-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump synedrion to unreleased git version ahead of adding t-of-n in Migrate-To-Threshold branch #851
Conversation
@fjarri I wanted to make this update to have our current setup working with the latest changes to synedrion, before adding support for t-of-n signing in a separate PR. But i am not sure if it is possible to do a key refresh with non-threshold keyshares anymore, as it looks like there is no longer a way for to update a I see that |
Yes, the CGGMP's KeyRefresh won't work with threshold shares. I think we will have to use KeyResharing as KeyRefresh, by resharing to the same set of nodes. I will talk to Chelsea about it next week, because it bothers me that the WWW'02 (KeyResharing) doesn't make use of ZK proofs and Paillier ciphertexts the way CGGMP'21's KeyRefresh does, even though KeyRefresh is a functional subset of KeyResharing. But in the end it will be KeyResharing that we will use, in the current or updated form.
This has been removed in entropyxyz/synedrion#119 because it turned out it doesn't work as expected :) Also, that PR made the following changes:
AuxGen may not be necessary depending on the resolution on entropyxyz/synedrion#98, but for now the philosophy is the following: nodes participating in AuxGen collectively agree that all the public auxiliary data is valid, and safe, and the corresponding nodes own the secret parts of it, and so on. After you run KeyResharing you need to update auxiliary data for the new set of nodes (or just update it on the regular basis for the same set of nodes, as appropriate). |
All tests are now passing at the |
@@ -178,27 +176,6 @@ pub async fn ws_to_channels<T: WsConnection>( | |||
} | |||
} | |||
|
|||
/// Open a ws connection in a native environment | |||
#[cfg(feature = "server")] | |||
pub async fn open_ws_connection( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unrelated to this PR but these are no longer needed as they relate to private mode which has been removed
|
||
impl fmt::Debug for ProtocolOutput { | ||
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { | ||
write!(f, "Success") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is hacky but wont be needed anymore once KeyShare
/ ThresholdKeyShare
implement Debug
which is coming soon. Its also only used in these tests - it never gets logged out but its for some reason needed to be able to unwrap a Result
for this type.
// If this is true a keyshare for the user will be generated and returned | ||
extra_private_keys: bool, | ||
// If this is given a keyshare for the user will be generated and returned | ||
extra_private_key: Option<sr25519::Pair>, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needed because keyshares are now intrinsicly tied to an identity, so if you want and extra keyshare you need to say who it is for.
That said im not sure if we actually use this anywhere now that private mode is gone and the refresh test no longer uses it. But thats for another PR.
Self { sign_init, key_share } | ||
} | ||
|
||
pub fn msg_to_sign(&self) -> &PrehashedMessage { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I removed this because synedrion::PrehashedMessage
doesnt exist anymore, and we never actually call this method.
To get the use entropy_protocol::PartyId;
use hex_literal::hex;
use lazy_static::lazy_static;
use rand_core::OsRng;
use subxt::utils::AccountId32;
use synedrion::{k256::ecdsa::SigningKey, KeyShare};
lazy_static! {
pub static ref DETERMINISTIC_KEY_SHARE_DAVE: [u8; 32] =
hex!("06b07fd12cdfb94fbde3ff2098e9f19bb11b00959680cfbd15c914b025f298d7");
}
fn main() {
let signing_key =
Some(SigningKey::from_bytes((&*DETERMINISTIC_KEY_SHARE_DAVE).into()).unwrap());
let ids = vec![
PartyId::new(AccountId32([1u8; 32])),
PartyId::new(AccountId32([2u8; 32])),
];
let shares = KeyShare::<synedrion::TestParams, PartyId>::new_centralized(
&mut OsRng,
&ids,
signing_key.as_ref(),
);
let verifying_key = shares[0]
.verifying_key()
.to_encoded_point(true)
.as_bytes()
.to_vec();
println!("{:?}", verifying_key);
} |
* Remove subgroups (#799) * remove subgroups * pallet tests working * fix benchmarks * tests working * clean * clean * remove unwrap * add check balance check to launch * fix test * fix inital chainstate * clean tests * changelog * fmt * fix * fix * remove permission from chain (#801) * remove permission from chain * update chainspec * remove permissioned from tss * clean * clean tests * remove commented out code * wasm test * lint * lint * lint * fixes * Remove sig party size (#817) * Remove sig party size * clean * lint * fixes * fmt * fix wasm build * fix * Bump synedrion to unreleased git version ahead of adding t-of-n in Migrate-To-Threshold branch (#851) * Bump synedrion to unreleased git version * Bump synedrion again and update execute_protocol.rs for new API * Update kvdb for new synedrion API * Update entropy-tss for new synedrion api * Clippy * Fix entropy-protocol for wasm target * Clippy * Fixes for testing-utils * Fixes for entropy-tss tests * Fixes for entropy-protocol tests * Fixes for entropy-protocol tests * Keep shares as ThresholdKeyShare until the point of using them in the signing protcol * Dont use a fixed threshold for the reshare protocol * Update entropy-tss for storing ThresholdKeyShares * Update entropy-testing-utils for storing ThresholdKeyShares * Clippy * Clippy * Fixes for testing * Little refactor of protocol tests * Rm dave from proactive refresh genesis block just to see if things work * Type alias for keyshare payload * Fix entropy-tss tests to use DAVE as well as EVE when testing proactive refresh * Update DAVEs constants * Use type alias for keyshare payload * Put chainspec back to how it was originally * Tidy * Tidy * Rm unused imports * t of n key generation and signing at the `entropy-protocol` level (#868) * Update our DKG protocol to internally run key init, reshare, and auxgen * Allow threshold to be passed into DKG fn * Update entropy-tss for new DKG api * Try various things to figure out why the tests pass locally but not in CI * Rm logging * Update for full t of n signing test * Lockfile * Update signing client protocol