Disperser auth

Dockerfile

@@ -94,6 +94,7 @@ RUN --mount=type=cache,target=/go/pkg/mod \
 
 # Controller build stage
 FROM common-builder AS controller-builder
+COPY node/auth /app/node/auth
 WORKDIR /app/disperser
 RUN --mount=type=cache,target=/go/pkg/mod \
     --mount=type=cache,target=/root/.cache/go-build \

Makefile

@@ -59,6 +59,9 @@ dataapi-build:
 unit-tests:
 	./test.sh
 
+fuzz-tests:
+	go test --fuzz=FuzzParseSignatureKMS -fuzztime=5m ./common
+
 integration-tests-churner:
 	go test -v ./churner/tests
 

api/clients/mock/static_request_signer.go

@@ -0,0 +1,30 @@
+package mock
+
+import (
+	"context"
+	"crypto/ecdsa"
+	"github.com/Layr-Labs/eigenda/api/clients/v2"
+	v2 "github.com/Layr-Labs/eigenda/api/grpc/node/v2"
+	"github.com/Layr-Labs/eigenda/node/auth"
+)
+
+var _ clients.DispersalRequestSigner = &staticRequestSigner{}
+
+// StaticRequestSigner is a DispersalRequestSigner that signs requests with a static key (i.e. it doesn't use AWS KMS).
+// Useful for testing.
+type staticRequestSigner struct {
+	key *ecdsa.PrivateKey
+}
+
+func NewStaticRequestSigner(key *ecdsa.PrivateKey) clients.DispersalRequestSigner {
+	return &staticRequestSigner{
+		key: key,
+	}
+}
+
+func (s *staticRequestSigner) SignStoreChunksRequest(
+	ctx context.Context,
+	request *v2.StoreChunksRequest) ([]byte, error) {
+
+	return auth.SignStoreChunksRequest(s.key, request)
+}

api/clients/v2/node_client.go

@@ -3,6 +3,7 @@ package clients
 import (
 	"context"
 	"fmt"
+	"github.com/Layr-Labs/eigenda/node/auth"
 	"sync"
 
 	commonpb "github.com/Layr-Labs/eigenda/api/grpc/common/v2"
@@ -24,21 +25,23 @@ type NodeClient interface {
 }
 
 type nodeClient struct {
-	config   *NodeClientConfig
-	initOnce sync.Once
-	conn     *grpc.ClientConn
+	config        *NodeClientConfig
+	initOnce      sync.Once
+	conn          *grpc.ClientConn
+	requestSigner DispersalRequestSigner
 
 	dispersalClient nodegrpc.DispersalClient
 }
 
 var _ NodeClient = (*nodeClient)(nil)
 
-func NewNodeClient(config *NodeClientConfig) (*nodeClient, error) {
+func NewNodeClient(config *NodeClientConfig, requestSigner DispersalRequestSigner) (NodeClient, error) {
 	if config == nil || config.Hostname == "" || config.Port == "" {
 		return nil, fmt.Errorf("invalid config: %v", config)
 	}
 	return &nodeClient{
-		config: config,
+		config:        config,
+		requestSigner: requestSigner,
 	}, nil
 }
 
@@ -60,16 +63,28 @@ func (c *nodeClient) StoreChunks(ctx context.Context, batch *corev2.Batch) (*cor
 		}
 	}
 
-	// Call the gRPC method to store chunks
-	response, err := c.dispersalClient.StoreChunks(ctx, &nodegrpc.StoreChunksRequest{
+	request := &nodegrpc.StoreChunksRequest{
 		Batch: &commonpb.Batch{
 			Header: &commonpb.BatchHeader{
 				BatchRoot:            batch.BatchHeader.BatchRoot[:],
 				ReferenceBlockNumber: batch.BatchHeader.ReferenceBlockNumber,
 			},
 			BlobCertificates: blobCerts,
 		},
-	})
+		DisperserID: auth.EigenLabsDisperserID, // this will need to be updated when dispersers are decentralized
+	}
+
+	if c.requestSigner != nil {
+		// Sign the request to store chunks
+		signature, err := c.requestSigner.SignStoreChunksRequest(ctx, request)
+		if err != nil {
+			return nil, fmt.Errorf("failed to sign store chunks request: %v", err)
+		}
+		request.Signature = signature
+	}
+
+	// Call the gRPC method to store chunks
+	response, err := c.dispersalClient.StoreChunks(ctx, request)
 	if err != nil {
 		return nil, err
 	}

