Documentation ¶
Index ¶
- func CanonicalVoteToStep(vote *tmProto.CanonicalVote) int8
- func ProposalToStep(_ *tmProto.Proposal) int8
- func ReadMsg(reader io.Reader) (msg tmProtoPrivval.Message, err error)
- func ReadPrivValidatorFile(priv string) (out privval.FilePVKey, err error)
- func UnpackHRS(signBytes []byte) (height int64, round int64, step int8, err error)
- func VoteToStep(vote *tmProto.Vote) int8
- func WriteCosignerShareFile(cosigner CosignerKey, file string) error
- func WriteMsg(writer io.Writer, msg tmProtoPrivval.Message) (err error)
- type Config
- type Cosigner
- type CosignerConfig
- type CosignerGetEphemeralSecretPartRequest
- type CosignerGetEphemeralSecretPartResponse
- type CosignerHasEphemeralSecretPartRequest
- type CosignerHasEphemeralSecretPartResponse
- type CosignerKey
- type CosignerPeer
- type CosignerRpcServer
- type CosignerRpcServerConfig
- type CosignerSetEphemeralSecretPartRequest
- type CosignerSignRequest
- type CosignerSignResponse
- type HRSKey
- type HrsMetadata
- type LocalCosigner
- func (cosigner *LocalCosigner) GetEphemeralSecretPart(req CosignerGetEphemeralSecretPartRequest) (CosignerGetEphemeralSecretPartResponse, error)
- func (cosigner *LocalCosigner) GetID() int
- func (cosigner *LocalCosigner) HasEphemeralSecretPart(req CosignerHasEphemeralSecretPartRequest) (CosignerHasEphemeralSecretPartResponse, error)
- func (cosigner *LocalCosigner) SetEphemeralSecretPart(req CosignerSetEphemeralSecretPartRequest) error
- func (cosigner *LocalCosigner) Sign(req CosignerSignRequest) (CosignerSignResponse, error)
- type LocalCosignerConfig
- type NodeConfig
- type PeerMetadata
- type PvGuard
- type ReconnRemoteSigner
- type RemoteCosigner
- func (cosigner *RemoteCosigner) GetEphemeralSecretPart(req CosignerGetEphemeralSecretPartRequest) (CosignerGetEphemeralSecretPartResponse, error)
- func (cosigner *RemoteCosigner) GetID() int
- func (cosigner *RemoteCosigner) HasEphemeralSecretPart(req CosignerHasEphemeralSecretPartRequest) (CosignerHasEphemeralSecretPartResponse, error)
- func (cosigner *RemoteCosigner) SetEphemeralSecretPart(req CosignerSetEphemeralSecretPartRequest) error
- func (cosigner *RemoteCosigner) Sign(signReq CosignerSignRequest) (CosignerSignResponse, error)
- type RpcGetEphemeralSecretPartRequest
- type RpcGetEphemeralSecretPartResponse
- type RpcSignRequest
- type RpcSignResponse
- type SignState
- type ThresholdValidator
- type ThresholdValidatorOpt
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CanonicalVoteToStep ¶
func CanonicalVoteToStep(vote *tmProto.CanonicalVote) int8
func ProposalToStep ¶
func ReadMsg ¶
func ReadMsg(reader io.Reader) (msg tmProtoPrivval.Message, err error)
ReadMsg reads a message from an io.Reader
func ReadPrivValidatorFile ¶
ReadPrivValidatorFile reads in a privval.FilePVKey from a given file
func VoteToStep ¶
func WriteCosignerShareFile ¶
func WriteCosignerShareFile(cosigner CosignerKey, file string) error
WriteCosignerShareFile writes a cosigner key to a given file name
Types ¶
type Config ¶
type Config struct { Mode string `toml:"mode"` PrivValKeyFile string `toml:"key_file"` PrivValStateDir string `toml:"state_dir"` ChainID string `toml:"chain_id"` CosignerThreshold int `toml:"cosigner_threshold"` ListenAddress string `toml:"cosigner_listen_address"` Nodes []NodeConfig `toml:"node"` Cosigners []CosignerConfig `toml:"cosigner"` }
func LoadConfigFromFile ¶
type Cosigner ¶
type Cosigner interface { // Get the ID of the cosigner // The ID is the shamir index: 1, 2, etc... GetID() int // Get the ephemeral secret part for an ephemeral share // The ephemeral secret part is encrypted for the receiver GetEphemeralSecretPart(req CosignerGetEphemeralSecretPartRequest) (CosignerGetEphemeralSecretPartResponse, error) // Store an ephemeral secret share part provided by another cosigner SetEphemeralSecretPart(req CosignerSetEphemeralSecretPartRequest) error // Query whether the cosigner has an ehpemeral secret part set HasEphemeralSecretPart(req CosignerHasEphemeralSecretPartRequest) (CosignerHasEphemeralSecretPartResponse, error) // Sign the requested bytes Sign(req CosignerSignRequest) (CosignerSignResponse, error) }
Cosigner interface is a set of methods for an m-of-n threshold signature. This interface abstracts the underlying key storage and management
type CosignerConfig ¶
type CosignerKey ¶
type CosignerKey struct { PubKey tmCrypto.PubKey `json:"pub_key"` RSAKey rsa.PrivateKey `json:"rsa_key"` ID int `json:"id"` CosignerKeys []*rsa.PublicKey `json:"rsa_pubs"` }
CosignerKey is a single key for an m-of-n threshold signer.
