Extracted admin endpoints from chain_vault.py (2,178 lines) into
wallet_admin.py (768 lines). chain_vault.py is now 1,469 lines.
What moved to wallet_admin.py (29 routes):
- API keys: /api-keys, /api-keys/revoke
- Alerts: /alerts, /alerts/delete
- Webhooks: /webhooks, /webhooks/{id}, /webhooks/{id}/test,
/webhooks/{id}/retry, /webhooks/deliveries
- Audit trail: /audit-trail
- Bulk ops: /bulk/filter, /bulk/delete, /bulk/export, /export
- 2FA: /admin/2fa/{setup,verify-setup,disable,status}
- Config: /config
- Proof of Generation: /proof/{commit,provenance,verify,roots,stats}
What stayed in chain_vault.py (32 routes):
- Chain metadata: /chains, /stats, /healthz, /health-score
- RPC config: /rpc-chains
- Wallet gen: /generate, /generate/batch, /generate/all,
/import, /from-mnemonic, /derive-address, /hd-wallet
- Vault CRUD: /vault, /vault/{id}, /vault/{id}/full, DELETE
- Wallet ops: /tree, /cluster, /rotate, /rotate-sweep, /rotations,
/distribute, /sweep, /escrow, /escrow/release, /paper-wallet, /tx
- Validation: /validate/{chain}/{address}, /validate/all
- Balances: /balances, /balances/snapshot
- PDF: /paper-wallet/{id}/pdf, /wallet/{id}/birth-certificate
Helpers extracted to _persistent_store.py:
- _PersistentStore class (webhooks/alerts/payments SQLite store)
P3-7 fix: removed dead _webhooks global references in test/retry
endpoints — now uses _PersistentStore.all('webhooks')
Added to wallet_admin.py:
- _require_totp() helper (also kept in chain_vault.py for the
/vault/{id}/full endpoint that needs it)
- WebhookCreateRequest, BulkFilterRequest, BulkDeleteRequest models
(these were inlined in original chain_vault.py body — now in
the request schemas section)
P3-10 — WP plugin supported_chains() rewritten
Plugin used to advertise chains the backend doesn't support
('bitcoin' vs backend 'btc', 'ethereum' vs 'eth', etc.). Rewrote
to use correct backend keys + added a 'backend' field for clarity.
Now matches ADDRESS_GENERATION.md truth table.
main.py: updated import + include_router for wallet_admin.router.
Test results: 80 passed, 5 skipped (no regressions).
Refs: AUDIT.md P2-16, P3-7, P3-10, P3-17
82 lines
3.1 KiB
Python
82 lines
3.1 KiB
Python
"""Tests: chain definitions are valid and generate keys."""
|
|
import os
|
|
|
|
os.environ["WP_VAULT_PASSWORD"] = "test"
|
|
|
|
from core.config import cfg
|
|
cfg._vault_password = os.environ["WP_VAULT_PASSWORD"]
|
|
|
|
from wallet_engine.chains import CHAINS, ChainFamily, validate_address
|
|
from wallet_engine.generator import WalletGenerator
|
|
|
|
gen = WalletGenerator()
|
|
|
|
|
|
def test_all_chains_have_required_fields():
|
|
for key, c in CHAINS.items():
|
|
assert c.name, f"{key}: missing name"
|
|
assert c.symbol, f"{key}: missing symbol"
|
|
assert c.family in ChainFamily, f"{key}: invalid family {c.family}"
|
|
assert c.hd_path, f"{key}: missing hd_path"
|
|
assert c.curve, f"{key}: missing curve"
|
|
assert c.native_token, f"{key}: missing native_token"
|
|
|
|
|
|
def test_all_chains_generate_valid_wallet():
|
|
for key in CHAINS:
|
|
if key == "xmr":
|
|
continue # requires monero package
|
|
w = gen.generate(key)
|
|
assert w.address, f"{key}: empty address"
|
|
assert w.private_key_hex, f"{key}: empty private key"
|
|
assert w.chain == key
|
|
assert w.created_at > 0
|
|
|
|
|
|
def test_deterministic_addresses():
|
|
mnemonic = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about"
|
|
for key in ["eth", "sol", "btc", "trx", "bsc", "polygon", "base"]:
|
|
w1 = gen.generate(key, mnemonic=mnemonic)
|
|
w2 = gen.generate(key, mnemonic=mnemonic)
|
|
assert w1.address == w2.address, f"{key}: non-deterministic address"
|
|
|
|
|
|
def test_address_validation():
|
|
known = {
|
|
"eth": "0xd8da6bf26964af9d7eed9e03e53415d37aa96045",
|
|
"sol": "7EcDhSYGXxyscszYEp35KHN8vvw3svAuLKTzXwCFLtGQ",
|
|
"btc": "1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa",
|
|
"trx": "TXYZopYRdj2f9GkfC1mSXGJj1dCAg5XtKn",
|
|
"bsc": "0x8894e0a0c962cb723c1976a4421c95949be2d4e3",
|
|
"polygon": "0x0000000000000000000000000000000000001010",
|
|
"base": "0x4200000000000000000000000000000000000006",
|
|
}
|
|
for key, addr in known.items():
|
|
assert validate_address(key, addr), f"{key}: known good address fails validation"
|
|
|
|
|
|
def test_clear_sensitive():
|
|
w = gen.generate("eth")
|
|
pk = w.private_key_hex
|
|
assert pk, "private key should exist before clear"
|
|
w.clear_sensitive()
|
|
assert w.private_key_hex == "", "private key should be empty after clear"
|
|
|
|
|
|
def test_context_manager_zeroes_key():
|
|
with gen.generate("eth") as w:
|
|
pk = w.private_key_hex
|
|
assert pk, "private key should exist inside context"
|
|
assert w.private_key_hex == "", "private key should be zeroed after context exit"
|
|
|
|
|
|
def test_eip55_checksum():
|
|
w = gen.generate("eth", mnemonic="abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about")
|
|
addr = w.address
|
|
assert addr == "0x9858EfFD232B4033E47d90003D41EC34EcaEda94", f"Expected known EIP55 address, got {addr}"
|
|
|
|
|
|
def test_solana_base58():
|
|
w = gen.generate("sol", mnemonic="abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about")
|
|
assert w.address.startswith("H") or w.address.isprintable()
|
|
assert len(w.address) == 44, f"Expected 44-char base58 Solana address, got {len(w.address)}: {w.address}"
|