feat(@desktop/syncing): keypair syncing - recovering from another device with Keycard related profile

Closes: #10983
2023-06-09 10:40:56 +02:00 · 2023-06-09 10:40:56 +02:00 · 7c56dc53d9
parent af96345e26
commit 7c56dc53d9
18 changed files with 195 additions and 174 deletions
--- a/src/app/modules/main/controller.nim
+++ b/src/app/modules/main/controller.nim
@ -390,7 +390,8 @@ proc init*(self: Controller) =
      password: args.password,
      pin: args.pin,
      keyUid: args.keyUid,
-      keycardUid: args.keycardUid)
+      keycardUid: args.keycardUid,
+      additinalPathsDetails: args.additinalPathsDetails)
    self.authenticateUserFlowRequestedBy = ""
    self.events.emit(SIGNAL_SHARED_KEYCARD_MODULE_USER_AUTHENTICATED, data)

@ -404,7 +405,7 @@ proc init*(self: Controller) =
  self.events.on(SIGNAL_SHARED_KEYCARD_MODULE_AUTHENTICATE_USER) do(e: Args):
    let args = SharedKeycarModuleAuthenticationArgs(e)
    self.authenticateUserFlowRequestedBy = args.uniqueIdentifier
-    self.delegate.runAuthenticationPopup(args.keyUid)
+    self.delegate.runAuthenticationPopup(args.keyUid, args.additionalBip44Paths)

  self.events.on(SIGNAL_SHARED_KEYCARD_MODULE_TRY_KEYCARD_SYNC) do(e: Args):
    let args = SharedKeycarModuleArgs(e)
--- a/src/app/modules/main/io_interface.nim
+++ b/src/app/modules/main/io_interface.nim
@ -273,7 +273,7 @@ method onDisplayKeycardSharedModuleFlow*(self: AccessInterface) {.base.} =
 method onSharedKeycarModuleFlowTerminated*(self: AccessInterface, lastStepInTheCurrentFlow: bool) {.base.} =
  raise newException(ValueError, "No implementation available")

-method runAuthenticationPopup*(self: AccessInterface, keyUid: string) {.base.} =
+method runAuthenticationPopup*(self: AccessInterface, keyUid: string, bip44Paths: seq[string] = @[]) {.base.} =
  raise newException(ValueError, "No implementation available")

 method onMyRequestAdded*(self: AccessInterface) {.base.} =
--- a/src/app/modules/main/module.nim
+++ b/src/app/modules/main/module.nim
@ -1191,11 +1191,11 @@ method onSharedKeycarModuleFlowTerminated*[T](self: Module[T], lastStepInTheCurr
    self.keycardSharedModule.delete
    self.keycardSharedModule = nil

-method runAuthenticationPopup*[T](self: Module[T], keyUid: string) =
+method runAuthenticationPopup*[T](self: Module[T], keyUid: string, bip44Paths: seq[string] = @[]) =
  self.createSharedKeycardModule()
  if self.keycardSharedModule.isNil:
    return
-  self.keycardSharedModule.runFlow(keycard_shared_module.FlowType.Authentication, keyUid)
+  self.keycardSharedModule.runFlow(keycard_shared_module.FlowType.Authentication, keyUid, bip44Paths)

 method onSharedKeycarModuleKeycardSyncPurposeTerminated*[T](self: Module[T], lastStepInTheCurrentFlow: bool) =
  if not self.keycardSharedModuleKeycardSyncPurpose.isNil:
--- a/src/app/modules/main/profile_section/devices/controller.nim
+++ b/src/app/modules/main/profile_section/devices/controller.nim
@ -1,13 +1,13 @@
 import Tables, chronicles
 import io_interface

-import ../../../../core/eventemitter
-import ../../../../../app_service/service/settings/service as settings_service
-import ../../../../../app_service/service/devices/service as devices_service
+import app/core/eventemitter
+import app_service/service/settings/service as settings_service
+import app_service/service/devices/service as devices_service

