How to securely use your private keys in python

in #python5 months ago

Hello everyone!

I apologize for the late post. School sometimes gets really busy, but I am glad to be back!

INTRO

Today I want to explore how to securely use your private key in python. Private keys make the blockchain what it is. It allows for security, transactions, and many other applications to be carried out. But most importantly it holds value ESPECIALLY if you have any HIVE, HIVE Power, or HBD. To do this we will be using a python library called beem ! It is super useful and well maintained for python users. It comes with BIP38 encrypted wallet and a terminal client called beempy. We will be able to securely store our private keys in beempy. This makes using our account, or others much more safer!

GETTING STARTED

There are a couple of different ways to start our programming. I prefer to create a virtual environment in python. If you want to know more about what a virtual environment is look at this post on the HIVE Blockchain by @themarkymark - python-virtual-environment-post

As @themarkymark described it we will be using pipenv for making our virtual environments.

Create a new folder

terminal
$mkdir secure_key_for_hive
$cd secure_key_for_hive

Then we now need to create our new virtual environment by installing our libraries through pipenv

terminal
~/secure_key_for_hive$ pipenv install beem

You should get a screen that looks something like this:

terminal
Creating a virtualenv for this project...
Pipfile: /your_directories/secure_key_for_hive/Pipfile
Using /usr/bin/python3.8 (3.8.10) to create virtualenv...
⠸ Creating virtual environment...created virtual environment CPython3.8.10.final.0-64 in 211ms
  creator CPython3Posix(dest=.local/share/virtualenvs/secure_key_for_hive-HZNg2hxH, clear=False, no_vcs_ignore=False, global=False)
  seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=.local/share/virtualenv)
    added seed packages: pip==22.0.3, setuptools==60.6.0, wheel==0.37.1
  activators BashActivator,CShellActivator,FishActivator,NushellActivator,PowerShellActivator,PythonActivator

✔ Successfully created virtual environment! 
Virtualenv location: .local/share/virtualenvs/secure_key_for_hive-HZNg2hxH
Creating a Pipfile for this project...
Installing beem...
Adding beem to Pipfile's [packages]...
✔ Installation Succeeded 
Pipfile.lock not found, creating...
Locking [dev-packages] dependencies...
Locking [packages] dependencies...
Building requirements...
Resolving dependencies...
✔ Success! 
Updated Pipfile.lock (43d885)!
Installing dependencies from Pipfile.lock (43d885)...
  🐍   ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 0/0 — 00:00:00
To activate this project's virtualenv, run pipenv shell.
Alternatively, run a command inside the virtualenv with pipenv run.


We will not be using any other libraries other than beem for this project so now we have to switch to our virtual environment!

terminal
pipenv shell

and you should get something like this:

terminal
your_directories/secure_key_for_hive$  . 
.local/share/virtualenvs/secure_key_for_hive-HZNg2hxH/bin/activate
(secure_key_for_hive) your_directories/secure_key_for_hive$

Cool now we are ready to get programming in your virtual environment! As I stated above this step is not required especially if you are brand new to python, but it is something worth learning! But it is not super easy to use and I still have some trouble using it so be patient and if you ever get frustrated just take a break!

Python Code

Now we will write our first bit of code! We need to import beem as such

python

from beem import Hive
from beem.account import Account


Now when using your account in python with beem the not secure way would be like this:

python

h = Hive(keys=['<private_posting_key>', '<private_active_key>'])
a = Account('demo', blockchain_instance=h)

Now this is pretty unsafe, because if someone gets into your code they can see your private key! That would be bad!!!

So beem allows us to solve this by storing our private key information in the beempy client beem offers! (very convenient for us and non convenient for hackers)

To do this we need to open up the folder our code is in the terminal and activate beempy

terminal 

$ beempy
Starting beempy... (use help to list all commands)
beempy>


Before we use beempy I do want to say it is a little confusing at first and the documentation on it is sometimes a little unclear. But thats okay! You will start with adding an account in beempy.

beempy

beempy> importaccount 'your_user_name'

This will import your account name.
It will ask you to enter in the following:

beempy

Password to unlock wallet or posting/active wif:
Wallet Unlocked!
Account Passphrase:
No matching key(s) found. Password correct?

After it asks for posting/active wif: enter 0, choose 1 when using a cold card.
Then set a passphrase to access your accounts through beempy in the future.

Boala now we can do this in python:

python

h = Hive()
h.wallet.unlock("the password you set earlier")
h.wallet.getActiveKeyForAccount('armoredbanana')

a = Account('armoredbanana', blockchain_instance=h)

Congratulations you did it! Now you can securely use your account in python code! This step is very important especially if you are dealing with some real funds here!

Thank you for @trostparadox for teaching the class on the blockchain and hive!