keymanager

package

v1.0.0-alpha.10.5 Latest Latest Go to latest Published: Jun 18, 2020 License: GPL-3.0 Imports: 31 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bloxapp/prysm

Documentation ¶

Index ¶

Variables
type Direct
- func NewDirect(sks []*bls.SecretKey) *Direct
- func (km *Direct) FetchValidatingKeys() ([][48]byte, error)
- func (km *Direct) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)
type Interop
- func NewInterop(input string) (*Interop, string, error)
type KeyManager
- func NewKeystore(input string) (KeyManager, string, error)
- func NewRemoteWallet(input string) (KeyManager, string, error)
- func NewRemoteWalletd(location, caCert, clientCert, clientKey, accountPath string) (KeyManager, *grpc.ClientConn, error)
- func NewWallet(input string) (KeyManager, string, error)
type Keystore
type ProtectingKeyManager
type Remote
- func (km *Remote) FetchValidatingKeys() ([][48]byte, error)
- func (km *Remote) RefreshValidatingKeys() error
- func (km *Remote) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)
- func (km *Remote) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)
- func (km *Remote) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)
- func (km *Remote) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)
type Unencrypted
- func NewUnencrypted(input string) (*Unencrypted, string, error)
type VaultAccountKeyModel
type VaultAccountListResponse
type VaultAccountModel
type VaultAccountsListModel
type VaultRemoteHTTPWallet
- func NewVaultRemoteHTTPWalletd(remoteAddress, accessToken, path string) (*VaultRemoteHTTPWallet, error)
- func (km *VaultRemoteHTTPWallet) FetchValidatingKeys() ([][48]byte, error)
- func (km *VaultRemoteHTTPWallet) RefreshValidatingKeys() error
- func (km *VaultRemoteHTTPWallet) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)
- func (km *VaultRemoteHTTPWallet) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)
- func (km *VaultRemoteHTTPWallet) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)
- func (km *VaultRemoteHTTPWallet) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)
type VaultSignRequest
type VaultSignResponse
type VaultSignatureModel
type Wallet
- func (km *Wallet) FetchValidatingKeys() ([][48]byte, error)
- func (km *Wallet) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrNoSuchKey is returned whenever a request is made for a key of which a key manager is unaware.
	ErrNoSuchKey = errors.New("no such key")

	// ErrCannotSign is returned whenever a signing attempt fails.
	ErrCannotSign = errors.New("cannot sign")

	// ErrDenied is returned whenever a signing attempt is denied.
	ErrDenied = errors.New("signing attempt denied")

	// ErrCertAppend is the error when some error is happend while adding PEM cert.
	ErrCertAppend = errors.New("append cert from pem failed")
)

Errors

Functions ¶

This section is empty.

Types ¶

type Direct ¶

type Direct struct {
	// contains filtered or unexported fields
}

Direct is a key manager that holds all secret keys directly.

func NewDirect ¶

func NewDirect(sks []*bls.SecretKey) *Direct

NewDirect creates a new direct key manager from the secret keys provided to it.

func (*Direct) FetchValidatingKeys ¶

func (km *Direct) FetchValidatingKeys() ([][48]byte, error)

FetchValidatingKeys fetches the list of public keys that should be used to validate with.

func (*Direct) Sign ¶

func (km *Direct) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)

Sign signs a message for the validator to broadcast.

type Interop ¶

type Interop struct {
	*Direct
}

Interop is a key manager that deterministically generates keys.

func NewInterop ¶

func NewInterop(input string) (*Interop, string, error)

NewInterop creates a key manager using a number of interop keys at a given offset.

type KeyManager ¶

type KeyManager interface {
	// FetchValidatingKeys fetches the list of public keys that should be used to validate with.
	FetchValidatingKeys() ([][48]byte, error)
	// Sign signs a message for the validator to broadcast.
	// Note that the domain should already be part of the root, but it is passed along for security purposes.
	Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)
}

KeyManager controls access to private keys by the validator.

func NewKeystore ¶

func NewKeystore(input string) (KeyManager, string, error)

NewKeystore creates a key manager populated with the keys from the keystore at the given path.

