Add wallet key encryption service

2026-03-17 09:37:55 -05:00 · 2025-11-16 01:47:22 -06:00
parent b2f933762a
commit 1aa9329491
7 changed files with 149 additions and 9 deletions
--- a/backend/app/routers/auth.py
+++ b/backend/app/routers/auth.py
@@ -15,6 +15,7 @@ from app.auth import (
    get_current_active_user
 )
 from app.services.blockchain import BlockchainService
+from app.services.crypto import wallet_crypto, WalletKeyEncryptionError
 from datetime import datetime

 router = APIRouter(prefix="/api/auth", tags=["Authentication"])
@@ -40,6 +41,14 @@ async def register(user_data: UserCreate, db: AsyncSession = Depends(get_db)):
    # Generate wallet
    wallet_address, private_key = BlockchainService.generate_wallet_address()

+    try:
+        encrypted_private_key = wallet_crypto.encrypt(private_key)
+    except WalletKeyEncryptionError:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Unable to encrypt wallet key"
+        )
+
    # Create user
    user = User(
        username=user_data.username,
@@ -47,7 +56,7 @@ async def register(user_data: UserCreate, db: AsyncSession = Depends(get_db)):
        full_name=user_data.full_name,
        hashed_password=get_password_hash(user_data.password),
        wallet_address=wallet_address,
-        wallet_private_key=private_key,  # In production, encrypt this!
+        wallet_private_key=encrypted_private_key,
        balance=100.0,  # Starting bonus
        created_at=datetime.utcnow()
    )
--- a/backend/app/routers/blockchain.py
+++ b/backend/app/routers/blockchain.py
@@ -11,6 +11,7 @@ from app.models.user import User
 from app.models.blockchain import Block, Transaction, Wallet
 from app.auth import get_current_active_user
 from app.services.blockchain import BlockchainService
+from app.services.crypto import WalletKeyDecryptionError

 router = APIRouter(prefix="/api/blockchain", tags=["Blockchain"])

@@ -112,13 +113,19 @@ async def create_transaction(
        )

    # Create transaction
-    transaction = await BlockchainService.create_transaction(
-        db=db,
-        from_address=current_user.wallet_address,
-        to_address=tx_data.to_address,
-        amount=tx_data.amount,
-        private_key=current_user.wallet_private_key
-    )
+    try:
+        transaction = await BlockchainService.create_transaction(
+            db=db,
+            from_address=current_user.wallet_address,
+            to_address=tx_data.to_address,
+            amount=tx_data.amount,
+            encrypted_private_key=current_user.wallet_private_key
+        )
+    except WalletKeyDecryptionError:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Wallet key could not be decrypted"
+        )

    # Update balances (simplified - in production would be done on block confirmation)
    current_user.balance -= tx_data.amount