update account management

This commit is contained in:
Joe 2022-10-28 15:01:54 +01:00
parent a0462584a8
commit db739be2d4
2 changed files with 25 additions and 31 deletions

View File

@ -3,8 +3,7 @@ title: Account Management with Clef
description: Guide to basic account management using Geth's built-in tools description: Guide to basic account management using Geth's built-in tools
--- ---
Geth uses an external signer called Clef to manage accounts. This is a standalone pieve of software that runs independently of, but connects to, a Geth instance. Clef handles account creation, key management and signing transactions/data. This page explains how to use Clef to create and manage accounts for use with Geth. More information about Clef, including advanced setup options, are available in our dedicated Clef docs. Geth uses an external signer called [Clef](/docs/clef/introduction) to manage accounts. This is a standalone pieve of software that runs independently of, but connects to, a Geth instance. Clef handles account creation, key management and signing transactions/data. This page explains how to use Clef to create and manage accounts for use with Geth. More information about Clef, including advanced setup options, are available in our dedicated Clef docs.
## Connecting Geth and Clef ## Connecting Geth and Clef
@ -48,7 +47,15 @@ There are two modes of interaction with Clef. One is direct interaction, which i
### Creating accounts ### Creating accounts
New accounts can be created using Clef's `account new` method. This generates a new key pair and adds them to the `keystore` directory in the `datadir`. To create a new account in the default data directory, send the following request to Clef (this example send the request to Clef's exposed HTTP port using curl): New accounts can be created using Clef's `account new` method. This generates a new key pair and adds them to the given `keystore` directory:
```sh
clef newaccount --keystore sepolia-data/keystore
```
Clef will request the new password in the terminal.
The same can be achieved using raw JSON requests (this example send the request to Clef's exposed HTTP port using curl):
```shell ```shell
curl -X POST --data '{"id": 0, "jsonrpc": "2.0", "method": "account_new", "params": []}' http://localhost:8550 -H "Content-Type: application/json" curl -X POST --data '{"id": 0, "jsonrpc": "2.0", "method": "account_new", "params": []}' http://localhost:8550 -H "Content-Type: application/json"
@ -61,8 +68,7 @@ The console will hang because Clef is waiting for manual approval. Switch to the
It is critical to backup the account password safely and securely as it cannot be retrieved or reset. It is critical to backup the account password safely and securely as it cannot be retrieved or reset.
{% include note.html content=" If the password provided on account creation is lost or forgotten, there is no way to retrive it and the account will simply stay locked forever. The password MUST be backed up safely and securely! {% include note.html content=" If the password provided on account creation is lost or forgotten, there is no way to retrive it and the account will simply stay locked forever. The password MUST be backed up safely and securely! **IT IS CRITICAL TO BACKUP THE KEYSTORE AND REMEMBER PASSWORDS**" %}
**IT IS CRITICAL TO BACKUP THE KEYSTORE AND REMEMBER PASSWORDS**" %}
The newly generated key files can be viewed in `<datadir>/keystore/`. The file naming format is `UTC--<date>--<address>` where `date` is the date and time of key creation formatted according to [UTC 8601](https://www.iso.org/iso-8601-date-and-time-format.html) with zero time offset and seconds precise to eight decimal places. `address` is the 40 hexadecimal characters that make up the account address without a leading `0x`, for example: The newly generated key files can be viewed in `<datadir>/keystore/`. The file naming format is `UTC--<date>--<address>` where `date` is the date and time of key creation formatted according to [UTC 8601](https://www.iso.org/iso-8601-date-and-time-format.html) with zero time offset and seconds precise to eight decimal places. `address` is the 40 hexadecimal characters that make up the account address without a leading `0x`, for example:
@ -139,32 +145,27 @@ geth wallet import /path/presale.wallet
## Updating accounts ## Updating accounts
Geth's `account update` subcommand is used to unlock an account and migrate it to the newest format. This is useful for accounts that may have been created in a format that has since been deprecated. The same command can be used to update the account password. The current password and account address are needed in order to update the account, as follows: Clef can be used to set and remove passwords for an existing keystore file. To set a new password, pass the account address to `setpw`:
```sh
clef setpw a94f5374fce5edbc8e2a8697c15331677e6ebf0b
```
This will cause Clef to prompt for a new password, twice, and then the Clef master password to decrypt the keyfile.
