From 2402759c43b4c05300fd22d34735854e65100d57 Mon Sep 17 00:00:00 2001 From: dholms Date: Thu, 22 Feb 2024 15:53:21 -0600 Subject: [PATCH] add recovery key to migration script --- ACCOUNT_MIGRATION.md | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/ACCOUNT_MIGRATION.md b/ACCOUNT_MIGRATION.md index 6c5dfa0..6871559 100644 --- a/ACCOUNT_MIGRATION.md +++ b/ACCOUNT_MIGRATION.md @@ -73,6 +73,8 @@ It does also not handle some of the more advanced steps such as verifying a full ```ts import AtpAgent from '@atproto/api' +import { Secp256k1Keypair } from '@atproto/crypto' +import * as ui8 from 'uint8arrays' const OLD_PDS_URL = 'https://bsky.social' const NEW_PDS_URL = 'https://example.com' @@ -158,19 +160,35 @@ const migrateAccount = async () => { // Migrate Identity // ------------------ + const recoveryKey = await Secp256k1Keypair.create({ exportable: true }) + const privateKeyBytes = await recoveryKey.export() + const privateKey = ui8.toString(privateKeyBytes, 'hex') + await oldAgent.com.atproto.identity.requestPlcOperationSignature() const getDidCredentials = await newAgent.com.atproto.identity.getRecommendedDidCredentials() + const rotationKeys = getDidCredentials.data.rotationKeys ?? [] + if (!rotationKeys) { + throw new Error('No rotation key provided') + } + const credentials = { + ...getDidCredentials.data, + rotationKeys: [recoveryKey.did(), ...rotationKeys], + } // @NOTE, this token will need to come from the email from the previous step const TOKEN = '' const plcOp = await oldAgent.com.atproto.identity.signPlcOperation({ token: TOKEN, - ...getDidCredentials.data, + ...credentials, }) + console.log( + `❗ Your private recovery key is: ${privateKey}. Please store this in a secure location! ❗`, + ) + await newAgent.com.atproto.identity.submitPlcOperation({ operation: plcOp.data.operation, }) @@ -181,4 +199,5 @@ const migrateAccount = async () => { await newAgent.com.atproto.server.activateAccount() await oldAgent.com.atproto.server.deactivateAccount({}) } + ``` \ No newline at end of file