SAFE Network Dev Update - April 2, 2020

Nothing CLI above… all snapp focused.

So, the initial prompt in snapp [Safe Authenticator process not installed].[Install now] was the first click made but seemed to jump to be installing the CLI … I read that as that auth was installed and then CLI necessarily followed… but nothing of auth found in the reality of normal locations like ~/.safe/

Edit: double checking, all I did was the non install at ~/.safe/safe-cli
trying to prompt auth into action

$ ./safe auth
Creating '/home/davidpbrown/.local/share/safe-cli' folder
Authorising CLI application...
Note you can use this CLI from another console to authorise it with 'auth allow' command. Alternativelly, you can also use '--self-auth' flag with 'auth login' command to automatically self authorise the CLI app.
Awaiting for authorising response from authd...
[2020-04-06T17:39:52Z ERROR safe] safe-cli error: Application authorisation failed: [Error] AuthdClientError - Failed to create client endpoint: [Error] ClientError - Failed to read certificate from '/home/davidpbrown/.config/safe-authd/cert.der': No such file or directory (os error 2)
$ ./safe auth login
Passphrase: 
Password: 
Sending login action request to authd...
[2020-04-06T17:40:09Z ERROR safe] safe-cli error: [Error] AuthdClientError - Failed to create client endpoint: [Error] ClientError - Failed to read certificate from '/home/davidpbrown/.config/safe-authd/cert.der': No such file or directory (os error 2)
$ ./safe auth start
[2020-04-06T17:40:44Z ERROR safe] safe-cli error: [Error] AuthdClientError - Failed to execute authd from '/home/davidpbrown/.safe/authd/safe-authd': No such file or directory (os error 2)
$ 
3 Likes

I think it may have been a genuine timeout because now I’m not able to reproduce the error.

I’m not sure it’s a GUI issue per se, as some inconsistency in our libs. It’s not the first time these two have been the wrong way round, but it is consistent with the nodejs impl at the mo.

I’ll have a look at see what’s going on.


edit: @Southside @bochaco just pointed out that it wasn’t the naming that was wrong, just that they are in a different order in SNAPP vs the CLI :+1: In which case, yeh, we’d need to keep those consistent ideally

3 Likes

yes my point was if they were referred to be somewhat more different names, then such understandable confusion could be greatly reduced.
I like @jlpell suggestion of login/passphrase - however we would need to ensure that folk would treat both secrets securely. You would need to guard your login phrase every bit as much as your passphrase - AIUI.

1 Like

It’s not obvious to me why one passphrase won’t do. But if two parts are necessary, how about “Secret 1” and “Secret 2”?

I think this is hard to do. It’s a lot easier to have the login be shorter and easier to remember as a classifier, but then require the passphrase to have 256bits of entropy or higher. Another way to look at it is that the login is essentially an arbitrary seed extension to a typical mnemonic seed. The user will likely need a simple way to manage the passphrase since it will be too hard to remember…

examples:

Login: southside-personal
Passphrase: “side figure middle ocean diagram found sock amused deposit web captain degree oil various twist glue ugly concert awesome genre fix afford nurse vendor”

Login: southside-work
Passphrase: “my super awesome password you will never guess and I will never remember… 8962831a26cad19ac5e1418a5f907a907d375c6d51be608281f5b733c248d7bd4008439af224f3d52df2e500f38e939e1bd46dd9371b2bdc7101b0efcb65634”

2 Likes

I always wondered why apps often ask you for a short password with annoying rules instead. It is much easier to remember a line of a song, than some combination of letters, numbers and symbols.

2 Likes

But much harder to come up with on the fly for most people. Tradeoffs, tradeoffs.

Use the first word of the line of a song you wont forget then do substitutions

F14g0ttpfA14g0t2C ← long since retired but once did sterling service on a rather important bit of kit

For its a grand old team to play for,
And its a grand old team to see

Thank you for the heavy work team MaidSafe! I add the translation into Bulgarian in the first post :dragon:

7 Likes