Geth's `account update` subcommand can also be used to update the account password:
```shell ```shell
geth account update a94f5374fce5edbc8e2a8697c15331677e6ebf0b geth account update a94f5374fce5edbc8e2a8697c15331677e6ebf0b
``` ```
The following will be returned to the terminal:
```terminal
Unlocking account a94f5374fce5edbc8e2a8697c15331677e6ebf0b | Attempt 1/3
Passphrase:
0xa94f5374fce5edbc8e2a8697c15331677e6ebf0b
Account 'a94f5374fce5edbc8e2a8697c15331677e6ebf0b' unlocked.
Please give a new password. Do not forget this password.
Passphrase:
Repeat Passphrase:
0xa94f5374fce5edbc8e2a8697c15331677e6ebf0b
```
Alternatively, in non-interactive mode the path to a password file containing the account password in unencrypted plaintext can be passed with the `--password` flag: Alternatively, in non-interactive mode the path to a password file containing the account password in unencrypted plaintext can be passed with the `--password` flag:
```shell ```shell
geth account update a94f5374fce5edbc8e2a8697c15331677e6ebf0b --password path/password.txt geth account update a94f5374fce5edbc8e2a8697c15331677e6ebf0b --password path/password.txt
``` ```
Updating the account replaces the original file with a new one - this means the original file is no longer available after it has been updated. Updating the account using `geth account update` replaces the original file with a new one - this means the original file is no longer available after it has been updated. This can be used to update a key file to the latest format.
## Unlocking accounts ## Unlocking accounts

View File

@ -82,9 +82,7 @@ The previous commands used Clef's `newaccount` function to add new key pairs to
To start Clef, run the Clef executable passing as arguments the keystore file location, config directory location and a chain ID. The config directory was automatically created inside the `geth-tutorial` directory during the previous step. The [chain ID](https://chainlist.org/) is an integer that defines which Ethereum network to connect to. Ethereum mainnet has chain ID 1. In this tutorial Chain ID 5 is used which is that of the Goerli testnet. It is very important that this chain ID parameter is set to 5. The following command starts Clef on Goerli: To start Clef, run the Clef executable passing as arguments the keystore file location, config directory location and a chain ID. The config directory was automatically created inside the `geth-tutorial` directory during the previous step. The [chain ID](https://chainlist.org/) is an integer that defines which Ethereum network to connect to. Ethereum mainnet has chain ID 1. In this tutorial Chain ID 5 is used which is that of the Goerli testnet. It is very important that this chain ID parameter is set to 5. The following command starts Clef on Goerli:
```shell ```shell
clef --keystore geth-tutorial/keystore --configdir geth-tutorial/clef --chainid 5 clef --keystore geth-tutorial/keystore --configdir geth-tutorial/clef --chainid 5
``` ```
After running the command above, Clef requests the user to type “ok” to proceed. On typing "ok" and pressing enter, Clef returns the following to the terminal: After running the command above, Clef requests the user to type “ok” to proceed. On typing "ok" and pressing enter, Clef returns the following to the terminal:
@ -146,8 +144,7 @@ WARN [02-10|13:59:06.999] Failed to open wallet url=extapi://
INFO [02-10|13:59:08.793] Block synchronisation started INFO [02-10|13:59:08.793] Block synchronisation started
``` ```
This indicates that Geth has started up and is searching for peers to connect to. Once it finds peers it can request block headers from them, starting at the genesis block for the Goerli blockchain. Geth continues to download blocks sequentially, saving the data in files in `/go-ethereum/geth-tutorial/geth/chaindata/`. This indicates that Geth has started up and is searching for peers to connect to. Once it finds peers it can request block headers from them, starting at the genesis block for the Goerli blockchain. Geth continues to download blocks sequentially, saving the data in files in `/go-ethereum/geth-tutorial/geth/chaindata/`. This is confirmed by the logs printed to the terminal. There should be a rapidly-growing sequence of logs in the terminal with the following syntax:
This is confirmed by the logs printed to the terminal. There should be a rapidly-growing sequence of logs in the terminal with the following syntax:
```terminal ```terminal
INFO [04-29][15:54:09.238] Looking for peers peercount=2 tried=0 static=0 INFO [04-29][15:54:09.238] Looking for peers peercount=2 tried=0 static=0
@ -155,16 +152,13 @@ INFO [04-29][15:54:19.393] Imported new block headers count=2 elapsed=1.127ms
