View on GitHub
File Changes
    And I see the create wallet dialog
    And I submit the create wallet with spending password dialog with the following inputs:
      | walletName | password  | repeatedPassword |
-
      | New wallet | Secret123 | Secret123        |
+
      | New wallet | Secret1234 | Secret1234      |
    And I see the create wallet privacy dialog
    And I click on "Please make sure nobody looks your screen" checkbox
    And I submit the create wallet privacy dialog
    And I should see wallet spending password inputs
    And I enter wallet spending password:
      | password  | repeatedPassword |
-
      | Secret123 | Secret123        |
+
      | Secret1234 | Secret1234      |
    And I click on the import wallet button in import wallet dialog
    Then I should not see the import wallet dialog anymore
    And I should have newly created "Imported Wallet" wallet loaded
    And I see the restore wallet dialog
    And I enter wallet name "Restored wallet" in restore wallet dialog
    And I enter recovery phrase in restore wallet dialog:
-
      | recoveryPhrase                                                            |
+
      | recoveryPhrase                                                                               |
      | turkey size valley cross wear erase enjoy post vivid leisure sustain that twelve grow travel |
    And I toggle "Spending password" switch on the restore wallet dialog
    And I submit the restore wallet dialog
    And I should be on the "Restored wallet" wallet "summary" screen
    And I should see the restore status notification while restore is running
    And I should not see the restore status notification once restore is finished
-
  
+

                      
  Scenario: Successfully Restoring a Wallet with spending password
    Given The sidebar shows the "wallets" category
    When I click on the add wallet button in the sidebar
    And I see the restore wallet dialog
    And I enter wallet name "Restored wallet" in restore wallet dialog
    And I enter recovery phrase in restore wallet dialog:
-
      | recoveryPhrase                                                            |
+
      | recoveryPhrase                                                                               |
      | turkey size valley cross wear erase enjoy post vivid leisure sustain that twelve grow travel |
    And I enter wallet password in restore wallet dialog:
      | password  | repeatedPassword |
-
      | Secret123 | Secret123        |
+
      | Secret1234 | Secret1234      |
    And I submit the restore wallet dialog
    Then I should not see the restore wallet dialog anymore
    And I should have newly created "Restored wallet" wallet loaded
    And the transaction fees are calculated
    And I click on the next button in the wallet send form
    And I see send money confirmation dialog
-
    And I enter wallet spending password in confirmation dialog "Secret123"
+
    And I enter wallet spending password in confirmation dialog "Secret1234"
    And I submit the wallet send form
    Then I should be on the "Imported Wallet" wallet "summary" screen
    And the latest transaction should show:
        daedalus.api.ada.createWallet({
          name: wallet.name,
          mnemonic: daedalus.utils.crypto.generateMnemonic(),
-
          spendingPassword: wallet.password || 'Secret123',
+
          spendingPassword: wallet.password || 'Secret1234',
        })
      )
    )
        .createWallet({
          name: wallet.name,
          mnemonic: daedalus.utils.crypto.generateMnemonic(),
-
          spendingPassword: wallet.password || 'Secret123',
+
          spendingPassword: wallet.password || 'Secret1234',
        })
        .then(() =>
          daedalus.stores.wallets.walletsRequest
Given(/^I have a "Imported Wallet" with funds and password$/, async function() {
  await importWalletWithFunds(this.client, {
    keyFilePath: defaultWalletKeyFilePath,
-
    password: null, // 'Secret123',
+
    password: null, // 'Secret1234',
  });
  const wallet = await waitUntilWalletIsLoaded.call(this, 'Imported Wallet');
  addOrSetWalletsForScenario.call(this, wallet);
      .updateSpendingPassword({
        walletId,
        oldPassword: null,
-
        newPassword: 'Secret123',
+
        newPassword: 'Secret1234',
      })
      .then(() =>
        daedalus.stores.wallets

                      
  Scenario: Generating wallet address for a wallet with spending password
    Given I have the following wallets:
-
      | name   | password  |
-
      | first  | Secret123 |
+
      | name   | password   |
+
      | first  | Secret1234 |
    And I am on the "first" wallet "receive" screen
    And I have one wallet address
-
    And I enter spending password "Secret123"
+
    And I enter spending password "Secret1234"
    And I click on the "Generate new address" button
    Then I should see newly generated address as active address on the wallet receive screen
  Background:
    Given I have completed the basic setup
    And I have the following wallets:
-
      | name   | password  |
-
      | first  |           |
-
      | second | Secret123 |
+
      | name   | password   |
+
      | first  |            |
+
      | second | Secret1234 |

                      
  # It is not possible to set wallet password because it is always available and required in API v2
  @skip
    And I click on the "create" password label
    And I should see the "create" wallet password dialog
    And I enter wallet password:
-
      | password  | repeatedPassword |
-
      | Secret123 | Secret123        |
+
      | password   | repeatedPassword |
+
      | Secret1234 | Secret1234       |
    And I submit the wallet password dialog
    Then I should see "change" label in password field

                      
    And I click on the "change" password label
    And I should see the "change" wallet password dialog
    And I change wallet password:
-
      | currentPassword | password     | repeatedPassword |
-
      | Secret123       | newSecret123 | newSecret123     |
+
      | currentPassword | password      | repeatedPassword |
+
      | Secret1234      | newSecret1234 | newSecret1234    |
    And I submit the wallet password dialog
    Then I should not see the change password dialog anymore

                      
    And I click on the "change" password label
    And I should see the "change" wallet password dialog
    And I change wallet password:
-
      | currentPassword | password     | repeatedPassword |
-
      | Secret123Wrong  | newSecret123 | newSecret123     |
+
      | currentPassword  | password      | repeatedPassword |
+
      | Secret1234Wrong  | newSecret1234 | newSecret1234    |
    And I submit the wallet password dialog
    Then I should see error message that old password is not correct
-
  
+

                      
  Scenario: User changes wallet password to one which contains only cyrillic characters and numbers
    Given I am on the "second" wallet "settings" screen
    And I click on the "change" password label
    And I should see the "change" wallet password dialog
    And I change wallet password:
      | currentPassword | password           | repeatedPassword   |
-
      | Secret123       | ЬнЫгзукЗфыыцщкв123 | ЬнЫгзукЗфыыцщкв123 |
+
      | Secret1234      | ЬнЫгзукЗфыыцщкв123 | ЬнЫгзукЗфыыцщкв123 |
    And I submit the wallet password dialog
    Then I should not see the change password dialog anymore
-
  
+

                      
  Scenario: User changes wallet password to one which contains only japanese characters and numbers
    Given I am on the "second" wallet "settings" screen
    And I click on the "change" password label
    And I should see the "change" wallet password dialog
    And I change wallet password:
      | currentPassword | password     | repeatedPassword |
-
      | Secret123       | 新しい秘密123  | 新しい秘密123     |
+
      | Secret1234      | 新しい秘密123  | 新しい秘密123     |
    And I submit the wallet password dialog
    Then I should not see the change password dialog anymore

                      
    And I should see the "change" wallet password dialog
    And I toggle "Check to deactivate password" switch on the change wallet password dialog
    And I enter current wallet password:
-
      | currentPassword |
-
      | Secret123       |
+
      | currentPassword  |
+
      | Secret1234       |
    And I submit the wallet password dialog
    Then I should see "create" label in password field

