Base refactor of PairingPayloadManager

2022-06-29 16:21:22 +01:00 · 2022-06-29 16:21:22 +01:00 · 0e878d55d2
parent 46be086b60
commit 0e878d55d2
8 changed files with 302 additions and 220 deletions
--- a/server/client.go
+++ b/server/client.go
@ -9,6 +9,8 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
+
+	"github.com/status-im/status-go/multiaccounts"
 )

 type PairingClient struct {
@ -18,10 +20,10 @@ type PairingClient struct {
 	certPEM     []byte
 	privateKey  *ecdsa.PrivateKey
 	serverMode  Mode
-	payload     *PayloadManager
+	payload     *PairingPayloadManager
 }

-func NewPairingClient(c *ConnectionParams) (*PairingClient, error) {
+func NewPairingClient(c *ConnectionParams, db *multiaccounts.Database) (*PairingClient, error) {
 	u, certPem, err := c.Generate()
 	if err != nil {
 		return nil, err
@ -44,7 +46,7 @@ func NewPairingClient(c *ConnectionParams) (*PairingClient, error) {
 		},
 	}

-	pm, err := NewPayloadManager(c.privateKey)
+	pm, err := NewPairingPayloadManager(c.privateKey, db)
 	if err != nil {
 		return nil, err
 	}
@ -60,7 +62,7 @@ func NewPairingClient(c *ConnectionParams) (*PairingClient, error) {
 }

 func (c *PairingClient) MountPayload(data []byte) error {
-	return c.payload.Mount(data)
+	return c.payload.pem.Mount(data)
 }

 func (c *PairingClient) PairAccount() error {
@ -76,7 +78,7 @@ func (c *PairingClient) PairAccount() error {

 func (c *PairingClient) sendAccountData() error {
 	c.baseAddress.Path = pairingReceive
-	_, err := c.Post(c.baseAddress.String(), "application/octet-stream", bytes.NewBuffer(c.payload.ToSend()))
+	_, err := c.Post(c.baseAddress.String(), "application/octet-stream", bytes.NewBuffer(c.payload.pem.ToSend()))
 	if err != nil {
 		return err
 	}
@ -96,5 +98,5 @@ func (c *PairingClient) receiveAccountData() error {
 		return err
 	}

-	return c.payload.Receive(payload)
+	return c.payload.pem.Receive(payload)
 }
--- a/server/components_test.go
+++ b/server/components_test.go
@ -104,6 +104,6 @@ func (tpsc *TestPairingServerComponents) SetupPairingServerComponents(t *testing
 	tpsc.PS, err = NewPairingServer(&Config{
 		PK:       tpsc.EphemeralPK,
 		Cert:     &tpsc.Cert,
-		Hostname: tpsc.OutboundIP.String()})
+		Hostname: tpsc.OutboundIP.String()}, nil)
 	require.NoError(t, err)
 }
--- a/server/handlers.go
+++ b/server/handlers.go
@ -147,7 +147,7 @@ func handlePairingReceive(ps *PairingServer) func(w http.ResponseWriter, r *http
 			ps.logger.Error("ioutil.ReadAll(r.Body)", zap.Error(err))
 		}

-		err = ps.payload.Receive(payload)
+		err = ps.payload.pem.Receive(payload)
 		if err != nil {
 			ps.logger.Error("ps.payload.Receive(payload)", zap.Error(err))
 		}
@ -157,7 +157,7 @@ func handlePairingReceive(ps *PairingServer) func(w http.ResponseWriter, r *http
 func handlePairingSend(ps *PairingServer) func(w http.ResponseWriter, r *http.Request) {
 	return func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Content-Type", "application/octet-stream")
-		_, err := w.Write(ps.payload.ToSend())
+		_, err := w.Write(ps.payload.pem.ToSend())
 		if err != nil {
 			ps.logger.Error("w.Write(ps.payload.ToSend())", zap.Error(err))
 		}
--- a/server/ips_test.go
+++ b/server/ips_test.go
@ -71,7 +71,7 @@ func (s *GetOutboundIPSuite) TestGetOutboundIPWithFullServerE2e() {
 	err = ccp.FromString(qr)
 	s.Require().NoError(err)

