rs: Upgrade futhark to authrunes crate

Futhark is already used on crates.io so the new name now is authrunes. Signed-off-by: Peter Neuroth <[email protected]>
Blockstream · Jan 10, 2024 · 9a193b1 · 9a193b1
1 parent 0dd83d8
commit 9a193b1
Show file tree

Hide file tree

Showing 5 changed files with 40 additions and 13 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/libs/gl-client/Cargo.toml b/libs/gl-client/Cargo.toml
@@ -30,6 +30,7 @@ prost = "0.11"
 prost-derive = "0.11"
 reqwest = {version="^0.11", features=["json", "rustls-tls-native-roots"], default-features = false}
 ring = "~0.16.20"
+runeauth = "0.1"
 rustls-pemfile = "1.0.3"
 sha256 = "1.1.4"
 tokio = { version = "1", features = ["full"] }
@@ -48,7 +49,6 @@ serde_json = "^1.0"
 thiserror = "1"
 cln-grpc = { workspace = true }
 chacha20poly1305 = { version = "0.10.1", optional = true }
-futhark = { git = "https://github.com/nepet/futhark.git", branch = "main"}
 
 serde_bolt = "0.2"
 secp256k1 = { version = "0.26.0", optional = true }

diff --git a/libs/gl-client/src/node/mod.rs b/libs/gl-client/src/node/mod.rs
@@ -66,14 +66,14 @@ impl NodeBuilder {
         self
     }
 
-    /// Sets a `futhark::Rune` for the `Node`. Overrides a `futhark::Rune` that
+    /// Sets a `runeauth::Rune` for the `Node`. Overrides a `runeauth::Rune` that
     /// is extracted from the auth blob via `with_auth`.
     pub fn with_rune(mut self, rune: &str) -> Self {
         self.rune = rune.to_string();
         self
     }
 
-    /// Use the auth blob to create the `TlsConfig` and the `futhark::Rune` for
+    /// Use the auth blob to create the `TlsConfig` and the `runeauth::Rune` for
     /// the `Node`. Will be overridden by `with_rune()` and `with_tls`.
     pub fn with_auth(mut self, auth: &[u8]) -> Result<Self> {
         let blob = serialize::AuthBlob::deserialize(&auth[..])?;

diff --git a/libs/gl-client/src/scheduler.rs b/libs/gl-client/src/scheduler.rs
@@ -135,9 +135,9 @@ impl Scheduler {
         // Create a new rune for the tls certs public key and append it to the
         // grpc response. Restricts the rune to the public key used for mTLS
         // authentication.
-        let alt = futhark::Alternative::new(
+        let alt = runeauth::Alternative::new(
             "pubkey".to_string(),
-            futhark::Condition::Equal,
+            runeauth::Condition::Equal,
             hex::encode(public_key),
             false,
         )?;
@@ -210,9 +210,9 @@ impl Scheduler {
         // Create a new rune for the tls certs public key and append it to the
         // grpc response. Restricts the rune to the public key used for mTLS
         // authentication.
-        let alt = futhark::Alternative::new(
+        let alt = runeauth::Alternative::new(
             "pubkey".to_string(),
-            futhark::Condition::Equal,
+            runeauth::Condition::Equal,
             hex::encode(public_key),
             false,
         )?;

diff --git a/libs/gl-client/src/signer/mod.rs b/libs/gl-client/src/signer/mod.rs
@@ -10,7 +10,6 @@ use anyhow::anyhow;
 use base64::engine::general_purpose;
 use base64::Engine;
 use bytes::BufMut;
-use futhark::{Restriction, Rune};
 use http::uri::InvalidUri;
 use lightning_signer::bitcoin::hashes::Hash;
 use lightning_signer::bitcoin::secp256k1::PublicKey;
@@ -19,6 +18,7 @@ use lightning_signer::node::NodeServices;
 use lightning_signer::policy::filter::FilterRule;
 use lightning_signer::util::crypto_utils;
 use log::{debug, info, trace, warn};
+use runeauth::{Condition, MapChecker, Restriction, Rune, RuneError};
 use std::collections::HashMap;
 use std::convert::TryFrom;
 use std::convert::TryInto;
@@ -326,7 +326,7 @@ impl Signer {
 
         match self
             .master_rune
-            .check_with_reason(&rune64, futhark::MapChecker { map: checks })
+            .check_with_reason(&rune64, MapChecker { map: checks })
         {
             Ok(_) => Ok(()),
             Err(e) => Err(e.into()),
@@ -864,17 +864,17 @@ impl Signer {
                     let joined = alts.join("|");
                     Restriction::try_from(joined.as_str())
                 })
-                .collect::<Result<Vec<Restriction>, futhark::RuneError>>()?;
+                .collect::<Result<Vec<Restriction>, RuneError>>()?;
 
             // New rune, we need a unique id.
             // FIXME: Add a counter that persists in SSS.
             let unique_id = 0;
 
             // Check that at least one restriction has a `pubkey` field set.
             let has_pubkey_field = res.iter().any(|r: &Restriction| {
-                r.alternatives.iter().any(|a| {
-                    a.get_field() == *"pubkey" && a.get_condition() == futhark::Condition::Equal
-                })
+                r.alternatives
+                    .iter()
+                    .any(|a| a.get_field() == *"pubkey" && a.get_condition() == Condition::Equal)
             });
             if !has_pubkey_field {
                 return Err(anyhow!("Missing a restriction on the pubkey"));