More Backports for Stable 2.3.5 (#10430)

* revert some changes, could be buggy (#10399)

* ci: clean up gitlab-ci.yml leftovers from previous merge (#10429)

* 10000 > 5000 (#10422)

addresses #10418

* fix underflow in pip, closes #10419 (#10423)

* fix panic when logging directory does not exist, closes #10420 (#10424)

* Update hardcoded headers for Foundation, Ropsten, Kovan and Classic (#10417)

* update foundation to #7262209

* update kovan to #10434561

* update ropsten to #5027841

* update classic to #7555073

* Update Ropsten headers to #5101569

.cargo/config

@@ -1,3 +1,3 @@
 [target.x86_64-pc-windows-msvc]
-# Link the C runtime statically ; https://github.com/openethereum/parity-ethereum/issues/6643
+# Link the C runtime statically ; https://github.com/paritytech/parity-ethereum/issues/6643
 rustflags = ["-Ctarget-feature=+crt-static"]

.git-blame-ignore-revs

@@ -1,2 +0,0 @@
-# Reformat the source code
-610d9baba4af83b5767c659ca2ccfed337af1056

.github/CODE_OF_CONDUCT.md

@@ -2,11 +2,11 @@
 
 ## 1. Purpose
 
-A primary goal of OpenEthereum is to be inclusive to the largest number of contributors, with the most varied and diverse backgrounds possible. As such, we are committed to providing a friendly, safe and welcoming environment for all, regardless of gender, sexual orientation, ability, ethnicity, socioeconomic status, and religion (or lack thereof).
+A primary goal of Parity is to be inclusive to the largest number of contributors, with the most varied and diverse backgrounds possible. As such, we are committed to providing a friendly, safe and welcoming environment for all, regardless of gender, sexual orientation, ability, ethnicity, socioeconomic status, and religion (or lack thereof).
 
 This code of conduct outlines our expectations for all those who participate in our community, as well as the consequences for unacceptable behavior.
 
-We invite all those who participate in OpenEthereum to help us create safe and positive experiences for everyone.
+We invite all those who participate in Parity to help us create safe and positive experiences for everyone.
 
 ## 2. Open Source Citizenship
 
@@ -63,7 +63,7 @@ Additionally, community organizers are available to help community members engag
 
 ## 7. Addressing Grievances
 
-If you feel you have been falsely or unfairly accused of violating this Code of Conduct, you should notify OpenEthereum Technologies with a concise description of your grievance. Your grievance will be handled in accordance with our existing governing policies.
+If you feel you have been falsely or unfairly accused of violating this Code of Conduct, you should notify Parity Technologies with a concise description of your grievance. Your grievance will be handled in accordance with our existing governing policies.
 
 ## 8. Scope
 
@@ -73,7 +73,7 @@ This code of conduct and its related procedures also applies to unacceptable beh
 
 ## 9. Contact info
 
-You can contact OpenEthereum via Email: community@parity.io
+You can contact Parity via Email: community@parity.io
 
 ## 10. License and attribution
 

.github/CONTRIBUTING.md

@@ -2,7 +2,7 @@
 
 ## Do you have a question?
 
-Check out our [Beginner Introduction](https://openethereum.github.io/Beginner-Introduction), [Configuration](https://openethereum.github.io//Configuring-OpenEthereum), and [FAQ](https://openethereum.github.io/FAQ) articles on our [wiki](https://openethereum.github.io/)!
+Check out our [Basic Usage](https://wiki.parity.io/Basic-Usage), [Configuration](https://wiki.parity.io/Configuring-Parity-Ethereum), and [FAQ](https://wiki.parity.io/FAQ) articles on our [wiki](https://wiki.parity.io/)!
 
 See also frequently asked questions [tagged with `parity`](https://ethereum.stackexchange.com/questions/tagged/parity?sort=votes&pageSize=50) on Stack Exchange.
 
@@ -10,11 +10,11 @@ See also frequently asked questions [tagged with `parity`](https://ethereum.stac
 
 Do **not** open an issue on Github if you think your discovered bug could be a **security-relevant vulnerability**. Please, read our [security policy](../SECURITY.md) instead.
 
-Otherwise, just create a [new issue](https://github.com/openethereum/openethereum/issues/new) in our repository and state:
+Otherwise, just create a [new issue](https://github.com/paritytech/parity-ethereum/issues/new) in our repository and state:
 
-- What's your OpenEthereum version?
+- What's your Parity Ethereum version?
 - What's your operating system and version?
-- How did you install OpenEthereum?
+- How did you install Parity Ethereum?
 - Is your node fully synchronized?
 - Did you try turning it off and on again?
 
@@ -22,44 +22,9 @@ Also, try to include **steps to reproduce** the issue and expand on the **actual
 
 ## Contribute!
 
-If you would like to contribute to OpenEthereum, please **fork it**, fix bugs or implement features, and [propose a pull request](https://github.com/openethereum/openethereum/compare).
+If you would like to contribute to Parity Ethereum, please **fork it**, fix bugs or implement features, and [propose a pull request](https://github.com/paritytech/parity-ethereum/compare).
 
-### Labels & Milestones
-
-We use [labels](https://github.com/openethereum/openethereum/labels) to manage PRs and issues and communicate the state of a PR. Please familiarize yourself with them. Furthermore we are organizing issues in [milestones](https://github.com/openethereum/openethereum/milestones). Best way to get started is to a pick a ticket from the current milestone tagged [`easy`](https://github.com/openethereum/openethereum/labels/Q2-easy%20%F0%9F%92%83) and get going, or [`mentor`](https://github.com/openethereum/openethereum/labels/Q1-mentor%20%F0%9F%95%BA) and get in contact with the mentor offering their support on that larger task.
-
-### Rules
-
-There are a few basic ground-rules for contributors (including the maintainer(s) of the project):
-
-* **No pushing directly to the master branch**.
-* **All modifications** must be made in a **pull-request** to solicit feedback from other contributors.
-* Pull-requests cannot be merged before CI runs green and two reviewers have given their approval.
-* All code changed should be formated by running `cargo fmt -- --config=merge_imports=true`
-
-### Recommendations
-
-* **Non-master branch names** *should* be prefixed with a short name moniker, followed by the associated Github Issue ID (if any), and a brief description of the task using the format `<GITHUB_USERNAME>-<ISSUE_ID>-<BRIEF_DESCRIPTION>` (e.g. `gavin-123-readme`). The name moniker helps people to inquiry about their unfinished work, and the GitHub Issue ID helps your future self and other developers (particularly those who are onboarding) find out about and understand the original scope of the task, and where it fits into Parity Ethereum [Projects](https://github.com/openethereum/openethereum/projects).
-* **Remove stale branches periodically**
-
-### Preparing Pull Requests
-
-* If your PR does not alter any logic (e.g. comments, dependencies, docs), then it may be tagged [`insubstantial`](https://github.com/openethereum/openethereum/pulls?q=is%3Aopen+is%3Apr+label%3A%22A2-insubstantial+%F0%9F%91%B6%22).
-
-* Once a PR is ready for review please add the [`pleasereview`](https://github.com/openethereum/openethereum/pulls?utf8=%E2%9C%93&q=is%3Aopen+is%3Apr+label%3A%22A0-pleasereview+%F0%9F%A4%93%22+) label.
-
-### Reviewing Pull Requests*:
-
-* At least two reviewers are required to review PRs (even for PRs tagged [`insubstantial`](https://github.com/openethereum/openethereum/pulls?q=is%3Aopen+is%3Apr+label%3A%22A2-insubstantial+%F0%9F%91%B6%22)).
-
-When doing a review, make sure to look for any:
-
-* Buggy behavior.
-* Undue maintenance burden.
-* Breaking with house coding style.
-* Pessimization (i.e. reduction of speed as measured in the projects benchmarks).
-* Breaking changes should be carefuly reviewed and tagged as such so they end up in the [changelog](../CHANGELOG.md).
-* Uselessness (i.e. it does not strictly add a feature or fix a known issue).
+Please, refer to the [Coding Guide](https://wiki.parity.io/Coding-guide) in our wiki for more details about hacking on Parity.
 
 ## License.
 

.github/ISSUE_TEMPLATE.md

@@ -1,8 +1,6 @@
-For questions please use https://discord.io/openethereum, issues are for bugs and feature requests.
-
 _Before filing a new issue, please **provide the following information**._
 
-- **OpenEthereum version (>=3.1.0)**: 0.0.0
+- **Parity Ethereum version**: 0.0.0
 - **Operating system**: Windows / MacOS / Linux
 - **Installation**: homebrew / one-line installer / built from source
 - **Fully synchronized**: no / yes

.github/workflows/build-test-windows.yml

@@ -1,33 +0,0 @@
-name:                           Build and Test Suite on Windows
-
-on:
-  push:
-    branches:
-      - main
-      - dev
-jobs:
-  build-tests:
-    name:                       Test and Build
-    strategy:
-      matrix:
-        platform:
-          - windows2019 # custom runner
-        toolchain:
-          - 1.52.1
-    runs-on:                    ${{ matrix.platform }}
-    steps:
-      - name:                   Checkout sources
-        uses:                   actions/checkout@main
-        with:
-          submodules:           true
-      - name:                   Install toolchain
-        uses:                   actions-rs/toolchain@v1
-        with:
-          toolchain:            ${{ matrix.toolchain }}
-          profile:              minimal
-          override:             true
-      - name:                   Build tests
-        uses:                   actions-rs/cargo@v1
-        with:
-          command:              test
-          args:                 --locked --all --release --features "json-tests" --verbose --no-run

.github/workflows/build-test.yml

@@ -1,40 +0,0 @@
-name:                           Build and Test Suite
-
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-      - dev
-jobs:
-  build-tests:
-    name:                       Test and Build
-    strategy:
-      matrix:
-        platform:
-          - ubuntu-16.04
-          - macos-latest
-        toolchain:
-          - 1.52.1
-    runs-on:                    ${{ matrix.platform }}
-    steps:
-      - name:                   Checkout sources
-        uses:                   actions/checkout@main
-        with:
-          submodules:           true
-      - name:                   Install toolchain
-        uses:                   actions-rs/toolchain@v1
-        with:
-          toolchain:            ${{ matrix.toolchain }}
-          profile:              minimal
-          override:             true
-      - name:                   Build tests
-        uses:                   actions-rs/cargo@v1
-        with:
-          command:              test
-          args:                 --locked --all --release --features "json-tests" --verbose --no-run
-      - name:                   Run tests for ${{ matrix.platform }}	
-        uses:                   actions-rs/cargo@v1	
-        with:	
-          command:              test	
-          args:                 --locked --all --release --features "json-tests" --verbose

.github/workflows/build.yml

@@ -1,285 +0,0 @@
-name:                           Build Release Suite
-
-on:
-  push:
-    tags:
-      - v*
-
-# Global vars
-env:
-  AWS_REGION:                   "us-east-1"
-  AWS_S3_ARTIFACTS_BUCKET:      "openethereum-releases"
-  ACTIONS_ALLOW_UNSECURE_COMMANDS: true
-
-jobs:
-  build:
-    name:                       Build Release
-    strategy:
-      matrix:
-        platform:
-          - ubuntu-16.04
-          - macos-latest
-        toolchain:
-          - 1.52.1
-    runs-on:                    ${{ matrix.platform }}
-    steps:
-      - name:                   Checkout sources
-        uses:                   actions/checkout@main
-      - name:                   Install toolchain
-        uses:                   actions-rs/toolchain@v1
-        with:
-          toolchain:            ${{ matrix.toolchain }}
-          profile:              minimal
-          override:             true
-
-      # ==============================
-      #       Windows Build
-      # ==============================
-
-      # - name:                   Install LLVM for Windows
-      #   if:                     matrix.platform == 'windows2019'
-      #   run:                    choco install llvm
-
-      # - name:                   Build OpenEthereum for Windows
-      #   if:                     matrix.platform == 'windows2019'
-      #   run:                    sh scripts/actions/build-windows.sh ${{matrix.platform}}
-
-      # - name:                   Upload Windows build
-      #   uses:                   actions/upload-artifact@v2
-      #   if:                     matrix.platform == 'windows2019'
-      #   with:
-      #     name:                 windows-artifacts
-      #     path:                 artifacts
-
-      # ==============================
-      #       Linux/Macos Build
-      # ==============================
-    
-      - name:                   Build OpenEthereum for ${{matrix.platform}}
-        if:                     matrix.platform != 'windows2019'
-        run:                    sh scripts/actions/build-linux.sh ${{matrix.platform}}
-
-      - name:                   Upload Linux build
-        uses:                   actions/upload-artifact@v2
-        if:                     matrix.platform == 'ubuntu-16.04'
-        with:
-          name:                 linux-artifacts
-          path:                 artifacts
-
-      - name:                   Upload MacOS build
-        uses:                   actions/upload-artifact@v2
-        if:                     matrix.platform == 'macos-latest'
-        with:
-          name:                 macos-artifacts
-          path:                 artifacts
-
-  zip-artifacts-creator:
-    name:                       Create zip artifacts
-    needs:                      build
-    runs-on:                    ubuntu-16.04
-    steps:
-      - name:                   Set env
-        run:                    echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-
-      # ==============================
-      #       Create ZIP files
-      # ==============================
-
-      # - name:                   Download Windows artifacts
-      #   uses:                   actions/download-artifact@v2
-      #   with:
-      #     name:                 windows-artifacts
-      #     path:                 windows-artifacts
-
-      - name:                   Download Linux artifacts
-        uses:                   actions/download-artifact@v2
-        with:
-          name:                 linux-artifacts
-          path:                 linux-artifacts
-
-      - name:                   Download MacOS artifacts
-        uses:                   actions/download-artifact@v2
-        with:
-          name:                 macos-artifacts
-          path:                 macos-artifacts
-
-      - name:                   Display structure of downloaded files
-        run:                    ls
-
-      - name:                   Create zip Linux
-        id:                     create_zip_linux
-        run: |
-          cd linux-artifacts/
-          zip -rT openethereum-linux-${{ env.RELEASE_VERSION }}.zip *
-          ls openethereum-linux-${{ env.RELEASE_VERSION }}.zip
-          cd ..
-          mv linux-artifacts/openethereum-linux-${{ env.RELEASE_VERSION }}.zip .
-
-          echo "Setting outputs..."
-          echo ::set-output name=LINUX_ARTIFACT::openethereum-linux-${{ env.RELEASE_VERSION }}.zip
-          echo ::set-output name=LINUX_SHASUM::$(shasum -a 256 openethereum-linux-${{ env.RELEASE_VERSION }}.zip | awk '{print $1}')
-
-      - name:                   Create zip MacOS
-        id:                     create_zip_macos
-        run: |
-          cd macos-artifacts/
-          zip -rT openethereum-macos-${{ env.RELEASE_VERSION }}.zip *
-          ls openethereum-macos-${{ env.RELEASE_VERSION }}.zip
-          cd ..
-          mv macos-artifacts/openethereum-macos-${{ env.RELEASE_VERSION }}.zip .
-
-          echo "Setting outputs..."
-          echo ::set-output name=MACOS_ARTIFACT::openethereum-macos-${{ env.RELEASE_VERSION }}.zip
-          echo ::set-output name=MACOS_SHASUM::$(shasum -a 256 openethereum-macos-${{ env.RELEASE_VERSION }}.zip | awk '{print $1}')
-
-      # - name:                   Create zip Windows
-      #   id:                     create_zip_windows
-      #   run: |
-      #     cd windows-artifacts/
-      #     zip -rT openethereum-windows-${{ env.RELEASE_VERSION }}.zip *
-      #     ls openethereum-windows-${{ env.RELEASE_VERSION }}.zip
-      #     cd ..
-      #     mv windows-artifacts/openethereum-windows-${{ env.RELEASE_VERSION }}.zip .
-
-      #     echo "Setting outputs..."
-      #     echo ::set-output name=WINDOWS_ARTIFACT::openethereum-windows-${{ env.RELEASE_VERSION }}.zip
-      #     echo ::set-output name=WINDOWS_SHASUM::$(shasum -a 256 openethereum-windows-${{ env.RELEASE_VERSION }}.zip | awk '{print $1}')
-
-      # =======================================================================
-      # Upload artifacts
-      # This is required to share artifacts between different jobs
-      # =======================================================================
-
-      - name:                   Upload artifacts
-        uses:                   actions/upload-artifact@v2
-        with:
-          name:                 openethereum-linux-${{ env.RELEASE_VERSION }}.zip
-          path:                 openethereum-linux-${{ env.RELEASE_VERSION }}.zip
-
-      - name:                   Upload artifacts
-        uses:                   actions/upload-artifact@v2
-        with:
-          name:                 openethereum-macos-${{ env.RELEASE_VERSION }}.zip
-          path:                 openethereum-macos-${{ env.RELEASE_VERSION }}.zip
-
-      # - name:                   Upload artifacts
-      #   uses:                   actions/upload-artifact@v2
-      #   with:
-      #     name:                 openethereum-windows-${{ env.RELEASE_VERSION }}.zip
-      #     path:                 openethereum-windows-${{ env.RELEASE_VERSION }}.zip
-
-      # =======================================================================
-      # Upload artifacts to S3
-      # This is required by some software distribution systems which require
-      # artifacts to be downloadable, like Brew on MacOS.
-      # =======================================================================
-      - name:                   Configure AWS credentials
-        uses:                   aws-actions/configure-aws-credentials@v1
-        with:
-          aws-access-key-id:     ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region:            ${{ env.AWS_REGION }}
-
-      - name:                   Copy files to S3 with the AWS CLI
-        run: |
-          # Deploy zip artifacts to S3 bucket to a directory whose name is the tagged release version.
-          # Deploy macos binary artifact (if required, add more `aws s3 cp` commands to deploy specific OS versions)
-          aws s3 cp macos-artifacts/openethereum s3://${{ env.AWS_S3_ARTIFACTS_BUCKET }}/${{ env.RELEASE_VERSION }}/macos/ --region ${{ env.AWS_REGION }}
-
-    outputs:
-      linux-artifact:           ${{ steps.create_zip_linux.outputs.LINUX_ARTIFACT }}
-      linux-shasum:             ${{ steps.create_zip_linux.outputs.LINUX_SHASUM }}
-      macos-artifact:           ${{ steps.create_zip_macos.outputs.MACOS_ARTIFACT }}
-      macos-shasum:             ${{ steps.create_zip_macos.outputs.MACOS_SHASUM }}
-      # windows-artifact:         ${{ steps.create_zip_windows.outputs.WINDOWS_ARTIFACT }}
-      # windows-shasum:           ${{ steps.create_zip_windows.outputs.WINDOWS_SHASUM }}
-
-  draft-release:
-    name:                       Draft Release
-    needs:                      zip-artifacts-creator
-    runs-on:                    ubuntu-16.04
-    steps:
-      - name:                   Set env
-        run:                    echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-
-      # ==============================
-      #       Download artifacts
-      # ==============================
-
-      - name:                   Download artifacts
-        uses:                   actions/download-artifact@v2
-        with:
-          name:                 openethereum-linux-${{ env.RELEASE_VERSION }}.zip
-
-      - name:                   Download artifacts
-        uses:                   actions/download-artifact@v2
-        with:
-          name:                 openethereum-macos-${{ env.RELEASE_VERSION }}.zip
-
-      # - name:                   Download artifacts
-      #   uses:                   actions/download-artifact@v2
-      #   with:
-      #     name:                 openethereum-windows-${{ env.RELEASE_VERSION }}.zip
-
-      - name:                   Display structure of downloaded files
-        run:                    ls
-
-      # ==============================
-      #       Create release draft
-      # ==============================
-
-      - name:                   Create Release Draft
-        id:                     create_release_draft
-        uses:                   actions/create-release@v1
-        env:
-          GITHUB_TOKEN:         ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
-        with:
-          tag_name:             ${{ github.ref }}
-          release_name:         OpenEthereum ${{ github.ref }}
-          body: |
-            This release contains <ADD_TEXT>
-
-            | System | Architecture | Binary | Sha256 Checksum |
-            |:---:|:---:|:---:|:---|
-            | <img src="https://gist.github.com/5chdn/1fce888fde1d773761f809b607757f76/raw/44c4f0fc63f1ea8e61a9513af5131ef65eaa6c75/apple.png" alt="Apple Icon by Pixel Perfect from https://www.flaticon.com/authors/pixel-perfect" style="width: 32px;"/> | x64 | [${{ needs.zip-artifacts-creator.outputs.macos-artifact }}](https://github.com/openethereum/openethereum/releases/download/${{ env.RELEASE_VERSION }}/${{ needs.zip-artifacts-creator.outputs.macos-artifact }}) | `${{ needs.zip-artifacts-creator.outputs.macos-shasum }}` |
-            | <img src="https://gist.github.com/5chdn/1fce888fde1d773761f809b607757f76/raw/44c4f0fc63f1ea8e61a9513af5131ef65eaa6c75/linux.png" alt="Linux Icon by Pixel Perfect from https://www.flaticon.com/authors/pixel-perfect" style="width: 32px;"/> | x64 | [${{ needs.zip-artifacts-creator.outputs.linux-artifact }}](https://github.com/openethereum/openethereum/releases/download/${{ env.RELEASE_VERSION }}/${{ needs.zip-artifacts-creator.outputs.linux-artifact }}) | `${{ needs.zip-artifacts-creator.outputs.linux-shasum }}` |
-            | <img src="https://gist.github.com/5chdn/1fce888fde1d773761f809b607757f76/raw/44c4f0fc63f1ea8e61a9513af5131ef65eaa6c75/windows.png" alt="Windows Icon by Pixel Perfect from https://www.flaticon.com/authors/pixel-perfect" style="width: 32px;"/> | x64 | [${{ needs.zip-artifacts-creator.outputs.windows-artifact }}](https://github.com/openethereum/openethereum/releases/download/${{ env.RELEASE_VERSION }}/${{ needs.zip-artifacts-creator.outputs.windows-artifact }}) | `${{ needs.zip-artifacts-creator.outputs.windows-shasum }}` |
-            | | | | |
-            | **System** | **Option** | - | **Resource** |
-            | <img src="https://gist.github.com/5chdn/1fce888fde1d773761f809b607757f76/raw/44c4f0fc63f1ea8e61a9513af5131ef65eaa6c75/settings.png" alt="Settings Icon by Pixel Perfect from https://www.flaticon.com/authors/pixel-perfect" style="width: 32px;"/> | Docker | - | [hub.docker.com/r/openethereum/openethereum](https://hub.docker.com/r/openethereum/openethereum) |
-
-          draft:                true
-          prerelease:           true
-
-      - name:                   Upload Release Asset - Linux
-        id:                     upload_release_asset_linux
-        uses:                   actions/upload-release-asset@v1.0.1
-        env:
-          GITHUB_TOKEN:         ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url:           ${{ steps.create_release_draft.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
-          asset_path:           ./openethereum-linux-${{ env.RELEASE_VERSION }}.zip
-          asset_name:           openethereum-linux-${{ env.RELEASE_VERSION }}.zip
-          asset_content_type:   application/zip
-
-      - name:                   Upload Release Asset - MacOS
-        id:                     upload_release_asset_macos
-        uses:                   actions/upload-release-asset@v1.0.1
-        env:
-          GITHUB_TOKEN:         ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url:           ${{ steps.create_release_draft.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
-          asset_path:           ./openethereum-macos-${{ env.RELEASE_VERSION }}.zip
-          asset_name:           openethereum-macos-${{ env.RELEASE_VERSION }}.zip
-          asset_content_type:   application/zip
-
-      # - name:                   Upload Release Asset - Windows
-      #   id:                     upload_release_asset_windows
-      #   uses:                   actions/upload-release-asset@v1
-      #   env:
-      #     GITHUB_TOKEN:         ${{ secrets.GITHUB_TOKEN }}
-      #   with:
-      #     upload_url:           ${{ steps.create_release_draft.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
-      #     asset_path:           ./openethereum-windows-${{ env.RELEASE_VERSION }}.zip
-      #     asset_name:           openethereum-windows-${{ env.RELEASE_VERSION }}.zip
-      #     asset_content_type:   application/zip

.github/workflows/check.yml

@@ -1,50 +0,0 @@
-name:                           Check
-
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-      - dev
-jobs:
-  check:
-    name:                       Check
-    runs-on:                    ubuntu-16.04
-    steps:
-      - name:                   Checkout sources
-        uses:                   actions/checkout@main
-        with:
-          submodules:           true
-      - name:                   Install 1.52.1 toolchain
-        uses:                   actions-rs/toolchain@v1
-        with:
-          toolchain:            1.52.1
-          profile:              minimal
-          override:             true
-      - name:                   Run cargo check 1/3
-        uses:                   actions-rs/cargo@v1
-        with:
-          command:              check
-          args:                 --locked --no-default-features --verbose
-      - name:                   Run cargo check 2/3
-        uses:                   actions-rs/cargo@v1
-        with:
-          command:              check
-          args:                 --locked --manifest-path crates/runtime/io/Cargo.toml --no-default-features --verbose
-      - name:                   Run cargo check 3/3
-        uses:                   actions-rs/cargo@v1
-        with:
-          command:              check
-          args:                 --locked --manifest-path crates/runtime/io/Cargo.toml --features "mio" --verbose
-      - name:                   Run cargo check evmbin
-        uses:                   actions-rs/cargo@v1
-        with:
-          command:              check
-          args:                 --locked -p evmbin --verbose
-      - name:                   Run cargo check benches
-        uses:                   actions-rs/cargo@v1
-        with:
-          command:              check
-          args:                 --locked --all --benches --verbose
-      - name:                   Run validate chainspecs
-        run:                    ./scripts/actions/validate-chainspecs.sh

.github/workflows/deploy-docker-nightly.yml

@@ -1,29 +0,0 @@
-name:                           Docker Image Nightly Release
-
-# Run "nightly" build on each commit to "dev" branch.
-on:
-  push:
-    branches:
-      - dev
-
-jobs:
-  deploy-docker:
-    name:                       Build Release
-    runs-on:                    ubuntu-latest
-    steps:
-      - name:                   Checkout sources
-        uses:                   actions/checkout@master
-      - name:                   Install toolchain
-        uses:                   actions-rs/toolchain@v1
-        with:
-          toolchain:            1.52.1
-          profile:              minimal
-          override:             true
-      - name:                   Deploy to docker hub
-        uses: elgohr/Publish-Docker-Github-Action@master
-        with:
-          name: openethereum/openethereum
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-          dockerfile: scripts/docker/alpine/Dockerfile
-          tags: "nightly"

.github/workflows/deploy-docker-tag.yml

@@ -1,30 +0,0 @@
-name:                           Docker Image Tag and Latest Release
-
-on:
-  push:
-    tags:
-      - v*
-
-jobs:
-  deploy-docker:
-    name:                       Build Release
-    runs-on:                    ubuntu-latest
-    steps:
-      - name:                   Checkout sources
-        uses:                   actions/checkout@master
-      - name:                   Set env
-        run:                    echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-      - name:                   Install toolchain
-        uses:                   actions-rs/toolchain@v1
-        with:
-          toolchain:            1.52.1
-          profile:              minimal
-          override:             true
-      - name:                   Deploy to docker hub
-        uses: elgohr/Publish-Docker-Github-Action@master
-        with:
-          name: openethereum/openethereum
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-          dockerfile: scripts/docker/alpine/Dockerfile
-          tags: "latest,${{ env.RELEASE_VERSION }}"

.github/workflows/deploy-docker.yml

@@ -1,30 +0,0 @@
-name:                           Docker Image Release
-
-on:
-  push:
-    branches:
-      - main
-    tags:
-      - v*
-
-jobs:
-  deploy-docker:
-    name:                       Build Release
-    runs-on:                    ubuntu-latest
-    steps:
-      - name:                   Checkout sources
-        uses:                   actions/checkout@master
-      - name:                   Install toolchain
-        uses:                   actions-rs/toolchain@v1
-        with:
-          toolchain:            1.52.1
-          profile:              minimal
-          override:             true
-      - name:                   Deploy to docker hub
-        uses: elgohr/Publish-Docker-Github-Action@master
-        with:
-          name: openethereum/openethereum
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-          dockerfile: scripts/docker/alpine/Dockerfile
-          tag_names: true

.github/workflows/fmt.yml

@@ -1,20 +0,0 @@
-on: [push, pull_request]
-
-name: rustfmt
-
-jobs:
-  fmt:
-    name: Rustfmt
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: 1.52.1
-          override: true
-      - run: rustup component add rustfmt
-      - uses: actions-rs/cargo@v1
-        with:
-          command: fmt
-          args: --all -- --check --config merge_imports=true

.gitignore

@@ -38,10 +38,8 @@ node_modules
 
 # Build artifacts
 out/
+parity-clib-examples/cpp/build/
 
 .vscode
 rls/
 /parity.*
-
-# cargo remote artifacts
-remote-target

.gitlab-ci.yml

@@ -0,0 +1,217 @@
+stages:
+  - test
+  - build
+  - publish
+  - optional
+
+image:                             parity/rust-parity-ethereum-build:xenial
+variables:
+  GIT_STRATEGY:                    fetch
+  GIT_SUBMODULE_STRATEGY:          recursive
+  CI_SERVER_NAME:                  "GitLab CI"
+  CARGO_HOME:                      "${CI_PROJECT_DIR}/.cargo"
+  CARGO_TARGET:                    x86_64-unknown-linux-gnu
+
+.no_git:                           &no_git
+  variables:
+    GIT_STRATEGY:                  none
+    GIT_SUBMODULE_STRATEGY:        none
+
+
+.releaseable_branches:             # list of git refs for building GitLab artifacts (think "pre-release binaries")
+  only:                            &releaseable_branches
+    - stable
+    - beta
+    - tags
+    - schedules
+
+
+.collect_artifacts:                &collect_artifacts
+  artifacts:
+    name:                          "${CI_JOB_NAME}_${SCHEDULE_TAG:-${CI_COMMIT_REF_NAME}}"
+    when:                          on_success
+    expire_in:                     1 mos
+    paths:
+      - artifacts/
+
+test-linux:
+  stage:                           test
+  variables:
+    RUN_TESTS:                     all
+  script:
+    - scripts/gitlab/test-all.sh
+    - sccache -s
+  tags:
+    - linux-docker
+
+test-audit:
+  stage:                           test
+  script:
+    - set -e
+    - set -u
+    - cargo audit
+  tags:
+    - linux-docker
+
+build-linux:                       &build-linux
+  stage:                           build
+  only:                            *releaseable_branches
+  script:
+    - scripts/gitlab/build-unix.sh
+    - sccache -s
+  <<:                              *collect_artifacts
+  tags:
+    - linux-docker
+
+build-linux-i386:
+  <<:                              *build-linux
+  image:                           parity/rust-parity-ethereum-build:i386
+  variables:
+    CARGO_TARGET:                  i686-unknown-linux-gnu
+
+build-linux-arm64:
+  <<:                              *build-linux
+  image:                           parity/rust-parity-ethereum-build:arm64
+  variables:
+    CARGO_TARGET:                  aarch64-unknown-linux-gnu
+
+build-linux-armhf:
+  <<:                              *build-linux
+  image:                           parity/rust-parity-ethereum-build:armhf
+  variables:
+    CARGO_TARGET:                  armv7-unknown-linux-gnueabihf
+
+build-darwin:
+  stage:                           build
+  only:                            *releaseable_branches
+  variables:
+    CARGO_TARGET:                  x86_64-apple-darwin
+    CC:                            gcc
+    CXX:                           g++
+  script:
+    - scripts/gitlab/build-unix.sh
+  tags:
+    - rust-osx
+  <<:                              *collect_artifacts
+
+build-windows:
+  stage:                           build
+  only:                            *releaseable_branches
+  variables:
+    CARGO_TARGET:                  x86_64-pc-windows-msvc
+  script:
+    - sh scripts/gitlab/build-windows.sh
+  tags:
+   - rust-windows
+  <<:                              *collect_artifacts
+
+publish-docker:
+  stage:                           publish
+  only:                            *releaseable_branches
+  cache: {}
+  dependencies:
+    - build-linux
+  tags:
+    - shell
+  script:
+    - scripts/gitlab/publish-docker.sh parity
+
+publish-snap:                      &publish-snap
+  stage:                           publish
+  only:                            *releaseable_branches
+  image:                           snapcore/snapcraft
+  variables:
+    BUILD_ARCH:                    amd64
+  cache: {}
+  dependencies:
+    - build-linux
+  tags:
+    - linux-docker
+  script:
+    - scripts/gitlab/publish-snap.sh
+  <<:                              *collect_artifacts
+
+publish-snap-i386:
+  <<:                              *publish-snap
+  variables:
+    BUILD_ARCH:                    i386
+  dependencies:
+    - build-linux-i386
+
+publish-snap-arm64:
+  <<:                              *publish-snap
+  variables:
+    BUILD_ARCH:                    arm64
+  dependencies:
+    - build-linux-arm64
+
+publish-snap-armhf:
+  <<:                              *publish-snap
+  variables:
+    BUILD_ARCH:                    armhf
+  dependencies:
+    - build-linux-armhf
+
+publish-onchain:
+  stage:                           publish
+  only:                            *releaseable_branches
+  cache:                           {}
+  dependencies:
+    - build-linux
+    - build-darwin
+    - build-windows
+  script:
+    - scripts/gitlab/publish-onchain.sh
+  tags:
+    - linux-docker
+
+publish-awss3-release:
+  image:                           parity/awscli:latest
+  stage:                           publish
+  only:                            *releaseable_branches
+  <<:                              *no_git
+  cache:                           {}
+  dependencies:
+    - build-linux
+    - build-darwin
+    - build-windows
+  script:
+    - echo "__________Push binaries to AWS S3____________"
+    - case "${SCHEDULE_TAG:-${CI_COMMIT_REF_NAME}}" in
+        (beta|stable|nightly)
+          export BUCKET=releases.parity.io/ethereum;
+          ;;
+        (*)
+          export BUCKET=builds-parity;
+          ;;
+      esac
+    - aws s3 sync ./artifacts s3://${BUCKET}/${SCHEDULE_TAG:-${CI_COMMIT_REF_NAME}}/
+  after_script:
+    - aws s3 ls s3://${BUCKET}/${SCHEDULE_TAG:-${CI_COMMIT_REF_NAME}}/
+        --recursive --human-readable --summarize
+  tags:
+    - linux-docker
+
+publish-docs:
+  stage:                            publish
+  only:
+    - tags
+  except:
+    - nightly
+  cache: {}
+  script:
+    - scripts/gitlab/publish-docs.sh
+  tags:
+    - linux-docker
+
+build-android:
+  stage:                           optional
+  image:                           parity/rust-android:gitlab-ci
+  variables:
+    CARGO_TARGET:                  armv7-linux-androideabi
+  script:
+    - scripts/gitlab/build-unix.sh
+  tags:
+    - linux-docker
+  allow_failure:                   true
+  <<:                              *collect_artifacts

.gitmodules

@@ -1,3 +1,7 @@
-[submodule "crates/ethcore/res/json_tests"]
-	path = crates/ethcore/res/json_tests
+[submodule "ethcore/res/ethereum/tests"]
+	path = ethcore/res/ethereum/tests
 	url = https://github.com/ethereum/tests.git
+	branch = develop
+[submodule "ethcore/res/wasm-tests"]
+	path = ethcore/res/wasm-tests
+	url = https://github.com/paritytech/wasm-tests

CHANGELOG.md

@@ -1,208 +1,287 @@
-## OpenEthereum v3.3.3
+## Parity-Ethereum [v2.2.5](https://github.com/paritytech/parity-ethereum/releases/tag/v2.2.5) (2018-12-14)
+Parity-Ethereum 2.2.5-beta is an important release that introduces Constantinople fork at block 7080000 on Mainnet. 
+This release also contains a fix for chains using AuRa + EmptySteps. Read carefully if this applies to you. 
+If you have a chain with`empty_steps` already running, some blocks most likely contain non-strict entries (unordered or duplicated empty steps). In this release`strict_empty_steps_transition` **is enabled by default at block 0** for any chain with `empty_steps`.
+If your network uses `empty_steps` you **must**:
+- plan a hard fork and change `strict_empty_steps_transition` to the desire fork block
+- update the clients of the whole network to 2.2.5-beta / 2.1.10-stable.
+If for some reason you don't want to do this please set`strict_empty_steps_transition` to `0xfffffffff` to disable it.
 
-Enhancements:
-* Implement eip-3607 (#593)
+The full list of included changes: 
+- Backports for beta 2.2.5 ([#10047](https://github.com/paritytech/parity-ethereum/pull/10047))
+	- Bump beta to 2.2.5 ([#10047](https://github.com/paritytech/parity-ethereum/pull/10047))
+	- Fix empty steps ([#9939](https://github.com/paritytech/parity-ethereum/pull/9939))
+		- Prevent sending empty step message twice
+		- Prevent sending empty step and then block in the same step
+		- Don't accept double empty steps
+		- Do basic validation of self-sealed blocks
+	- Strict empty steps validation ([#10041](https://github.com/paritytech/parity-ethereum/pull/10041))
+		- Enables strict verification of empty steps - there can be no duplicates and empty steps should be ordered inside the seal.
+		- Note that authorities won't produce invalid seals after [#9939](https://github.com/paritytech/parity-ethereum/pull/9939), this PR just adds verification to the seal to prevent forging incorrect blocks and potentially causing consensus issues.
+		- This features is enabled by default so any AuRa + EmptySteps chain should set strict_empty_steps_transition fork block number in their spec and upgrade to v2.2.5-beta or v2.1.10-stable.
+	- ethcore: enable constantinople on ethereum ([#10031](https://github.com/paritytech/parity-ethereum/pull/10031))
+		- ethcore: change blockreward to 2e18 for foundation after constantinople
+		- ethcore: delay diff bomb by 2e6 blocks for foundation after constantinople
+		- ethcore: enable eip-{145,1014,1052,1283} for foundation after constantinople
+	- Change test miner max memory to malloc reports. ([#10024](https://github.com/paritytech/parity-ethereum/pull/10024))
+	- Fix: test corpus_inaccessible panic ([#10019](https://github.com/paritytech/parity-ethereum/pull/10019))
 
-Bug fixes:
-* Add type field for legacy transactions in RPC calls (#580)
-* Makes eth_mining to return False if not is not allowed to seal (#581)
-* Made nodes data concatenate as RLP sequences instead of bytes (#598)
+## Parity-Ethereum [v2.2.2](https://github.com/paritytech/parity-ethereum/releases/tag/v2.2.2) (2018-11-29)
 
-## OpenEthereum v3.3.2
+Parity-Ethereum 2.2.2-beta is an exciting release. Among others, it improves sync performance, peering stability, block propagation, and transaction propagation times. Also, a warp-sync no longer removes existing blocks from the database, but rather reuses locally available information to decrease sync times and reduces required bandwidth.
 
-Enhancements:
-* London hardfork block: Sokol (24114400)
+Before upgrading to 2.2.2, please also verify the validity of your chain specs. Parity Ethereum now denies unknown fields in the specification. To do this, use the chainspec tool:
 
-Bug fixes:
-* Fix for maxPriorityFeePerGas overflow
+```
+cargo build --release -p chainspec
+./target/release/chainspec /path/to/spec.json
+```
 
-## OpenEthereum v3.3.1
+Last but not least, JSONRPC APIs which are not yet accepted as an EIP in the `eth`, `personal`, or `web3` namespace, are now considere experimental as their final specification might change in future. These APIs have to be manually enabled by explicitly running `--jsonrpc-experimental`.
 
-Enhancements:
-* Add eth_maxPriorityFeePerGas implementation (#570)
-* Add a bootnode for Kovan
+The full list of included changes:
 
-Bug fixes:
-* Fix for modexp overflow in debug mode (#578)
+- Backports For beta 2.2.2 ([#9976](https://github.com/paritytech/parity-ethereum/pull/9976))
+  - Version: bump beta to 2.2.2
+  - Add experimental RPCs flag ([#9928](https://github.com/paritytech/parity-ethereum/pull/9928))
+  - Keep existing blocks when restoring a Snapshot ([#8643](https://github.com/paritytech/parity-ethereum/pull/8643))
+    - Rename db_restore => client
+    - First step: make it compile!
+    - Second step: working implementation!
+    - Refactoring
+    - Fix tests
+    - Migrate ancient blocks interacting backward
+    - Early return in block migration if snapshot is aborted
+    - Remove RwLock getter (PR Grumble I)
+    - Remove dependency on `Client`: only used Traits
+    - Add test for recovering aborted snapshot recovery
+    - Add test for migrating old blocks
+    - Release RwLock earlier
+    - Revert Cargo.lock
+    - Update _update ancient block_ logic: set local in `commit`
+    - Update typo in ethcore/src/snapshot/service.rs
+  - Adjust requests costs for light client ([#9925](https://github.com/paritytech/parity-ethereum/pull/9925))
+    - Pip Table Cost relative to average peers instead of max peers
+    - Add tracing in PIP new_cost_table
+    - Update stat peer_count
+    - Use number of leeching peers for Light serve costs
+    - Fix test::light_params_load_share_depends_on_max_peers (wrong type)
+    - Remove (now) useless test
+    - Remove `load_share` from LightParams.Config
+    - Add LEECHER_COUNT_FACTOR
+    - Pr Grumble: u64 to u32 for f64 casting
+    - Prevent u32 overflow for avg_peer_count
+    - Add tests for LightSync::Statistics
+  - Fix empty steps ([#9939](https://github.com/paritytech/parity-ethereum/pull/9939))
+    - Don't send empty step twice or empty step then block.
+    - Perform basic validation of locally sealed blocks.
+    - Don't include empty step twice.
+  - Prevent silent errors in daemon mode, closes [#9367](https://github.com/paritytech/parity-ethereum/issues/9367) ([#9946](https://github.com/paritytech/parity-ethereum/pull/9946))
+  - Fix a deadlock ([#9952](https://github.com/paritytech/parity-ethereum/pull/9952))
+    - Update informant:
+      - Decimal in Mgas/s
+      - Print every 5s (not randomly between 5s and 10s)
+    - Fix dead-lock in `blockchain.rs`
+    - Update locks ordering
+  - Fix light client informant while syncing ([#9932](https://github.com/paritytech/parity-ethereum/pull/9932))
+    - Add `is_idle` to LightSync to check importing status
+    - Use SyncStateWrapper to make sure is_idle gets updates
+    - Update is_major_import to use verified queue size as well
+    - Add comment for `is_idle`
+    - Add Debug to `SyncStateWrapper`
+    - `fn get` -> `fn into_inner`
+  -  Ci: rearrange pipeline by logic ([#9970](https://github.com/paritytech/parity-ethereum/pull/9970))
+    - Ci: rearrange pipeline by logic
+    - Ci: rename docs script
+  - Fix docker build ([#9971](https://github.com/paritytech/parity-ethereum/pull/9971))
+  - Deny unknown fields for chainspec ([#9972](https://github.com/paritytech/parity-ethereum/pull/9972))
+    - Add deny_unknown_fields to chainspec
+    - Add tests and fix existing one
+    - Remove serde_ignored dependency for chainspec
+    - Fix rpc test eth chain spec
+    - Fix starting_nonce_test spec
+  - Improve block and transaction propagation ([#9954](https://github.com/paritytech/parity-ethereum/pull/9954))
+    - Refactor sync to add priority tasks.
+    - Send priority tasks notifications.
+    - Propagate blocks, optimize transactions.
+    - Implement transaction propagation. Use sync_channel.
+    - Tone down info.
+    - Prevent deadlock by not waiting forever for sync lock.
+    - Fix lock order.
+    - Don't use sync_channel to prevent deadlocks.
+    - Fix tests.
+  - Fix unstable peers and slowness in sync ([#9967](https://github.com/paritytech/parity-ethereum/pull/9967))
+    - Don't sync all peers after each response
+    - Update formating
+    - Fix tests: add `continue_sync` to `Sync_step`
+    - Update ethcore/sync/src/chain/mod.rs
+    - Fix rpc middlewares
+  - Fix Cargo.lock
+  - Json: resolve merge in spec
+  - Rpc: fix starting_nonce_test
+  - Ci: allow nightl job to fail
 
-## OpenEthereum v3.3.0
+## Parity-Ethereum [v2.2.1](https://github.com/paritytech/parity-ethereum/releases/tag/v2.2.1) (2018-11-15)
 
-Enhancements:
-* Add `validateServiceTransactionsTransition` spec option to be able to enable additional checking of zero gas price transactions by block verifier
+Parity-Ethereum 2.2.1-beta is the first v2.2 release, and might introduce features that break previous work flows, among others:
 
-## OpenEthereum v3.3.0-rc.15
+- Prevent zero network ID ([#9763](https://github.com/paritytech/parity-ethereum/pull/9763)) and drop support for Olympic testnet ([#9801](https://github.com/paritytech/parity-ethereum/pull/9801)): The Olympic test net is dead for years and never used a chain ID but network ID zero. Parity Ethereum is now preventing the network ID to be zero, thus Olympic support is dropped. Make sure to chose positive non-zero network IDs in future.
+- Multithreaded snapshot creation ([#9239](https://github.com/paritytech/parity-ethereum/pull/9239)): adds a CLI argument `--snapshot-threads` which specifies the number of threads. This helps improving the performance of full nodes that wish to provide warp-snapshots for the network. The gain in performance comes with a slight drawback in increased snapshot size.
+- Expose config max-round-blocks-to-import ([#9439](https://github.com/paritytech/parity-ethereum/pull/9439)): Parity Ethereum imports blocks in rounds. If at the end of any round, the queue is not empty, we consider it to be _importing_ and won't notify pubsub. On large re-orgs (10+ blocks), this is possible. The default `max_round_blocks_to_import` is increased to 12 and configurable via the `--max-round-blocks-to-import` CLI flag. With unstable network conditions, it is advised to increase the number. This shouldn't have any noticeable performance impact unless the number is set to really large.
+- Increase Gas-floor-target and Gas Cap ([#9564](https://github.com/paritytech/parity-ethereum/pull/9564)): the default values for gas floor target are `8_000_000` and gas cap `10_000_000`, similar to Geth 1.8.15+.
+- Produce portable binaries ([#9725](https://github.com/paritytech/parity-ethereum/pull/9725)): we now produce portable binaries, but it may incur some performance degradation. For ultimate performance it's now better to compile Parity Ethereum from source with `PORTABLE=OFF` environment variable.
+- RPC: `parity_allTransactionHashes` ([#9745](https://github.com/paritytech/parity-ethereum/pull/9745)): Get all pending transactions from the queue with the high performant `parity_allTransactionHashes` RPC method.
+- Support `eth_chainId` RPC method ([#9783](https://github.com/paritytech/parity-ethereum/pull/9783)): implements EIP-695 to get the chainID via RPC.
+- AuRa: finalize blocks ([#9692](https://github.com/paritytech/parity-ethereum/pull/9692)): The AuRa engine was updated to emit ancestry actions to finalize blocks. The full client stores block finality in the database, the engine builds finality from an ancestry of `ExtendedHeader`; `is_epoch_end` was updated to take a vec of recently finalized headers; `is_epoch_end_light` was added which maintains the previous interface and is used by the light client since the client itself doesn't track finality.
 
