wallet2 / simplewallet: Must opt-in to create '.address.txt' files for new wallets

Previously, a file containing the unencrypted Monero address was
created by default in the wallet's directory. This file might pose
as a privacy risk. The creation of this file is now opt-in and can
be enabled by providing

    --create-address-file

2 files changed, 72 insertions, 44 deletions

diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 4a6c6fad2..c97f9de07 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -318,6 +318,9 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
 
     GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, address, std::string, String, false, std::string());
 
+    GET_FIELD_FROM_JSON_RETURN_ON_ERROR(json, create_address_file, int, Int, false, false);
+    bool create_address_file = field_create_address_file;
+
     // compatibility checks
     if (!field_seed_found && !field_viewkey_found && !field_spendkey_found)
     {
@@ -372,11 +375,11 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
     {
       if (!field_seed.empty())
       {
-        wallet->generate(field_filename, field_password, recovery_key, recover, false);
+        wallet->generate(field_filename, field_password, recovery_key, recover, false, create_address_file);
       }
       else if (field_viewkey.empty() && !field_spendkey.empty())
       {
-        wallet->generate(field_filename, field_password, spendkey, recover, false);
+        wallet->generate(field_filename, field_password, spendkey, recover, false, create_address_file);
       }
       else
       {
@@ -402,14 +405,14 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
           {
             THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("Address must be specified in order to create watch-only wallet"));
           }
-          wallet->generate(field_filename, field_password, address, viewkey);
+          wallet->generate(field_filename, field_password, address, viewkey, create_address_file);
         }
         else
         {
           if (!crypto::secret_key_to_public_key(spendkey, address.m_spend_public_key)) {
             THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify spend key secret key"));
           }
-          wallet->generate(field_filename, field_password, address, spendkey, viewkey);
+          wallet->generate(field_filename, field_password, address, spendkey, viewkey, create_address_file);
         }
       }
     }
@@ -2740,7 +2743,7 @@ bool wallet2::verify_password(const std::string& keys_file_name, const epee::wip
  * \param  multisig_data  The multisig restore info and keys
  */
 void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
-  const std::string& multisig_data)
+  const std::string& multisig_data, bool create_address_file)
 {
   clear();
   prepare_file_names(wallet_);
@@ -2812,8 +2815,11 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
     bool r = store_keys(m_keys_file, password, false);
     THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
 
-    r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
-    if(!r) MERROR("String with address text not saved");
+    if (m_nettype != MAINNET || create_address_file)
+    {
+      r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
+      if(!r) MERROR("String with address text not saved");
+    }
   }
 
   cryptonote::block b;
@@ -2835,7 +2841,7 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
  * \return                The secret key of the generated wallet
  */
 crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
-  const crypto::secret_key& recovery_param, bool recover, bool two_random)
+  const crypto::secret_key& recovery_param, bool recover, bool two_random, bool create_address_file)
 {
   clear();
   prepare_file_names(wallet_);
@@ -2866,8 +2872,11 @@ crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wip
     bool r = store_keys(m_keys_file, password, false);
     THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
 
-    r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
-    if(!r) MERROR("String with address text not saved");
+    if (m_nettype != MAINNET || create_address_file)
+    {
+      r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
+      if(!r) MERROR("String with address text not saved");
+    }
   }
 
   cryptonote::block b;
@@ -2931,7 +2940,7 @@ crypto::secret_key wallet2::generate(const std::string& wallet_, const epee::wip
 */
 void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
   const cryptonote::account_public_address &account_public_address,
-  const crypto::secret_key& viewkey)
+  const crypto::secret_key& viewkey, bool create_address_file)
 {
   clear();
   prepare_file_names(wallet_);
@@ -2956,8 +2965,11 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
     bool r = store_keys(m_keys_file, password, true);
     THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
 
-    r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
-    if(!r) MERROR("String with address text not saved");
+    if (m_nettype != MAINNET || create_address_file)
+    {
+      r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
+      if(!r) MERROR("String with address text not saved");
+    }
   }
 
   cryptonote::block b;
@@ -2978,7 +2990,7 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
 */
 void wallet2::generate(const std::string& wallet_, const epee::wipeable_string& password,
   const cryptonote::account_public_address &account_public_address,
-  const crypto::secret_key& spendkey, const crypto::secret_key& viewkey)
+  const crypto::secret_key& spendkey, const crypto::secret_key& viewkey, bool create_address_file)
 {
   clear();
   prepare_file_names(wallet_);
@@ -3003,8 +3015,11 @@ void wallet2::generate(const std::string& wallet_, const epee::wipeable_string&
     bool r = store_keys(m_keys_file, password, false);
     THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
 
-    r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
-    if(!r) MERROR("String with address text not saved");
+    if (m_nettype != MAINNET || create_address_file)
+    {
+      r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
+      if(!r) MERROR("String with address text not saved");
+    }
   }
 
   cryptonote::block b;
@@ -3136,8 +3151,11 @@ std::string wallet2::make_multisig(const epee::wipeable_string &password,
     bool r = store_keys(m_keys_file, password, false);
     THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
 
