diff --git a/.github/workflows/func-tests.yml b/.github/workflows/func-tests.yaml similarity index 89% rename from .github/workflows/func-tests.yml rename to .github/workflows/func-tests.yaml index c5ac047..8907e6a 100644 --- a/.github/workflows/func-tests.yml +++ b/.github/workflows/func-tests.yaml @@ -1,8 +1,10 @@ name: Functional Tests on: + push: + tags: ['v*'] pull_request: - branches: [ "main" ] + branches: ['main'] workflow_dispatch: jobs: @@ -14,18 +16,18 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: "Build dkc script" + - name: 'Build dkc script' uses: actions/setup-go@v4 with: go-version-file: './go.mod' - run: go build ../../ - - name: "Install ethdo" + - name: 'Install ethdo' run: | go install "github.com/wealdtech/ethdo@$ethdo_version" env: - ethdo_version: "v1.28.5" - - name: "Get Original Wallets" + ethdo_version: 'v1.28.5' + - name: 'Get Original Wallets' run: | #FIXME set -e is the default bash flag(this is not obvious btw need to fix) account_pubkey_map='{}' @@ -44,7 +46,7 @@ jobs: done; echo "account_pubkey_map=${account_pubkey_map}" >> $GITHUB_ENV - - name: "Prepare configs" + - name: 'Prepare configs' run: | #FIXME set -e is the default bash flag(this is not obvious btw need to fix) cp config.yaml config-combine.yaml @@ -56,7 +58,7 @@ jobs: sed -i "s,DISTRIBUTED_WALLETS,$output_distributed_wallets_path,g" config-split.yaml sed -i "s,ND_WALLETS,$output_nd_wallets_path,g" config-split.yaml - - name: "COMBINE Function Test" + - name: 'COMBINE Function Test' run: | #FIXME set -e is the default bash flag(this is not obvious btw need to fix) #Combine @@ -76,7 +78,7 @@ jobs: echo -e "Account [$account]: ${green}OK${nc}" done; - - name: "Split Function Test" + - name: 'Split Function Test' run: | #FIXME set -e is the default bash flag(this is not obvious btw need to fix) #Split @@ -96,10 +98,10 @@ jobs: echo -e "Account [$account]: ${green}OK${nc}" done; env: - wallet_name: "DW" - input_distributed_wallets_path: "./wallets" - output_nd_wallets_path: "./nd_wallets" - output_distributed_wallets_path: "./distributed_wallets" + wallet_name: 'DW' + input_distributed_wallets_path: './wallets' + output_nd_wallets_path: './nd_wallets' + output_distributed_wallets_path: './distributed_wallets' red: '\033[0;31m' green: '\033[0;32m' nc: '\033[0m' diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8ec8f98..fd5b1c9 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -2,11 +2,10 @@ name: Release on: push: - tags: - - 'v*' + tags: ['v*'] env: - artifacts_name: "building-artifacts" + artifacts_name: 'building-artifacts' jobs: tests-and-linters: @@ -14,23 +13,21 @@ jobs: prepare: name: Prepare Variables - runs-on: [ubuntu-latest] needs: tests-and-linters + runs-on: ubuntu-latest outputs: release_version: ${{ steps.enver.outputs.release_version }} steps: - - - name: Set env - id: enver - run: | - # Release tag comes from the github reference. - RELEASE_TAG=$(echo ${GITHUB_REF} | sed -e 's!.*/!!') - # Ensure the release tag has expected format. - echo ${RELEASE_TAG} | grep -q '^v' || exit 1 - # Release version is same as release tag without leading 'v'. - RELEASE_VERSION=$(echo ${GITHUB_REF} | sed -e 's!.*/v!!') - echo "release_version=${RELEASE_VERSION}" >> "$GITHUB_OUTPUT" - + - name: Set env + id: enver + run: | + # Release tag comes from the github reference. + RELEASE_TAG=$(echo ${GITHUB_REF} | sed -e 's!.*/!!') + # Ensure the release tag has expected format. + echo ${RELEASE_TAG} | grep -q '^v' || exit 1 + # Release version is same as release tag without leading 'v'. + RELEASE_VERSION=$(echo ${GITHUB_REF} | sed -e 's!.*/v!!') + echo "release_version=${RELEASE_VERSION}" >> "$GITHUB_OUTPUT" build: name: Build For Different Arch @@ -42,69 +39,66 @@ jobs: env: release_version: ${{needs.prepare.outputs.release_version}} steps: - - - name: Checkout code - uses: actions/checkout@v2 - - - name: "Setup Go" - uses: actions/setup-go@v4 - with: - go-version-file: './go.mod' - id: go - - - name: Set env - run: | - # Set arch related variables - echo "goos=$(go env GOOS)" >> $GITHUB_ENV - echo "goarch=$(go env GOARCH)" >> $GITHUB_ENV - - - name: Build on ${{runner.os}} - run: | - #Building for main platform - go build -o dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}} -ldflags="-X github.com/p2p-org/dkc/cmd.ReleaseVersion=${{env.release_version}}" . - tar zcf dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}}.tar.gz dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}} - shasum -a 256 dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}}.tar.gz >dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}}.sha256 - - - name: Save to artifacts - id: artifacts-save - uses: actions/upload-artifact@v3 - with: - name: ${{ env.artifacts_name }} - path: | - ./dkc-**.tar.gz - ./dkc-**.sha256 - if-no-files-found: error - + - name: Checkout code + uses: actions/checkout@v2 + + - name: 'Setup Go' + uses: actions/setup-go@v4 + with: + go-version-file: './go.mod' + id: go + + - name: Set env + run: | + # Set arch related variables + echo "goos=$(go env GOOS)" >> $GITHUB_ENV + echo "goarch=$(go env GOARCH)" >> $GITHUB_ENV + + - name: Build on ${{runner.os}} + run: | + #Building for main platform + go build -o dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}} -ldflags="-X github.com/p2p-org/dkc/cmd.ReleaseVersion=${{env.release_version}}" . + tar zcf dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}}.tar.gz dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}} + shasum -a 256 dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}}.tar.gz >dkc-${{env.release_version}}-${{env.goos}}-${{env.goarch}}.sha256 + + - name: Save to artifacts + id: artifacts-save + uses: actions/upload-artifact@v3 + with: + name: ${{ env.artifacts_name }} + path: | + ./dkc-**.tar.gz + ./dkc-**.sha256 + if-no-files-found: error release: name: Publish Release runs-on: ubuntu-latest needs: - - build - - prepare + - build + - prepare env: release_version: ${{needs.prepare.outputs.release_version}} steps: - - name: Checkout code - uses: actions/checkout@v2 - - - name: Download artifacts - uses: actions/download-artifact@v3 - with: - name: ${{ env.artifacts_name }} - - - name: Run Changelog CI - uses: saadmk11/changelog-ci@v1.1.1 - with: - release_version: ${{ env.release_version }} - - - name: Create Release - uses: softprops/action-gh-release@v1 - with: - body_path: CHANGELOG.md - files: | - ./dkc-**.tar.gz - ./dkc-**.sha256 - generate_release_notes: true - fail_on_unmatched_files: true - + - name: Checkout code + uses: actions/checkout@v2 + + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: ${{ env.artifacts_name }} + + - name: Run Changelog CI + uses: saadmk11/changelog-ci@v1.1.1 + with: + release_version: ${{ env.release_version }} + + - name: Create Release + uses: softprops/action-gh-release@v1 + with: + body_path: CHANGELOG.md + files: | + ./dkc-**.tar.gz + ./dkc-**.sha256 + generate_release_notes: true + fail_on_unmatched_files: true diff --git a/.github/workflows/snyk.yaml b/.github/workflows/snyk.yaml index 68568d1..9bf704e 100644 --- a/.github/workflows/snyk.yaml +++ b/.github/workflows/snyk.yaml @@ -1,7 +1,9 @@ name: Snyk Vulnerabilities Checker on: + push: + tags: ['v*'] pull_request: - branches: [ "main" ] + branches: ['main'] workflow_dispatch: schedule: - cron: '00 10 * * 1' diff --git a/.github/workflows/build.yaml b/.github/workflows/tests.yaml old mode 100755 new mode 100644 similarity index 59% rename from .github/workflows/build.yaml rename to .github/workflows/tests.yaml index 3a4fefc..9f81326 --- a/.github/workflows/build.yaml +++ b/.github/workflows/tests.yaml @@ -1,10 +1,11 @@ -name: Integration tests +name: Tests on: + push: + tags: ['v*'] pull_request: - branches: - - 'master' - workflow_call: + branches: ['main'] + workflow_dispatch: jobs: go-tests: @@ -29,3 +30,15 @@ jobs: - name: Run golang lint uses: golangci/golangci-lint-action@v3 + + nix-checks: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Install Nix + uses: cachix/install-nix-action@v20 + + - name: Run nix flake check + run: nix flake check diff --git a/README.MD b/README.MD index e126c3f..623ddac 100644 --- a/README.MD +++ b/README.MD @@ -36,7 +36,7 @@ go build . :bangbang: Before you begin, make sure you backup keys and store recovered wallets and passwords securely. -`dkc` uses [herumi/bls-eth-go-binary](https://github.com/herumi/bls-eth-go-binary). The pseudocode of using [herumi/bls-eth-go-binary](https://github.com/herumi/bls-eth-go-binary) in `dkc` is available [here](./example/split.go) +`dkc` uses [herumi/bls-eth-go-binary](https://github.com/herumi/bls-eth-go-binary). Some research code of using [herumi/bls-eth-go-binary](https://github.com/herumi/bls-eth-go-binary) in `dkc` is available [here](./research/research.go) You can also test `dkc` on predefiened inputs [here](.github/workflows/func-tests.yml). diff --git a/example/split.go b/example/split.go deleted file mode 100644 index a7720e4..0000000 --- a/example/split.go +++ /dev/null @@ -1,198 +0,0 @@ -// nolint -package main - -import ( - "encoding/binary" - "encoding/hex" - "fmt" - "log" - - "github.com/herumi/bls-eth-go-binary/bls" - // e2wallet "github.com/wealdtech/go-eth2-wallet" - // distributed "github.com/wealdtech/go-eth2-wallet-distributed" - // keystorev4 "github.com/wealdtech/go-eth2-wallet-encryptor-keystorev4" - // filesystem "github.com/wealdtech/go-eth2-wallet-store-filesystem" - // e2wtypes "github.com/wealdtech/go-eth2-wallet-types/v2" -) - -const THRESHOLD = 2 -const PARTICIPANTS = 3 -const KEYSTR = "3eb84bbe03db1c6341c490142a647655f33983ed693d0f43c696ed0378fdc492" - -func sample1() { - msg := []byte("Hello") - var origin_key bls.SecretKey - //origin_key.SetByCSPRNG() - origin_key_byte, _ := hex.DecodeString(KEYSTR) - origin_key.Deserialize(origin_key_byte) - origin_pub := origin_key.GetPublicKey() - - fmt.Printf("origin key=%v\n", origin_key.SerializeToHexStr()) - fmt.Printf("origin pub=%v\n", origin_pub.SerializeToHexStr()) - - masterSKs, masterPKs := setupMasterKeys(origin_key) - - partIDs, partSKs, partPKs, partSigns := setupParticipants(masterSKs, masterPKs, msg) - // Check - if err := checkKeys(origin_key, msg, partIDs, partSKs, partPKs, partSigns); err != nil { - log.Fatalf("failed to checkKeys: %s", err) - } - log.Println("keys check success") -} - -func setupParticipants(masterSKs []bls.SecretKey, masterPKs []bls.PublicKey, msg []byte) ( - participantsIDs []bls.ID, - participantsSKs []bls.SecretKey, - participantsPKs []bls.PublicKey, - signatures []bls.Sign, -) { - for i := 0; i < PARTICIPANTS; i++ { - id := newBlsID(uint64(i + 1)) - - participantsIDs = append(participantsIDs, *id) - var sk bls.SecretKey - if err := sk.Set(masterSKs, id); err != nil { - log.Fatalf("Failed to Set secret key: %s", err) - } - participantsSKs = append(participantsSKs, sk) - fmt.Printf("partsk[%d]=%v\n", i, sk.SerializeToHexStr()) - - var pk bls.PublicKey - if err := pk.Set(masterPKs, id); err != nil { - log.Fatalf("Failed to Set public key: %s", err) - } - participantsPKs = append(participantsPKs, pk) - fmt.Printf("partpk[%d]=%v\n", i, pk.SerializeToHexStr()) - - sig := sk.SignByte(msg) - signatures = append(signatures, *sig) - } - - return -} - -func setupMasterKeys(masterSK bls.SecretKey) (masterSKs []bls.SecretKey, masterPKs []bls.PublicKey) { - masterSKs = append(masterSKs, masterSK) - - for i := 1; i < THRESHOLD; i++ { - var sk bls.SecretKey - sk.SetByCSPRNG() // Shouldn't be a zero (all keys will be equal in that case) - masterSKs = append(masterSKs, sk) - fmt.Printf("mk[%d]=%v\n", i, sk.SerializeToHexStr()) - } - - masterPKs = bls.GetMasterPublicKey(masterSKs) - - return -} - -func checkKeys( - masterSK bls.SecretKey, - msg []byte, - participantsIDs []bls.ID, - participantsSKs []bls.SecretKey, - participantsPKs []bls.PublicKey, - signatures []bls.Sign, -) error { - indexPairs := [][]uint32{{1, 2}, {0, 2}, {0, 1}} - // indexPairs := [][]uint32{ - // {0, 1}, {0, 2}, {0, 3}, {0, 4}, - // {1, 2}, {1, 3}, {1, 4}, - // {2, 3}, {3, 4}, - // } - for idx, indexPair := range indexPairs { - var ( - subIDs []bls.ID - subSKs []bls.SecretKey - subPKs []bls.PublicKey - subSigs []bls.Sign - ) - - for i := 0; i < 2; i++ { - idx := indexPair[i] - subIDs = append(subIDs, participantsIDs[idx]) - subSKs = append(subSKs, participantsSKs[idx]) - subPKs = append(subPKs, participantsPKs[idx]) - subSigs = append(subSigs, signatures[idx]) - } - - var sec bls.SecretKey - var pub bls.PublicKey - var sig bls.Sign - - if err := sec.Recover(subSKs, subIDs); err != nil { - return fmt.Errorf("failed to Recover priv: %w", err) - } - - if err := pub.Recover(subPKs, subIDs); err != nil { - return fmt.Errorf("failed to Recover pub: %w", err) - } - - if err := sig.Recover(subSigs, subIDs); err != nil { - return fmt.Errorf("failed to Recover signature: %w", err) - } - - if !sig.VerifyByte(masterSK.GetPublicKey(), msg) { - return fmt.Errorf("failed to verify signature for index pair %d", idx) - } - - fmt.Printf("------\n") - fmt.Printf("%d: mk=%v\n", idx, masterSK.SerializeToHexStr()) - fmt.Printf("%d: rk=%v\n", idx, sec.SerializeToHexStr()) - fmt.Printf("%d: mp=%v\n", idx, masterSK.GetPublicKey().SerializeToHexStr()) - fmt.Printf("%d: rp=%v\n", idx, pub.SerializeToHexStr()) - } - - return nil -} - -func newBlsID(id uint64) *bls.ID { - var res bls.ID - buf := [8]byte{} - binary.LittleEndian.PutUint64(buf[:], id) - if err := res.SetLittleEndian(buf[:]); err != nil { - panic(err) - } - return &res -} - -func sample2() { - // msg := []byte("Hello") - var mk1 bls.SecretKey - var mk2 bls.SecretKey - mk1_byte, _ := hex.DecodeString("3eb84bbe03db1c6341c490142a647655f33983ed693d0f43c696ed0378fdc492") - mk2_byte, _ := hex.DecodeString("56826b2549ba1c26eb4dcbb73807fc81d49d8c754c4a034a578bd808b0d2f56c") - mk1.Deserialize(mk1_byte) - mk2.Deserialize(mk2_byte) - - fmt.Printf("mk1=%v\nmk2=%v\n", mk1.SerializeToHexStr(), mk2.SerializeToHexStr()) - - masterSKs := []bls.SecretKey{mk1, mk2} - var partSKs []bls.SecretKey - // Generate - for i := 0; i < 3; i++ { - id := newBlsID(uint64(i + 1)) - var sk bls.SecretKey - if err := sk.Set(masterSKs, id); err != nil { - log.Fatalf("Failed to Set secret key: %s", err) - } - partSKs = append(partSKs, sk) - fmt.Printf("partsk[%d]=%v\n", i, sk.SerializeToHexStr()) - } - //Recover - - subSKs := []bls.SecretKey{partSKs[0], partSKs[1]} - subIDs := []bls.ID{*newBlsID(1), *newBlsID(2)} - var rk bls.SecretKey - if err := rk.Recover(subSKs, subIDs); err != nil { - } - fmt.Printf("Recovered key=%v\n", rk.SerializeToHexStr()) - -} - -func main() { - bls.Init(bls.BLS12_381) - bls.SetETHmode(bls.EthModeDraft07) - //sample1() - sample2() -} diff --git a/flake.lock b/flake.lock index d68597a..e6c3015 100644 --- a/flake.lock +++ b/flake.lock @@ -1,22 +1,66 @@ { "nodes": { + "devshell": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1683635384, + "narHash": "sha256-9goJTd05yOyD/McaMqZ4BUB8JW+mZMnZQJZ7VQ6C/Lw=", + "owner": "numtide", + "repo": "devshell", + "rev": "5143ea68647c4cf5227e4ad2100db6671fc4c369", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "devshell_2": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "ethereum-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1682700442, + "narHash": "sha256-qjaAAcCYgp1pBBG7mY9z95ODUBZMtUpf0Qp3Gt/Wha0=", + "owner": "numtide", + "repo": "devshell", + "rev": "fb6673fe9fe4409e3f43ca86968261e970918a83", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, "ethereum-nix": { "inputs": { + "devshell": "devshell_2", "flake-compat": "flake-compat", "flake-parts": "flake-parts", "flake-root": "flake-root", "foundry-nix": "foundry-nix", - "mission-control": "mission-control", - "nixpkgs": "nixpkgs", + "hercules-ci-effects": "hercules-ci-effects", + "nixpkgs": "nixpkgs_3", "nixpkgs-unstable": "nixpkgs-unstable", "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1677773622, - "narHash": "sha256-7bsxh2pBvm/RHuR2Ki/p1S28RKa6kkJrJkn1Uq/Nan4=", + "lastModified": 1683806117, + "narHash": "sha256-yWtTGi338LhyT2Mo7TjF62EPGVG36o4bYaMsdvjBqYw=", "owner": "nix-community", "repo": "ethereum.nix", - "rev": "801fd3d39e91902fcc375217d9ebe64f4d1ca23f", + "rev": "2c000f083097bf48fa5cb7126e2c6d9152f3857f", "type": "github" }, "original": { @@ -25,29 +69,22 @@ "type": "github" } }, - "fenix": { - "inputs": { - "nixpkgs": [ - "statix", - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, + "flake-compat": { "locked": { - "lastModified": 1645251813, - "narHash": "sha256-cQ66tGjnZclBCS3nD26mZ5fUH+3/HnysGffBiWXUSHk=", + "lastModified": 1680531544, + "narHash": "sha256-8qbiDTYb1kGaDADRXTItpcMKQ1TeQVkuof6oEwHUvVA=", "owner": "nix-community", - "repo": "fenix", - "rev": "9892337b588c38ec59466a1c89befce464aae7f8", + "repo": "flake-compat", + "rev": "95e78dc12268c5e4878621845c511077f3798729", "type": "github" }, "original": { "owner": "nix-community", - "repo": "fenix", + "repo": "flake-compat", "type": "github" } }, - "flake-compat": { + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1673956053, @@ -71,11 +108,11 @@ ] }, "locked": { - "lastModified": 1675933616, - "narHash": "sha256-/rczJkJHtx16IFxMmAWu5nNYcSXNg1YYXTHoGjLrLUA=", + "lastModified": 1682984683, + "narHash": "sha256-fSMthG+tp60AHhNmaHc4StT3ltfHkQsJtN8GhfLWmtI=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "47478a4a003e745402acf63be7f9a092d51b83d7", + "rev": "86684881e184f41aa322e653880e497b66429f3e", "type": "github" }, "original": { @@ -85,17 +122,37 @@ } }, "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1678379998, + "narHash": "sha256-TZdfNqftHhDuIFwBcN9MUThx5sQXCTeZk9je5byPKRw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "c13d60b89adea3dc20704c045ec4d50dd964d447", + "type": "github" + }, + "original": { + "id": "flake-parts", + "type": "indirect" + } + }, + "flake-parts_3": { "inputs": { "nixpkgs-lib": [ + "ethereum-nix", + "hercules-ci-effects", + "hercules-ci-agent", "nixpkgs" ] }, "locked": { - "lastModified": 1680392223, - "narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=", + "lastModified": 1678379998, + "narHash": "sha256-TZdfNqftHhDuIFwBcN9MUThx5sQXCTeZk9je5byPKRw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5", + "rev": "c13d60b89adea3dc20704c045ec4d50dd964d447", "type": "github" }, "original": { @@ -104,22 +161,27 @@ "type": "github" } }, - "flake-root": { + "flake-parts_4": { + "inputs": { + "nixpkgs-lib": [ + "nixpkgs" + ] + }, "locked": { - "lastModified": 1671378805, - "narHash": "sha256-yqGxyzMN2GuppwG3dTWD1oiKxi+jGYP7D1qUSc5vKhI=", - "owner": "srid", - "repo": "flake-root", - "rev": "dc7ba6166e478804a9da6881aa48c45d300075cf", + "lastModified": 1683560683, + "narHash": "sha256-XAygPMN5Xnk/W2c1aW0jyEa6lfMDZWlQgiNtmHXytPc=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "006c75898cf814ef9497252b022e91c946ba8e17", "type": "github" }, "original": { - "owner": "srid", - "repo": "flake-root", + "owner": "hercules-ci", + "repo": "flake-parts", "type": "github" } }, - "flake-root_2": { + "flake-root": { "locked": { "lastModified": 1680964220, "narHash": "sha256-dIdTYcf+KW9a4pKHsEbddvLVSfR1yiAJynzg2x0nfWg=", @@ -135,6 +197,21 @@ } }, "flake-utils": { + "locked": { + "lastModified": 1642700792, + "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { "locked": { "lastModified": 1644229661, "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", @@ -149,7 +226,22 @@ "type": "github" } }, - "flake-utils_2": { + "flake-utils_3": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "locked": { "lastModified": 1667077288, "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", @@ -166,18 +258,18 @@ }, "foundry-nix": { "inputs": { - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nixpkgs": [ "ethereum-nix", "nixpkgs" ] }, "locked": { - "lastModified": 1675801109, - "narHash": "sha256-18nucjxdQa0qY4v/2o3ksLjJ84vx3L+zIB87sjRKbrA=", + "lastModified": 1683191603, + "narHash": "sha256-KdSKdwz3+VJQIHc8sCDwPo2OQtPs5jbxwrLXseHLlfc=", "owner": "shazow", "repo": "foundry.nix", - "rev": "5e998c1666007ede721f8290aab2f9529d2ccef7", + "rev": "5a53423b983f623420733f62c01fa69d1f4cdda9", "type": "github" }, "original": { @@ -187,59 +279,167 @@ "type": "github" } }, - "mission-control": { + "gitignore": { + "inputs": { + "nixpkgs": [ + "ethereum-nix", + "hercules-ci-effects", + "hercules-ci-agent", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, "locked": { - "lastModified": 1675195908, - "narHash": "sha256-nQv35C7svZFluwy2uoZFxwPqiT16XoKAoMlIQYmvg3A=", - "owner": "Platonic-Systems", - "repo": "mission-control", - "rev": "feb06872ac4dc977f70f6388c87d36fc3c3c3693", + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", "type": "github" }, "original": { - "owner": "Platonic-Systems", - "repo": "mission-control", + "owner": "hercules-ci", + "repo": "gitignore.nix", "type": "github" } }, - "mission-control_2": { + "haskell-flake": { "locked": { - "lastModified": 1682001320, - "narHash": "sha256-cXxEhjdJjWw1n8d14+PR8h/i0gLVLG2xq4kw5sJeuxg=", - "owner": "Platonic-Systems", - "repo": "mission-control", - "rev": "c2f3f0a8dce770c46bfa217270ee5592f3a5ebf5", + "lastModified": 1678138103, + "narHash": "sha256-D0lao82bV3t2gEFjHiU6RN233t+1MnkQV+bq8MEu2ic=", + "owner": "hercules-ci", + "repo": "haskell-flake", + "rev": "1e1660e6dd00838ba73bc7952e6e73be67da18d1", "type": "github" }, "original": { - "owner": "Platonic-Systems", - "repo": "mission-control", + "owner": "hercules-ci", + "ref": "0.1-extraLibraries", + "repo": "haskell-flake", + "type": "github" + } + }, + "hercules-ci-agent": { + "inputs": { + "flake-parts": "flake-parts_3", + "haskell-flake": "haskell-flake", + "nix-darwin": "nix-darwin", + "nixpkgs": "nixpkgs", + "pre-commit-hooks-nix": "pre-commit-hooks-nix" + }, + "locked": { + "lastModified": 1678446614, + "narHash": "sha256-Z6Gsba5ahn/N0QlF0vJfIEfnZgCs4qr1IZtXAqjbE7s=", + "owner": "hercules-ci", + "repo": "hercules-ci-agent", + "rev": "0b90d1a87c117a5861785cb85833dd1c9df0b6ef", + "type": "github" + }, + "original": { + "id": "hercules-ci-agent", + "type": "indirect" + } + }, + "hercules-ci-effects": { + "inputs": { + "flake-parts": "flake-parts_2", + "hercules-ci-agent": "hercules-ci-agent", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1681898675, + "narHash": "sha256-nIJ7CAdiHv4i1no/VgDoeTJLzbLYwu5+/Ycoyzn0S78=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "15ff4f63e5f28070391a5b09a82f6d5c6cc5c9d0", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, + "nix-darwin": { + "inputs": { + "nixpkgs": [ + "ethereum-nix", + "hercules-ci-effects", + "hercules-ci-agent", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1673295039, + "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", + "owner": "LnL7", + "repo": "nix-darwin", + "rev": "87b9d090ad39b25b2400029c64825fc2a8868943", + "type": "github" + }, + "original": { + "owner": "LnL7", + "repo": "nix-darwin", "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1669833724, - "narHash": "sha256-/HEZNyGbnQecrgJnfE8d0WC5c1xuPSD2LUpB6YXlg4c=", - "owner": "nixos", + "lastModified": 1678293141, + "narHash": "sha256-lLlQHaR0y+q6nd6kfpydPTGHhl1rS9nU9OQmztzKOYs=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "4d2b37a84fad1091b9de401eb450aae66f1a741e", + "rev": "c90c4025bb6e0c4eaf438128a3b2640314b1c58d", "type": "github" }, "original": { - "owner": "nixos", - "ref": "22.11", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1678375444, + "narHash": "sha256-XIgHfGvjFvZQ8hrkfocanCDxMefc/77rXeHvYdzBMc8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "130fa0baaa2b93ec45523fdcde942f6844ee9f6e", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1673800717, + "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1677383253, - "narHash": "sha256-UfpzWfSxkfXHnb4boXZNaKsAcUrZT9Hw+tao1oZxd08=", + "lastModified": 1683442750, + "narHash": "sha256-IiJ0WWW6OcCrVFl1ijE+gTaP0ChFfV6dNkJR05yStmw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9952d6bc395f5841262b006fbace8dd7e143b634", + "rev": "eb751d65225ec53de9cf3d88acbf08d275882389", "type": "github" }, "original": { @@ -251,27 +451,42 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1677407201, - "narHash": "sha256-3blwdI9o1BAprkvlByHvtEm5HAIRn/XPjtcfiunpY7s=", + "lastModified": 1678891326, + "narHash": "sha256-cjgrjKx7y+hO9I8O2b6QvBaTt9w7Xhk/5hsnJYTUb2I=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1544ef240132d4357d9a39a40c8e6afd1678b052", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1669833724, + "narHash": "sha256-/HEZNyGbnQecrgJnfE8d0WC5c1xuPSD2LUpB6YXlg4c=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7f5639fa3b68054ca0b062866dc62b22c3f11505", + "rev": "4d2b37a84fad1091b9de401eb450aae66f1a741e", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "22.11", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1682109806, - "narHash": "sha256-d9g7RKNShMLboTWwukM+RObDWWpHKaqTYXB48clBWXI=", + "lastModified": 1683777345, + "narHash": "sha256-V2p/A4RpEGqEZussOnHYMU6XglxBJGCODdzoyvcwig8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2362848adf8def2866fabbffc50462e929d7fffb", + "rev": "635a306fc8ede2e34cb3dd0d6d0a5d49362150ed", "type": "github" }, "original": { @@ -283,7 +498,34 @@ }, "pre-commit-hooks-nix": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_3", + "gitignore": "gitignore", + "nixpkgs": [ + "ethereum-nix", + "hercules-ci-effects", + "hercules-ci-agent", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1678376203, + "narHash": "sha256-3tyYGyC8h7fBwncLZy5nCUjTJPrHbmNwp47LlNLOHSM=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "1a20b9708962096ec2481eeb2ddca29ed747770a", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks-nix_2": { + "inputs": { + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixpkgs" ] @@ -305,64 +547,42 @@ }, "root": { "inputs": { + "devshell": "devshell", "ethereum-nix": "ethereum-nix", - "flake-parts": "flake-parts_2", - "flake-root": "flake-root_2", - "mission-control": "mission-control_2", - "nixpkgs": "nixpkgs_3", - "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "statix": "statix", + "flake-parts": "flake-parts_4", + "nixpkgs": "nixpkgs_4", + "pre-commit-hooks-nix": "pre-commit-hooks-nix_2", "treefmt-nix": "treefmt-nix_2" } }, - "rust-analyzer-src": { - "flake": false, + "systems": { "locked": { - "lastModified": 1645205556, - "narHash": "sha256-e4lZW3qRyOEJ+vLKFQP7m2Dxh5P44NrnekZYLxlucww=", - "owner": "rust-analyzer", - "repo": "rust-analyzer", - "rev": "acf5874b39f3dc5262317a6074d9fc7285081161", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { - "owner": "rust-analyzer", - "ref": "nightly", - "repo": "rust-analyzer", + "owner": "nix-systems", + "repo": "default", "type": "github" } }, - "statix": { + "treefmt-nix": { "inputs": { - "fenix": "fenix", "nixpkgs": [ + "ethereum-nix", "nixpkgs" ] }, "locked": { - "lastModified": 1676888642, - "narHash": "sha256-C73LOMVVCkeL0jA5xN7klLEDEB4NkuiATEJY4A/tIyM=", - "owner": "nerdypepper", - "repo": "statix", - "rev": "3c7136a23f444db252a556928c1489869ca3ab4e", - "type": "github" - }, - "original": { - "owner": "nerdypepper", - "repo": "statix", - "type": "github" - } - }, - "treefmt-nix": { - "inputs": { - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1676131462, - "narHash": "sha256-EaWq2jUIGbXW6Tp66mbwZXEXRZ3y4W+4NTWiBFYNBxw=", + "lastModified": 1683307174, + "narHash": "sha256-A7nF2Q+F+Bqs4u6VS4aOzyURfly5f4ZAiihGU0FA29g=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "819dd7f076832838bba238eceef9a3dbfc63f5d0", + "rev": "b44794f94514b61512352a18cd77c710f0005f15", "type": "github" }, "original": { @@ -378,11 +598,11 @@ ] }, "locked": { - "lastModified": 1681486253, - "narHash": "sha256-EjiQZvXQH9tUPCyLC6lQpfGnoq4+kI9v59bDJWPicYo=", + "lastModified": 1683307174, + "narHash": "sha256-A7nF2Q+F+Bqs4u6VS4aOzyURfly5f4ZAiihGU0FA29g=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "b25d1a3c2c7554d0462ab1dfddf2f13128638b90", + "rev": "b44794f94514b61512352a18cd77c710f0005f15", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 984b7ec..0a72985 100644 --- a/flake.nix +++ b/flake.nix @@ -8,18 +8,16 @@ url = "github:hercules-ci/flake-parts"; inputs.nixpkgs-lib.follows = "nixpkgs"; }; - flake-root.url = "github:srid/flake-root"; pre-commit-hooks-nix = { url = "github:hercules-ci/pre-commit-hooks.nix/flakeModule"; inputs.nixpkgs.follows = "nixpkgs"; }; - mission-control.url = "github:Platonic-Systems/mission-control"; - treefmt-nix = { - url = "github:numtide/treefmt-nix"; + devshell = { + url = "github:numtide/devshell"; inputs.nixpkgs.follows = "nixpkgs"; }; - statix = { - url = "github:nerdypepper/statix"; + treefmt-nix = { + url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -33,13 +31,7 @@ inherit inputs; } { - imports = [ - inputs.flake-parts.flakeModules.easyOverlay - inputs.flake-root.flakeModule - inputs.mission-control.flakeModule - inputs.pre-commit-hooks-nix.flakeModule - ./nix - ]; + imports = [./nix]; systems = ["x86_64-linux" "aarch64-darwin"]; }; } diff --git a/nix/control.nix b/nix/control.nix deleted file mode 100644 index 9c660d9..0000000 --- a/nix/control.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - perSystem = { - config, - lib, - ... - }: { - mission-control = { - scripts = { - fmt = { - category = "Tools"; - description = "Format the source tree"; - exec = "${lib.getExe config.treefmt.build.wrapper}"; - }; - }; - }; - }; -} diff --git a/nix/default.nix b/nix/default.nix index 483d275..253fc02 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -1,9 +1,8 @@ { imports = [ - ./checks.nix - ./control.nix ./formatter.nix - ./shell.nix ./package.nix + ./pre-commit.nix + ./shell.nix ]; } diff --git a/nix/formatter.nix b/nix/formatter.nix index 94414ca..f546b3b 100644 --- a/nix/formatter.nix +++ b/nix/formatter.nix @@ -9,7 +9,7 @@ ... }: { treefmt.config = { - inherit (config.flake-root) projectRootFile; + projectRootFile = ".git/config"; package = pkgs.treefmt; programs = { diff --git a/nix/package.nix b/nix/package.nix index 3968e3f..bca8260 100644 --- a/nix/package.nix +++ b/nix/package.nix @@ -11,7 +11,7 @@ version = "1.0.0"; src = ../.; - vendorHash = "sha256-FN8+W+OZ/XGsO0Kt0PJZoT+56dxCSJLGPX1KK6E4ozc="; + vendorHash = "sha256-EtGm+9jpGGB+/aUzIyFfe3ZbyhqliL3G9qJBf2nKseY="; buildInputs = [mcl bls]; }; diff --git a/nix/checks.nix b/nix/pre-commit.nix similarity index 56% rename from nix/checks.nix rename to nix/pre-commit.nix index 9e44569..d8d6152 100644 --- a/nix/checks.nix +++ b/nix/pre-commit.nix @@ -1,10 +1,15 @@ -{ +{inputs, ...}: { + imports = [ + inputs.pre-commit-hooks-nix.flakeModule + ]; perSystem = _: { pre-commit.settings = { hooks = { alejandra.enable = true; deadnix.enable = true; statix.enable = true; + #gofmt.enable = true; + #gotest.enable = true; }; }; }; diff --git a/nix/shell.nix b/nix/shell.nix index df0b849..fcb41de 100644 --- a/nix/shell.nix +++ b/nix/shell.nix @@ -1,36 +1,45 @@ -{ +{inputs, ...}: { + imports = [ + inputs.devshell.flakeModule + ]; perSystem = { pkgs, config, inputs', ... }: let - inherit (pkgs) mkShell; + inherit (pkgs) go go-outline golangci-lint gopkgs gopls gotools openssl; + inherit (inputs'.ethereum-nix.packages) ethdo; in { - devShells.default = mkShell { + devshells.default = { name = "dkc"; - inputsFrom = [ - config.flake-root.devShell - config.mission-control.devShell - #config.pre-commit.devShell + packages = [ + go + go-outline + golangci-lint + gopkgs + gopls + gotools + openssl + ethdo ]; - - packages = builtins.attrValues { - inherit - (pkgs) - go - go-outline - golangci-lint - gopkgs - gopls - gotools - openssl - ; - inherit (inputs'.ethereum-nix.packages) ethdo; + commands = [ + { + category = "Tools"; + name = "fmt"; + help = "Format the source tree"; + command = "nix fmt"; + } + { + category = "Tools"; + name = "check"; + help = "Nix flake check"; + command = "nix flake check"; + } + ]; + devshell.startup = { + pre-commit.text = config.pre-commit.installationScript; }; - shellHook = '' - ${config.pre-commit.installationScript} - ''; }; }; } diff --git a/research/docker-compose.yaml b/research/docker-compose.yaml new file mode 100644 index 0000000..23ef1df --- /dev/null +++ b/research/docker-compose.yaml @@ -0,0 +1,72 @@ +version: "3.9" +services: + old1: + image: attestant/dirk + hostname: old1 + restart: always + command: --base-dir /data + volumes: + - type: bind + source: ./podman-data/old/1 + target: /data + read_only: false + old2: + image: attestant/dirk + hostname: old2 + restart: always + command: --base-dir /data + volumes: + - type: bind + source: ./podman-data/old/2 + target: /data + read_only: false + old3: + image: attestant/dirk + hostname: old3 + restart: always + command: --base-dir /data + volumes: + - type: bind + source: ./podman-data/old/3 + target: /data + read_only: false + new1: + image: attestant/dirk + hostname: new1 + restart: always + command: --base-dir /data + volumes: + - type: bind + source: ./podman-data/new/1 + target: /data + read_only: false + new2: + image: attestant/dirk + hostname: new2 + restart: always + command: --base-dir /data + volumes: + - type: bind + source: ./podman-data/new/2 + target: /data + read_only: false + new3: + image: attestant/dirk + hostname: new3 + restart: always + command: --base-dir /data + volumes: + - type: bind + source: ./podman-data/new/3 + target: /data + read_only: false + admin: + image: wealdtech/ethdo + hostname: admin + restart: always + entrypoint: bash -c "sleep 10000" + volumes: + - type: bind + source: ./podman-data/admin + target: /data + read_only: false diff --git a/research/research.go b/research/research.go new file mode 100644 index 0000000..fb1440e --- /dev/null +++ b/research/research.go @@ -0,0 +1,69 @@ +// nolint +package main + +import ( + "encoding/binary" + "encoding/hex" + "fmt" + "log" + + "github.com/herumi/bls-eth-go-binary/bls" + // e2wallet "github.com/wealdtech/go-eth2-wallet" + // distributed "github.com/wealdtech/go-eth2-wallet-distributed" + // keystorev4 "github.com/wealdtech/go-eth2-wallet-encryptor-keystorev4" + // filesystem "github.com/wealdtech/go-eth2-wallet-store-filesystem" + // e2wtypes "github.com/wealdtech/go-eth2-wallet-types/v2" +) + +const THRESHOLD = 2 +const PARTICIPANTS = 3 +const KEYSTR = "3eb84bbe03db1c6341c490142a647655f33983ed693d0f43c696ed0378fdc492" + +func newBlsID(id uint64) *bls.ID { + var res bls.ID + buf := [8]byte{} + binary.LittleEndian.PutUint64(buf[:], id) + if err := res.SetLittleEndian(buf[:]); err != nil { + panic(err) + } + return &res +} + +func sample() { + // msg := []byte("Hello") + var mk1 bls.SecretKey + var mk2 bls.SecretKey + mk1_byte, _ := hex.DecodeString("3eb84bbe03db1c6341c490142a647655f33983ed693d0f43c696ed0378fdc492") + mk2_byte, _ := hex.DecodeString("56826b2549ba1c26eb4dcbb73807fc81d49d8c754c4a034a578bd808b0d2f56c") + mk1.Deserialize(mk1_byte) + mk2.Deserialize(mk2_byte) + + fmt.Printf("mk1=%v\nmk2=%v\n", mk1.SerializeToHexStr(), mk2.SerializeToHexStr()) + + masterSKs := []bls.SecretKey{mk1, mk2} + var partSKs []bls.SecretKey + // Generate + for i := 0; i < 3; i++ { + id := newBlsID(uint64(i + 1)) + var sk bls.SecretKey + if err := sk.Set(masterSKs, id); err != nil { + log.Fatalf("Failed to Set secret key: %s", err) + } + partSKs = append(partSKs, sk) + fmt.Printf("partsk[%d]=%v\n", i, sk.SerializeToHexStr()) + } + //Recover + subSKs := []bls.SecretKey{partSKs[0], partSKs[1]} + subIDs := []bls.ID{*newBlsID(1), *newBlsID(2)} + var rk bls.SecretKey + if err := rk.Recover(subSKs, subIDs); err != nil { + } + fmt.Printf("Recovered key=%v\n", rk.SerializeToHexStr()) + +} + +func main() { + bls.Init(bls.BLS12_381) + bls.SetETHmode(bls.EthModeDraft07) + sample() +}