INFO [04-29][15:54:19:656] Imported new block receipts count=698 elapsed=4.464ms number=994566 hash=56dc44..007c93 age=13h9m9s INFO [04-29][15:54:19:656] Imported new block receipts count=698 elapsed=4.464ms number=994566 hash=56dc44..007c93 age=13h9m9s
``` ```
These logs indicate that Geth is running as expected. Sending an empty Curl request to the http server These logs indicate that Geth is running as expected. Sending an empty Curl request to the http server provides a quick way to confirm that this too has been started without any issues. In a third terminal, the following command can be run:
provides a quick way to confirm that this too has been started without any issues. In a third terminal,
the following command can be run:
```shell ```shell
curl http://localhost:8545 curl http://localhost:8545
``` ```
If there is no error message reported to the terminal, everything is OK. Geth must be running in order for a user to interact with the Ethereum network. If this terminal is closed down then Geth must be restarted in a new terminal. Geth can be started and stopped easily, but it must be running for any interaction with If there is no error message reported to the terminal, everything is OK. Geth must be running in order for a user to interact with the Ethereum network. If this terminal is closed down then Geth must be restarted in a new terminal. Geth can be started and stopped easily, but it must be running for any interaction with Ethereum to take place. To shut down Geth, simply press `CTRL+C` in the Geth terminal. To start it again, run the previous command `geth --datadir <other commands>`.
Ethereum to take place. To shut down Geth, simply press `CTRL+C` in the Geth terminal. To start it again, run the previous command `geth --datadir <other commands>`.
{% include note.html content="Snap syncing Goerli will take some time and until the sync is finished you can't use the node to transfer funds. You can also try doing a [light sync](interface/les) which will be much quicker but depends on light servers being available to serve your node the data it needs." %} {% include note.html content="Snap syncing Goerli will take some time and until the sync is finished you can't use the node to transfer funds. You can also try doing a [light sync](interface/les) which will be much quicker but depends on light servers being available to serve your node the data it needs." %}
@ -176,8 +170,7 @@ The address generated by Clef in Step 1 can be pasted into the Paradigm Multifau
## Step 5: Interact with Geth ## Step 5: Interact with Geth
For interacting with the blockchain, Geth provides JSON-RPC APIs. [JSON-RPC](https://ethereum.org/en/developers/docs/apis/json-rpc/) is a way to execute specific For interacting with the blockchain, Geth provides JSON-RPC APIs. [JSON-RPC](https://ethereum.org/en/developers/docs/apis/json-rpc/) is a way to execute specific tasks by sending instructions to Geth in the form of [JSON](https://www.json.org/json-en.html) objects. RPC stands for "Remote Procedure Call" and it refers to the ability to send these JSON-encoded instructions from locations outside of those managed by Geth. It is possible to interact with Geth by sending these JSON encoded instructions directly over Geth's exposed http port using tools like Curl. However, this is somewhat user-unfriendly and error-prone, especially for more complex instructions. For this reason, there are a set of libraries built on top of JSON-RPC that provide a more user-friendly interface for interacting with Geth. One of the most widely used is Web3.js.
tasks by sending instructions to Geth in the form of [JSON](https://www.json.org/json-en.html) objects. RPC stands for "Remote Procedure Call" and it refers to the ability to send these JSON-encoded instructions from locations outside of those managed by Geth. It is possible to interact with Geth by sending these JSON encoded instructions directly over Geth's exposed http port using tools like Curl. However, this is somewhat user-unfriendly and error-prone, especially for more complex instructions. For this reason, there are a set of libraries built on top of JSON-RPC that provide a more user-friendly interface for interacting with Geth. One of the most widely used is Web3.js.
Geth provides a Javascript console that exposes the Web3.js API. This means that with Geth running in one terminal, a Javascript environment can be opened in another allowing the user to interact with Geth using Web3.js. There are three transport protocols that can be used to connect the Javascript environment to Geth: Geth provides a Javascript console that exposes the Web3.js API. This means that with Geth running in one terminal, a Javascript environment can be opened in another allowing the user to interact with Geth using Web3.js. There are three transport protocols that can be used to connect the Javascript environment to Geth: