keyring's encrypted file backend integration

[alessio]

Add encrypted file support to keyring implementation.

• Linked to github-issue with discussion and accepted design OR link to spec that describes this work.
• Wrote tests
• Updated relevant documentation (docs/)
• Added a relevant changelog entry to the Unreleased section in CHANGELOG.md
• Re-reviewed Files changed in the github PR explorer

---

For Admin Use:

• Added appropriate labels to PR (ex. wip, ready-for-review, docs)
• Reviewers Assigned
• Squashed all commits, uses message "Merge pull request #XYZ: [title]" (coding standards)

[jackzampolin]

If users use the keyring-file option, can they avoid password entry?

[alessio]

@jackzampolin no, absolutely not. If users want to avoid inputting password at all they should use the test keyring, i.e. export COSMOS_SDK_TEST_KEYRING = y would do it

[fedekunze]

changes LGTM. I'd like to add the comment you posted on slack somewhere:

Same impl as test keyring w/ the difference that when you export COSMOS_SDK_TEST_KEYRING you enable an on-file, passwordless keyring (for testing only).
If you pass the --keyring-file option to gaiacli (or you set the opt to true in the config file), then you get a CLI only-based keyring. It uses the same backend as the test keyring, though files are stored under a different directory (you don't want to mix&match test keyring keys AND encrypted keyring keys).

[codecov]

Codecov Report

Merging #5355 into master will increase coverage by 0.03%.
The diff coverage is 68.75%.

@@            Coverage Diff             @@
##           master    #5355      +/-   ##
==========================================
+ Coverage    54.5%   54.53%   +0.03%     
==========================================
  Files         311      311              
  Lines       18721    18740      +19     
==========================================
+ Hits        10203    10219      +16     
- Misses       7740     7741       +1     
- Partials      778      780       +2

Impacted Files	Coverage Δ
client/keys/import.go	68.42% <100%> (-1.58%)	⬇️
client/config.go	46.25% <100%> (ø)	⬆️
client/keys/root.go	100% <100%> (ø)	⬆️
client/keys/export.go	65.21% <100%> (-1.45%)	⬇️
client/keys/utils.go	48.61% <62.5%> (+3.15%)	⬆️
crypto/keys/keyring.go	45.55% <63.15%> (+1.89%)	⬆️
client/keys/add.go	39.35% <0%> (ø)	⬆️

[alexanderbez]

Can you open an accompanying PR on Gaia that points to this branch so that I can test this out please?

[alessio]

@alexanderbez cosmos/gaia#212

[alessio]

After having a conversation with @jackzampolin, I think it makes more sense and is overall more secure to replace the COSMOS_SDK_TEST_KEYRING environment variable with a command line flag/client's config file option. So please do not merge this for now.

[alessio]

This is now ready for review again. The feature can be tested on gaia via cosmos/gaia#212

[alexanderbez]

ACK. @alessio, I really do think it would be great if we had a README.md under crypto/keys that outlines what the Keybase is, what the Keyring is and the different modes and their details (e.g. where is key material persisted, how is it managed, etc..).

[alessio]

Great idea @alexanderbez, I just added a README.md under crypto/keys. @fedekunze please have a look!

[alexanderbez]

Is this true? I believed MemDB to be a true in-memory map db -- no LevelDB involved. I could be wrong here though.

[alessio]

You're definitely right, just double checked. Will amend accordingly, thanks

[alessio]

6b3b8f3

[alexanderbez]

We should state where NewKeyringFile stores key material on disk (i.e. the default path).

[alessio]

afbb163

[alexanderbez]

ACK