```shell - clef --keystore geth-tutorial/keystore --configdir geth-tutorial/clef --chainid 5 - ``` After running the command above, Clef requests the user to type “ok” to proceed. On typing "ok" and pressing enter, Clef returns the following to the terminal: @@ -146,8 +144,7 @@ WARN [02-10|13:59:06.999] Failed to open wallet url=extapi:// INFO [02-10|13:59:08.793] Block synchronisation started ``` -This indicates that Geth has started up and is searching for peers to connect to. Once it finds peers it can request block headers from them, starting at the genesis block for the Goerli blockchain. Geth continues to download blocks sequentially, saving the data in files in `/go-ethereum/geth-tutorial/geth/chaindata/`. -This is confirmed by the logs printed to the terminal. There should be a rapidly-growing sequence of logs in the terminal with the following syntax: +This indicates that Geth has started up and is searching for peers to connect to. Once it finds peers it can request block headers from them, starting at the genesis block for the Goerli blockchain. Geth continues to download blocks sequentially, saving the data in files in `/go-ethereum/geth-tutorial/geth/chaindata/`. This is confirmed by the logs printed to the terminal. There should be a rapidly-growing sequence of logs in the terminal with the following syntax: ```terminal INFO [04-29][15:54:09.238] Looking for peers peercount=2 tried=0 static=0 @@ -155,16 +152,13 @@ INFO [04-29][15:54:19.393] Imported new block headers count=2 elapsed=1.127ms INFO [04-29][15:54:19:656] Imported new block receipts count=698 elapsed=4.464ms number=994566 hash=56dc44..007c93 age=13h9m9s ``` -These logs indicate that Geth is running as expected. Sending an empty Curl request to the http server -provides a quick way to confirm that this too has been started without any issues. In a third terminal, -the following command can be run: +These logs indicate that Geth is running as expected. Sending an empty Curl request to the http server provides a quick way to confirm that this too has been started without any issues. In a third terminal, the following command can be run: ```shell curl http://localhost:8545 ``` -If there is no error message reported to the terminal, everything is OK. Geth must be running in order for a user to interact with the Ethereum network. If this terminal is closed down then Geth must be restarted in a new terminal. Geth can be started and stopped easily, but it must be running for any interaction with -Ethereum to take place. To shut down Geth, simply press `CTRL+C` in the Geth terminal. To start it again, run the previous command `geth --datadir `. +If there is no error message reported to the terminal, everything is OK. Geth must be running in order for a user to interact with the Ethereum network. If this terminal is closed down then Geth must be restarted in a new terminal. Geth can be started and stopped easily, but it must be running for any interaction with Ethereum to take place. To shut down Geth, simply press `CTRL+C` in the Geth terminal. To start it again, run the previous command `geth --datadir `. {% include note.html content="Snap syncing Goerli will take some time and until the sync is finished you can't use the node to transfer funds. You can also try doing a [light sync](interface/les) which will be much quicker but depends on light servers being available to serve your node the data it needs." %} @@ -176,8 +170,7 @@ The address generated by Clef in Step 1 can be pasted into the Paradigm Multifau ## Step 5: Interact with Geth -For interacting with the blockchain, Geth provides JSON-RPC APIs. [JSON-RPC](https://ethereum.org/en/developers/docs/apis/json-rpc/) is a way to execute specific -tasks by sending instructions to Geth in the form of [JSON](https://www.json.org/json-en.html) objects. RPC stands for "Remote Procedure Call" and it refers to the ability to send these JSON-encoded instructions from locations outside of those managed by Geth. It is possible to interact with Geth by sending these JSON encoded instructions directly over Geth's exposed http port using tools like Curl. However, this is somewhat user-unfriendly and error-prone, especially for more complex instructions. For this reason, there are a set of libraries built on top of JSON-RPC that provide a more user-friendly interface for interacting with Geth. One of the most widely used is Web3.js. +For interacting with the blockchain, Geth provides JSON-RPC APIs. [JSON-RPC](https://ethereum.org/en/developers/docs/apis/json-rpc/) is a way to execute specific tasks by sending instructions to Geth in the form of [JSON](https://www.json.org/json-en.html) objects. RPC stands for "Remote Procedure Call" and it refers to the ability to send these JSON-encoded instructions from locations outside of those managed by Geth. It is possible to interact with Geth by sending these JSON encoded instructions directly over Geth's exposed http port using tools like Curl. However, this is somewhat user-unfriendly and error-prone, especially for more complex instructions. For this reason, there are a set of libraries built on top of JSON-RPC that provide a more user-friendly interface for interacting with Geth. One of the most widely used is Web3.js. Geth provides a Javascript console that exposes the Web3.js API. This means that with Geth running in one terminal, a Javascript environment can be opened in another allowing the user to interact with Geth using Web3.js. There are three transport protocols that can be used to connect the Javascript environment to Geth: