This repository has been archived by the owner on Nov 15, 2023. It is now read-only.
Remote Keystore based on OPTEE #10423
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
feat: add zondaxSpec feat: add Makefile
fix(deps): patch keystore to cloned folder
fix(ci): show bootnode output during execution
fix(deps): exclude keystore from workspace
fix(ci): move out of script
feat(ci): switch to tee-keystore
|
User @becominginsane, please sign the CLA here. |
|
Notice hasn't been removed because we lack the labels and we are not able to add them (or at least not me) |
deps: remove tee-keystore branch deps: remove tee-keystore local patch
feat(make): skip wasm build
|
Hey, is anyone still working on this? Due to the inactivity this issue has been automatically marked as stale. It will be closed if no further activity occurs. Thank you for your contributions. |
stale
bot
added
the
A5-stale
feat: add demo script for complete demo fix: remove unnecessary mut
stale
bot
removed
the
A5-stale
|
Hey, is anyone still working on this? Due to the inactivity this issue has been automatically marked as stale. It will be closed if no further activity occurs. Thank you for your contributions. |
stale
bot
added
the
A5-stale
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds support to the substrate node for a secret management solution using OPTEE that holds the secrets for the node in an HSM separate from the machine running the node.
Please contact us here or via email at hello@zondax.ch (or other established channels where available) for any clarification.
There are currently 2 blockers with merging/rebasing with master:
The hsm image is pinned with Rust 1.54 (which doesn't understand 2021 edition)
The project relies on a few crates from the substrate primitives and core, such as
sp-keystore, most to conform to the traits required for akeystore, but as the development branches make use of unreleased crates based on path dependencies, it becomes difficult to patch these due to how cargo handles dependency resolution (basically it first attempts to look for the crate version specified on the manifest, and if not found it errors, without resolving to patches) (for a recently merged branch see teekeystore-merged/cc @jleni @neithanmo
✄ -----------------------------------------------------------------------------
Thank you for your Pull Request! 🙏
Before you submit, please check that:
A*for PR status (one required)B*for changelog (one required)C*for release notes (exactly one required)D*for various implications/requirementsFixes #228orRelated #1337.Refer to the contributing guide for details.
After you've read this notice feel free to remove it.
Thank you!
✄ -----------------------------------------------------------------------------