-import ../../../shared_modules/keycard_popup/io_interface as keycard_shared_module
+import app/modules/shared_modules/keycard_popup/io_interface as keycard_shared_module

-const UNIQUE_SYNCING_SECTION_ACCOUNTS_MODULE_AUTH_IDENTIFIER* = "SyncingSection-AccountsModule-Authentication"
+const UNIQUE_SYNCING_LOGGED_IN_USER_AUTHENTICATION_IDENTIFIER* = "Syncing-LoggedInUser-Authentication"

 logScope:
  topics = "profile-section-devices-module-controller"
@ -50,9 +50,9 @@ proc init*(self: Controller) =

  self.events.on(SIGNAL_SHARED_KEYCARD_MODULE_USER_AUTHENTICATED) do(e: Args):
    let args = SharedKeycarModuleArgs(e)
-    if args.uniqueIdentifier != UNIQUE_SYNCING_SECTION_ACCOUNTS_MODULE_AUTH_IDENTIFIER:
+    if args.uniqueIdentifier != UNIQUE_SYNCING_LOGGED_IN_USER_AUTHENTICATION_IDENTIFIER:
      return
-    self.delegate.onUserAuthenticated(args.pin, args.password, args.keyUid)
+    self.delegate.onLoggedInUserAuthenticated(args.pin, args.password, args.keyUid, args.additinalPathsDetails)

  self.events.on(SIGNAL_LOCAL_PAIRING_EVENT) do(e: Args):
    let args = LocalPairingEventArgs(e)
@ -91,10 +91,11 @@ proc enableDevice*(self: Controller, deviceId: string, enable: bool) =
 # Pairing status
 #

-proc authenticateUser*(self: Controller, keyUid: string) =
-  let data = SharedKeycarModuleAuthenticationArgs(
-    uniqueIdentifier: UNIQUE_SYNCING_SECTION_ACCOUNTS_MODULE_AUTH_IDENTIFIER,
-    keyUid: keyUid)
+proc authenticateLoggedInUser*(self: Controller, additionalBip44Paths: seq[string] = @[]) =
+  var data = SharedKeycarModuleAuthenticationArgs(
+    uniqueIdentifier: UNIQUE_SYNCING_LOGGED_IN_USER_AUTHENTICATION_IDENTIFIER,
+    additionalBip44Paths: additionalBip44Paths
+  )
  self.events.emit(SIGNAL_SHARED_KEYCARD_MODULE_AUTHENTICATE_USER, data)

 #
@ -104,8 +105,8 @@ proc authenticateUser*(self: Controller, keyUid: string) =
 proc validateConnectionString*(self: Controller, connectionString: string): string =
  return self.devicesService.validateConnectionString(connectionString)

-proc getConnectionStringForBootstrappingAnotherDevice*(self: Controller, keyUid: string, password: string): string =
-  return self.devicesService.getConnectionStringForBootstrappingAnotherDevice(keyUid, password)
+proc getConnectionStringForBootstrappingAnotherDevice*(self: Controller, password, chatKey: string): string =
+  return self.devicesService.getConnectionStringForBootstrappingAnotherDevice(password, chatKey)

 proc inputConnectionStringForBootstrapping*(self: Controller, connectionString: string): string =
  return self.devicesService.inputConnectionStringForBootstrapping(connectionString)
--- a/src/app/modules/main/profile_section/devices/io_interface.nim
+++ b/src/app/modules/main/profile_section/devices/io_interface.nim
@ -1,6 +1,6 @@
-import NimQml
-import ../../../../../app_service/service/devices/service
-
+import NimQml, tables
+import app_service/service/devices/service
+from app_service/service/keycard/service import KeyDetails

 type
  AccessInterface* {.pure inheritable.} = ref object of RootObj
@ -50,18 +50,15 @@ method advertise*(self: AccessInterface) {.base.} =
 method enableDevice*(self: AccessInterface, installationId: string, enable: bool) {.base.} =
  raise newException(ValueError, "No implementation available")

