Documentation ¶
Index ¶
- Variables
- type Direct
- type Interop
- type KeyManager
- type Keystore
- type ProtectingKeyManager
- type Remote
- func (km *Remote) FetchValidatingKeys() ([][48]byte, error)
- func (km *Remote) RefreshValidatingKeys() error
- func (km *Remote) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)
- func (km *Remote) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)
- func (km *Remote) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)
- func (km *Remote) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)
- type Unencrypted
- type VaultAccountKeyModel
- type VaultAccountListResponse
- type VaultAccountModel
- type VaultAccountsListModel
- type VaultRemoteHTTPWallet
- func (km *VaultRemoteHTTPWallet) FetchValidatingKeys() ([][48]byte, error)
- func (km *VaultRemoteHTTPWallet) RefreshValidatingKeys() error
- func (km *VaultRemoteHTTPWallet) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)
- func (km *VaultRemoteHTTPWallet) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)
- func (km *VaultRemoteHTTPWallet) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)
- func (km *VaultRemoteHTTPWallet) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)
- type VaultSignRequest
- type VaultSignResponse
- type VaultSignatureModel
- type Wallet
Constants ¶
This section is empty.
Variables ¶
var ( // ErrNoSuchKey is returned whenever a request is made for a key of which a key manager is unaware. ErrNoSuchKey = errors.New("no such key") // ErrCannotSign is returned whenever a signing attempt fails. ErrCannotSign = errors.New("cannot sign") // ErrDenied is returned whenever a signing attempt is denied. ErrDenied = errors.New("signing attempt denied") // ErrCertAppend is the error when some error is happend while adding PEM cert. ErrCertAppend = errors.New("append cert from pem failed") )
Errors
Functions ¶
This section is empty.
Types ¶
type Direct ¶
type Direct struct {
// contains filtered or unexported fields
}
Direct is a key manager that holds all secret keys directly.
func (*Direct) FetchValidatingKeys ¶
FetchValidatingKeys fetches the list of public keys that should be used to validate with.
type Interop ¶
type Interop struct {
*Direct
}
Interop is a key manager that deterministically generates keys.
type KeyManager ¶
type KeyManager interface { // FetchValidatingKeys fetches the list of public keys that should be used to validate with. FetchValidatingKeys() ([][48]byte, error) // Sign signs a message for the validator to broadcast. // Note that the domain should already be part of the root, but it is passed along for security purposes. Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error) }
KeyManager controls access to private keys by the validator.
func NewKeystore ¶
func NewKeystore(input string) (KeyManager, string, error)
NewKeystore creates a key manager populated with the keys from the keystore at the given path.
func NewRemoteWallet ¶
func NewRemoteWallet(input string) (KeyManager, string, error)
NewRemoteWallet creates a key manager populated with the keys from walletd.
func NewRemoteWalletd ¶
func NewRemoteWalletd(location, caCert, clientCert, clientKey, accountPath string) (KeyManager, *grpc.ClientConn, error)
NewRemoteWalletd creates a key manager populated with the keys from walletd.
type Keystore ¶
type Keystore struct {
*Direct
}
Keystore is a key manager that loads keys from a standard keystore.
type ProtectingKeyManager ¶ added in v0.3.2
type ProtectingKeyManager interface { // SignGeneric signs a generic root. // Note that the domain should already be part of the root, but it is provided for authorisation purposes. SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error) // SignProposal signs a block proposal for the validator to broadcast. SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error) // SignAttestation signs an attestation for the validator to broadcast. SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error) }
ProtectingKeyManager provides access to a keymanager that protects its clients from slashing events.
type Remote ¶
type Remote struct {
// contains filtered or unexported fields
}
Remote is a key manager that accesses a remote wallet daemon.
func (*Remote) FetchValidatingKeys ¶
FetchValidatingKeys fetches the list of public keys that should be used to validate with.
func (*Remote) RefreshValidatingKeys ¶
RefreshValidatingKeys refreshes the list of validating keys from the remote signer.