-	c, err := NewPairingClient(ccp)
+	c, err := NewPairingClient(ccp, nil)
 	s.Require().NoError(err)

 	thing, err := makeThingToSay()
--- a/server/payload_manager.go
+++ b/server/payload_manager.go
@ -19,207 +19,121 @@ import (
 	"github.com/status-im/status-go/protocol/protobuf"
 )

-type Payload struct {
+type PairingPayloadManager struct {
+	pem *PayloadEncryptionManager
+	ppm *PairingPayloadMarshaller
+	ppr *PairingPayloadRepository
+}
+
+func NewPairingPayloadManager(pk *ecdsa.PrivateKey, db *multiaccounts.Database) (*PairingPayloadManager, error) {
+	pem, err := NewPayloadEncryptionManager(pk)
+	if err != nil {
+		return nil, err
+	}
+
+	return &PairingPayloadManager{
+		pem: pem,
+		ppm: NewPairingPayloadMarshaller(),
+		ppr: NewPairingPayloadRepository(db),
+	}, nil
+}
+
+// EncryptionPayload represents the plain text and encrypted text of a Server's payload data
+type EncryptionPayload struct {
 	plain     []byte
 	encrypted []byte
 }

-type PayloadManager struct {
+// PayloadEncryptionManager is responsible for encrypting and decrypting a Server's payload data
+type PayloadEncryptionManager struct {
 	aesKey   []byte
-	toSend   *Payload
-	received *Payload
+	toSend   *EncryptionPayload
+	received *EncryptionPayload
 }

-func NewPayloadManager(pk *ecdsa.PrivateKey) (*PayloadManager, error) {
+func NewPayloadEncryptionManager(pk *ecdsa.PrivateKey) (*PayloadEncryptionManager, error) {
 	ek, err := makeEncryptionKey(pk)
 	if err != nil {
 		return nil, err
 	}

-	return &PayloadManager{ek, new(Payload), new(Payload)}, nil
+	return &PayloadEncryptionManager{ek, new(EncryptionPayload), new(EncryptionPayload)}, nil
 }

-func (pm *PayloadManager) Mount(data []byte) error {
-	ep, err := common.Encrypt(data, pm.aesKey, rand.Reader)
+func (pem *PayloadEncryptionManager) Mount(data []byte) error {
+	ep, err := common.Encrypt(data, pem.aesKey, rand.Reader)
 	if err != nil {
 		return err
 	}

-	pm.toSend.plain = data
-	pm.toSend.encrypted = ep
+	pem.toSend.plain = data
+	pem.toSend.encrypted = ep
 	return nil
 }

-func (pm *PayloadManager) Receive(data []byte) error {
-	pd, err := common.Decrypt(data, pm.aesKey)
+func (pem *PayloadEncryptionManager) Receive(data []byte) error {
+	pd, err := common.Decrypt(data, pem.aesKey)
 	if err != nil {
 		return err
 	}

-	pm.received.encrypted = data
-	pm.received.plain = pd
+	pem.received.encrypted = data
+	pem.received.plain = pd
 	return nil
 }

-func (pm *PayloadManager) ToSend() []byte {
-	return pm.toSend.encrypted
+func (pem *PayloadEncryptionManager) ToSend() []byte {
+	return pem.toSend.encrypted
 }

-func (pm *PayloadManager) Received() []byte {
-	return pm.received.plain
+func (pem *PayloadEncryptionManager) Received() []byte {
+	return pem.received.plain
 }

-func (pm *PayloadManager) ResetPayload() {
-	pm.toSend = new(Payload)
-	pm.received = new(Payload)
+func (pem *PayloadEncryptionManager) ResetPayload() {
+	pem.toSend = new(EncryptionPayload)
+	pem.received = new(EncryptionPayload)
 }

-// PayloadMarshaller is responsible for loading, parsing, marshalling, unmarshalling and storing of PairingServer
-// payload data
-type PayloadMarshaller struct {
-	multiaccountDB *multiaccounts.Database
-
+// PairingPayload represents the payload structure a PairingServer handles
+type PairingPayload struct {
 	keys         map[string][]byte
 	multiaccount *multiaccounts.Account
 	password     string
 }

-func NewPayloadMarshaller(db *multiaccounts.Database) *PayloadMarshaller {
-	return &PayloadMarshaller{multiaccountDB: db}
+// PairingPayloadMarshaller is responsible for marshalling and unmarshalling PairingServer payload data
+type PairingPayloadMarshaller struct {
+	*PairingPayload
 }

-func (pm *PayloadMarshaller) LoadPayloads(keystorePath, keyUID, password string) error {
-	err := pm.loadKeys(keystorePath)
-	if err != nil {
-		return err
-	}
-
-	pm.multiaccount, err = pm.multiaccountDB.GetAccount(keyUID)
-	if err != nil {
-		return err
-	}
-	pm.password = password
-
-	return nil
+func NewPairingPayloadMarshaller() *PairingPayloadMarshaller {
+	return &PairingPayloadMarshaller{PairingPayload: new(PairingPayload)}
 }

-func (pm *PayloadMarshaller) loadKeys(keyStorePath string) error {
-	pm.keys = make(map[string][]byte)
-
-	fileWalker := func(path string, fileInfo os.FileInfo, err error) error {
-		if err != nil {
-			return err
-		}
-
-		if fileInfo.IsDir() || filepath.Dir(path) != keyStorePath {
-			return nil
-		}
-
-		rawKeyFile, err := ioutil.ReadFile(path)
-		if err != nil {
-			return fmt.Errorf("invalid account key file: %v", err)
-		}
-
-		accountKey := new(keystore.EncryptedKeyJSONV3)
-		if err := json.Unmarshal(rawKeyFile, &accountKey); err != nil {
-			return fmt.Errorf("failed to read key file: %s", err)
-		}
-
-		if len(accountKey.Address) != 40 {
-			return fmt.Errorf("account key address has invalid length '%s'", accountKey.Address)
-		}
-
-		pm.keys[fileInfo.Name()] = rawKeyFile
-
-		return nil
-	}
-
-	err := filepath.Walk(keyStorePath, fileWalker)
-	if err != nil {
-		return fmt.Errorf("cannot traverse key store folder: %v", err)
-	}
-
-	return nil
+func (ppm *PairingPayloadMarshaller) Load(payload *PairingPayload) {
+	ppm.PairingPayload = payload
 }

-func (pm *PayloadMarshaller) StorePayloads(keystorePath, password string) error {
-	err := pm.validateKeys(password)
-	if err != nil {
-		return err
-	}
-
-	err = pm.storeKeys(keystorePath)
-	if err != nil {
-		return err
-	}
-
-	err = pm.storeMultiAccount()
-	if err != nil {
-		return err
-	}
-
-	// TODO install PublicKey into settings, probably do this outside of StorePayloads
-	return nil
-}
-
-func (pm *PayloadMarshaller) validateKeys(password string) error {
-	for _, key := range pm.keys {
-		k, err := keystore.DecryptKey(key, password)
-		if err != nil {
-			return err
-		}
-
-		err = generator.ValidateKeystoreExtendedKey(k)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (pm *PayloadMarshaller) storeKeys(keyStorePath string) error {
-	for name, data := range pm.keys {
-		accountKey := new(keystore.EncryptedKeyJSONV3)
-		if err := json.Unmarshal(data, &accountKey); err != nil {
-			return fmt.Errorf("failed to read key file: %s", err)
-		}
-
-		if len(accountKey.Address) != 40 {
-			return fmt.Errorf("account key address has invalid length '%s'", accountKey.Address)
-		}
-
-		err := ioutil.WriteFile(filepath.Join(keyStorePath, name), data, 0600)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (pm *PayloadMarshaller) storeMultiAccount() error {
-	return pm.multiaccountDB.SaveAccount(*pm.multiaccount)
-}
-
-func (pm *PayloadMarshaller) MarshalToProtobuf() ([]byte, error) {
+func (ppm *PairingPayloadMarshaller) MarshalToProtobuf() ([]byte, error) {
 	return proto.Marshal(&protobuf.LocalPairingPayload{
-		Keys:         pm.accountKeysToProtobuf(),
-		Multiaccount: pm.multiaccountToProtobuf(),
-		Password:     pm.password,
+		Keys:         ppm.accountKeysToProtobuf(),
+		Multiaccount: ppm.multiaccountToProtobuf(),
+		Password:     ppm.password,
 	})
 }