api/clients/v2/request_signer.go

@@ -0,0 +1,62 @@
+package clients
+
+import (
+	"context"
+	"crypto/ecdsa"
+	"fmt"
+	grpc "github.com/Layr-Labs/eigenda/api/grpc/node/v2"
+	"github.com/Layr-Labs/eigenda/common"
+	"github.com/Layr-Labs/eigenda/node/auth"
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/kms"
+)
+
+// DispersalRequestSigner encapsulates the logic for signing GetChunks requests.
+type DispersalRequestSigner interface {
+	// SignStoreChunksRequest signs a StoreChunksRequest. Does not modify the request
+	// (i.e. it does not insert the signature).
+	SignStoreChunksRequest(ctx context.Context, request *grpc.StoreChunksRequest) ([]byte, error)
+}
+
+var _ DispersalRequestSigner = &requestSigner{}
+
+type requestSigner struct {
+	keyID      string
+	publicKey  *ecdsa.PublicKey
+	keyManager *kms.Client
+}
+
+// NewDispersalRequestSigner creates a new DispersalRequestSigner.
+func NewDispersalRequestSigner(
+	ctx context.Context,
+	region string,
+	endpoint string,
+	keyID string) (DispersalRequestSigner, error) {
+
+	keyManager := kms.New(kms.Options{
+		Region:       region,
+		BaseEndpoint: aws.String(endpoint),
+	})
+
+	key, err := common.LoadPublicKeyKMS(ctx, keyManager, keyID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get ecdsa public key: %w", err)
+	}
+
+	return &requestSigner{
+		keyID:      keyID,
+		publicKey:  key,
+		keyManager: keyManager,
+	}, nil
+}
+
+func (s *requestSigner) SignStoreChunksRequest(ctx context.Context, request *grpc.StoreChunksRequest) ([]byte, error) {
+	hash := auth.HashStoreChunksRequest(request)
+
+	signature, err := common.SignKMS(ctx, s.keyManager, s.keyID, s.publicKey, hash)
+	if err != nil {
+		return nil, fmt.Errorf("failed to sign request: %w", err)
+	}
+
+	return signature, nil
+}

api/clients/v2/request_signer_test.go

@@ -0,0 +1,129 @@
+package clients
+
+import (
+	"context"
+	"github.com/Layr-Labs/eigenda/common"
+	"github.com/Layr-Labs/eigenda/common/testutils/random"
+	"github.com/Layr-Labs/eigenda/inabox/deploy"
+	"github.com/Layr-Labs/eigenda/node/auth"
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/kms"
+	"github.com/aws/aws-sdk-go-v2/service/kms/types"
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/ory/dockertest/v3"
+	"github.com/stretchr/testify/require"
+	"log"
+	"os"
+	"path/filepath"
+	"runtime"
+	"testing"
+)
+
+var (
+	dockertestPool     *dockertest.Pool
+	dockertestResource *dockertest.Resource
+)
+
+const (
+	localstackPort = "4570"
+	localstackHost = "http://0.0.0.0:4570"
+	region         = "us-east-1"
+)
+
+func setup(t *testing.T) {
+	deployLocalStack := !(os.Getenv("DEPLOY_LOCALSTACK") == "false")
+
+	_, b, _, _ := runtime.Caller(0)
+	rootPath := filepath.Join(filepath.Dir(b), "../../..")
+	changeDirectory(filepath.Join(rootPath, "inabox"))
+
+	if deployLocalStack {
+		var err error
+		dockertestPool, dockertestResource, err = deploy.StartDockertestWithLocalstackContainer(localstackPort)
+		require.NoError(t, err)
+	}
+}
+
+func changeDirectory(path string) {
+	err := os.Chdir(path)
+	if err != nil {
+
+		currentDirectory, err := os.Getwd()
+		if err != nil {
+			log.Printf("Failed to get current directory. Error: %s", err)
+		}
+
+		log.Panicf("Failed to change directories. CWD: %s, Error: %s", currentDirectory, err)
+	}
+
+	newDir, err := os.Getwd()
+	if err != nil {
+		log.Panicf("Failed to get working directory. Error: %s", err)
+	}
+	log.Printf("Current Working Directory: %s\n", newDir)
+}
+
+func teardown() {
+	deployLocalStack := !(os.Getenv("DEPLOY_LOCALSTACK") == "false")
+
+	if deployLocalStack {
+		deploy.PurgeDockertestResources(dockertestPool, dockertestResource)
+	}
+}
+
+func TestRequestSigning(t *testing.T) {
+	rand := random.NewTestRandom(t)
+	setup(t)
+	defer teardown()
+
+	keyManager := kms.New(kms.Options{
+		Region:       region,
+		BaseEndpoint: aws.String(localstackHost),
+	})
+
+	for i := 0; i < 10; i++ {
+		createKeyOutput, err := keyManager.CreateKey(context.Background(), &kms.CreateKeyInput{
+			KeySpec:  types.KeySpecEccSecgP256k1,
+			KeyUsage: types.KeyUsageTypeSignVerify,
+		})
+		require.NoError(t, err)
+
+		keyID := *createKeyOutput.KeyMetadata.KeyId
+
+		key, err := common.LoadPublicKeyKMS(context.Background(), keyManager, keyID)
+		require.NoError(t, err)
+
+		publicAddress := crypto.PubkeyToAddress(*key)
+
+		for j := 0; j < 10; j++ {
+			request := auth.RandomStoreChunksRequest(rand)
+			request.Signature = nil
+
+			signer, err := NewDispersalRequestSigner(context.Background(), region, localstackHost, keyID)
+			require.NoError(t, err)
+
+			// Test a valid signature.
+			signature, err := signer.SignStoreChunksRequest(context.Background(), request)
+			require.NoError(t, err)
+
+			require.Nil(t, request.Signature)
+			request.Signature = signature
+			err = auth.VerifyStoreChunksRequest(publicAddress, request)
+			require.NoError(t, err)
+
+			// Changing a byte in the middle of the signature should make the verification fail
+			badSignature := make([]byte, len(signature))
+			copy(badSignature, signature)
+			badSignature[10] = badSignature[10] + 1
+			request.Signature = badSignature
+			err = auth.VerifyStoreChunksRequest(publicAddress, request)
+			require.Error(t, err)
+
+			// Changing a byte in the middle of the request should make the verification fail
+			request.DisperserID = request.DisperserID + 1
+			request.Signature = signature
+			err = auth.VerifyStoreChunksRequest(publicAddress, request)
+			require.Error(t, err)
+		}
+	}
+}

api/docs/eigenda-protos.html

@@ -3488,7 +3488,7 @@ <h3 id="node.v2.StoreChunksReply">StoreChunksReply</h3>
 
 
         <h3 id="node.v2.StoreChunksRequest">StoreChunksRequest</h3>
-        <p></p>
+        <p>Request that the Node store a batch of chunks.</p>
 
 
           <table class="field-table">
@@ -3504,6 +3504,46 @@ <h3 id="node.v2.StoreChunksRequest">StoreChunksRequest</h3>
                   <td><p>batch of blobs to store </p></td>
                 </tr>
 
+                <tr>
+                  <td>disperserID</td>
+                  <td><a href="#uint32">uint32</a></td>
+                  <td></td>
+                  <td><p>ID of the disperser that is requesting the storage of the batch. </p></td>
+                </tr>
+
+                <tr>
+                  <td>signature</td>
+                  <td><a href="#bytes">bytes</a></td>
+                  <td></td>
+                  <td><p>Signature using the disperser&#39;s ECDSA key over keccak hash of the batch. The purpose of this signature
+is to prevent hooligans from tricking DA nodes into storing data that they shouldn&#39;t be storing.
+
+Algorithm for computing the hash is as follows. All integer values are serialized in big-endian order (unsigned).
+A reference implementation (golang) can be found at
+https://github.com/Layr-Labs/eigenda/blob/master/disperser/auth/request_signing.go
+
+1. digest batch.BatchHeader.BatchRoot
+2. digest batch.BatchHeader.ReferenceBlockNumber (8 bytes, unsigned big endian)
+3. for each certificate in batch.BlobCertificates:
+  a. digest certificate.BlobHeader.Version (4 bytes, unsigned big endian)
+  b. for each quorum_number in certificate.BlobHeader.QuorumNumbers:
+    i. digest quorum_number (4 bytes, unsigned big endian)
+  c. digest certificate.BlobHeader.Commitment.Commitment
+  d. digest certificate.BlobHeader.Commitment.LengthCommitment
+  e. digest certificate.BlobHeader.Commitment.LengthProof
+  f. digest certificate.BlobHeader.Commitment.Length (4 bytes, unsigned big endian)
+  g. digest certificate.BlobHeader.PaymentHeader.AccountId
+  h. digest certificate.BlobHeader.PaymentHeader.ReservationPeriod (4 bytes, unsigned big endian)
+  i. digest certificate.BlobHeader.PaymentHeader.CumulativePayment
+  j. digest certificate.BlobHeader.PaymentHeader.Salt (4 bytes, unsigned big endian)
+  k. digest certificate.BlobHeader.Signature
+  l. for each relay in certificate.Relays:
+    i. digest relay (4 bytes, unsigned big endian)
+4. digest disperserID (4 bytes, unsigned big endian)
+
+Note that this signature is not included in the hash for obvious reasons. </p></td>
+                </tr>
+
             </tbody>
           </table>
 

api/docs/eigenda-protos.md

@@ -1476,12 +1476,20 @@ Node info request
 <a name="node-v2-StoreChunksRequest"></a>
 
 ### StoreChunksRequest
-
+Request that the Node store a batch of chunks.
 
 
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | batch | [common.v2.Batch](#common-v2-Batch) |  | batch of blobs to store |
+| disperserID | [uint32](#uint32) |  | ID of the disperser that is requesting the storage of the batch. |
+| signature | [bytes](#bytes) |  | Signature using the disperser&#39;s ECDSA key over keccak hash of the batch. The purpose of this signature is to prevent hooligans from tricking DA nodes into storing data that they shouldn&#39;t be storing.
+
+Algorithm for computing the hash is as follows. All integer values are serialized in big-endian order (unsigned). A reference implementation (golang) can be found at https://github.com/Layr-Labs/eigenda/blob/master/disperser/auth/request_signing.go
+
+1. digest batch.BatchHeader.BatchRoot 2. digest batch.BatchHeader.ReferenceBlockNumber (8 bytes, unsigned big endian) 3. for each certificate in batch.BlobCertificates: a. digest certificate.BlobHeader.Version (4 bytes, unsigned big endian) b. for each quorum_number in certificate.BlobHeader.QuorumNumbers: i. digest quorum_number (4 bytes, unsigned big endian) c. digest certificate.BlobHeader.Commitment.Commitment d. digest certificate.BlobHeader.Commitment.LengthCommitment e. digest certificate.BlobHeader.Commitment.LengthProof f. digest certificate.BlobHeader.Commitment.Length (4 bytes, unsigned big endian) g. digest certificate.BlobHeader.PaymentHeader.AccountId h. digest certificate.BlobHeader.PaymentHeader.ReservationPeriod (4 bytes, unsigned big endian) i. digest certificate.BlobHeader.PaymentHeader.CumulativePayment j. digest certificate.BlobHeader.PaymentHeader.Salt (4 bytes, unsigned big endian) k. digest certificate.BlobHeader.Signature l. for each relay in certificate.Relays: i. digest relay (4 bytes, unsigned big endian) 4. digest disperserID (4 bytes, unsigned big endian)
+
+Note that this signature is not included in the hash for obvious reasons. |