-method authenticateUser*(self: AccessInterface, keyUid: string) {.base.} =
+method authenticateLoggedInUser*(self: AccessInterface) {.base.} =
  raise newException(ValueError, "No implementation available")

-method onUserAuthenticated*(self: AccessInterface, pin: string, password: string, keyUid: string) {.base.} =
+method onLoggedInUserAuthenticated*(self: AccessInterface, pin: string, password: string, keyUid: string, additinalPathsDetails: Table[string, KeyDetails]) {.base.} =
  raise newException(ValueError, "No implementation available")

 proc validateConnectionString*(self: AccessInterface, connectionString: string): string =
  raise newException(ValueError, "No implementation available")

-method getConnectionStringForBootstrappingAnotherDevice*(self: AccessInterface, keyUid: string, password: string): string {.base.} =
-  raise newException(ValueError, "No implementation available")
-
 method inputConnectionStringForBootstrapping*(self: AccessInterface, connectionString: string): string {.base.} =
  raise newException(ValueError, "No implementation available")

--- a/src/app/modules/main/profile_section/devices/module.nim
+++ b/src/app/modules/main/profile_section/devices/module.nim
@ -1,12 +1,15 @@
-import NimQml, chronicles
+import NimQml, tables, strutils, chronicles
 import io_interface
 import ../io_interface as delegate_interface
 import view, controller, model, item
 import logging

-import ../../../../core/eventemitter
-import ../../../../../app_service/service/settings/service as settings_service
-import ../../../../../app_service/service/devices/service as devices_service
+import app/global/global_singleton
+import app/core/eventemitter
+import app_service/common/account_constants
+import app_service/service/settings/service as settings_service
+import app_service/service/devices/service as devices_service
+from app_service/service/keycard/service import KeyDetails

 export io_interface

@ -97,18 +100,25 @@ method updateOrAddDevice*(self: Module, installation: InstallationDto) =
 method updateInstallationName*(self: Module, installationId: string, name: string) =
  self.view.model().updateItemName(installationId, name)

-method authenticateUser*(self: Module, keyUid: string) =
-  self.controller.authenticateUser(keyUid)
+method authenticateLoggedInUser*(self: Module) =
+  var additionalBip44Paths: seq[string]
+  if singletonInstance.userProfile.getIsKeycardUser():
+    additionalBip44Paths.add(account_constants.PATH_WHISPER)
+  self.controller.authenticateLoggedInUser(additionalBip44Paths)

-method onUserAuthenticated*(self: Module, pin: string, password: string, keyUid: string) =
-  self.view.emitUserAuthenticated(pin, password, keyUid)
+method onLoggedInUserAuthenticated*(self: Module, pin: string, password: string, keyUid: string, additinalPathsDetails: Table[string, KeyDetails]) =
+  var chatKey = ""
+  if singletonInstance.userProfile.getIsKeycardUser() and
+    additinalPathsDetails.contains(account_constants.PATH_WHISPER):
+      chatKey = additinalPathsDetails[account_constants.PATH_WHISPER].privateKey
+      if chatKey.startsWith("0x"):
+        chatKey = chatKey[2..^1]
+  let connectionString = self.controller.getConnectionStringForBootstrappingAnotherDevice(password, chatKey)
+  self.view.openPopupWithConnectionString(connectionString)

 proc validateConnectionString*(self: Module, connectionString: string): string =
  return self.controller.validateConnectionString(connectionString)

-method getConnectionStringForBootstrappingAnotherDevice*(self: Module, keyUid: string, password: string): string =
-  return self.controller.getConnectionStringForBootstrappingAnotherDevice(keyUid, password)
-
 method inputConnectionStringForBootstrapping*(self: Module, connectionString: string): string =
  return self.controller.inputConnectionStringForBootstrapping(connectionString)