-* Revert eip1559BaseFeeMinValue activation on xDai at London hardfork block
+The full list of included changes:
 
-## OpenEthereum v3.3.0-rc.14
+- Backport to parity 2.2.1 beta ([#9905](https://github.com/paritytech/parity-ethereum/pull/9905))
+  - Bump version to 2.2.1
+  - Fix: Intermittent failing CI due to addr in use ([#9885](https://github.com/paritytech/parity-ethereum/pull/9885))
+  - Fix Parity not closing on Ctrl-C ([#9886](https://github.com/paritytech/parity-ethereum/pull/9886))
+  - Fix json tracer overflow ([#9873](https://github.com/paritytech/parity-ethereum/pull/9873))
+  - Fix docker script ([#9854](https://github.com/paritytech/parity-ethereum/pull/9854))
+  - Add hardcoded headers for light client ([#9907](https://github.com/paritytech/parity-ethereum/pull/9907))
+  - Gitlab-ci: make android release build succeed ([#9743](https://github.com/paritytech/parity-ethereum/pull/9743))
+  - Allow to seal work on latest block ([#9876](https://github.com/paritytech/parity-ethereum/pull/9876))
+  - Remove rust-toolchain file ([#9906](https://github.com/paritytech/parity-ethereum/pull/9906))
+  - Light-fetch: Differentiate between out-of-gas/manual throw and use required gas from response on failure ([#9824](https://github.com/paritytech/parity-ethereum/pull/9824))
+  - Eip-712 implementation ([#9631](https://github.com/paritytech/parity-ethereum/pull/9631))
+  - Eip-191 implementation ([#9701](https://github.com/paritytech/parity-ethereum/pull/9701))
+  - Simplify cargo audit ([#9918](https://github.com/paritytech/parity-ethereum/pull/9918))
+  - Fix performance issue importing Kovan blocks ([#9914](https://github.com/paritytech/parity-ethereum/pull/9914))
+  - Ci: nuke the gitlab caches ([#9855](https://github.com/paritytech/parity-ethereum/pull/9855))
+- Backports to parity beta 2.2.0 ([#9820](https://github.com/paritytech/parity-ethereum/pull/9820))
+  - Ci: remove failing tests for android, windows, and macos ([#9788](https://github.com/paritytech/parity-ethereum/pull/9788))
+  - Implement NoProof for json tests and update tests reference ([#9814](https://github.com/paritytech/parity-ethereum/pull/9814))
+  - Move state root verification before gas used ([#9841](https://github.com/paritytech/parity-ethereum/pull/9841))
+  - Classic.json Bootnode Update ([#9828](https://github.com/paritytech/parity-ethereum/pull/9828))
+- Rpc: parity_allTransactionHashes ([#9745](https://github.com/paritytech/parity-ethereum/pull/9745))
+- Revert "prevent zero networkID ([#9763](https://github.com/paritytech/parity-ethereum/pull/9763))" ([#9815](https://github.com/paritytech/parity-ethereum/pull/9815))
+- Allow zero chain id in EIP155 signing process ([#9792](https://github.com/paritytech/parity-ethereum/pull/9792))
+- Add readiness check for docker container ([#9804](https://github.com/paritytech/parity-ethereum/pull/9804))
+- Insert dev account before unlocking ([#9813](https://github.com/paritytech/parity-ethereum/pull/9813))
+- Removed "rustup" & added new runner tag ([#9731](https://github.com/paritytech/parity-ethereum/pull/9731))
+- Expose config max-round-blocks-to-import ([#9439](https://github.com/paritytech/parity-ethereum/pull/9439))
+- Aura: finalize blocks ([#9692](https://github.com/paritytech/parity-ethereum/pull/9692))
+- Sync: retry different peer after empty subchain heads response ([#9753](https://github.com/paritytech/parity-ethereum/pull/9753))
+- Fix(light-rpc/parity) : Remove unused client ([#9802](https://github.com/paritytech/parity-ethereum/pull/9802))
+- Drops support for olympic testnet, closes [#9800](https://github.com/paritytech/parity-ethereum/issues/9800) ([#9801](https://github.com/paritytech/parity-ethereum/pull/9801))
+- Replace `tokio_core` with `tokio` (`ring` -> 0.13) ([#9657](https://github.com/paritytech/parity-ethereum/pull/9657))
+- Support eth_chainId RPC method ([#9783](https://github.com/paritytech/parity-ethereum/pull/9783))
+- Ethcore: bump ropsten forkblock checkpoint ([#9775](https://github.com/paritytech/parity-ethereum/pull/9775))
+- Docs: changelogs for 2.0.8 and 2.1.3 ([#9758](https://github.com/paritytech/parity-ethereum/pull/9758))
+- Prevent zero networkID ([#9763](https://github.com/paritytech/parity-ethereum/pull/9763))
+- Skip seal fields count check when --no-seal-check is used ([#9757](https://github.com/paritytech/parity-ethereum/pull/9757))
+- Aura: fix panic on extra_info with unsealed block ([#9755](https://github.com/paritytech/parity-ethereum/pull/9755))
+- Docs: update changelogs ([#9742](https://github.com/paritytech/parity-ethereum/pull/9742))
+- Removed extra assert in generation_session_is_removed_when_succeeded ([#9738](https://github.com/paritytech/parity-ethereum/pull/9738))
+- Make checkpoint_storage_at use plain loop instead of recursion ([#9734](https://github.com/paritytech/parity-ethereum/pull/9734))
+- Use signed 256-bit integer for sstore gas refund substate ([#9746](https://github.com/paritytech/parity-ethereum/pull/9746))
+- Heads ref not present for branches beta and stable ([#9741](https://github.com/paritytech/parity-ethereum/pull/9741))
+- Add Callisto support ([#9534](https://github.com/paritytech/parity-ethereum/pull/9534))
+- Add --force to cargo audit install script ([#9735](https://github.com/paritytech/parity-ethereum/pull/9735))
+- Remove unused expired value from Handshake ([#9732](https://github.com/paritytech/parity-ethereum/pull/9732))
+- Add hardcoded headers ([#9730](https://github.com/paritytech/parity-ethereum/pull/9730))
+- Produce portable binaries ([#9725](https://github.com/paritytech/parity-ethereum/pull/9725))
+- Gitlab ci: releasable_branches: change variables condition to schedule ([#9729](https://github.com/paritytech/parity-ethereum/pull/9729))
+- Update a few parity-common dependencies ([#9663](https://github.com/paritytech/parity-ethereum/pull/9663))
+- Hf in POA Core (2018-10-22) ([#9724](https://github.com/paritytech/parity-ethereum/pull/9724))
+- Schedule nightly builds ([#9717](https://github.com/paritytech/parity-ethereum/pull/9717))
+- Fix ancient blocks sync ([#9531](https://github.com/paritytech/parity-ethereum/pull/9531))
+- Ci: Skip docs job for nightly ([#9693](https://github.com/paritytech/parity-ethereum/pull/9693))
+- Fix (light/provider) : Make `read_only executions` read-only ([#9591](https://github.com/paritytech/parity-ethereum/pull/9591))
+- Ethcore: fix detection of major import ([#9552](https://github.com/paritytech/parity-ethereum/pull/9552))
+- Return 0 on error ([#9705](https://github.com/paritytech/parity-ethereum/pull/9705))
+- Ethcore: delay ropsten hardfork ([#9704](https://github.com/paritytech/parity-ethereum/pull/9704))
+- Make instantSeal engine backwards compatible, closes [#9696](https://github.com/paritytech/parity-ethereum/issues/9696) ([#9700](https://github.com/paritytech/parity-ethereum/pull/9700))
+- Implement CREATE2 gas changes and fix some potential overflowing ([#9694](https://github.com/paritytech/parity-ethereum/pull/9694))
+- Don't hash the init_code of CREATE. ([#9688](https://github.com/paritytech/parity-ethereum/pull/9688))
+- Ethcore: minor optimization of modexp by using LR exponentiation ([#9697](https://github.com/paritytech/parity-ethereum/pull/9697))
+- Removed redundant clone before each block import ([#9683](https://github.com/paritytech/parity-ethereum/pull/9683))
+- Add Foundation Bootnodes ([#9666](https://github.com/paritytech/parity-ethereum/pull/9666))
+- Docker: run as parity user ([#9689](https://github.com/paritytech/parity-ethereum/pull/9689))
+- Ethcore: mcip3 block reward contract ([#9605](https://github.com/paritytech/parity-ethereum/pull/9605))
+- Verify block syncing responses against requests ([#9670](https://github.com/paritytech/parity-ethereum/pull/9670))
+- Add a new RPC `parity_submitWorkDetail` similar `eth_submitWork` but return block hash ([#9404](https://github.com/paritytech/parity-ethereum/pull/9404))
+- Resumable EVM and heap-allocated callstack ([#9360](https://github.com/paritytech/parity-ethereum/pull/9360))
+- Update parity-wordlist library ([#9682](https://github.com/paritytech/parity-ethereum/pull/9682))
+- Ci: Remove unnecessary pipes ([#9681](https://github.com/paritytech/parity-ethereum/pull/9681))
+- Test.sh: use cargo --target for platforms other than linux, win or mac ([#9650](https://github.com/paritytech/parity-ethereum/pull/9650))
+- Ci: fix push script ([#9679](https://github.com/paritytech/parity-ethereum/pull/9679))
+- Hardfork the testnets ([#9562](https://github.com/paritytech/parity-ethereum/pull/9562))
+- Calculate sha3 instead of sha256 for push-release. ([#9673](https://github.com/paritytech/parity-ethereum/pull/9673))
+- Ethcore-io retries failed work steal ([#9651](https://github.com/paritytech/parity-ethereum/pull/9651))
+- Fix(light_fetch): avoid race with BlockNumber::Latest ([#9665](https://github.com/paritytech/parity-ethereum/pull/9665))
+- Test fix for windows cache name... ([#9658](https://github.com/paritytech/parity-ethereum/pull/9658))
+- Refactor(fetch) : light use only one `DNS` thread ([#9647](https://github.com/paritytech/parity-ethereum/pull/9647))
+- Ethereum libfuzzer integration small change ([#9547](https://github.com/paritytech/parity-ethereum/pull/9547))
+- Cli: remove reference to --no-ui in --unlock flag help ([#9616](https://github.com/paritytech/parity-ethereum/pull/9616))
+- Remove master from releasable branches ([#9655](https://github.com/paritytech/parity-ethereum/pull/9655))
+- Ethcore/VerificationQueue don't spawn up extra `worker-threads` when explictly specified not to ([#9620](https://github.com/paritytech/parity-ethereum/pull/9620))
+- Rpc: parity_getBlockReceipts ([#9527](https://github.com/paritytech/parity-ethereum/pull/9527))
+- Remove unused dependencies ([#9589](https://github.com/paritytech/parity-ethereum/pull/9589))
+- Ignore key_server_cluster randomly failing tests ([#9639](https://github.com/paritytech/parity-ethereum/pull/9639))
+- Ethcore: handle vm exception when estimating gas ([#9615](https://github.com/paritytech/parity-ethereum/pull/9615))
+- Fix bad-block reporting no reason ([#9638](https://github.com/paritytech/parity-ethereum/pull/9638))
+- Use static call and apparent value transfer for block reward contract code ([#9603](https://github.com/paritytech/parity-ethereum/pull/9603))
+- Hf in POA Sokol (2018-09-19) ([#9607](https://github.com/paritytech/parity-ethereum/pull/9607))
+- Bump smallvec to 0.6 in ethcore-light, ethstore and whisper ([#9588](https://github.com/paritytech/parity-ethereum/pull/9588))
+- Add constantinople conf to EvmTestClient. ([#9570](https://github.com/paritytech/parity-ethereum/pull/9570))
+- Fix(network): don't disconnect reserved peers ([#9608](https://github.com/paritytech/parity-ethereum/pull/9608))
+- Fix failing node-table tests on mac os, closes [#9632](https://github.com/paritytech/parity-ethereum/issues/9632) ([#9633](https://github.com/paritytech/parity-ethereum/pull/9633))
+- Update ropsten.json ([#9602](https://github.com/paritytech/parity-ethereum/pull/9602))
+- Simplify ethcore errors by removing BlockImportError ([#9593](https://github.com/paritytech/parity-ethereum/pull/9593))
+- Fix windows compilation, replaces [#9561](https://github.com/paritytech/parity-ethereum/issues/9561) ([#9621](https://github.com/paritytech/parity-ethereum/pull/9621))
+- Master: rpc-docs set github token ([#9610](https://github.com/paritytech/parity-ethereum/pull/9610))
+- Docs: add changelogs for 1.11.10, 1.11.11, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.1.0, and 2.1.1 ([#9554](https://github.com/paritytech/parity-ethereum/pull/9554))
+- Docs(rpc): annotate tag with the provided message ([#9601](https://github.com/paritytech/parity-ethereum/pull/9601))
+- Ci: fix regex roll_eyes ([#9597](https://github.com/paritytech/parity-ethereum/pull/9597))
+- Remove snapcraft clean ([#9585](https://github.com/paritytech/parity-ethereum/pull/9585))
+- Add snapcraft package image (master) ([#9584](https://github.com/paritytech/parity-ethereum/pull/9584))
+- Docs(rpc): push the branch along with tags ([#9578](https://github.com/paritytech/parity-ethereum/pull/9578))
+- Fix typo for jsonrpc-threads flag ([#9574](https://github.com/paritytech/parity-ethereum/pull/9574))
+- Fix informant compile ([#9571](https://github.com/paritytech/parity-ethereum/pull/9571))
+- Added ropsten bootnodes ([#9569](https://github.com/paritytech/parity-ethereum/pull/9569))
+- Increase Gas-floor-target and Gas Cap ([#9564](https://github.com/paritytech/parity-ethereum/pull/9564))
+- While working on the platform tests make them non-breaking ([#9563](https://github.com/paritytech/parity-ethereum/pull/9563))
+- Improve P2P discovery ([#9526](https://github.com/paritytech/parity-ethereum/pull/9526))
+- Move dockerfile for android build container to scripts repo ([#9560](https://github.com/paritytech/parity-ethereum/pull/9560))
+- Simultaneous platform tests WIP ([#9557](https://github.com/paritytech/parity-ethereum/pull/9557))
+- Update ethabi-derive, serde, serde_json, serde_derive, syn && quote ([#9553](https://github.com/paritytech/parity-ethereum/pull/9553))
+- Ci: fix rpc docs generation 2 ([#9550](https://github.com/paritytech/parity-ethereum/pull/9550))
+- Ci: always run build pipelines for win, mac, linux, and android ([#9537](https://github.com/paritytech/parity-ethereum/pull/9537))
+- Multithreaded snapshot creation ([#9239](https://github.com/paritytech/parity-ethereum/pull/9239))
+- New ethabi ([#9511](https://github.com/paritytech/parity-ethereum/pull/9511))
+- Remove initial token for WS. ([#9545](https://github.com/paritytech/parity-ethereum/pull/9545))
+- Net_version caches network_id to avoid redundant aquire of sync readlock ([#9544](https://github.com/paritytech/parity-ethereum/pull/9544))
+- Correct before_script for nightly build versions ([#9543](https://github.com/paritytech/parity-ethereum/pull/9543))
+- Deps: bump kvdb-rocksdb to 0.1.4 ([#9539](https://github.com/paritytech/parity-ethereum/pull/9539))
+- State: test when contract creation fails, old storage values should re-appear ([#9532](https://github.com/paritytech/parity-ethereum/pull/9532))
+- Allow dropping light client RPC query with no results ([#9318](https://github.com/paritytech/parity-ethereum/pull/9318))
+- Bump master to 2.2.0 ([#9517](https://github.com/paritytech/parity-ethereum/pull/9517))
+- Enable all Constantinople hard fork changes in constantinople_test.json ([#9505](https://github.com/paritytech/parity-ethereum/pull/9505))
+- [Light] Validate `account balance` before importing transactions ([#9417](https://github.com/paritytech/parity-ethereum/pull/9417))
+- In create memory calculation is the same for create2 because the additional parameter was popped before. ([#9522](https://github.com/paritytech/parity-ethereum/pull/9522))
+- Update patricia trie to 0.2.2 ([#9525](https://github.com/paritytech/parity-ethereum/pull/9525))
+- Replace hardcoded JSON with serde json! macro ([#9489](https://github.com/paritytech/parity-ethereum/pull/9489))
+- Fix typo in version string ([#9516](https://github.com/paritytech/parity-ethereum/pull/9516))
 
-Enhancements:
-* Add eip1559BaseFeeMinValue and eip1559BaseFeeMinValueTransition spec options
-* Activate eip1559BaseFeeMinValue on xDai at London hardfork block (19040000), set it to 20 GWei
-* Activate eip1559BaseFeeMinValue on POA Core at block 24199500 (November 8, 2021), set it to 10 GWei
-* Delay difficulty bomb to June 2022 for Ethereum Mainnet (EIP-4345)
+## Previous releases
 
-## OpenEthereum v3.3.0-rc.13
-
-Enhancements:
-* London hardfork block: POA Core (24090200)
-
-## OpenEthereum v3.3.0-rc.12
-
-Enhancements:
-* London hardfork block: xDai (19040000)
-
-## OpenEthereum v3.3.0-rc.11
-
-Bug fixes:
-* Ignore GetNodeData requests only for non-AuRa chains
-
-## OpenEthereum v3.3.0-rc.10
-
-Enhancements:
-* Add eip1559FeeCollector and eip1559FeeCollectorTransition spec options
-
-## OpenEthereum v3.3.0-rc.9
-
-Bug fixes:
-* Add service transactions support for EIP-1559
-* Fix MinGasPrice config option for POSDAO and EIP-1559
-
-Enhancements:
-* min_gas_price becomes min_effective_priority_fee
-* added version 4 for TxPermission contract
-
-## OpenEthereum v3.3.0-rc.8
-
-Bug fixes:
-* Ignore GetNodeData requests (#519)
-
-## OpenEthereum v3.3.0-rc.7
-
-Bug fixes:
-* GetPooledTransactions is sent in invalid form (wrong packet id)
-
-## OpenEthereum v3.3.0-rc.6
-
-Enhancements:
-* London hardfork block: kovan (26741100) (#502)
-
-## OpenEthereum v3.3.0-rc.4
-
-Enhancements:
-* London hardfork block: mainnet (12,965,000) (#475)
-* Support for eth/66 protocol version (#465)
-* Bump ethereum/tests to v9.0.3
-* Add eth_feeHistory
-
-Bug fixes:
-* GetNodeData from eth63 is missing (#466)
-* Effective gas price not omitting (#477)
-* London support in openethereum-evm (#479)
-* gasPrice is required field for Transaction object (#481)
-
-## OpenEthereum v3.3.0-rc.3
-
-Bug fixes:
-* Add effective_gas_price to eth_getTransactionReceipt #445 (#450)
-* Update eth_gasPrice to support EIP-1559 #449 (#458)
-* eth_estimateGas returns "Requires higher than upper limit of X" after London Ropsten Hard Fork #459 (#460)
-
-## OpenEthereum v3.3.0-rc.2
-
-Enhancements:
-* EIP-1559: Fee market change for ETH 1.0 chain
-* EIP-3198: BASEFEE opcode
-* EIP-3529: Reduction in gas refunds
-* EIP-3541: Reject new contracts starting with the 0xEF byte
-* Delay difficulty bomb to December 2021 (EIP-3554)
-* London hardfork blocks: goerli (5,062,605), rinkeby (8,897,988), ropsten (10,499,401)
-* Add chainspecs for aleut and baikal
-* Bump ethereum/tests to v9.0.2
-
-## OpenEthereum v3.2.6
-
-Enhancement:
-* Berlin hardfork blocks: poacore (21,364,900), poasokol (21,050,600)
-
-## OpenEthereum v3.2.5
-
-Bug fixes:
-* Backport: Block sync stopped without any errors. #277 (#286)
-* Strict memory order (#306)
-
-Enhancements:
-* Executable queue for ancient blocks inclusion (#208)
-* Backport AuRa commits for xdai (#330)
-* Add Nethermind to clients that accept service transactions (#324)
-* Implement the filter argument in parity_pendingTransactions (#295)
-* Ethereum-types and various libs upgraded (#315)
-* [evmbin] Omit storage output, now for std-json (#311)
-* Freeze pruning while creating snapshot (#205)
-* AuRa multi block reward (#290)
-* Improved metrics. DB read/write. prometheus prefix config (#240)
-* Send RLPx auth in EIP-8 format (#287)
-* rpc module reverted for RPC JSON api (#284)
-* Revert "Remove eth/63 protocol version (#252)"
-* Support for eth/65 protocol version (#366)
-* Berlin hardfork blocks: kovan (24,770,900), xdai (16,101,500)
-* Bump ethereum/tests to v8.0.3
-
-devops:
-* Upgrade docker alpine to `v1.13.2`. for rust `v1.47`.
-* Send SIGTERM instead of SIGHUP to OE daemon (#317)
-
-## OpenEthereum v3.2.4
-
-* Fix for Typed transaction broadcast.
-
-## OpenEthereum v3.2.3
-
-* Hotfix for berlin consensus error.
-
-## OpenEthereum v3.2.2-rc.1
-
-Bug fixes:
-* Backport: Block sync stopped without any errors. #277 (#286)
-* Strict memory order (#306)
-
-Enhancements:
-* Executable queue for ancient blocks inclusion (#208)
-* Backport AuRa commits for xdai (#330)
-* Add Nethermind to clients that accept service transactions (#324)
-* Implement the filter argument in parity_pendingTransactions (#295) 
-* Ethereum-types and various libs upgraded (#315)
-* Bump ethereum/tests to v8.0.2
-* [evmbin] Omit storage output, now for std-json (#311)
-* Freeze pruning while creating snapshot (#205)
-* AuRa multi block reward (#290)
-* Improved metrics. DB read/write. prometheus prefix config (#240)
-* Send RLPx auth in EIP-8 format (#287)
-* rpc module reverted for RPC JSON api (#284)
-* Revert "Remove eth/63 protocol version (#252)"
-
-devops:
-* Upgrade docker alpine to `v1.13.2`. for rust `v1.47`.
-* Send SIGTERM instead of SIGHUP to OE daemon (#317)
-
-## OpenEthereum v3.2.1
-
-Hot fix issue, related to initial sync:
-* Initial sync gets stuck. (#318)
-
-## OpenEthereum v3.2.0
-
-Bug fixes:
-* Update EWF's chains with Istanbul transition block numbers (#11482) (#254)
-* fix Supplied instant is later than self (#169)
-* ethcore/snapshot: fix double-lock in Service::feed_chunk (#289)
-
-Enhancements:
-* Berlin hardfork blocks: mainnet (12,244,000), goerli (4,460,644), rinkeby (8,290,928) and ropsten (9,812,189)
-* yolo3x spec (#241)
-* EIP-2930 RPC support
-* Remove eth/63 protocol version (#252)
-* Snapshot manifest block added to prometheus (#232)
-* EIP-1898: Allow default block parameter to be blockHash
-* Change ProtocolId to U64
-* Update ethereum/tests
+- [CHANGELOG-2.1](docs/CHANGELOG-2.1.md) (_stable_)
+- [CHANGELOG-2.0](docs/CHANGELOG-2.0.md) (EOL: 2018-11-15)
+- [CHANGELOG-1.11](docs/CHANGELOG-1.11.md) (EOL: 2018-09-19)
+- [CHANGELOG-1.10](docs/CHANGELOG-1.10.md) (EOL: 2018-07-18)
+- [CHANGELOG-1.9](docs/CHANGELOG-1.9.md) (EOL: 2018-05-09)
+- [CHANGELOG-1.8](docs/CHANGELOG-1.8.md) (EOL: 2018-03-22)
+- [CHANGELOG-1.7](docs/CHANGELOG-1.7.md) (EOL: 2018-01-25)
+- [CHANGELOG-1.6](docs/CHANGELOG-1.6.md) (EOL: 2017-10-15)
+- [CHANGELOG-1.5](docs/CHANGELOG-1.5.md) (EOL: 2017-07-28)
+- [CHANGELOG-1.4](docs/CHANGELOG-1.4.md) (EOL: 2017-03-13)
+- [CHANGELOG-1.3](docs/CHANGELOG-1.3.md) (EOL: 2017-01-19)
+- [CHANGELOG-1.2](docs/CHANGELOG-1.2.md) (EOL: 2016-11-07)
+- [CHANGELOG-1.1](docs/CHANGELOG-1.1.md) (EOL: 2016-08-12)
+- [CHANGELOG-1.0](docs/CHANGELOG-1.0.md) (EOL: 2016-06-24)
+- [CHANGELOG-0.9](docs/CHANGELOG-0.9.md) (EOL: 2016-05-02)

Cargo.toml

@@ -1,16 +1,13 @@
 [package]
-description = "OpenEthereum"
-name = "openethereum"
+description = "Parity Ethereum client"
+name = "parity-ethereum"
 # NOTE Make sure to update util/version/Cargo.toml as well
-version = "3.3.3"
+version = "2.3.5"
 license = "GPL-3.0"
-authors = [
-	"OpenEthereum developers",
-	"Parity Technologies <admin@parity.io>"
-]
+authors = ["Parity Technologies <admin@parity.io>"]
 
 [dependencies]
-blooms-db = { path = "crates/db/blooms-db" }
+blooms-db = { path = "util/blooms-db" }
 log = "0.4"
 rustc-hex = "1.0"
 docopt = "1.0"
@@ -22,7 +19,7 @@ number_prefix = "0.2"
 rpassword = "1.0"
 semver = "0.9"
 ansi_term = "0.10"
-parking_lot = "0.11.1"
+parking_lot = "0.7"
 regex = "1.0"
 atty = "0.2.8"
 toml = "0.4"
@@ -30,48 +27,49 @@ serde = "1.0"
 serde_json = "1.0"
 serde_derive = "1.0"
 futures = "0.1"
-hyper = { version = "0.12" }
 fdlimit = "0.1"
 ctrlc = { git = "https://github.com/paritytech/rust-ctrlc.git" }
-jsonrpc-core = "15.0.0"
+jsonrpc-core = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-2.2" }
+ethcore = { path = "ethcore", features = ["parity"] }
 parity-bytes = "0.1"
-common-types = { path = "crates/ethcore/types" }
-ethcore = { path = "crates/ethcore", features = ["parity"] }
-ethcore-accounts = { path = "crates/accounts", optional = true }
-ethcore-blockchain = { path = "crates/ethcore/blockchain" }
-ethcore-call-contract = { path = "crates/vm/call-contract"}
-ethcore-db = { path = "crates/db/db" }
-ethcore-io = { path = "crates/runtime/io" }
-ethcore-logger = { path = "bin/oe/logger" }
-ethcore-miner = { path = "crates/concensus/miner" }
-ethcore-network = { path = "crates/net/network" }
-ethcore-service = { path = "crates/ethcore/service" }
-ethcore-sync = { path = "crates/ethcore/sync" }
-ethereum-types = "0.9.2"
-ethkey = { path = "crates/accounts/ethkey" }
-ethstore = { path = "crates/accounts/ethstore" }
-fetch = { path = "crates/net/fetch" }
-node-filter = { path = "crates/net/node-filter" }
-parity-crypto = { version = "0.6.2", features = [ "publickey" ] }
-rlp = { version = "0.4.6" }
-cli-signer= { path = "crates/util/cli-signer" }
-parity-daemonize = "0.3"
-parity-local-store = { path = "crates/concensus/miner/local-store" }
-parity-runtime = { path = "crates/runtime/runtime" }
-parity-rpc = { path = "crates/rpc" }
-parity-version = { path = "crates/util/version" }
+common-types = { path = "ethcore/types" }
+ethcore-blockchain = { path = "ethcore/blockchain" }
+ethcore-call-contract = { path = "ethcore/call-contract"}
+ethcore-db = { path = "ethcore/db" }
+ethcore-io = { path = "util/io" }
+ethcore-light = { path = "ethcore/light" }
+ethcore-logger = { path = "parity/logger" }
+ethcore-miner = { path = "miner" }
+ethcore-network = { path = "util/network" }
+ethcore-private-tx = { path = "ethcore/private-tx" }
+ethcore-service = { path = "ethcore/service" }
+ethcore-sync = { path = "ethcore/sync" }
+ethstore = { path = "accounts/ethstore" }
+ethereum-types = "0.4"
+node-filter = { path = "ethcore/node-filter" }
+ethkey = { path = "accounts/ethkey" }
+rlp = { version = "0.3.0", features = ["ethereum"] }
+cli-signer= { path = "cli-signer" }
+parity-hash-fetch = { path = "updater/hash-fetch" }
+parity-ipfs-api = { path = "ipfs" }
+parity-local-store = { path = "miner/local-store" }
+parity-runtime = { path = "util/runtime" }
+parity-rpc = { path = "rpc" }
+parity-updater = { path = "updater" }
+parity-version = { path = "util/version" }
+parity-whisper = { path = "whisper" }
 parity-path = "0.1"
-dir = { path = "crates/util/dir" }
-panic_hook = { path = "crates/util/panic-hook" }
-keccak-hash = "0.5.0"
-migration-rocksdb = { path = "crates/db/migration-rocksdb" }
+dir = { path = "util/dir" }
+panic_hook = { path = "util/panic-hook" }
+keccak-hash = "0.1"
+migration-rocksdb = { path = "util/migration-rocksdb" }
 kvdb = "0.1"
 kvdb-rocksdb = "0.1.3"
-journaldb = { path = "crates/db/journaldb" }
-stats = { path = "crates/util/stats" }
-prometheus = "0.9.0"
+journaldb = { path = "util/journaldb" }
 
-# ethcore-secretstore = { path = "crates/util/secret-store", optional = true }
+ethcore-secretstore = { path = "secret-store", optional = true }
+
+registrar = { path = "util/registrar" }
 
 [build-dependencies]
 rustc_version = "0.2"
@@ -80,22 +78,23 @@ rustc_version = "0.2"
 pretty_assertions = "0.1"
 ipnetwork = "0.12.6"
 tempdir = "0.3"
-fake-fetch = { path = "crates/net/fake-fetch" }
-lazy_static = "1.2.0"
+fake-fetch = { path = "util/fake-fetch" }
+
+[target.'cfg(not(windows))'.dependencies]
+daemonize = "0.3"
 
 [target.'cfg(windows)'.dependencies]
 winapi = { version = "0.3.4", features = ["winsock2", "winuser", "shellapi"] }
 
 [features]
-default = ["accounts"]
-accounts = ["ethcore-accounts", "parity-rpc/accounts"]
 miner-debug = ["ethcore/miner-debug"]
 json-tests = ["ethcore/json-tests"]
-ci-skip-tests = ["ethcore/ci-skip-tests"]
+ci-skip-issue = ["ethcore/ci-skip-issue"]
 test-heavy = ["ethcore/test-heavy"]
 evm-debug = ["ethcore/evm-debug"]
 evm-debug-tests = ["ethcore/evm-debug-tests"]
 slow-blocks = ["ethcore/slow-blocks"]
+secretstore = ["ethcore-secretstore"]
 final = ["parity-version/final"]
 deadlock_detection = ["parking_lot/deadlock_detection"]
 # to create a memory profile (requires nightly rust), use e.g.
@@ -105,29 +104,40 @@ deadlock_detection = ["parking_lot/deadlock_detection"]
 # `valgrind --tool=massif /path/to/parity <parity params>`
 # and `massif-visualizer` for visualization
 memory_profiling = []
+# hardcode version number 1.3.7 of parity to force an update
+# in order to manually test that parity fall-over to the local version
+# in case of invalid or deprecated command line arguments are entered
+test-updater = ["parity-updater/test-updater"]
 
 [lib]
-path = "bin/oe/lib.rs"
+path = "parity/lib.rs"
 
 [[bin]]
-path = "bin/oe/main.rs"
-name = "openethereum"
+path = "parity/main.rs"
+name = "parity"
 
-[profile.test]
-lto = false
-opt-level = 3 # makes tests slower to compile, but faster to run
+[profile.dev]
 
 [profile.release]
 debug = false
-lto = true
 
 [workspace]
 # This should only list projects that are not
 # in the dependency tree in any other way
 # (i.e. pretty much only standalone CLI tools)
 members = [
-	"bin/ethkey",
-	"bin/ethstore",
-	"bin/evmbin",
-	"bin/chainspec"
+	"accounts/ethkey/cli",
+	"accounts/ethstore/cli",
+	"chainspec",
+	"ethcore/wasm/run",
+	"evmbin",
+	"parity-clib",
+	"whisper/cli",
+	"util/triehash-ethereum",
+	"util/keccak-hasher",
+	"util/patricia-trie-ethereum",
+	"util/fastmap"
 ]
+
+[patch.crates-io]
+heapsize = { git = "https://github.com/cheme/heapsize.git", branch = "ec-macfix" }

README.md

@@ -1,38 +1,13 @@
-# OpenEthereum
+![Parity Ethereum](docs/logo-parity-ethereum.svg)
 
-Fast and feature-rich multi-network Ethereum client.
+<h2 align="center">The Fastest and most Advanced Ethereum Client.</h2>
 
-[» Download the latest release «](https://github.com/openethereum/openethereum/releases/latest)
+<p align="center"><strong><a href="https://github.com/paritytech/parity-ethereum/releases/latest">» Download the latest release «</a></strong></p>
 
-[![GPL licensed][license-badge]][license-url]
-[![Build Status][ci-badge]][ci-url]
-[![Discord chat][chat-badge]][chat-url]
+<p align="center"><a href="https://gitlab.parity.io/parity/parity-ethereum/commits/master" target="_blank"><img src="https://gitlab.parity.io/parity/parity-ethereum/badges/master/build.svg" /></a>
+<a href="https://www.gnu.org/licenses/gpl-3.0.en.html" target="_blank"><img src="https://img.shields.io/badge/license-GPL%20v3-green.svg" /></a></p>
 
-[license-badge]: https://img.shields.io/badge/license-GPL_v3-green.svg
-[license-url]: LICENSE
-[ci-badge]: https://github.com/openethereum/openethereum/workflows/Build%20and%20Test%20Suite/badge.svg
-[ci-url]: https://github.com/openethereum/openethereum/actions
-[chat-badge]: https://img.shields.io/discord/669192218728202270.svg?logo=discord
-[chat-url]: https://discord.io/openethereum
-
-## Table of Contents
-
-1. [Description](#chapter-001)
-2. [Technical Overview](#chapter-002)
-3. [Building](#chapter-003)<br>
-  3.1 [Building Dependencies](#chapter-0031)<br>
-  3.2 [Building from Source Code](#chapter-0032)<br>
-  3.3 [Starting OpenEthereum](#chapter-0034)
-4. [Testing](#chapter-004)
-5. [Documentation](#chapter-005)
-6. [Toolchain](#chapter-006)
-7. [Contributing](#chapter-008)
-8. [License](#chapter-009)
-
-
-## 1. Description <a id="chapter-001"></a>
-
-**Built for mission-critical use**: Miners, service providers, and exchanges need fast synchronisation and maximum uptime. OpenEthereum provides the core infrastructure essential for speedy and reliable services.
+**Built for mission-critical use**: Miners, service providers, and exchanges need fast synchronisation and maximum uptime. Parity Ethereum provides the core infrastructure essential for speedy and reliable services.
 
 - Clean, modular codebase for easy customisation
 - Advanced CLI-based client
@@ -40,21 +15,19 @@ Fast and feature-rich multi-network Ethereum client.
 - Synchronise in hours, not days with Warp Sync
 - Modular for light integration into your service or product
 
-## 2. Technical Overview <a id="chapter-002"></a>
+## Technical Overview
 
-OpenEthereum's goal is to be the fastest, lightest, and most secure Ethereum client. We are developing OpenEthereum using the **Rust programming language**. OpenEthereum is licensed under the GPLv3 and can be used for all your Ethereum needs.
+Parity Ethereum's goal is to be the fastest, lightest, and most secure Ethereum client. We are developing Parity Ethereum using the sophisticated and cutting-edge **Rust programming language**. Parity Ethereum is licensed under the GPLv3 and can be used for all your Ethereum needs.
 
-By default, OpenEthereum runs a JSON-RPC HTTP server on port `:8545` and a Web-Sockets server on port `:8546`. This is fully configurable and supports a number of APIs.
+By default, Parity Ethereum runs a JSON-RPC HTTP server on port `:8545` and a Web-Sockets server on port `:8546`. This is fully configurable and supports a number of APIs.
 
-If you run into problems while using OpenEthereum, check out the [old wiki for documentation](https://openethereum.github.io/), feel free to [file an issue in this repository](https://github.com/openethereum/openethereum/issues/new), or hop on our [Discord](https://discord.io/openethereum) chat room to ask a question. We are glad to help!
+If you run into problems while using Parity Ethereum, check out the [wiki for documentation](https://wiki.parity.io/), feel free to [file an issue in this repository](https://github.com/paritytech/parity-ethereum/issues/new), or hop on our [Gitter](https://gitter.im/paritytech/parity) or [Riot](https://riot.im/app/#/group/+parity:matrix.parity.io) chat room to ask a question. We are glad to help! **For security-critical issues**, please refer to the security policy outlined in [SECURITY.md](SECURITY.md).
 
-You can download OpenEthereum's latest release at [the releases page](https://github.com/openethereum/openethereum/releases) or follow the instructions below to build from source. Read the [CHANGELOG.md](CHANGELOG.md) for a list of all changes between different versions.
+Parity Ethereum's current beta-release is 2.1. You can download it at [the releases page](https://github.com/paritytech/parity-ethereum/releases) or follow the instructions below to build from source. Please, mind the [CHANGELOG.md](CHANGELOG.md) for a list of all changes between different versions.
 
-## 3. Building <a id="chapter-003"></a>
+## Build Dependencies
 
-### 3.1 Build Dependencies <a id="chapter-0031"></a>
-
-OpenEthereum requires **latest stable Rust version** to build.
+Parity Ethereum requires **latest stable Rust version** to build.
 
 We recommend installing Rust through [rustup](https://www.rustup.rs/). If you don't already have `rustup`, you can install it like this:
 
@@ -63,7 +36,7 @@ We recommend installing Rust through [rustup](https://www.rustup.rs/). If you do
   $ curl https://sh.rustup.rs -sSf | sh
   ```
 
-  OpenEthereum also requires `clang` (>= 9.0), `clang++`, `pkg-config`, `file`, `make`, and `cmake` packages to be installed.
+  Parity Ethereum also requires `gcc`, `g++`, `libudev-dev`, `pkg-config`, `file`, `make`, and `cmake` packages to be installed.
 
 - OSX:
   ```bash
@@ -72,7 +45,7 @@ We recommend installing Rust through [rustup](https://www.rustup.rs/). If you do
 
   `clang` is required. It comes with Xcode command line tools or can be installed with homebrew.
 
-- Windows:
+- Windows
   Make sure you have Visual Studio 2015 with C++ support installed. Next, download and run the `rustup` installer from
   https://static.rust-lang.org/rustup/dist/x86_64-pc-windows-msvc/rustup-init.exe, start "VS2015 x64 Native Tools Command Prompt", and use the following command to install and set up the `msvc` toolchain:
   ```bash
@@ -83,14 +56,14 @@ Once you have `rustup` installed, then you need to install:
 * [Perl](https://www.perl.org)
 * [Yasm](https://yasm.tortall.net)
 
-Make sure that these binaries are in your `PATH`. After that, you should be able to build OpenEthereum from source.
+Make sure that these binaries are in your `PATH`. After that, you should be able to build Parity Ethereum from source.
 
-### 3.2 Build from Source Code <a id="chapter-0032"></a>
+## Build from Source Code
 
 ```bash
-# download OpenEthereum code
-$ git clone https://github.com/openethereum/openethereum
-$ cd openethereum
+# download Parity Ethereum code
+$ git clone https://github.com/paritytech/parity-ethereum
+$ cd parity-ethereum
 
 # build in release mode
 $ cargo build --release --features final
@@ -110,209 +83,73 @@ Note, when compiling a crate and you receive errors, it's in most cases your out
 $ cargo clean
 ```
 
-This always compiles the latest nightly builds. If you want to build stable, do a
+This always compiles the latest nightly builds. If you want to build stable or beta, do a
 
 ```bash
 $ git checkout stable
 ```
 
-### 3.3 Starting OpenEthereum <a id="chapter-0034"></a>
-
-#### Manually
-
-To start OpenEthereum manually, just run
+or
 
 ```bash
-$ ./target/release/openethereum
+$ git checkout beta
 ```
 
-so OpenEthereum begins syncing the Ethereum blockchain.
+## Simple One-Line Installer for Mac and Linux
 
-#### Using `systemd` service file
+```bash
+bash <(curl https://get.parity.io -L)
+```
 
-To start OpenEthereum as a regular user using `systemd` init:
+The one-line installer always defaults to the latest beta release. To install a stable release, run:
 
-1. Copy `./scripts/openethereum.service` to your
+```bash
+bash <(curl https://get.parity.io -L) -r stable
+```
+
+## Start Parity Ethereum
+
+### Manually
+
+To start Parity Ethereum manually, just run
+
+```bash
+$ ./target/release/parity
+```
+
+so Parity Ethereum begins syncing the Ethereum blockchain.
+
+### Using `systemd` service file
+
+To start Parity Ethereum as a regular user using `systemd` init:
+
+1. Copy `./scripts/parity.service` to your
 `systemd` user directory (usually `~/.config/systemd/user`).
-2. Copy release to bin folder, write `sudo install ./target/release/openethereum /usr/bin/openethereum`
-3. To configure OpenEthereum, see [our wiki](https://openethereum.github.io/Configuring-OpenEthereum) for details.
+2. To configure Parity Ethereum, write a `/etc/parity/config.toml` config file, see [Configuring Parity Ethereum](https://paritytech.github.io/wiki/Configuring-Parity) for details.
 
-## 4. Testing <a id="chapter-004"></a>
+## Parity Ethereum toolchain
 
-Download the required test files: `git submodule update --init --recursive`. You can run tests with the following commands:
+In addition to the Parity Ethereum client, there are additional tools in this repository available:
 
-* **All** packages
-  ```
-  cargo test --all
-  ```
+- [evmbin](https://github.com/paritytech/parity-ethereum/blob/master/evmbin/) - EVM implementation for Parity Ethereum.
+- [ethabi](https://github.com/paritytech/ethabi) - Parity Ethereum function calls encoding.
+- [ethstore](https://github.com/paritytech/parity-ethereum/blob/master/accounts/ethstore) - Parity Ethereum key management.
+- [ethkey](https://github.com/paritytech/parity-ethereum/blob/master/accounts/ethkey) - Parity Ethereum keys generator.
+- [whisper](https://github.com/paritytech/parity-ethereum/blob/master/whisper/) - Implementation of Whisper-v2 PoC.
 
-* Specific package
-  ```
-  cargo test --package <spec>
-  ```
+## Join the chat!
 
-Replace `<spec>` with one of the packages from the [package list](#package-list) (e.g. `cargo test --package evmbin`).
+Questions? Get in touch with us on Gitter:
+[![Gitter: Parity](https://img.shields.io/badge/gitter-parity-4AB495.svg)](https://gitter.im/paritytech/parity)
+[![Gitter: Parity.js](https://img.shields.io/badge/gitter-parity.js-4AB495.svg)](https://gitter.im/paritytech/parity.js)
+[![Gitter: Parity/Miners](https://img.shields.io/badge/gitter-parity/miners-4AB495.svg)](https://gitter.im/paritytech/parity/miners)
+[![Gitter: Parity-PoA](https://img.shields.io/badge/gitter-parity--poa-4AB495.svg)](https://gitter.im/paritytech/parity-poa)
 
-You can show your logs in the test output by passing `--nocapture` (i.e. `cargo test --package evmbin -- --nocapture`)
+Alternatively, join our community on Matrix:
+[![Riot: +Parity](https://img.shields.io/badge/riot-%2Bparity%3Amatrix.parity.io-orange.svg)](https://riot.im/app/#/group/+parity:matrix.parity.io)
 
-## 5. Documentation <a id="chapter-005"></a>
+## Documentation
 
-Be sure to [check out our wiki](https://openethereum.github.io/) for more information.
+Official website: https://parity.io
 
-### Viewing documentation for OpenEthereum packages
-
-You can generate documentation for OpenEthereum Rust packages that automatically opens in your web browser using [rustdoc with Cargo](https://doc.rust-lang.org/rustdoc/what-is-rustdoc.html#using-rustdoc-with-cargo) (of the The Rustdoc Book), by running the the following commands:
-
-* **All** packages
-  ```
-  cargo doc --document-private-items --open
-  ```
-
-* Specific package
-  ```
-  cargo doc --package <spec> -- --document-private-items --open
-  ```
-
-Use`--document-private-items` to also view private documentation and `--no-deps` to exclude building documentation for dependencies.
-
-Replacing `<spec>` with one of the following from the details section below (i.e. `cargo doc --package openethereum --open`):
-
-<a id="package-list"></a>
-**Package List**
-<details><p>
-
-* OpenEthereum Client Application
-  ```bash
-  openethereum
-  ```
-* OpenEthereum Account Management, Key Management Tool, and Keys Generator
-  ```bash
-  ethcore-accounts, ethkey-cli, ethstore, ethstore-cli
-  ```
-* OpenEthereum Chain Specification
-  ```bash
-  chainspec
-  ```
-* OpenEthereum CLI Signer Tool & RPC Client
-  ```bash
-  cli-signer parity-rpc-client
-  ```
-* OpenEthereum Ethash & ProgPoW Implementations
-  ```bash
-  ethash
-  ```
-* EthCore Library
-  ```bash
-  ethcore
-  ```
-  * OpenEthereum Blockchain Database, Test Generator, Configuration,
-Caching, Importing Blocks, and Block Information
-    ```bash
-    ethcore-blockchain
-    ```
-  * OpenEthereum Contract Calls and Blockchain Service & Registry Information
-    ```bash
-    ethcore-call-contract
-    ```
-  * OpenEthereum Database Access & Utilities, Database Cache Manager
-    ```bash
-    ethcore-db
-    ```
-  * OpenEthereum Virtual Machine (EVM) Rust Implementation
-    ```bash
-    evm
-    ```
-  * OpenEthereum Light Client Implementation
-    ```bash
-    ethcore-light
-    ```
-  * Smart Contract based Node Filter, Manage Permissions of Network Connections
-    ```bash
-    node-filter
-    ```
-  * OpenEthereum Client & Network Service Creation & Registration with the I/O Subsystem
-    ```bash
-    ethcore-service
-    ```
-  * OpenEthereum Blockchain Synchronization
-    ```bash
-    ethcore-sync
-    ```
-  * OpenEthereum Common Types
-    ```bash
-    common-types
-    ```
-  * OpenEthereum Virtual Machines (VM) Support Library
-    ```bash
-    vm
-    ```
-  * OpenEthereum WASM Interpreter
-    ```bash
-    wasm
-    ```
-  * OpenEthereum WASM Test Runner
-    ```bash
-    pwasm-run-test
-    ```
-  * OpenEthereum EVM Implementation
-    ```bash
-    evmbin
-    ```
-  * OpenEthereum JSON Deserialization
-    ```bash
-    ethjson
-    ```
-  * OpenEthereum State Machine Generalization for Consensus Engines
-    ```bash
-    parity-machine
-    ```
-* OpenEthereum Miner Interface
-  ```bash
-  ethcore-miner parity-local-store price-info ethcore-stratum using_queue
-  ```
-* OpenEthereum Logger Implementation
-  ```bash
-  ethcore-logger
-  ```
-* OpenEthereum JSON-RPC Servers
-  ```bash
-  parity-rpc
-  ```
-* OpenEthereum Updater Service
-  ```bash
-  parity-updater parity-hash-fetch
-  ```
-* OpenEthereum Core Libraries (`util`)
-  ```bash
-  accounts-bloom blooms-db dir eip-712 fake-fetch fastmap fetch ethcore-io
-  journaldb keccak-hasher len-caching-lock memory-cache memzero
-  migration-rocksdb ethcore-network ethcore-network-devp2p panic_hook
-  patricia-trie-ethereum registrar rlp_compress stats
-  time-utils triehash-ethereum unexpected parity-version
-  ```
-
-</p></details>
-
-## 6. Toolchain <a id="chapter-006"></a>
-
-In addition to the OpenEthereum client, there are additional tools in this repository available:
-
-- [evmbin](./bin/evmbin) - OpenEthereum EVM Implementation.
-- [ethstore](./crates/accounts/ethstore) - OpenEthereum Key Management.
-- [ethkey](./crates/accounts/ethkey) - OpenEthereum Keys Generator.
-
-The following tools are available in a separate repository:
-- [ethabi](https://github.com/openethereum/ethabi) - OpenEthereum Encoding of Function Calls. [Docs here](https://crates.io/crates/ethabi)
-- [whisper](https://github.com/openethereum/whisper) - OpenEthereum Whisper-v2 PoC Implementation.
-
-## 7. Contributing <a id="chapter-007"></a>
-
-An introduction has been provided in the ["So You Want to be a Core Developer" presentation slides by Hernando Castano](http://tiny.cc/contrib-to-parity-eth). Additional guidelines are provided in [CONTRIBUTING](./.github/CONTRIBUTING.md).
-
-### Contributor Code of Conduct
-
-[CODE_OF_CONDUCT](./.github/CODE_OF_CONDUCT.md)
-
-## 8. License <a id="chapter-008"></a>
-
-[LICENSE](./LICENSE)
+Be sure to [check out our wiki](https://wiki.parity.io) for more information.

SECURITY.md

@@ -0,0 +1,80 @@
+# Security Policy
+
+Parity Technologies is committed to resolving security vulnerabilities in our software quickly and carefully. We take the necessary steps to minimize risk, provide timely information, and deliver vulnerability fixes and mitigations required to address security issues.
+
+## Reporting a Vulnerability
+
+Security vulnerabilities in Parity software should be reported by email to security@parity.io. If you think your report might be eligible for the Parity Bug Bounty Program, your email should be send to bugbounty@parity.io. 
+
+Your report should include the following:
+
+- your name
+- description of the vulnerability
+- attack scenario (if any)
+- components
+- reproduction
+- other details
+
+Try to include as much information in your report as you can, including a description of the vulnerability, its potential impact, and steps for reproducing it. Be sure to use a descriptive subject line.
+
+You'll receive a response to your email within two business days indicating the next steps in handling your report. We encourage finders to use encrypted communication channels to protect the confidentiality of vulnerability reports. You can encrypt your report using our public key. This key is [on MIT's key server](https://pgp.mit.edu/pks/lookup?op=get&search=0x5D0F03018D07DE73) server and reproduced below.
+
+After the initial reply to your report, our team will endeavor to keep you informed of the progress being made towards a fix. These updates will be sent at least every five business days. 
+
+Thank you for taking the time to responsibly disclose any vulnerabilities you find.
+
+## Responsible Investigation and Reporting
+
+Responsible investigation and reporting includes, but isn't limited to, the following:
+
+- Don't violate the privacy of other users, destroy data, etc.
+- Don’t defraud or harm Parity Technologies Ltd or its users during your research; you should make a good faith effort to not interrupt or degrade our services.
+- Don't target our physical security measures, or attempt to use social engineering, spam, distributed denial of service (DDOS) attacks, etc.
+- Initially report the bug only to us and not to anyone else.
+- Give us a reasonable amount of time to fix the bug before disclosing it to anyone else, and give us adequate written warning before disclosing it to anyone else.
+- In general, please investigate and report bugs in a way that makes a reasonable, good faith effort not to be disruptive or harmful to us or our users. Otherwise your actions might be interpreted as an attack rather than an effort to be helpful.
+
+## Bug Bounty Program
+
+Our Bug Bounty Program allows us to recognise and reward members of the Parity community for helping us find and address significant bugs, in accordance with the terms of the Parity Bug Bounty Program. A detailed description on eligibility, rewards, legal information and terms & conditions for contributors can be found on [our website](https://paritytech.io/bug-bounty.html). 
+
+
+
+
+
+
+## Plaintext PGP Key
+
+```
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFlyIAwBCACe0keNPjgYzZ1Oy/8t3zj/Qw9bHHqrzx7FWy8NbXnYBM19NqOZ
+DIP7Oe0DvCaf/uruBskCS0iVstHlEFQ2AYe0Ei0REt9lQdy61GylU/DEB3879IG+
+6FO0SnFeYeerv1/hFI2K6uv8v7PyyVDiiJSW0I1KIs2OBwJicTKmWxLAeQsRgx9G
+yRGalrVk4KP+6pWTA7k3DxmDZKZyfYV/Ej10NtuzmsemwDbv98HKeomp/kgFOfSy
+3AZjeCpctlsNqpjUuXa0/HudmH2WLxZ0fz8XeoRh8XM9UudNIecjrDqmAFrt/btQ
+/3guvlzhFCdhYPVGsUusKMECk/JG+Xx1/1ZjABEBAAG0LFBhcml0eSBTZWN1cml0
+eSBDb250YWN0IDxzZWN1cml0eUBwYXJpdHkuaW8+iQFUBBMBCAA+FiEE2uUVYCjP
+N6B8aTiDXQ8DAY0H3nMFAllyIAwCGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwEC
+HgECF4AACgkQXQ8DAY0H3nM60wgAkS3A36Zc+upiaxU7tumcGv+an17j7gin0sif
++0ELSjVfrXInM6ovai+NhUdcLkJ7tCrKS90fvlaELK5Sg9CXBWCTFccKN4A/B7ey
+rOg2NPXUecnyBB/XqQgKYH7ujYlOlqBDXMfz6z8Hj6WToxg9PPMGGomyMGh8AWxM
+3yRPFs5RKt0VKgN++5N00oly5Y8ri5pgCidDvCLYMGTVDHFKwkuc9w6BlWlu1R1e
+/hXFWUFAP1ffTAul3QwyKhjPn2iotCdxXjvt48KaU8DN4iL7aMBN/ZBKqGS7yRdF
+D/JbJyaaJ0ZRvFSTSXy/sWY3z1B5mtCPBxco8hqqNfRkCwuZ6LkBDQRZciAMAQgA
+8BP8xrwe12TOUTqL/Vrbxv/FLdhKh53J6TrPKvC2TEEKOrTNo5ahRq+XOS5E7G2N
+x3b+fq8gR9BzFcldAx0XWUtGs/Wv++ulaSNqTBxj13J3G3WGsUfMKxRgj//piCUD
+bCFLQfGZdKk0M1o9QkPVARwwmvCNiNB/l++xGqPtfc44H5jWj3GoGvL2MkShPzrN
+yN/bJ+m+R5gtFGdInqa5KXBuxxuW25eDKJ+LzjbgUgeC76wNcfOiQHTdMkcupjdO
+bbGFwo10hcbRAOcZEv6//Zrlmk/6nPxEd2hN20St2bSN0+FqfZ267mWEu3ejsgF8
+ArdCpv5h4fBvJyNwiTZwIQARAQABiQE8BBgBCAAmFiEE2uUVYCjPN6B8aTiDXQ8D
+AY0H3nMFAllyIAwCGwwFCQPCZwAACgkQXQ8DAY0H3nNisggAl4fqhRlA34wIb190
+sqXHVxiCuzPaqS6krE9xAa1+gncX485OtcJNqnjugHm2rFE48lv7oasviuPXuInE
+/OgVFnXYv9d/Xx2JUeDs+bFTLouCDRY2Unh7KJZasfqnMcCHWcxHx5FvRNZRssaB
+WTZVo6sizPurGUtbpYe4/OLFhadBqAE0EUmVRFEUMc1YTnu4eLaRBzoWN4d2UWwi
+LN25RSrVSke7LTSFbgn9ntQrQ2smXSR+cdNkkfRCjFcpUaecvFl9HwIqoyVbT4Ym
+0hbpbbX/cJdc91tKa+psa29uMeGL/cgL9fAu19yNFRyOTMxjZnvql1X/WE1pLmoP
+ETBD1Q==
+=K9Qw
+-----END PGP PUBLIC KEY BLOCK-----
+```

accounts/ethkey/Cargo.toml

@@ -1,20 +1,20 @@
 [package]
-description = "Parity Ethereum Keys Generator"
 name = "ethkey"
 version = "0.3.0"
 authors = ["Parity Technologies <admin@parity.io>"]
 
 [dependencies]
+byteorder = "1.0"
 edit-distance = "2.0"
-parity-crypto = { version = "0.6.2", features = ["publickey"] }
-eth-secp256k1 = { git = "https://github.com/paritytech/rust-secp256k1", rev = "9791e79f21a5309dcb6e0bd254b1ef88fca2f1f4" }
-ethereum-types = "0.9.2"
+parity-crypto = "0.2"
+eth-secp256k1 = { git = "https://github.com/paritytech/rust-secp256k1" }
+ethereum-types = "0.4"
 lazy_static = "1.0"
 log = "0.4"
-memzero = { path = "../../../crates/util/memzero" }
-parity-wordlist = "1.3"
+memzero = { path = "../../util/memzero" }
+parity-wordlist = "1.2"
 quick-error = "1.2.2"
-rand = "0.7.3"
+rand = "0.4"
 rustc-hex = "1.0"
 serde = "1.0"
 serde_derive = "1.0"

accounts/ethkey/README.md

@@ -5,8 +5,8 @@ Parity Ethereum keys generator.
 ### Usage
 
 ```
-Parity Ethereum Keys Generator.
-  Copyright 2015-2019 Parity Technologies (UK) Ltd.
+Parity Ethereum keys generator.
+  Copyright 2015-2018 Parity Technologies (UK) Ltd.
 
