What is wrong?
Right now, we can import a key to the key store for the validator client and encrypt it on disk using eth_keyfile.
We only ask the user for the password to this file once, with no confirmation. Obviously bad for typo failure modes.
How can it be fixed
Confirm the password and make sure they match before accepting the imported key.
What is wrong?
Right now, we can import a key to the key store for the validator client and encrypt it on disk using
eth_keyfile.We only ask the user for the password to this file once, with no confirmation. Obviously bad for typo failure modes.
How can it be fixed
Confirm the password and make sure they match before accepting the imported key.