bittensor.keyfile#

Attributes#

Classes#

keyfile

Defines an interface for a substrate interface keypair stored on device.

Mockkeyfile

The Mockkeyfile is a mock object representing a keyfile that does not exist on the device.

Functions#

serialized_keypair_to_keyfile_data(keypair)

Serializes keypair object into keyfile data.

deserialize_keypair_from_keyfile_data(keyfile_data)

Deserializes Keypair object from passed keyfile data.

validate_password(password)

Validates the password against a password policy.

ask_password_to_encrypt()

Prompts the user to enter a password for key encryption.

keyfile_data_is_encrypted_nacl(keyfile_data)

Returns true if the keyfile data is NaCl encrypted.

keyfile_data_is_encrypted_ansible(keyfile_data)

Returns true if the keyfile data is ansible encrypted.

keyfile_data_is_encrypted_legacy(keyfile_data)

Returns true if the keyfile data is legacy encrypted.

keyfile_data_is_encrypted(keyfile_data)

Returns true if the keyfile data is encrypted.

keyfile_data_encryption_method(keyfile_data)

Returns true if the keyfile data is encrypted.

legacy_encrypt_keyfile_data(keyfile_data[, password])

encrypt_keyfile_data(keyfile_data[, password])

Encrypts the passed keyfile data using ansible vault.

get_coldkey_password_from_environment(coldkey_name)

Retrieves the cold key password from the environment variables.

decrypt_keyfile_data(keyfile_data[, password, ...])

Decrypts the passed keyfile data using ansible vault.

Module Contents#

bittensor.keyfile.NACL_SALT = b'\x13q\x83\xdf\xf1Z\t\xbc\x9c\x90\xb5Q\x879\xe9\xb1'#
bittensor.keyfile.serialized_keypair_to_keyfile_data(keypair)[source]#

Serializes keypair object into keyfile data.

Parameters:

keypair (bittensor.Keypair) – The keypair object to be serialized.

Returns:

Serialized keypair data.

Return type:

data (bytes)

bittensor.keyfile.deserialize_keypair_from_keyfile_data(keyfile_data)[source]#

Deserializes Keypair object from passed keyfile data.

Parameters:

keyfile_data (bytes) – The keyfile data as bytes to be loaded.

Returns:

The Keypair loaded from bytes.

Return type:

keypair (bittensor.Keypair)

Raises:

KeyFileError – Raised if the passed bytes cannot construct a keypair object.

bittensor.keyfile.validate_password(password)[source]#

Validates the password against a password policy.

Parameters:

password (str) – The password to verify.

Returns:

True if the password meets validity requirements.

Return type:

valid (bool)

bittensor.keyfile.ask_password_to_encrypt()[source]#

Prompts the user to enter a password for key encryption.

Returns:

The valid password entered by the user.

Return type:

password (str)

bittensor.keyfile.keyfile_data_is_encrypted_nacl(keyfile_data)[source]#

Returns true if the keyfile data is NaCl encrypted.

Parameters:

keyfile_data (bytes, required) – Bytes to validate.

Returns:

True if data is ansible encrypted.

Return type:

is_nacl (bool)

bittensor.keyfile.keyfile_data_is_encrypted_ansible(keyfile_data)[source]#

Returns true if the keyfile data is ansible encrypted.

Parameters:

keyfile_data (bytes) – The bytes to validate.

Returns:

True if the data is ansible encrypted.

Return type:

is_ansible (bool)

bittensor.keyfile.keyfile_data_is_encrypted_legacy(keyfile_data)[source]#

Returns true if the keyfile data is legacy encrypted. :param keyfile_data: The bytes to validate. :type keyfile_data: bytes

Returns:

True if the data is legacy encrypted.

Return type:

is_legacy (bool)

Parameters:

keyfile_data (bytes)

bittensor.keyfile.keyfile_data_is_encrypted(keyfile_data)[source]#

Returns true if the keyfile data is encrypted.

Parameters:

keyfile_data (bytes) – The bytes to validate.

Returns:

True if the data is encrypted.

Return type:

is_encrypted (bool)

bittensor.keyfile.keyfile_data_encryption_method(keyfile_data)[source]#

Returns true if the keyfile data is encrypted.

Parameters:

keyfile_data (bytes, required) – Bytes to validate

Returns:

True if data is encrypted.

Return type:

encryption_method (bool)

bittensor.keyfile.legacy_encrypt_keyfile_data(keyfile_data, password=None)[source]#
Parameters:
Return type:

bytes

bittensor.keyfile.encrypt_keyfile_data(keyfile_data, password=None)[source]#

Encrypts the passed keyfile data using ansible vault.

Parameters:
  • keyfile_data (bytes) – The bytes to encrypt.

  • password (str, optional) – The password used to encrypt the data. If None, asks for user input.

Returns:

The encrypted data.

Return type:

encrypted_data (bytes)

bittensor.keyfile.get_coldkey_password_from_environment(coldkey_name)[source]#

Retrieves the cold key password from the environment variables.

Parameters:

coldkey_name (str) – The name of the cold key.

Returns:

The password retrieved from the environment variables, or None if not found.

Return type:

password (str)

bittensor.keyfile.decrypt_keyfile_data(keyfile_data, password=None, coldkey_name=None)[source]#

Decrypts the passed keyfile data using ansible vault.

Parameters:
  • keyfile_data (bytes) – The bytes to decrypt.

  • password (str, optional) – The password used to decrypt the data. If None, asks for user input.

  • coldkey_name (str, optional) – The name of the cold key. If provided, retrieves the password from environment variables.

Returns:

The decrypted data.

Return type:

decrypted_data (bytes)

Raises:

KeyFileError – Raised if the file is corrupted or if the password is incorrect.

class bittensor.keyfile.keyfile(path)[source]#

Defines an interface for a substrate interface keypair stored on device.

Parameters:

path (str)

path#
name#
__str__()[source]#
__repr__()[source]#
property keypair: bittensor.Keypair#

Returns the keypair from path, decrypts data if the file is encrypted.

Returns:

The keypair stored under the path.

Return type:

keypair (bittensor.Keypair)

Raises:

KeyFileError – Raised if the file does not exist, is not readable, writable, corrupted, or if the password is incorrect.

property data: bytes#

Returns the keyfile data under path.

Returns:

The keyfile data stored under the path.

Return type:

keyfile_data (bytes)

Raises:

KeyFileError – Raised if the file does not exist, is not readable, or writable.

property keyfile_data: bytes#

Returns the keyfile data under path.

Returns:

The keyfile data stored under the path.

Return type:

keyfile_data (bytes)

Raises:

KeyFileError – Raised if the file does not exist, is not readable, or writable.

set_keypair(keypair, encrypt=True, overwrite=False, password=None)[source]#

Writes the keypair to the file and optionally encrypts data.

Parameters:
  • keypair (bittensor.Keypair) – The keypair to store under the path.

  • encrypt (bool, optional) – If True, encrypts the file under the path. Default is True.

  • overwrite (bool, optional) – If True, forces overwrite of the current file. Default is False.

  • password (str, optional) – The password used to encrypt the file. If None, asks for user input.

Raises:

KeyFileError – Raised if the file does not exist, is not readable, writable, or if the password is incorrect.

get_keypair(password=None)[source]#

Returns the keypair from the path, decrypts data if the file is encrypted.

Parameters:

password (str, optional) – The password used to decrypt the file. If None, asks for user input.

Returns:

The keypair stored under the path.

Return type:

keypair (bittensor.Keypair)

Raises:

KeyFileError – Raised if the file does not exist, is not readable, writable, corrupted, or if the password is incorrect.

make_dirs()[source]#

Creates directories for the path if they do not exist.

exists_on_device()[source]#

Returns True if the file exists on the device.

Returns:

True if the file is on the device.

Return type:

on_device (bool)

is_readable()[source]#

Returns True if the file under path is readable.

Returns:

True if the file is readable.

Return type:

readable (bool)

is_writable()[source]#

Returns True if the file under path is writable.

Returns:

True if the file is writable.

Return type:

writable (bool)

is_encrypted()[source]#

Returns True if the file under path is encrypted.

Returns:

True if the file is encrypted.

Return type:

encrypted (bool)

_may_overwrite()[source]#

Asks the user if it is okay to overwrite the file.

Returns:

True if the user allows overwriting the file.

Return type:

may_overwrite (bool)

check_and_update_encryption(print_result=True, no_prompt=False)[source]#

Check the version of keyfile and update if needed.

Parameters:
  • print_result (bool) – Print the checking result or not.

  • no_prompt (bool) – Skip if no prompt.

Raises:

KeyFileError – Raised if the file does not exists, is not readable, writable.

Returns:

Return True if the keyfile is the most updated with nacl, else False.

Return type:

result (bool)

encrypt(password=None)[source]#

Encrypts the file under the path.

Parameters:

password (str, optional) – The password for encryption. If None, asks for user input.

Raises:

KeyFileError – Raised if the file does not exist, is not readable, or writable.

decrypt(password=None)[source]#

Decrypts the file under the path.

Parameters:

password (str, optional) – The password for decryption. If None, asks for user input.

Raises:

KeyFileError – Raised if the file does not exist, is not readable, writable, corrupted, or if the password is incorrect.

_read_keyfile_data_from_file()[source]#

Reads the keyfile data from the file.

Returns:

The keyfile data stored under the path.

Return type:

keyfile_data (bytes)

Raises:

KeyFileError – Raised if the file does not exist or is not readable.

_write_keyfile_data_to_file(keyfile_data, overwrite=False)[source]#

Writes the keyfile data to the file.

Parameters:
  • keyfile_data (bytes) – The byte data to store under the path.

  • overwrite (bool, optional) – If True, overwrites the data without asking for permission from the user. Default is False.

Raises:

KeyFileError – Raised if the file is not writable or the user responds No to the overwrite prompt.

class bittensor.keyfile.Mockkeyfile(path)[source]#

The Mockkeyfile is a mock object representing a keyfile that does not exist on the device.

It is designed for use in testing scenarios and simulations where actual filesystem operations are not required. The keypair stored in the Mockkeyfile is treated as non-encrypted and the data is stored as a serialized string.

Initializes a Mockkeyfile object.

Parameters:

path (str) – The path of the mock keyfile.

path#
_mock_keypair = None#
_mock_data = None#
__str__()[source]#

Returns a string representation of the Mockkeyfile. The representation will indicate if the keyfile is empty, encrypted, or decrypted.

Returns:

The string representation of the Mockkeyfile.

Return type:

str

__repr__()[source]#

Returns a string representation of the Mockkeyfile, same as __str__().

Returns:

The string representation of the Mockkeyfile.

Return type:

str

property keypair#
Returns the mock keypair stored in the keyfile.
Returns:

The mock keypair.

Return type:

bittensor.Keypair

property data#
Returns the serialized keypair data stored in the keyfile.
Returns:

The serialized keypair data.

Return type:

bytes

set_keypair(keypair, encrypt=True, overwrite=False, password=None)[source]#

Sets the mock keypair in the keyfile. The encrypt and overwrite parameters are ignored.

Parameters:
  • keypair (bittensor.Keypair) – The mock keypair to be set.

  • encrypt (bool, optional) – Ignored in this context. Defaults to True.

  • overwrite (bool, optional) – Ignored in this context. Defaults to False.

  • password (str, optional) – Ignored in this context. Defaults to None.

get_keypair(password=None)[source]#

Returns the mock keypair stored in the keyfile. The password parameter is ignored.

Parameters:

password (str, optional) – Ignored in this context. Defaults to None.

Returns:

The mock keypair stored in the keyfile.

Return type:

bittensor.Keypair

make_dirs()[source]#

Creates the directories for the mock keyfile. Does nothing in this class, since no actual filesystem operations are needed.

exists_on_device()[source]#

Returns True indicating that the mock keyfile exists on the device (although it is not created on the actual file system).

Returns:

Always returns True for Mockkeyfile.

Return type:

bool

is_readable()[source]#

Returns True indicating that the mock keyfile is readable (although it is not read from the actual file system).

Returns:

Always returns True for Mockkeyfile.

Return type:

bool

is_writable()[source]#

Returns True indicating that the mock keyfile is writable (although it is not written to the actual file system).

Returns:

Always returns True for Mockkeyfile.

Return type:

bool

is_encrypted()[source]#

Returns False indicating that the mock keyfile is not encrypted.

Returns:

Always returns False for Mockkeyfile.

Return type:

bool

encrypt(password=None)[source]#

Raises a ValueError since encryption is not supported for the mock keyfile.

Parameters:

password (str, optional) – Ignored in this context. Defaults to None.

Raises:

ValueError – Always raises this exception for Mockkeyfile.

decrypt(password=None)[source]#

Returns without doing anything since the mock keyfile is not encrypted.

Parameters:

password (str, optional) – Ignored in this context. Defaults to None.

check_and_update_encryption(no_prompt=None, print_result=False)[source]#