                      
} from '../ipc/cardano.ipc';
import patchAdaApi from './utils/patchAdaApi';
import { isValidMnemonic } from '../../../common/crypto/decrypt';
-
import { utcStringToDate, encryptPassphrase } from './utils';
+
import { utcStringToDate } from './utils';
import { Logger } from '../utils/logging';
import {
  unscrambleMnemonics,
      name,
      mnemonic,
      mnemonicPassphrase,
-
      spendingPassword: passwordString,
+
      spendingPassword,
      addressPoolGap,
    } = request;
-
    const spendingPassword = passwordString
-
      ? encryptPassphrase(passwordString)
-
      : '';
    try {
      const walletInitData = {
        name,
        mnemonic_sentence: split(mnemonic, ' '),
        mnemonic_second_factor: mnemonicPassphrase,
-
        passphrase: spendingPassword,
+
        passphrase: spendingPassword || '',
        address_pool_gap: addressPoolGap,
      };
      const wallet: AdaWallet = await createWallet(this.config, {
      walletId,
      address,
      amount,
-
      spendingPassword: passwordString,
+
      spendingPassword,
    } = request;
-
    const spendingPassword = passwordString
-
      ? encryptPassphrase(passwordString)
-
      : '';
    try {
      const data = {
        source: {
          },
        ],
        groupingPolicy: 'OptimizeForSecurity',
-
        spendingPassword,
+
        spendingPassword: spendingPassword || '',
      };
      const response: Transaction = await createTransaction(this.config, {
        data,
    Logger.debug('AdaApi::createAddress called', {
      parameters: filterLogData(request),
    });
-
    const {
-
      accountIndex,
-
      walletId,
-
      spendingPassword: passwordString,
-
    } = request;
-
    const spendingPassword = passwordString
-
      ? encryptPassphrase(passwordString)
-
      : '';
+
    const { accountIndex, walletId, spendingPassword } = request;
    try {
      const address: Address = await createAddress(this.config, {
-
        spendingPassword,
+
        spendingPassword: spendingPassword || '',
        accountIndex,
        walletId,
      });
    Logger.debug('AdaApi::restoreWallet called', {
      parameters: filterLogData(request),
    });
-
    const {
-
      recoveryPhrase,
-
      walletName,
-
      spendingPassword: passwordString,
-
    } = request;
-
    const spendingPassword = passwordString
-
      ? encryptPassphrase(passwordString)
-
      : '';
+
    const { recoveryPhrase, walletName, spendingPassword } = request;
    const walletInitData = {
      mnemonic_sentence: split(recoveryPhrase, ' '),
      name: walletName,
-
      passphrase: spendingPassword,
+
      passphrase: spendingPassword || '',
    };
    try {
      const wallet: AdaWallet = await restoreWallet(this.config, {
    Logger.debug('AdaApi::importWalletFromKey called', {
      parameters: filterLogData(request),
    });
-
    const { filePath, spendingPassword: passwordString } = request;
-
    const spendingPassword = passwordString
-
      ? encryptPassphrase(passwordString)
-
      : '';
+
    const { filePath, spendingPassword } = request;
    try {
      const importedWallet: AdaWallet = await importWalletAsKey(this.config, {
        filePath,
-
        spendingPassword,
+
        spendingPassword: spendingPassword || '',
      });
      Logger.debug('AdaApi::importWalletFromKey success', { importedWallet });
      return _createWalletFromServerData(importedWallet);
    Logger.debug('AdaApi::importWalletFromFile called', {
      parameters: filterLogData(request),
    });
-
    const { filePath, spendingPassword: passwordString } = request;
-
    const spendingPassword = passwordString
-
      ? encryptPassphrase(passwordString)
-
      : '';
+
    const { filePath, spendingPassword } = request;
    const isKeyFile =
      filePath
        .split('.')
        .pop()
        .toLowerCase() === 'key';
    try {
      const importedWallet: AdaWallet = isKeyFile
-
        ? await importWalletAsKey(this.config, { filePath, spendingPassword })
+
        ? await importWalletAsKey(this.config, {
+
            filePath,
+
            spendingPassword: spendingPassword || '',
+
          })
        : await importWalletAsJSON(this.config, filePath);
      Logger.debug('AdaApi::importWalletFromFile success', { importedWallet });
      return _createWalletFromServerData(importedWallet);
// @flow
-
import { size, has, get, omit, includes } from 'lodash';
+
import { size, omit, includes } from 'lodash';
import querystring from 'querystring';
-
import { encryptPassphrase, getContentLength } from '.';
+
import { getContentLength } from '.';

                      
export type RequestOptions = {
  hostname: string,
    let hasRequestBody = false;
    let requestBody = '';

                      
-
    let queryString = '';
    if (queryParams && size(queryParams) > 0) {
-
      // Handle passphrase
-
      if (has(queryParams, 'passphrase')) {
-
        const passphrase = get(queryParams, 'passphrase');
-

                      
-
        // If passphrase is present it must be encrypted and included in options.path
-
        if (passphrase) {
-
          const encryptedPassphrase = encryptPassphrase(passphrase);
-
          queryString = `?passphrase=${encryptedPassphrase}`;
-
        }
-

                      
-
        // Passphrase must be ommited from rest query params
-
        queryParams = omit(queryParams, 'passphrase');
-

                      
-
        if (size(queryParams > 1) && passphrase) {
-
          queryString += `&${querystring.stringify(queryParams)}`;
-
        }
-
      } else {
-
        queryString = `?${querystring.stringify(queryParams)}`;
-
      }
-

                      
-
      if (queryString) options.path += queryString;
+
      const queryString = `?${querystring.stringify(queryParams)}`;
+
      options.path += queryString;
    }