func (*Remote) SignAttestation ¶
func (km *Remote) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)
SignAttestation signs an attestation for the validator to broadcast.
func (*Remote) SignGeneric ¶
func (km *Remote) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)
SignGeneric signs a generic message for the validator to broadcast.
func (*Remote) SignProposal ¶
func (km *Remote) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)
SignProposal signs a block proposal for the validator to broadcast.
type Unencrypted ¶
type Unencrypted struct {
*Direct
}
Unencrypted is a key manager that loads keys from an unencrypted store.
func NewUnencrypted ¶
func NewUnencrypted(input string) (*Unencrypted, string, error)
NewUnencrypted creates a keymanager from a file of unencrypted keys.
type VaultAccountKeyModel ¶
type VaultAccountKeyModel struct {
PubKey string `json:"pubkey"`
}
type VaultAccountListResponse ¶
type VaultAccountListResponse struct {
Data VaultAccountsListModel `json:"data"`
}
VaultAccountListResponse is the vault accounts list response model.
type VaultAccountModel ¶
type VaultAccountModel struct { Key VaultAccountKeyModel `json:"key"` Name string `json:"name"` }
type VaultAccountsListModel ¶
type VaultAccountsListModel struct {
Accounts []VaultAccountModel `json:"accounts"`
}
type VaultRemoteHTTPWallet ¶
type VaultRemoteHTTPWallet struct {
// contains filtered or unexported fields
}
VaultRemoteHTTPWallet is a key manager that accesses a remote vault wallet daemon through HTTP connection.
func NewVaultRemoteHTTPWalletd ¶
func NewVaultRemoteHTTPWalletd(remoteAddress, accessToken, path string) (*VaultRemoteHTTPWallet, error)
NewVaultRemoteHTTPWalletd is the constructor of VaultRemoteHTTPWallet.
func (*VaultRemoteHTTPWallet) FetchValidatingKeys ¶
func (km *VaultRemoteHTTPWallet) FetchValidatingKeys() ([][48]byte, error)
FetchValidatingKeys implements KeyManager interface.
func (*VaultRemoteHTTPWallet) RefreshValidatingKeys ¶
func (km *VaultRemoteHTTPWallet) RefreshValidatingKeys() error
RefreshValidatingKeys refreshes the list of validating keys from the remote signer.
func (*VaultRemoteHTTPWallet) SignAttestation ¶
func (km *VaultRemoteHTTPWallet) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)
SignAttestation implements ProtectingKeyManager interface.
func (*VaultRemoteHTTPWallet) SignGeneric ¶
func (km *VaultRemoteHTTPWallet) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)
SignGeneric implements ProtectingKeyManager interface.
func (*VaultRemoteHTTPWallet) SignProposal ¶
func (km *VaultRemoteHTTPWallet) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)
SignProposal implements ProtectingKeyManager interface.
type VaultSignRequest ¶
type VaultSignRequest struct { Domain string `json:"domain"` Slot uint64 `json:"slot"` CommitteeIndex uint64 `json:"committeeIndex"` BeaconBlockRoot string `json:"beaconBlockRoot"` SourceEpoch uint64 `json:"sourceEpoch"` SourceRoot string `json:"sourceRoot"` TargetEpoch uint64 `json:"targetEpoch"` TargetRoot string `json:"targetRoot"` }
VaultSignRequest is the request body of vault sign endpoint.
type VaultSignResponse ¶
type VaultSignResponse struct {
Data VaultSignatureModel `json:"data"`
}
VaultSignResponse is the vault sign response model.
type VaultSignatureModel ¶
type VaultSignatureModel struct {
Signature string `json:"signature"`
}
type Wallet ¶ added in v0.3.2
type Wallet struct {
// contains filtered or unexported fields
}
Wallet is a key manager that loads keys from a local Ethereum 2 wallet.
func (*Wallet) FetchValidatingKeys ¶ added in v0.3.2
FetchValidatingKeys fetches the list of public keys that should be used to validate with.