execution * Run tests in serial * Taplo * Clippy * Error handling when selecting DKG committee * Error handling for DKG protocols * Logging * Comments * Error handling for DKG protocols * Always run t-of-n test with minimum 3 parties even when running with only 2 cores * Only run t of n test with 3 parties * Rm comment * Rm panic * Typo Co-authored-by: Hernando Castano <[email protected]> * Improve doccomment Co-authored-by: Hernando Castano <[email protected]> * Fix typo * Rename enum for protocol message payload * Add threshold to logged fields in tracing macro * Final changes from doccomments --------- Co-authored-by: Hernando Castano <[email protected]> * Pregenerated threshold keyshare set for `entropy-tss` tests (#884) * Make unsafe fns for resharing centralized keyshares for tests * Make pairwrapper public * Make test keyshare fn * Make test keyshares in testing-utils * Add script for creating test shares * Add main fn for creating keyshares and add keyshares * Use test params for test keyshares * Update keyshares with test params * Rm make_centralized test * Rm unused fns from execute_protocol.rs * Changelog * Clippy * Mv synedrion test environment stuff to a module of its own * Mv create keyshares to separate crate * Add create test keyshares crate to cargo-deny exceptions list * Use t of n signing in `entropy-tss` (#879) * Add test helper fn for setting up 3 tss nodes * Update integratiion test chain spec * Add charlie keys to testing utils constants * Attempt a test for dkg with 3 validators * Add charlie to the correct chain spec - dev not integration_tests * Make full test including signing, sort party ids, and make nonce call at the point of finishing dkg * Sort party ids * Attempt to run test with longer delay when waiting for register confirmation * Set threshold to a fixed proportion of the number of validators * Deduplicate get_signers_from_chain fn * Rename test * Update store_share test * Onchain user request in test must be mutable * Comment out failing tests (temporary) * Sort party ids, and extend timeout in store_share test * Sort party ids after getting subset for key init protocol * Sort party ids before truncating for signing * Extend timeout for store share test yet again * Add EVE keyshares to kvdbs when setting up testing validators * Create test keyshares should run aux gen session and be generic for scheme params * Script should use mnemonics for default TSS nodes * Update keyshares, move spawn validator fn outside of entropy-tss so it can be used for integration tests * Rm moved fn from test helpers * entropy-tss sign integration test uses pre-generated keyshares * Fix how sr25519 keypairs are created from mnemonic * Expose get_signer_and_x25519_secret_from_mnemonic fn without cfg(test) * Have both production and test keyshare sets, only one spawn_testing_validators fn * Have both production and test keyshare sets in create test keyshares script * Update tests * WIP deserialize verifying key fn * Basic no_chain test passing * Move spawn_testing_validators back to entropy-tss and fix tests * Rm tss_server_process module from testing-utils * Update decode_verifying_key fn with error handling * Clippy * Doccomments * Uncomment cfg * Rm logging * Helper fn does not need to be public * Test helper should only be available when feature is active or test mode * Rm logging * Rm unused dependency * Rm comment * Fix device key proxy test * Add dave keyshares and fix proactive reshare test * Clippy * Refactor unsafe_get helper * Clippy * Send session id hash in protocol message so that we can check it * temporary comment out negative test from share_store * Clippy, logging * Improve test helper fn * Fix sign_eth_tx test * Fix test helper * Put messages destined for another session back into the incoming message queue * Uncomment commented out bit of store share test * Doccomments * Use centralized aux gen protocol when creating test keyshares * Comments, logging * Tidy test helper fn * Revert changes to timeouts in store share test * Rm unwrap * Rm duplicate test * Add link to issue to TODO * Use enum to represent DKG sub-session * Comment in cargo toml * Comments explaining how keys are derived * Change eve to dave in signing tests * Change eve to dave in signing tests * Taplo * Doccomments * Add charlie to integration test chainspec * Proactive refresh should use threshold from keyshare * Set the old threshold to n but keep the new threshold as t when resharing * update to master * merge fixes * fix wasm test * remove todo * Missed a merge item * Remove subgroups from jumpstart (#936) * Remove subgroups from jumpstart code * Bump metadata * Remove subgroup from TSS call * Try and update benches * fix failing benchmark * Get tests compiling * Remove tests related to key syncing * Add check that validator is actually in set and not just a candidate * Remove commented code * Appease Clippy * Remove commented code * Add third validator to jumpstart tests * Remove `KeyVisiblity` from registry tests * Switch to `KeyShareWithAuxInfo` * Don't use with `WithAuxInfo` variant * Add validators to benchmark validator set * Add ID of validator which confirmed jump start to event * Fix some formatting * add aux info back into key * fix jumpstart test --------- Co-authored-by: Jesse Abramowitz <[email protected]> --------- Co-authored-by: peg <[email protected]> Co-authored-by: Hernando Castano <[email protected]> Co-authored-by: Hernando Castano <[email protected]>
This updates synedrion with the latest changes - moving towards adding threshold signing but not actually functionally changing things for now.
Stored keyshares in the kvdb are now no longer
KeyShare<KeyParams>
but(ThresholdKeyShare<KeyParams, PartyId>, AuxInfo<KeyParams, PartyId>)
.entropy-protcol
has a type alias for this,entropy_protocol::KeyShareWithAuxData
. But we could also make a struct with some nice helpers.The proactive refresh protocol is still called proactive refresh in our code, but under the hood it is now a key reshare with the same participants as before. This is to distinguish it from a key reshare which changes participants, which we may want to add at some point.