--- a/src/app/modules/main/profile_section/devices/view.nim
+++ b/src/app/modules/main/profile_section/devices/view.nim
@ -133,17 +133,15 @@ QtObject:

  # LocalPairing actions

-  proc userAuthenticated*(self: View, pin: string, password: string, keyUid: string) {.signal.}
-  proc emitUserAuthenticated*(self: View, pin: string, password: string, keyUid: string) =
-    self.userAuthenticated(pin, password, keyUid)
-  proc authenticateUser*(self: View, keyUid: string) {.slot.} =
-    self.delegate.authenticateUser(keyUid)
+  proc openPopupWithConnectionStringSignal*(self: View, rawConnectionString: string) {.signal.}
+  proc openPopupWithConnectionString*(self: View, rawConnectionString: string) =
+    self.openPopupWithConnectionStringSignal(rawConnectionString)
+
+  proc authenticateLoggedInUser*(self: View) {.slot.} =
+    self.delegate.authenticateLoggedInUser()

  proc validateConnectionString*(self: View, connectionString: string): string {.slot.} =
    return self.delegate.validateConnectionString(connectionString)

-  proc getConnectionStringForBootstrappingAnotherDevice*(self: View, keyUid: string, password: string): string {.slot.} =
-    return self.delegate.getConnectionStringForBootstrappingAnotherDevice(keyUid, password)
-
  proc inputConnectionStringForBootstrapping*(self: View, connectionString: string): string {.slot.} =
    return self.delegate.inputConnectionStringForBootstrapping(connectionString)
--- a/src/app/modules/shared_modules/keycard_popup/controller.nim
+++ b/src/app/modules/shared_modules/keycard_popup/controller.nim
@ -1,4 +1,4 @@
-import chronicles, strutils, os, sequtils, sugar
+import chronicles, tables, strutils, os, sequtils, sugar
 import uuids
 import io_interface

@ -66,6 +66,7 @@ type
    tmpKeycardCopyDestinationKeycardUid: string
    tmpKeycardSyncingInProgress: bool
    tmpFlowData: SharedKeycarModuleFlowTerminatedArgs
+    tmpRequestedPathsAlongWithAuthentication: seq[string]
    tmpUnlockUsingSeedPhrase: bool # true - sp, false - puk

 proc newController*(delegate: io_interface.AccessInterface,
@ -497,7 +498,7 @@ proc runDeriveAccountFlow*(self: Controller, bip44Paths: seq[string], pin: strin
  self.cancelCurrentFlow()
  self.keycardService.startExportPublicFlow(bip44Paths, exportMasterAddr=true, exportPrivateAddr=false, pin)

-proc runAuthenticationFlow*(self: Controller, keyUid = "") =
+proc runAuthenticationFlow*(self: Controller, keyUid = "", bip44Paths: seq[string] = @[]) =
  ## For signing a transaction  we need to provide a key uid of a keypair that an account we want to sign a transaction
  ## for belongs to. If we're just doing an authentication for a logged in user, then default key uid is always the key
  ## uid of the logged in user.
@ -507,7 +508,11 @@ proc runAuthenticationFlow*(self: Controller, keyUid = "") =
  if self.tmpKeyUidWhichIsBeingAuthenticating.len == 0:
    self.tmpKeyUidWhichIsBeingAuthenticating = singletonInstance.userProfile.getKeyUid()
  self.cancelCurrentFlow()
-  self.keycardService.startExportPublicFlow(path = account_constants.PATH_ENCRYPTION)
+  self.tmpRequestedPathsAlongWithAuthentication = @[account_constants.PATH_ENCRYPTION] #order is important, when reading keycard response
+  if bip44Paths.len > 0:
+    self.tmpRequestedPathsAlongWithAuthentication.add(bip44Paths)
+    self.tmpRequestedPathsAlongWithAuthentication = self.tmpRequestedPathsAlongWithAuthentication.deduplicate()
+  self.keycardService.startExportPublicFlow(self.tmpRequestedPathsAlongWithAuthentication, exportMasterAddr = false, exportPrivateAddr = true)