 Usage:
     ethkey info <secret-or-phrase> [options]
@@ -218,3 +218,4 @@ _This project is a part of the Parity Ethereum toolchain._
 - [ethabi](https://github.com/paritytech/ethabi) - Parity Ethereum function calls encoding.
 - [ethstore](https://github.com/paritytech/parity-ethereum/blob/master/accounts/ethstore) - Parity Ethereum key management.
 - [ethkey](https://github.com/paritytech/parity-ethereum/blob/master/accounts/ethkey) - Parity Ethereum keys generator.
+- [whisper](https://github.com/paritytech/parity-ethereum/blob/master/whisper/) - Implementation of Whisper-v2 PoC.

accounts/ethkey/cli/Cargo.toml

@@ -1,5 +1,4 @@
 [package]
-description = "Parity Ethereum Keys Generator CLI"
 name = "ethkey-cli"
 version = "0.1.0"
 authors = ["Parity Technologies <admin@parity.io>"]
@@ -7,10 +6,9 @@ authors = ["Parity Technologies <admin@parity.io>"]
 [dependencies]
 docopt = "1.0"
 env_logger = "0.5"
-ethkey = { path = "../../crates/accounts/ethkey" }
-panic_hook = { path = "../../crates/util/panic-hook" }
-parity-crypto = { version = "0.6.2", features = [ "publickey" ] }
-parity-wordlist="1.3"
+ethkey = { path = "../" }
+panic_hook = { path = "../../../util/panic-hook" }
+parity-wordlist="1.2"
 rustc-hex = "1.0"
 serde = "1.0"
 serde_derive = "1.0"

accounts/ethkey/cli/src/main.rs

@@ -0,0 +1,451 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+extern crate docopt;
+extern crate env_logger;
+extern crate ethkey;
+extern crate panic_hook;
+extern crate parity_wordlist;
+extern crate rustc_hex;
+extern crate serde;
+extern crate threadpool;
+
+#[macro_use]
+extern crate serde_derive;
+
+use std::num::ParseIntError;
+use std::{env, fmt, process, io, sync};
+
+use docopt::Docopt;
+use ethkey::{KeyPair, Random, Brain, BrainPrefix, Prefix, Error as EthkeyError, Generator, sign, verify_public, verify_address, brain_recover};
+use rustc_hex::{FromHex, FromHexError};
+
+const USAGE: &'static str = r#"
+Parity Ethereum keys generator.
+  Copyright 2015-2018 Parity Technologies (UK) Ltd.
+
+Usage:
+    ethkey info <secret-or-phrase> [options]
+    ethkey generate random [options]
+    ethkey generate prefix <prefix> [options]
+    ethkey sign <secret> <message>
+    ethkey verify public <public> <signature> <message>
+    ethkey verify address <address> <signature> <message>
+    ethkey recover <address> <known-phrase>
+    ethkey [-h | --help]
+
+Options:
+    -h, --help         Display this message and exit.
+    -s, --secret       Display only the secret key.
+    -p, --public       Display only the public key.
+    -a, --address      Display only the address.
+    -b, --brain        Use parity brain wallet algorithm. Not recommended.
+
+Commands:
+    info               Display public key and address of the secret.
+    generate random    Generates new random Ethereum key.
+    generate prefix    Random generation, but address must start with a prefix ("vanity address").
+    sign               Sign message using a secret key.
+    verify             Verify signer of the signature by public key or address.
+    recover            Try to find brain phrase matching given address from partial phrase.
+"#;
+
+#[derive(Debug, Deserialize)]
+struct Args {
+	cmd_info: bool,
+	cmd_generate: bool,
+	cmd_random: bool,
+	cmd_prefix: bool,
+	cmd_sign: bool,
+	cmd_verify: bool,
+	cmd_public: bool,
+	cmd_address: bool,
+	cmd_recover: bool,
+	arg_prefix: String,
+	arg_secret: String,
+	arg_secret_or_phrase: String,
+	arg_known_phrase: String,
+	arg_message: String,
+	arg_public: String,
+	arg_address: String,
+	arg_signature: String,
+	flag_secret: bool,
+	flag_public: bool,
+	flag_address: bool,
+	flag_brain: bool,
+}
+
+#[derive(Debug)]
+enum Error {
+	Ethkey(EthkeyError),
+	FromHex(FromHexError),
+	ParseInt(ParseIntError),
+	Docopt(docopt::Error),
+	Io(io::Error),
+}
+
+impl From<EthkeyError> for Error {
+	fn from(err: EthkeyError) -> Self {
+		Error::Ethkey(err)
+	}
+}
+
+impl From<FromHexError> for Error {
+	fn from(err: FromHexError) -> Self {
+		Error::FromHex(err)
+	}
+}
+
+impl From<ParseIntError> for Error {
+	fn from(err: ParseIntError) -> Self {
+		Error::ParseInt(err)
+	}
+}
+
+impl From<docopt::Error> for Error {
+	fn from(err: docopt::Error) -> Self {
+		Error::Docopt(err)
+	}
+}
+
+impl From<io::Error> for Error {
+	fn from(err: io::Error) -> Self {
+		Error::Io(err)
+	}
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		match *self {
+			Error::Ethkey(ref e) => write!(f, "{}", e),
+			Error::FromHex(ref e) => write!(f, "{}", e),
+			Error::ParseInt(ref e) => write!(f, "{}", e),
+			Error::Docopt(ref e) => write!(f, "{}", e),
+			Error::Io(ref e) => write!(f, "{}", e),
+		}
+	}
+}
+
+enum DisplayMode {
+	KeyPair,
+	Secret,
+	Public,
+	Address,
+}
+
+impl DisplayMode {
+	fn new(args: &Args) -> Self {
+		if args.flag_secret {
+			DisplayMode::Secret
+		} else if args.flag_public {
+			DisplayMode::Public
+		} else if args.flag_address {
+			DisplayMode::Address
+		} else {
+			DisplayMode::KeyPair
+		}
+	}
+}
+
+fn main() {
+	panic_hook::set_abort();
+	env_logger::try_init().expect("Logger initialized only once.");
+
+	match execute(env::args()) {
+		Ok(ok) => println!("{}", ok),
+		Err(Error::Docopt(ref e)) => e.exit(),
+		Err(err) => {
+			eprintln!("{}", err);
+			process::exit(1);
+		}
+	}
+}
+
+fn display(result: (KeyPair, Option<String>), mode: DisplayMode) -> String {
+	let keypair = result.0;
+	match mode {
+		DisplayMode::KeyPair => match result.1 {
+			Some(extra_data) => format!("{}\n{}", extra_data, keypair),
+			None => format!("{}", keypair)
+		},
+		DisplayMode::Secret => format!("{:x}", keypair.secret()),
+		DisplayMode::Public => format!("{:x}", keypair.public()),
+		DisplayMode::Address => format!("{:x}", keypair.address()),
+	}
+}
+
+fn execute<S, I>(command: I) -> Result<String, Error> where I: IntoIterator<Item=S>, S: AsRef<str> {
+	let args: Args = Docopt::new(USAGE)
+		.and_then(|d| d.argv(command).deserialize())?;
+
+	return if args.cmd_info {
+		let display_mode = DisplayMode::new(&args);
+
+		let result = if args.flag_brain {
+			let phrase = args.arg_secret_or_phrase;
+			let phrase_info = validate_phrase(&phrase);
+			let keypair = Brain::new(phrase).generate().expect("Brain wallet generator is infallible; qed");
+			(keypair, Some(phrase_info))
+		} else {
+			let secret = args.arg_secret_or_phrase.parse().map_err(|_| EthkeyError::InvalidSecret)?;
+			(KeyPair::from_secret(secret)?, None)
+		};
+		Ok(display(result, display_mode))
+	} else if args.cmd_generate {
+		let display_mode = DisplayMode::new(&args);
+		let result = if args.cmd_random {
+			if args.flag_brain {
+				let mut brain = BrainPrefix::new(vec![0], usize::max_value(), BRAIN_WORDS);
+				let keypair = brain.generate()?;
+				let phrase = format!("recovery phrase: {}", brain.phrase());
+				(keypair, Some(phrase))
+			} else {
+				(Random.generate()?, None)
+			}
+		} else if args.cmd_prefix {
+			let prefix = args.arg_prefix.from_hex()?;
+			let brain = args.flag_brain;
+			in_threads(move || {
+				let iterations = 1024;
+				let prefix = prefix.clone();
+				move || {
+					let prefix = prefix.clone();
+					let res = if brain {
+						let mut brain = BrainPrefix::new(prefix, iterations, BRAIN_WORDS);
+						let result = brain.generate();
+						let phrase = format!("recovery phrase: {}", brain.phrase());
+						result.map(|keypair| (keypair, Some(phrase)))
+					} else {
+						let result = Prefix::new(prefix, iterations).generate();
+						result.map(|res| (res, None))
+					};
+
+					Ok(res.map(Some).unwrap_or(None))
+				}
+			})?
+		} else {
+			return Ok(format!("{}", USAGE))
+		};
+		Ok(display(result, display_mode))
+	} else if args.cmd_sign {
+		let secret = args.arg_secret.parse().map_err(|_| EthkeyError::InvalidSecret)?;
+		let message = args.arg_message.parse().map_err(|_| EthkeyError::InvalidMessage)?;
+		let signature = sign(&secret, &message)?;
+		Ok(format!("{}", signature))
+	} else if args.cmd_verify {
+		let signature = args.arg_signature.parse().map_err(|_| EthkeyError::InvalidSignature)?;
+		let message = args.arg_message.parse().map_err(|_| EthkeyError::InvalidMessage)?;
+		let ok = if args.cmd_public {
+			let public = args.arg_public.parse().map_err(|_| EthkeyError::InvalidPublic)?;
+			verify_public(&public, &signature, &message)?
+		} else if args.cmd_address {
+			let address = args.arg_address.parse().map_err(|_| EthkeyError::InvalidAddress)?;
+			verify_address(&address, &signature, &message)?
+		} else {
+			return Ok(format!("{}", USAGE))
+		};
+		Ok(format!("{}", ok))
+	} else if args.cmd_recover {
+		let display_mode = DisplayMode::new(&args);
+		let known_phrase = args.arg_known_phrase;
+		let address = args.arg_address.parse().map_err(|_| EthkeyError::InvalidAddress)?;
+		let (phrase, keypair) = in_threads(move || {
+			let mut it = brain_recover::PhrasesIterator::from_known_phrase(&known_phrase, BRAIN_WORDS);
+			move || {
+				let mut i = 0;
+				while let Some(phrase) = it.next() {
+					i += 1;
+
+					let keypair = Brain::new(phrase.clone()).generate().unwrap();
+					if keypair.address() == address {
+						return Ok(Some((phrase, keypair)))
+					}
+
+					if i >= 1024 {
+						return Ok(None)
+					}
+				}
+
+				Err(EthkeyError::Custom("Couldn't find any results.".into()))
+			}
+		})?;
+		Ok(display((keypair, Some(phrase)), display_mode))
+	} else {
+		Ok(format!("{}", USAGE))
+	}
+}
+
+const BRAIN_WORDS: usize = 12;
+
+fn validate_phrase(phrase: &str) -> String {
+	match Brain::validate_phrase(phrase, BRAIN_WORDS) {
+		Ok(()) => format!("The recovery phrase looks correct.\n"),
+		Err(err) => format!("The recover phrase was not generated by Parity: {}", err)
+	}
+}
+
+fn in_threads<F, X, O>(prepare: F) -> Result<O, EthkeyError> where
+	O: Send + 'static,
+	X: Send + 'static,
+	F: Fn() -> X,
+	X: FnMut() -> Result<Option<O>, EthkeyError>,
+{
+	let pool = threadpool::Builder::new().build();
+
+	let (tx, rx) = sync::mpsc::sync_channel(1);
+	let is_done = sync::Arc::new(sync::atomic::AtomicBool::default());
+
+	for _ in 0..pool.max_count() {
+		let is_done = is_done.clone();
+		let tx = tx.clone();
+		let mut task = prepare();
+		pool.execute(move || {
+			loop {
+				if is_done.load(sync::atomic::Ordering::SeqCst) {
+					return;
+				}
+
+				let res = match task() {
+					Ok(None) => continue,
+					Ok(Some(v)) => Ok(v),
+					Err(err) => Err(err),
+				};
+
+				// We are interested only in the first response.
+				let _ = tx.send(res);
+			}
+		});
+	}
+
+	if let Ok(solution) = rx.recv() {
+		is_done.store(true, sync::atomic::Ordering::SeqCst);
+		return solution;
+	}
+
+	Err(EthkeyError::Custom("No results found.".into()))
+}
+
+#[cfg(test)]
+mod tests {
+	use super::execute;
+
+	#[test]
+	fn info() {
+		let command = vec!["ethkey", "info", "17d08f5fe8c77af811caa0c9a187e668ce3b74a99acc3f6d976f075fa8e0be55"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected =
+"secret:  17d08f5fe8c77af811caa0c9a187e668ce3b74a99acc3f6d976f075fa8e0be55
+public:  689268c0ff57a20cd299fa60d3fb374862aff565b20b5f1767906a99e6e09f3ff04ca2b2a5cd22f62941db103c0356df1a8ed20ce322cab2483db67685afd124
+address: 26d1ec50b4e62c1d1a40d16e7cacc6a6580757d5".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn brain() {
+		let command = vec!["ethkey", "info", "--brain", "this is sparta"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected =
+"The recover phrase was not generated by Parity: The word 'this' does not come from the dictionary.
+
+secret:  aa22b54c0cb43ee30a014afe5ef3664b1cde299feabca46cd3167a85a57c39f2
+public:  c4c5398da6843632c123f543d714d2d2277716c11ff612b2a2f23c6bda4d6f0327c31cd58c55a9572c3cc141dade0c32747a13b7ef34c241b26c84adbb28fcf4
+address: 006e27b6a72e1f34c626762f3c4761547aff1421".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn secret() {
+		let command = vec!["ethkey", "info", "--brain", "this is sparta", "--secret"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected = "aa22b54c0cb43ee30a014afe5ef3664b1cde299feabca46cd3167a85a57c39f2".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn public() {
+		let command = vec!["ethkey", "info", "--brain", "this is sparta", "--public"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected = "c4c5398da6843632c123f543d714d2d2277716c11ff612b2a2f23c6bda4d6f0327c31cd58c55a9572c3cc141dade0c32747a13b7ef34c241b26c84adbb28fcf4".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn address() {
+		let command = vec!["ethkey", "info", "-b", "this is sparta", "--address"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected = "006e27b6a72e1f34c626762f3c4761547aff1421".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn sign() {
+		let command = vec!["ethkey", "sign", "17d08f5fe8c77af811caa0c9a187e668ce3b74a99acc3f6d976f075fa8e0be55", "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec987"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected = "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn verify_valid_public() {
+		let command = vec!["ethkey", "verify", "public", "689268c0ff57a20cd299fa60d3fb374862aff565b20b5f1767906a99e6e09f3ff04ca2b2a5cd22f62941db103c0356df1a8ed20ce322cab2483db67685afd124", "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200", "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec987"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected = "true".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn verify_valid_address() {
+		let command = vec!["ethkey", "verify", "address", "26d1ec50b4e62c1d1a40d16e7cacc6a6580757d5", "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200", "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec987"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected = "true".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+
+	#[test]
+	fn verify_invalid() {
+		let command = vec!["ethkey", "verify", "public", "689268c0ff57a20cd299fa60d3fb374862aff565b20b5f1767906a99e6e09f3ff04ca2b2a5cd22f62941db103c0356df1a8ed20ce322cab2483db67685afd124", "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200", "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec986"]
+			.into_iter()
+			.map(Into::into)
+			.collect::<Vec<String>>();
+
+		let expected = "false".to_owned();
+		assert_eq!(execute(command).unwrap(), expected);
+	}
+}

accounts/ethkey/src/brain.rs

@@ -0,0 +1,73 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use keccak::Keccak256;
+use super::{KeyPair, Generator, Secret};
+use parity_wordlist;
+
+/// Simple brainwallet.
+pub struct Brain(String);
+
+impl Brain {
+	pub fn new(s: String) -> Self {
+		Brain(s)
+	}
+
+	pub fn validate_phrase(phrase: &str, expected_words: usize) -> Result<(), ::WordlistError> {
+		parity_wordlist::validate_phrase(phrase, expected_words)
+	}
+}
+
+impl Generator for Brain {
+    type Error = ::Void;
+
+	fn generate(&mut self) -> Result<KeyPair, Self::Error> {
+		let seed = self.0.clone();
+		let mut secret = seed.into_bytes().keccak256();
+
+		let mut i = 0;
+		loop {
+			secret = secret.keccak256();
+
+			match i > 16384 {
+				false => i += 1,
+				true => {
+					if let Ok(pair) = Secret::from_unsafe_slice(&secret)
+						.and_then(KeyPair::from_secret)
+					{
+						if pair.address()[0] == 0 {
+							trace!("Testing: {}, got: {:?}", self.0, pair.address());
+							return Ok(pair)
+						}
+					}
+				},
+			}
+		}
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use {Brain, Generator};
+
+	#[test]
+	fn test_brain() {
+		let words = "this is sparta!".to_owned();
+		let first_keypair = Brain::new(words.clone()).generate().unwrap();
+		let second_keypair = Brain::new(words.clone()).generate().unwrap();
+		assert_eq!(first_keypair.secret(), second_keypair.secret());
+	}
+}

accounts/ethkey/src/brain_prefix.rs

@@ -0,0 +1,70 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use super::{Generator, KeyPair, Error, Brain};
+use parity_wordlist as wordlist;
+
+/// Tries to find brain-seed keypair with address starting with given prefix.
+pub struct BrainPrefix {
+	prefix: Vec<u8>,
+	iterations: usize,
+	no_of_words: usize,
+	last_phrase: String,
+}
+
+impl BrainPrefix {
+	pub fn new(prefix: Vec<u8>, iterations: usize, no_of_words: usize) -> Self {
+		BrainPrefix {
+			prefix,
+			iterations,
+			no_of_words,
+			last_phrase: String::new(),
+		}
+	}
+
+	pub fn phrase(&self) -> &str {
+		&self.last_phrase
+	}
+}
+
+impl Generator for BrainPrefix {
+	type Error = Error;
+
+	fn generate(&mut self) -> Result<KeyPair, Error> {
+		for _ in 0..self.iterations {
+			let phrase = wordlist::random_phrase(self.no_of_words);
+			let keypair = Brain::new(phrase.clone()).generate().unwrap();
+			if keypair.address().starts_with(&self.prefix) {
+				self.last_phrase = phrase;
+				return Ok(keypair)
+			}
+		}
+
+		Err(Error::Custom("Could not find keypair".into()))
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use {Generator, BrainPrefix};
+
+	#[test]
+	fn prefix_generator() {
+		let prefix = vec![0x00u8];
+		let keypair = BrainPrefix::new(prefix.clone(), usize::max_value(), 12).generate().unwrap();
+		assert!(keypair.address().starts_with(&prefix));
+	}
+}

accounts/ethkey/src/brain_recover.rs

@@ -0,0 +1,173 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::collections::HashSet;
+
+use edit_distance::edit_distance;
+use parity_wordlist;
+
+use super::{Address, Brain, Generator};
+
+/// Tries to find a phrase for address, given the number
+/// of expected words and a partial phrase.
+///
+/// Returns `None` if phrase couldn't be found.
+pub fn brain_recover(
+	address: &Address,
+	known_phrase: &str,
+	expected_words: usize,
+) -> Option<String> {
+	let it = PhrasesIterator::from_known_phrase(known_phrase, expected_words);
+	for phrase in it {
+		let keypair = Brain::new(phrase.clone()).generate().expect("Brain wallets are infallible; qed");
+		trace!("Testing: {}, got: {:?}", phrase, keypair.address());
+		if &keypair.address() == address {
+			return Some(phrase);
+		}
+	}
+
+	None
+}
+
+fn generate_substitutions(word: &str) -> Vec<&'static str> {
+	let mut words = parity_wordlist::WORDS.iter().cloned()
+		.map(|w| (edit_distance(w, word), w))
+		.collect::<Vec<_>>();
+	words.sort_by(|a, b| a.0.cmp(&b.0));
+
+	words.into_iter()
+		.map(|pair| pair.1)
+		.collect()
+}
+
+/// Iterator over possible
+pub struct PhrasesIterator {
+	words: Vec<Vec<&'static str>>,
+	combinations: u64,
+	indexes: Vec<usize>,
+	has_next: bool,
+}
+
+impl PhrasesIterator {
+	pub fn from_known_phrase(known_phrase: &str, expected_words: usize) -> Self {
+		let known_words = parity_wordlist::WORDS.iter().cloned().collect::<HashSet<_>>();
+		let mut words = known_phrase.split(' ')
+			.map(|word| match known_words.get(word) {
+				None => {
+					info!("Invalid word '{}', looking for potential substitutions.", word);
+					let substitutions = generate_substitutions(word);
+					info!("Closest words: {:?}", &substitutions[..10]);
+					substitutions
+				},
+				Some(word) => vec![*word],
+			})
+		.collect::<Vec<_>>();
+
+		// add missing words
+		if words.len() < expected_words {
+			let to_add = expected_words - words.len();
+			info!("Number of words is insuficcient adding {} more.", to_add);
+			for _ in 0..to_add {
+				words.push(parity_wordlist::WORDS.iter().cloned().collect());
+			}
+		}
+
+		// start searching
+		PhrasesIterator::new(words)
+	}
+
+	pub fn new(words: Vec<Vec<&'static str>>) -> Self {
+		let combinations = words.iter().fold(1u64, |acc, x| acc * x.len() as u64);
+		let indexes = words.iter().map(|_| 0).collect();
+		info!("Starting to test {} possible combinations.", combinations);
+
+		PhrasesIterator {
+			words,
+			combinations,
+			indexes,
+			has_next: combinations > 0,
+		}
+	}
+
+	pub fn combinations(&self) -> u64 {
+		self.combinations
+	}
+
+	fn current(&self) -> String {
+		let mut s = self.words[0][self.indexes[0]].to_owned();
+		for i in 1..self.indexes.len() {
+			s.push(' ');
+			s.push_str(self.words[i][self.indexes[i]]);
+		}
+		s
+	}
+
+	fn next_index(&mut self) -> bool {
+		let mut pos = self.indexes.len();
+		while pos > 0 {
+			pos -= 1;
+			self.indexes[pos] += 1;
+			if self.indexes[pos] >= self.words[pos].len() {
+				self.indexes[pos] = 0;
+			} else {
+				return true;
+			}
+		}
+
+		false
+	}
+}
+
+impl Iterator for PhrasesIterator {
+	type Item = String;
+
+	fn next(&mut self) -> Option<String> {
+		if !self.has_next {
+			return None;
+		}
+
+		let phrase = self.current();
+		self.has_next = self.next_index();
+		Some(phrase)
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::PhrasesIterator;
+
+	#[test]
+	fn should_generate_possible_combinations() {
+		let mut it = PhrasesIterator::new(vec![
+			vec!["1", "2", "3"],
+			vec!["test"],
+			vec!["a", "b", "c"],
+		]);
+
+		assert_eq!(it.combinations(), 9);
+		assert_eq!(it.next(), Some("1 test a".to_owned()));
+		assert_eq!(it.next(), Some("1 test b".to_owned()));
+		assert_eq!(it.next(), Some("1 test c".to_owned()));
+		assert_eq!(it.next(), Some("2 test a".to_owned()));
+		assert_eq!(it.next(), Some("2 test b".to_owned()));
+		assert_eq!(it.next(), Some("2 test c".to_owned()));
+		assert_eq!(it.next(), Some("3 test a".to_owned()));
+		assert_eq!(it.next(), Some("3 test b".to_owned()));
+		assert_eq!(it.next(), Some("3 test c".to_owned()));
+		assert_eq!(it.next(), None);
+	}
+
+}

accounts/ethkey/src/crypto.rs

@@ -0,0 +1,189 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use secp256k1;
+use std::io;
+use parity_crypto::error::SymmError;
+
+quick_error! {
+	#[derive(Debug)]
+	pub enum Error {
+		Secp(e: secp256k1::Error) {
+			display("secp256k1 error: {}", e)
+			cause(e)
+			from()
+		}
+		Io(e: io::Error) {
+			display("i/o error: {}", e)
+			cause(e)
+			from()
+		}
+		InvalidMessage {
+			display("invalid message")
+		}
+		Symm(e: SymmError) {
+			cause(e)
+			from()
+		}
+	}
+}
+
+/// ECDH functions
+pub mod ecdh {
+	use secp256k1::{self, ecdh, key};
+	use super::Error;
+	use {Secret, Public, SECP256K1};
+
+	/// Agree on a shared secret
+	pub fn agree(secret: &Secret, public: &Public) -> Result<Secret, Error> {
+		let context = &SECP256K1;
+		let pdata = {
+			let mut temp = [4u8; 65];
+			(&mut temp[1..65]).copy_from_slice(&public[0..64]);
+			temp
+		};
+
+		let publ = key::PublicKey::from_slice(context, &pdata)?;
+		let sec = key::SecretKey::from_slice(context, &secret)?;
+		let shared = ecdh::SharedSecret::new_raw(context, &publ, &sec);
+
+		Secret::from_unsafe_slice(&shared[0..32])
+			.map_err(|_| Error::Secp(secp256k1::Error::InvalidSecretKey))
+	}
+}
+
+/// ECIES function
+pub mod ecies {
+	use parity_crypto::{aes, digest, hmac, is_equal};
+	use ethereum_types::H128;
+	use super::{ecdh, Error};
+	use {Random, Generator, Public, Secret};
+
+	/// Encrypt a message with a public key, writing an HMAC covering both
+	/// the plaintext and authenticated data.
+	///
+	/// Authenticated data may be empty.
+	pub fn encrypt(public: &Public, auth_data: &[u8], plain: &[u8]) -> Result<Vec<u8>, Error> {
+		let r = Random.generate()?;
+		let z = ecdh::agree(r.secret(), public)?;
+		let mut key = [0u8; 32];
+		kdf(&z, &[0u8; 0], &mut key);
+
+		let ekey = &key[0..16];
+		let mkey = hmac::SigKey::sha256(&digest::sha256(&key[16..32]));
+
+		let mut msg = vec![0u8; 1 + 64 + 16 + plain.len() + 32];
+		msg[0] = 0x04u8;
+		{
+			let msgd = &mut msg[1..];
+			msgd[0..64].copy_from_slice(r.public());
+			let iv = H128::random();
+			msgd[64..80].copy_from_slice(&iv);
+			{
+				let cipher = &mut msgd[(64 + 16)..(64 + 16 + plain.len())];
+				aes::encrypt_128_ctr(ekey, &iv, plain, cipher)?;
+			}
+			let mut hmac = hmac::Signer::with(&mkey);
+			{
+				let cipher_iv = &msgd[64..(64 + 16 + plain.len())];
+				hmac.update(cipher_iv);
+			}
+			hmac.update(auth_data);
+			let sig = hmac.sign();
+			msgd[(64 + 16 + plain.len())..].copy_from_slice(&sig);
+		}
+		Ok(msg)
+	}
+
+	/// Decrypt a message with a secret key, checking HMAC for ciphertext
+	/// and authenticated data validity.
+	pub fn decrypt(secret: &Secret, auth_data: &[u8], encrypted: &[u8]) -> Result<Vec<u8>, Error> {
+		let meta_len = 1 + 64 + 16 + 32;
+		if encrypted.len() < meta_len  || encrypted[0] < 2 || encrypted[0] > 4 {
+			return Err(Error::InvalidMessage); //invalid message: publickey
+		}
+
+		let e = &encrypted[1..];
+		let p = Public::from_slice(&e[0..64]);
+		let z = ecdh::agree(secret, &p)?;
+		let mut key = [0u8; 32];
+		kdf(&z, &[0u8; 0], &mut key);
+
+		let ekey = &key[0..16];
+		let mkey = hmac::SigKey::sha256(&digest::sha256(&key[16..32]));
+
+		let clen = encrypted.len() - meta_len;
+		let cipher_with_iv = &e[64..(64+16+clen)];
+		let cipher_iv = &cipher_with_iv[0..16];
+		let cipher_no_iv = &cipher_with_iv[16..];
+		let msg_mac = &e[(64+16+clen)..];
+
+		// Verify tag
+		let mut hmac = hmac::Signer::with(&mkey);
+		hmac.update(cipher_with_iv);
+		hmac.update(auth_data);
+		let mac = hmac.sign();
+
+		if !is_equal(&mac.as_ref()[..], msg_mac) {
+			return Err(Error::InvalidMessage);
+		}
+
+		let mut msg = vec![0u8; clen];
+		aes::decrypt_128_ctr(ekey, cipher_iv, cipher_no_iv, &mut msg[..])?;
+		Ok(msg)
+	}
+
+	fn kdf(secret: &Secret, s1: &[u8], dest: &mut [u8]) {
+		// SEC/ISO/Shoup specify counter size SHOULD be equivalent
+		// to size of hash output, however, it also notes that
+		// the 4 bytes is okay. NIST specifies 4 bytes.
+		let mut ctr = 1u32;
+		let mut written = 0usize;
+		while written < dest.len() {
+			let mut hasher = digest::Hasher::sha256();
+			let ctrs = [(ctr >> 24) as u8, (ctr >> 16) as u8, (ctr >> 8) as u8, ctr as u8];
+			hasher.update(&ctrs);
+			hasher.update(secret);
+			hasher.update(s1);
+			let d = hasher.finish();
+			&mut dest[written..(written + 32)].copy_from_slice(&d);
+			written += 32;
+			ctr += 1;
+		}
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::ecies;
+	use {Random, Generator};
+
+	#[test]
+	fn ecies_shared() {
+		let kp = Random.generate().unwrap();
+		let message = b"So many books, so little time";
+
+		let shared = b"shared";
+		let wrong_shared = b"incorrect";
+		let encrypted = ecies::encrypt(kp.public(), shared, message).unwrap();
+		assert!(encrypted[..] != message[..]);
+		assert_eq!(encrypted[0], 0x04);
+
+		assert!(ecies::decrypt(kp.secret(), wrong_shared, &encrypted).is_err());
+		let decrypted = ecies::decrypt(kp.secret(), shared, &encrypted).unwrap();
+		assert_eq!(decrypted[..message.len()], message[..]);
+	}
+}

accounts/ethkey/src/error.rs

@@ -0,0 +1,81 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{fmt, error};
+
+#[derive(Debug)]
+/// Crypto error
+pub enum Error {
+	/// Invalid secret key
+	InvalidSecret,
+	/// Invalid public key
+	InvalidPublic,
+	/// Invalid address
+	InvalidAddress,
+	/// Invalid EC signature
+	InvalidSignature,
+	/// Invalid AES message
+	InvalidMessage,
+	/// IO Error
+	Io(::std::io::Error),
+	/// Custom
+	Custom(String),
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+		let msg = match *self {
+			Error::InvalidSecret => "Invalid secret".into(),
+			Error::InvalidPublic => "Invalid public".into(),
+			Error::InvalidAddress => "Invalid address".into(),
+			Error::InvalidSignature => "Invalid EC signature".into(),
+			Error::InvalidMessage => "Invalid AES message".into(),
+			Error::Io(ref err) => format!("I/O error: {}", err),
+			Error::Custom(ref s) => s.clone(),
+		};
+
+		f.write_fmt(format_args!("Crypto error ({})", msg))
+	}
+}
+
+impl error::Error for Error {
+	fn description(&self) -> &str {
+		"Crypto error"
+	}
+}
+
+impl Into<String> for Error {
+	fn into(self) -> String {
+		format!("{}", self)
+	}
+}
+
+impl From<::secp256k1::Error> for Error {
+	fn from(e: ::secp256k1::Error) -> Error {
+		match e {
+			::secp256k1::Error::InvalidMessage => Error::InvalidMessage,
+			::secp256k1::Error::InvalidPublicKey => Error::InvalidPublic,
+			::secp256k1::Error::InvalidSecretKey => Error::InvalidSecret,
+			_ => Error::InvalidSignature,
+		}
+	}
+}
+
+impl From<::std::io::Error> for Error {
+	fn from(err: ::std::io::Error) -> Error {
+		Error::Io(err)
+	}
+}

accounts/ethkey/src/extended.rs

@@ -0,0 +1,501 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Extended keys
+
+use secret::Secret;
+use Public;
+use ethereum_types::H256;
+pub use self::derivation::Error as DerivationError;
+
+/// Represents label that can be stored as a part of key derivation
+pub trait Label {
+	/// Length of the data that label occupies
+	fn len() -> usize;
+
+	/// Store label data to the key derivation sequence
+	/// Must not use more than `len()` bytes from slice
+	fn store(&self, target: &mut [u8]);
+}
+
+impl Label for u32 {
+	fn len() -> usize { 4 }
+
+	fn store(&self, target: &mut [u8]) {
+		use byteorder::{BigEndian, ByteOrder};
+
+		BigEndian::write_u32(&mut target[0..4], *self);
+	}
+}
+
+/// Key derivation over generic label `T`
+pub enum Derivation<T: Label> {
+	/// Soft key derivation (allow proof of parent)
+	Soft(T),
+	/// Hard key derivation (does not allow proof of parent)
+	Hard(T),
+}
+
+impl From<u32> for Derivation<u32> {
+	fn from(index: u32) -> Self {
+		if index < (2 << 30) {
+			Derivation::Soft(index)
+		}
+		else {
+			Derivation::Hard(index)
+		}
+	}
+}
+
+impl Label for H256 {
+	fn len() -> usize { 32 }
+
+	fn store(&self, target: &mut [u8]) {
+		self.copy_to(&mut target[0..32]);
+	}
+}
+
+/// Extended secret key, allows deterministic derivation of subsequent keys.
+pub struct ExtendedSecret {
+	secret: Secret,
+	chain_code: H256,
+}
+
+impl ExtendedSecret {
+	/// New extended key from given secret and chain code.
+	pub fn with_code(secret: Secret, chain_code: H256) -> ExtendedSecret {
+		ExtendedSecret {
+			secret: secret,
+			chain_code: chain_code,
+		}
+	}
+
+	/// New extended key from given secret with the random chain code.
+	pub fn new_random(secret: Secret) -> ExtendedSecret {
+		ExtendedSecret::with_code(secret, H256::random())
+	}
+
+	/// New extended key from given secret.
+	/// Chain code will be derived from the secret itself (in a deterministic way).
+	pub fn new(secret: Secret) -> ExtendedSecret {
+		let chain_code = derivation::chain_code(*secret);
+		ExtendedSecret::with_code(secret, chain_code)
+	}
+
+	/// Derive new private key
+	pub fn derive<T>(&self, index: Derivation<T>) -> ExtendedSecret where T: Label {
+		let (derived_key, next_chain_code) = derivation::private(*self.secret, self.chain_code, index);
+
+		let derived_secret = Secret::from(derived_key.0);
+
+		ExtendedSecret::with_code(derived_secret, next_chain_code)
+	}
+
+	/// Private key component of the extended key.
+	pub fn as_raw(&self) -> &Secret {
+		&self.secret
+	}
+}
+
+/// Extended public key, allows deterministic derivation of subsequent keys.
+pub struct ExtendedPublic {
+	public: Public,
+	chain_code: H256,
+}
+
+impl ExtendedPublic {
+	/// New extended public key from known parent and chain code
+	pub fn new(public: Public, chain_code: H256) -> Self {
+		ExtendedPublic { public: public, chain_code: chain_code }
+	}
+
+	/// Create new extended public key from known secret
+	pub fn from_secret(secret: &ExtendedSecret) -> Result<Self, DerivationError> {
+		Ok(
+			ExtendedPublic::new(
+				derivation::point(**secret.as_raw())?,
+				secret.chain_code.clone(),
+			)
+		)
+	}
+
+	/// Derive new public key
+	/// Operation is defined only for index belongs [0..2^31)
+	pub fn derive<T>(&self, index: Derivation<T>) -> Result<Self, DerivationError> where T: Label {
+		let (derived_key, next_chain_code) = derivation::public(self.public, self.chain_code, index)?;
+		Ok(ExtendedPublic::new(derived_key, next_chain_code))
+	}
+
+	pub fn public(&self) -> &Public {
+		&self.public
+	}
+}
+
+pub struct ExtendedKeyPair {
+	secret: ExtendedSecret,
+	public: ExtendedPublic,
+}
+
+impl ExtendedKeyPair {
+	pub fn new(secret: Secret) -> Self {
+		let extended_secret = ExtendedSecret::new(secret);
+		let extended_public = ExtendedPublic::from_secret(&extended_secret)
+			.expect("Valid `Secret` always produces valid public; qed");
+		ExtendedKeyPair {
+			secret: extended_secret,
+			public: extended_public,
+		}
+	}
+
+	pub fn with_code(secret: Secret, public: Public, chain_code: H256) -> Self {
+		ExtendedKeyPair {
+			secret: ExtendedSecret::with_code(secret, chain_code.clone()),
+			public: ExtendedPublic::new(public, chain_code),
+		}
+	}
+
+	pub fn with_secret(secret: Secret, chain_code: H256) -> Self {
+		let extended_secret = ExtendedSecret::with_code(secret, chain_code);
+		let extended_public = ExtendedPublic::from_secret(&extended_secret)
+			.expect("Valid `Secret` always produces valid public; qed");
+		ExtendedKeyPair {
+			secret: extended_secret,
+			public: extended_public,
+		}
+	}
+
+	pub fn with_seed(seed: &[u8]) -> Result<ExtendedKeyPair, DerivationError> {
+		let (master_key, chain_code) = derivation::seed_pair(seed);
+		Ok(ExtendedKeyPair::with_secret(
+			Secret::from_unsafe_slice(&*master_key).map_err(|_| DerivationError::InvalidSeed)?,
+			chain_code,
+		))
+	}
+
+	pub fn secret(&self) -> &ExtendedSecret {
+		&self.secret
+	}
+
+	pub fn public(&self) -> &ExtendedPublic {
+		&self.public
+	}
+
+	pub fn derive<T>(&self, index: Derivation<T>) -> Result<Self, DerivationError> where T: Label {
+		let derived = self.secret.derive(index);
+
+		Ok(ExtendedKeyPair {
+			public: ExtendedPublic::from_secret(&derived)?,
+			secret: derived,
+		})
+	}
+}
+
+// Derivation functions for private and public keys
+// Work is based on BIP0032
+// https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki
+mod derivation {
+	use parity_crypto::hmac;
+	use ethereum_types::{U256, U512, H512, H256};
+	use secp256k1::key::{SecretKey, PublicKey};
+	use SECP256K1;
+	use keccak;
+	use math::curve_order;
+	use super::{Label, Derivation};
+
+	#[derive(Debug)]
+	pub enum Error {
+		InvalidHardenedUse,
+		InvalidPoint,
+		MissingIndex,
+		InvalidSeed,
+	}
+
+	// Deterministic derivation of the key using secp256k1 elliptic curve.
+	// Derivation can be either hardened or not.
+	// For hardened derivation, pass u32 index at least 2^31 or custom Derivation::Hard(T) enum
+	//
+	// Can panic if passed `private_key` is not a valid secp256k1 private key
+	// (outside of (0..curve_order()]) field
+	pub fn private<T>(private_key: H256, chain_code: H256, index: Derivation<T>) -> (H256, H256) where T: Label {
+		match index {
+			Derivation::Soft(index) => private_soft(private_key, chain_code, index),
+			Derivation::Hard(index) => private_hard(private_key, chain_code, index),
+		}
+	}
+
+	fn hmac_pair(data: &[u8], private_key: H256, chain_code: H256) -> (H256, H256) {
+		let private: U256 = private_key.into();
+
+		// produces 512-bit derived hmac (I)
+		let skey = hmac::SigKey::sha512(&*chain_code);
+		let i_512 = hmac::sign(&skey, &data[..]);
+
+		// left most 256 bits are later added to original private key
+		let hmac_key: U256 = H256::from_slice(&i_512[0..32]).into();
+		// right most 256 bits are new chain code for later derivations
+		let next_chain_code = H256::from(&i_512[32..64]);
+
+		let child_key = private_add(hmac_key, private).into();
+		(child_key, next_chain_code)
+	}
+
+	// Can panic if passed `private_key` is not a valid secp256k1 private key
+	// (outside of (0..curve_order()]) field
+	fn private_soft<T>(private_key: H256, chain_code: H256, index: T) -> (H256, H256) where T: Label {
+		let mut data = vec![0u8; 33 + T::len()];
+
+		let sec_private = SecretKey::from_slice(&SECP256K1, &*private_key)
+			.expect("Caller should provide valid private key");
+		let sec_public = PublicKey::from_secret_key(&SECP256K1, &sec_private)
+			.expect("Caller should provide valid private key");
+		let public_serialized = sec_public.serialize_vec(&SECP256K1, true);
+
+		// curve point (compressed public key) --  index
+		//             0.33                    --  33..end
+		data[0..33].copy_from_slice(&public_serialized);
+		index.store(&mut data[33..]);
+
+		hmac_pair(&data, private_key, chain_code)
+	}
+
+	// Deterministic derivation of the key using secp256k1 elliptic curve
+	// This is hardened derivation and does not allow to associate
+	// corresponding public keys of the original and derived private keys
+	fn private_hard<T>(private_key: H256, chain_code: H256, index: T) -> (H256, H256) where T: Label {
+		let mut data: Vec<u8> = vec![0u8; 33 + T::len()];
+		let private: U256 = private_key.into();
+
+		// 0x00 (padding) -- private_key --  index
+		//  0             --    1..33    -- 33..end
+		private.to_big_endian(&mut data[1..33]);
+		index.store(&mut data[33..(33 + T::len())]);
+
+		hmac_pair(&data, private_key, chain_code)
+	}
+
+	fn private_add(k1: U256, k2: U256) -> U256 {
+		let sum = U512::from(k1) + U512::from(k2);
+		modulo(sum, curve_order())
+	}
+
+	// todo: surely can be optimized
+	fn modulo(u1: U512, u2: U256) -> U256 {
+		let dv = u1 / U512::from(u2);
+		let md = u1 - (dv * U512::from(u2));
+		md.into()
+	}
+
+	pub fn public<T>(public_key: H512, chain_code: H256, derivation: Derivation<T>) -> Result<(H512, H256), Error> where T: Label {
+		let index = match derivation {
+			Derivation::Soft(index) => index,
+			Derivation::Hard(_) => { return Err(Error::InvalidHardenedUse); }
+		};
+
+		let mut public_sec_raw = [0u8; 65];
+		public_sec_raw[0] = 4;
+		public_sec_raw[1..65].copy_from_slice(&*public_key);
+		let public_sec = PublicKey::from_slice(&SECP256K1, &public_sec_raw).map_err(|_| Error::InvalidPoint)?;
+		let public_serialized = public_sec.serialize_vec(&SECP256K1, true);
+
+		let mut data = vec![0u8; 33 + T::len()];
+		// curve point (compressed public key) --  index
+		//             0.33                    --  33..end
+		data[0..33].copy_from_slice(&public_serialized);
+		index.store(&mut data[33..(33 + T::len())]);
+
+		// HMAC512SHA produces [derived private(256); new chain code(256)]
+		let skey = hmac::SigKey::sha512(&*chain_code);
+		let i_512 = hmac::sign(&skey, &data[..]);
+
+		let new_private = H256::from(&i_512[0..32]);
+		let new_chain_code = H256::from(&i_512[32..64]);
+
+		// Generated private key can (extremely rarely) be out of secp256k1 key field
+		if curve_order() <= new_private.clone().into() { return Err(Error::MissingIndex); }
+		let new_private_sec = SecretKey::from_slice(&SECP256K1, &*new_private)
+			.expect("Private key belongs to the field [0..CURVE_ORDER) (checked above); So initializing can never fail; qed");
+		let mut new_public = PublicKey::from_secret_key(&SECP256K1, &new_private_sec)
+			.expect("Valid private key produces valid public key");
+
+		// Adding two points on the elliptic curves (combining two public keys)
+		new_public.add_assign(&SECP256K1, &public_sec)
+			.expect("Addition of two valid points produce valid point");
+
+		let serialized = new_public.serialize_vec(&SECP256K1, false);
+
+		Ok((
+			H512::from(&serialized[1..65]),
+			new_chain_code,
+		))
+	}
+
+	fn sha3(slc: &[u8]) -> H256 {
+		keccak::Keccak256::keccak256(slc).into()
+	}
+
+	pub fn chain_code(secret: H256) -> H256 {
+		// 10,000 rounds of sha3
+		let mut running_sha3 = sha3(&*secret);
+		for _ in 0..99999 { running_sha3 = sha3(&*running_sha3); }
+		running_sha3
+	}
+
+	pub fn point(secret: H256) -> Result<H512, Error> {
+		let sec = SecretKey::from_slice(&SECP256K1, &*secret)
+			.map_err(|_| Error::InvalidPoint)?;
+		let public_sec = PublicKey::from_secret_key(&SECP256K1, &sec)
+			.map_err(|_| Error::InvalidPoint)?;
+		let serialized = public_sec.serialize_vec(&SECP256K1, false);
+		Ok(H512::from(&serialized[1..65]))
+	}
+
+	pub fn seed_pair(seed: &[u8]) -> (H256, H256) {
+		let skey = hmac::SigKey::sha512(b"Bitcoin seed");
+		let i_512 = hmac::sign(&skey, seed);
+
+		let master_key = H256::from_slice(&i_512[0..32]);
+		let chain_code = H256::from_slice(&i_512[32..64]);
+
+		(master_key, chain_code)
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::{ExtendedSecret, ExtendedPublic, ExtendedKeyPair};
+	use secret::Secret;
+	use std::str::FromStr;
+	use ethereum_types::{H128, H256};
+	use super::{derivation, Derivation};
+
+	fn master_chain_basic() -> (H256, H256) {
+		let seed = H128::from_str("000102030405060708090a0b0c0d0e0f")
+			.expect("Seed should be valid H128")
+			.to_vec();
+
+		derivation::seed_pair(&*seed)
+	}
+
+	fn test_extended<F>(f: F, test_private: H256) where F: Fn(ExtendedSecret) -> ExtendedSecret {
+		let (private_seed, chain_code) = master_chain_basic();
+		let extended_secret = ExtendedSecret::with_code(Secret::from(private_seed.0), chain_code);
+		let derived = f(extended_secret);
+		assert_eq!(**derived.as_raw(), test_private);
+	}
+
+	#[test]
+	fn smoky() {
+		let secret = Secret::from_str("a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65").unwrap();
+		let extended_secret = ExtendedSecret::with_code(secret.clone(), 0u64.into());
+
+		// hardened
+		assert_eq!(&**extended_secret.as_raw(), &*secret);
+		assert_eq!(&**extended_secret.derive(2147483648.into()).as_raw(), &"0927453daed47839608e414a3738dfad10aed17c459bbd9ab53f89b026c834b6".into());
+		assert_eq!(&**extended_secret.derive(2147483649.into()).as_raw(), &"44238b6a29c6dcbe9b401364141ba11e2198c289a5fed243a1c11af35c19dc0f".into());
+
+		// normal
+		assert_eq!(&**extended_secret.derive(0.into()).as_raw(), &"bf6a74e3f7b36fc4c96a1e12f31abc817f9f5904f5a8fc27713163d1f0b713f6".into());
+		assert_eq!(&**extended_secret.derive(1.into()).as_raw(), &"bd4fca9eb1f9c201e9448c1eecd66e302d68d4d313ce895b8c134f512205c1bc".into());
+		assert_eq!(&**extended_secret.derive(2.into()).as_raw(), &"86932b542d6cab4d9c65490c7ef502d89ecc0e2a5f4852157649e3251e2a3268".into());
+
+		let extended_public = ExtendedPublic::from_secret(&extended_secret).expect("Extended public should be created");
+		let derived_public = extended_public.derive(0.into()).expect("First derivation of public should succeed");
+		assert_eq!(&*derived_public.public(), &"f7b3244c96688f92372bfd4def26dc4151529747bab9f188a4ad34e141d47bd66522ff048bc6f19a0a4429b04318b1a8796c000265b4fa200dae5f6dda92dd94".into());
+
+		let keypair = ExtendedKeyPair::with_secret(
+			Secret::from_str("a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65").unwrap(),
+			064.into(),
+		);
+		assert_eq!(&**keypair.derive(2147483648u32.into()).expect("Derivation of keypair should succeed").secret().as_raw(), &"edef54414c03196557cf73774bc97a645c9a1df2164ed34f0c2a78d1375a930c".into());
+	}
+
+	#[test]
+	fn h256_soft_match() {
+		let secret = Secret::from_str("a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65").unwrap();
+		let derivation_secret = H256::from_str("51eaf04f9dbbc1417dc97e789edd0c37ecda88bac490434e367ea81b71b7b015").unwrap();
+
+		let extended_secret = ExtendedSecret::with_code(secret.clone(), 0u64.into());
+		let extended_public = ExtendedPublic::from_secret(&extended_secret).expect("Extended public should be created");
+
+		let derived_secret0 = extended_secret.derive(Derivation::Soft(derivation_secret));
+		let derived_public0 = extended_public.derive(Derivation::Soft(derivation_secret)).expect("First derivation of public should succeed");
+
+		let public_from_secret0 = ExtendedPublic::from_secret(&derived_secret0).expect("Extended public should be created");
+
+		assert_eq!(public_from_secret0.public(), derived_public0.public());
+	}
+
+	#[test]
+	fn h256_hard() {
+		let secret = Secret::from_str("a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65").unwrap();
+		let derivation_secret = H256::from_str("51eaf04f9dbbc1417dc97e789edd0c37ecda88bac490434e367ea81b71b7b015").unwrap();
+		let extended_secret = ExtendedSecret::with_code(secret.clone(), 1u64.into());
+
+		assert_eq!(&**extended_secret.derive(Derivation::Hard(derivation_secret)).as_raw(), &"2bc2d696fb744d77ff813b4a1ef0ad64e1e5188b622c54ba917acc5ebc7c5486".into());
+	}
+
+	#[test]
+	fn match_() {
+		let secret = Secret::from_str("a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65").unwrap();
+		let extended_secret = ExtendedSecret::with_code(secret.clone(), 1.into());
+		let extended_public = ExtendedPublic::from_secret(&extended_secret).expect("Extended public should be created");
+
+		let derived_secret0 = extended_secret.derive(0.into());
+		let derived_public0 = extended_public.derive(0.into()).expect("First derivation of public should succeed");
+
+		let public_from_secret0 = ExtendedPublic::from_secret(&derived_secret0).expect("Extended public should be created");
+
+		assert_eq!(public_from_secret0.public(), derived_public0.public());
+	}
+
+	#[test]
+	fn test_seeds() {
+		let seed = H128::from_str("000102030405060708090a0b0c0d0e0f")
+			.expect("Seed should be valid H128")
+			.to_vec();
+
+		// private key from bitcoin test vector
+		// xprv9wTYmMFdV23N2TdNG573QoEsfRrWKQgWeibmLntzniatZvR9BmLnvSxqu53Kw1UmYPxLgboyZQaXwTCg8MSY3H2EU4pWcQDnRnrVA1xe8fs
+		let test_private = H256::from_str("e8f32e723decf4051aefac8e2c93c9c5b214313817cdb01a1494b917c8436b35")
+			.expect("Private should be decoded ok");
+
+		let (private_seed, _) = derivation::seed_pair(&*seed);
+
+		assert_eq!(private_seed, test_private);
+	}
+
+	#[test]
+	fn test_vector_1() {
+		// xprv9uHRZZhk6KAJC1avXpDAp4MDc3sQKNxDiPvvkX8Br5ngLNv1TxvUxt4cV1rGL5hj6KCesnDYUhd7oWgT11eZG7XnxHrnYeSvkzY7d2bhkJ7
+		// H(0)
+		test_extended(
+			|secret| secret.derive(2147483648.into()),
+			H256::from_str("edb2e14f9ee77d26dd93b4ecede8d16ed408ce149b6cd80b0715a2d911a0afea")
+				.expect("Private should be decoded ok")
+		);
+	}
+
+	#[test]
+	fn test_vector_2() {
+		// xprv9wTYmMFdV23N2TdNG573QoEsfRrWKQgWeibmLntzniatZvR9BmLnvSxqu53Kw1UmYPxLgboyZQaXwTCg8MSY3H2EU4pWcQDnRnrVA1xe8fs
+		// H(0)/1
+		test_extended(
+			|secret| secret.derive(2147483648.into()).derive(1.into()),
+			H256::from_str("3c6cb8d0f6a264c91ea8b5030fadaa8e538b020f0a387421a12de9319dc93368")
+				.expect("Private should be decoded ok")
+		);
+	}
+}

accounts/ethkey/src/keccak.rs

@@ -0,0 +1,31 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use tiny_keccak::Keccak;
+
+pub trait Keccak256<T> {
+	fn keccak256(&self) -> T where T: Sized;
+}
+
+impl Keccak256<[u8; 32]> for [u8] {
+	fn keccak256(&self) -> [u8; 32] {
+		let mut keccak = Keccak::new_keccak256();
+		let mut result = [0u8; 32];
+		keccak.update(self);
+		keccak.finalize(&mut result);
+		result
+	}
+}

accounts/ethkey/src/keypair.rs

@@ -0,0 +1,115 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use secp256k1::key;
+use rustc_hex::ToHex;
+use keccak::Keccak256;
+use super::{Secret, Public, Address, SECP256K1, Error};
+
+pub fn public_to_address(public: &Public) -> Address {
+	let hash = public.keccak256();
+	let mut result = Address::default();
+	result.copy_from_slice(&hash[12..]);
+	result
+}
+
+#[derive(Debug, Clone, PartialEq)]
+/// secp256k1 key pair
+pub struct KeyPair {
+	secret: Secret,
+	public: Public,
+}
+
+impl fmt::Display for KeyPair {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		writeln!(f, "secret:  {}", self.secret.to_hex())?;
+		writeln!(f, "public:  {}", self.public.to_hex())?;
+		write!(f, "address: {}", self.address().to_hex())
+	}
+}
+
+impl KeyPair {
+	/// Create a pair from secret key
+	pub fn from_secret(secret: Secret) -> Result<KeyPair, Error> {
+		let context = &SECP256K1;
+		let s: key::SecretKey = key::SecretKey::from_slice(context, &secret[..])?;
+		let pub_key = key::PublicKey::from_secret_key(context, &s)?;
+		let serialized = pub_key.serialize_vec(context, false);
+
+		let mut public = Public::default();
+		public.copy_from_slice(&serialized[1..65]);
+
+		let keypair = KeyPair {
+			secret: secret,
+			public: public,
+		};
+
+		Ok(keypair)
+	}
+
+	pub fn from_secret_slice(slice: &[u8]) -> Result<KeyPair, Error> {
+		Self::from_secret(Secret::from_unsafe_slice(slice)?)
+	}
+
+	pub fn from_keypair(sec: key::SecretKey, publ: key::PublicKey) -> Self {
+		let context = &SECP256K1;
+		let serialized = publ.serialize_vec(context, false);
+		let secret = Secret::from(sec);
+		let mut public = Public::default();
+		public.copy_from_slice(&serialized[1..65]);
+
+		KeyPair {
+			secret: secret,
+			public: public,
+		}
+	}
+
+	pub fn secret(&self) -> &Secret {
+		&self.secret
+	}
+
+	pub fn public(&self) -> &Public {
+		&self.public
+	}
+
+	pub fn address(&self) -> Address {
+		public_to_address(&self.public)
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use std::str::FromStr;
+	use {KeyPair, Secret};
+
+	#[test]
+	fn from_secret() {
+		let secret = Secret::from_str("a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65").unwrap();
+		let _ = KeyPair::from_secret(secret).unwrap();
+	}
+
+	#[test]
+	fn keypair_display() {
+		let expected =
+"secret:  a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65
+public:  8ce0db0b0359ffc5866ba61903cc2518c3675ef2cf380a7e54bde7ea20e6fa1ab45b7617346cd11b7610001ee6ae5b0155c41cad9527cbcdff44ec67848943a4
+address: 5b073e9233944b5e729e46d618f0d8edf3d9c34a".to_owned();
+		let secret = Secret::from_str("a100df7a048e50ed308ea696dc600215098141cb391e9527329df289f9383f65").unwrap();
+		let kp = KeyPair::from_secret(secret).unwrap();
+		assert_eq!(format!("{}", kp), expected);
+	}
+}

accounts/ethkey/src/lib.rs

@@ -0,0 +1,88 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+// #![warn(missing_docs)]
+
+extern crate byteorder;
+extern crate edit_distance;
+extern crate parity_crypto;
+extern crate ethereum_types;
+extern crate memzero;
+extern crate parity_wordlist;
+#[macro_use]
+extern crate quick_error;
+extern crate rand;
+extern crate rustc_hex;
+extern crate secp256k1;
+extern crate serde;
+extern crate tiny_keccak;
+
+#[macro_use]
+extern crate lazy_static;
+#[macro_use]
+extern crate log;
+#[macro_use]
+extern crate serde_derive;
+
+mod brain;
+mod brain_prefix;
+mod error;
+mod keypair;
+mod keccak;
+mod password;
+mod prefix;
+mod random;
+mod signature;
+mod secret;
+mod extended;
+
+pub mod brain_recover;
+pub mod crypto;
+pub mod math;
+
+pub use self::parity_wordlist::Error as WordlistError;
+pub use self::brain::Brain;
+pub use self::brain_prefix::BrainPrefix;
+pub use self::error::Error;
+pub use self::keypair::{KeyPair, public_to_address};
+pub use self::math::public_is_valid;
+pub use self::password::Password;
+pub use self::prefix::Prefix;
+pub use self::random::Random;
+pub use self::signature::{sign, verify_public, verify_address, recover, Signature};
+pub use self::secret::Secret;
+pub use self::extended::{ExtendedPublic, ExtendedSecret, ExtendedKeyPair, DerivationError, Derivation};
+
+use ethereum_types::H256;
+
+pub use ethereum_types::{Address, Public};
+pub type Message = H256;
+
+lazy_static! {
+	pub static ref SECP256K1: secp256k1::Secp256k1 = secp256k1::Secp256k1::new();
+}
+
+/// Uninstantiatable error type for infallible generators.
+#[derive(Debug)]
+pub enum Void {}
+
+/// Generates new keypair.
+pub trait Generator {
+	type Error;
+
+	/// Should be called to generate new keypair.
+	fn generate(&mut self) -> Result<KeyPair, Self::Error>;
+}

accounts/ethkey/src/math.rs

@@ -0,0 +1,129 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use super::{SECP256K1, Public, Secret, Error};
+use secp256k1::key;
+use secp256k1::constants::{GENERATOR_X, GENERATOR_Y, CURVE_ORDER};
+use ethereum_types::{U256, H256};
+
+/// Whether the public key is valid.
+pub fn public_is_valid(public: &Public) -> bool {
+	to_secp256k1_public(public).ok()
+		.map_or(false, |p| p.is_valid())
+}
+
+/// Inplace multiply public key by secret key (EC point * scalar)
+pub fn public_mul_secret(public: &mut Public, secret: &Secret) -> Result<(), Error> {
+	let key_secret = secret.to_secp256k1_secret()?;
+	let mut key_public = to_secp256k1_public(public)?;
+	key_public.mul_assign(&SECP256K1, &key_secret)?;
+	set_public(public, &key_public);
+	Ok(())
+}
+
+/// Inplace add one public key to another (EC point + EC point)
+pub fn public_add(public: &mut Public, other: &Public) -> Result<(), Error> {
+	let mut key_public = to_secp256k1_public(public)?;
+	let other_public = to_secp256k1_public(other)?;
+	key_public.add_assign(&SECP256K1, &other_public)?;
+	set_public(public, &key_public);
+	Ok(())
+}
+
+/// Inplace sub one public key from another (EC point - EC point)
+pub fn public_sub(public: &mut Public, other: &Public) -> Result<(), Error> {
+	let mut key_neg_other = to_secp256k1_public(other)?;
+	key_neg_other.mul_assign(&SECP256K1, &key::MINUS_ONE_KEY)?;
+
+	let mut key_public = to_secp256k1_public(public)?;
+	key_public.add_assign(&SECP256K1, &key_neg_other)?;
+	set_public(public, &key_public);
+	Ok(())
+}
+
+/// Replace public key with its negation (EC point = - EC point)
+pub fn public_negate(public: &mut Public) -> Result<(), Error> {
+	let mut key_public = to_secp256k1_public(public)?;
+	key_public.mul_assign(&SECP256K1, &key::MINUS_ONE_KEY)?;
+	set_public(public, &key_public);
+	Ok(())
+}
+
+/// Return base point of secp256k1
+pub fn generation_point() -> Public {
+	let mut public_sec_raw = [0u8; 65];
+	public_sec_raw[0] = 4;
+	public_sec_raw[1..33].copy_from_slice(&GENERATOR_X);
+	public_sec_raw[33..65].copy_from_slice(&GENERATOR_Y);
+
+	let public_key = key::PublicKey::from_slice(&SECP256K1, &public_sec_raw)
+		.expect("constructing using predefined constants; qed");
+	let mut public = Public::default();
+	set_public(&mut public, &public_key);
+	public
+}
+
+/// Return secp256k1 elliptic curve order
+pub fn curve_order() -> U256 {
+	H256::from_slice(&CURVE_ORDER).into()
+}
+
+fn to_secp256k1_public(public: &Public) -> Result<key::PublicKey, Error> {
+	let public_data = {
+		let mut temp = [4u8; 65];
+		(&mut temp[1..65]).copy_from_slice(&public[0..64]);
+		temp
+	};
+
+	Ok(key::PublicKey::from_slice(&SECP256K1, &public_data)?)
+}
+
+fn set_public(public: &mut Public, key_public: &key::PublicKey) {
+	let key_public_serialized = key_public.serialize_vec(&SECP256K1, false);
+	public.copy_from_slice(&key_public_serialized[1..65]);
+}
+
+#[cfg(test)]
+mod tests {
+	use super::super::{Random, Generator};
+	use super::{public_add, public_sub};
+
+	#[test]
+	fn public_addition_is_commutative() {
+		let public1 = Random.generate().unwrap().public().clone();
+		let public2 = Random.generate().unwrap().public().clone();
+
+		let mut left = public1.clone();
+		public_add(&mut left, &public2).unwrap();
+
+		let mut right = public2.clone();
+		public_add(&mut right, &public1).unwrap();
+
+		assert_eq!(left, right);
+	}
+
+	#[test]
+	fn public_addition_is_reversible_with_subtraction() {
+		let public1 = Random.generate().unwrap().public().clone();
+		let public2 = Random.generate().unwrap().public().clone();
+
+		let mut sum = public1.clone();
+		public_add(&mut sum, &public2).unwrap();
+		public_sub(&mut sum, &public2).unwrap();
+
+		assert_eq!(sum, public1);
+	}
+}

accounts/ethkey/src/password.rs

@@ -0,0 +1,59 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{fmt, ptr};
+
+#[derive(Clone, PartialEq, Eq, Serialize, Deserialize)]
+pub struct Password(String);
+
+impl fmt::Debug for Password {
+	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "Password(******)")
+    }
+}
+
+impl Password {
+	pub fn as_bytes(&self) -> &[u8] {
+		self.0.as_bytes()
+	}
+
+	pub fn as_str(&self) -> &str {
+		self.0.as_str()
+	}
+}
+
+// Custom drop impl to zero out memory.
+impl Drop for Password {
+	fn drop(&mut self) {
+		unsafe {
+			for byte_ref in self.0.as_mut_vec() {
+				ptr::write_volatile(byte_ref, 0)
+			}
+		}
+	}
+}
+
+impl From<String> for Password {
+	fn from(s: String) -> Password {
+		Password(s)
+	}
+}
+
+impl<'a> From<&'a str> for Password {
+	fn from(s: &'a str) -> Password {
+		Password::from(String::from(s))
+	}
+}

accounts/ethkey/src/prefix.rs

@@ -0,0 +1,59 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use super::{Random, Generator, KeyPair, Error};
+
+/// Tries to find keypair with address starting with given prefix.
+pub struct Prefix {
+	prefix: Vec<u8>,
+	iterations: usize,
+}
+
+impl Prefix {
+	pub fn new(prefix: Vec<u8>, iterations: usize) -> Self {
+		Prefix {
+			prefix: prefix,
+			iterations: iterations,
+		}
+	}
+}
+
+impl Generator for Prefix {
+	type Error = Error;
+
+	fn generate(&mut self) -> Result<KeyPair, Error> {
+		for _ in 0..self.iterations {
+			let keypair = Random.generate()?;
+			if keypair.address().starts_with(&self.prefix) {
+				return Ok(keypair)
+			}
+		}
+
+		Err(Error::Custom("Could not find keypair".into()))
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use {Generator, Prefix};
+
+	#[test]
+	fn prefix_generator() {
+		let prefix = vec![0xffu8];
+		let keypair = Prefix::new(prefix.clone(), usize::max_value()).generate().unwrap();
+		assert!(keypair.address().starts_with(&prefix));
+	}
+}

accounts/ethkey/src/random.rs

@@ -0,0 +1,44 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use rand::os::OsRng;
+use super::{Generator, KeyPair, SECP256K1};
+
+/// Randomly generates new keypair, instantiating the RNG each time.
+pub struct Random;
+
+impl Generator for Random {
+	type Error = ::std::io::Error;
+
+	fn generate(&mut self) -> Result<KeyPair, Self::Error> {
+		let mut rng = OsRng::new()?;
+		match rng.generate() {
+			Ok(pair) => Ok(pair),
+			Err(void) => match void {}, // LLVM unreachable
+		}
+	}
+}
+
+impl Generator for OsRng {
+	type Error = ::Void;
+
+	fn generate(&mut self) -> Result<KeyPair, Self::Error> {
+		let (sec, publ) = SECP256K1.generate_keypair(self)
+			.expect("context always created with full capabilities; qed");
+
+		Ok(KeyPair::from_keypair(sec, publ))
+	}
+}

accounts/ethkey/src/secret.rs

@@ -0,0 +1,298 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use std::ops::Deref;
+use std::str::FromStr;
+use rustc_hex::ToHex;
+use secp256k1::constants::{SECRET_KEY_SIZE as SECP256K1_SECRET_KEY_SIZE};
+use secp256k1::key;
+use ethereum_types::H256;
+use memzero::Memzero;
+use {Error, SECP256K1};
+
+#[derive(Clone, PartialEq, Eq)]
+pub struct Secret {
+	inner: Memzero<H256>,
+}
+
+impl ToHex for Secret {
+	fn to_hex(&self) -> String {
+		format!("{:x}", *self.inner)
+	}
+}
+
+impl fmt::LowerHex for Secret {
+	fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+		self.inner.fmt(fmt)
+	}
+}
+
+impl fmt::Debug for Secret {
+	fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+		self.inner.fmt(fmt)
+	}
+}
+
+impl fmt::Display for Secret {
+	fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+		write!(fmt, "Secret: 0x{:x}{:x}..{:x}{:x}", self.inner[0], self.inner[1], self.inner[30], self.inner[31])
+	}
+}
+
+impl Secret {
+	/// Creates a `Secret` from the given slice, returning `None` if the slice length != 32.
+	pub fn from_slice(key: &[u8]) -> Option<Self> {
+		if key.len() != 32 {
+			return None
+		}
+		let mut h = H256::default();
+		h.copy_from_slice(&key[0..32]);
+		Some(Secret { inner: Memzero::from(h) })
+	}
+
+	/// Creates zero key, which is invalid for crypto operations, but valid for math operation.
+	pub fn zero() -> Self {
+		Secret { inner: Memzero::from(H256::default()) }
+	}
+
+	/// Imports and validates the key.
+	pub fn from_unsafe_slice(key: &[u8]) -> Result<Self, Error> {
+		let secret = key::SecretKey::from_slice(&super::SECP256K1, key)?;
+		Ok(secret.into())
+	}
+
+	/// Checks validity of this key.
+	pub fn check_validity(&self) -> Result<(), Error> {
+		self.to_secp256k1_secret().map(|_| ())
+	}
+
+	/// Inplace add one secret key to another (scalar + scalar)
+	pub fn add(&mut self, other: &Secret) -> Result<(), Error> {
+		match (self.is_zero(), other.is_zero()) {
+			(true, true) | (false, true) => Ok(()),
+			(true, false) => {
+				*self = other.clone();
+				Ok(())
+			},
+			(false, false) => {
+				let mut key_secret = self.to_secp256k1_secret()?;
+				let other_secret = other.to_secp256k1_secret()?;
+				key_secret.add_assign(&SECP256K1, &other_secret)?;
+
+				*self = key_secret.into();
+				Ok(())
+			},
+		}
+	}
+
+	/// Inplace subtract one secret key from another (scalar - scalar)
+	pub fn sub(&mut self, other: &Secret) -> Result<(), Error> {
+		match (self.is_zero(), other.is_zero()) {
+			(true, true) | (false, true) => Ok(()),
+			(true, false) => {
+				*self = other.clone();
+				self.neg()
+			},
+			(false, false) => {
+				let mut key_secret = self.to_secp256k1_secret()?;
+				let mut other_secret = other.to_secp256k1_secret()?;
+				other_secret.mul_assign(&SECP256K1, &key::MINUS_ONE_KEY)?;
+				key_secret.add_assign(&SECP256K1, &other_secret)?;
+
+				*self = key_secret.into();
+				Ok(())
+			},
+		}
+	}
+
+	/// Inplace decrease secret key (scalar - 1)
+	pub fn dec(&mut self) -> Result<(), Error> {
+		match self.is_zero() {
+			true => {
+				*self = key::MINUS_ONE_KEY.into();
+				Ok(())
+			},
+			false => {
+				let mut key_secret = self.to_secp256k1_secret()?;
+				key_secret.add_assign(&SECP256K1, &key::MINUS_ONE_KEY)?;
+
+				*self = key_secret.into();
+				Ok(())
+			},
+		}
+	}
+
+	/// Inplace multiply one secret key to another (scalar * scalar)
+	pub fn mul(&mut self, other: &Secret) -> Result<(), Error> {
+		match (self.is_zero(), other.is_zero()) {
+			(true, true) | (true, false) => Ok(()),
+			(false, true) => {
+				*self = Self::zero();
+				Ok(())
+			},
+			(false, false) => {
+				let mut key_secret = self.to_secp256k1_secret()?;
+				let other_secret = other.to_secp256k1_secret()?;
+				key_secret.mul_assign(&SECP256K1, &other_secret)?;
+
+				*self = key_secret.into();
+				Ok(())
+			},
+		}
+	}
+
+	/// Inplace negate secret key (-scalar)
+	pub fn neg(&mut self) -> Result<(), Error> {
+		match self.is_zero() {
+			true => Ok(()),
+			false => {
+				let mut key_secret = self.to_secp256k1_secret()?;
+				key_secret.mul_assign(&SECP256K1, &key::MINUS_ONE_KEY)?;
+
+				*self = key_secret.into();
+				Ok(())
+			},
+		}
+	}
+
+	/// Inplace inverse secret key (1 / scalar)
+	pub fn inv(&mut self) -> Result<(), Error> {
+		let mut key_secret = self.to_secp256k1_secret()?;
+		key_secret.inv_assign(&SECP256K1)?;
+
+		*self = key_secret.into();
+		Ok(())
+	}
+
+	/// Compute power of secret key inplace (secret ^ pow).
+	/// This function is not intended to be used with large powers.
+	pub fn pow(&mut self, pow: usize) -> Result<(), Error> {
+		if self.is_zero() {
+			return Ok(());
+		}
+
+		match pow {
+			0 => *self = key::ONE_KEY.into(),
+			1 => (),
+			_ => {
+				let c = self.clone();
+				for _ in 1..pow {
+					self.mul(&c)?;
+				}
+			},
+		}
+
+		Ok(())
+	}
+
+	/// Create `secp256k1::key::SecretKey` based on this secret
+	pub fn to_secp256k1_secret(&self) -> Result<key::SecretKey, Error> {
+		Ok(key::SecretKey::from_slice(&SECP256K1, &self[..])?)
+	}
+}
+
+impl FromStr for Secret {
+	type Err = Error;
+	fn from_str(s: &str) -> Result<Self, Self::Err> {
+		Ok(H256::from_str(s).map_err(|e| Error::Custom(format!("{:?}", e)))?.into())
+	}
+}
+
+impl From<[u8; 32]> for Secret {
+	fn from(k: [u8; 32]) -> Self {
+		Secret { inner: Memzero::from(H256(k)) }
+	}
+}
+
+impl From<H256> for Secret {
+	fn from(s: H256) -> Self {
+		s.0.into()
+	}
+}
+
+impl From<&'static str> for Secret {
+	fn from(s: &'static str) -> Self {
+		s.parse().expect(&format!("invalid string literal for {}: '{}'", stringify!(Self), s))
+	}
+}
+
+impl From<key::SecretKey> for Secret {
+	fn from(key: key::SecretKey) -> Self {
+		let mut a = [0; SECP256K1_SECRET_KEY_SIZE];
+		a.copy_from_slice(&key[0 .. SECP256K1_SECRET_KEY_SIZE]);
+		a.into()
+	}
+}
+
+impl Deref for Secret {
+	type Target = H256;
+
+	fn deref(&self) -> &Self::Target {
+		&self.inner
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use std::str::FromStr;
+	use super::super::{Random, Generator};
+	use super::Secret;
+
+	#[test]
+	fn multiplicating_secret_inversion_with_secret_gives_one() {
+		let secret = Random.generate().unwrap().secret().clone();
+		let mut inversion = secret.clone();
+		inversion.inv().unwrap();
+		inversion.mul(&secret).unwrap();
+		assert_eq!(inversion, Secret::from_str("0000000000000000000000000000000000000000000000000000000000000001").unwrap());
+	}
+
+	#[test]
+	fn secret_inversion_is_reversible_with_inversion() {
+		let secret = Random.generate().unwrap().secret().clone();
+		let mut inversion = secret.clone();
+		inversion.inv().unwrap();
+		inversion.inv().unwrap();
+		assert_eq!(inversion, secret);
+	}
+
+	#[test]
+	fn secret_pow() {
+		let secret = Random.generate().unwrap().secret().clone();
+
+		let mut pow0 = secret.clone();
+		pow0.pow(0).unwrap();
+		assert_eq!(pow0, Secret::from_str("0000000000000000000000000000000000000000000000000000000000000001").unwrap());
+
+		let mut pow1 = secret.clone();
+		pow1.pow(1).unwrap();
+		assert_eq!(pow1, secret);
+
+		let mut pow2 = secret.clone();
+		pow2.pow(2).unwrap();
+		let mut pow2_expected = secret.clone();
+		pow2_expected.mul(&secret).unwrap();
+		assert_eq!(pow2, pow2_expected);
+
+		let mut pow3 = secret.clone();
+		pow3.pow(3).unwrap();
+		let mut pow3_expected = secret.clone();
+		pow3_expected.mul(&secret).unwrap();
+		pow3_expected.mul(&secret).unwrap();
+		assert_eq!(pow3, pow3_expected);
+	}
+}

accounts/ethkey/src/signature.rs

@@ -0,0 +1,294 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::ops::{Deref, DerefMut};
+use std::cmp::PartialEq;
+use std::fmt;
+use std::str::FromStr;
+use std::hash::{Hash, Hasher};
+use secp256k1::{Message as SecpMessage, RecoverableSignature, RecoveryId, Error as SecpError};
+use secp256k1::key::{SecretKey, PublicKey};
+use rustc_hex::{ToHex, FromHex};
+use ethereum_types::{H520, H256};
+use {Secret, Public, SECP256K1, Error, Message, public_to_address, Address};
+
+/// Signature encoded as RSV components
+#[repr(C)]
+pub struct Signature([u8; 65]);
+
+impl Signature {
+	/// Get a slice into the 'r' portion of the data.
+	pub fn r(&self) -> &[u8] {
+		&self.0[0..32]
+	}
+
+	/// Get a slice into the 's' portion of the data.
+	pub fn s(&self) -> &[u8] {
+		&self.0[32..64]
+	}
+
+	/// Get the recovery byte.
+	pub fn v(&self) -> u8 {
+		self.0[64]
+	}
+
+	/// Encode the signature into RSV array (V altered to be in "Electrum" notation).
+	pub fn into_electrum(mut self) -> [u8; 65] {
+		self.0[64] += 27;
+		self.0
+	}
+
+	/// Parse bytes as a signature encoded as RSV (V in "Electrum" notation).
+	/// May return empty (invalid) signature if given data has invalid length.
+	pub fn from_electrum(data: &[u8]) -> Self {
+		if data.len() != 65 || data[64] < 27 {
+			// fallback to empty (invalid) signature
+			return Signature::default();
+		}
+
+		let mut sig = [0u8; 65];
+		sig.copy_from_slice(data);
+		sig[64] -= 27;
+		Signature(sig)
+	}
+
+	/// Create a signature object from the sig.
+	pub fn from_rsv(r: &H256, s: &H256, v: u8) -> Self {
+		let mut sig = [0u8; 65];
+		sig[0..32].copy_from_slice(&r);
+		sig[32..64].copy_from_slice(&s);
+		sig[64] = v;
+		Signature(sig)
+	}
+
+	/// Check if this is a "low" signature.
+	pub fn is_low_s(&self) -> bool {
+		H256::from_slice(self.s()) <= "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0".into()
+	}
+
+	/// Check if each component of the signature is in range.
+	pub fn is_valid(&self) -> bool {
+		self.v() <= 1 &&
+			H256::from_slice(self.r()) < "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141".into() &&
+			H256::from_slice(self.r()) >= 1.into() &&
+			H256::from_slice(self.s()) < "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141".into() &&
+			H256::from_slice(self.s()) >= 1.into()
+	}
+}
+
+// manual implementation large arrays don't have trait impls by default.
+// remove when integer generics exist
+impl PartialEq for Signature {
+	fn eq(&self, other: &Self) -> bool {
+		&self.0[..] == &other.0[..]
+	}
+}
+
+// manual implementation required in Rust 1.13+, see `std::cmp::AssertParamIsEq`.
+impl Eq for Signature { }
+
+// also manual for the same reason, but the pretty printing might be useful.
+impl fmt::Debug for Signature {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		f.debug_struct("Signature")
+			.field("r", &self.0[0..32].to_hex())
+			.field("s", &self.0[32..64].to_hex())
+			.field("v", &self.0[64..65].to_hex())
+		.finish()
+	}
+}
+
+impl fmt::Display for Signature {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		write!(f, "{}", self.to_hex())
+	}
+}
+
+impl FromStr for Signature {
+	type Err = Error;
+
+	fn from_str(s: &str) -> Result<Self, Self::Err> {
+		match s.from_hex() {
+			Ok(ref hex) if hex.len() == 65 => {
+				let mut data = [0; 65];
+				data.copy_from_slice(&hex[0..65]);
+				Ok(Signature(data))
+			},
+			_ => Err(Error::InvalidSignature)
+		}
+	}
+}
+
+impl Default for Signature {
+	fn default() -> Self {
+		Signature([0; 65])
+	}
+}
+
+impl Hash for Signature {
+    fn hash<H: Hasher>(&self, state: &mut H) {
+    	H520::from(self.0).hash(state);
+    }
+}
+
+impl Clone for Signature {
+    fn clone(&self) -> Self {
+		Signature(self.0)
+    }
+}
+
+impl From<[u8; 65]> for Signature {
+	fn from(s: [u8; 65]) -> Self {
+		Signature(s)
+	}
+}
+
+impl Into<[u8; 65]> for Signature {
+	fn into(self) -> [u8; 65] {
+		self.0
+	}
+}
+
+impl From<Signature> for H520 {
+	fn from(s: Signature) -> Self {
+		H520::from(s.0)
+	}
+}
+
+impl From<H520> for Signature {
+	fn from(bytes: H520) -> Self {
+		Signature(bytes.into())
+	}
+}
+
+impl Deref for Signature {
+	type Target = [u8; 65];
+
+	fn deref(&self) -> &Self::Target {
+		&self.0
+	}
+}
+
+impl DerefMut for Signature {
+	fn deref_mut(&mut self) -> &mut Self::Target {
+		&mut self.0
+	}
+}
+
+pub fn sign(secret: &Secret, message: &Message) -> Result<Signature, Error> {
+	let context = &SECP256K1;
+	let sec = SecretKey::from_slice(context, &secret)?;
+	let s = context.sign_recoverable(&SecpMessage::from_slice(&message[..])?, &sec)?;
+	let (rec_id, data) = s.serialize_compact(context);
+	let mut data_arr = [0; 65];
+
+	// no need to check if s is low, it always is
+	data_arr[0..64].copy_from_slice(&data[0..64]);
+	data_arr[64] = rec_id.to_i32() as u8;
+	Ok(Signature(data_arr))
+}
+
+pub fn verify_public(public: &Public, signature: &Signature, message: &Message) -> Result<bool, Error> {
+	let context = &SECP256K1;
+	let rsig = RecoverableSignature::from_compact(context, &signature[0..64], RecoveryId::from_i32(signature[64] as i32)?)?;
+	let sig = rsig.to_standard(context);
+
+	let pdata: [u8; 65] = {
+		let mut temp = [4u8; 65];
+		temp[1..65].copy_from_slice(&**public);
+		temp
+	};
+
+	let publ = PublicKey::from_slice(context, &pdata)?;
+	match context.verify(&SecpMessage::from_slice(&message[..])?, &sig, &publ) {
+		Ok(_) => Ok(true),
+		Err(SecpError::IncorrectSignature) => Ok(false),
+		Err(x) => Err(Error::from(x))
+	}
+}
+
+pub fn verify_address(address: &Address, signature: &Signature, message: &Message) -> Result<bool, Error> {
+	let public = recover(signature, message)?;
+	let recovered_address = public_to_address(&public);
+	Ok(address == &recovered_address)
+}
+
+pub fn recover(signature: &Signature, message: &Message) -> Result<Public, Error> {
+	let context = &SECP256K1;
+	let rsig = RecoverableSignature::from_compact(context, &signature[0..64], RecoveryId::from_i32(signature[64] as i32)?)?;
+	let pubkey = context.recover(&SecpMessage::from_slice(&message[..])?, &rsig)?;
+	let serialized = pubkey.serialize_vec(context, false);
+
+	let mut public = Public::default();
+	public.copy_from_slice(&serialized[1..65]);
+	Ok(public)
+}
+
+#[cfg(test)]
+mod tests {
+	use std::str::FromStr;
+	use {Generator, Random, Message};
+	use super::{sign, verify_public, verify_address, recover, Signature};
+
+	#[test]
+	fn vrs_conversion() {
+		// given
+		let keypair = Random.generate().unwrap();
+		let message = Message::default();
+		let signature = sign(keypair.secret(), &message).unwrap();
+
+		// when
+		let vrs = signature.clone().into_electrum();
+		let from_vrs = Signature::from_electrum(&vrs);
+
+		// then
+		assert_eq!(signature, from_vrs);
+	}
+
+	#[test]
+	fn signature_to_and_from_str() {
+		let keypair = Random.generate().unwrap();
+		let message = Message::default();
+		let signature = sign(keypair.secret(), &message).unwrap();
+		let string = format!("{}", signature);
+		let deserialized = Signature::from_str(&string).unwrap();
+		assert_eq!(signature, deserialized);
+	}
+
+	#[test]
+	fn sign_and_recover_public() {
+		let keypair = Random.generate().unwrap();
+		let message = Message::default();
+		let signature = sign(keypair.secret(), &message).unwrap();
+		assert_eq!(keypair.public(), &recover(&signature, &message).unwrap());
+	}
+
+	#[test]
+	fn sign_and_verify_public() {
+		let keypair = Random.generate().unwrap();
+		let message = Message::default();
+		let signature = sign(keypair.secret(), &message).unwrap();
+		assert!(verify_public(keypair.public(), &signature, &message).unwrap());
+	}
+
+	#[test]
+	fn sign_and_verify_address() {
+		let keypair = Random.generate().unwrap();
+		let message = Message::default();
+		let signature = sign(keypair.secret(), &message).unwrap();
+		assert!(verify_address(&keypair.address(), &signature, &message).unwrap());
+	}
+}

accounts/ethstore/Cargo.toml

@@ -1,5 +1,4 @@
 [package]
-description = "Parity Ethereum Key Management"
 name = "ethstore"
 version = "0.2.1"
 authors = ["Parity Technologies <admin@parity.io>"]
@@ -7,21 +6,22 @@ authors = ["Parity Technologies <admin@parity.io>"]
 [dependencies]
 log = "0.4"
 libc = "0.2"
-rand = "0.7.3"
+rand = "0.4"
 ethkey = { path = "../ethkey" }
 serde = "1.0"
 serde_json = "1.0"
 serde_derive = "1.0"
 rustc-hex = "1.0"
+tiny-keccak = "1.4"
 time = "0.1.34"
 itertools = "0.5"
-parking_lot = "0.11.1"
-parity-crypto = { version = "0.6.2", features = [ "publickey"] }
-ethereum-types = "0.9.2"
+parking_lot = "0.7"
+parity-crypto = "0.2"
+ethereum-types = "0.4"
+dir = { path = "../../util/dir" }
 smallvec = "0.6"
-parity-wordlist = "1.3"
+parity-wordlist = "1.0"
 tempdir = "0.3"
-lazy_static = "1.2.0"
 
 [dev-dependencies]
 matches = "0.1"

accounts/ethstore/README.md

@@ -6,7 +6,7 @@ Parity Ethereum key management.
 
 ```
 Parity Ethereum key management tool.
-  Copyright 2015-2019 Parity Technologies (UK) Ltd.
+  Copyright 2015-2018 Parity Technologies (UK) Ltd.
 
 Usage:
     ethstore insert <secret> <password> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
@@ -337,3 +337,4 @@ _This project is a part of the Parity Ethereum toolchain._
 - [ethabi](https://github.com/paritytech/ethabi) - Parity Ethereum function calls encoding.
 - [ethstore](https://github.com/paritytech/parity-ethereum/blob/master/accounts/ethstore) - Parity Ethereum key management.
 - [ethkey](https://github.com/paritytech/parity-ethereum/blob/master/accounts/ethkey) - Parity Ethereum keys generator.
+- [whisper](https://github.com/paritytech/parity-ethereum/blob/master/whisper/) - Implementation of Whisper-v2 PoC.

accounts/ethstore/cli/Cargo.toml

@@ -1,5 +1,4 @@
 [package]
-description = "Parity Ethereum Key Management CLI"
 name = "ethstore-cli"
 version = "0.1.1"
 authors = ["Parity Technologies <admin@parity.io>"]
@@ -11,10 +10,10 @@ num_cpus = "1.6"
 rustc-hex = "1.0"
 serde = "1.0"
 serde_derive = "1.0"
-parking_lot = "0.11.1"
-ethstore = { path = "../../crates/accounts/ethstore" }
-dir = { path = '../../crates/util/dir' }
-panic_hook = { path = "../../crates/util/panic-hook" }
+parking_lot = "0.7"
+ethstore = { path = "../" }
+dir = { path = '../../../util/dir' }
+panic_hook = { path = "../../../util/panic-hook" }
 
 [[bin]]
 name = "ethstore"

accounts/ethstore/cli/src/crack.rs

@@ -0,0 +1,66 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{cmp, thread};
+use std::sync::Arc;
+use std::collections::VecDeque;
+use parking_lot::Mutex;
+
+use ethstore::{ethkey::Password, PresaleWallet, Error};
+use num_cpus;
+
+pub fn run(passwords: VecDeque<Password>, wallet_path: &str) -> Result<(), Error> {
+	let passwords = Arc::new(Mutex::new(passwords));
+
+	let mut handles = Vec::new();
+
+	for _ in 0..num_cpus::get() {
+		let passwords = passwords.clone();
+		let wallet = PresaleWallet::open(&wallet_path)?;
+		handles.push(thread::spawn(move || {
+			look_for_password(passwords, wallet);
+		}));
+	}
+
+	for handle in handles {
+		handle.join().map_err(|err| Error::Custom(format!("Error finishing thread: {:?}", err)))?;
+	}
+
+	Ok(())
+}
+
+fn look_for_password(passwords: Arc<Mutex<VecDeque<Password>>>, wallet: PresaleWallet) {
+	let mut counter = 0;
+	while !passwords.lock().is_empty() {
+		let package = {
+			let mut passwords = passwords.lock();
+			let len = passwords.len();
+			passwords.split_off(cmp::min(len, 32))
+		};
+		for pass in package {
+			counter += 1;
+			match wallet.decrypt(&pass) {
+				Ok(_) => {
+					println!("Found password: {}", pass.as_str());
+					passwords.lock().clear();
+					return;
+				},
+				_ if counter % 100 == 0 => print!("."),
+				_ => {},
+			}
+		}
+	}
+}

accounts/ethstore/cli/src/main.rs

@@ -0,0 +1,317 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+extern crate dir;
+extern crate docopt;
+extern crate ethstore;
+extern crate num_cpus;
+extern crate panic_hook;
+extern crate parking_lot;
+extern crate rustc_hex;
+extern crate serde;
+
+extern crate env_logger;
+
+#[macro_use]
+extern crate serde_derive;
+
+use std::collections::VecDeque;
+use std::io::Read;
+use std::{env, process, fs, fmt};
+
+use docopt::Docopt;
+use ethstore::accounts_dir::{KeyDirectory, RootDiskDirectory};
+use ethstore::ethkey::{Address, Password};
+use ethstore::{EthStore, SimpleSecretStore, SecretStore, import_accounts, PresaleWallet, SecretVaultRef, StoreAccountRef};
+
+mod crack;
+
+pub const USAGE: &'static str = r#"
+Parity Ethereum key management tool.
+  Copyright 2015-2018 Parity Technologies (UK) Ltd.
+
+Usage:
+    ethstore insert <secret> <password> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore change-pwd <address> <old-pwd> <new-pwd> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore list [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore import [<password>] [--src DIR] [--dir DIR]
+    ethstore import-wallet <path> <password> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore find-wallet-pass <path> <password>
+    ethstore remove <address> <password> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore sign <address> <password> <message> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore public <address> <password> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore list-vaults [--dir DIR]
+    ethstore create-vault <vault> <password> [--dir DIR]
+    ethstore change-vault-pwd <vault> <old-pwd> <new-pwd> [--dir DIR]
+    ethstore move-to-vault <address> <vault> <password> [--dir DIR] [--vault VAULT] [--vault-pwd VAULTPWD]
+    ethstore move-from-vault <address> <vault> <password> [--dir DIR]
+    ethstore [-h | --help]
+
+Options:
+    -h, --help               Display this message and exit.
+    --dir DIR                Specify the secret store directory. It may be either
+                             parity, parity-(chain), geth, geth-test
+                             or a path [default: parity].
+    --vault VAULT            Specify vault to use in this operation.
+    --vault-pwd VAULTPWD     Specify vault password to use in this operation. Please note
+                             that this option is required when vault option is set.
+                             Otherwise it is ignored.
+    --src DIR                Specify import source. It may be either
+                             parity, parity-(chain), geth, geth-test
+                             or a path [default: geth].
+
+Commands:
+    insert             Save account with password.
+    change-pwd         Change password.
+    list               List accounts.
+    import             Import accounts from src.
+    import-wallet      Import presale wallet.
+    find-wallet-pass   Tries to open a wallet with list of passwords given.
+    remove             Remove account.
+    sign               Sign message.
+    public             Displays public key for an address.
+    list-vaults        List vaults.
+    create-vault       Create new vault.
+    change-vault-pwd   Change vault password.
+    move-to-vault      Move account to vault from another vault/root directory.
+    move-from-vault    Move account to root directory from given vault.
+"#;
+
+#[derive(Debug, Deserialize)]
+struct Args {
+	cmd_insert: bool,
+	cmd_change_pwd: bool,
+	cmd_list: bool,
+	cmd_import: bool,
+	cmd_import_wallet: bool,
+	cmd_find_wallet_pass: bool,
+	cmd_remove: bool,
+	cmd_sign: bool,
+	cmd_public: bool,
+	cmd_list_vaults: bool,
+	cmd_create_vault: bool,
+	cmd_change_vault_pwd: bool,
+	cmd_move_to_vault: bool,
+	cmd_move_from_vault: bool,
+	arg_secret: String,
+	arg_password: String,
+	arg_old_pwd: String,
+	arg_new_pwd: String,
+	arg_address: String,
+	arg_message: String,
+	arg_path: String,
+	arg_vault: String,
+	flag_src: String,
+	flag_dir: String,
+	flag_vault: String,
+	flag_vault_pwd: String,
+}
+
+enum Error {
+	Ethstore(ethstore::Error),
+	Docopt(docopt::Error),
+}
+
+impl From<ethstore::Error> for Error {
+	fn from(err: ethstore::Error) -> Self {
+		Error::Ethstore(err)
+	}
+}
+
+impl From<docopt::Error> for Error {
+	fn from(err: docopt::Error) -> Self {
+		Error::Docopt(err)
+	}
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+		match *self {
+			Error::Ethstore(ref err) => fmt::Display::fmt(err, f),
+			Error::Docopt(ref err) => fmt::Display::fmt(err, f),
+		}
+	}
+}
+
+fn main() {
+	panic_hook::set_abort();
+	if env::var("RUST_LOG").is_err() {
+		env::set_var("RUST_LOG", "warn")
+	}
+	env_logger::try_init().expect("Logger initialized only once.");
+
+	match execute(env::args()) {
+		Ok(result) => println!("{}", result),
+		Err(Error::Docopt(ref e)) => e.exit(),
+		Err(err) => {
+			eprintln!("{}", err);
+			process::exit(1);
+		}
+	}
+}
+
+fn key_dir(location: &str, password: Option<Password>) -> Result<Box<KeyDirectory>, Error> {
+	let dir: RootDiskDirectory = match location {
+		"geth" => RootDiskDirectory::create(dir::geth(false))?,
+		"geth-test" => RootDiskDirectory::create(dir::geth(true))?,
+		path if path.starts_with("parity") => {
+			let chain = path.split('-').nth(1).unwrap_or("ethereum");
+			let path = dir::parity(chain);
+			RootDiskDirectory::create(path)?
+		},
+		path => RootDiskDirectory::create(path)?,
+	};
+
+	Ok(Box::new(dir.with_password(password)))
+}
+
+fn open_args_vault(store: &EthStore, args: &Args) -> Result<SecretVaultRef, Error> {
+	if args.flag_vault.is_empty() {
+		return Ok(SecretVaultRef::Root);
+	}
+
+	let vault_pwd = load_password(&args.flag_vault_pwd)?;
+	store.open_vault(&args.flag_vault, &vault_pwd)?;
+	Ok(SecretVaultRef::Vault(args.flag_vault.clone()))
+}
+
+fn open_args_vault_account(store: &EthStore, address: Address, args: &Args) -> Result<StoreAccountRef, Error> {
+	match open_args_vault(store, args)? {
+		SecretVaultRef::Root => Ok(StoreAccountRef::root(address)),
+		SecretVaultRef::Vault(name) => Ok(StoreAccountRef::vault(&name, address)),
+	}
+}
+
+fn format_accounts(accounts: &[Address]) -> String {
+	accounts.iter()
+		.enumerate()
+		.map(|(i, a)| format!("{:2}: 0x{:x}", i, a))
+		.collect::<Vec<String>>()
+		.join("\n")
+}
+
+fn format_vaults(vaults: &[String]) -> String {
+	vaults.join("\n")
+}
+
+fn load_password(path: &str) -> Result<Password, Error> {
+	let mut file = fs::File::open(path).map_err(|e| ethstore::Error::Custom(format!("Error opening password file '{}': {}", path, e)))?;
+	let mut password = String::new();
+	file.read_to_string(&mut password).map_err(|e| ethstore::Error::Custom(format!("Error reading password file '{}': {}", path, e)))?;
+	// drop EOF
+	let _ = password.pop();
+	Ok(password.into())
+}
+
+fn execute<S, I>(command: I) -> Result<String, Error> where I: IntoIterator<Item=S>, S: AsRef<str> {
+	let args: Args = Docopt::new(USAGE)
+		.and_then(|d| d.argv(command).deserialize())?;
+
+	let store = EthStore::open(key_dir(&args.flag_dir, None)?)?;
+
+	return if args.cmd_insert {
+		let secret = args.arg_secret.parse().map_err(|_| ethstore::Error::InvalidSecret)?;
+		let password = load_password(&args.arg_password)?;
+		let vault_ref = open_args_vault(&store, &args)?;
+		let account_ref = store.insert_account(vault_ref, secret, &password)?;
+		Ok(format!("0x{:x}", account_ref.address))
+	} else if args.cmd_change_pwd {
+		let address = args.arg_address.parse().map_err(|_| ethstore::Error::InvalidAccount)?;
+		let old_pwd = load_password(&args.arg_old_pwd)?;
+		let new_pwd = load_password(&args.arg_new_pwd)?;
+		let account_ref = open_args_vault_account(&store, address, &args)?;
+		let ok = store.change_password(&account_ref, &old_pwd, &new_pwd).is_ok();
+		Ok(format!("{}", ok))
+	} else if args.cmd_list {
+		let vault_ref = open_args_vault(&store, &args)?;
+		let accounts = store.accounts()?;
+		let accounts: Vec<_> = accounts
+			.into_iter()
+			.filter(|a| &a.vault == &vault_ref)
+			.map(|a| a.address)
+			.collect();
+		Ok(format_accounts(&accounts))
+	} else if args.cmd_import {
+		let password = match args.arg_password.as_ref() {
+			"" => None,
+			_ => Some(load_password(&args.arg_password)?)
+		};
+		let src = key_dir(&args.flag_src, password)?;
+		let dst = key_dir(&args.flag_dir, None)?;
+
+		let accounts = import_accounts(&*src, &*dst)?;
+		Ok(format_accounts(&accounts))
+	} else if args.cmd_import_wallet {
+		let wallet = PresaleWallet::open(&args.arg_path)?;
+		let password = load_password(&args.arg_password)?;
+		let kp = wallet.decrypt(&password)?;
+		let vault_ref = open_args_vault(&store, &args)?;
+		let account_ref = store.insert_account(vault_ref, kp.secret().clone(), &password)?;
+		Ok(format!("0x{:x}", account_ref.address))
+	} else if args.cmd_find_wallet_pass {
+		let passwords = load_password(&args.arg_password)?;
+		let passwords = passwords.as_str().lines().map(|line| str::to_owned(line).into()).collect::<VecDeque<_>>();
+		crack::run(passwords, &args.arg_path)?;
+		Ok(format!("Password not found."))
+	} else if args.cmd_remove {
+		let address = args.arg_address.parse().map_err(|_| ethstore::Error::InvalidAccount)?;
+		let password = load_password(&args.arg_password)?;
+		let account_ref = open_args_vault_account(&store, address, &args)?;
+		let ok = store.remove_account(&account_ref, &password).is_ok();
+		Ok(format!("{}", ok))
+	} else if args.cmd_sign {
+		let address = args.arg_address.parse().map_err(|_| ethstore::Error::InvalidAccount)?;
+		let message = args.arg_message.parse().map_err(|_| ethstore::Error::InvalidMessage)?;
+		let password = load_password(&args.arg_password)?;
+		let account_ref = open_args_vault_account(&store, address, &args)?;
+		let signature = store.sign(&account_ref, &password, &message)?;
+		Ok(format!("0x{}", signature))
+	} else if args.cmd_public {
+		let address = args.arg_address.parse().map_err(|_| ethstore::Error::InvalidAccount)?;
+		let password = load_password(&args.arg_password)?;
+		let account_ref = open_args_vault_account(&store, address, &args)?;
+		let public = store.public(&account_ref, &password)?;
+		Ok(format!("0x{:x}", public))
+	} else if args.cmd_list_vaults {
+		let vaults = store.list_vaults()?;
+		Ok(format_vaults(&vaults))
+	} else if args.cmd_create_vault {
+		let password = load_password(&args.arg_password)?;
+		store.create_vault(&args.arg_vault, &password)?;
+		Ok("OK".to_owned())
+	} else if args.cmd_change_vault_pwd {
+		let old_pwd = load_password(&args.arg_old_pwd)?;
+		let new_pwd = load_password(&args.arg_new_pwd)?;
+		store.open_vault(&args.arg_vault, &old_pwd)?;
+		store.change_vault_password(&args.arg_vault, &new_pwd)?;
+		Ok("OK".to_owned())
+	} else if args.cmd_move_to_vault {
+		let address = args.arg_address.parse().map_err(|_| ethstore::Error::InvalidAccount)?;
+		let password = load_password(&args.arg_password)?;
+		let account_ref = open_args_vault_account(&store, address, &args)?;
+		store.open_vault(&args.arg_vault, &password)?;
+		store.change_account_vault(SecretVaultRef::Vault(args.arg_vault), account_ref)?;
+		Ok("OK".to_owned())
+	} else if args.cmd_move_from_vault {
+		let address = args.arg_address.parse().map_err(|_| ethstore::Error::InvalidAccount)?;
+		let password = load_password(&args.arg_password)?;
+		store.open_vault(&args.arg_vault, &password)?;
+		store.change_account_vault(SecretVaultRef::Root, StoreAccountRef::vault(&args.arg_vault, address))?;
+		Ok("OK".to_owned())
+	} else {
+		Ok(format!("{}", USAGE))
+	}
+}

accounts/ethstore/cli/tests/cli.rs

@@ -0,0 +1,82 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+extern crate tempdir;
+use std::process::Command;
+use tempdir::TempDir;
+use std::fs::File;
+use std::io::Write;
+
+fn run(args: &[&str]) -> String {
+	let output = Command::new("cargo")
+		.args(&["run", "--"])
+		.args(args)
+		.output()
+		.unwrap();
+	assert!(output.status.success());
+	String::from_utf8(output.stdout).unwrap()
+}
+
+#[test]
+fn cli_cmd() {
+	Command::new("cargo")
+		.arg("build")
+		.output()
+		.unwrap();
+
+	let dir = TempDir::new("test-vault").unwrap();
+
+	let mut passwd = File::create(dir.path().join("test-password")).unwrap();
+	writeln!(passwd, "password").unwrap();
+
+	let mut passwd2 = File::create(dir.path().join("test-vault-addr")).unwrap();
+	writeln!(passwd2, "password2").unwrap();
+
+	let test_password_buf = dir.path().join("test-password");
+	let test_password: &str = test_password_buf.to_str().unwrap();
+	let dir_str: &str = dir.path().to_str().unwrap();
+	let test_vault_addr_buf = dir.path().join("test-vault-addr");
+	let test_vault_addr = test_vault_addr_buf.to_str().unwrap();
+
+	run(&["create-vault", "test-vault", test_password, "--dir", dir_str]);
+
+	let output = run(&["insert", "7d29fab185a33e2cd955812397354c472d2b84615b645aa135ff539f6b0d70d5",
+			    test_vault_addr,
+			    "--dir", dir_str,
+			    "--vault", "test-vault",
+			   "--vault-pwd", test_password]);
+	let address = output.trim();
+
+	let output = run(&["list",
+			   "--dir", dir_str,
+			   "--vault", "test-vault",
+			   "--vault-pwd", test_password]);
+	assert_eq!(output, " 0: 0xa8fa5dd30a87bb9e3288d604eb74949c515ab66e\n");
+
+	let output = run(&["sign", &address[2..],
+			   test_vault_addr,
+			   "7d29fab185a33e2cd955812397354c472d2b84615b645aa135ff539f6b0d70d5",
+			   "--dir", dir_str,
+			   "--vault", "test-vault",
+			   "--vault-pwd", test_password]);
+	assert_eq!(output, "0x54ab6e5cf0c5cb40043fdca5d15d611a3a94285414a076dafecc8dc9c04183f413296a3defff61092c0bb478dc9887ec01070e1275234211208fb8f4be4a9b0101\n");
+
+	let output = run(&["public", &address[2..], test_vault_addr,
+			   "--dir", dir_str,
+			   "--vault", "test-vault",
+			   "--vault-pwd", test_password]);
+	assert_eq!(output, "0x35f222d88b80151857a2877826d940104887376a94c1cbd2c8c7c192eb701df88a18a4ecb8b05b1466c5b3706042027b5e079fe3a3683e66d822b0e047aa3418\n");
+}

accounts/ethstore/src/account/cipher.rs

@@ -0,0 +1,59 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use json;
+
+#[derive(Debug, PartialEq, Clone)]
+pub struct Aes128Ctr {
+	pub iv: [u8; 16],
+}
+
+#[derive(Debug, PartialEq, Clone)]
+pub enum Cipher {
+	Aes128Ctr(Aes128Ctr),
+}
+
+impl From<json::Aes128Ctr> for Aes128Ctr {
+	fn from(json: json::Aes128Ctr) -> Self {
+		Aes128Ctr {
+			iv: json.iv.into()
+		}
+	}
+}
+
+impl Into<json::Aes128Ctr> for Aes128Ctr {
+	fn into(self) -> json::Aes128Ctr {
+		json::Aes128Ctr {
+			iv: From::from(self.iv)
+		}
+	}
+}
+
+impl From<json::Cipher> for Cipher {
+	fn from(json: json::Cipher) -> Self {
+		match json {
+			json::Cipher::Aes128Ctr(params) => Cipher::Aes128Ctr(From::from(params)),
+		}
+	}
+}
+
+impl Into<json::Cipher> for Cipher {
+	fn into(self) -> json::Cipher {
+		match self {
+			Cipher::Aes128Ctr(params) => json::Cipher::Aes128Ctr(params.into()),
+		}
+	}
+}

accounts/ethstore/src/account/crypto.rs

@@ -0,0 +1,206 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::str;
+use ethkey::{Password, Secret};
+use {json, Error, crypto};
+use crypto::Keccak256;
+use random::Random;
+use smallvec::SmallVec;
+use account::{Cipher, Kdf, Aes128Ctr, Pbkdf2, Prf};
+
+/// Encrypted data
+#[derive(Debug, PartialEq, Clone)]
+pub struct Crypto {
+	/// Encryption parameters
+	pub cipher: Cipher,
+	/// Encrypted data buffer
+	pub ciphertext: Vec<u8>,
+	/// Key derivation function parameters
+	pub kdf: Kdf,
+	/// Message authentication code
+	pub mac: [u8; 32],
+}
+
+impl From<json::Crypto> for Crypto {
+	fn from(json: json::Crypto) -> Self {
+		Crypto {
+			cipher: json.cipher.into(),
+			ciphertext: json.ciphertext.into(),
+			kdf: json.kdf.into(),
+			mac: json.mac.into(),
+		}
+	}
+}
+
+impl From<Crypto> for json::Crypto {
+	fn from(c: Crypto) -> Self {
+		json::Crypto {
+			cipher: c.cipher.into(),
+			ciphertext: c.ciphertext.into(),
+			kdf: c.kdf.into(),
+			mac: c.mac.into(),
+		}
+	}
+}
+
+impl str::FromStr for Crypto {
+	type Err = <json::Crypto as str::FromStr>::Err;
+
+	fn from_str(s: &str) -> Result<Self, Self::Err> {
+		s.parse::<json::Crypto>().map(Into::into)
+	}
+}
+
+impl From<Crypto> for String {
+	fn from(c: Crypto) -> Self {
+		json::Crypto::from(c).into()
+	}
+}
+
+impl Crypto {
+	/// Encrypt account secret
+	pub fn with_secret(secret: &Secret, password: &Password, iterations: u32) -> Result<Self, crypto::Error> {
+		Crypto::with_plain(&*secret, password, iterations)
+	}
+
+	/// Encrypt custom plain data
+	pub fn with_plain(plain: &[u8], password: &Password, iterations: u32) -> Result<Self, crypto::Error> {
+		let salt: [u8; 32] = Random::random();
+		let iv: [u8; 16] = Random::random();
+
+		// two parts of derived key
+		// DK = [ DK[0..15] DK[16..31] ] = [derived_left_bits, derived_right_bits]
+		let (derived_left_bits, derived_right_bits) =
+			crypto::derive_key_iterations(password.as_bytes(), &salt, iterations);
+
+		// preallocated (on-stack in case of `Secret`) buffer to hold cipher
+		// length = length(plain) as we are using CTR-approach
+		let plain_len = plain.len();
+		let mut ciphertext: SmallVec<[u8; 32]> = SmallVec::from_vec(vec![0; plain_len]);
+
+		// aes-128-ctr with initial vector of iv
+		crypto::aes::encrypt_128_ctr(&derived_left_bits, &iv, plain, &mut *ciphertext)?;
+
+		// KECCAK(DK[16..31] ++ <ciphertext>), where DK[16..31] - derived_right_bits
+		let mac = crypto::derive_mac(&derived_right_bits, &*ciphertext).keccak256();
+
+		Ok(Crypto {
+			cipher: Cipher::Aes128Ctr(Aes128Ctr {
+				iv: iv,
+			}),
+			ciphertext: ciphertext.into_vec(),
+			kdf: Kdf::Pbkdf2(Pbkdf2 {
+				dklen: crypto::KEY_LENGTH as u32,
+				salt: salt.to_vec(),
+				c: iterations,
+				prf: Prf::HmacSha256,
+			}),
+			mac: mac,
+		})
+	}
+
+	/// Try to decrypt and convert result to account secret
+	pub fn secret(&self, password: &Password) -> Result<Secret, Error> {
+		if self.ciphertext.len() > 32 {
+			return Err(Error::InvalidSecret);
+		}
+
+		let secret = self.do_decrypt(password, 32)?;
+		Ok(Secret::from_unsafe_slice(&secret)?)
+	}
+
+	/// Try to decrypt and return result as is
+	pub fn decrypt(&self, password: &Password) -> Result<Vec<u8>, Error> {
+		let expected_len = self.ciphertext.len();
+		self.do_decrypt(password, expected_len)
+	}
+
+	fn do_decrypt(&self, password: &Password, expected_len: usize) -> Result<Vec<u8>, Error> {
+		let (derived_left_bits, derived_right_bits) = match self.kdf {
+			Kdf::Pbkdf2(ref params) => crypto::derive_key_iterations(password.as_bytes(), &params.salt, params.c),
+			Kdf::Scrypt(ref params) => crypto::scrypt::derive_key(password.as_bytes(), &params.salt, params.n, params.p, params.r)?,
+		};
+
+		let mac = crypto::derive_mac(&derived_right_bits, &self.ciphertext).keccak256();
+
+		if !crypto::is_equal(&mac, &self.mac) {
+			return Err(Error::InvalidPassword)
+		}
+
+		let mut plain: SmallVec<[u8; 32]> = SmallVec::from_vec(vec![0; expected_len]);
+
+		match self.cipher {
+			Cipher::Aes128Ctr(ref params) => {
+				// checker by callers
+				debug_assert!(expected_len >= self.ciphertext.len());
+
+				let from = expected_len - self.ciphertext.len();
+				crypto::aes::decrypt_128_ctr(&derived_left_bits, &params.iv, &self.ciphertext, &mut plain[from..])?;
+				Ok(plain.into_iter().collect())
+			},
+		}
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use ethkey::{Generator, Random};
+	use super::{Crypto, Error};
+
+	#[test]
+	fn crypto_with_secret_create() {
+		let keypair = Random.generate().unwrap();
+		let passwd = "this is sparta".into();
+		let crypto = Crypto::with_secret(keypair.secret(), &passwd, 10240).unwrap();
+		let secret = crypto.secret(&passwd).unwrap();
+		assert_eq!(keypair.secret(), &secret);
+	}
+
+	#[test]
+	fn crypto_with_secret_invalid_password() {
+		let keypair = Random.generate().unwrap();
+		let crypto = Crypto::with_secret(keypair.secret(), &"this is sparta".into(), 10240).unwrap();
+		assert_matches!(crypto.secret(&"this is sparta!".into()), Err(Error::InvalidPassword))
+	}
+
+	#[test]
+	fn crypto_with_null_plain_data() {
+		let original_data = b"";
+		let passwd = "this is sparta".into();
+		let crypto = Crypto::with_plain(&original_data[..], &passwd, 10240).unwrap();
+		let decrypted_data = crypto.decrypt(&passwd).unwrap();
+		assert_eq!(original_data[..], *decrypted_data);
+	}
+
+	#[test]
+	fn crypto_with_tiny_plain_data() {
+		let original_data = b"{}";
+		let passwd = "this is sparta".into();
+		let crypto = Crypto::with_plain(&original_data[..], &passwd, 10240).unwrap();
+		let decrypted_data = crypto.decrypt(&passwd).unwrap();
+		assert_eq!(original_data[..], *decrypted_data);
+	}
+
+	#[test]
+	fn crypto_with_huge_plain_data() {
+		let original_data: Vec<_> = (1..65536).map(|i| (i % 256) as u8).collect();
+		let passwd = "this is sparta".into();
+		let crypto = Crypto::with_plain(&original_data, &passwd, 10240).unwrap();
+		let decrypted_data = crypto.decrypt(&passwd).unwrap();
+		assert_eq!(&original_data, &decrypted_data);
+	}
+}

accounts/ethstore/src/account/kdf.rs

@@ -0,0 +1,125 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use json;
+
+#[derive(Debug, PartialEq, Clone)]
+pub enum Prf {
+	HmacSha256,
+}
+
+#[derive(Debug, PartialEq, Clone)]
+pub struct Pbkdf2 {
+	pub c: u32,
+	pub dklen: u32,
+	pub prf: Prf,
+	pub salt: Vec<u8>,
+}
+
+#[derive(Debug, PartialEq, Clone)]
+pub struct Scrypt {
+	pub dklen: u32,
+	pub p: u32,
+	pub n: u32,
+	pub r: u32,
+	pub salt: Vec<u8>,
+}
+
+#[derive(Debug, PartialEq, Clone)]
+pub enum Kdf {
+	Pbkdf2(Pbkdf2),
+	Scrypt(Scrypt),
+}
+
+impl From<json::Prf> for Prf {
+	fn from(json: json::Prf) -> Self {
+		match json {
+			json::Prf::HmacSha256 => Prf::HmacSha256,
+		}
+	}
+}
+
+impl Into<json::Prf> for Prf {
+	fn into(self) -> json::Prf {
+		match self {
+			Prf::HmacSha256 => json::Prf::HmacSha256,
+		}
+	}
+}
+
+impl From<json::Pbkdf2> for Pbkdf2 {
+	fn from(json: json::Pbkdf2) -> Self {
+		Pbkdf2 {
+			c: json.c,
+			dklen: json.dklen,
+			prf: From::from(json.prf),
+			salt: json.salt.into(),
+		}
+	}
+}
+
+impl Into<json::Pbkdf2> for Pbkdf2 {
+	fn into(self) -> json::Pbkdf2 {
+		json::Pbkdf2 {
+			c: self.c,
+			dklen: self.dklen,
+			prf: self.prf.into(),
+			salt: From::from(self.salt),
+		}
+	}
+}
+
+impl From<json::Scrypt> for Scrypt {
+	fn from(json: json::Scrypt) -> Self {
+		Scrypt {
+			dklen: json.dklen,
+			p: json.p,
+			n: json.n,
+			r: json.r,
+			salt: json.salt.into(),
+		}
+	}
+}
+
+impl Into<json::Scrypt> for Scrypt {
+	fn into(self) -> json::Scrypt {
+		json::Scrypt {
+			dklen: self.dklen,
+			p: self.p,
+			n: self.n,
+			r: self.r,
+			salt: From::from(self.salt),
+		}
+	}
+}
+
+impl From<json::Kdf> for Kdf {
+	fn from(json: json::Kdf) -> Self {
+		match json {
+			json::Kdf::Pbkdf2(params) => Kdf::Pbkdf2(From::from(params)),
+			json::Kdf::Scrypt(params) => Kdf::Scrypt(From::from(params)),
+		}
+	}
+}
+
+impl Into<json::Kdf> for Kdf {
+	fn into(self) -> json::Kdf {
+		match self {
+			Kdf::Pbkdf2(params) => json::Kdf::Pbkdf2(params.into()),
+			Kdf::Scrypt(params) => json::Kdf::Scrypt(params.into()),
+		}
+	}
+}

accounts/ethstore/src/account/mod.rs

@@ -0,0 +1,27 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+mod cipher;
+mod crypto;
+mod kdf;
+mod safe_account;
+mod version;
+
+pub use self::cipher::{Cipher, Aes128Ctr};
+pub use self::crypto::Crypto;
+pub use self::kdf::{Kdf, Pbkdf2, Scrypt, Prf};
+pub use self::safe_account::SafeAccount;
+pub use self::version::Version;

accounts/ethstore/src/account/safe_account.rs

@@ -0,0 +1,229 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use ethkey::{self, KeyPair, sign, Address, Password, Signature, Message, Public, Secret};
+use ethkey::crypto::ecdh::agree;
+use {json, Error};
+use account::Version;
+use crypto;
+use super::crypto::Crypto;
+
+/// Account representation.
+#[derive(Debug, PartialEq, Clone)]
+pub struct SafeAccount {
+	/// Account ID
+	pub id: [u8; 16],
+	/// Account version
+	pub version: Version,
+	/// Account address
+	pub address: Address,
+	/// Account private key derivation definition.
+	pub crypto: Crypto,
+	/// Account filename
+	pub filename: Option<String>,
+	/// Account name
+	pub name: String,
+	/// Account metadata
+	pub meta: String,
+}
+
+impl Into<json::KeyFile> for SafeAccount {
+	fn into(self) -> json::KeyFile {
+		json::KeyFile {
+			id: From::from(self.id),
+			version: self.version.into(),
+			address: Some(self.address.into()),
+			crypto: self.crypto.into(),
+			name: Some(self.name.into()),
+			meta: Some(self.meta.into()),
+		}
+	}
+}
+
+impl SafeAccount {
+	/// Create a new account
+	pub fn create(
+		keypair: &KeyPair,
+		id: [u8; 16],
+		password: &Password,
+		iterations: u32,
+		name: String,
+		meta: String
+	) -> Result<Self, crypto::Error> {
+		Ok(SafeAccount {
+			id: id,
+			version: Version::V3,
+			crypto: Crypto::with_secret(keypair.secret(), password, iterations)?,
+			address: keypair.address(),
+			filename: None,
+			name: name,
+			meta: meta,
+		})
+	}
+
+	/// Create a new `SafeAccount` from the given `json`; if it was read from a
+	/// file, the `filename` should be `Some` name. If it is as yet anonymous, then it
+	/// can be left `None`.
+	/// In case `password` is provided, we will attempt to read the secret from the keyfile
+	/// and derive the address from it instead of reading it directly.
+	/// Providing password is required for `json::KeyFile`s with no address.
+	pub fn from_file(json: json::KeyFile, filename: Option<String>, password: &Option<Password>) -> Result<Self, Error> {
+		let crypto = Crypto::from(json.crypto);
+		let address = match (password, &json.address) {
+			(None, Some(json_address)) => json_address.into(),
+			(None, None) => Err(Error::Custom(
+				"This keystore does not contain address. You need to provide password to import it".into()))?,
+			(Some(password), json_address) => {
+				let derived_address = KeyPair::from_secret(
+					crypto.secret(&password).map_err(|_| Error::InvalidPassword)?
+				)?.address();
+
+				match json_address {
+					Some(json_address) => {
+						let json_address = json_address.into();
+						if derived_address != json_address {
+							warn!("Detected address mismatch when opening an account. Derived: {:?}, in json got: {:?}",
+								derived_address, json_address);
+						}
+					},
+					_ => {},
+				}
+				derived_address
+			}
+		};
+
+		Ok(SafeAccount {
+			id: json.id.into(),
+			version: json.version.into(),
+			address,
+			crypto,
+			filename,
+			name: json.name.unwrap_or(String::new()),
+			meta: json.meta.unwrap_or("{}".to_owned()),
+		})
+	}
+
+	/// Create a new `SafeAccount` from the given vault `json`; if it was read from a
+	/// file, the `filename` should be `Some` name. If it is as yet anonymous, then it
+	/// can be left `None`.
+	pub fn from_vault_file(password: &Password, json: json::VaultKeyFile, filename: Option<String>) -> Result<Self, Error> {
+		let meta_crypto: Crypto = json.metacrypto.into();
+		let meta_plain = meta_crypto.decrypt(password)?;
+		let meta_plain = json::VaultKeyMeta::load(&meta_plain).map_err(|e| Error::Custom(format!("{:?}", e)))?;
+
+		SafeAccount::from_file(json::KeyFile {
+			id: json.id,
+			version: json.version,
+			crypto: json.crypto,
+			address: Some(meta_plain.address),
+			name: meta_plain.name,
+			meta: meta_plain.meta,
+		}, filename, &None)
+	}
+
+	/// Create a new `VaultKeyFile` from the given `self`
+	pub fn into_vault_file(self, iterations: u32, password: &Password) -> Result<json::VaultKeyFile, Error> {
+		let meta_plain = json::VaultKeyMeta {
+			address: self.address.into(),
+			name: Some(self.name),
+			meta: Some(self.meta),
+		};
+		let meta_plain = meta_plain.write().map_err(|e| Error::Custom(format!("{:?}", e)))?;
+		let meta_crypto = Crypto::with_plain(&meta_plain, password, iterations)?;
+
+		Ok(json::VaultKeyFile {
+			id: self.id.into(),
+			version: self.version.into(),
+			crypto: self.crypto.into(),
+			metacrypto: meta_crypto.into(),
+		})
+	}
+
+	/// Sign a message.
+	pub fn sign(&self, password: &Password, message: &Message) -> Result<Signature, Error> {
+		let secret = self.crypto.secret(password)?;
+		sign(&secret, message).map_err(From::from)
+	}
+
+	/// Decrypt a message.
+	pub fn decrypt(&self, password: &Password, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error> {
+		let secret = self.crypto.secret(password)?;
+		ethkey::crypto::ecies::decrypt(&secret, shared_mac, message).map_err(From::from)
+	}
+
+	/// Agree on shared key.
+	pub fn agree(&self, password: &Password, other: &Public) -> Result<Secret, Error> {
+		let secret = self.crypto.secret(password)?;
+		agree(&secret, other).map_err(From::from)
+	}
+
+	/// Derive public key.
+	pub fn public(&self, password: &Password) -> Result<Public, Error> {
+		let secret = self.crypto.secret(password)?;
+		Ok(KeyPair::from_secret(secret)?.public().clone())
+	}
+
+	/// Change account's password.
+	pub fn change_password(&self, old_password: &Password, new_password: &Password, iterations: u32) -> Result<Self, Error> {
+		let secret = self.crypto.secret(old_password)?;
+		let result = SafeAccount {
+			id: self.id.clone(),
+			version: self.version.clone(),
+			crypto: Crypto::with_secret(&secret, new_password, iterations)?,
+			address: self.address.clone(),
+			filename: self.filename.clone(),
+			name: self.name.clone(),
+			meta: self.meta.clone(),
+		};
+		Ok(result)
+	}
+
+	/// Check if password matches the account.
+	pub fn check_password(&self, password: &Password) -> bool {
+		self.crypto.secret(password).is_ok()
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use ethkey::{Generator, Random, verify_public, Message};
+	use super::SafeAccount;
+
+	#[test]
+	fn sign_and_verify_public() {
+		let keypair = Random.generate().unwrap();
+		let password = "hello world".into();
+		let message = Message::default();
+		let account = SafeAccount::create(&keypair, [0u8; 16], &password, 10240, "Test".to_owned(), "{}".to_owned());
+		let signature = account.unwrap().sign(&password, &message).unwrap();
+		assert!(verify_public(keypair.public(), &signature, &message).unwrap());
+	}
+
+	#[test]
+	fn change_password() {
+		let keypair = Random.generate().unwrap();
+		let first_password = "hello world".into();
+		let sec_password = "this is sparta".into();
+		let i = 10240;
+		let message = Message::default();
+		let account = SafeAccount::create(&keypair, [0u8; 16], &first_password, i, "Test".to_owned(), "{}".to_owned()).unwrap();
+		let new_account = account.change_password(&first_password, &sec_password, i).unwrap();
+		assert!(account.sign(&first_password, &message).is_ok());
+		assert!(account.sign(&sec_password, &message).is_err());
+		assert!(new_account.sign(&first_password, &message).is_err());
+		assert!(new_account.sign(&sec_password, &message).is_ok());
+	}
+}

accounts/ethstore/src/account/version.rs

@@ -1,18 +1,18 @@
-// Copyright 2015-2020 Parity Technologies (UK) Ltd.
-// This file is part of OpenEthereum.
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
 
-// OpenEthereum is free software: you can redistribute it and/or modify
+// Parity Ethereum is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 
-// OpenEthereum is distributed in the hope that it will be useful,
+// Parity Ethereum is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU General Public License for more details.
 
 // You should have received a copy of the GNU General Public License
-// along with OpenEthereum.  If not, see <http://www.gnu.org/licenses/>.
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
 
 use json;
 

accounts/ethstore/src/accounts_dir/disk.rs

@@ -0,0 +1,486 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{fs, io};
+use std::io::Write;
+use std::path::{PathBuf, Path};
+use std::collections::HashMap;
+use time;
+use {json, SafeAccount, Error};
+use json::Uuid;
+use super::{KeyDirectory, VaultKeyDirectory, VaultKeyDirectoryProvider, VaultKey};
+use super::vault::{VAULT_FILE_NAME, VaultDiskDirectory};
+use ethkey::Password;
+
+const IGNORED_FILES: &'static [&'static str] = &[
+	"thumbs.db",
+	"address_book.json",
+	"dapps_policy.json",
+	"dapps_accounts.json",
+	"dapps_history.json",
+	"vault.json",
+];
+
+/// Find a unique filename that does not exist using four-letter random suffix.
+pub fn find_unique_filename_using_random_suffix(parent_path: &Path, original_filename: &str) -> io::Result<String> {
+	let mut path = parent_path.join(original_filename);
+	let mut deduped_filename = original_filename.to_string();
+
+	if path.exists() {
+		const MAX_RETRIES: usize = 500;
+		let mut retries = 0;
+
+		while path.exists() {
+			if retries >= MAX_RETRIES {
+				return Err(io::Error::new(io::ErrorKind::Other, "Exceeded maximum retries when deduplicating filename."));
+			}
+
+			let suffix = ::random::random_string(4);
+			deduped_filename = format!("{}-{}", original_filename, suffix);
+			path.set_file_name(&deduped_filename);
+			retries += 1;
+		}
+	}
+
+	Ok(deduped_filename)
+}
+
+/// Create a new file and restrict permissions to owner only. It errors if the file already exists.
+#[cfg(unix)]
+pub fn create_new_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
+	use libc;
+	use std::os::unix::fs::OpenOptionsExt;
+
+	fs::OpenOptions::new()
+		.write(true)
+		.create_new(true)
+		.mode((libc::S_IWUSR | libc::S_IRUSR) as u32)
+		.open(file_path)
+}
+
+/// Create a new file and restrict permissions to owner only. It errors if the file already exists.
+#[cfg(not(unix))]
+pub fn create_new_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
+	fs::OpenOptions::new()
+		.write(true)
+		.create_new(true)
+		.open(file_path)
+}
+
+/// Create a new file and restrict permissions to owner only. It replaces the existing file if it already exists.
+#[cfg(unix)]
+pub fn replace_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
+	use libc;
+	use std::os::unix::fs::PermissionsExt;
+
+	let file = fs::File::create(file_path)?;
+	let mut permissions = file.metadata()?.permissions();
+	permissions.set_mode((libc::S_IWUSR | libc::S_IRUSR) as u32);
+	file.set_permissions(permissions)?;
+
+	Ok(file)
+}
+
+/// Create a new file and restrict permissions to owner only. It replaces the existing file if it already exists.
+#[cfg(not(unix))]
+pub fn replace_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
+	fs::File::create(file_path)
+}
+
+/// Root keys directory implementation
+pub type RootDiskDirectory = DiskDirectory<DiskKeyFileManager>;
+
+/// Disk directory key file manager
+pub trait KeyFileManager: Send + Sync {
+	/// Read `SafeAccount` from given key file stream
+	fn read<T>(&self, filename: Option<String>, reader: T) -> Result<SafeAccount, Error> where T: io::Read;
+
+	/// Write `SafeAccount` to given key file stream
+	fn write<T>(&self, account: SafeAccount, writer: &mut T) -> Result<(), Error> where T: io::Write;
+}
+
+/// Disk-based keys directory implementation
+pub struct DiskDirectory<T> where T: KeyFileManager {
+	path: PathBuf,
+	key_manager: T,
+}
+
+/// Keys file manager for root keys directory
+#[derive(Default)]
+pub struct DiskKeyFileManager {
+	password: Option<Password>,
+}
+
+impl RootDiskDirectory {
+	pub fn create<P>(path: P) -> Result<Self, Error> where P: AsRef<Path> {
+		fs::create_dir_all(&path)?;
+		Ok(Self::at(path))
+	}
+
+	/// allows to read keyfiles with given password (needed for keyfiles w/o address)
+	pub fn with_password(&self, password: Option<Password>) -> Self {
+		DiskDirectory::new(&self.path, DiskKeyFileManager { password })
+	}
+
+	pub fn at<P>(path: P) -> Self where P: AsRef<Path> {
+		DiskDirectory::new(path, DiskKeyFileManager::default())
+	}
+}
+
+impl<T> DiskDirectory<T> where T: KeyFileManager {
+	/// Create new disk directory instance
+	pub fn new<P>(path: P, key_manager: T) -> Self where P: AsRef<Path> {
+		DiskDirectory {
+			path: path.as_ref().to_path_buf(),
+			key_manager: key_manager,
+		}
+	}
+
+	fn files(&self) -> Result<Vec<PathBuf>, Error>  {
+		Ok(fs::read_dir(&self.path)?
+			.flat_map(Result::ok)
+			.filter(|entry| {
+				let metadata = entry.metadata().ok();
+				let file_name = entry.file_name();
+				let name = file_name.to_string_lossy();
+				// filter directories
+				metadata.map_or(false, |m| !m.is_dir()) &&
+					// hidden files
+					!name.starts_with(".") &&
+					// other ignored files
+					!IGNORED_FILES.contains(&&*name)
+			})
+			.map(|entry| entry.path())
+			.collect::<Vec<PathBuf>>()
+		)
+	}
+
+	pub fn files_hash(&self) -> Result<u64, Error> {
+		use std::collections::hash_map::DefaultHasher;
+		use std::hash::Hasher;
+
+    	let mut hasher = DefaultHasher::new();
+		let files = self.files()?;
+		for file in files {
+			hasher.write(file.to_str().unwrap_or("").as_bytes())
+		}
+
+		Ok(hasher.finish())
+	}
+
+	fn last_modification_date(&self) -> Result<u64, Error> {
+		use std::time::{Duration, UNIX_EPOCH};
+		let duration = fs::metadata(&self.path)?.modified()?.duration_since(UNIX_EPOCH).unwrap_or(Duration::default());
+		let timestamp = duration.as_secs() ^ (duration.subsec_nanos() as u64);
+		Ok(timestamp)
+	}
+
+	/// all accounts found in keys directory
+	fn files_content(&self) -> Result<HashMap<PathBuf, SafeAccount>, Error> {
+		// it's not done using one iterator cause
+		// there is an issue with rustc and it takes tooo much time to compile
+		let paths = self.files()?;
+		Ok(paths
+			.into_iter()
+			.filter_map(|path| {
+				let filename = Some(path.file_name().and_then(|n| n.to_str()).expect("Keys have valid UTF8 names only.").to_owned());
+				fs::File::open(path.clone())
+					.map_err(Into::into)
+					.and_then(|file| self.key_manager.read(filename, file))
+					.map_err(|err| {
+						warn!("Invalid key file: {:?} ({})", path, err);
+						err
+					})
+					.map(|account| (path, account))
+					.ok()
+			})
+			.collect()
+		)
+	}
+
+	/// insert account with given filename. if the filename is a duplicate of any stored account and dedup is set to
+	/// true, a random suffix is appended to the filename.
+	pub fn insert_with_filename(&self, account: SafeAccount, mut filename: String, dedup: bool) -> Result<SafeAccount, Error> {
+		if dedup {
+			filename = find_unique_filename_using_random_suffix(&self.path, &filename)?;
+		}
+
+		// path to keyfile
+		let keyfile_path = self.path.join(filename.as_str());
+
+		// update account filename
+		let original_account = account.clone();
+		let mut account = account;
+		account.filename = Some(filename);
+
+		{
+			// save the file
+			let mut file = if dedup {
+				create_new_file_with_permissions_to_owner(&keyfile_path)?
+			} else {
+				replace_file_with_permissions_to_owner(&keyfile_path)?
+			};
+
+			// write key content
+			self.key_manager.write(original_account, &mut file).map_err(|e| Error::Custom(format!("{:?}", e)))?;
+
+			file.flush()?;
+			file.sync_all()?;
+		}
+
+		Ok(account)
+	}
+
+	/// Get key file manager referece
+	pub fn key_manager(&self) -> &T {
+		&self.key_manager
+	}
+}
+
+impl<T> KeyDirectory for DiskDirectory<T> where T: KeyFileManager {
+	fn load(&self) -> Result<Vec<SafeAccount>, Error> {
+		let accounts = self.files_content()?
+			.into_iter()
+			.map(|(_, account)| account)
+			.collect();
+		Ok(accounts)
+	}
+
+	fn update(&self, account: SafeAccount) -> Result<SafeAccount, Error> {
+		// Disk store handles updates correctly iff filename is the same
+		let filename = account_filename(&account);
+		self.insert_with_filename(account, filename, false)
+	}
+
+	fn insert(&self, account: SafeAccount) -> Result<SafeAccount, Error> {
+		let filename = account_filename(&account);
+		self.insert_with_filename(account, filename, true)
+	}
+
+	fn remove(&self, account: &SafeAccount) -> Result<(), Error> {
+		// enumerate all entries in keystore
+		// and find entry with given address
+		let to_remove = self.files_content()?
+			.into_iter()
+			.find(|&(_, ref acc)| acc.id == account.id && acc.address == account.address);
+
+		// remove it
+		match to_remove {
+			None => Err(Error::InvalidAccount),
+			Some((path, _)) => fs::remove_file(path).map_err(From::from)
+		}
+	}
+
+	fn path(&self) -> Option<&PathBuf> { Some(&self.path) }
+
+	fn as_vault_provider(&self) -> Option<&VaultKeyDirectoryProvider> {
+		Some(self)
+	}
+
+	fn unique_repr(&self) -> Result<u64, Error> {
+		self.last_modification_date()
+	}
+}
+
+impl<T> VaultKeyDirectoryProvider for DiskDirectory<T> where T: KeyFileManager {
+	fn create(&self, name: &str, key: VaultKey) -> Result<Box<VaultKeyDirectory>, Error> {
+		let vault_dir = VaultDiskDirectory::create(&self.path, name, key)?;
+		Ok(Box::new(vault_dir))
+	}
+
+	fn open(&self, name: &str, key: VaultKey) -> Result<Box<VaultKeyDirectory>, Error> {
+		let vault_dir = VaultDiskDirectory::at(&self.path, name, key)?;
+		Ok(Box::new(vault_dir))
+	}
+
+	fn list_vaults(&self) -> Result<Vec<String>, Error> {
+		Ok(fs::read_dir(&self.path)?
+			.filter_map(|e| e.ok().map(|e| e.path()))
+			.filter_map(|path| {
+				let mut vault_file_path = path.clone();
+				vault_file_path.push(VAULT_FILE_NAME);
+				if vault_file_path.is_file() {
+					path.file_name().and_then(|f| f.to_str()).map(|f| f.to_owned())
+				} else {
+					None
+				}
+			})
+			.collect())
+	}
+
+	fn vault_meta(&self, name: &str) -> Result<String, Error> {
+		VaultDiskDirectory::meta_at(&self.path, name)
+	}
+}
+
+impl KeyFileManager for DiskKeyFileManager {
+	fn read<T>(&self, filename: Option<String>, reader: T) -> Result<SafeAccount, Error> where T: io::Read {
+		let key_file = json::KeyFile::load(reader).map_err(|e| Error::Custom(format!("{:?}", e)))?;
+		SafeAccount::from_file(key_file, filename, &self.password)
+	}
+
+	fn write<T>(&self, mut account: SafeAccount, writer: &mut T) -> Result<(), Error> where T: io::Write {
+		// when account is moved back to root directory from vault
+		// => remove vault field from meta
+		account.meta = json::remove_vault_name_from_json_meta(&account.meta)
+			.map_err(|err| Error::Custom(format!("{:?}", err)))?;
+
+		let key_file: json::KeyFile = account.into();
+		key_file.write(writer).map_err(|e| Error::Custom(format!("{:?}", e)))
+	}
+}
+
+fn account_filename(account: &SafeAccount) -> String {
+	// build file path
+	account.filename.clone().unwrap_or_else(|| {
+		let timestamp = time::strftime("%Y-%m-%dT%H-%M-%S", &time::now_utc()).expect("Time-format string is valid.");
+		format!("UTC--{}Z--{}", timestamp, Uuid::from(account.id))
+	})
+}
+
+#[cfg(test)]
+mod test {
+	extern crate tempdir;
+
+	use std::{env, fs};
+	use super::{KeyDirectory, RootDiskDirectory, VaultKey};
+	use account::SafeAccount;
+	use ethkey::{Random, Generator};
+	use self::tempdir::TempDir;
+
+	#[test]
+	fn should_create_new_account() {
+		// given
+		let mut dir = env::temp_dir();
+		dir.push("ethstore_should_create_new_account");
+		let keypair = Random.generate().unwrap();
+		let password = "hello world".into();
+		let directory = RootDiskDirectory::create(dir.clone()).unwrap();
+
+		// when
+		let account = SafeAccount::create(&keypair, [0u8; 16], &password, 1024, "Test".to_owned(), "{}".to_owned());