                      
    // Handle raw body params
// @flow
import type { RequestConfig } from '../../common/types';
import type { AdaWallet } from '../types';
-
import { encryptPassphrase } from '../../utils';
import { request } from '../../utils/request';

                      
export type ChangeSpendingPasswordParams = {
export const changeSpendingPassword = (
  config: RequestConfig,
  { walletId, oldPassword, newPassword }: ChangeSpendingPasswordParams
-
): Promise<AdaWallet> => {
-
  const encryptedOldPassphrase = oldPassword
-
    ? encryptPassphrase(oldPassword)
-
    : '';
-
  const encryptedNewPassphrase = newPassword
-
    ? encryptPassphrase(newPassword)
-
    : '';
-
  return request(
+
): Promise<AdaWallet> =>
+
  request(
    {
      method: 'PUT',
      path: `/v2/wallets/${walletId}/passphrase`,
      ...config,
    },
    {},
    {
-
      old_passphrase: encryptedOldPassphrase,
-
      new_passphrase: encryptedNewPassphrase,
+
      old_passphrase: oldPassword,
+
      new_passphrase: newPassword,
    }
  );
-
};
  passwordInstructions: {
    id: 'global.passwordInstructions',
    defaultMessage:
-
      '!!!Note that password needs to be at least 7 characters long, and have at least 1 uppercase, 1 lowercase letter and 1 number.',
+
      '!!!Note that password needs to be at least 10 characters long, and have at least 1 uppercase, 1 lowercase letter and 1 number.',
    description: 'Password instructions note.',
  },
  cancel: {
  "global.language.german": "!!!German",
  "global.language.japanese": "!!!Japanese",
  "global.language.korean": "!!!Korean",
-
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>7 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
+
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>10 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
  "global.spendingPasswordLabel": "!!!Spending Password",
  "global.spendingPasswordPlaceholder": "!!!Password",
  "global.unit.ada": "!!!Ada",
        }
      },
      {
-
        "defaultMessage": "!!!Note that password needs to be at least 7 characters long, and have at least 1 uppercase, 1 lowercase letter and 1 number.",
+
        "defaultMessage": "!!!Note that password needs to be at least 10 characters long, and have at least 1 uppercase, 1 lowercase letter and 1 number.",
        "description": "Password instructions note.",
        "end": {
          "column": 3,
  "global.language.german": "German",
  "global.language.japanese": "Japanese / 日本語",
  "global.language.korean": "Korean",
-
  "global.passwordInstructions": "Note that password needs to be at least <strong>7 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
+
  "global.passwordInstructions": "Note that password needs to be at least <strong>10 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
  "global.spendingPasswordLabel": "Spending Password",
  "global.spendingPasswordPlaceholder": "Password",
  "global.unit.ada": "ADA",
  "global.language.german": "!!!njemački",
  "global.language.japanese": "!!!japanski",
  "global.language.korean": "!!!korejski",
-
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>7 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
+
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>10 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
  "global.spendingPasswordLabel": "!!!Spending Password",
  "global.spendingPasswordPlaceholder": "!!!Password",
  "global.unit.ada": "!!!ada",
  "global.language.german": "ドイツ語",
  "global.language.japanese": "日本語",
  "global.language.korean": "韓国語",
-
  "global.passwordInstructions": "パスワードは7文字以上であり、英字大文字、小文字、数字を含む必要があります。",
+
  "global.passwordInstructions": "パスワードは10文字以上であり、英字大文字、小文字、数字を含む必要があります。",
  "global.spendingPasswordLabel": "送金時のパスワード",
  "global.spendingPasswordPlaceholder": "パスワード",
  "global.unit.ada": "ADA",
  "global.language.german": "!!!German",
  "global.language.japanese": "!!!Japanese",
  "global.language.korean": "!!!Korean",
-
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>7 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
+
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>10 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
  "global.spendingPasswordLabel": "!!!Spending Password",
  "global.spendingPasswordPlaceholder": "!!!Password",
  "global.unit.ada": "!!!Ada",
  "global.language.german": "!!!German",
  "global.language.japanese": "!!!Japanese",
  "global.language.korean": "!!!Korean",
-
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>7 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
+
  "global.passwordInstructions": "!!!Note that password needs to be at least <strong>10 characters</strong> long, and have at least <strong>1 uppercase</strong>, <strong>1 lowercase</strong> letter and <strong>1 number</strong>.",
  "global.spendingPasswordLabel": "!!!Spending Password",
  "global.spendingPasswordPlaceholder": "!!!Password",
  "global.unit.ada": "!!!Ada",
  // Validation rules (uses unicode categories for checks):
  // https://github.com/tc39/proposal-regexp-unicode-property-escapes

                      
-
  // Should contain at least 7 characters
-
  if (password.length < 7) return false;
+
  // Should contain at least 10 characters
+
  if (password.length < 10) return false;

                      
  // Must not contain white spaces
  if (containsWhitespace(password)) return false;