 proc runLoadAccountFlow*(self: Controller, seedPhraseLength = 0, seedPhrase = "", pin = "", puk = "", factoryReset = false) =
  if not serviceApplicable(self.keycardService):
@ -577,12 +582,21 @@ proc terminateCurrentFlow*(self: Controller, lastStepInTheCurrentFlow: bool) =
  self.tmpFlowData = SharedKeycarModuleFlowTerminatedArgs(uniqueIdentifier: self.uniqueIdentifier,
    lastStepInTheCurrentFlow: lastStepInTheCurrentFlow)
  if lastStepInTheCurrentFlow:
-    let exportedEncryptionPubKey = flowEvent.generatedWalletAccount.publicKey
+    var exportedEncryptionPubKey: string
+    if flowEvent.generatedWalletAccounts.len > 0:
+      exportedEncryptionPubKey = flowEvent.generatedWalletAccounts[0].publicKey # encryption key is at position 0
      if exportedEncryptionPubKey.len > 0:
        self.tmpFlowData.password = exportedEncryptionPubKey
        self.tmpFlowData.pin = self.getPin()
        self.tmpFlowData.keyUid = flowEvent.keyUid
        self.tmpFlowData.keycardUid = flowEvent.instanceUID
+        for i in 0..< self.tmpRequestedPathsAlongWithAuthentication.len:
+          var path = self.tmpRequestedPathsAlongWithAuthentication[i]
+          self.tmpFlowData.additinalPathsDetails[path] = KeyDetails(
+            address: flowEvent.generatedWalletAccounts[i].address,
+            publicKey: flowEvent.generatedWalletAccounts[i].publicKey,
+            privateKey: flowEvent.generatedWalletAccounts[i].privateKey
+          )
    else:
      self.tmpFlowData.password = self.getPassword()
      self.tmpFlowData.keyUid = singletonInstance.userProfile.getKeyUid()
--- a/src/app/modules/shared_modules/keycard_popup/io_interface.nim
+++ b/src/app/modules/shared_modules/keycard_popup/io_interface.nim
@ -1,8 +1,8 @@
 import NimQml, tables
-import ../../../../app/core/eventemitter
-from ../../../../app_service/service/keycard/service import KeycardEvent, CardMetadata, KeyDetails
-from ../../../../app_service/service/wallet_account/service as wallet_account_service import WalletTokenDto
-import ../../shared_models/keypair_item
+import app/core/eventemitter
+from app_service/service/keycard/service import KeycardEvent, CardMetadata, KeyDetails
+from app_service/service/wallet_account/service as wallet_account_service import WalletTokenDto
+import app/modules/shared_models/keypair_item

 const SIGNAL_SHARED_KEYCARD_MODULE_DISPLAY_POPUP* = "sharedKeycarModuleDisplayPopup"
 const SIGNAL_SHARED_KEYCARD_MODULE_FLOW_TERMINATED* = "sharedKeycarModuleFlowTerminated"
@ -38,6 +38,7 @@ type
    pin*: string # this is used in case we need to run another keycard flow which requires pin, after we successfully authenticated logged in user
    keyUid*: string
    keycardUid*: string
+    additinalPathsDetails*: Table[string, KeyDetails] # [path, KeyDetails]

 type
  SharedKeycarModuleFlowTerminatedArgs* = ref object of SharedKeycarModuleArgs
@ -46,7 +47,7 @@ type
 type
  SharedKeycarModuleAuthenticationArgs* = ref object of SharedKeycarModuleBaseArgs
    keyUid*: string
-
+    additionalBip44Paths*: seq[string] # can be used in authentication flow to export additinal paths if needed except encryption path

 type FlowType* {.pure.} = enum
  General = "General"
@ -112,7 +113,7 @@ method onCancelActionClicked*(self: AccessInterface) {.base.} =
 method onKeycardResponse*(self: AccessInterface, keycardFlowType: string, keycardEvent: KeycardEvent) {.base.} =
  raise newException(ValueError, "No implementation available")

-method runFlow*(self: AccessInterface, flowToRun: FlowType, keyUid = "", bip44Path = "", txHash = "") {.base.} =
+method runFlow*(self: AccessInterface, flowToRun: FlowType, keyUid = "", bip44Paths: seq[string] = @[], txHash = "") {.base.} =
  raise newException(ValueError, "No implementation available")

 method setPin*(self: AccessInterface, value: string) {.base.} =
--- a/src/app/modules/shared_modules/keycard_popup/module.nim
+++ b/src/app/modules/shared_modules/keycard_popup/module.nim
@ -433,7 +433,7 @@ method prepareKeyPairForProcessing*[T](self: Module[T], keyUid: string, keycardU
    item.setIcon("keycard")
  self.view.setKeyPairForProcessing(item)

-method runFlow*[T](self: Module[T], flowToRun: FlowType, keyUid = "", bip44Path = "", txHash = "") =
+method runFlow*[T](self: Module[T], flowToRun: FlowType, keyUid = "", bip44Paths: seq[string] = @[], txHash = "") =
  ## In case of `Authentication` if we're signing a transaction we need to provide a key uid of a keypair that an account
  ## we want to sign a transaction for belongs to. If we're just doing an authentication for a logged in user, then
  ## default key uid is always the key uid of the logged in user.
@ -459,7 +459,7 @@ method runFlow*[T](self: Module[T], flowToRun: FlowType, keyUid = "", bip44Path
      if singletonInstance.userProfile.getIsKeycardUser():
        self.prepareKeyPairItemForAuthentication(singletonInstance.userProfile.getKeyUid())
        self.tmpLocalState = newReadingKeycardState(flowToRun, nil)
-        self.controller.runAuthenticationFlow(singletonInstance.userProfile.getKeyUid())
+        self.controller.runAuthenticationFlow(singletonInstance.userProfile.getKeyUid(), bip44Paths)
        return
      if singletonInstance.userProfile.getUsingBiometricLogin():
        self.controller.tryToObtainDataFromKeychain()
@ -471,7 +471,7 @@ method runFlow*[T](self: Module[T], flowToRun: FlowType, keyUid = "", bip44Path
    else:
      self.prepareKeyPairItemForAuthentication(keyUid)
      self.tmpLocalState = newReadingKeycardState(flowToRun, nil)
-      self.controller.runAuthenticationFlow(keyUid)
+      self.controller.runAuthenticationFlow(keyUid, bip44Paths)
      return
  if flowToRun == FlowType.UnlockKeycard:
    ## since we can run unlock keycard flow from an already running flow, in order to avoid changing displayed keypair
--- a/src/app/modules/startup/controller.nim
+++ b/src/app/modules/startup/controller.nim
@ -454,7 +454,13 @@ proc login*(self: Controller) =

 proc loginLocalPairingAccount*(self: Controller) =
  self.delegate.moveToLoadingAppState()
+  if self.localPairingStatus.chatKey.len == 0:
    self.accountsService.login(self.localPairingStatus.account, self.localPairingStatus.password)
+  else:
+    var kcEvent = KeycardEvent()
+    kcEvent.whisperKey.privateKey = self.localPairingStatus.chatKey
+    kcEvent.encryptionKey.publicKey = self.localPairingStatus.password
+    discard self.accountsService.loginAccountKeycard(self.localPairingStatus.account, kcEvent)