func CreateCosignerShares ¶
func CreateCosignerShares(pv privval.FilePVKey, threshold, shares int64) (out []CosignerKey, err error)
CreateCosignerShares creates cosigner key objects from a privval.FilePVKey
func CreateCosignerSharesFromFile ¶
func CreateCosignerSharesFromFile(priv string, threshold, shares int64) ([]CosignerKey, error)
CreateCosignerSharesFromFile creates cosigner key objects from a priv_validator_key.json file
func LoadCosignerKey ¶
func LoadCosignerKey(file string) (CosignerKey, error)
LoadCosignerKey loads a CosignerKey from file.
func (*CosignerKey) MarshalJSON ¶
func (cosignerKey *CosignerKey) MarshalJSON() ([]byte, error)
func (*CosignerKey) UnmarshalJSON ¶
func (cosignerKey *CosignerKey) UnmarshalJSON(data []byte) error
type CosignerPeer ¶
type CosignerRpcServer ¶
type CosignerRpcServer struct { service.BaseService // contains filtered or unexported fields }
CosignerRpcServer responds to rpc sign requests using a cosigner instance
func NewCosignerRpcServer ¶
func NewCosignerRpcServer(config *CosignerRpcServerConfig) *CosignerRpcServer
NewCosignerRpcServer instantiates a local cosigner with the specified key and sign state
func (*CosignerRpcServer) Addr ¶
func (rpcServer *CosignerRpcServer) Addr() net.Addr
func (*CosignerRpcServer) OnStart ¶
func (rpcServer *CosignerRpcServer) OnStart() error
OnStart starts the rpm server to respond to remote CosignerSignRequests
type CosignerRpcServerConfig ¶
type CosignerRpcServerConfig struct { Logger log.Logger ListenAddress string Cosigner Cosigner Peers []RemoteCosigner }
type CosignerSignRequest ¶
type CosignerSignRequest struct {
SignBytes []byte
}
CosignerSignRequest is sent to a co-signer to obtain their signature for the SignBytes The SignBytes should be a serialized block
type CosignerSignResponse ¶
type HrsMetadata ¶
type HrsMetadata struct { // need to be _total_ entries per player Secret []byte Peers []PeerMetadata }
type LocalCosigner ¶
type LocalCosigner struct {
// contains filtered or unexported fields
}
LocalCosigner responds to sign requests using their share key The cosigner maintains a watermark to avoid double-signing
LocalCosigner signing is thread saafe
func NewLocalCosigner ¶
func NewLocalCosigner(cfg LocalCosignerConfig) *LocalCosigner
func (*LocalCosigner) GetEphemeralSecretPart ¶
func (cosigner *LocalCosigner) GetEphemeralSecretPart(req CosignerGetEphemeralSecretPartRequest) (CosignerGetEphemeralSecretPartResponse, error)
Get the ephemeral secret part for an ephemeral share The ephemeral secret part is encrypted for the receiver
func (*LocalCosigner) GetID ¶
func (cosigner *LocalCosigner) GetID() int
GetID returns the id of the cosigner Implements Cosigner interface
func (*LocalCosigner) HasEphemeralSecretPart ¶
func (cosigner *LocalCosigner) HasEphemeralSecretPart(req CosignerHasEphemeralSecretPartRequest) (CosignerHasEphemeralSecretPartResponse, error)
func (*LocalCosigner) SetEphemeralSecretPart ¶
func (cosigner *LocalCosigner) SetEphemeralSecretPart(req CosignerSetEphemeralSecretPartRequest) error
Store an ephemeral secret share part provided by another cosigner
func (*LocalCosigner) Sign ¶
func (cosigner *LocalCosigner) Sign(req CosignerSignRequest) (CosignerSignResponse, error)
Sign the sign request using the cosigner's share Return the signed bytes or an error Implements Cosigner interface
type LocalCosignerConfig ¶
type LocalCosignerConfig struct { CosignerKey CosignerKey SignState *SignState RsaKey rsa.PrivateKey Peers []CosignerPeer Total uint8 Threshold uint8 }
type NodeConfig ¶
type NodeConfig struct {
Address string `toml:"address"`
}
type PeerMetadata ¶
type PeerMetadata struct { EphemeralSecretPublicKey []byte }
type PvGuard ¶
type PvGuard struct { PrivValidator tm.PrivValidator // contains filtered or unexported fields }
PvGuard guards access to an underlying PrivValidator by using mutexes for each of the PrivValidator interface functions
func (*PvGuard) SignProposal ¶
SignProposal implementes types.PrivValidator
type ReconnRemoteSigner ¶
type ReconnRemoteSigner struct { tmService.BaseService // contains filtered or unexported fields }
ReconnRemoteSigner dials using its dialer and responds to any signature requests using its privVal.
func NewReconnRemoteSigner ¶
func NewReconnRemoteSigner( address string, logger tmLog.Logger, chainID string, privVal tm.PrivValidator, dialer net.Dialer, ) *ReconnRemoteSigner
NewReconnRemoteSigner return a ReconnRemoteSigner that will dial using the given dialer and respond to any signature requests over the connection using the given privVal.
If the connection is broken, the ReconnRemoteSigner will attempt to reconnect.
func (*ReconnRemoteSigner) OnStart ¶
func (rs *ReconnRemoteSigner) OnStart() error
OnStart implements cmn.Service.
type RemoteCosigner ¶
type RemoteCosigner struct {
// contains filtered or unexported fields
}
RemoteCosigner uses tendermint rpc to request signing from a remote cosigner
func NewRemoteCosigner ¶
func NewRemoteCosigner(id int, address string) *RemoteCosigner
NewRemoteCosigner returns a newly initialized RemoteCosigner
func (*RemoteCosigner) GetEphemeralSecretPart ¶
func (cosigner *RemoteCosigner) GetEphemeralSecretPart(req CosignerGetEphemeralSecretPartRequest) (CosignerGetEphemeralSecretPartResponse, error)
func (*RemoteCosigner) GetID ¶
func (cosigner *RemoteCosigner) GetID() int
GetID returns the ID of the remote cosigner Implements the cosigner interface
func (*RemoteCosigner) HasEphemeralSecretPart ¶
func (cosigner *RemoteCosigner) HasEphemeralSecretPart(req CosignerHasEphemeralSecretPartRequest) (CosignerHasEphemeralSecretPartResponse, error)
func (*RemoteCosigner) SetEphemeralSecretPart ¶
func (cosigner *RemoteCosigner) SetEphemeralSecretPart(req CosignerSetEphemeralSecretPartRequest) error
func (*RemoteCosigner) Sign ¶
func (cosigner *RemoteCosigner) Sign(signReq CosignerSignRequest) (CosignerSignResponse, error)
Sign the sign request using the cosigner's share Return the signed bytes or an error
type RpcSignRequest ¶
type RpcSignRequest struct {
SignBytes []byte
}
type RpcSignResponse ¶
type SignState ¶
type SignState struct { Height int64 `json:"height"` Round int64 `json:"round"` Step int8 `json:"step"` EphemeralPublic []byte `json:"ephemeral_public"` Signature []byte `json:"signature,omitempty"` SignBytes tmBytes.HexBytes `json:"signbytes,omitempty"` // contains filtered or unexported fields }
SignState stores signing information for high level watermark management.
func LoadOrCreateSignState ¶
LoadOrCreateSignState loads the sign state from filepath If the sign state could not be loaded, an empty sign state is initialized and saved to filepath.
func LoadSignState ¶
LoadSignState loads a sign state from disk.
func (*SignState) CheckHRS ¶
CheckHRS checks the given height, round, step (HRS) against that of the SignState. It returns an error if the arguments constitute a regression, or if they match but the SignBytes are empty. Returns true if the HRS matches the arguments and the SignBytes are not empty (indicating we have already signed for this HRS, and can reuse the existing signature). It panics if the HRS matches the arguments, there's a SignBytes, but no Signature.
func (*SignState) OnlyDifferByTimestamp ¶
OnlyDifferByTimestamp returns true if the sign bytes of the sign state are the same as the new sign bytes excluding the timestamp.
type ThresholdValidator ¶
type ThresholdValidator struct {
// contains filtered or unexported fields
}
func NewThresholdValidator ¶
func NewThresholdValidator(opt *ThresholdValidatorOpt) *ThresholdValidator
NewThresholdValidator creates and returns a new ThresholdValidator
func (*ThresholdValidator) GetPubKey ¶
func (pv *ThresholdValidator) GetPubKey() (crypto.PubKey, error)
GetPubKey returns the public key of the validator. Implements PrivValidator.
func (*ThresholdValidator) SignProposal ¶
func (pv *ThresholdValidator) SignProposal(chainID string, proposal *tmProto.Proposal) error
SignProposal signs a canonical representation of the proposal, along with the chainID. Implements PrivValidator.