-
-
Notifications
You must be signed in to change notification settings - Fork 282
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: synchronize keys between validator client and external signer #6672
Merged
Merged
Changes from 5 commits
Commits
Show all changes
17 commits
Select commit
Hold shift + click to select a range
d63adce
Synchronize keys between validator client and external signer
nflaig a422e59
More consistent logs and naming
nflaig d89d2ce
Improve consistency of using external vs. remote signer wording
nflaig fe66111
Simplify function parameters
nflaig 0091ead
Add unit tests for external signer sync
nflaig 99112ab
Update no keys found error message
nflaig 70b92ff
Ensure fetched pubkeys are properly validated
nflaig b4dccd9
Use arrow functions to define tests
nflaig 064d561
Update logs for added / removed public keys
nflaig bbd695b
Properly define external signer options type
nflaig ec59efb
Simplify added / removed info logs
nflaig 018c514
Move no signers warning logs / errors out of handler
nflaig c6be4bf
Update comment wording
nflaig 836c875
Add external signer docs page
nflaig 7cda41d
Fix spellcheck
nflaig 28e90d0
Merge branch 'unstable' into nflaig/external-signer-sync
nflaig fa78e38
Clarify to use pubkeys flag instead of fetch
nflaig File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -58,6 +58,7 @@ export type IValidatorCliArgs = AccountValidatorArgs & | |
"externalSigner.url"?: string; | ||
"externalSigner.pubkeys"?: string[]; | ||
"externalSigner.fetch"?: boolean; | ||
"externalSigner.fetchInterval"?: number; | ||
|
||
distributed?: boolean; | ||
|
||
|
@@ -303,15 +304,16 @@ export const validatorOptions: CliCommandOptions<IValidatorCliArgs> = { | |
type: "boolean", | ||
}, | ||
|
||
// Remote signer | ||
// External signer | ||
nflaig marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
"externalSigner.url": { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We could consider supporting multiple external signers in the future, our implementation can easily be adjusted to support this but I think it's better to not include it in this PR. Opened an issue to keep track of it and for further discussion #6679. |
||
description: "URL to connect to an external signing server", | ||
type: "string", | ||
group: "externalSignerUrl", | ||
group: "externalSigner", | ||
}, | ||
|
||
"externalSigner.pubkeys": { | ||
implies: ["externalSigner.url"], | ||
description: | ||
"List of validator public keys used by an external signer. May also provide a single string of comma-separated public keys", | ||
type: "array", | ||
|
@@ -322,15 +324,24 @@ export const validatorOptions: CliCommandOptions<IValidatorCliArgs> = { | |
.map((item) => item.split(",")) | ||
.flat(1) | ||
.map(ensure0xPrefix), | ||
group: "externalSignerUrl", | ||
group: "externalSigner", | ||
}, | ||
|
||
"externalSigner.fetch": { | ||
implies: ["externalSigner.url"], | ||
conflicts: ["externalSigner.pubkeys"], | ||
description: | ||
"Fetch the list of public keys to validate from an external signer. Cannot be used in combination with `--externalSigner.pubkeys`", | ||
type: "boolean", | ||
group: "externalSignerUrl", | ||
group: "externalSigner", | ||
}, | ||
|
||
"externalSigner.fetchInterval": { | ||
implies: ["externalSigner.fetch"], | ||
description: | ||
"Interval in milliseconds between fetching the list of public keys from external signer, once per epoch by default", | ||
type: "number", | ||
group: "externalSigner", | ||
}, | ||
|
||
// Distributed validator | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
import bls from "@chainsafe/bls"; | ||
import {CoordType} from "@chainsafe/bls/types"; | ||
import {fromHexString} from "@chainsafe/ssz"; | ||
import {ChainForkConfig} from "@lodestar/config"; | ||
import {SLOTS_PER_EPOCH} from "@lodestar/params"; | ||
import {toSafePrintableUrl} from "@lodestar/utils"; | ||
|
||
import {LoggerVc} from "../util/index.js"; | ||
import {externalSignerGetKeys} from "../util/externalSignerClient.js"; | ||
import {ValidatorOptions} from "../validator.js"; | ||
import {SignerType, ValidatorStore} from "./validatorStore.js"; | ||
|
||
/** | ||
* This service is responsible for keeping the keys managed by the connected | ||
* external signer and the validator client in sync by adding newly discovered keys | ||
* and removing no longer present keys on external signer from the validator store. | ||
*/ | ||
export function pollExternalSignerPubkeys( | ||
config: ChainForkConfig, | ||
logger: LoggerVc, | ||
signal: AbortSignal, | ||
validatorStore: ValidatorStore, | ||
opts: ValidatorOptions["externalSigner"] | ||
): void { | ||
const externalSigner = opts ?? {}; | ||
|
||
if (!externalSigner.url || !externalSigner.fetch) { | ||
return; // Disabled | ||
} | ||
|
||
async function fetchExternalSignerPubkeys(): Promise<void> { | ||
// External signer URL is already validated earlier | ||
const externalSignerUrl = externalSigner.url as string; | ||
const printableUrl = toSafePrintableUrl(externalSignerUrl); | ||
|
||
try { | ||
logger.debug("Fetching public keys from external signer", {url: printableUrl}); | ||
const externalPubkeys = await externalSignerGetKeys(externalSignerUrl); | ||
assertValidPubkeysHex(externalPubkeys); | ||
logger.debug("Received public keys from external signer", {url: printableUrl, count: externalPubkeys.length}); | ||
|
||
const localPubkeys = validatorStore.getRemoteSignerPubkeys(externalSignerUrl); | ||
logger.debug("Local public keys stored for external signer", {url: printableUrl, count: localPubkeys.length}); | ||
|
||
const localPubkeysSet = new Set(localPubkeys); | ||
for (const pubkey of externalPubkeys) { | ||
if (!localPubkeysSet.has(pubkey)) { | ||
await validatorStore.addSigner({type: SignerType.Remote, pubkey, url: externalSignerUrl}); | ||
logger.info("Added remote signer for newly discovered public key", {url: printableUrl, pubkey}); | ||
} | ||
} | ||
|
||
const externalPubkeysSet = new Set(externalPubkeys); | ||
for (const pubkey of localPubkeys) { | ||
if (!externalPubkeysSet.has(pubkey)) { | ||
validatorStore.removeSigner(pubkey); | ||
logger.info("Removed remote signer for no longer present public key", {url: printableUrl, pubkey}); | ||
} | ||
} | ||
} catch (e) { | ||
logger.error("Failed to fetch public keys from external signer", {url: printableUrl}, e as Error); | ||
} | ||
} | ||
|
||
const interval = setInterval( | ||
fetchExternalSignerPubkeys, | ||
externalSigner?.fetchInterval ?? | ||
// Once per epoch by default | ||
SLOTS_PER_EPOCH * config.SECONDS_PER_SLOT * 1000 | ||
); | ||
signal.addEventListener("abort", () => clearInterval(interval), {once: true}); | ||
} | ||
|
||
function assertValidPubkeysHex(pubkeysHex: string[]): void { | ||
for (const pubkeyHex of pubkeysHex) { | ||
const pubkeyBytes = fromHexString(pubkeyHex); | ||
bls.PublicKey.fromBytes(pubkeyBytes, CoordType.jacobian, true); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried to make the wording a bit more consistent within the code, and also few logs. We generally use the term "external signer" to describe an external/(remote) server that handles the signing operations for a specific public key. Whereas the term "remote signer" is also used to describe a remote signer in the local validator store.