Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump synedrion to unreleased git version ahead of adding t-of-n in Migrate-To-Threshold branch #851

Merged
merged 28 commits into from
May 31, 2024

Conversation

ameba23
Copy link
Contributor

@ameba23 ameba23 commented May 23, 2024

This updates synedrion with the latest changes - moving towards adding threshold signing but not actually functionally changing things for now.

Stored keyshares in the kvdb are now no longer KeyShare<KeyParams> but (ThresholdKeyShare<KeyParams, PartyId>, AuxInfo<KeyParams, PartyId>). entropy-protcol has a type alias for this, entropy_protocol::KeyShareWithAuxData. But we could also make a struct with some nice helpers.

The proactive refresh protocol is still called proactive refresh in our code, but under the hood it is now a key reshare with the same participants as before. This is to distinguish it from a key reshare which changes participants, which we may want to add at some point.

@ameba23 ameba23 marked this pull request as draft May 23, 2024 09:12
@ameba23
Copy link
Contributor Author

ameba23 commented May 23, 2024

@fjarri I wanted to make this update to have our current setup working with the latest changes to synedrion, before adding support for t-of-n signing in a separate PR.

But i am not sure if it is possible to do a key refresh with non-threshold keyshares anymore, as it looks like there is no longer a way for to update a KeyShare with a KeyShareChange from the refresh protocol.

I see that ThresholdKeyShare allows you to combine a ThresholdKeyShareSeed with a KeyShareChange (with ThresholdKeyShare::new). Does this mean we will need to store the keyshare seed as well as the keyshare, in order to create updated keyshares following a refresh? Or is there some way of getting the keyshare seed from an existing keyshare?

@fjarri
Copy link
Member

fjarri commented May 24, 2024

But i am not sure if it is possible to do a key refresh with non-threshold keyshares anymore, as it looks like there is no longer a way for to update a KeyShare with a KeyShareChange from the refresh protocol.

Yes, the CGGMP's KeyRefresh won't work with threshold shares. I think we will have to use KeyResharing as KeyRefresh, by resharing to the same set of nodes. I will talk to Chelsea about it next week, because it bothers me that the WWW'02 (KeyResharing) doesn't make use of ZK proofs and Paillier ciphertexts the way CGGMP'21's KeyRefresh does, even though KeyRefresh is a functional subset of KeyResharing. But in the end it will be KeyResharing that we will use, in the current or updated form.

I see that ThresholdKeyShare allows you to combine a ThresholdKeyShareSeed with a KeyShareChange (with ThresholdKeyShare::new).

This has been removed in entropyxyz/synedrion#119 because it turned out it doesn't work as expected :) Also, that PR made the following changes:

  • Key shares and auxiliary data are now separate. So no more KeyShareSeed/KeyShare - it's just (Threshold)KeyShare now.
  • There is an AuxGen protocol that just generates the auxiliary data (AuxInfo).
  • make_interactive_signing_session() takes a KeyShare and AuxInfo objects.
  • The threshold sequence test was updated accordingly.

AuxGen may not be necessary depending on the resolution on entropyxyz/synedrion#98, but for now the philosophy is the following: nodes participating in AuxGen collectively agree that all the public auxiliary data is valid, and safe, and the corresponding nodes own the secret parts of it, and so on. After you run KeyResharing you need to update auxiliary data for the new set of nodes (or just update it on the regular basis for the same set of nodes, as appropriate).

@ameba23
Copy link
Contributor Author

ameba23 commented May 29, 2024

All tests are now passing at the entropy-protocol level. But in entropy-tss the proactive refresh test fails.

@@ -178,27 +176,6 @@ pub async fn ws_to_channels<T: WsConnection>(
}
}

/// Open a ws connection in a native environment
#[cfg(feature = "server")]
pub async fn open_ws_connection(
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unrelated to this PR but these are no longer needed as they relate to private mode which has been removed


impl fmt::Debug for ProtocolOutput {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Success")
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is hacky but wont be needed anymore once KeyShare / ThresholdKeyShare implement Debug which is coming soon. Its also only used in these tests - it never gets logged out but its for some reason needed to be able to unwrap a Result for this type.

// If this is true a keyshare for the user will be generated and returned
extra_private_keys: bool,
// If this is given a keyshare for the user will be generated and returned
extra_private_key: Option<sr25519::Pair>,
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needed because keyshares are now intrinsicly tied to an identity, so if you want and extra keyshare you need to say who it is for.

That said im not sure if we actually use this anywhere now that private mode is gone and the refresh test no longer uses it. But thats for another PR.

Self { sign_init, key_share }
}

pub fn msg_to_sign(&self) -> &PrehashedMessage {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed this because synedrion::PrehashedMessage doesnt exist anymore, and we never actually call this method.