-    r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
-    if(!r) MERROR("String with address text not saved");
+    if (boost::filesystem::exists(m_wallet_file + ".address.txt"))
+    {
+      r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
+      if(!r) MERROR("String with address text not saved");
+    }
   }
 
   cryptonote::block b;
@@ -3236,8 +3254,11 @@ bool wallet2::finalize_multisig(const epee::wipeable_string &password, std::unor
     bool r = store_keys(m_keys_file, password, false);
     THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
 
-    r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
-    if(!r) MERROR("String with address text not saved");
+    if (boost::filesystem::exists(m_wallet_file + ".address.txt"))
+    {
+      r = file_io_utils::save_string_to_file(m_wallet_file + ".address.txt", m_account.get_public_address_str(m_nettype));
+      if(!r) MERROR("String with address text not saved");
+    }
   }
 
   m_subaddresses.clear();
@@ -3760,10 +3781,13 @@ void wallet2::store_to(const std::string &path, const epee::wipeable_string &pas
     prepare_file_names(path);
     bool r = store_keys(m_keys_file, password, false);
     THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
-    // save address to the new file
-    const std::string address_file = m_wallet_file + ".address.txt";
-    r = file_io_utils::save_string_to_file(address_file, m_account.get_public_address_str(m_nettype));
-    THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_wallet_file);
+    if (boost::filesystem::exists(old_address_file))
+    {
+      // save address to the new file
+      const std::string address_file = m_wallet_file + ".address.txt";
+      r = file_io_utils::save_string_to_file(address_file, m_account.get_public_address_str(m_nettype));
+      THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_wallet_file);
+    }
     // remove old wallet file
     r = boost::filesystem::remove(old_file);
     if (!r) {
diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h
index 57a61cb9d..9d4a7d75a 100644
--- a/src/wallet/wallet2.h
+++ b/src/wallet/wallet2.h
@@ -449,44 +449,48 @@ namespace tools
 
     /*!
      * \brief  Generates a wallet or restores one.
-     * \param  wallet_        Name of wallet file
-     * \param  password       Password of wallet file
-     * \param  multisig_data  The multisig restore info and keys
+     * \param  wallet_              Name of wallet file
+     * \param  password             Password of wallet file
+     * \param  multisig_data        The multisig restore info and keys
+     * \param  create_address_file  Whether to create an address file
      */
     void generate(const std::string& wallet_, const epee::wipeable_string& password,
-      const std::string& multisig_data);
+      const std::string& multisig_data, bool create_address_file = false);
 
     /*!
      * \brief Generates a wallet or restores one.
-     * \param  wallet_        Name of wallet file
-     * \param  password       Password of wallet file
-     * \param  recovery_param If it is a restore, the recovery key
-     * \param  recover        Whether it is a restore
-     * \param  two_random     Whether it is a non-deterministic wallet
-     * \return                The secret key of the generated wallet
+     * \param  wallet_              Name of wallet file
+     * \param  password             Password of wallet file
+     * \param  recovery_param       If it is a restore, the recovery key
+     * \param  recover              Whether it is a restore
+     * \param  two_random           Whether it is a non-deterministic wallet
+     * \param  create_address_file  Whether to create an address file
+     * \return                      The secret key of the generated wallet
      */
     crypto::secret_key generate(const std::string& wallet, const epee::wipeable_string& password,
       const crypto::secret_key& recovery_param = crypto::secret_key(), bool recover = false,
-      bool two_random = false);
+      bool two_random = false, bool create_address_file = false);
     /*!
      * \brief Creates a wallet from a public address and a spend/view secret key pair.
-     * \param  wallet_        Name of wallet file
-     * \param  password       Password of wallet file
-     * \param  viewkey        view secret key
-     * \param  spendkey       spend secret key
+     * \param  wallet_              Name of wallet file
+     * \param  password             Password of wallet file
+     * \param  viewkey              view secret key
+     * \param  spendkey             spend secret key
+     * \param  create_address_file  Whether to create an address file
      */
     void generate(const std::string& wallet, const epee::wipeable_string& password,
       const cryptonote::account_public_address &account_public_address,
-      const crypto::secret_key& spendkey, const crypto::secret_key& viewkey);
+      const crypto::secret_key& spendkey, const crypto::secret_key& viewkey, bool create_address_file = false);
     /*!
      * \brief Creates a watch only wallet from a public address and a view secret key.
-     * \param  wallet_        Name of wallet file
-     * \param  password       Password of wallet file
-     * \param  viewkey        view secret key
+     * \param  wallet_              Name of wallet file
+     * \param  password             Password of wallet file
+     * \param  viewkey              view secret key
+     * \param  create_address_file  Whether to create an address file
      */
     void generate(const std::string& wallet, const epee::wipeable_string& password,
       const cryptonote::account_public_address &account_public_address,
-      const crypto::secret_key& viewkey = crypto::secret_key());
+      const crypto::secret_key& viewkey = crypto::secret_key(), bool create_address_file = false);
     /*!
      * \brief Restore a wallet hold by an HW.
      * \param  wallet_        Name of wallet file