+		let res = directory.insert(account.unwrap());
+
+		// then
+		assert!(res.is_ok(), "Should save account succesfuly.");
+		assert!(res.unwrap().filename.is_some(), "Filename has been assigned.");
+
+		// cleanup
+		let _ = fs::remove_dir_all(dir);
+	}
+
+	#[test]
+	fn should_handle_duplicate_filenames() {
+		// given
+		let mut dir = env::temp_dir();
+		dir.push("ethstore_should_handle_duplicate_filenames");
+		let keypair = Random.generate().unwrap();
+		let password = "hello world".into();
+		let directory = RootDiskDirectory::create(dir.clone()).unwrap();
+
+		// when
+		let account = SafeAccount::create(&keypair, [0u8; 16], &password, 1024, "Test".to_owned(), "{}".to_owned()).unwrap();
+		let filename = "test".to_string();
+		let dedup = true;
+
+		directory.insert_with_filename(account.clone(), "foo".to_string(), dedup).unwrap();
+		let file1 = directory.insert_with_filename(account.clone(), filename.clone(), dedup).unwrap().filename.unwrap();
+		let file2 = directory.insert_with_filename(account.clone(), filename.clone(), dedup).unwrap().filename.unwrap();
+		let file3 = directory.insert_with_filename(account.clone(), filename.clone(), dedup).unwrap().filename.unwrap();
+
+		// then
+		// the first file should have the original names
+		assert_eq!(file1, filename);
+
+		// the following duplicate files should have a suffix appended
+		assert!(file2 != file3);
+		assert_eq!(file2.len(), filename.len() + 5);
+		assert_eq!(file3.len(), filename.len() + 5);
+
+		// cleanup
+		let _ = fs::remove_dir_all(dir);
+	}
+
+	#[test]
+	fn should_manage_vaults() {
+		// given
+		let mut dir = env::temp_dir();
+		dir.push("should_create_new_vault");
+		let directory = RootDiskDirectory::create(dir.clone()).unwrap();
+		let vault_name = "vault";
+		let password = "password".into();
+
+		// then
+		assert!(directory.as_vault_provider().is_some());
+
+		// and when
+		let before_root_items_count = fs::read_dir(&dir).unwrap().count();
+		let vault = directory.as_vault_provider().unwrap().create(vault_name, VaultKey::new(&password, 1024));
+
+		// then
+		assert!(vault.is_ok());
+		let after_root_items_count = fs::read_dir(&dir).unwrap().count();
+		assert!(after_root_items_count > before_root_items_count);
+
+		// and when
+		let vault = directory.as_vault_provider().unwrap().open(vault_name, VaultKey::new(&password, 1024));
+
+		// then
+		assert!(vault.is_ok());
+		let after_root_items_count2 = fs::read_dir(&dir).unwrap().count();
+		assert!(after_root_items_count == after_root_items_count2);
+
+		// cleanup
+		let _ = fs::remove_dir_all(dir);
+	}
+
+	#[test]
+	fn should_list_vaults() {
+		// given
+		let temp_path = TempDir::new("").unwrap();
+		let directory = RootDiskDirectory::create(&temp_path).unwrap();
+		let vault_provider = directory.as_vault_provider().unwrap();
+		vault_provider.create("vault1", VaultKey::new(&"password1".into(), 1)).unwrap();
+		vault_provider.create("vault2", VaultKey::new(&"password2".into(), 1)).unwrap();
+
+		// then
+		let vaults = vault_provider.list_vaults().unwrap();
+		assert_eq!(vaults.len(), 2);
+		assert!(vaults.iter().any(|v| &*v == "vault1"));
+		assert!(vaults.iter().any(|v| &*v == "vault2"));
+	}
+
+	#[test]
+	fn hash_of_files() {
+		let temp_path = TempDir::new("").unwrap();
+		let directory = RootDiskDirectory::create(&temp_path).unwrap();
+
+		let hash = directory.files_hash().expect("Files hash should be calculated ok");
+		assert_eq!(
+			hash,
+			15130871412783076140
+		);
+
+		let keypair = Random.generate().unwrap();
+		let password = "test pass".into();
+		let account = SafeAccount::create(&keypair, [0u8; 16], &password, 1024, "Test".to_owned(), "{}".to_owned());
+		directory.insert(account.unwrap()).expect("Account should be inserted ok");
+
+		let new_hash = directory.files_hash().expect("New files hash should be calculated ok");
+
+		assert!(new_hash != hash, "hash of the file list should change once directory content changed");
+	}
+}

accounts/ethstore/src/accounts_dir/memory.rs

@@ -0,0 +1,74 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::collections::HashMap;
+use parking_lot::RwLock;
+use itertools;
+use ethkey::Address;
+
+use {SafeAccount, Error};
+use super::KeyDirectory;
+
+/// Accounts in-memory storage.
+#[derive(Default)]
+pub struct MemoryDirectory {
+	accounts: RwLock<HashMap<Address, Vec<SafeAccount>>>,
+}
+
+impl KeyDirectory for MemoryDirectory {
+	fn load(&self) -> Result<Vec<SafeAccount>, Error> {
+		Ok(itertools::Itertools::flatten(self.accounts.read().values().cloned()).collect())
+	}
+
+	fn update(&self, account: SafeAccount) -> Result<SafeAccount, Error> {
+		let mut lock = self.accounts.write();
+		let accounts = lock.entry(account.address.clone()).or_insert_with(Vec::new);
+		// If the filename is the same we just need to replace the entry
+		accounts.retain(|acc| acc.filename != account.filename);
+		accounts.push(account.clone());
+		Ok(account)
+	}
+
+	fn insert(&self, account: SafeAccount) -> Result<SafeAccount, Error> {
+		let mut lock = self.accounts.write();
+		let accounts = lock.entry(account.address.clone()).or_insert_with(Vec::new);
+		accounts.push(account.clone());
+		Ok(account)
+	}
+
+	fn remove(&self, account: &SafeAccount) -> Result<(), Error> {
+		let mut accounts = self.accounts.write();
+		let is_empty = if let Some(accounts) = accounts.get_mut(&account.address) {
+			if let Some(position) = accounts.iter().position(|acc| acc == account) {
+				accounts.remove(position);
+			}
+			accounts.is_empty()
+		} else {
+			false
+		};
+		if is_empty {
+			accounts.remove(&account.address);
+		}
+		Ok(())
+	}
+
+	fn unique_repr(&self) -> Result<u64, Error> {
+		let mut val = 0u64;
+		let accounts = self.accounts.read();
+		for acc in accounts.keys() { val = val ^ acc.low_u64() }
+		Ok(val)
+	}
+}

accounts/ethstore/src/accounts_dir/mod.rs

@@ -0,0 +1,105 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Accounts Directory
+
+use ethkey::Password;
+use std::path::{PathBuf};
+use {SafeAccount, Error};
+
+mod disk;
+mod memory;
+mod vault;
+
+/// `VaultKeyDirectory::set_key` error
+#[derive(Debug)]
+pub enum SetKeyError {
+	/// Error is fatal and directory is probably in inconsistent state
+	Fatal(Error),
+	/// Error is non fatal, directory is reverted to pre-operation state
+	NonFatalOld(Error),
+	/// Error is non fatal, directory is consistent with new key
+	NonFatalNew(Error),
+}
+
+/// Vault key
+#[derive(Clone, PartialEq, Eq)]
+pub struct VaultKey {
+	/// Vault password
+	pub password: Password,
+	/// Number of iterations to produce a derived key from password
+	pub iterations: u32,
+}
+
+/// Keys directory
+pub trait KeyDirectory: Send + Sync {
+	/// Read keys from directory
+	fn load(&self) -> Result<Vec<SafeAccount>, Error>;
+	/// Insert new key to directory
+	fn insert(&self, account: SafeAccount) -> Result<SafeAccount, Error>;
+	/// Update key in the directory
+	fn update(&self, account: SafeAccount) -> Result<SafeAccount, Error>;
+	/// Remove key from directory
+	fn remove(&self, account: &SafeAccount) -> Result<(), Error>;
+	/// Get directory filesystem path, if available
+	fn path(&self) -> Option<&PathBuf> { None }
+	/// Return vault provider, if available
+	fn as_vault_provider(&self) -> Option<&VaultKeyDirectoryProvider> { None }
+	/// Unique representation of directory account collection
+	fn unique_repr(&self) -> Result<u64, Error>;
+}
+
+/// Vaults provider
+pub trait VaultKeyDirectoryProvider {
+	/// Create new vault with given key
+	fn create(&self, name: &str, key: VaultKey) -> Result<Box<VaultKeyDirectory>, Error>;
+	/// Open existing vault with given key
+	fn open(&self, name: &str, key: VaultKey) -> Result<Box<VaultKeyDirectory>, Error>;
+	/// List all vaults
+	fn list_vaults(&self) -> Result<Vec<String>, Error>;
+	/// Get vault meta
+	fn vault_meta(&self, name: &str) -> Result<String, Error>;
+}
+
+/// Vault directory
+pub trait VaultKeyDirectory: KeyDirectory {
+	/// Cast to `KeyDirectory`
+	fn as_key_directory(&self) -> &KeyDirectory;
+	/// Vault name
+	fn name(&self) -> &str;
+	/// Get vault key
+	fn key(&self) -> VaultKey;
+	/// Set new key for vault
+	fn set_key(&self, key: VaultKey) -> Result<(), SetKeyError>;
+	/// Get vault meta
+	fn meta(&self) -> String;
+	/// Set vault meta
+	fn set_meta(&self, meta: &str) -> Result<(), Error>;
+}
+
+pub use self::disk::{RootDiskDirectory, DiskKeyFileManager, KeyFileManager};
+pub use self::memory::MemoryDirectory;
+pub use self::vault::VaultDiskDirectory;
+
+impl VaultKey {
+	/// Create new vault key
+	pub fn new(password: &Password, iterations: u32) -> Self {
+		VaultKey {
+			password: password.clone(),
+			iterations: iterations,
+		}
+	}
+}

accounts/ethstore/src/accounts_dir/vault.rs

@@ -0,0 +1,443 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{fs, io};
+use std::path::{PathBuf, Path};
+use parking_lot::Mutex;
+use {json, SafeAccount, Error};
+use crypto::Keccak256;
+use super::super::account::Crypto;
+use super::{KeyDirectory, VaultKeyDirectory, VaultKey, SetKeyError};
+use super::disk::{self, DiskDirectory, KeyFileManager};
+
+/// Name of vault metadata file
+pub const VAULT_FILE_NAME: &'static str = "vault.json";
+/// Name of temporary vault metadata file
+pub const VAULT_TEMP_FILE_NAME: &'static str = "vault_temp.json";
+
+/// Vault directory implementation
+pub type VaultDiskDirectory = DiskDirectory<VaultKeyFileManager>;
+
+/// Vault key file manager
+pub struct VaultKeyFileManager {
+	name: String,
+	key: VaultKey,
+	meta: Mutex<String>,
+}
+
+impl VaultDiskDirectory {
+	/// Create new vault directory with given key
+	pub fn create<P>(root: P, name: &str, key: VaultKey) -> Result<Self, Error> where P: AsRef<Path> {
+		// check that vault directory does not exists
+		let vault_dir_path = make_vault_dir_path(root, name, true)?;
+		if vault_dir_path.exists() {
+			return Err(Error::CreationFailed);
+		}
+
+		// create vault && vault file
+		let vault_meta = "{}";
+		fs::create_dir_all(&vault_dir_path)?;
+		if let Err(err) = create_vault_file(&vault_dir_path, &key, vault_meta) {
+			let _ = fs::remove_dir_all(&vault_dir_path); // can't do anything with this
+			return Err(err);
+		}
+
+		Ok(DiskDirectory::new(vault_dir_path, VaultKeyFileManager::new(name, key, vault_meta)))
+	}
+
+	/// Open existing vault directory with given key
+	pub fn at<P>(root: P, name: &str, key: VaultKey) -> Result<Self, Error> where P: AsRef<Path> {
+		// check that vault directory exists
+		let vault_dir_path = make_vault_dir_path(root, name, true)?;
+		if !vault_dir_path.is_dir() {
+			return Err(Error::CreationFailed);
+		}
+
+		// check that passed key matches vault file
+		let meta = read_vault_file(&vault_dir_path, Some(&key))?;
+
+		Ok(DiskDirectory::new(vault_dir_path, VaultKeyFileManager::new(name, key, &meta)))
+	}
+
+	/// Read vault meta without actually opening the vault
+	pub fn meta_at<P>(root: P, name: &str) -> Result<String, Error> where P: AsRef<Path> {
+		// check that vault directory exists
+		let vault_dir_path = make_vault_dir_path(root, name, true)?;
+		if !vault_dir_path.is_dir() {
+			return Err(Error::VaultNotFound);
+		}
+
+		// check that passed key matches vault file
+		read_vault_file(&vault_dir_path, None)
+	}
+
+	fn create_temp_vault(&self, key: VaultKey) -> Result<VaultDiskDirectory, Error> {
+		let original_path = self.path().expect("self is instance of DiskDirectory; DiskDirectory always returns path; qed");
+		let mut path: PathBuf = original_path.clone();
+		let name = self.name();
+
+		path.push(name); // to jump to the next level
+
+		let mut index = 0;
+		loop {
+			let name = format!("{}_temp_{}", name, index);
+			path.set_file_name(&name);
+			if !path.exists() {
+				return VaultDiskDirectory::create(original_path, &name, key);
+			}
+
+			index += 1;
+		}
+	}
+
+	fn copy_to_vault(&self, vault: &VaultDiskDirectory) -> Result<(), Error> {
+		for account in self.load()? {
+			let filename = account.filename.clone().expect("self is instance of DiskDirectory; DiskDirectory fills filename in load; qed");
+			vault.insert_with_filename(account, filename, true)?;
+		}
+
+		Ok(())
+	}
+
+	fn delete(&self) -> Result<(), Error> {
+		let path = self.path().expect("self is instance of DiskDirectory; DiskDirectory always returns path; qed");
+		fs::remove_dir_all(path).map_err(Into::into)
+	}
+}
+
+impl VaultKeyDirectory for VaultDiskDirectory {
+	fn as_key_directory(&self) -> &KeyDirectory {
+		self
+	}
+
+	fn name(&self) -> &str {
+		&self.key_manager().name
+	}
+
+	fn key(&self) -> VaultKey {
+		self.key_manager().key.clone()
+	}
+
+	fn set_key(&self, new_key: VaultKey) -> Result<(), SetKeyError> {
+		let temp_vault = VaultDiskDirectory::create_temp_vault(self, new_key.clone()).map_err(|err| SetKeyError::NonFatalOld(err))?;
+		let mut source_path = temp_vault.path().expect("temp_vault is instance of DiskDirectory; DiskDirectory always returns path; qed").clone();
+		let mut target_path = self.path().expect("self is instance of DiskDirectory; DiskDirectory always returns path; qed").clone();
+
+		// preserve meta
+		temp_vault.set_meta(&self.meta()).map_err(SetKeyError::NonFatalOld)?;
+
+		// jump to next fs level
+		source_path.push("next");
+		target_path.push("next");
+
+		let temp_accounts = self.copy_to_vault(&temp_vault)
+			.and_then(|_| temp_vault.load())
+			.map_err(|err| {
+				// ignore error, as we already processing error
+				let _ = temp_vault.delete();
+				SetKeyError::NonFatalOld(err)
+			})?;
+
+		// we can't just delete temp vault until all files moved, because
+		// original vault content has already been partially replaced
+		// => when error or crash happens here, we can't do anything
+		for temp_account in temp_accounts {
+			let filename = temp_account.filename.expect("self is instance of DiskDirectory; DiskDirectory fills filename in load; qed");
+			source_path.set_file_name(&filename);
+			target_path.set_file_name(&filename);
+			fs::rename(&source_path, &target_path).map_err(|err| SetKeyError::Fatal(err.into()))?;
+		}
+		source_path.set_file_name(VAULT_FILE_NAME);
+		target_path.set_file_name(VAULT_FILE_NAME);
+		fs::rename(source_path, target_path).map_err(|err| SetKeyError::Fatal(err.into()))?;
+
+		temp_vault.delete().map_err(|err| SetKeyError::NonFatalNew(err))
+	}
+
+	fn meta(&self) -> String {
+		self.key_manager().meta.lock().clone()
+	}
+
+	fn set_meta(&self, meta: &str) -> Result<(), Error> {
+		let key_manager = self.key_manager();
+		let vault_path = self.path().expect("self is instance of DiskDirectory; DiskDirectory always returns path; qed");
+		create_vault_file(vault_path, &key_manager.key, meta)?;
+		*key_manager.meta.lock() = meta.to_owned();
+		Ok(())
+	}
+}
+
+impl VaultKeyFileManager {
+	pub fn new(name: &str, key: VaultKey, meta: &str) -> Self {
+		VaultKeyFileManager {
+			name: name.into(),
+			key: key,
+			meta: Mutex::new(meta.to_owned()),
+		}
+	}
+}
+
+impl KeyFileManager for VaultKeyFileManager {
+	fn read<T>(&self, filename: Option<String>, reader: T) -> Result<SafeAccount, Error> where T: io::Read {
+		let vault_file = json::VaultKeyFile::load(reader).map_err(|e| Error::Custom(format!("{:?}", e)))?;
+		let mut safe_account = SafeAccount::from_vault_file(&self.key.password, vault_file, filename.clone())?;
+
+		safe_account.meta = json::insert_vault_name_to_json_meta(&safe_account.meta, &self.name)
+			.map_err(|err| Error::Custom(format!("{:?}", err)))?;
+		Ok(safe_account)
+	}
+
+	fn write<T>(&self, mut account: SafeAccount, writer: &mut T) -> Result<(), Error> where T: io::Write {
+		account.meta = json::remove_vault_name_from_json_meta(&account.meta)
+			.map_err(|err| Error::Custom(format!("{:?}", err)))?;
+
+		let vault_file: json::VaultKeyFile = account.into_vault_file(self.key.iterations, &self.key.password)?;
+		vault_file.write(writer).map_err(|e| Error::Custom(format!("{:?}", e)))
+	}
+}
+
+/// Makes path to vault directory, checking that vault name is appropriate
+fn make_vault_dir_path<P>(root: P, name: &str, check_name: bool) -> Result<PathBuf, Error> where P: AsRef<Path> {
+	// check vault name
+	if check_name && !check_vault_name(name) {
+		return Err(Error::InvalidVaultName);
+	}
+
+	let mut vault_dir_path: PathBuf = root.as_ref().into();
+	vault_dir_path.push(name);
+	Ok(vault_dir_path)
+}
+
+/// Every vault must have unique name => we rely on filesystem to check this
+/// => vault name must not contain any fs-special characters to avoid directory traversal
+/// => we only allow alphanumeric + separator characters in vault name.
+fn check_vault_name(name: &str) -> bool {
+	!name.is_empty()
+	&& name.chars()
+		.all(|c| c.is_alphanumeric()
+			|| c.is_whitespace()
+			|| c == '-' || c == '_')
+}
+
+/// Vault can be empty, but still must be pluggable => we store vault password in separate file
+fn create_vault_file<P>(vault_dir_path: P, key: &VaultKey, meta: &str) -> Result<(), Error> where P: AsRef<Path> {
+	let password_hash = key.password.as_bytes().keccak256();
+	let crypto = Crypto::with_plain(&password_hash, &key.password, key.iterations)?;
+
+	let vault_file_path = vault_dir_path.as_ref().join(VAULT_FILE_NAME);
+	let temp_vault_file_name = disk::find_unique_filename_using_random_suffix(vault_dir_path.as_ref(), &VAULT_TEMP_FILE_NAME)?;
+	let temp_vault_file_path = vault_dir_path.as_ref().join(&temp_vault_file_name);
+
+	// this method is used to rewrite existing vault file
+	// => write to temporary file first, then rename temporary file to vault file
+	let mut vault_file = disk::create_new_file_with_permissions_to_owner(&temp_vault_file_path)?;
+	let vault_file_contents = json::VaultFile {
+		crypto: crypto.into(),
+		meta: Some(meta.to_owned()),
+	};
+	vault_file_contents.write(&mut vault_file).map_err(|e| Error::Custom(format!("{:?}", e)))?;
+	drop(vault_file);
+	fs::rename(&temp_vault_file_path, &vault_file_path)?;
+
+	Ok(())
+}
+
+/// When vault is opened => we must check that password matches && read metadata
+fn read_vault_file<P>(vault_dir_path: P, key: Option<&VaultKey>) -> Result<String, Error> where P: AsRef<Path> {
+	let mut vault_file_path: PathBuf = vault_dir_path.as_ref().into();
+	vault_file_path.push(VAULT_FILE_NAME);
+
+	let vault_file = fs::File::open(vault_file_path)?;
+	let vault_file_contents = json::VaultFile::load(vault_file).map_err(|e| Error::Custom(format!("{:?}", e)))?;
+	let vault_file_meta = vault_file_contents.meta.unwrap_or("{}".to_owned());
+	let vault_file_crypto: Crypto = vault_file_contents.crypto.into();
+
+	if let Some(key) = key {
+		let password_bytes = vault_file_crypto.decrypt(&key.password)?;
+		let password_hash = key.password.as_bytes().keccak256();
+		if password_hash != password_bytes.as_slice() {
+			return Err(Error::InvalidPassword);
+		}
+	}
+
+	Ok(vault_file_meta)
+}
+
+#[cfg(test)]
+mod test {
+	extern crate tempdir;
+
+	use std::fs;
+	use std::io::Write;
+	use std::path::PathBuf;
+	use super::VaultKey;
+	use super::{VAULT_FILE_NAME, check_vault_name, make_vault_dir_path, create_vault_file, read_vault_file, VaultDiskDirectory};
+	use self::tempdir::TempDir;
+
+	#[test]
+	fn check_vault_name_succeeds() {
+		assert!(check_vault_name("vault"));
+		assert!(check_vault_name("vault with spaces"));
+		assert!(check_vault_name("vault	with	tabs"));
+		assert!(check_vault_name("vault_with_underscores"));
+		assert!(check_vault_name("vault-with-dashes"));
+		assert!(check_vault_name("vault-with-digits-123"));
+		assert!(check_vault_name("vault中文名字"));
+	}
+
+	#[test]
+	fn check_vault_name_fails() {
+		assert!(!check_vault_name(""));
+		assert!(!check_vault_name("."));
+		assert!(!check_vault_name("*"));
+		assert!(!check_vault_name("../.bash_history"));
+		assert!(!check_vault_name("/etc/passwd"));
+		assert!(!check_vault_name("c:\\windows"));
+	}
+
+	#[test]
+	fn make_vault_dir_path_succeeds() {
+		use std::path::Path;
+
+		assert_eq!(&make_vault_dir_path("/home/user/parity", "vault", true).unwrap(), &Path::new("/home/user/parity/vault"));
+		assert_eq!(&make_vault_dir_path("/home/user/parity", "*bad-name*", false).unwrap(), &Path::new("/home/user/parity/*bad-name*"));
+	}
+
+	#[test]
+	fn make_vault_dir_path_fails() {
+		assert!(make_vault_dir_path("/home/user/parity", "*bad-name*", true).is_err());
+	}
+
+	#[test]
+	fn create_vault_file_succeeds() {
+		// given
+		let temp_path = TempDir::new("").unwrap();
+		let key = VaultKey::new(&"password".into(), 1024);
+		let mut vault_dir: PathBuf = temp_path.path().into();
+		vault_dir.push("vault");
+		fs::create_dir_all(&vault_dir).unwrap();
+
+		// when
+		let result = create_vault_file(&vault_dir, &key, "{}");
+
+		// then
+		assert!(result.is_ok());
+		let mut vault_file_path = vault_dir.clone();
+		vault_file_path.push(VAULT_FILE_NAME);
+		assert!(vault_file_path.exists() && vault_file_path.is_file());
+	}
+
+	#[test]
+	fn read_vault_file_succeeds() {
+		// given
+		let temp_path = TempDir::new("").unwrap();
+		let key = VaultKey::new(&"password".into(), 1024);
+		let vault_file_contents = r#"{"crypto":{"cipher":"aes-128-ctr","cipherparams":{"iv":"758696c8dc6378ab9b25bb42790da2f5"},"ciphertext":"54eb50683717d41caaeb12ea969f2c159daada5907383f26f327606a37dc7168","kdf":"pbkdf2","kdfparams":{"c":1024,"dklen":32,"prf":"hmac-sha256","salt":"3c320fa566a1a7963ac8df68a19548d27c8f40bf92ef87c84594dcd5bbc402b6"},"mac":"9e5c2314c2a0781962db85611417c614bd6756666b6b1e93840f5b6ed895f003"}}"#;
+		let dir: PathBuf = temp_path.path().into();
+		let mut vault_file_path: PathBuf = dir.clone();
+		vault_file_path.push(VAULT_FILE_NAME);
+		{
+			let mut vault_file = fs::File::create(vault_file_path).unwrap();
+			vault_file.write_all(vault_file_contents.as_bytes()).unwrap();
+		}
+
+		// when
+		let result = read_vault_file(&dir, Some(&key));
+
+		// then
+		assert!(result.is_ok());
+	}
+
+	#[test]
+	fn read_vault_file_fails() {
+		// given
+		let temp_path = TempDir::new("").unwrap();
+		let key = VaultKey::new(&"password1".into(), 1024);
+		let dir: PathBuf = temp_path.path().into();
+		let mut vault_file_path: PathBuf = dir.clone();
+		vault_file_path.push(VAULT_FILE_NAME);
+
+		// when
+		let result = read_vault_file(&dir, Some(&key));
+
+		// then
+		assert!(result.is_err());
+
+		// and when given
+		let vault_file_contents = r#"{"crypto":{"cipher":"aes-128-ctr","cipherparams":{"iv":"0155e3690be19fbfbecabcd440aa284b"},"ciphertext":"4d6938a1f49b7782","kdf":"pbkdf2","kdfparams":{"c":1024,"dklen":32,"prf":"hmac-sha256","salt":"b6a9338a7ccd39288a86dba73bfecd9101b4f3db9c9830e7c76afdbd4f6872e5"},"mac":"16381463ea11c6eb2239a9f339c2e780516d29d234ce30ac5f166f9080b5a262"}}"#;
+		{
+			let mut vault_file = fs::File::create(vault_file_path).unwrap();
+			vault_file.write_all(vault_file_contents.as_bytes()).unwrap();
+		}
+
+		// when
+		let result = read_vault_file(&dir, Some(&key));
+
+		// then
+		assert!(result.is_err());
+	}
+
+	#[test]
+	fn vault_directory_can_be_created() {
+		// given
+		let temp_path = TempDir::new("").unwrap();
+		let key = VaultKey::new(&"password".into(), 1024);
+		let dir: PathBuf = temp_path.path().into();
+
+		// when
+		let vault = VaultDiskDirectory::create(&dir, "vault", key.clone());
+
+		// then
+		assert!(vault.is_ok());
+
+		// and when
+		let vault = VaultDiskDirectory::at(&dir, "vault", key);
+
+		// then
+		assert!(vault.is_ok());
+	}
+
+	#[test]
+	fn vault_directory_cannot_be_created_if_already_exists() {
+		// given
+		let temp_path = TempDir::new("").unwrap();
+		let key = VaultKey::new(&"password".into(), 1024);
+		let dir: PathBuf = temp_path.path().into();
+		let mut vault_dir = dir.clone();
+		vault_dir.push("vault");
+		fs::create_dir_all(&vault_dir).unwrap();
+
+		// when
+		let vault = VaultDiskDirectory::create(&dir, "vault", key);
+
+		// then
+		assert!(vault.is_err());
+	}
+
+	#[test]
+	fn vault_directory_cannot_be_opened_if_not_exists() {
+		// given
+		let temp_path = TempDir::new("").unwrap();
+		let key = VaultKey::new(&"password".into(), 1024);
+		let dir: PathBuf = temp_path.path().into();
+
+		// when
+		let vault = VaultDiskDirectory::at(&dir, "vault", key);
+
+		// then
+		assert!(vault.is_err());
+	}
+}

accounts/ethstore/src/error.rs

@@ -0,0 +1,128 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use std::io::Error as IoError;
+use ethkey::{self, Error as EthKeyError};
+use crypto::{self, Error as EthCryptoError};
+use ethkey::DerivationError;
+
+/// Account-related errors.
+#[derive(Debug)]
+pub enum Error {
+	/// IO error
+	Io(IoError),
+	/// Invalid Password
+	InvalidPassword,
+	/// Account's secret is invalid.
+	InvalidSecret,
+	/// Invalid Vault Crypto meta.
+	InvalidCryptoMeta,
+	/// Invalid Account.
+	InvalidAccount,
+	/// Invalid Message.
+	InvalidMessage,
+	/// Invalid Key File
+	InvalidKeyFile(String),
+	/// Vaults are not supported.
+	VaultsAreNotSupported,
+	/// Unsupported vault
+	UnsupportedVault,
+	/// Invalid vault name
+	InvalidVaultName,
+	/// Vault not found
+	VaultNotFound,
+	/// Account creation failed.
+	CreationFailed,
+	/// `EthKey` error
+	EthKey(EthKeyError),
+	/// `ethkey::crypto::Error`
+	EthKeyCrypto(ethkey::crypto::Error),
+	/// `EthCrypto` error
+	EthCrypto(EthCryptoError),
+	/// Derivation error
+	Derivation(DerivationError),
+	/// Custom error
+	Custom(String),
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		let s = match *self {
+			Error::Io(ref err) => err.to_string(),
+			Error::InvalidPassword => "Invalid password".into(),
+			Error::InvalidSecret => "Invalid secret".into(),
+			Error::InvalidCryptoMeta => "Invalid crypted metadata".into(),
+			Error::InvalidAccount => "Invalid account".into(),
+			Error::InvalidMessage => "Invalid message".into(),
+			Error::InvalidKeyFile(ref reason) => format!("Invalid key file: {}", reason),
+			Error::VaultsAreNotSupported => "Vaults are not supported".into(),
+			Error::UnsupportedVault => "Vault is not supported for this operation".into(),
+			Error::InvalidVaultName => "Invalid vault name".into(),
+			Error::VaultNotFound => "Vault not found".into(),
+			Error::CreationFailed => "Account creation failed".into(),
+			Error::EthKey(ref err) => err.to_string(),
+			Error::EthKeyCrypto(ref err) => err.to_string(),
+			Error::EthCrypto(ref err) => err.to_string(),
+			Error::Derivation(ref err) => format!("Derivation error: {:?}", err),
+			Error::Custom(ref s) => s.clone(),
+		};
+
+		write!(f, "{}", s)
+	}
+}
+
+impl From<IoError> for Error {
+	fn from(err: IoError) -> Self {
+		Error::Io(err)
+	}
+}
+
+impl From<EthKeyError> for Error {
+	fn from(err: EthKeyError) -> Self {
+		Error::EthKey(err)
+	}
+}
+
+impl From<ethkey::crypto::Error> for Error {
+	fn from(err: ethkey::crypto::Error) -> Self {
+		Error::EthKeyCrypto(err)
+	}
+}
+
+impl From<EthCryptoError> for Error {
+	fn from(err: EthCryptoError) -> Self {
+		Error::EthCrypto(err)
+	}
+}
+
+impl From<crypto::error::ScryptError> for Error {
+	fn from(err: crypto::error::ScryptError) -> Self {
+		Error::EthCrypto(err.into())
+	}
+}
+
+impl From<crypto::error::SymmError> for Error {
+	fn from(err: crypto::error::SymmError) -> Self {
+		Error::EthCrypto(err.into())
+	}
+}
+
+impl From<DerivationError> for Error {
+	fn from(err: DerivationError) -> Self {
+		Error::Derivation(err)
+	}
+}

accounts/ethstore/src/ethkey.rs

@@ -0,0 +1,41 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! ethkey reexport to make documentation look pretty.
+pub use _ethkey::*;
+use json;
+
+impl Into<json::H160> for Address {
+	fn into(self) -> json::H160 {
+		let a: [u8; 20] = self.into();
+		From::from(a)
+	}
+}
+
+impl From<json::H160> for Address {
+	fn from(json: json::H160) -> Self {
+		let a: [u8; 20] = json.into();
+		From::from(a)
+	}
+}
+
+impl<'a> From<&'a json::H160> for Address {
+	fn from(json: &'a json::H160) -> Self {
+		let mut a = [0u8; 20];
+		a.copy_from_slice(json);
+		From::from(a)
+	}
+}

accounts/ethstore/src/import.rs

@@ -0,0 +1,80 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::collections::HashSet;
+use std::path::Path;
+use std::fs;
+
+use ethkey::Address;
+use accounts_dir::{KeyDirectory, RootDiskDirectory, DiskKeyFileManager, KeyFileManager};
+use dir;
+use Error;
+
+/// Import an account from a file.
+pub fn import_account(path: &Path, dst: &KeyDirectory) -> Result<Address, Error> {
+	let key_manager = DiskKeyFileManager::default();
+	let existing_accounts = dst.load()?.into_iter().map(|a| a.address).collect::<HashSet<_>>();
+	let filename = path.file_name().and_then(|n| n.to_str()).map(|f| f.to_owned());
+	let account = fs::File::open(&path)
+		.map_err(Into::into)
+		.and_then(|file| key_manager.read(filename, file))?;
+
+	let address = account.address.clone();
+	if !existing_accounts.contains(&address) {
+		dst.insert(account)?;
+	}
+	Ok(address)
+}
+
+/// Import all accounts from one directory to the other.
+pub fn import_accounts(src: &KeyDirectory, dst: &KeyDirectory) -> Result<Vec<Address>, Error> {
+	let accounts = src.load()?;
+	let existing_accounts = dst.load()?.into_iter()
+		.map(|a| a.address)
+		.collect::<HashSet<_>>();
+
+	accounts.into_iter()
+		.filter(|a| !existing_accounts.contains(&a.address))
+		.map(|a| {
+			let address = a.address.clone();
+			dst.insert(a)?;
+			Ok(address)
+		}).collect()
+}
+
+/// Provide a `HashSet` of all accounts available for import from the Geth keystore.
+pub fn read_geth_accounts(testnet: bool) -> Vec<Address> {
+	RootDiskDirectory::at(dir::geth(testnet))
+		.load()
+		.map(|d| d.into_iter().map(|a| a.address).collect())
+		.unwrap_or_else(|_| Vec::new())
+}
+
+/// Import specific `desired` accounts from the Geth keystore into `dst`.
+pub fn import_geth_accounts(dst: &KeyDirectory, desired: HashSet<Address>, testnet: bool) -> Result<Vec<Address>, Error> {
+	let src = RootDiskDirectory::at(dir::geth(testnet));
+	let accounts = src.load()?;
+	let existing_accounts = dst.load()?.into_iter().map(|a| a.address).collect::<HashSet<_>>();
+
+	accounts.into_iter()
+		.filter(|a| !existing_accounts.contains(&a.address))
+		.filter(|a| desired.contains(&a.address))
+		.map(|a| {
+			let address = a.address.clone();
+			dst.insert(a)?;
+			Ok(address)
+		}).collect()
+}

accounts/ethstore/src/json/bytes.rs

@@ -0,0 +1,74 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{ops, str};
+use serde::{Deserialize, Deserializer, Serialize, Serializer};
+use serde::de::Error;
+use rustc_hex::{ToHex, FromHex, FromHexError};
+
+#[derive(Debug, PartialEq)]
+pub struct Bytes(Vec<u8>);
+
+impl ops::Deref for Bytes {
+	type Target = [u8];
+
+	fn deref(&self) -> &Self::Target {
+		&self.0
+	}
+}
+
+impl<'a> Deserialize<'a> for Bytes {
+	fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+		where D: Deserializer<'a>
+	{
+		let s = String::deserialize(deserializer)?;
+		let data = s.from_hex().map_err(|e| Error::custom(format!("Invalid hex value {}", e)))?;
+		Ok(Bytes(data))
+	}
+}
+
+impl Serialize for Bytes {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		serializer.serialize_str(&self.0.to_hex())
+	}
+}
+
+impl str::FromStr for Bytes {
+	type Err = FromHexError;
+
+	fn from_str(s: &str) -> Result<Self, Self::Err> {
+		s.from_hex().map(Bytes)
+	}
+}
+
+impl From<&'static str> for Bytes {
+	fn from(s: &'static str) -> Self {
+		s.parse().expect(&format!("invalid string literal for {}: '{}'", stringify!(Self), s))
+	}
+}
+
+impl From<Vec<u8>> for Bytes {
+	fn from(v: Vec<u8>) -> Self {
+		Bytes(v)
+	}
+}
+
+impl From<Bytes> for Vec<u8> {
+	fn from(b: Bytes) -> Self {
+		b.0
+	}
+}

accounts/ethstore/src/json/cipher.rs

@@ -0,0 +1,96 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use serde::{Serialize, Serializer, Deserialize, Deserializer};
+use serde::de::{Visitor, Error as SerdeError};
+use super::{Error, H128};
+
+#[derive(Debug, PartialEq)]
+pub enum CipherSer {
+	Aes128Ctr,
+}
+
+impl Serialize for CipherSer {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		match *self {
+			CipherSer::Aes128Ctr => serializer.serialize_str("aes-128-ctr"),
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for CipherSer {
+	fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+	where D: Deserializer<'a> {
+		deserializer.deserialize_any(CipherSerVisitor)
+	}
+}
+
+struct CipherSerVisitor;
+
+impl<'a> Visitor<'a> for CipherSerVisitor {
+	type Value = CipherSer;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a valid cipher identifier")
+	}
+
+	fn visit_str<E>(self, value: &str) -> Result<Self::Value, E> where E: SerdeError {
+		match value {
+			"aes-128-ctr" => Ok(CipherSer::Aes128Ctr),
+			_ => Err(SerdeError::custom(Error::UnsupportedCipher))
+		}
+	}
+
+	fn visit_string<E>(self, value: String) -> Result<Self::Value, E> where E: SerdeError {
+		self.visit_str(value.as_ref())
+	}
+}
+
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct Aes128Ctr {
+	pub iv: H128,
+}
+
+#[derive(Debug, PartialEq)]
+pub enum CipherSerParams {
+	Aes128Ctr(Aes128Ctr),
+}
+
+impl Serialize for CipherSerParams {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		match *self {
+			CipherSerParams::Aes128Ctr(ref params) => params.serialize(serializer),
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for CipherSerParams {
+	fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+	where D: Deserializer<'a> {
+		Aes128Ctr::deserialize(deserializer)
+			.map(CipherSerParams::Aes128Ctr)
+			.map_err(|_| Error::InvalidCipherParams)
+			.map_err(SerdeError::custom)
+	}
+}
+
+#[derive(Debug, PartialEq)]
+pub enum Cipher {
+	Aes128Ctr(Aes128Ctr),
+}

accounts/ethstore/src/json/crypto.rs

@@ -0,0 +1,194 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{fmt, str};
+use serde::{Deserialize, Deserializer, Serialize, Serializer};
+use serde::ser::SerializeStruct;
+use serde::de::{Visitor, MapAccess, Error};
+use serde_json;
+use super::{Cipher, CipherSer, CipherSerParams, Kdf, KdfSer, KdfSerParams, H256, Bytes};
+
+pub type CipherText = Bytes;
+
+#[derive(Debug, PartialEq)]
+pub struct Crypto {
+	pub cipher: Cipher,
+	pub ciphertext: CipherText,
+	pub kdf: Kdf,
+	pub mac: H256,
+}
+
+impl str::FromStr for Crypto {
+	type Err = serde_json::error::Error;
+
+	fn from_str(s: &str) -> Result<Self, Self::Err> {
+		serde_json::from_str(s)
+	}
+}
+
+impl From<Crypto> for String {
+	fn from(c: Crypto) -> Self {
+		serde_json::to_string(&c).expect("serialization cannot fail, cause all crypto keys are strings")
+	}
+}
+
+enum CryptoField {
+	Cipher,
+	CipherParams,
+	CipherText,
+	Kdf,
+	KdfParams,
+	Mac,
+	Version,
+}
+
+impl<'a> Deserialize<'a> for CryptoField {
+	fn deserialize<D>(deserializer: D) -> Result<CryptoField, D::Error>
+		where D: Deserializer<'a>
+	{
+		deserializer.deserialize_any(CryptoFieldVisitor)
+	}
+}
+
+struct CryptoFieldVisitor;
+
+impl<'a> Visitor<'a> for CryptoFieldVisitor {
+	type Value = CryptoField;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a valid crypto struct description")
+	}
+
+	fn visit_str<E>(self, value: &str) -> Result<Self::Value, E>
+		where E: Error
+	{
+		match value {
+			"cipher" => Ok(CryptoField::Cipher),
+			"cipherparams" => Ok(CryptoField::CipherParams),
+			"ciphertext" => Ok(CryptoField::CipherText),
+			"kdf" => Ok(CryptoField::Kdf),
+			"kdfparams" => Ok(CryptoField::KdfParams),
+			"mac" => Ok(CryptoField::Mac),
+			"version" => Ok(CryptoField::Version),
+			_ => Err(Error::custom(format!("Unknown field: '{}'", value))),
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for Crypto {
+	fn deserialize<D>(deserializer: D) -> Result<Crypto, D::Error>
+		where D: Deserializer<'a>
+	{
+		static FIELDS: &'static [&'static str] = &["id", "version", "crypto", "Crypto", "address"];
+		deserializer.deserialize_struct("Crypto", FIELDS, CryptoVisitor)
+	}
+}
+
+struct CryptoVisitor;
+
+impl<'a> Visitor<'a> for CryptoVisitor {
+	type Value = Crypto;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a valid vault crypto object")
+	}
+
+	fn visit_map<V>(self, mut visitor: V) -> Result<Self::Value, V::Error>
+		where V: MapAccess<'a>
+	{
+		let mut cipher = None;
+		let mut cipherparams = None;
+		let mut ciphertext = None;
+		let mut kdf = None;
+		let mut kdfparams = None;
+		let mut mac = None;
+
+		loop {
+			match visitor.next_key()? {
+				Some(CryptoField::Cipher) => { cipher = Some(visitor.next_value()?); }
+				Some(CryptoField::CipherParams) => { cipherparams = Some(visitor.next_value()?); }
+				Some(CryptoField::CipherText) => { ciphertext = Some(visitor.next_value()?); }
+				Some(CryptoField::Kdf) => { kdf = Some(visitor.next_value()?); }
+				Some(CryptoField::KdfParams) => { kdfparams = Some(visitor.next_value()?); }
+				Some(CryptoField::Mac) => { mac = Some(visitor.next_value()?); }
+				// skip not required version field (it appears in pyethereum generated keystores)
+				Some(CryptoField::Version) => { visitor.next_value().unwrap_or(()) }
+				None => { break; }
+			}
+		}
+
+		let cipher = match (cipher, cipherparams) {
+			(Some(CipherSer::Aes128Ctr), Some(CipherSerParams::Aes128Ctr(params))) => Cipher::Aes128Ctr(params),
+			(None, _) => return Err(V::Error::missing_field("cipher")),
+			(Some(_), None) => return Err(V::Error::missing_field("cipherparams")),
+		};
+
+		let ciphertext = match ciphertext {
+			Some(ciphertext) => ciphertext,
+			None => return Err(V::Error::missing_field("ciphertext")),
+		};
+
+		let kdf = match (kdf, kdfparams) {
+			(Some(KdfSer::Pbkdf2), Some(KdfSerParams::Pbkdf2(params))) => Kdf::Pbkdf2(params),
+			(Some(KdfSer::Scrypt), Some(KdfSerParams::Scrypt(params))) => Kdf::Scrypt(params),
+			(Some(_), Some(_)) => return Err(V::Error::custom("Invalid cipherparams")),
+			(None, _) => return Err(V::Error::missing_field("kdf")),
+			(Some(_), None) => return Err(V::Error::missing_field("kdfparams")),
+		};
+
+		let mac = match mac {
+			Some(mac) => mac,
+			None => return Err(V::Error::missing_field("mac")),
+		};
+
+		let result = Crypto {
+			cipher: cipher,
+			ciphertext: ciphertext,
+			kdf: kdf,
+			mac: mac,
+		};
+
+		Ok(result)
+	}
+}
+
+impl Serialize for Crypto {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+		where S: Serializer
+	{
+		let mut crypto = serializer.serialize_struct("Crypto", 6)?;
+		match self.cipher {
+			Cipher::Aes128Ctr(ref params) => {
+				crypto.serialize_field("cipher", &CipherSer::Aes128Ctr)?;
+				crypto.serialize_field("cipherparams", params)?;
+			},
+		}
+		crypto.serialize_field("ciphertext", &self.ciphertext)?;
+		match self.kdf {
+			Kdf::Pbkdf2(ref params) => {
+				crypto.serialize_field("kdf", &KdfSer::Pbkdf2)?;
+				crypto.serialize_field("kdfparams", params)?;
+			},
+			Kdf::Scrypt(ref params) => {
+				crypto.serialize_field("kdf", &KdfSer::Scrypt)?;
+				crypto.serialize_field("kdfparams", params)?;
+			},
+		}
+
+		crypto.serialize_field("mac", &self.mac)?;
+		crypto.end()
+	}
+}

accounts/ethstore/src/json/error.rs

@@ -0,0 +1,50 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+
+#[derive(Debug, PartialEq)]
+pub enum Error {
+	UnsupportedCipher,
+	InvalidCipherParams,
+	UnsupportedKdf,
+	InvalidUuid,
+	UnsupportedVersion,
+	InvalidCiphertext,
+	InvalidH256,
+	InvalidPrf,
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		match *self {
+			Error::InvalidUuid => write!(f, "Invalid Uuid"),
+			Error::UnsupportedVersion => write!(f, "Unsupported version"),
+			Error::UnsupportedKdf => write!(f, "Unsupported kdf"),
+			Error::InvalidCiphertext => write!(f, "Invalid ciphertext"),
+			Error::UnsupportedCipher => write!(f, "Unsupported cipher"),
+			Error::InvalidCipherParams => write!(f, "Invalid cipher params"),
+			Error::InvalidH256 => write!(f, "Invalid hash"),
+			Error::InvalidPrf => write!(f, "Invalid prf"),
+		}
+	}
+}
+
+impl Into<String> for Error {
+	fn into(self) -> String {
+		format!("{}", self)
+	}
+}

accounts/ethstore/src/json/hash.rs

@@ -0,0 +1,119 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::{ops, fmt, str};
+use rustc_hex::{FromHex, ToHex};
+use serde::{Serialize, Serializer, Deserialize, Deserializer};
+use serde::de::{Visitor, Error as SerdeError};
+use super::Error;
+
+macro_rules! impl_hash {
+	($name: ident, $size: expr) => {
+		pub struct $name([u8; $size]);
+
+		impl fmt::Debug for $name {
+			fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+				let self_ref: &[u8] = &self.0;
+				write!(f, "{:?}", self_ref)
+			}
+		}
+
+		impl PartialEq for $name {
+			fn eq(&self, other: &Self) -> bool {
+				let self_ref: &[u8] = &self.0;
+				let other_ref: &[u8] = &other.0;
+				self_ref == other_ref
+			}
+		}
+
+		impl ops::Deref for $name {
+			type Target = [u8];
+
+			fn deref(&self) -> &Self::Target {
+				&self.0
+			}
+		}
+
+		impl Serialize for $name {
+			fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+			where S: Serializer {
+				serializer.serialize_str(&self.0.to_hex())
+			}
+		}
+
+		impl<'a> Deserialize<'a> for $name {
+			fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+			where D: Deserializer<'a> {
+				struct HashVisitor;
+
+				impl<'b> Visitor<'b> for HashVisitor {
+					type Value = $name;
+
+					fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+						write!(formatter, "a hex-encoded {}", stringify!($name))
+					}
+
+					fn visit_str<E>(self, value: &str) -> Result<Self::Value, E> where E: SerdeError {
+						value.parse().map_err(SerdeError::custom)
+					}
+
+					fn visit_string<E>(self, value: String) -> Result<Self::Value, E> where E: SerdeError {
+						self.visit_str(value.as_ref())
+					}
+				}
+
+				deserializer.deserialize_any(HashVisitor)
+			}
+		}
+
+		impl str::FromStr for $name {
+			type Err = Error;
+
+			fn from_str(value: &str) -> Result<Self, Self::Err> {
+				match value.from_hex() {
+					Ok(ref hex) if hex.len() == $size => {
+						let mut hash = [0u8; $size];
+						hash.clone_from_slice(hex);
+						Ok($name(hash))
+					}
+					_ => Err(Error::InvalidH256),
+				}
+			}
+		}
+
+		impl From<&'static str> for $name {
+			fn from(s: &'static str) -> Self {
+				s.parse().expect(&format!("invalid string literal for {}: '{}'", stringify!($name), s))
+			}
+		}
+
+		impl From<[u8; $size]> for $name {
+			fn from(bytes: [u8; $size]) -> Self {
+				$name(bytes)
+			}
+		}
+
+		impl Into<[u8; $size]> for $name {
+			fn into(self) -> [u8; $size] {
+				self.0
+			}
+		}
+	}
+}
+
+impl_hash!(H128, 16);
+impl_hash!(H160, 20);
+impl_hash!(H256, 32);

accounts/ethstore/src/json/id.rs

@@ -0,0 +1,153 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Universaly unique identifier.
+use std::{fmt, str};
+use rustc_hex::{ToHex, FromHex};
+use serde::{Deserialize, Serialize, Deserializer, Serializer};
+use serde::de::{Visitor, Error as SerdeError};
+use super::Error;
+
+/// Universaly unique identifier.
+#[derive(Debug, PartialEq)]
+pub struct Uuid([u8; 16]);
+
+impl From<[u8; 16]> for Uuid {
+	fn from(uuid: [u8; 16]) -> Self {
+		Uuid(uuid)
+	}
+}
+
+impl<'a> Into<String> for &'a Uuid {
+	fn into(self) -> String {
+		let d1 = &self.0[0..4];
+		let d2 = &self.0[4..6];
+		let d3 = &self.0[6..8];
+		let d4 = &self.0[8..10];
+		let d5 = &self.0[10..16];
+		[d1, d2, d3, d4, d5].into_iter().map(|d| d.to_hex()).collect::<Vec<String>>().join("-")
+	}
+}
+
+impl Into<String> for Uuid {
+	fn into(self) -> String {
+		Into::into(&self)
+	}
+}
+
+impl Into<[u8; 16]> for Uuid {
+	fn into(self) -> [u8; 16] {
+		self.0
+	}
+}
+
+impl fmt::Display for Uuid {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		let s: String = (self as &Uuid).into();
+		write!(f, "{}", s)
+	}
+}
+
+fn copy_into(from: &str, into: &mut [u8]) -> Result<(), Error> {
+	let from = from.from_hex().map_err(|_| Error::InvalidUuid)?;
+
+	if from.len() != into.len() {
+		return Err(Error::InvalidUuid);
+	}
+
+	into.copy_from_slice(&from);
+	Ok(())
+}
+
+impl str::FromStr for Uuid {
+	type Err = Error;
+
+	fn from_str(s: &str) -> Result<Self, Self::Err> {
+		let parts: Vec<&str> = s.split("-").collect();
+
+		if parts.len() != 5 {
+			return Err(Error::InvalidUuid);
+		}
+
+		let mut uuid = [0u8; 16];
+
+		copy_into(parts[0], &mut uuid[0..4])?;
+		copy_into(parts[1], &mut uuid[4..6])?;
+		copy_into(parts[2], &mut uuid[6..8])?;
+		copy_into(parts[3], &mut uuid[8..10])?;
+		copy_into(parts[4], &mut uuid[10..16])?;
+
+		Ok(Uuid(uuid))
+	}
+}
+
+impl From<&'static str> for Uuid {
+	fn from(s: &'static str) -> Self {
+		s.parse().expect(&format!("invalid string literal for {}: '{}'", stringify!(Self), s))
+	}
+}
+
+impl Serialize for Uuid {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		let s: String = self.into();
+		serializer.serialize_str(&s)
+	}
+}
+
+impl<'a> Deserialize<'a> for Uuid {
+	fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+	where D: Deserializer<'a> {
+		deserializer.deserialize_any(UuidVisitor)
+	}
+}
+
+struct UuidVisitor;
+
+impl<'a> Visitor<'a> for UuidVisitor {
+	type Value = Uuid;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a valid hex-encoded UUID")
+	}
+
+	fn visit_str<E>(self, value: &str) -> Result<Self::Value, E> where E: SerdeError {
+		value.parse().map_err(SerdeError::custom)
+	}
+
+	fn visit_string<E>(self, value: String) -> Result<Self::Value, E> where E: SerdeError {
+		self.visit_str(value.as_ref())
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::Uuid;
+
+	#[test]
+	fn uuid_from_str() {
+		let uuid: Uuid = "3198bc9c-6672-5ab3-d995-4942343ae5b6".into();
+		assert_eq!(uuid, Uuid::from([0x31, 0x98, 0xbc, 0x9c, 0x66, 0x72, 0x5a, 0xb3, 0xd9, 0x95, 0x49, 0x42, 0x34, 0x3a, 0xe5, 0xb6]));
+	}
+
+	#[test]
+	fn uuid_from_and_to_str() {
+		let from = "3198bc9c-6672-5ab3-d995-4942343ae5b6";
+		let uuid: Uuid = from.into();
+		let to: String = uuid.into();
+		assert_eq!(from, &to);
+	}
+}

accounts/ethstore/src/json/kdf.rs

@@ -0,0 +1,159 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use serde::{Serialize, Serializer, Deserialize, Deserializer};
+use serde::de::{Visitor, Error as SerdeError};
+use super::{Error, Bytes};
+
+#[derive(Debug, PartialEq)]
+pub enum KdfSer {
+	Pbkdf2,
+	Scrypt,
+}
+
+impl Serialize for KdfSer {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		match *self {
+			KdfSer::Pbkdf2 => serializer.serialize_str("pbkdf2"),
+			KdfSer::Scrypt => serializer.serialize_str("scrypt"),
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for KdfSer {
+	fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+	where D: Deserializer<'a> {
+		deserializer.deserialize_any(KdfSerVisitor)
+	}
+}
+
+struct KdfSerVisitor;
+
+impl<'a> Visitor<'a> for KdfSerVisitor {
+	type Value = KdfSer;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a kdf algorithm identifier")
+	}
+
+	fn visit_str<E>(self, value: &str) -> Result<Self::Value, E> where E: SerdeError {
+		match value {
+			"pbkdf2" => Ok(KdfSer::Pbkdf2),
+			"scrypt" => Ok(KdfSer::Scrypt),
+			_ => Err(SerdeError::custom(Error::UnsupportedKdf))
+		}
+	}
+
+	fn visit_string<E>(self, value: String) -> Result<Self::Value, E> where E: SerdeError {
+		self.visit_str(value.as_ref())
+	}
+}
+
+#[derive(Debug, PartialEq)]
+pub enum Prf {
+	HmacSha256,
+}
+
+impl Serialize for Prf {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		match *self {
+			Prf::HmacSha256 => serializer.serialize_str("hmac-sha256"),
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for Prf {
+	fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+	where D: Deserializer<'a> {
+		deserializer.deserialize_any(PrfVisitor)
+	}
+}
+
+struct PrfVisitor;
+
+impl<'a> Visitor<'a> for PrfVisitor {
+	type Value = Prf;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a prf algorithm identifier")
+	}
+
+	fn visit_str<E>(self, value: &str) -> Result<Self::Value, E> where E: SerdeError {
+		match value {
+			"hmac-sha256" => Ok(Prf::HmacSha256),
+			_ => Err(SerdeError::custom(Error::InvalidPrf)),
+		}
+	}
+
+	fn visit_string<E>(self, value: String) -> Result<Self::Value, E> where E: SerdeError {
+		self.visit_str(value.as_ref())
+	}
+}
+
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct Pbkdf2 {
+	pub c: u32,
+	pub dklen: u32,
+	pub prf: Prf,
+	pub salt: Bytes,
+}
+
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct Scrypt {
+	pub dklen: u32,
+	pub p: u32,
+	pub n: u32,
+	pub r: u32,
+	pub salt: Bytes,
+}
+
+#[derive(Debug, PartialEq)]
+pub enum KdfSerParams {
+	Pbkdf2(Pbkdf2),
+	Scrypt(Scrypt),
+}
+
+impl Serialize for KdfSerParams {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		match *self {
+			KdfSerParams::Pbkdf2(ref params) => params.serialize(serializer),
+			KdfSerParams::Scrypt(ref params) => params.serialize(serializer),
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for KdfSerParams {
+	fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+	where D: Deserializer<'a> {
+		use serde_json::{Value, from_value};
+
+		let v: Value = Deserialize::deserialize(deserializer)?;
+
+		from_value(v.clone()).map(KdfSerParams::Pbkdf2)
+			.or_else(|_| from_value(v).map(KdfSerParams::Scrypt))
+			.map_err(|_| D::Error::custom("Invalid KDF algorithm"))
+	}
+}
+
+#[derive(Debug, PartialEq)]
+pub enum Kdf {
+	Pbkdf2(Pbkdf2),
+	Scrypt(Scrypt),
+}

accounts/ethstore/src/json/key_file.rs

@@ -0,0 +1,324 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use std::io::{Read, Write};
+use serde::{Serialize, Serializer, Deserialize, Deserializer};
+use serde::de::{Error, Visitor, MapAccess, DeserializeOwned};
+use serde_json;
+use super::{Uuid, Version, Crypto, H160};
+
+/// Public opaque type representing serializable `KeyFile`.
+#[derive(Debug, PartialEq)]
+pub struct OpaqueKeyFile {
+	key_file: KeyFile
+}
+
+impl Serialize for OpaqueKeyFile {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error> where
+		S: Serializer,
+	{
+		self.key_file.serialize(serializer)
+	}
+}
+
+impl<T> From<T> for OpaqueKeyFile where T: Into<KeyFile> {
+	fn from(val: T) -> Self {
+		OpaqueKeyFile { key_file: val.into() }
+	}
+}
+
+#[derive(Debug, PartialEq, Serialize)]
+pub struct KeyFile {
+	pub id: Uuid,
+	pub version: Version,
+	pub crypto: Crypto,
+	pub address: Option<H160>,
+	pub name: Option<String>,
+	pub meta: Option<String>,
+}
+
+enum KeyFileField {
+	Id,
+	Version,
+	Crypto,
+	Address,
+	Name,
+	Meta,
+}
+
+impl<'a> Deserialize<'a> for KeyFileField {
+	fn deserialize<D>(deserializer: D) -> Result<KeyFileField, D::Error>
+		where D: Deserializer<'a>
+	{
+		deserializer.deserialize_any(KeyFileFieldVisitor)
+	}
+}
+
+struct KeyFileFieldVisitor;
+
+impl<'a> Visitor<'a> for KeyFileFieldVisitor {
+	type Value = KeyFileField;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a valid key file field")
+	}
+
+	fn visit_str<E>(self, value: &str) -> Result<Self::Value, E>
+		where E: Error
+	{
+		match value {
+			"id" => Ok(KeyFileField::Id),
+			"version" => Ok(KeyFileField::Version),
+			"crypto" => Ok(KeyFileField::Crypto),
+			"Crypto" => Ok(KeyFileField::Crypto),
+			"address" => Ok(KeyFileField::Address),
+			"name" => Ok(KeyFileField::Name),
+			"meta" => Ok(KeyFileField::Meta),
+			_ => Err(Error::custom(format!("Unknown field: '{}'", value))),
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for KeyFile {
+	fn deserialize<D>(deserializer: D) -> Result<KeyFile, D::Error>
+		where D: Deserializer<'a>
+	{
+		static FIELDS: &'static [&'static str] = &["id", "version", "crypto", "Crypto", "address"];
+		deserializer.deserialize_struct("KeyFile", FIELDS, KeyFileVisitor)
+	}
+}
+
+fn none_if_empty<'a, T>(v: Option<serde_json::Value>) -> Option<T> where
+	T: DeserializeOwned
+{
+	v.and_then(|v| if v.is_null() {
+		None
+	} else {
+		serde_json::from_value(v).ok()
+	})
+
+}
+
+struct KeyFileVisitor;
+impl<'a> Visitor<'a> for KeyFileVisitor {
+	type Value = KeyFile;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a valid key object")
+	}
+
+	fn visit_map<V>(self, mut visitor: V) -> Result<Self::Value, V::Error>
+		where V: MapAccess<'a>
+	{
+		let mut id = None;
+		let mut version = None;
+		let mut crypto = None;
+		let mut address = None;
+		let mut name = None;
+		let mut meta = None;
+
+		loop {
+			match visitor.next_key()? {
+				Some(KeyFileField::Id) => { id = Some(visitor.next_value()?); }
+				Some(KeyFileField::Version) => { version = Some(visitor.next_value()?); }
+				Some(KeyFileField::Crypto) => { crypto = Some(visitor.next_value()?); }
+				Some(KeyFileField::Address) => { address = Some(visitor.next_value()?); }
+				Some(KeyFileField::Name) => { name = none_if_empty(visitor.next_value().ok()) }
+				Some(KeyFileField::Meta) => { meta = none_if_empty(visitor.next_value().ok()) }
+				None => { break; }
+			}
+		}
+
+		let id = match id {
+			Some(id) => id,
+			None => return Err(V::Error::missing_field("id")),
+		};
+
+		let version = match version {
+			Some(version) => version,
+			None => return Err(V::Error::missing_field("version")),
+		};
+
+		let crypto = match crypto {
+			Some(crypto) => crypto,
+			None => return Err(V::Error::missing_field("crypto")),
+		};
+
+		let result = KeyFile {
+			id: id,
+			version: version,
+			crypto: crypto,
+			address: address,
+			name: name,
+			meta: meta,
+		};
+
+		Ok(result)
+	}
+}
+
+impl KeyFile {
+	pub fn load<R>(reader: R) -> Result<Self, serde_json::Error> where R: Read {
+		serde_json::from_reader(reader)
+	}
+
+	pub fn write<W>(&self, writer: &mut W) -> Result<(), serde_json::Error> where W: Write {
+		serde_json::to_writer(writer, self)
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use std::str::FromStr;
+	use serde_json;
+	use json::{KeyFile, Uuid, Version, Crypto, Cipher, Aes128Ctr, Kdf, Scrypt};
+
+	#[test]
+	fn basic_keyfile() {
+		let json = r#"
+		{
+			"address": "6edddfc6349aff20bc6467ccf276c5b52487f7a8",
+			"crypto": {
+				"cipher": "aes-128-ctr",
+				"ciphertext": "7203da0676d141b138cd7f8e1a4365f59cc1aa6978dc5443f364ca943d7cb4bc",
+				"cipherparams": {
+					"iv": "b5a7ec855ec9e2c405371356855fec83"
+				},
+				"kdf": "scrypt",
+				"kdfparams": {
+					"dklen": 32,
+					"n": 262144,
+					"p": 1,
+					"r": 8,
+					"salt": "1e8642fdf1f87172492c1412fc62f8db75d796cdfa9c53c3f2b11e44a2a1b209"
+				},
+				"mac": "46325c5d4e8c991ad2683d525c7854da387138b6ca45068985aa4959fa2b8c8f"
+			},
+			"id": "8777d9f6-7860-4b9b-88b7-0b57ee6b3a73",
+			"version": 3,
+			"name": "Test",
+			"meta": "{}"
+		}"#;
+
+		let expected = KeyFile {
+			id: Uuid::from_str("8777d9f6-7860-4b9b-88b7-0b57ee6b3a73").unwrap(),
+			version: Version::V3,
+			address: Some("6edddfc6349aff20bc6467ccf276c5b52487f7a8".into()),
+			crypto: Crypto {
+				cipher: Cipher::Aes128Ctr(Aes128Ctr {
+					iv: "b5a7ec855ec9e2c405371356855fec83".into(),
+				}),
+				ciphertext: "7203da0676d141b138cd7f8e1a4365f59cc1aa6978dc5443f364ca943d7cb4bc".into(),
+				kdf: Kdf::Scrypt(Scrypt {
+					n: 262144,
+					dklen: 32,
+					p: 1,
+					r: 8,
+					salt: "1e8642fdf1f87172492c1412fc62f8db75d796cdfa9c53c3f2b11e44a2a1b209".into(),
+				}),
+				mac: "46325c5d4e8c991ad2683d525c7854da387138b6ca45068985aa4959fa2b8c8f".into(),
+			},
+			name: Some("Test".to_owned()),
+			meta: Some("{}".to_owned()),
+		};
+
+		let keyfile: KeyFile = serde_json::from_str(json).unwrap();
+		assert_eq!(keyfile, expected);
+	}
+
+	#[test]
+	fn capital_crypto_keyfile() {
+		let json = r#"
+		{
+			"address": "6edddfc6349aff20bc6467ccf276c5b52487f7a8",
+			"Crypto": {
+				"cipher": "aes-128-ctr",
+				"ciphertext": "7203da0676d141b138cd7f8e1a4365f59cc1aa6978dc5443f364ca943d7cb4bc",
+				"cipherparams": {
+					"iv": "b5a7ec855ec9e2c405371356855fec83"
+				},
+				"kdf": "scrypt",
+				"kdfparams": {
+					"dklen": 32,
+					"n": 262144,
+					"p": 1,
+					"r": 8,
+					"salt": "1e8642fdf1f87172492c1412fc62f8db75d796cdfa9c53c3f2b11e44a2a1b209"
+				},
+				"mac": "46325c5d4e8c991ad2683d525c7854da387138b6ca45068985aa4959fa2b8c8f"
+			},
+			"id": "8777d9f6-7860-4b9b-88b7-0b57ee6b3a73",
+			"version": 3
+		}"#;
+
+		let expected = KeyFile {
+			id: "8777d9f6-7860-4b9b-88b7-0b57ee6b3a73".into(),
+			version: Version::V3,
+			address: Some("6edddfc6349aff20bc6467ccf276c5b52487f7a8".into()),
+			crypto: Crypto {
+				cipher: Cipher::Aes128Ctr(Aes128Ctr {
+					iv: "b5a7ec855ec9e2c405371356855fec83".into(),
+				}),
+				ciphertext: "7203da0676d141b138cd7f8e1a4365f59cc1aa6978dc5443f364ca943d7cb4bc".into(),
+				kdf: Kdf::Scrypt(Scrypt {
+					n: 262144,
+					dklen: 32,
+					p: 1,
+					r: 8,
+					salt: "1e8642fdf1f87172492c1412fc62f8db75d796cdfa9c53c3f2b11e44a2a1b209".into(),
+				}),
+				mac: "46325c5d4e8c991ad2683d525c7854da387138b6ca45068985aa4959fa2b8c8f".into(),
+			},
+			name: None,
+			meta: None,
+		};
+
+		let keyfile: KeyFile = serde_json::from_str(json).unwrap();
+		assert_eq!(keyfile, expected);
+	}
+
+	#[test]
+	fn to_and_from_json() {
+		let file = KeyFile {
+			id: "8777d9f6-7860-4b9b-88b7-0b57ee6b3a73".into(),
+			version: Version::V3,
+			address: Some("6edddfc6349aff20bc6467ccf276c5b52487f7a8".into()),
+			crypto: Crypto {
+				cipher: Cipher::Aes128Ctr(Aes128Ctr {
+					iv: "b5a7ec855ec9e2c405371356855fec83".into(),
+				}),
+				ciphertext: "7203da0676d141b138cd7f8e1a4365f59cc1aa6978dc5443f364ca943d7cb4bc".into(),
+				kdf: Kdf::Scrypt(Scrypt {
+					n: 262144,
+					dklen: 32,
+					p: 1,
+					r: 8,
+					salt: "1e8642fdf1f87172492c1412fc62f8db75d796cdfa9c53c3f2b11e44a2a1b209".into(),
+				}),
+				mac: "46325c5d4e8c991ad2683d525c7854da387138b6ca45068985aa4959fa2b8c8f".into(),
+			},
+			name: Some("Test".to_owned()),
+			meta: None,
+		};
+
+		let serialized = serde_json::to_string(&file).unwrap();
+		println!("{}", serialized);
+		let deserialized = serde_json::from_str(&serialized).unwrap();
+
+		assert_eq!(file, deserialized);
+	}
+}

accounts/ethstore/src/json/mod.rs

@@ -0,0 +1,43 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Contract interface specification.
+
+mod bytes;
+mod cipher;
+mod crypto;
+mod error;
+mod hash;
+mod id;
+mod kdf;
+mod key_file;
+mod presale;
+mod vault_file;
+mod vault_key_file;
+mod version;
+
+pub use self::bytes::Bytes;
+pub use self::cipher::{Cipher, CipherSer, CipherSerParams, Aes128Ctr};
+pub use self::crypto::{Crypto, CipherText};
+pub use self::error::Error;
+pub use self::hash::{H128, H160, H256};
+pub use self::id::Uuid;
+pub use self::kdf::{Kdf, KdfSer, Prf, Pbkdf2, Scrypt, KdfSerParams};
+pub use self::key_file::{KeyFile, OpaqueKeyFile};
+pub use self::presale::{PresaleWallet, Encseed};
+pub use self::vault_file::VaultFile;
+pub use self::vault_key_file::{VaultKeyFile, VaultKeyMeta, insert_vault_name_to_json_meta, remove_vault_name_from_json_meta};
+pub use self::version::Version;

accounts/ethstore/src/json/presale.rs

@@ -1,22 +1,22 @@
-// Copyright 2015-2020 Parity Technologies (UK) Ltd.
-// This file is part of OpenEthereum.
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
 
-// OpenEthereum is free software: you can redistribute it and/or modify
+// Parity Ethereum is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 
-// OpenEthereum is distributed in the hope that it will be useful,
+// Parity Ethereum is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU General Public License for more details.
 
 // You should have received a copy of the GNU General Public License
-// along with OpenEthereum.  If not, see <http://www.gnu.org/licenses/>.
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
 
-use super::{Bytes, H160};
-use serde_json;
 use std::io::Read;
+use serde_json;
+use super::{H160, Bytes};
 
 pub type Encseed = Bytes;
 
@@ -28,19 +28,16 @@ pub struct PresaleWallet {
 }
 
 impl PresaleWallet {
-    pub fn load<R>(reader: R) -> Result<Self, serde_json::Error>
-    where
-        R: Read,
-    {
+	pub fn load<R>(reader: R) -> Result<Self, serde_json::Error> where R: Read {
 		serde_json::from_reader(reader)
 	}
 }
 
 #[cfg(test)]
 mod tests {
-    use json::{PresaleWallet, H160};
-    use serde_json;
 	use std::str::FromStr;
+	use serde_json;
+	use json::{PresaleWallet, H160};
 
 	#[test]
 	fn presale_wallet() {

accounts/ethstore/src/json/vault_file.rs

@@ -0,0 +1,94 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::io::{Read, Write};
+use serde_json;
+use super::Crypto;
+
+/// Vault meta file
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct VaultFile {
+	/// Vault password, encrypted with vault password
+	pub crypto: Crypto,
+	/// Vault metadata string
+	pub meta: Option<String>,
+}
+
+impl VaultFile {
+	pub fn load<R>(reader: R) -> Result<Self, serde_json::Error> where R: Read {
+		serde_json::from_reader(reader)
+	}
+
+	pub fn write<W>(&self, writer: &mut W) -> Result<(), serde_json::Error> where W: Write {
+		serde_json::to_writer(writer, self)
+	}
+}
+
+#[cfg(test)]
+mod test {
+	use serde_json;
+	use json::{VaultFile, Crypto, Cipher, Aes128Ctr, Kdf, Pbkdf2, Prf};
+
+	#[test]
+	fn to_and_from_json() {
+		let file = VaultFile {
+			crypto: Crypto {
+				cipher: Cipher::Aes128Ctr(Aes128Ctr {
+					iv: "0155e3690be19fbfbecabcd440aa284b".into(),
+				}),
+				ciphertext: "4d6938a1f49b7782".into(),
+				kdf: Kdf::Pbkdf2(Pbkdf2 {
+					c: 1024,
+					dklen: 32,
+					prf: Prf::HmacSha256,
+					salt: "b6a9338a7ccd39288a86dba73bfecd9101b4f3db9c9830e7c76afdbd4f6872e5".into(),
+				}),
+				mac: "16381463ea11c6eb2239a9f339c2e780516d29d234ce30ac5f166f9080b5a262".into(),
+			},
+			meta: Some("{}".into()),
+		};
+
+		let serialized = serde_json::to_string(&file).unwrap();
+		let deserialized = serde_json::from_str(&serialized).unwrap();
+
+		assert_eq!(file, deserialized);
+	}
+
+	#[test]
+	fn to_and_from_json_no_meta() {
+		let file = VaultFile {
+			crypto: Crypto {
+				cipher: Cipher::Aes128Ctr(Aes128Ctr {
+					iv: "0155e3690be19fbfbecabcd440aa284b".into(),
+				}),
+				ciphertext: "4d6938a1f49b7782".into(),
+				kdf: Kdf::Pbkdf2(Pbkdf2 {
+					c: 1024,
+					dklen: 32,
+					prf: Prf::HmacSha256,
+					salt: "b6a9338a7ccd39288a86dba73bfecd9101b4f3db9c9830e7c76afdbd4f6872e5".into(),
+				}),
+				mac: "16381463ea11c6eb2239a9f339c2e780516d29d234ce30ac5f166f9080b5a262".into(),
+			},
+			meta: None,
+		};
+
+		let serialized = serde_json::to_string(&file).unwrap();
+		let deserialized = serde_json::from_str(&serialized).unwrap();
+
+		assert_eq!(file, deserialized);
+	}
+}

accounts/ethstore/src/json/vault_key_file.rs

@@ -0,0 +1,172 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::io::{Read, Write};
+use serde::de::Error;
+use serde_json;
+use serde_json::value::Value;
+use serde_json::error;
+use super::{Uuid, Version, Crypto, H160};
+
+/// Meta key name for vault field
+const VAULT_NAME_META_KEY: &'static str = "vault";
+
+/// Key file as stored in vaults
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct VaultKeyFile {
+	/// Key id
+	pub id: Uuid,
+	/// Key version
+	pub version: Version,
+	/// Secret, encrypted with account password
+	pub crypto: Crypto,
+	/// Serialized `VaultKeyMeta`, encrypted with vault password
+	pub metacrypto: Crypto,
+}
+
+/// Data, stored in `VaultKeyFile::metacrypto`
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct VaultKeyMeta {
+	/// Key address
+	pub address: H160,
+	/// Key name
+	pub name: Option<String>,
+	/// Key metadata
+	pub meta: Option<String>,
+}
+
+/// Insert vault name to the JSON meta field
+pub fn insert_vault_name_to_json_meta(meta: &str, vault_name: &str) -> Result<String, error::Error> {
+	let mut meta = if meta.is_empty() {
+		Value::Object(serde_json::Map::new())
+	} else {
+		serde_json::from_str(meta)?
+	};
+
+	if let Some(meta_obj) = meta.as_object_mut() {
+		meta_obj.insert(VAULT_NAME_META_KEY.to_owned(), Value::String(vault_name.to_owned()));
+		serde_json::to_string(meta_obj)
+	} else {
+		Err(error::Error::custom("Meta is expected to be a serialized JSON object"))
+	}
+}
+
+/// Remove vault name from the JSON meta field
+pub fn remove_vault_name_from_json_meta(meta: &str) -> Result<String, error::Error> {
+	let mut meta = if meta.is_empty() {
+		Value::Object(serde_json::Map::new())
+	} else {
+		serde_json::from_str(meta)?
+	};
+
+	if let Some(meta_obj) = meta.as_object_mut() {
+		meta_obj.remove(VAULT_NAME_META_KEY);
+		serde_json::to_string(meta_obj)
+	} else {
+		Err(error::Error::custom("Meta is expected to be a serialized JSON object"))
+	}
+}
+
+impl VaultKeyFile {
+	pub fn load<R>(reader: R) -> Result<Self, serde_json::Error> where R: Read {
+		serde_json::from_reader(reader)
+	}
+
+	pub fn write<W>(&self, writer: &mut W) -> Result<(), serde_json::Error> where W: Write {
+		serde_json::to_writer(writer, self)
+	}
+}
+
+impl VaultKeyMeta {
+	pub fn load(bytes: &[u8]) -> Result<Self, serde_json::Error> {
+		serde_json::from_slice(&bytes)
+	}
+
+	pub fn write(&self) -> Result<Vec<u8>, serde_json::Error> {
+		let s = serde_json::to_string(self)?;
+		Ok(s.as_bytes().into())
+	}
+}
+
+#[cfg(test)]
+mod test {
+	use serde_json;
+	use json::{VaultKeyFile, Version, Crypto, Cipher, Aes128Ctr, Kdf, Pbkdf2, Prf,
+		insert_vault_name_to_json_meta, remove_vault_name_from_json_meta};
+
+	#[test]
+	fn to_and_from_json() {
+		let file = VaultKeyFile {
+			id: "08d82c39-88e3-7a71-6abb-89c8f36c3ceb".into(),
+			version: Version::V3,
+			crypto: Crypto {
+				cipher: Cipher::Aes128Ctr(Aes128Ctr {
+					iv: "fecb968bbc8c7e608a89ebcfe53a41d0".into(),
+				}),
+				ciphertext: "4befe0a66d9a4b6fec8e39eb5c90ac5dafdeaab005fff1af665fd1f9af925c91".into(),
+				kdf: Kdf::Pbkdf2(Pbkdf2 {
+					c: 10240,
+					dklen: 32,
+					prf: Prf::HmacSha256,
+					salt: "f17731e84ecac390546692dbd4ccf6a3a2720dc9652984978381e61c28a471b2".into(),
+				}),
+				mac: "7c7c3daafb24cf11eb3079dfb9064a11e92f309a0ee1dd676486bab119e686b7".into(),
+			},
+			metacrypto: Crypto {
+				cipher: Cipher::Aes128Ctr(Aes128Ctr {
+					iv: "9c353fb3f894fc05946843616c26bb3f".into(),
+				}),
+				ciphertext: "fef0d113d7576c1702daf380ad6f4c5408389e57991cae2a174facd74bd549338e1014850bddbab7eb486ff5f5c9c5532800c6a6d4db2be2212cd5cd3769244ab230e1f369e8382a9e6d7c0a".into(),
+				kdf: Kdf::Pbkdf2(Pbkdf2 {
+					c: 10240,
+					dklen: 32,
+					prf: Prf::HmacSha256,
+					salt: "aca82865174a82249a198814b263f43a631f272cbf7ed329d0f0839d259c652a".into(),
+				}),
+				mac: "b7413946bfe459d2801268dc331c04b3a84d92be11ef4dd9a507f895e8d9b5bd".into(),
+			}
+		};
+
+		let serialized = serde_json::to_string(&file).unwrap();
+		let deserialized = serde_json::from_str(&serialized).unwrap();
+
+		assert_eq!(file, deserialized);
+	}
+
+	#[test]
+	fn vault_name_inserted_to_json_meta() {
+		assert_eq!(insert_vault_name_to_json_meta(r#""#, "MyVault").unwrap(), r#"{"vault":"MyVault"}"#);
+		assert_eq!(insert_vault_name_to_json_meta(r#"{"tags":["kalabala"]}"#, "MyVault").unwrap(), r#"{"tags":["kalabala"],"vault":"MyVault"}"#);
+	}
+
+	#[test]
+	fn vault_name_not_inserted_to_json_meta() {
+		assert!(insert_vault_name_to_json_meta(r#"///3533"#, "MyVault").is_err());
+		assert!(insert_vault_name_to_json_meta(r#""string""#, "MyVault").is_err());
+	}
+
+	#[test]
+	fn vault_name_removed_from_json_meta() {
+		assert_eq!(remove_vault_name_from_json_meta(r#"{"vault":"MyVault"}"#).unwrap(), r#"{}"#);
+		assert_eq!(remove_vault_name_from_json_meta(r#"{"tags":["kalabala"],"vault":"MyVault"}"#).unwrap(), r#"{"tags":["kalabala"]}"#);
+	}
+
+	#[test]
+	fn vault_name_not_removed_from_json_meta() {
+		assert!(remove_vault_name_from_json_meta(r#"///3533"#).is_err());
+		assert!(remove_vault_name_from_json_meta(r#""string""#).is_err());
+	}
+}

accounts/ethstore/src/json/version.rs

@@ -0,0 +1,58 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use serde::{Serialize, Serializer, Deserialize, Deserializer};
+use serde::de::{Error as SerdeError, Visitor};
+use super::Error;
+
+#[derive(Debug, PartialEq)]
+pub enum Version {
+	V3,
+}
+
+impl Serialize for Version {
+	fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+	where S: Serializer {
+		match *self {
+			Version::V3 => serializer.serialize_u64(3)
+		}
+	}
+}
+
+impl<'a> Deserialize<'a> for Version {
+	fn deserialize<D>(deserializer: D) -> Result<Version, D::Error>
+	where D: Deserializer<'a> {
+		deserializer.deserialize_any(VersionVisitor)
+	}
+}
+
+struct VersionVisitor;
+
+impl<'a> Visitor<'a> for VersionVisitor {
+	type Value = Version;
+
+	fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+		write!(formatter, "a valid key version identifier")
+	}
+
+	fn visit_u64<E>(self, value: u64) -> Result<Self::Value, E> where E: SerdeError {
+		match value {
+			3 => Ok(Version::V3),
+			_ => Err(SerdeError::custom(Error::UnsupportedVersion))
+		}
+	}
+}

accounts/ethstore/src/lib.rs

@@ -1,23 +1,24 @@
-// Copyright 2015-2020 Parity Technologies (UK) Ltd.
-// This file is part of OpenEthereum.
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
 
-// OpenEthereum is free software: you can redistribute it and/or modify
+// Parity Ethereum is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 
-// OpenEthereum is distributed in the hope that it will be useful,
+// Parity Ethereum is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU General Public License for more details.
 
 // You should have received a copy of the GNU General Public License
-// along with OpenEthereum.  If not, see <http://www.gnu.org/licenses/>.
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
 
 //! Ethereum key-management.
 
 #![warn(missing_docs)]
 
+extern crate dir;
 extern crate itertools;
 extern crate libc;
 extern crate parking_lot;
@@ -26,16 +27,15 @@ extern crate rustc_hex;
 extern crate serde;
 extern crate serde_json;
 extern crate smallvec;
-extern crate tempdir;
 extern crate time;
+extern crate tiny_keccak;
+extern crate tempdir;
 
+extern crate parity_crypto as crypto;
 extern crate ethereum_types;
 extern crate ethkey as _ethkey;
-extern crate parity_crypto as crypto;
 extern crate parity_wordlist;
 
-#[macro_use]
-extern crate lazy_static;
 #[macro_use]
 extern crate log;
 #[macro_use]
@@ -58,20 +58,18 @@ mod presale;
 mod random;
 mod secret_store;
 
-pub use self::{
-    account::{Crypto, SafeAccount},
-    error::Error,
-    ethstore::{EthMultiStore, EthStore},
-    import::{import_account, import_accounts},
-    json::OpaqueKeyFile as KeyFile,
-    parity_wordlist::random_phrase,
-    presale::PresaleWallet,
-    random::random_string,
-    secret_store::{
-        Derivation, IndexDerivation, SecretStore, SecretVaultRef, SimpleSecretStore,
-        StoreAccountRef,
-    },
+pub use self::account::{SafeAccount, Crypto};
+pub use self::error::Error;
+pub use self::ethstore::{EthStore, EthMultiStore};
+pub use self::import::{import_account, import_accounts, read_geth_accounts};
+pub use self::json::OpaqueKeyFile as KeyFile;
+pub use self::presale::PresaleWallet;
+pub use self::secret_store::{
+	SecretVaultRef, StoreAccountRef, SimpleSecretStore, SecretStore,
+	Derivation, IndexDerivation,
 };
+pub use self::random::random_string;
+pub use self::parity_wordlist::random_phrase;
 
 /// An opaque wrapper for secret.
-pub struct OpaqueSecret(crypto::publickey::Secret);
+pub struct OpaqueSecret(::ethkey::Secret);

accounts/ethstore/src/presale.rs

@@ -0,0 +1,99 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fs;
+use std::path::Path;
+use json;
+use ethkey::{Address, Secret, KeyPair, Password};
+use crypto::{Keccak256, pbkdf2};
+use {crypto, Error};
+
+/// Pre-sale wallet.
+pub struct PresaleWallet {
+	iv: [u8; 16],
+	ciphertext: Vec<u8>,
+	address: Address,
+}
+
+impl From<json::PresaleWallet> for PresaleWallet {
+	fn from(wallet: json::PresaleWallet) -> Self {
+		let mut iv = [0u8; 16];
+		iv.copy_from_slice(&wallet.encseed[..16]);
+
+		let mut ciphertext = vec![];
+		ciphertext.extend_from_slice(&wallet.encseed[16..]);
+
+		PresaleWallet {
+			iv: iv,
+			ciphertext: ciphertext,
+			address: Address::from(wallet.address),
+		}
+	}
+}
+
+impl PresaleWallet {
+	/// Open a pre-sale wallet.
+	pub fn open<P>(path: P) -> Result<Self, Error> where P: AsRef<Path> {
+		let file = fs::File::open(path)?;
+		let presale = json::PresaleWallet::load(file)
+			.map_err(|e| Error::InvalidKeyFile(format!("{}", e)))?;
+		Ok(PresaleWallet::from(presale))
+	}
+
+	/// Decrypt the wallet.
+	pub fn decrypt(&self, password: &Password) -> Result<KeyPair, Error> {
+		let mut derived_key = [0u8; 32];
+		let salt = pbkdf2::Salt(password.as_bytes());
+		let sec = pbkdf2::Secret(password.as_bytes());
+		pbkdf2::sha256(2000, salt, sec, &mut derived_key);
+
+		let mut key = vec![0; self.ciphertext.len()];
+		let len = crypto::aes::decrypt_128_cbc(&derived_key[0..16], &self.iv, &self.ciphertext, &mut key)
+			.map_err(|_| Error::InvalidPassword)?;
+		let unpadded = &key[..len];
+
+		let secret = Secret::from_unsafe_slice(&unpadded.keccak256())?;
+		if let Ok(kp) = KeyPair::from_secret(secret) {
+			if kp.address() == self.address {
+				return Ok(kp)
+			}
+		}
+
+		Err(Error::InvalidPassword)
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::PresaleWallet;
+	use json;
+
+	#[test]
+	fn test() {
+		let json = r#"
+		{
+			"encseed": "137103c28caeebbcea5d7f95edb97a289ded151b72159137cb7b2671f394f54cff8c121589dcb373e267225547b3c71cbdb54f6e48ec85cd549f96cf0dedb3bc0a9ac6c79b9c426c5878ca2c9d06ff42a23cb648312fc32ba83649de0928e066",
+			"ethaddr": "ede84640d1a1d3e06902048e67aa7db8d52c2ce1",
+			"email": "123@gmail.com",
+			"btcaddr": "1JvqEc6WLhg6GnyrLBe2ztPAU28KRfuseH"
+		} "#;
+
+		let wallet = json::PresaleWallet::load(json.as_bytes()).unwrap();
+		let wallet = PresaleWallet::from(wallet);
+		assert!(wallet.decrypt(&"123".into()).is_ok());
+		assert!(wallet.decrypt(&"124".into()).is_err());
+	}
+}

accounts/ethstore/src/random.rs

@@ -0,0 +1,45 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use rand::{Rng, OsRng};
+
+pub trait Random {
+	fn random() -> Self where Self: Sized;
+}
+
+impl Random for [u8; 16] {
+	fn random() -> Self {
+		let mut result = [0u8; 16];
+		let mut rng = OsRng::new().unwrap();
+		rng.fill_bytes(&mut result);
+		result
+	}
+}
+
+impl Random for [u8; 32] {
+	fn random() -> Self {
+		let mut result = [0u8; 32];
+		let mut rng = OsRng::new().unwrap();
+		rng.fill_bytes(&mut result);
+		result
+	}
+}
+
+/// Generate a random string of given length.
+pub fn random_string(length: usize) -> String {
+	let mut rng = OsRng::new().expect("Not able to operate without random source.");
+	rng.gen_ascii_chars().take(length).collect()
+}

accounts/ethstore/src/secret_store.rs

@@ -0,0 +1,190 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::hash::{Hash, Hasher};
+use std::path::PathBuf;
+use std::cmp::Ordering;
+use ethkey::{Address, Message, Signature, Secret, Password, Public};
+use Error;
+use json::{Uuid, OpaqueKeyFile};
+use ethereum_types::H256;
+use OpaqueSecret;
+
+/// Key directory reference
+#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
+pub enum SecretVaultRef {
+	/// Reference to key in root directory
+	Root,
+	/// Referenc to key in specific vault
+	Vault(String),
+}
+
+/// Stored account reference
+#[derive(Debug, Clone, PartialEq, Eq, Ord)]
+pub struct StoreAccountRef {
+	/// Account address
+	pub address: Address,
+	/// Vault reference
+	pub vault: SecretVaultRef,
+}
+
+impl PartialOrd for StoreAccountRef {
+	fn partial_cmp(&self, other: &StoreAccountRef) -> Option<Ordering> {
+		Some(self.address.cmp(&other.address).then_with(|| self.vault.cmp(&other.vault)))
+	}
+}
+
+impl ::std::borrow::Borrow<Address> for StoreAccountRef {
+	fn borrow(&self) -> &Address {
+		&self.address
+	}
+}
+
+/// Simple Secret Store API
+pub trait SimpleSecretStore: Send + Sync {
+	/// Inserts new accounts to the store (or vault) with given password.
+	fn insert_account(&self, vault: SecretVaultRef, secret: Secret, password: &Password) -> Result<StoreAccountRef, Error>;
+	/// Inserts new derived account to the store (or vault) with given password.
+	fn insert_derived(&self, vault: SecretVaultRef, account_ref: &StoreAccountRef, password: &Password, derivation: Derivation) -> Result<StoreAccountRef, Error>;
+	/// Changes accounts password.
+	fn change_password(&self, account: &StoreAccountRef, old_password: &Password, new_password: &Password) -> Result<(), Error>;
+	/// Exports key details for account.
+	fn export_account(&self, account: &StoreAccountRef, password: &Password) -> Result<OpaqueKeyFile, Error>;
+	/// Entirely removes account from the store and underlying storage.
+	fn remove_account(&self, account: &StoreAccountRef, password: &Password) -> Result<(), Error>;
+	/// Generates new derived account.
+	fn generate_derived(&self, account_ref: &StoreAccountRef, password: &Password, derivation: Derivation) -> Result<Address, Error>;
+	/// Sign a message with given account.
+	fn sign(&self, account: &StoreAccountRef, password: &Password, message: &Message) -> Result<Signature, Error>;
+	/// Sign a message with derived account.
+	fn sign_derived(&self, account_ref: &StoreAccountRef, password: &Password, derivation: Derivation, message: &Message) -> Result<Signature, Error>;
+	/// Decrypt a messages with given account.
+	fn decrypt(&self, account: &StoreAccountRef, password: &Password, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error>;
+	/// Agree on shared key.
+	fn agree(&self, account: &StoreAccountRef, password: &Password, other: &Public) -> Result<Secret, Error>;
+
+	/// Returns all accounts in this secret store.
+	fn accounts(&self) -> Result<Vec<StoreAccountRef>, Error>;
+	/// Get reference to some account with given address.
+	/// This method could be removed if we will guarantee that there is max(1) account for given address.
+	fn account_ref(&self, address: &Address) -> Result<StoreAccountRef, Error>;
+
+	/// Create new vault with given password
+	fn create_vault(&self, name: &str, password: &Password) -> Result<(), Error>;
+	/// Open vault with given password
+	fn open_vault(&self, name: &str, password: &Password) -> Result<(), Error>;
+	/// Close vault
+	fn close_vault(&self, name: &str) -> Result<(), Error>;
+	/// List all vaults
+	fn list_vaults(&self) -> Result<Vec<String>, Error>;
+	/// List all currently opened vaults
+	fn list_opened_vaults(&self) -> Result<Vec<String>, Error>;
+	/// Change vault password
+	fn change_vault_password(&self, name: &str, new_password: &Password) -> Result<(), Error>;
+	/// Cnage account' vault
+	fn change_account_vault(&self, vault: SecretVaultRef, account: StoreAccountRef) -> Result<StoreAccountRef, Error>;
+	/// Get vault metadata string.
+	fn get_vault_meta(&self, name: &str) -> Result<String, Error>;
+	/// Set vault metadata string.
+	fn set_vault_meta(&self, name: &str, meta: &str) -> Result<(), Error>;
+}
+
+/// Secret Store API
+pub trait SecretStore: SimpleSecretStore {
+
+	/// Returns a raw opaque Secret that can be later used to sign a message.
+	fn raw_secret(&self, account: &StoreAccountRef, password: &Password) -> Result<OpaqueSecret, Error>;
+
+	/// Signs a message with raw secret.
+	fn sign_with_secret(&self, secret: &OpaqueSecret, message: &Message) -> Result<Signature, Error> {
+		Ok(::ethkey::sign(&secret.0, message)?)
+	}
+
+	/// Imports presale wallet
+	fn import_presale(&self, vault: SecretVaultRef, json: &[u8], password: &Password) -> Result<StoreAccountRef, Error>;
+	/// Imports existing JSON wallet
+	fn import_wallet(&self, vault: SecretVaultRef, json: &[u8], password: &Password, gen_id: bool) -> Result<StoreAccountRef, Error>;
+	/// Copies account between stores and vaults.
+	fn copy_account(&self, new_store: &SimpleSecretStore, new_vault: SecretVaultRef, account: &StoreAccountRef, password: &Password, new_password: &Password) -> Result<(), Error>;
+	/// Checks if password matches given account.
+	fn test_password(&self, account: &StoreAccountRef, password: &Password) -> Result<bool, Error>;
+
+	/// Returns a public key for given account.
+	fn public(&self, account: &StoreAccountRef, password: &Password) -> Result<Public, Error>;
+
+	/// Returns uuid of an account.
+	fn uuid(&self, account: &StoreAccountRef) -> Result<Uuid, Error>;
+	/// Returns account's name.
+	fn name(&self, account: &StoreAccountRef) -> Result<String, Error>;
+	/// Returns account's metadata.
+	fn meta(&self, account: &StoreAccountRef) -> Result<String, Error>;
+
+	/// Modifies account metadata.
+	fn set_name(&self, account: &StoreAccountRef, name: String) -> Result<(), Error>;
+	/// Modifies account name.
+	fn set_meta(&self, account: &StoreAccountRef, meta: String) -> Result<(), Error>;
+
+	/// Returns local path of the store.
+	fn local_path(&self) -> PathBuf;
+	/// Lists all found geth accounts.
+	fn list_geth_accounts(&self, testnet: bool) -> Vec<Address>;
+	/// Imports geth accounts to the store/vault.
+	fn import_geth_accounts(&self, vault: SecretVaultRef, desired: Vec<Address>, testnet: bool) -> Result<Vec<StoreAccountRef>, Error>;
+}
+
+impl StoreAccountRef {
+	/// Create reference to root account with given address
+	pub fn root(address: Address) -> Self {
+		StoreAccountRef::new(SecretVaultRef::Root, address)
+	}
+
+	/// Create reference to vault account with given address
+	pub fn vault(vault_name: &str, address: Address) -> Self {
+		StoreAccountRef::new(SecretVaultRef::Vault(vault_name.to_owned()), address)
+	}
+
+	/// Create new account reference
+	pub fn new(vault_ref: SecretVaultRef, address: Address) -> Self {
+		StoreAccountRef {
+			vault: vault_ref,
+			address: address,
+		}
+	}
+}
+
+impl Hash for StoreAccountRef {
+	fn hash<H: Hasher>(&self, state: &mut H) {
+		self.address.hash(state);
+	}
+}
+
+/// Node in hierarchical derivation.
+pub struct IndexDerivation {
+	/// Node is soft (allows proof of parent from parent node).
+	pub soft: bool,
+	/// Index sequence of the node.
+	pub index: u32,
+}
+
+/// Derivation scheme for keys
+pub enum Derivation {
+	/// Hierarchical derivation
+	Hierarchical(Vec<IndexDerivation>),
+	/// Hash derivation, soft.
+	SoftHash(H256),
+	/// Hash derivation, hard.
+	HardHash(H256),
+}

accounts/ethstore/tests/api.rs

@@ -0,0 +1,154 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+extern crate rand;
+extern crate ethstore;
+
+mod util;
+
+use ethstore::{EthStore, SimpleSecretStore, SecretVaultRef, StoreAccountRef};
+use ethstore::ethkey::{Random, Generator, Secret, KeyPair, verify_address};
+use ethstore::accounts_dir::RootDiskDirectory;
+use util::TransientDir;
+
+#[test]
+fn secret_store_create() {
+	let dir = TransientDir::create().unwrap();
+	let _ = EthStore::open(Box::new(dir)).unwrap();
+}
+
+#[test]
+#[should_panic]
+fn secret_store_open_not_existing() {
+	let dir = TransientDir::open();
+	let _ = EthStore::open(Box::new(dir)).unwrap();
+}
+
+fn random_secret() -> Secret {
+	Random.generate().unwrap().secret().clone()
+}
+
+#[test]
+fn secret_store_create_account() {
+	let dir = TransientDir::create().unwrap();
+	let store = EthStore::open(Box::new(dir)).unwrap();
+	assert_eq!(store.accounts().unwrap().len(), 0);
+	assert!(store.insert_account(SecretVaultRef::Root, random_secret(), &"".into()).is_ok());
+	assert_eq!(store.accounts().unwrap().len(), 1);
+	assert!(store.insert_account(SecretVaultRef::Root, random_secret(), &"".into()).is_ok());
+	assert_eq!(store.accounts().unwrap().len(), 2);
+}
+
+#[test]
+fn secret_store_sign() {
+	let dir = TransientDir::create().unwrap();
+	let store = EthStore::open(Box::new(dir)).unwrap();
+	assert!(store.insert_account(SecretVaultRef::Root, random_secret(), &"".into()).is_ok());
+	let accounts = store.accounts().unwrap();
+	assert_eq!(accounts.len(), 1);
+	assert!(store.sign(&accounts[0], &"".into(), &Default::default()).is_ok());
+	assert!(store.sign(&accounts[0], &"1".into(), &Default::default()).is_err());
+}
+
+#[test]
+fn secret_store_change_password() {
+	let dir = TransientDir::create().unwrap();
+	let store = EthStore::open(Box::new(dir)).unwrap();
+	assert!(store.insert_account(SecretVaultRef::Root, random_secret(), &"".into()).is_ok());
+	let accounts = store.accounts().unwrap();
+	assert_eq!(accounts.len(), 1);
+	assert!(store.sign(&accounts[0], &"".into(), &Default::default()).is_ok());
+	assert!(store.change_password(&accounts[0], &"".into(), &"1".into()).is_ok());
+	assert!(store.sign(&accounts[0], &"".into(), &Default::default()).is_err());
+	assert!(store.sign(&accounts[0], &"1".into(), &Default::default()).is_ok());
+}
+
+#[test]
+fn secret_store_remove_account() {
+	let dir = TransientDir::create().unwrap();
+	let store = EthStore::open(Box::new(dir)).unwrap();
+	assert!(store.insert_account(SecretVaultRef::Root, random_secret(), &"".into()).is_ok());
+	let accounts = store.accounts().unwrap();
+	assert_eq!(accounts.len(), 1);
+	assert!(store.remove_account(&accounts[0], &"".into()).is_ok());
+	assert_eq!(store.accounts().unwrap().len(), 0);
+	assert!(store.remove_account(&accounts[0], &"".into()).is_err());
+}
+
+fn test_path() -> &'static str {
+	match ::std::fs::metadata("ethstore") {
+		Ok(_) => "ethstore/tests/res/geth_keystore",
+ 		Err(_) => "tests/res/geth_keystore",
+	}
+}
+
+fn pat_path() -> &'static str {
+	match ::std::fs::metadata("ethstore") {
+		Ok(_) => "ethstore/tests/res/pat",
+		Err(_) => "tests/res/pat",
+	}
+}
+
+fn ciphertext_path() -> &'static str {
+	match ::std::fs::metadata("ethstore") {
+		Ok(_) => "ethstore/tests/res/ciphertext",
+		Err(_) => "tests/res/ciphertext",
+	}
+}
+
+#[test]
+fn secret_store_laod_geth_files() {
+	let dir = RootDiskDirectory::at(test_path());
+	let store = EthStore::open(Box::new(dir)).unwrap();
+	assert_eq!(store.accounts().unwrap(), vec![
+		StoreAccountRef::root("3f49624084b67849c7b4e805c5988c21a430f9d9".into()),
+		StoreAccountRef::root("5ba4dcf897e97c2bdf8315b9ef26c13c085988cf".into()),
+		StoreAccountRef::root("63121b431a52f8043c16fcf0d1df9cb7b5f66649".into()),
+	]);
+}
+
+#[test]
+fn secret_store_load_pat_files() {
+	let dir = RootDiskDirectory::at(pat_path());
+	let store = EthStore::open(Box::new(dir)).unwrap();
+	assert_eq!(store.accounts().unwrap(), vec![
+		StoreAccountRef::root("3f49624084b67849c7b4e805c5988c21a430f9d9".into()),
+		StoreAccountRef::root("5ba4dcf897e97c2bdf8315b9ef26c13c085988cf".into()),
+	]);
+}
+
+#[test]
+fn test_decrypting_files_with_short_ciphertext() {
+	// 31e9d1e6d844bd3a536800ef8d8be6a9975db509, 30
+	let kp1 = KeyPair::from_secret("000081c29e8142bb6a81bef5a92bda7a8328a5c85bb2f9542e76f9b0f94fc018".parse().unwrap()).unwrap();
+	// d1e64e5480bfaf733ba7d48712decb8227797a4e , 31
+	let kp2 = KeyPair::from_secret("00fa7b3db73dc7dfdf8c5fbdb796d741e4488628c41fc4febd9160a866ba0f35".parse().unwrap()).unwrap();
+	let dir = RootDiskDirectory::at(ciphertext_path());
+	let store = EthStore::open(Box::new(dir)).unwrap();
+	let accounts = store.accounts().unwrap();
+	assert_eq!(accounts, vec![
+		StoreAccountRef::root("31e9d1e6d844bd3a536800ef8d8be6a9975db509".into()),
+		StoreAccountRef::root("d1e64e5480bfaf733ba7d48712decb8227797a4e".into()),
+	]);
+
+	let message = Default::default();
+
+	let s1 = store.sign(&accounts[0], &"foo".into(), &message).unwrap();
+	let s2 = store.sign(&accounts[1], &"foo".into(), &message).unwrap();
+	assert!(verify_address(&accounts[0].address, &s1, &message).unwrap());
+	assert!(verify_address(&kp1.address(), &s1, &message).unwrap());
+	assert!(verify_address(&kp2.address(), &s2, &message).unwrap());
+}

accounts/ethstore/tests/util/mod.rs

@@ -1,18 +1,18 @@
-// Copyright 2015-2020 Parity Technologies (UK) Ltd.
-// This file is part of OpenEthereum.
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
 
-// OpenEthereum is free software: you can redistribute it and/or modify
+// Parity Ethereum is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 
-// OpenEthereum is distributed in the hope that it will be useful,
+// Parity Ethereum is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU General Public License for more details.
 
 // You should have received a copy of the GNU General Public License
-// along with OpenEthereum.  If not, see <http://www.gnu.org/licenses/>.
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
 
 mod transient_dir;
 

accounts/ethstore/tests/util/transient_dir.rs

@@ -0,0 +1,81 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::path::PathBuf;
+use std::{env, fs};
+use rand::{Rng, OsRng};
+use ethstore::accounts_dir::{KeyDirectory, RootDiskDirectory};
+use ethstore::{Error, SafeAccount};
+
+pub fn random_dir() -> PathBuf {
+	let mut rng = OsRng::new().unwrap();
+	let mut dir = env::temp_dir();
+	dir.push(format!("{:x}-{:x}", rng.next_u64(), rng.next_u64()));
+	dir
+}
+
+pub struct TransientDir {
+	dir: RootDiskDirectory,
+	path: PathBuf,
+}
+
+impl TransientDir {
+	pub fn create() -> Result<Self, Error> {
+		let path = random_dir();
+		let result = TransientDir {
+			dir: RootDiskDirectory::create(&path)?,
+			path: path,
+		};
+
+		Ok(result)
+	}
+
+	pub fn open() -> Self {
+		let path = random_dir();
+		TransientDir {
+			dir: RootDiskDirectory::at(&path),
+			path: path,
+		}
+	}
+}
+
+impl Drop for TransientDir {
+	fn drop(&mut self) {
+		fs::remove_dir_all(&self.path).expect("Expected to remove temp dir");
+	}
+}
+
+impl KeyDirectory for TransientDir {
+	fn load(&self) -> Result<Vec<SafeAccount>, Error> {
+		self.dir.load()
+	}
+
+	fn update(&self, account: SafeAccount) -> Result<SafeAccount, Error> {
+		self.dir.update(account)
+	}
+
+	fn insert(&self, account: SafeAccount) -> Result<SafeAccount, Error> {
+		self.dir.insert(account)
+	}
+
+	fn remove(&self, account: &SafeAccount) -> Result<(), Error> {
+		self.dir.remove(account)
+	}
+
+	fn unique_repr(&self) -> Result<u64, Error> {
+		self.dir.unique_repr()
+	}
+}

accounts/fake-hardware-wallet/Cargo.toml

@@ -0,0 +1,10 @@
+[package]
+description = "Fake hardware-wallet, for OS' that don't support libusb"
+name = "fake-hardware-wallet"
+version = "0.0.1"
+license = "GPL-3.0"
+authors = ["Parity Technologies <admin@parity.io>"]
+
+[dependencies]
+ethereum-types = "0.4"
+ethkey = { path = "../../accounts/ethkey" }

accounts/fake-hardware-wallet/src/lib.rs

@@ -0,0 +1,101 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Dummy module for platforms that does not provide support for hardware wallets (libusb)
+
+extern crate ethereum_types;
+extern crate ethkey;
+
+use std::fmt;
+use ethereum_types::U256;
+use ethkey::{Address, Signature};
+
+pub struct WalletInfo {
+	pub address: Address,
+	pub name: String,
+	pub manufacturer: String,
+}
+
+#[derive(Debug)]
+/// `ErrorType` for devices with no `hardware wallet`
+pub enum Error {
+	NoWallet,
+	KeyNotFound,
+}
+
+pub struct TransactionInfo {
+	/// Nonce
+	pub nonce: U256,
+	/// Gas price
+	pub gas_price: U256,
+	/// Gas limit
+	pub gas_limit: U256,
+	/// Receiver
+	pub to: Option<Address>,
+	/// Value
+	pub value: U256,
+	/// Data
+	pub data: Vec<u8>,
+	/// Chain ID
+	pub chain_id: Option<u64>,
+}
+
+pub enum KeyPath {
+	/// Ethereum.
+	Ethereum,
+	/// Ethereum classic.
+	EthereumClassic,
+}
+
+/// `HardwareWalletManager` for devices with no `hardware wallet`
+pub struct HardwareWalletManager;
+
+impl HardwareWalletManager {
+	pub fn new() -> Result<Self, Error> {
+		Err(Error::NoWallet)
+	}
+
+	pub fn set_key_path(&self, _key_path: KeyPath) {}
+
+	pub fn wallet_info(&self, _: &Address) -> Option<WalletInfo> { 
+		None 
+	}
+
+	pub fn list_wallets(&self) -> Vec<WalletInfo> {
+		Vec::with_capacity(0)
+	}
+
+	pub fn list_locked_wallets(&self) -> Result<Vec<String>, Error> {
+		Err(Error::NoWallet)
+	}
+
+	pub fn pin_matrix_ack(&self, _: &str, _: &str) -> Result<bool, Error> { 
+		Err(Error::NoWallet)
+	}
+	
+	pub fn sign_transaction(&self, _address: &Address, _transaction: &TransactionInfo, _rlp_transaction: &[u8]) -> Result<Signature, Error> { 
+		Err(Error::NoWallet) }
+	
+	pub fn sign_message(&self, _address: &Address, _msg: &[u8]) -> Result<Signature, Error> {
+		Err(Error::NoWallet)
+	}
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { 
+		write!(f, "No hardware wallet!!") 
+	}
+}

accounts/hw/Cargo.toml

@@ -0,0 +1,21 @@
+[package]
+description = "Hardware wallet support."
+homepage = "http://parity.io"
+license = "GPL-3.0"
+name = "hardware-wallet"
+version = "1.12.0"
+authors = ["Parity Technologies <admin@parity.io>"]
+
+[dependencies]
+log = "0.4"
+parking_lot = "0.7"
+protobuf = "1.4"
+hidapi = { git = "https://github.com/paritytech/hidapi-rs" }