@ameba23
Copy link
Contributor Author

ameba23 commented May 30, 2024

To get the entropy-tss test_proactive_refresh test to work with both eve and dave, i had to add a 'deterministic key share' constant for dave. For the record, the code which generated the associated verifying key for that is here:

use entropy_protocol::PartyId;
use hex_literal::hex;
use lazy_static::lazy_static;
use rand_core::OsRng;
use subxt::utils::AccountId32;
use synedrion::{k256::ecdsa::SigningKey, KeyShare};

lazy_static! {
    pub static ref DETERMINISTIC_KEY_SHARE_DAVE: [u8; 32] =
        hex!("06b07fd12cdfb94fbde3ff2098e9f19bb11b00959680cfbd15c914b025f298d7");
}

fn main() {
    let signing_key =
        Some(SigningKey::from_bytes((&*DETERMINISTIC_KEY_SHARE_DAVE).into()).unwrap());

    let ids = vec![
        PartyId::new(AccountId32([1u8; 32])),
        PartyId::new(AccountId32([2u8; 32])),
    ];
    let shares = KeyShare::<synedrion::TestParams, PartyId>::new_centralized(
        &mut OsRng,
        &ids,
        signing_key.as_ref(),
    );
    let verifying_key = shares[0]
        .verifying_key()
        .to_encoded_point(true)
        .as_bytes()
        .to_vec();
    println!("{:?}", verifying_key);
}

@ameba23 ameba23 marked this pull request as ready for review May 30, 2024 10:22
@ameba23 ameba23 requested review from JesseAbram and HCastano May 30, 2024 11:09
@ameba23 ameba23 merged commit 7b2ff8e into Migrate-to-Threshold May 31, 2024
13 checks passed
@ameba23 ameba23 deleted the peg/update-synedrion branch May 31, 2024 06:47
JesseAbram added a commit that referenced this pull request Jul 16, 2024
* Remove subgroups (#799)

* remove subgroups

* pallet tests working

* fix benchmarks

* tests working

* clean

* clean

* remove unwrap

* add check balance check to launch

* fix test

* fix inital chainstate

* clean tests

* changelog

* fmt

* fix

* fix

* remove permission from chain (#801)

* remove permission from chain

* update chainspec

* remove permissioned from tss

* clean

* clean tests

* remove commented out code

* wasm test

* lint

* lint

* lint

* fixes

* Remove sig party size (#817)

* Remove sig party size

* clean

* lint

* fixes

* fmt

* fix wasm build

* fix

* Bump synedrion to unreleased git version ahead of adding t-of-n in Migrate-To-Threshold branch (#851)

* Bump synedrion to unreleased git version

* Bump synedrion again and update execute_protocol.rs for new API

* Update kvdb for new synedrion API

* Update entropy-tss for new synedrion api

* Clippy

* Fix entropy-protocol for wasm target

* Clippy

* Fixes for testing-utils

* Fixes for entropy-tss tests

* Fixes for entropy-protocol tests

* Fixes for entropy-protocol tests

* Keep shares as ThresholdKeyShare until the point of using them in the signing protcol

* Dont use a fixed threshold for the reshare protocol

* Update entropy-tss for storing ThresholdKeyShares

* Update entropy-testing-utils for storing ThresholdKeyShares

* Clippy

* Clippy

* Fixes for testing

* Little refactor of protocol tests

* Rm dave from proactive refresh genesis block just to see if things work

* Type alias for keyshare payload

* Fix entropy-tss tests to use DAVE as well as EVE when testing proactive refresh

* Update DAVEs constants

* Use type alias for keyshare payload

* Put chainspec back to how it was originally

* Tidy

* Tidy

* Rm unused imports

* t of n key generation and signing at the `entropy-protocol` level  (#868)

* Update our DKG protocol to internally run key init, reshare, and auxgen

* Allow threshold to be passed into DKG fn

* Update entropy-tss for new DKG api

* Try various things to figure out why the tests pass locally but not in CI

* Rm logging

* Update for full t of n signing test

* Lockfile

* Update signing client protocol execution

* Run tests in serial

* Taplo

* Clippy

* Error handling when selecting DKG committee

* Error handling for DKG protocols

* Logging

* Comments

* Error handling for DKG protocols

* Always run t-of-n test with minimum 3 parties even when running with only 2 cores

* Only run t of n test with 3 parties

* Rm comment

* Rm panic

* Typo

Co-authored-by: Hernando Castano <[email protected]>

* Improve doccomment

Co-authored-by: Hernando Castano <[email protected]>

* Fix typo

* Rename enum for protocol message payload

* Add threshold to logged fields in tracing macro

* Final changes from doccomments

---------

Co-authored-by: Hernando Castano <[email protected]>

* Pregenerated threshold keyshare set for `entropy-tss` tests (#884)