-func (pm *PayloadMarshaller) accountKeysToProtobuf() []*protobuf.LocalPairingPayload_Key {
+func (ppm *PairingPayloadMarshaller) accountKeysToProtobuf() []*protobuf.LocalPairingPayload_Key {
 	var keys []*protobuf.LocalPairingPayload_Key
-	for name, data := range pm.keys {
+	for name, data := range ppm.keys {
 		keys = append(keys, &protobuf.LocalPairingPayload_Key{Name: name, Data: data})
 	}
 	return keys
 }

-func (pm *PayloadMarshaller) multiaccountToProtobuf() *protobuf.MultiAccount {
+func (ppm *PairingPayloadMarshaller) multiaccountToProtobuf() *protobuf.MultiAccount {
 	var colourHashes []*protobuf.MultiAccount_ColourHash
-	for _, index := range pm.multiaccount.ColorHash {
+	for _, index := range ppm.multiaccount.ColorHash {
 		var i []int64
 		for _, is := range index {
 			i = append(i, int64(is))
@ -229,7 +143,7 @@ func (pm *PayloadMarshaller) multiaccountToProtobuf() *protobuf.MultiAccount {
 	}

 	var identityImages []*protobuf.MultiAccount_IdentityImage
-	for _, ii := range pm.multiaccount.Images {
+	for _, ii := range ppm.multiaccount.Images {
 		identityImages = append(identityImages, &protobuf.MultiAccount_IdentityImage{
 			KeyUid:       ii.KeyUID,
 			Name:         ii.Name,
@ -243,41 +157,41 @@ func (pm *PayloadMarshaller) multiaccountToProtobuf() *protobuf.MultiAccount {
 	}

 	return &protobuf.MultiAccount{
-		Name:           pm.multiaccount.Name,
-		Timestamp:      pm.multiaccount.Timestamp,
-		Identicon:      pm.multiaccount.Identicon,
+		Name:           ppm.multiaccount.Name,
+		Timestamp:      ppm.multiaccount.Timestamp,
+		Identicon:      ppm.multiaccount.Identicon,
 		ColorHash:      colourHashes,
-		ColorId:        pm.multiaccount.ColorID,
-		KeycardPairing: pm.multiaccount.KeycardPairing,
-		KeyUid:         pm.multiaccount.KeyUID,
+		ColorId:        ppm.multiaccount.ColorID,
+		KeycardPairing: ppm.multiaccount.KeycardPairing,
+		KeyUid:         ppm.multiaccount.KeyUID,
 		Images:         identityImages,
 	}
 }

-func (pm *PayloadMarshaller) UnmarshalProtobuf(data []byte) error {
+func (ppm *PairingPayloadMarshaller) UnmarshalProtobuf(data []byte) error {
 	pb := new(protobuf.LocalPairingPayload)
 	err := proto.Unmarshal(data, pb)
 	if err != nil {
 		return err
 	}

-	pm.accountKeysFromProtobuf(pb.Keys)
-	pm.multiaccountFromProtobuf(pb.Multiaccount)
-	pm.password = pb.Password
+	ppm.accountKeysFromProtobuf(pb.Keys)
+	ppm.multiaccountFromProtobuf(pb.Multiaccount)
+	ppm.password = pb.Password
 	return nil
 }

-func (pm *PayloadMarshaller) accountKeysFromProtobuf(pbKeys []*protobuf.LocalPairingPayload_Key) {
-	if pm.keys == nil {
-		pm.keys = make(map[string][]byte)
+func (ppm *PairingPayloadMarshaller) accountKeysFromProtobuf(pbKeys []*protobuf.LocalPairingPayload_Key) {
+	if ppm.keys == nil {
+		ppm.keys = make(map[string][]byte)
 	}

 	for _, key := range pbKeys {
-		pm.keys[key.Name] = key.Data
+		ppm.keys[key.Name] = key.Data
 	}
 }

-func (pm *PayloadMarshaller) multiaccountFromProtobuf(pbMultiAccount *protobuf.MultiAccount) {
+func (ppm *PairingPayloadMarshaller) multiaccountFromProtobuf(pbMultiAccount *protobuf.MultiAccount) {
 	var colourHash [][]int
 	for _, index := range pbMultiAccount.ColorHash {
 		var i []int
@ -302,7 +216,7 @@ func (pm *PayloadMarshaller) multiaccountFromProtobuf(pbMultiAccount *protobuf.M
 		})
 	}

-	pm.multiaccount = &multiaccounts.Account{
+	ppm.multiaccount = &multiaccounts.Account{
 		Name:           pbMultiAccount.Name,
 		Timestamp:      pbMultiAccount.Timestamp,
 		Identicon:      pbMultiAccount.Identicon,
@ -313,3 +227,139 @@ func (pm *PayloadMarshaller) multiaccountFromProtobuf(pbMultiAccount *protobuf.M
 		Images:         identityImages,
 	}
 }
+
+// PairingPayloadRepository is responsible for loading, parsing, validating and storing PairingServer payload data
+type PairingPayloadRepository struct {
+	*PairingPayload
+
+	multiaccountsDB *multiaccounts.Database
+}
+
+func NewPairingPayloadRepository(db *multiaccounts.Database) *PairingPayloadRepository {
+	return &PairingPayloadRepository{
+		PairingPayload:  new(PairingPayload),
+		multiaccountsDB: db,
+	}
+}
+
+func (ppr *PairingPayloadRepository) Load(payload *PairingPayload) {
+	ppr.PairingPayload = payload
+}
+
+func (ppr *PairingPayloadRepository) LoadFromSource(keystorePath, keyUID, password string) error {
+	err := ppr.loadKeys(keystorePath)
+	if err != nil {
+		return err
+	}
+
+	err = ppr.validateKeys(password)
+	if err != nil {
+		return err
+	}
+
+	ppr.multiaccount, err = ppr.multiaccountsDB.GetAccount(keyUID)
+	if err != nil {
+		return err
+	}
+	ppr.password = password
+
+	return nil
+}
+
+func (ppr *PairingPayloadRepository) loadKeys(keyStorePath string) error {
+	ppr.keys = make(map[string][]byte)
+
+	fileWalker := func(path string, fileInfo os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+
+		if fileInfo.IsDir() || filepath.Dir(path) != keyStorePath {
+			return nil
+		}
+
+		rawKeyFile, err := ioutil.ReadFile(path)
+		if err != nil {
+			return fmt.Errorf("invalid account key file: %v", err)
+		}
+
+		accountKey := new(keystore.EncryptedKeyJSONV3)
+		if err := json.Unmarshal(rawKeyFile, &accountKey); err != nil {
+			return fmt.Errorf("failed to read key file: %s", err)
+		}
+
+		if len(accountKey.Address) != 40 {
+			return fmt.Errorf("account key address has invalid length '%s'", accountKey.Address)
+		}
+
+		ppr.keys[fileInfo.Name()] = rawKeyFile
+
+		return nil
+	}
+
+	err := filepath.Walk(keyStorePath, fileWalker)
+	if err != nil {
+		return fmt.Errorf("cannot traverse key store folder: %v", err)
+	}
+
+	return nil
+}
+
+func (ppr *PairingPayloadRepository) StoreToSource(keystorePath, password string) error {
+	err := ppr.validateKeys(password)
+	if err != nil {
+		return err
+	}
+
+	err = ppr.storeKeys(keystorePath)
+	if err != nil {
+		return err
+	}
+
+	err = ppr.storeMultiAccount()
+	if err != nil {
+		return err
+	}
+
+	// TODO install PublicKey into settings, probably do this outside of StoreToSource
+	return nil
+}
+
+func (ppr *PairingPayloadRepository) validateKeys(password string) error {
+	for _, key := range ppr.keys {
+		k, err := keystore.DecryptKey(key, password)
+		if err != nil {
+			return err
+		}
+
+		err = generator.ValidateKeystoreExtendedKey(k)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (ppr *PairingPayloadRepository) storeKeys(keyStorePath string) error {
+	for name, data := range ppr.keys {
+		accountKey := new(keystore.EncryptedKeyJSONV3)
+		if err := json.Unmarshal(data, &accountKey); err != nil {
+			return fmt.Errorf("failed to read key file: %s", err)
+		}
+
+		if len(accountKey.Address) != 40 {
+			return fmt.Errorf("account key address has invalid length '%s'", accountKey.Address)
+		}
+
+		err := ioutil.WriteFile(filepath.Join(keyStorePath, name), data, 0600)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (ppr *PairingPayloadRepository) storeMultiAccount() error {
+	return ppr.multiaccountsDB.SaveAccount(*ppr.multiaccount)
+}
--- a/server/payload_manager_test.go
+++ b/server/payload_manager_test.go
@ -127,10 +127,12 @@ func (pms *PayloadMarshallerSuite) TearDownTest() {
 }

 func (pms *PayloadMarshallerSuite) TestPayloadMarshaller_LoadPayloads() {
-	pm := NewPayloadMarshaller(pms.db1)
-	err := pm.LoadPayloads(pms.keystore1, keyUID, password)
+	// Make and LoadFromSource PairingPayloadRepository 1
+	pm := NewPairingPayloadRepository(pms.db1)
+	err := pm.LoadFromSource(pms.keystore1, keyUID, password)
 	pms.Require().NoError(err)

+	// TEST PairingPayloadRepository 1 LoadFromSource()
 	pms.Require().Len(pm.keys, 2)
 	pms.Require().Len(pm.keys[utils.GetAccount1PKFile()], 489)
 	pms.Require().Len(pm.keys[utils.GetAccount2PKFile()], 489)
@ -155,11 +157,17 @@ func (pms *PayloadMarshallerSuite) TestPayloadMarshaller_LoadPayloads() {
 }

 func (pms *PayloadMarshallerSuite) TestPayloadMarshaller_MarshalToProtobuf() {
-	pm := NewPayloadMarshaller(pms.db1)
-	err := pm.LoadPayloads(pms.keystore1, keyUID, password)
+	// Make and LoadFromSource PairingPayloadRepository 1
+	ppr := NewPairingPayloadRepository(pms.db1)
+	err := ppr.LoadFromSource(pms.keystore1, keyUID, password)
 	pms.Require().NoError(err)

-	pb, err := pm.MarshalToProtobuf()
+	// Make and Load PairingPayloadMarshaller 1
+	ppm := NewPairingPayloadMarshaller()
+	ppm.Load(ppr.PairingPayload)
+
+	// TEST PairingPayloadMarshaller 1 MarshalToProtobuf()
+	pb, err := ppm.MarshalToProtobuf()
 	pms.Require().NoError(err)
 	pms.Require().Len(pb, 1216)

@ -169,60 +177,80 @@ func (pms *PayloadMarshallerSuite) TestPayloadMarshaller_MarshalToProtobuf() {
 }

 func (pms *PayloadMarshallerSuite) TestPayloadMarshaller_UnmarshalProtobuf() {
-	pm := NewPayloadMarshaller(pms.db1)
-	err := pm.LoadPayloads(pms.keystore1, keyUID, password)
+	// Make and LoadFromSource PairingPayloadRepository 1
+	ppr := NewPairingPayloadRepository(pms.db1)
+	err := ppr.LoadFromSource(pms.keystore1, keyUID, password)
 	pms.Require().NoError(err)

-	pb, err := pm.MarshalToProtobuf()
+	// Make and Load PairingPayloadMarshaller 1
+	ppm := NewPairingPayloadMarshaller()
+	ppm.Load(ppr.PairingPayload)
+
+	pb, err := ppm.MarshalToProtobuf()
 	pms.Require().NoError(err)

-	pm2 := NewPayloadMarshaller(pms.db1)
-	pms.Require().Nil(pm2.keys)
-	pms.Require().Nil(pm2.multiaccount)
-	pms.Require().Empty(pm2.password)
+	// Make PairingPayloadMarshaller 2
+	ppm2 := NewPairingPayloadMarshaller()

-	err = pm2.UnmarshalProtobuf(pb)
+	// TEST PairingPayloadMarshaller 2 is empty
+	pms.Require().Nil(ppm2.keys)
+	pms.Require().Nil(ppm2.multiaccount)
+	pms.Require().Empty(ppm2.password)
+
+	// TEST PairingPayloadMarshaller 2 UnmarshalProtobuf()
+	err = ppm2.UnmarshalProtobuf(pb)
 	pms.Require().NoError(err)

-	pms.Require().Len(pm2.keys, 2)
-	pms.Require().Len(pm2.keys[utils.GetAccount1PKFile()], 489)
-	pms.Require().Len(pm2.keys[utils.GetAccount2PKFile()], 489)
+	pms.Require().Len(ppm2.keys, 2)
+	pms.Require().Len(ppm2.keys[utils.GetAccount1PKFile()], 489)
+	pms.Require().Len(ppm2.keys[utils.GetAccount2PKFile()], 489)

 	h1 := sha256.New()
-	h1.Write(pm2.keys[utils.GetAccount1PKFile()])
+	h1.Write(ppm2.keys[utils.GetAccount1PKFile()])
 	pms.Require().Exactly(account1Hash, h1.Sum(nil))

 	h2 := sha256.New()
-	h2.Write(pm2.keys[utils.GetAccount2PKFile()])
+	h2.Write(ppm2.keys[utils.GetAccount2PKFile()])
 	pms.Require().Exactly(account2Hash, h2.Sum(nil))

-	pms.Require().Exactly(expected.ColorHash, pm2.multiaccount.ColorHash)
-	pms.Require().Exactly(expected.ColorID, pm2.multiaccount.ColorID)
-	pms.Require().Exactly(expected.Identicon, pm2.multiaccount.Identicon)
-	pms.Require().Exactly(expected.KeycardPairing, pm2.multiaccount.KeycardPairing)
-	pms.Require().Exactly(expected.KeyUID, pm2.multiaccount.KeyUID)
-	pms.Require().Exactly(expected.Name, pm2.multiaccount.Name)
-	pms.Require().Exactly(expected.Timestamp, pm2.multiaccount.Timestamp)
-	pms.Require().Len(pm2.multiaccount.Images, 2)
-	pms.Require().Equal(password, pm2.password)
+	pms.Require().Exactly(expected.ColorHash, ppm2.multiaccount.ColorHash)
+	pms.Require().Exactly(expected.ColorID, ppm2.multiaccount.ColorID)
+	pms.Require().Exactly(expected.Identicon, ppm2.multiaccount.Identicon)
+	pms.Require().Exactly(expected.KeycardPairing, ppm2.multiaccount.KeycardPairing)
+	pms.Require().Exactly(expected.KeyUID, ppm2.multiaccount.KeyUID)
+	pms.Require().Exactly(expected.Name, ppm2.multiaccount.Name)
+	pms.Require().Exactly(expected.Timestamp, ppm2.multiaccount.Timestamp)
+	pms.Require().Len(ppm2.multiaccount.Images, 2)
+	pms.Require().Equal(password, ppm2.password)
 }

 func (pms *PayloadMarshallerSuite) TestPayloadMarshaller_StorePayloads() {
-	pm := NewPayloadMarshaller(pms.db1)
-	err := pm.LoadPayloads(pms.keystore1, keyUID, password)
+	// Make and LoadFromSource PairingPayloadRepository 1
+	ppr := NewPairingPayloadRepository(pms.db1)
+	err := ppr.LoadFromSource(pms.keystore1, keyUID, password)
 	pms.Require().NoError(err)

-	pb, err := pm.MarshalToProtobuf()
+	// Make and Load PairingPayloadMarshaller 1
+	ppm := NewPairingPayloadMarshaller()
+	ppm.Load(ppr.PairingPayload)
+
+	pb, err := ppm.MarshalToProtobuf()
 	pms.Require().NoError(err)

-	pm2 := NewPayloadMarshaller(pms.db2)
+	// Make PairingPayloadMarshaller 2
+	ppm2 := NewPairingPayloadMarshaller()

-	err = pm2.UnmarshalProtobuf(pb)
+	err = ppm2.UnmarshalProtobuf(pb)
 	pms.Require().NoError(err)

-	err = pm2.StorePayloads(pms.keystore2, password)
+	// Make and Load PairingPayloadRepository 2
+	ppr2 := NewPairingPayloadRepository(pms.db2)
+	ppr2.Load(ppm2.PairingPayload)
+
+	err = ppr2.StoreToSource(pms.keystore2, password)
 	pms.Require().NoError(err)

+	// TEST PairingPayloadRepository 2 StoreToSource()
 	keys := getFiles(pms.T(), pms.keystore2)

 	pms.Require().Len(keys, 2)
--- a/server/server_pairing.go
+++ b/server/server_pairing.go
@ -5,6 +5,8 @@ import (
 	"crypto/tls"
 	"fmt"
 	"net"
+
+	"github.com/status-im/status-go/multiaccounts"
 )

 type PairingServer struct {
@ -12,7 +14,7 @@ type PairingServer struct {

 	pk      *ecdsa.PrivateKey
 	mode    Mode
-	payload *PayloadManager
+	payload *PairingPayloadManager
 }

 type Config struct {
@ -23,8 +25,8 @@ type Config struct {
 }

 // NewPairingServer returns a *PairingServer init from the given *Config
-func NewPairingServer(config *Config) (*PairingServer, error) {
-	pm, err := NewPayloadManager(config.PK)
+func NewPairingServer(config *Config, db *multiaccounts.Database) (*PairingServer, error) {
+	pm, err := NewPairingPayloadManager(config.PK, db)
 	if err != nil {
 		return nil, err
 	}
@ -67,7 +69,7 @@ func (s *PairingServer) MakeConnectionParams() (*ConnectionParams, error) {
 }

 func (s *PairingServer) MountPayload(data []byte) error {
-	return s.payload.Mount(data)
+	return s.payload.pem.Mount(data)
 }

 func (s *PairingServer) StartPairing() error {
--- a/server/server_pairing_test.go
+++ b/server/server_pairing_test.go
@ -57,7 +57,7 @@ func (s *PairingServerSuite) TestPairingServer_StartPairing() {
 		err = ccp.FromString(qr)
 		s.Require().NoError(err)

-		c, err := NewPairingClient(ccp)
+		c, err := NewPairingClient(ccp, nil)
 		s.Require().NoError(err)

 		if m == Receiving {
@ -70,18 +70,18 @@ func (s *PairingServerSuite) TestPairingServer_StartPairing() {

 		switch m {
 		case Receiving:
-			s.Require().Equal(data, s.PS.payload.Received())
-			s.Require().Equal(s.PS.payload.received.encrypted, c.payload.toSend.encrypted)
-			s.Require().Nil(s.PS.payload.ToSend())
-			s.Require().Nil(c.payload.Received())
+			s.Require().Equal(data, s.PS.payload.pem.Received())
+			s.Require().Equal(s.PS.payload.pem.received.encrypted, c.payload.pem.toSend.encrypted)
+			s.Require().Nil(s.PS.payload.pem.ToSend())
+			s.Require().Nil(c.payload.pem.Received())
 		case Sending:
-			s.Require().Equal(c.payload.Received(), data)
-			s.Require().Equal(c.payload.received.encrypted, s.PS.payload.toSend.encrypted)
-			s.Require().Nil(c.payload.ToSend())
-			s.Require().Nil(s.PS.payload.Received())
+			s.Require().Equal(c.payload.pem.Received(), data)
+			s.Require().Equal(c.payload.pem.received.encrypted, s.PS.payload.pem.toSend.encrypted)
+			s.Require().Nil(c.payload.pem.ToSend())
+			s.Require().Nil(s.PS.payload.pem.Received())
 		}

-		// Reset the server's PayloadManager
-		s.PS.payload.ResetPayload()
+		// Reset the server's PayloadEncryptionManager
+		s.PS.payload.pem.ResetPayload()
 	}
 }