+libusb = { git = "https://github.com/paritytech/libusb-rs" }
+trezor-sys = { git = "https://github.com/paritytech/trezor-sys" }
+ethkey = { path = "../ethkey" }
+ethereum-types = "0.4"
+semver = "0.9"
+
+[dev-dependencies]
+rustc-hex = "1.0"

accounts/hw/src/lib.rs

@@ -0,0 +1,402 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Hardware wallet management.
+
+#![warn(missing_docs)]
+#![warn(warnings)]
+
+extern crate ethereum_types;
+extern crate ethkey;
+extern crate hidapi;
+extern crate libusb;
+extern crate parking_lot;
+extern crate protobuf;
+extern crate semver;
+extern crate trezor_sys;
+
+#[macro_use] extern crate log;
+#[cfg(test)] extern crate rustc_hex;
+
+mod ledger;
+mod trezor;
+
+use std::sync::{Arc, atomic, atomic::AtomicBool, Weak};
+use std::{fmt, time::Duration};
+use std::thread;
+
+use ethereum_types::U256;
+use ethkey::{Address, Signature};
+use parking_lot::Mutex;
+
+const HID_GLOBAL_USAGE_PAGE: u16 = 0xFF00;
+const HID_USB_DEVICE_CLASS: u8 = 0;
+const MAX_POLLING_DURATION: Duration = Duration::from_millis(500);
+const USB_EVENT_POLLING_INTERVAL: Duration = Duration::from_millis(500);
+
+/// `HardwareWallet` device
+#[derive(Debug)]
+pub struct Device {
+	path: String,
+	info: WalletInfo,
+}
+
+/// `Wallet` trait
+pub trait Wallet<'a> {
+	/// Error
+	type Error;
+	/// Transaction data format
+	type Transaction;
+
+	/// Sign transaction data with wallet managing `address`.
+	fn sign_transaction(&self, address: &Address, transaction: Self::Transaction) -> Result<Signature, Self::Error>;
+
+	/// Set key derivation path for a chain.
+	fn set_key_path(&self, key_path: KeyPath);
+
+	/// Re-populate device list
+	/// Note, this assumes all devices are iterated over and updated
+	fn update_devices(&self, device_direction: DeviceDirection) -> Result<usize, Self::Error>;
+
+	/// Read device info
+	fn read_device(&self, usb: &hidapi::HidApi, dev_info: &hidapi::HidDeviceInfo) -> Result<Device, Self::Error>;
+
+	/// List connected and acknowledged wallets
+	fn list_devices(&self) -> Vec<WalletInfo>;
+
+	/// List locked wallets
+	/// This may be moved if it is the wrong assumption, for example this is not supported by Ledger
+	/// Then this method return a empty vector
+	fn list_locked_devices(&self) -> Vec<String>;
+
+	/// Get wallet info.
+	fn get_wallet(&self, address: &Address) -> Option<WalletInfo>;
+
+	/// Generate ethereum address for a Wallet
+	fn get_address(&self, device: &hidapi::HidDevice) -> Result<Option<Address>, Self::Error>;
+
+	/// Open a device using `device path`
+	/// Note, f - is a closure that borrows HidResult<HidDevice>
+	/// HidDevice is in turn a type alias for a `c_void function pointer`
+	/// For further information see:
+	///		* <https://github.com/paritytech/hidapi-rs>
+	///		* <https://github.com/rust-lang/libc>
+	fn open_path<R, F>(&self, f: F) -> Result<R, Self::Error>
+		where F: Fn() -> Result<R, &'static str>;
+}
+
+/// Hardware wallet error.
+#[derive(Debug)]
+pub enum Error {
+	/// Ledger device error.
+	LedgerDevice(ledger::Error),
+	/// Trezor device error
+	TrezorDevice(trezor::Error),
+	/// USB error.
+	Usb(libusb::Error),
+	/// HID error
+	Hid(String),
+	/// Hardware wallet not found for specified key.
+	KeyNotFound,
+}
+
+/// This is the transaction info we need to supply to Trezor message. It's more
+/// or less a duplicate of `ethcore::transaction::Transaction`, but we can't
+/// import ethcore here as that would be a circular dependency.
+pub struct TransactionInfo {
+	/// Nonce
+	pub nonce: U256,
+	/// Gas price
+	pub gas_price: U256,
+	/// Gas limit
+	pub gas_limit: U256,
+	/// Receiver
+	pub to: Option<Address>,
+	/// Value
+	pub value: U256,
+	/// Data
+	pub data: Vec<u8>,
+	/// Chain ID
+	pub chain_id: Option<u64>,
+}
+
+/// Hardware wallet information.
+#[derive(Debug, Clone)]
+pub struct WalletInfo {
+	/// Wallet device name.
+	pub name: String,
+	/// Wallet device manufacturer.
+	pub manufacturer: String,
+	/// Wallet device serial number.
+	pub serial: String,
+	/// Ethereum address.
+	pub address: Address,
+}
+
+/// Key derivation paths used on hardware wallets.
+#[derive(Debug, Clone, Copy)]
+pub enum KeyPath {
+	/// Ethereum.
+	Ethereum,
+	/// Ethereum classic.
+	EthereumClassic,
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		match *self {
+			Error::KeyNotFound => write!(f, "Key not found for given address."),
+			Error::LedgerDevice(ref e) => write!(f, "{}", e),
+			Error::TrezorDevice(ref e) => write!(f, "{}", e),
+			Error::Usb(ref e) => write!(f, "{}", e),
+			Error::Hid(ref e) => write!(f, "{}", e),
+		}
+	}
+}
+
+impl From<ledger::Error> for Error {
+	fn from(err: ledger::Error) -> Self {
+		match err {
+			ledger::Error::KeyNotFound => Error::KeyNotFound,
+			_ => Error::LedgerDevice(err),
+		}
+	}
+}
+
+impl From<trezor::Error> for Error {
+	fn from(err: trezor::Error) -> Self {
+		match err {
+			trezor::Error::KeyNotFound => Error::KeyNotFound,
+			_ => Error::TrezorDevice(err),
+		}
+	}
+}
+
+impl From<libusb::Error> for Error {
+	fn from(err: libusb::Error) -> Self {
+		Error::Usb(err)
+	}
+}
+
+/// Specifies the direction of the `HardwareWallet` i.e, whether it arrived or left
+#[derive(Debug, Copy, Clone, PartialEq)]
+pub enum DeviceDirection {
+	/// Device arrived
+	Arrived,
+	/// Device left
+	Left,
+}
+
+impl fmt::Display for DeviceDirection {
+	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+		match self {
+			DeviceDirection::Arrived => write!(f, "arrived"),
+			DeviceDirection::Left => write!(f, "left"),
+		}
+	}
+}
+
+/// Hardware wallet management interface.
+pub struct HardwareWalletManager {
+	exiting: Arc<AtomicBool>,
+	ledger: Arc<ledger::Manager>,
+	trezor: Arc<trezor::Manager>,
+}
+
+impl HardwareWalletManager {
+	/// Hardware wallet constructor
+	pub fn new() -> Result<Self, Error> {
+		let exiting = Arc::new(AtomicBool::new(false));
+		let hidapi = Arc::new(Mutex::new(hidapi::HidApi::new().map_err(|e| Error::Hid(e.to_string().clone()))?));
+		let ledger = ledger::Manager::new(hidapi.clone());
+		let trezor = trezor::Manager::new(hidapi.clone());
+		let usb_context = Arc::new(libusb::Context::new()?);
+
+		let l = ledger.clone();
+		let t = trezor.clone();
+		let exit = exiting.clone();
+
+		// Subscribe to all vendor IDs (VIDs) and product IDs (PIDs)
+		// This means that the `HardwareWalletManager` is responsible to validate the detected device
+		usb_context.register_callback(
+			None, None, Some(HID_USB_DEVICE_CLASS),
+			Box::new(EventHandler::new(
+				Arc::downgrade(&ledger),
+				Arc::downgrade(&trezor)
+			))
+		)?;
+
+		// Hardware event subscriber thread
+		thread::Builder::new()
+			.name("hw_wallet_manager".to_string())
+			.spawn(move || {
+				if let Err(e) = l.update_devices(DeviceDirection::Arrived) {
+					debug!(target: "hw", "Ledger couldn't connect at startup, error: {}", e);
+				}
+				if let Err(e) = t.update_devices(DeviceDirection::Arrived) {
+					debug!(target: "hw", "Trezor couldn't connect at startup, error: {}", e);
+				}
+
+				while !exit.load(atomic::Ordering::Acquire) {
+					if let Err(e) = usb_context.handle_events(Some(USB_EVENT_POLLING_INTERVAL)) {
+						debug!(target: "hw", "HardwareWalletManager event handler error: {}", e);
+					}
+				}
+			})
+			.ok();
+
+		Ok(Self {
+			exiting,
+			trezor,
+			ledger,
+		})
+	}
+
+	/// Select key derivation path for a chain.
+	/// Currently, only one hard-coded keypath is supported
+	/// It is managed by `ethcore/account_provider`
+	pub fn set_key_path(&self, key_path: KeyPath) {
+		self.ledger.set_key_path(key_path);
+		self.trezor.set_key_path(key_path);
+	}
+
+	/// List connected wallets. This only returns wallets that are ready to be used.
+	pub fn list_wallets(&self) -> Vec<WalletInfo> {
+		let mut wallets = Vec::new();
+		wallets.extend(self.ledger.list_devices());
+		wallets.extend(self.trezor.list_devices());
+		wallets
+	}
+
+	/// Return a list of paths to locked hardware wallets
+	/// This is only applicable to Trezor because Ledger only appears as
+	/// a device when it is unlocked
+	pub fn list_locked_wallets(&self) -> Result<Vec<String>, Error> {
+		Ok(self.trezor.list_locked_devices())
+	}
+
+	/// Get connected wallet info.
+	pub fn wallet_info(&self, address: &Address) -> Option<WalletInfo> {
+		if let Some(info) = self.ledger.get_wallet(address) {
+			Some(info)
+		} else {
+			self.trezor.get_wallet(address)
+		}
+	}
+
+	/// Sign a message with the wallet (only supported by Ledger)
+	pub fn sign_message(&self, address: &Address, msg: &[u8]) -> Result<Signature, Error> {
+		if self.ledger.get_wallet(address).is_some() {
+			Ok(self.ledger.sign_message(address, msg)?)
+		} else if self.trezor.get_wallet(address).is_some() {
+			Err(Error::TrezorDevice(trezor::Error::NoSigningMessage))
+		} else {
+			Err(Error::KeyNotFound)
+		}
+	}
+
+	/// Sign transaction data with wallet managing `address`.
+	pub fn sign_transaction(&self, address: &Address, t_info: &TransactionInfo, encoded_transaction: &[u8]) -> Result<Signature, Error> {
+		if self.ledger.get_wallet(address).is_some() {
+			Ok(self.ledger.sign_transaction(address, encoded_transaction)?)
+		} else if self.trezor.get_wallet(address).is_some() {
+			Ok(self.trezor.sign_transaction(address, t_info)?)
+		} else {
+			Err(Error::KeyNotFound)
+		}
+	}
+
+	/// Send a pin to a device at a certain path to unlock it
+	/// This is only applicable to Trezor because Ledger only appears as
+	/// a device when it is unlocked
+	pub fn pin_matrix_ack(&self, path: &str, pin: &str) -> Result<bool, Error> {
+		self.trezor.pin_matrix_ack(path, pin).map_err(Error::TrezorDevice)
+	}
+}
+
+impl Drop for HardwareWalletManager {
+	fn drop(&mut self) {
+		// Indicate to the USB Hotplug handler that it
+		// shall terminate but don't wait for it to terminate.
+		// If it doesn't terminate for some reason USB Hotplug events will be handled
+		// even if the HardwareWalletManger has been dropped
+		self.exiting.store(true, atomic::Ordering::Release);
+	}
+}
+
+/// Hardware wallet event handler
+///
+/// Note, that this runs to completion and race-conditions can't occur but it can
+/// stop other events for being processed with an infinite loop or similar
+struct EventHandler {
+	ledger: Weak<ledger::Manager>,
+	trezor: Weak<trezor::Manager>,
+}
+
+impl EventHandler {
+	/// Trezor event handler constructor
+	pub fn new(ledger: Weak<ledger::Manager>, trezor: Weak<trezor::Manager>) -> Self {
+		Self { ledger, trezor }
+	}
+
+	fn extract_device_info(device: &libusb::Device) -> Result<(u16, u16), Error> {
+		let desc = device.device_descriptor()?;
+		Ok((desc.vendor_id(), desc.product_id()))
+	}
+}
+
+impl libusb::Hotplug for EventHandler {
+	fn device_arrived(&mut self, device: libusb::Device) {
+		// Upgrade reference to an Arc
+		if let (Some(ledger), Some(trezor)) = (self.ledger.upgrade(), self.trezor.upgrade()) {
+			// Version ID and Product ID are available
+			if let Ok((vid, pid)) = Self::extract_device_info(&device) {
+				if trezor::is_valid_trezor(vid, pid) {
+					if !trezor::try_connect_polling(&trezor, &MAX_POLLING_DURATION, DeviceDirection::Arrived) {
+						trace!(target: "hw", "Trezor device was detected but connection failed");
+					}
+				} else if ledger::is_valid_ledger(vid, pid) {
+					if !ledger::try_connect_polling(&ledger, &MAX_POLLING_DURATION, DeviceDirection::Arrived) {
+						trace!(target: "hw", "Ledger device was detected but connection failed");
+					}
+				}
+			}
+		}
+	}
+
+	fn device_left(&mut self, device: libusb::Device) {
+		// Upgrade reference to an Arc
+		if let (Some(ledger), Some(trezor)) = (self.ledger.upgrade(), self.trezor.upgrade()) {
+			// Version ID and Product ID are available
+			if let Ok((vid, pid)) = Self::extract_device_info(&device) {
+				if trezor::is_valid_trezor(vid, pid) {
+					if !trezor::try_connect_polling(&trezor, &MAX_POLLING_DURATION, DeviceDirection::Left) {
+						trace!(target: "hw", "Trezor device was detected but disconnection failed");
+					}
+				} else if ledger::is_valid_ledger(vid, pid) {
+					if !ledger::try_connect_polling(&ledger, &MAX_POLLING_DURATION, DeviceDirection::Left) {
+						trace!(target: "hw", "Ledger device was detected but disconnection failed");
+					}
+				}
+			}
+		}
+	}
+}
+
+/// Helper to determine if a device is a valid HID
+pub fn is_valid_hid_device(usage_page: u16, interface_number: i32) -> bool {
+	usage_page == HID_GLOBAL_USAGE_PAGE || interface_number == HID_USB_DEVICE_CLASS as i32
+}

accounts/hw/src/trezor.rs

@@ -0,0 +1,463 @@
+// Copyright 2015-2019 Parity Technologies (UK) Ltd.
+// This file is part of Parity Ethereum.
+
+// Parity Ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity Ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity Ethereum.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Trezor hardware wallet module. Supports Trezor v1.
+//! See <http://doc.satoshilabs.com/trezor-tech/api-protobuf.html>
+//! and <https://github.com/trezor/trezor-common/blob/master/protob/protocol.md>
+//! for protocol details.
+
+use std::cmp::{min, max};
+use std::sync::Arc;
+use std::time::{Duration, Instant};
+use std::fmt;
+
+use ethereum_types::{U256, H256, Address};
+use ethkey::Signature;
+use hidapi;
+use libusb;
+use parking_lot::{Mutex, RwLock};
+use protobuf::{self, Message, ProtobufEnum};
+use super::{DeviceDirection, WalletInfo, TransactionInfo, KeyPath, Wallet, Device, is_valid_hid_device};
+use trezor_sys::messages::{EthereumAddress, PinMatrixAck, MessageType, EthereumTxRequest, EthereumSignTx, EthereumGetAddress, EthereumTxAck, ButtonAck};
+
+/// Trezor v1 vendor ID
+const TREZOR_VID: u16 = 0x534c;
+/// Trezor product IDs
+const TREZOR_PIDS: [u16; 1] = [0x0001];
+
+const ETH_DERIVATION_PATH: [u32; 5] = [0x8000_002C, 0x8000_003C, 0x8000_0000, 0, 0]; // m/44'/60'/0'/0/0
+const ETC_DERIVATION_PATH: [u32; 5] = [0x8000_002C, 0x8000_003D, 0x8000_0000, 0, 0]; // m/44'/61'/0'/0/0
+
+/// Hardware wallet error.
+#[derive(Debug)]
+pub enum Error {
+	/// Ethereum wallet protocol error.
+	Protocol(&'static str),
+	/// Hidapi error.
+	Usb(hidapi::HidError),
+	/// Libusb error
+	LibUsb(libusb::Error),
+	/// Device with request key is not available.
+	KeyNotFound,
+	/// Signing has been cancelled by user.
+	UserCancel,
+	/// The Message Type given in the trezor RPC call is not something we recognize
+	BadMessageType,
+	/// Trying to read from a closed device at the given path
+	LockedDevice(String),
+	/// Signing messages are not supported by Trezor
+	NoSigningMessage,
+	/// No device arrived
+	NoDeviceArrived,
+	/// No device left
+	NoDeviceLeft,
+	/// Invalid PID or VID
+	InvalidDevice,
+}
+
+impl fmt::Display for Error {
+	fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+		match *self {
+			Error::Protocol(ref s) => write!(f, "Trezor protocol error: {}", s),
+			Error::Usb(ref e) => write!(f, "USB communication error: {}", e),
+			Error::LibUsb(ref e) => write!(f, "LibUSB communication error: {}", e),
+			Error::KeyNotFound => write!(f, "Key not found"),
+			Error::UserCancel => write!(f, "Operation has been cancelled"),
+			Error::BadMessageType => write!(f, "Bad Message Type in RPC call"),
+			Error::LockedDevice(ref s) => write!(f, "Device is locked, needs PIN to perform operations: {}", s),
+			Error::NoSigningMessage=> write!(f, "Signing messages are not supported by Trezor"),
+			Error::NoDeviceArrived => write!(f, "No device arrived"),
+			Error::NoDeviceLeft => write!(f, "No device left"),
+			Error::InvalidDevice => write!(f, "Device with non-supported product ID or vendor ID was detected"),
+		}
+	}
+}
+
+impl From<hidapi::HidError> for Error {
+	fn from(err: hidapi::HidError) -> Self {
+		Error::Usb(err)
+	}
+}
+
+impl From<libusb::Error> for Error {
+	fn from(err: libusb::Error) -> Self {
+		Error::LibUsb(err)
+	}
+}
+
+impl From<protobuf::ProtobufError> for Error {
+	fn from(_: protobuf::ProtobufError) -> Self {
+		Error::Protocol(&"Could not read response from Trezor Device")
+	}
+}
+
+/// Trezor device manager
+pub struct Manager {
+	usb: Arc<Mutex<hidapi::HidApi>>,
+	devices: RwLock<Vec<Device>>,
+	locked_devices: RwLock<Vec<String>>,
+	key_path: RwLock<KeyPath>,
+}
+
+/// HID Version used for the Trezor device
+enum HidVersion {
+	V1,
+	V2,
+}
+
+impl Manager {
+	/// Create a new instance.
+	pub fn new(usb: Arc<Mutex<hidapi::HidApi>>) -> Arc<Self> {
+		Arc::new(Self {
+			usb,
+			devices: RwLock::new(Vec::new()),
+			locked_devices: RwLock::new(Vec::new()),
+			key_path: RwLock::new(KeyPath::Ethereum),
+		})
+	}
+
+	pub fn pin_matrix_ack(&self, device_path: &str, pin: &str) -> Result<bool, Error> {
+		let unlocked = {
+			let usb = self.usb.lock();
+			let device = self.open_path(|| usb.open_path(&device_path))?;
+			let t = MessageType::MessageType_PinMatrixAck;
+			let mut m = PinMatrixAck::new();
+			m.set_pin(pin.to_string());
+			self.send_device_message(&device, t, &m)?;
+			let (resp_type, _) = self.read_device_response(&device)?;
+			match resp_type {
+				// Getting an Address back means it's unlocked, this is undocumented behavior
+				MessageType::MessageType_EthereumAddress => Ok(true),
+				// Getting anything else means we didn't unlock it
+				_ => Ok(false),
+
+			}
+		};
+		self.update_devices(DeviceDirection::Arrived)?;
+		unlocked
+	}
+
+	fn u256_to_be_vec(&self, val: &U256) -> Vec<u8> {
+		let mut buf = [0_u8; 32];
+		val.to_big_endian(&mut buf);
+		buf.iter().skip_while(|x| **x == 0).cloned().collect()
+	}
+
+	fn signing_loop(&self, handle: &hidapi::HidDevice, chain_id: &Option<u64>, data: &[u8]) -> Result<Signature, Error> {
+		let (resp_type, bytes) = self.read_device_response(&handle)?;
+		match resp_type {
+			MessageType::MessageType_Cancel => Err(Error::UserCancel),
+			MessageType::MessageType_ButtonRequest => {
+				self.send_device_message(handle, MessageType::MessageType_ButtonAck, &ButtonAck::new())?;
+				// Signing loop goes back to the top and reading blocks
+				// for up to 5 minutes waiting for response from the device
+				// if the user doesn't click any button within 5 minutes you
+				// get a signing error and the device sort of locks up on the signing screen
+				self.signing_loop(handle, chain_id, data)
+			}
+			MessageType::MessageType_EthereumTxRequest => {
+				let resp: EthereumTxRequest = protobuf::core::parse_from_bytes(&bytes)?;
+				if resp.has_data_length() {
+					let mut msg = EthereumTxAck::new();
+					let len = resp.get_data_length() as usize;
+					msg.set_data_chunk(data[..len].to_vec());
+					self.send_device_message(handle, MessageType::MessageType_EthereumTxAck, &msg)?;
+					self.signing_loop(handle, chain_id, &data[len..])
+				} else {
+					let v = resp.get_signature_v();
+					let r = H256::from_slice(resp.get_signature_r());
+					let s = H256::from_slice(resp.get_signature_s());
+					if let Some(c_id) = *chain_id {
+						// If there is a chain_id supplied, Trezor will return a v
+						// part of the signature that is already adjusted for EIP-155,
+						// so v' = v + 2 * chain_id + 35, but code further down the
+						// pipeline will already do this transformation, so remove it here
+						let adjustment = 35 + 2 * c_id as u32;
+						Ok(Signature::from_rsv(&r, &s, (max(v, adjustment) - adjustment) as u8))
+					} else {
+						// If there isn't a chain_id, v will be returned as v + 27
+						let adjusted_v = if v < 27 { v } else { v - 27 };
+						Ok(Signature::from_rsv(&r, &s, adjusted_v as u8))
+					}
+				}
+			}
+			MessageType::MessageType_Failure => Err(Error::Protocol("Last message sent to Trezor failed")),
+			_ => Err(Error::Protocol("Unexpected response from Trezor device.")),
+		}
+	}
+
+	fn send_device_message(&self, device: &hidapi::HidDevice, msg_type: MessageType, msg: &Message) -> Result<usize, Error> {
+		let msg_id = msg_type as u16;
+		let mut message = msg.write_to_bytes()?;
+		let msg_size = message.len();
+		let mut data = Vec::new();
+		let hid_version = self.probe_hid_version(device)?;
+		// Magic constants
+		data.push(b'#');
+		data.push(b'#');
+		// Convert msg_id to BE and split into bytes
+		data.push(((msg_id >> 8) & 0xFF) as u8);
+		data.push((msg_id & 0xFF) as u8);
+		// Convert msg_size to BE and split into bytes
+		data.push(((msg_size >> 24) & 0xFF) as u8);
+		data.push(((msg_size >> 16) & 0xFF) as u8);
+		data.push(((msg_size >> 8) & 0xFF) as u8);
+		data.push((msg_size & 0xFF) as u8);
+		data.append(&mut message);
+		while data.len() % 63 > 0 {
+			data.push(0);
+		}
+		let mut total_written = 0;
+		for chunk in data.chunks(63) {
+			let mut padded_chunk = match hid_version {
+				HidVersion::V1 => vec![b'?'],
+				HidVersion::V2 => vec![0, b'?'],
+			};
+			padded_chunk.extend_from_slice(&chunk);
+			total_written += device.write(&padded_chunk)?;
+		}
+		Ok(total_written)
+	}
+
+	fn probe_hid_version(&self, device: &hidapi::HidDevice) -> Result<HidVersion, Error> {
+		let mut buf2 = [0xFF_u8; 65];
+		buf2[0] = 0;
+		buf2[1] = 63;
+		let mut buf1 = [0xFF_u8; 64];
+		buf1[0] = 63;
+		if device.write(&buf2)? == 65 {
+			Ok(HidVersion::V2)
+		} else if device.write(&buf1)? == 64 {
+			Ok(HidVersion::V1)
+		} else {
+			Err(Error::Usb("Unable to determine HID Version"))
+		}
+	}
+
+	fn read_device_response(&self, device: &hidapi::HidDevice) -> Result<(MessageType, Vec<u8>), Error> {
+		let protocol_err = Error::Protocol(&"Unexpected wire response from Trezor Device");
+		let mut buf = vec![0; 64];
+
+		let first_chunk = device.read_timeout(&mut buf, 300_000)?;
+		if first_chunk < 9 || buf[0] != b'?' || buf[1] != b'#' || buf[2] != b'#' {
+			return Err(protocol_err);
+		}
+		let msg_type = MessageType::from_i32(((buf[3] as i32 & 0xFF) << 8) + (buf[4] as i32 & 0xFF)).ok_or(protocol_err)?;
+		let msg_size = ((buf[5] as u32 & 0xFF) << 24) + ((buf[6] as u32 & 0xFF) << 16) + ((buf[7] as u32 & 0xFF) << 8) + (buf[8] as u32 & 0xFF);
+		let mut data = Vec::new();
+		data.extend_from_slice(&buf[9..]);
+		while data.len() < (msg_size as usize) {
+			device.read_timeout(&mut buf, 10_000)?;
+			data.extend_from_slice(&buf[1..]);
+		}
+		Ok((msg_type, data[..msg_size as usize].to_vec()))
+	}
+}
+
+impl<'a> Wallet<'a> for Manager {
+	type Error = Error;
+	type Transaction = &'a TransactionInfo;
+
+	fn sign_transaction(&self, address: &Address, t_info: Self::Transaction) ->
+		Result<Signature, Error> {
+		let usb = self.usb.lock();
+		let devices = self.devices.read();
+		let device = devices.iter().find(|d| &d.info.address == address).ok_or(Error::KeyNotFound)?;
+		let handle = self.open_path(|| usb.open_path(&device.path))?;
+		let msg_type = MessageType::MessageType_EthereumSignTx;
+		let mut message = EthereumSignTx::new();
+		match *self.key_path.read() {
+			KeyPath::Ethereum => message.set_address_n(ETH_DERIVATION_PATH.to_vec()),
+			KeyPath::EthereumClassic => message.set_address_n(ETC_DERIVATION_PATH.to_vec()),
+		}
+		message.set_nonce(self.u256_to_be_vec(&t_info.nonce));
+		message.set_gas_limit(self.u256_to_be_vec(&t_info.gas_limit));
+		message.set_gas_price(self.u256_to_be_vec(&t_info.gas_price));
+		message.set_value(self.u256_to_be_vec(&t_info.value));
+
+		if let Some(addr) = t_info.to {
+			message.set_to(addr.to_vec())
+		}
+		let first_chunk_length = min(t_info.data.len(), 1024);
+		let chunk = &t_info.data[0..first_chunk_length];
+		message.set_data_initial_chunk(chunk.to_vec());
+		message.set_data_length(t_info.data.len() as u32);
+		if let Some(c_id) = t_info.chain_id {
+			message.set_chain_id(c_id as u32);
+		}
+
+		self.send_device_message(&handle, msg_type, &message)?;
+
+		self.signing_loop(&handle, &t_info.chain_id, &t_info.data[first_chunk_length..])
+	}
+
+	fn set_key_path(&self, key_path: KeyPath) {
+		*self.key_path.write() = key_path;
+	}
+
+	fn update_devices(&self, device_direction: DeviceDirection) -> Result<usize, Error> {
+		let mut usb = self.usb.lock();
+		usb.refresh_devices();
+		let devices = usb.devices();
+		let num_prev_devices = self.devices.read().len();
+
+		let detected_devices = devices.iter()
+			.filter(|&d| is_valid_trezor(d.vendor_id, d.product_id) &&
+					is_valid_hid_device(d.usage_page, d.interface_number)
+			)
+			.fold(Vec::new(), |mut v, d| {
+				match self.read_device(&usb, &d) {
+					Ok(info) => {
+						trace!(target: "hw", "Found device: {:?}", info);
+						v.push(info);
+					}
+					Err(e) => trace!(target: "hw", "Error reading device info: {}", e),
+				};
+				v
+			});
+
+		let num_curr_devices = detected_devices.len();
+		*self.devices.write() = detected_devices;
+
+		match device_direction {
+			DeviceDirection::Arrived => {
+				if num_curr_devices > num_prev_devices {
+					Ok(num_curr_devices - num_prev_devices)
+				} else {
+					Err(Error::NoDeviceArrived)
+				}
+			}
+			DeviceDirection::Left => {
+				if num_prev_devices > num_curr_devices {
+					Ok(num_prev_devices - num_curr_devices)
+				} else {
+					Err(Error::NoDeviceLeft)
+				}
+			}
+		}
+	}
+
+	fn read_device(&self, usb: &hidapi::HidApi, dev_info: &hidapi::HidDeviceInfo) -> Result<Device, Error> {
+		let handle = self.open_path(|| usb.open_path(&dev_info.path))?;
+		let manufacturer = dev_info.manufacturer_string.clone().unwrap_or_else(|| "Unknown".to_owned());
+		let name = dev_info.product_string.clone().unwrap_or_else(|| "Unknown".to_owned());
+		let serial = dev_info.serial_number.clone().unwrap_or_else(|| "Unknown".to_owned());
+		match self.get_address(&handle) {
+			Ok(Some(addr)) => {
+				Ok(Device {
+					path: dev_info.path.clone(),
+					info: WalletInfo {
+						name,
+						manufacturer,
+						serial,
+						address: addr,
+					},
+				})
+			}
+			Ok(None) => Err(Error::LockedDevice(dev_info.path.clone())),
+			Err(e) => Err(e),
+		}
+	}
+
+	fn list_devices(&self) -> Vec<WalletInfo> {
+		self.devices.read().iter().map(|d| d.info.clone()).collect()
+	}
+
+	fn list_locked_devices(&self) -> Vec<String> {
+		(*self.locked_devices.read()).clone()
+	}
+
+	fn get_wallet(&self, address: &Address) -> Option<WalletInfo> {
+		self.devices.read().iter().find(|d| &d.info.address == address).map(|d| d.info.clone())
+	}
+
+	fn get_address(&self, device: &hidapi::HidDevice) -> Result<Option<Address>, Error> {
+		let typ = MessageType::MessageType_EthereumGetAddress;
+		let mut message = EthereumGetAddress::new();
+		match *self.key_path.read() {
+			KeyPath::Ethereum => message.set_address_n(ETH_DERIVATION_PATH.to_vec()),
+			KeyPath::EthereumClassic => message.set_address_n(ETC_DERIVATION_PATH.to_vec()),
+		}
+		message.set_show_display(false);
+		self.send_device_message(&device, typ, &message)?;
+
+		let (resp_type, bytes) = self.read_device_response(&device)?;
+		match resp_type {
+			MessageType::MessageType_EthereumAddress => {
+				let response: EthereumAddress = protobuf::core::parse_from_bytes(&bytes)?;
+				Ok(Some(From::from(response.get_address())))
+			}
+			_ => Ok(None),
+		}
+	}
+
+	fn open_path<R, F>(&self, f: F) -> Result<R, Error>
+		where F: Fn() -> Result<R, &'static str>
+	{
+		f().map_err(Into::into)
+	}
+}
+
+/// Poll the device in maximum `max_polling_duration` if it doesn't succeed
+pub fn try_connect_polling(trezor: &Manager, duration: &Duration, dir: DeviceDirection) -> bool {
+	let start_time = Instant::now();
+	while start_time.elapsed() <= *duration {
+		if let Ok(num_devices) = trezor.update_devices(dir) {
+			trace!(target: "hw", "{} Trezor devices {}", num_devices, dir);
+			return true
+		}
+	}
+	false
+}
+
+/// Check if the detected device is a Trezor device by checking both the product ID and the vendor ID
+pub fn is_valid_trezor(vid: u16, pid: u16) -> bool {
+	vid == TREZOR_VID && TREZOR_PIDS.contains(&pid)
+}
+
+#[test]
+#[ignore]
+/// This test can't be run without an actual trezor device connected
+/// (and unlocked) attached to the machine that's running the test
+fn test_signature() {
+	use ethereum_types::Address;
+	use MAX_POLLING_DURATION;
+	use super::HardwareWalletManager;
+
+	let manager = HardwareWalletManager::new().unwrap();
+
+	assert_eq!(try_connect_polling(&manager.trezor, &MAX_POLLING_DURATION, DeviceDirection::Arrived), true);
+
+	let addr: Address = manager.list_wallets()
+		.iter()
+		.filter(|d| d.name == "TREZOR".to_string() && d.manufacturer == "SatoshiLabs".to_string())
+		.nth(0)
+		.map(|d| d.address)
+		.unwrap();
+
+	let t_info = TransactionInfo {
+		nonce: U256::from(1),
+		gas_price: U256::from(100),
+		gas_limit: U256::from(21_000),
+		to: Some(Address::from(1337)),
+		chain_id: Some(1),
+		value: U256::from(1_000_000),
+		data: (&[1u8; 3000]).to_vec(),
+	};
+
+	let signature = manager.trezor.sign_transaction(&addr, &t_info);
+	assert!(signature.is_ok());
+}

bin/chainspec/src/main.rs

@@ -1,51 +0,0 @@
-// Copyright 2015-2020 Parity Technologies (UK) Ltd.
-// This file is part of OpenEthereum.
-
-// OpenEthereum is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-
-// OpenEthereum is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-
-// You should have received a copy of the GNU General Public License
-// along with OpenEthereum.  If not, see <http://www.gnu.org/licenses/>.
-
-extern crate ethjson;
-extern crate serde_json;
-
-use ethjson::spec::Spec;
-use std::{env, fs, process};
-
-fn quit(s: &str) -> ! {
-    println!("{}", s);
-    process::exit(1);
-}
-
-fn main() {
-    let mut args = env::args();
-    if args.len() != 2 {
-        quit(
-            "You need to specify chainspec.json\n\
-		\n\
-		./chainspec <chainspec.json>",
-        );
-    }
-
-    let path = args.nth(1).expect("args.len() == 2; qed");
-    let file = match fs::File::open(&path) {
-        Ok(file) => file,
-        Err(_) => quit(&format!("{} could not be opened", path)),
-    };
-
-    let spec: Result<Spec, _> = serde_json::from_reader(file);
-
-    if let Err(err) = spec {
-        quit(&format!("{} {}", path, err.to_string()));
-    }
-
-    println!("{} is valid", path);
-}

bin/ethkey/src/main.rs

@@ -1,493 +0,0 @@
-// Copyright 2015-2020 Parity Technologies (UK) Ltd.
-// This file is part of OpenEthereum.
-
-// OpenEthereum is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-
-// OpenEthereum is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-
-// You should have received a copy of the GNU General Public License
-// along with OpenEthereum.  If not, see <http://www.gnu.org/licenses/>.
-
-extern crate docopt;
-extern crate env_logger;
-extern crate ethkey;
-extern crate panic_hook;
-extern crate parity_crypto as crypto;
-extern crate parity_wordlist;
-extern crate rustc_hex;
-extern crate serde;
-extern crate threadpool;
-
-#[macro_use]
-extern crate serde_derive;
-
-use std::{env, fmt, io, num::ParseIntError, process, sync};
-
-use crypto::publickey::{
-    sign, verify_address, verify_public, Error as EthkeyError, Generator, KeyPair, Random,
-};
-use docopt::Docopt;
-use ethkey::{brain_recover, Brain, BrainPrefix, Prefix};
-use rustc_hex::{FromHex, FromHexError};
-
-const USAGE: &'static str = r#"
-Parity Ethereum keys generator.
-  Copyright 2015-2019 Parity Technologies (UK) Ltd.
-
-Usage:
-    ethkey info <secret-or-phrase> [options]
-    ethkey generate random [options]
-    ethkey generate prefix <prefix> [options]
-    ethkey sign <secret> <message>
-    ethkey verify public <public> <signature> <message>
-    ethkey verify address <address> <signature> <message>
-    ethkey recover <address> <known-phrase>
-    ethkey [-h | --help]
-
-Options:
-    -h, --help         Display this message and exit.
-    -s, --secret       Display only the secret key.
-    -p, --public       Display only the public key.
-    -a, --address      Display only the address.
-    -b, --brain        Use parity brain wallet algorithm. Not recommended.
-
-Commands:
-    info               Display public key and address of the secret.
-    generate random    Generates new random Ethereum key.
-    generate prefix    Random generation, but address must start with a prefix ("vanity address").
-    sign               Sign message using a secret key.
-    verify             Verify signer of the signature by public key or address.
-    recover            Try to find brain phrase matching given address from partial phrase.
-"#;
-
-#[derive(Debug, Deserialize)]
-struct Args {
-    cmd_info: bool,
-    cmd_generate: bool,
-    cmd_random: bool,
-    cmd_prefix: bool,
-    cmd_sign: bool,
-    cmd_verify: bool,
-    cmd_public: bool,
-    cmd_address: bool,
-    cmd_recover: bool,
-    arg_prefix: String,
-    arg_secret: String,
-    arg_secret_or_phrase: String,
-    arg_known_phrase: String,
-    arg_message: String,
-    arg_public: String,
-    arg_address: String,
-    arg_signature: String,
-    flag_secret: bool,
-    flag_public: bool,
-    flag_address: bool,
-    flag_brain: bool,
-}
-
-#[derive(Debug)]
-enum Error {
-    Ethkey(EthkeyError),
-    FromHex(FromHexError),
-    ParseInt(ParseIntError),
-    Docopt(docopt::Error),
-    Io(io::Error),
-}
-
-impl From<EthkeyError> for Error {
-    fn from(err: EthkeyError) -> Self {
-        Error::Ethkey(err)
-    }
-}
-
-impl From<FromHexError> for Error {
-    fn from(err: FromHexError) -> Self {
-        Error::FromHex(err)
-    }
-}
-
-impl From<ParseIntError> for Error {
-    fn from(err: ParseIntError) -> Self {
-        Error::ParseInt(err)
-    }
-}
-
-impl From<docopt::Error> for Error {
-    fn from(err: docopt::Error) -> Self {
-        Error::Docopt(err)
-    }
-}
-
-impl From<io::Error> for Error {
-    fn from(err: io::Error) -> Self {
-        Error::Io(err)
-    }
-}
-
-impl fmt::Display for Error {
-    fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
-        match *self {
-            Error::Ethkey(ref e) => write!(f, "{}", e),
-            Error::FromHex(ref e) => write!(f, "{}", e),
-            Error::ParseInt(ref e) => write!(f, "{}", e),
-            Error::Docopt(ref e) => write!(f, "{}", e),
-            Error::Io(ref e) => write!(f, "{}", e),
-        }
-    }
-}
-
-enum DisplayMode {
-    KeyPair,
-    Secret,
-    Public,
-    Address,
-}
-
-impl DisplayMode {
-    fn new(args: &Args) -> Self {
-        if args.flag_secret {
-            DisplayMode::Secret
-        } else if args.flag_public {
-            DisplayMode::Public
-        } else if args.flag_address {
-            DisplayMode::Address
-        } else {
-            DisplayMode::KeyPair
-        }
-    }
-}
-
-fn main() {
-    panic_hook::set_abort();
-    env_logger::try_init().expect("Logger initialized only once.");
-
-    match execute(env::args()) {
-        Ok(ok) => println!("{}", ok),
-        Err(Error::Docopt(ref e)) => e.exit(),
-        Err(err) => {
-            eprintln!("{}", err);
-            process::exit(1);
-        }
-    }
-}
-
-fn display(result: (KeyPair, Option<String>), mode: DisplayMode) -> String {
-    let keypair = result.0;
-    match mode {
-        DisplayMode::KeyPair => match result.1 {
-            Some(extra_data) => format!("{}\n{}", extra_data, keypair),
-            None => format!("{}", keypair),
-        },
-        DisplayMode::Secret => format!("{:x}", keypair.secret()),
-        DisplayMode::Public => format!("{:x}", keypair.public()),
-        DisplayMode::Address => format!("{:x}", keypair.address()),
-    }
-}
-
-fn execute<S, I>(command: I) -> Result<String, Error>
-where
-    I: IntoIterator<Item = S>,
-    S: AsRef<str>,
-{
-    let args: Args = Docopt::new(USAGE).and_then(|d| d.argv(command).deserialize())?;
-
-    return if args.cmd_info {
-        let display_mode = DisplayMode::new(&args);
-
-        let result = if args.flag_brain {
-            let phrase = args.arg_secret_or_phrase;
-            let phrase_info = validate_phrase(&phrase);
-            let keypair = Brain::new(phrase).generate();
-            (keypair, Some(phrase_info))
-        } else {
-            let secret = args
-                .arg_secret_or_phrase
-                .parse()
-                .map_err(|_| EthkeyError::InvalidSecretKey)?;
-            (KeyPair::from_secret(secret)?, None)
-        };
-        Ok(display(result, display_mode))
-    } else if args.cmd_generate {
-        let display_mode = DisplayMode::new(&args);
-        let result = if args.cmd_random {
-            if args.flag_brain {
-                let mut brain = BrainPrefix::new(vec![0], usize::max_value(), BRAIN_WORDS);
-                let keypair = brain.generate()?;
-                let phrase = format!("recovery phrase: {}", brain.phrase());
-                (keypair, Some(phrase))
-            } else {
-                (Random.generate(), None)
-            }
-        } else if args.cmd_prefix {
-            let prefix = args.arg_prefix.from_hex()?;
-            let brain = args.flag_brain;
-            in_threads(move || {
-                let iterations = 1024;
-                let prefix = prefix.clone();
-                move || {
-                    let prefix = prefix.clone();
-                    let res = if brain {
-                        let mut brain = BrainPrefix::new(prefix, iterations, BRAIN_WORDS);
-                        let result = brain.generate();
-                        let phrase = format!("recovery phrase: {}", brain.phrase());
-                        result.map(|keypair| (keypair, Some(phrase)))
-                    } else {
-                        let result = Prefix::new(prefix, iterations).generate();
-                        result.map(|res| (res, None))
-                    };
-
-                    Ok(res.map(Some).unwrap_or(None))
-                }
-            })?
-        } else {
-            return Ok(format!("{}", USAGE));
-        };
-        Ok(display(result, display_mode))
-    } else if args.cmd_sign {
-        let secret = args
-            .arg_secret
-            .parse()
-            .map_err(|_| EthkeyError::InvalidSecretKey)?;
-        let message = args
-            .arg_message
-            .parse()
-            .map_err(|_| EthkeyError::InvalidMessage)?;
-        let signature = sign(&secret, &message)?;
-        Ok(format!("{}", signature))
-    } else if args.cmd_verify {
-        let signature = args
-            .arg_signature
-            .parse()
-            .map_err(|_| EthkeyError::InvalidSignature)?;
-        let message = args
-            .arg_message
-            .parse()
-            .map_err(|_| EthkeyError::InvalidMessage)?;
-        let ok = if args.cmd_public {
-            let public = args
-                .arg_public
-                .parse()
-                .map_err(|_| EthkeyError::InvalidPublicKey)?;
-            verify_public(&public, &signature, &message)?
-        } else if args.cmd_address {
-            let address = args
-                .arg_address
-                .parse()
-                .map_err(|_| EthkeyError::InvalidAddress)?;
-            verify_address(&address, &signature, &message)?
-        } else {
-            return Ok(format!("{}", USAGE));
-        };
-        Ok(format!("{}", ok))
-    } else if args.cmd_recover {
-        let display_mode = DisplayMode::new(&args);
-        let known_phrase = args.arg_known_phrase;
-        let address = args
-            .arg_address
-            .parse()
-            .map_err(|_| EthkeyError::InvalidAddress)?;
-        let (phrase, keypair) = in_threads(move || {
-            let mut it =
-                brain_recover::PhrasesIterator::from_known_phrase(&known_phrase, BRAIN_WORDS);
-            move || {
-                let mut i = 0;
-                while let Some(phrase) = it.next() {
-                    i += 1;
-
-                    let keypair = Brain::new(phrase.clone()).generate();
-                    if keypair.address() == address {
-                        return Ok(Some((phrase, keypair)));
-                    }
-
-                    if i >= 1024 {
-                        return Ok(None);
-                    }
-                }
-
-                Err(EthkeyError::Custom("Couldn't find any results.".into()))
-            }
-        })?;
-        Ok(display((keypair, Some(phrase)), display_mode))
-    } else {
-        Ok(format!("{}", USAGE))
-    };
-}
-
-const BRAIN_WORDS: usize = 12;
-
-fn validate_phrase(phrase: &str) -> String {
-    match Brain::validate_phrase(phrase, BRAIN_WORDS) {
-        Ok(()) => format!("The recovery phrase looks correct.\n"),
-        Err(err) => format!("The recover phrase was not generated by Parity: {}", err),
-    }
-}
-
-fn in_threads<F, X, O>(prepare: F) -> Result<O, EthkeyError>
-where
-    O: Send + 'static,
-    X: Send + 'static,
-    F: Fn() -> X,
-    X: FnMut() -> Result<Option<O>, EthkeyError>,
-{
-    let pool = threadpool::Builder::new().build();
-
-    let (tx, rx) = sync::mpsc::sync_channel(1);
-    let is_done = sync::Arc::new(sync::atomic::AtomicBool::default());
-
-    for _ in 0..pool.max_count() {
-        let is_done = is_done.clone();
-        let tx = tx.clone();
-        let mut task = prepare();
-        pool.execute(move || {
-            loop {
-                if is_done.load(sync::atomic::Ordering::SeqCst) {
-                    return;
-                }
-
-                let res = match task() {
-                    Ok(None) => continue,
-                    Ok(Some(v)) => Ok(v),
-                    Err(err) => Err(err),
-                };
-
-                // We are interested only in the first response.
-                let _ = tx.send(res);
-            }
-        });
-    }
-
-    if let Ok(solution) = rx.recv() {
-        is_done.store(true, sync::atomic::Ordering::SeqCst);
-        return solution;
-    }
-
-    Err(EthkeyError::Custom("No results found.".into()))
-}
-
-#[cfg(test)]
-mod tests {
-    use super::execute;
-
-    #[test]
-    fn info() {
-        let command = vec![
-            "ethkey",
-            "info",
-            "17d08f5fe8c77af811caa0c9a187e668ce3b74a99acc3f6d976f075fa8e0be55",
-        ]
-        .into_iter()
-        .map(Into::into)
-        .collect::<Vec<String>>();
-
-        let expected =
-"secret:  17d08f5fe8c77af811caa0c9a187e668ce3b74a99acc3f6d976f075fa8e0be55
-public:  689268c0ff57a20cd299fa60d3fb374862aff565b20b5f1767906a99e6e09f3ff04ca2b2a5cd22f62941db103c0356df1a8ed20ce322cab2483db67685afd124
-address: 26d1ec50b4e62c1d1a40d16e7cacc6a6580757d5".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn brain() {
-        let command = vec!["ethkey", "info", "--brain", "this is sparta"]
-            .into_iter()
-            .map(Into::into)
-            .collect::<Vec<String>>();
-
-        let expected =
-"The recover phrase was not generated by Parity: The word 'this' does not come from the dictionary.
-
-secret:  aa22b54c0cb43ee30a014afe5ef3664b1cde299feabca46cd3167a85a57c39f2
-public:  c4c5398da6843632c123f543d714d2d2277716c11ff612b2a2f23c6bda4d6f0327c31cd58c55a9572c3cc141dade0c32747a13b7ef34c241b26c84adbb28fcf4
-address: 006e27b6a72e1f34c626762f3c4761547aff1421".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn secret() {
-        let command = vec!["ethkey", "info", "--brain", "this is sparta", "--secret"]
-            .into_iter()
-            .map(Into::into)
-            .collect::<Vec<String>>();
-
-        let expected =
-            "aa22b54c0cb43ee30a014afe5ef3664b1cde299feabca46cd3167a85a57c39f2".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn public() {
-        let command = vec!["ethkey", "info", "--brain", "this is sparta", "--public"]
-            .into_iter()
-            .map(Into::into)
-            .collect::<Vec<String>>();
-
-        let expected = "c4c5398da6843632c123f543d714d2d2277716c11ff612b2a2f23c6bda4d6f0327c31cd58c55a9572c3cc141dade0c32747a13b7ef34c241b26c84adbb28fcf4".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn address() {
-        let command = vec!["ethkey", "info", "-b", "this is sparta", "--address"]
-            .into_iter()
-            .map(Into::into)
-            .collect::<Vec<String>>();
-
-        let expected = "006e27b6a72e1f34c626762f3c4761547aff1421".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn sign() {
-        let command = vec![
-            "ethkey",
-            "sign",
-            "17d08f5fe8c77af811caa0c9a187e668ce3b74a99acc3f6d976f075fa8e0be55",
-            "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec987",
-        ]
-        .into_iter()
-        .map(Into::into)
-        .collect::<Vec<String>>();
-
-        let expected = "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn verify_valid_public() {
-        let command = vec!["ethkey", "verify", "public", "689268c0ff57a20cd299fa60d3fb374862aff565b20b5f1767906a99e6e09f3ff04ca2b2a5cd22f62941db103c0356df1a8ed20ce322cab2483db67685afd124", "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200", "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec987"]
-			.into_iter()
-			.map(Into::into)
-			.collect::<Vec<String>>();
-
-        let expected = "true".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn verify_valid_address() {
-        let command = vec!["ethkey", "verify", "address", "26d1ec50b4e62c1d1a40d16e7cacc6a6580757d5", "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200", "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec987"]
-			.into_iter()
-			.map(Into::into)
-			.collect::<Vec<String>>();
-
-        let expected = "true".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-
-    #[test]
-    fn verify_invalid() {
-        let command = vec!["ethkey", "verify", "public", "689268c0ff57a20cd299fa60d3fb374862aff565b20b5f1767906a99e6e09f3ff04ca2b2a5cd22f62941db103c0356df1a8ed20ce322cab2483db67685afd124", "c1878cf60417151c766a712653d26ef350c8c75393458b7a9be715f053215af63dfd3b02c2ae65a8677917a8efa3172acb71cb90196e42106953ea0363c5aaf200", "bd50b7370c3f96733b31744c6c45079e7ae6c8d299613246d28ebcef507ec986"]
-			.into_iter()
-			.map(Into::into)
-			.collect::<Vec<String>>();
-
-        let expected = "false".to_owned();
-        assert_eq!(execute(command).unwrap(), expected);
-    }
-}