* Make unsafe fns for resharing centralized keyshares for tests

* Make pairwrapper public

* Make test keyshare fn

* Make test keyshares in testing-utils

* Add script for creating test shares

* Add main fn for creating keyshares and add keyshares

* Use test params for test keyshares

* Update keyshares with test params

* Rm make_centralized test

* Rm unused fns from execute_protocol.rs

* Changelog

* Clippy

* Mv synedrion test environment stuff to a module of its own

* Mv create keyshares to separate crate

* Add create test keyshares crate to cargo-deny exceptions list

* Use t of n signing in `entropy-tss` (#879)

* Add test helper fn for setting up 3 tss nodes

* Update integratiion test chain spec

* Add charlie keys to testing utils constants

* Attempt a test for dkg with 3 validators

* Add charlie to the correct chain spec - dev not integration_tests

* Make full test including signing, sort party ids, and make nonce call at the point of finishing dkg

* Sort party ids

* Attempt to run test with longer delay when waiting for register confirmation

* Set threshold to a fixed proportion of the number of validators

* Deduplicate get_signers_from_chain fn

* Rename test

* Update store_share test

* Onchain user request in test must be mutable

* Comment out failing tests (temporary)

* Sort party ids, and extend timeout in store_share test

* Sort party ids after getting subset for key init protocol

* Sort party ids before truncating for signing

* Extend timeout for store share test yet again

* Add EVE keyshares to kvdbs when setting up testing validators

* Create test keyshares should run aux gen session and be generic for scheme params

* Script should use mnemonics for default TSS nodes

* Update keyshares, move spawn validator fn outside of entropy-tss so it can be used for integration tests

* Rm moved fn from test helpers

* entropy-tss sign integration test uses pre-generated keyshares

* Fix how sr25519 keypairs are created from mnemonic

* Expose get_signer_and_x25519_secret_from_mnemonic fn without cfg(test)

* Have both production and test keyshare sets, only one spawn_testing_validators fn

* Have both production and test keyshare sets in create test keyshares script

* Update tests

* WIP deserialize verifying key fn

* Basic no_chain test passing

* Move spawn_testing_validators back to entropy-tss and fix tests

* Rm tss_server_process module from testing-utils

* Update decode_verifying_key fn with error handling

* Clippy

* Doccomments

* Uncomment cfg

* Rm logging

* Helper fn does not need to be public

* Test helper should only be available when feature is active or test mode

* Rm logging

* Rm unused dependency

* Rm comment

* Fix device key proxy test

* Add dave keyshares and fix proactive reshare test

* Clippy

* Refactor unsafe_get helper

* Clippy

* Send session id hash in protocol message so that we can check it

* temporary comment out negative test from share_store

* Clippy, logging

* Improve test helper fn

* Fix sign_eth_tx test

* Fix test helper

* Put messages destined for another session back into the incoming message queue

* Uncomment commented out bit of store share test

* Doccomments

* Use centralized aux gen protocol when creating test keyshares

* Comments, logging

* Tidy test helper fn

* Revert changes to timeouts in store share test

* Rm unwrap

* Rm duplicate test

* Add link to issue to TODO

* Use enum to represent DKG sub-session

* Comment in cargo toml

* Comments explaining how keys are derived

* Change eve to dave in signing tests

* Change eve to dave in signing tests

* Taplo

* Doccomments

* Add charlie to integration test chainspec

* Proactive refresh should use threshold from keyshare

* Set the old threshold to n but keep the new threshold as t when resharing

* update to master

* merge fixes

* fix wasm test

* remove todo

* Missed a merge item

* Remove subgroups from jumpstart (#936)

* Remove subgroups from jumpstart code

* Bump metadata

* Remove subgroup from TSS call

* Try and update benches

* fix failing benchmark

* Get tests compiling

* Remove tests related to key syncing

* Add check that validator is actually in set and not just a candidate

* Remove commented code

* Appease Clippy

* Remove commented code

* Add third validator to jumpstart tests

* Remove `KeyVisiblity` from registry tests

* Switch to `KeyShareWithAuxInfo`

* Don't use with `WithAuxInfo` variant

* Add validators to benchmark validator set

* Add ID of validator which confirmed jump start to event

* Fix some formatting

* add aux info back into key

* fix jumpstart test

---------

Co-authored-by: Jesse Abramowitz <[email protected]>

---------

Co-authored-by: peg <[email protected]>
Co-authored-by: Hernando Castano <[email protected]>
Co-authored-by: Hernando Castano <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants