-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New STM registration procedure #433
Conversation
Unit Test Results 7 files ±0 24 suites ±0 2m 6s ⏱️ -13s Results for commit d49cdb4. ± Comparison against base commit 329d6fa. This pull request removes 2 and adds 5 tests. Note that renamed tests count towards both.
♻️ This comment has been updated with latest results. |
64ded8a
to
a5f00ca
Compare
be47ea5
to
941fef2
Compare
4ab3306
to
9f52d6e
Compare
91cd855
to
e6dcad3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@iquerejeta here are the 3 modifications we talked about while pairing 👍
2d59fef
to
3828b56
Compare
b047f75
to
83eeb95
Compare
Add a 'Verified Signer' badge for certified signers.
Following update of arguments precedence in #511
To avoid 'warning: very complex type used. Consider factoring parts into definitions' clippy warning.
The KES Period previously used when registering to Aggregator would have evolved when verified by Signer. Instead store the KES Period with the other signer material at first. In a different commit, the KES Period will be enforced within a valid range given an epoch.
And some other enahncements seen during peer reviewing.
This help gracefully handle the operational certificate information returned by cardano cli, that can be on multiple lines (number of lines may vary). Now, we scan the output and retrieve the JSON part from the first occurrence of '{'.
And replace its name with 'PartyIdNonExisting'. Indeed, this error does not belong to the core libray that is Cardano agnostic.
This flag is required for test only functions that are used outside of 'mithril-common'. It should be activated exclusively on the 'dev-dependencies' configuration block of the crates.
Each type reflects now the native type it encodes.
To decide at a higher level if key certification is enabled.
6c6dbdf
to
30ffa3c
Compare
use blake2::{digest::consts::U32, Blake2b}; | ||
use ed25519_dalek; | ||
use mithril::key_reg::KeyReg; | ||
use crate::crypto_helper::cardano::{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Parameter names are getting longer since we have a lot of resembling parameters. However, it sometimes gets confusing to track the code and decide which is which. I don't think we should change the names, but maybe the parameter documentation should give a little more detail.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Replace the 'rust:buster' with 'ubuntu:latest' for building image. This allows to not rely on libssl1.1 anymore.
Co-authored-by: curiecrypt <36852463+curiecrypt@users.noreply.github.com>
Use 'ubuntu:22.04' instead of 'ubuntu:latest'.
Content
This PR implements the new registration procedure and closes #301 and closes #384 . When a registration procedure is initialised, we have to give as input the cardano stake distribution, which is a set of pairs
(PoolId, Stake)
. This would be the stake distribution of all SPOs, and not only the mithril nodes. Then, when an SPO wants to register as a Mithril node, it must provide:To this end, this PR introduces the
OpCert
structure, which contains the KES verification key and a signature using the cold key. There certainly is more fields, but we can complete than once we know which fields a OpCert has. The registration procedure takes as input the raw cbor bytes of theOpCert
and parses them to extract the required data. Then, it can verify the validity ofOpCert
, check that the hash of the cold VK (i.e. the PoolId) is indeed in the stake distribution of cardano, verify the KES signature of the mithril key, and finally verify the validity of the Mithril key.Wrappers over mithril-core
To avoid making mithril-core Cardano specific, while maintaining its usage in the mithril project, we write wrappers over certain structures to enforce Cardano specific requirements. In particular:
StmInitializeWrapper
: With this wrapper we enforce the usage of a KES key and period during the setup. This allows the initialiser to produce a KES signature of the mithril verification key.KeyRegWrapper
: The registration wrapper enforces an initialisation with cardano's stake distribution (poolID and stake). Similarly, it enforces that when a party is registering it needs to submit the poolID, the OpCert and the KES sig and period. This allows the registrar to check that the registering party is indeed who it claims to be.A few things remaining in this PR:
Aggregator/Signer Hybrid Registration implementation
KES Secret Key
andOperational Certificate
KES Period
requester inside theChain Observer
Certified
andLegacy
to allow for smooth transition (no breaking changes)test_only
feature for them)devnet
test lab
and make it able to verify that Signers from both modes are able to contribute to signaturesPre-submit checklist
Issue(s)
Closes #301, #384 and #455