From 79f4cfac2e991f46fc6b80627c6f2cf39876374f Mon Sep 17 00:00:00 2001
From: Guillaume Ballet <gballet@gmail.com>
Date: Tue, 2 Apr 2019 19:28:24 +0200
Subject: [PATCH] refuse to overwrite the master key of a previously
 initialized card

---
 accounts/scwallet/wallet.go | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/accounts/scwallet/wallet.go b/accounts/scwallet/wallet.go
index 82ba4b3af..0533d0599 100644
--- a/accounts/scwallet/wallet.go
+++ b/accounts/scwallet/wallet.go
@@ -589,9 +589,8 @@ func (w *Wallet) Contains(account accounts.Account) bool {
 
 // Initialize installs a keypair generated from the provided key into the wallet.
 func (w *Wallet) Initialize(seed []byte) error {
-	w.lock.Lock()
-	defer w.lock.Unlock()
-
+	// DO NOT lock at this stage, as the initialize
+	// function relies on Status()
 	return w.session.initialize(seed)
 }
 
@@ -877,6 +876,19 @@ type initializeData struct {
 
 // initialize initializes the card with new key data.
 func (s *Session) initialize(seed []byte) error {
+	// Check that the wallet isn't currently initialized,
+	// otherwise the key would be overwritten.
+	status, err := s.Wallet.Status()
+	if err != nil {
+		return err
+	}
+	if status == "Online" {
+		return fmt.Errorf("card is already initialized, cowardly refusing to proceed")
+	}
+
+	s.Wallet.lock.Lock()
+	defer s.Wallet.lock.Unlock()
+
 	// HMAC the seed to produce the private key and chain code
 	mac := hmac.New(sha512.New, []byte("Bitcoin seed"))
 	mac.Write(seed)
-- 
GitLab