Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Export CLI + iframe style customization #121

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
+78 −23
Open

Export CLI + iframe style customization #121

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ac07e93
add export cli to export integration guide
May 6, 2024
df24b92
add import iframe styles guide
May 6, 2024
146e593
more details on encryption-key-name flag
May 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 50 additions & 2 deletions docs/documentation/features/export-wallets.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,57 @@ slug: /features/export-wallets

# Export Wallets and Keys

Turnkey's export functionality allows your end users to backup or transfer a [Wallet](/concepts/Wallets) by securely viewing the wallet's [mnemonic phrase](https://learnmeabitcoin.com/technical/mnemonic). We engineered this feature to ensure that the user can export their mnemonic without exposing the mnemonic itself to Turnkey or your application.
Turnkey's export functionality allows your end users to backup or transfer a [Wallet](/concepts/Wallets) by securely viewing the wallet's [mnemonic phrase](https://learnmeabitcoin.com/technical/mnemonic). We engineered this feature to ensure that the user can export their mnemonic or private key without exposing the mnemonic itself to Turnkey or your application.

Follow along with the Embedded iframe guide.
Follow along with the CLI or Embedded iframe guide.

## CLI

Install the latest version of Turnkey CLI to access the new export functionality. You can find detailed instructions for installation [here](https://github.com/tkhq/tkcli).

### Steps

1. Generate an encryption key:
```sh
turnkey generate encryption-key \
--user $USER_ID \
--organization $ORGANIZATION_ID \
--encryption-key-name "demo-enc"
```
- The `--user` flag (required) is the id of the user exporting the private key; this is required because the underlying encryption keys used for import are scoped to each user.
- The `--encryption-key-name` (optional) is the name of the encryption key that you will use in Step 2. By default, the encryption key's name is "default".

2. Export private key:
```sh
turnkey wallets export \
--user $USER_ID \
--name "demo key" \
--export-bundle-output "./export_bundle.txt" \
--encryption-key-name "demo-enc" \
--key-name demo
```
- The `--export-bundle-output` (required) flag is the desired output file path for the "export bundle” that will be sent from Turnkey.
- The `--encryption-key--name` (optional) flag specifies the one-time encryption key that you will use to export the wallet or private key.
- Reminder: The `--key-name` (optional) flag specifies the name of API key with which to interact with the Turnkey API service. This should be the name of a previously created key. If you do not have one, visit the quickstart guide for help creating one.

3. Decrypt without saving plaintext to filesystem. This can be done offline:
```sh
turnkey decrypt \
--export-bundle-input "./export_bundle.txt"
```
- The `--export-bundle-input` (required) flag is the desired input file path for the "export bundle” that was sent from Turnkey in Step 2. The export bundle” contains the ephemeral public key generated by the CLI as part of the shared secret computation with the Turnkey signer enclave. It also contains the ciphertext, which is the plaintext input encrypted by the Turnkey signer’s ephemeral public key.
- The `--plaintext-output` (optional) flag is the desired output file path for the private key plaintext. If you don't pass this flag, the plaintext will be written to stdout.

### Private Key support

Turnkey CLI also supports exporting private keys. Follow the same steps as exporting a wallet via CLI but use the `turnkey private-keys` commands instead. In Step 3 (`decrypt`), pass a `--key-format` flag for key-specific formatting; the options for private keys are:
- `hexadecimal`: Used for Ethereum. Examples: 0x13eff5b3f9c63eab5d53cff5149f01606b69325496e0e98b53afa938d890cd2e, 13eff5b3f9c63eab5d53cff5149f01606b69325496e0e98b53afa938d890cd2e
- `solana`: Used for Solana. It’s a base58-encoding of the concatenation of the private key and public key bytes. Example: 2P3qgS5A18gGmZJmYHNxYrDYPyfm6S3dJgs8tPW6ki6i2o4yx7K8r5N8CF7JpEtQiW8mx1kSktpgyDG1xuWNzfsM
```sh
turnkey decrypt \
--export-bundle-input "./export_bundle.txt" \
--key-format “hexadecimal”
```

## Embedded iframe

Expand Down
49 changes: 28 additions & 21 deletions docs/documentation/features/import-wallets.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ turnkey wallets init-import \
```
- The `--user` flag (required) is the id of the user importing the private key; this is required because the underlying encryption keys used for import are scoped to each user.
- The `--import-bundle-output` (required) flag is the desired output file path for the “import bundle” that will be received from Turnkey. The “import bundle” contains the ephemeral public key generated by the Turnkey signer enclave for the specified user. The private key plaintext is encrypted to this public key in Step 2.
- Reminder: The `--key-name` flag specifies the name of API key with which to interact with the Turnkey API service. This should be the name of a previously created key. If you do not have one, visit the quickstart guide for help creating one.
- Reminder: The `--key-name` (optional) flag specifies the name of API key with which to interact with the Turnkey API service. This should be the name of a previously created key. If you do not have one, visit the quickstart guide for help creating one.

2. Encrypt without saving plaintext to filesystem. This can be done offline:
```sh
Expand Down Expand Up @@ -141,30 +141,37 @@ Import is complete!

In your Turnkey dashboard, the imported user Wallet will be flagged as “Imported”.

## UI customization

Everything is customizable in the import iframe except the sentence of mnemonic words, which is minimally styled: the text is left-aligned and the padding and margins are zero. Here's an example of how you can configure the styling of the iframe.
### UI customization

Use `iframeStamper.applySettings(settings)` where settings currently consists of the `styles` object with the following accepted CSS style properties in the example:
```js
const iframeCss = `
iframe {
box-sizing: border-box;
width: 400px;
height: 120px;
border-radius: 8px;
border-width: 1px;
border-style: solid;
border-color: rgba(216, 219, 227, 1);
padding: 20px;
{
"styles": {
"padding": "10px",
"margin": "10px",
"borderWidth": "1px",
"borderStyle": "solid",
"borderColor": "transparent",
"borderRadius": "5px",
"fontSize": "16px",
"fontWeight": "bold",
"fontFamily": "SFMono-Regular, Menlo, Monaco, Consolas, monospace",
"color": "#000000",
"backgroundColor": "rgb(128, 0, 128)",
"width": "100%",
"height": "auto",
"maxWidth": "100%",
"maxHeight": "100%",
"lineHeight": "1.25rem",
"boxShadow": "0px 0px 10px #aaa",
"textAlign": "center",
"overflowWrap": "break-word",
"wordWrap": "break-word",
"resize": "none"
}
}
`;

return (
<div style={{ display: iframeDisplay }} id="your-container">
<style>{iframeCss}</style>
</div>
);
```
Each accepted styles property is strictly validated and santizied before being applied to the textbox containing the plaintext.

### Private Key support

Expand Down