 proc loginAccountKeycard*(self: Controller, storeToKeychainValue: string, syncWalletAfterLogin = false) =
  if syncWalletAfterLogin:
--- a/src/app_service/service/devices/dto/local_pairing_event.nim
+++ b/src/app_service/service/devices/dto/local_pairing_event.nim
@ -28,6 +28,7 @@ type
  LocalPairingAccountData* = ref object
    account*: AccountDTO
    password*: string
+    chatKey*: string

 type
  LocalPairingEventArgs* = ref object of Args
@ -75,6 +76,7 @@ proc parse*(self: int): Action =
 proc toLocalPairingAccountData*(jsonObj: JsonNode): LocalPairingAccountData =
  result = LocalPairingAccountData()
  discard jsonObj.getProp("password", result.password)
+  discard jsonObj.getProp("chatKey", result.chatKey)

  var accountObj: JsonNode
  if(jsonObj.getProp("account", accountObj)):
--- a/src/app_service/service/devices/dto/local_pairing_status.nim
+++ b/src/app_service/service/devices/dto/local_pairing_status.nim
@ -20,8 +20,9 @@ type
  LocalPairingStatus* = ref object of Args
    mode*: LocalPairingMode
    state*: LocalPairingState
-    account*: AccountDTO
+    account*: AccountDto
    password*: string
+    chatKey*: string
    installation*: InstallationDto
    error*: string

@ -50,6 +51,7 @@ proc update*(self: LocalPairingStatus, data: LocalPairingEventArgs) =
  of EventReceivedAccount:
    self.account = data.accountData.account
    self.password = data.accountData.password
+    self.chatKey = data.accountData.chatKey
  of EventReceivedInstallation:
    self.installation = data.installation
  of EventConnectionError:
--- a/src/app_service/service/devices/service.nim
+++ b/src/app_service/service/devices/service.nim
@ -6,17 +6,17 @@ import ./dto/installation as Installation_dto
 import ./dto/local_pairing_event
 import ./dto/local_pairing_status

-import ../settings/service as settings_service
-import ../accounts/service as accounts_service
+import app_service/service/settings/service as settings_service
+import app_service/service/accounts/service as accounts_service

-import ../../../app/global/global_singleton
-import ../../../app/core/[main]
-import ../../../app/core/signals/types
-import ../../../app/core/eventemitter
-import ../../../app/core/tasks/[qt, threadpool]
-import ../../../backend/installations as status_installations
-import ../../common/utils as utils
-import ../../../constants as main_constants
+import app/global/global_singleton
+import app/core/[main]
+import app/core/signals/types
+import app/core/eventemitter
+import app/core/tasks/[qt, threadpool]
+import backend/installations as status_installations
+import app_service/common/utils as utils
+import constants as main_constants

 import status_go

@ -176,13 +176,20 @@ QtObject:
  proc validateConnectionString*(self: Service, connectionString: string): string =
    return status_go.validateConnectionString(connectionString)

-  proc getConnectionStringForBootstrappingAnotherDevice*(self: Service, keyUid: string, password: string): string =
+  proc getConnectionStringForBootstrappingAnotherDevice*(self: Service, password: string, chatKey: string): string =
+    let keyUid = singletonInstance.userProfile.getKeyUid()
+    let keycardUser = singletonInstance.userProfile.getIsKeycardUser()
+    var finalPassword = password
+    if not keycardUser:
+      finalPassword = utils.hashPassword(password)
+
    let configJSON = %* {
      "senderConfig": %* {
        "keystorePath": joinPath(main_constants.ROOTKEYSTOREDIR, keyUid),
        "deviceType": hostOs,
        "keyUID": keyUid,
-        "password": utils.hashPassword(password),
+        "password": finalPassword,
+        "chatKey": chatKey,
      },
      "serverConfig": %* {
        "timeout": 5 * 60 * 1000,
--- a/ui/app/AppLayouts/Profile/popups/SetupSyncingPopup.qml
+++ b/ui/app/AppLayouts/Profile/popups/SetupSyncingPopup.qml
@ -22,8 +22,7 @@ import "../stores"
 StatusDialog {
    id: root

