Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(pubkey): Pubkey module #342

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

feat(pubkey): Pubkey module #342

wants to merge 9 commits into from

Conversation

hacheigriega
Copy link
Member

@hacheigriega hacheigriega commented Aug 26, 2024
edited
Loading

Explanation of Changes

This PR adds a new module x/pubkey, which will serve as the public key registry for various signing keys used in the SEDA Protocol. The module store follows the following scheme:

validator_address | index -> public_key

There is no application logic that prevents a validator operator from adding any public keys at any index. However, they should use the official, up-to-date CLI to generate the correct set of SEDA keys and send a transaction that would register their public keys at correct indices. In the initial implementation, the CLI generates a single secp256k1 key, whose public key is to be registered at index 0. The SEDA key file is saved in the same directory as the validator key file. By default, the location is $CHAIN_DIR/config/seda_keys.json.

To generate and register the SEDA keys:

sedad tx pubkey add-seda-keys --from <validator_operator_key> --gas-prices 1000000000aseda --gas auto --gas-adjustment 2.0

To use an existing SEDA key file:

sedad tx pubkey add-seda-keys --key-file ~/.sedad/config/seda_keys.json --from <validator_operator_key> --gas-prices 1000000000aseda --gas auto --gas-adjustment 2.0

To query a given validator's SEDA public keys:

sedad query pubkey validator-keys <validator_operator_addr>

@hacheigriega hacheigriega marked this pull request as ready for review September 5, 2024 17:35
DeshErBojhaa and others added 6 commits September 5, 2024 13:56
@DeshErBojhaa @hacheigriega
feat: pkr -> init module
3013736 
refactor: added integration tests

add query command

feat: pkr module implementation with add-key tx and query endpoints

feat: pkr module implemented with tests

fix: fix e2e tests and proto query api
@hacheigriega
refactor: refactor vrf key generation function
e6bde18
@hacheigriega
feat: genesis export import support
18539c7 
chore: CHANGELOG update
@hacheigriega
refactor: more robust and cleaner pkr testing and event
bdda2ca 
chore: proto lint and error msg typo fix

chore: fix test name
@hacheigriega
feat: Add SEDA Keys
3600fe3
@hacheigriega
refactor: rename pkr module to pubkey module
e3f9d5e 
chore: add missing proto files and lint

test: improve add key msg validation and unit tests

fix: use comet private key type to save to file

style: lint

refactor: replace some user defined errors with sdk ones
@Thomasvdam
Copy link
Member

I guess it's not entirely clear for me how this module interfaces with modules that need access to the private keys, or how the dependencies are managed.

Maybe it helps to illustrate the following scenarios:

  1. We create a new module that needs to make use of the PKR, how does this new key get added?
  2. A module needs to have something signed, how does this happen?

It would be nice if we could leave all the details of how the keys are managed/stored/etc in the PKR module. I don't think it's possible to express this purely in terms of method/function calls and we'll have to keep a manual file somewhere that links a consumer module identifier to the kind of key it needs.

  • New module needs a keypair: add an entry to a list that consists of an ID (the index, should be unique) and the key implementation (how to generate, how to sign?)
  • On add-keys command the CLI iterates over the list, generates keys at the index of that module, publishes the new public keys in the TX. Private keys get stored in 1 file.
  • New module needs something signed, calls a method on the PKR module to sign data with the key under ID X, PKR returns signed bytes.

Pretty sure I'm simplifying things too much, but I feel like this should be possible.

@hacheigriega
Copy link
Member Author

  1. My thinking was that when we release a new binary that expects some new key to be registered, we would also update the CLI and have the validators use the updated CLI to generate a new set of keys and register their pubkeys.
  2. My thinking at the moment is that signing and verifying should be separated. Signing should be done using utility or context, whereas verifying should be supported by the pubkey module, which would expose the method through expected keepers. I think this separation makes sense because signing deals with the key file and is relevant only to validators. Would love to discuss more if you have doubts, but this is my current thinking.

@hacheigriega
chore: lint
e2be9f2 
chore: regenerate proto and lint proto

chore: lint
@hacheigriega
Copy link
Member Author

I will remove unused code like VRF key or CLI endpoint for creating validator with VRF in a separate PR tomorrow

@hacheigriega hacheigriega requested a review from a team September 9, 2024 23:30
@Thomasvdam
Copy link
Member

  1. My thinking was that when we release a new binary that expects some new key to be registered, we would also update the CLI and have the validators use the updated CLI to generate a new set of keys and register their pubkeys.
  2. My thinking at the moment is that signing and verifying should be separated. Signing should be done using utility or context, whereas verifying should be supported by the pubkey module, which would expose the method through expected keepers. I think this separation makes sense because signing deals with the key file and is relevant only to validators. Would love to discuss more if you have doubts, but this is my current thinking.

Lets discuss this tomorrow, maybe we can do some pseudocode to see pros and cons to both approaches.

@hacheigriega hacheigriega changed the title feat: Pubkey module feat(pubkey): Pubkey module Sep 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hacheigriega @Thomasvdam @DeshErBojhaa