-    property string password
-    property string keyUid
+    required property string rawConnectionString

    property DevicesStore devicesStore
    property ProfileStore profileStore
@ -53,13 +52,11 @@ StatusDialog {
            d.connectionString = ""
            d.errorMessage = ""

-            const result = root.devicesStore.getConnectionStringForBootstrappingAnotherDevice(root.keyUid, root.password)
-
            try {
-                const json = JSON.parse(result)
+                const json = JSON.parse(root.rawConnectionString)
                d.errorMessage = json.error
            } catch (e) {
-                d.connectionString = result
+                d.connectionString = root.rawConnectionString
            }

            if (d.errorMessage !== "") {
--- a/ui/app/AppLayouts/Profile/stores/DevicesStore.qml
+++ b/ui/app/AppLayouts/Profile/stores/DevicesStore.qml
@ -37,19 +37,14 @@ QtObject {
        root.devicesModule.enableDevice(installationId, enable)
    }

-    function authenticateUser() {
-        const keyUid = "" // TODO: Support Keycard
-        root.devicesModule.authenticateUser(keyUid)
+    function authenticateLoggedInUser() {
+        root.devicesModule.authenticateLoggedInUser()
    }

    function validateConnectionString(connectionString) {
        return root.devicesModule.validateConnectionString(connectionString)
    }

-    function getConnectionStringForBootstrappingAnotherDevice(keyUid, password) {
-        return root.devicesModule.getConnectionStringForBootstrappingAnotherDevice(keyUid, password)
-    }
-
    function inputConnectionStringForBootstrapping(connectionString) {
        return root.devicesModule.inputConnectionStringForBootstrapping(connectionString)
    }
--- a/ui/app/AppLayouts/Profile/views/SyncingView.qml
+++ b/ui/app/AppLayouts/Profile/views/SyncingView.qml
@ -54,8 +54,7 @@ SettingsContentBase {
            }

            function setupSyncing() {
-                const keyUid = root.profileStore.isKeycardUser ? root.profileStore.keyUid : ""
-                root.devicesStore.authenticateUser(keyUid)
+                root.devicesStore.authenticateLoggedInUser()
            }
        }

@ -63,16 +62,9 @@ SettingsContentBase {
        Connections {
            target: devicesStore.devicesModule

-            function onUserAuthenticated(pin, password, keyUid) {
-                if (!password)
-                    return
-                // Authentication flow returns empty keyUid for non-keycard user.
-                const effectiveKeyUid = root.profileStore.isKeycardUser
-                                      ? keyUid
-                                      : root.profileStore.keyUid
+            function onOpenPopupWithConnectionStringSignal(rawConnectionString) {
                Global.openPopup(setupSyncingPopup, {
-                                     password,
-                                     keyUid: effectiveKeyUid
+                                     rawConnectionString: rawConnectionString,
                                 })
            }
        }
@ -135,7 +127,7 @@ SettingsContentBase {
                timestamp: model.timestamp
                isCurrentDevice: model.isCurrentDevice
                onSetupSyncingButtonClicked: {
-                    d.setupSyncing(SetupSyncingPopup.GenerateSyncCode)
+                    d.setupSyncing()
                }
                onClicked: {
                    if (deviceEnabled)
--- a/ui/app/AppLayouts/Wallet/stores/RootStore.qml
+++ b/ui/app/AppLayouts/Wallet/stores/RootStore.qml
@ -14,8 +14,6 @@ QtObject {
    readonly property string defaultSelectedKeyUid: userProfile.keyUid
    readonly property bool defaultSelectedKeyUidMigratedToKeycard: userProfile.isKeycardUser

-    property bool loggedInUserAuthenticated: false
-
    property string backButtonName: ""
    property var overview: walletSectionOverview
    property var assets: walletSectionAssets.assets