func NewRemoteWallet ¶

func NewRemoteWallet(input string) (KeyManager, string, error)

NewRemoteWallet creates a key manager populated with the keys from walletd.

func NewRemoteWalletd ¶

func NewRemoteWalletd(location, caCert, clientCert, clientKey, accountPath string) (KeyManager, *grpc.ClientConn, error)

NewRemoteWalletd creates a key manager populated with the keys from walletd.

func NewWallet ¶ added in v0.3.2

func NewWallet(input string) (KeyManager, string, error)

NewWallet creates a key manager populated with the keys from a wallet at the given path.

type Keystore ¶

type Keystore struct {
	*Direct
}

Keystore is a key manager that loads keys from a standard keystore.

type ProtectingKeyManager ¶ added in v0.3.2

type ProtectingKeyManager interface {
	// SignGeneric signs a generic root.
	// Note that the domain should already be part of the root, but it is provided for authorisation purposes.
	SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)

	// SignProposal signs a block proposal for the validator to broadcast.
	SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)

	// SignAttestation signs an attestation for the validator to broadcast.
	SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)
}

ProtectingKeyManager provides access to a keymanager that protects its clients from slashing events.

type Remote ¶

type Remote struct {
	// contains filtered or unexported fields
}

Remote is a key manager that accesses a remote wallet daemon.

func (*Remote) FetchValidatingKeys ¶

func (km *Remote) FetchValidatingKeys() ([][48]byte, error)

FetchValidatingKeys fetches the list of public keys that should be used to validate with.

func (*Remote) RefreshValidatingKeys ¶

func (km *Remote) RefreshValidatingKeys() error

RefreshValidatingKeys refreshes the list of validating keys from the remote signer.

func (*Remote) Sign ¶

func (km *Remote) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)

Sign without protection is not supported by remote keymanagers.

func (*Remote) SignAttestation ¶

func (km *Remote) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)

SignAttestation signs an attestation for the validator to broadcast.

func (*Remote) SignGeneric ¶

func (km *Remote) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)

SignGeneric signs a generic message for the validator to broadcast.

func (*Remote) SignProposal ¶

func (km *Remote) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)

SignProposal signs a block proposal for the validator to broadcast.

type Unencrypted ¶

type Unencrypted struct {
	*Direct
}

Unencrypted is a key manager that loads keys from an unencrypted store.

func NewUnencrypted ¶

func NewUnencrypted(input string) (*Unencrypted, string, error)

NewUnencrypted creates a keymanager from a file of unencrypted keys.

type VaultAccountKeyModel ¶

type VaultAccountKeyModel struct {
	PubKey string `json:"pubkey"`
}

type VaultAccountListResponse ¶

type VaultAccountListResponse struct {
	Data VaultAccountsListModel `json:"data"`
}

VaultAccountListResponse is the vault accounts list response model.

type VaultAccountModel ¶

type VaultAccountModel struct {
	Key  VaultAccountKeyModel `json:"key"`
	Name string               `json:"name"`
}

type VaultAccountsListModel ¶

type VaultAccountsListModel struct {
	Accounts []VaultAccountModel `json:"accounts"`
}

type VaultRemoteHTTPWallet ¶

type VaultRemoteHTTPWallet struct {
	// contains filtered or unexported fields
}

VaultRemoteHTTPWallet is a key manager that accesses a remote vault wallet daemon through HTTP connection.

func NewVaultRemoteHTTPWalletd ¶

func NewVaultRemoteHTTPWalletd(remoteAddress, accessToken, path string) (*VaultRemoteHTTPWallet, error)

NewVaultRemoteHTTPWalletd is the constructor of VaultRemoteHTTPWallet.

func (*VaultRemoteHTTPWallet) FetchValidatingKeys ¶

func (km *VaultRemoteHTTPWallet) FetchValidatingKeys() ([][48]byte, error)

FetchValidatingKeys implements KeyManager interface.

func (*VaultRemoteHTTPWallet) RefreshValidatingKeys ¶

func (km *VaultRemoteHTTPWallet) RefreshValidatingKeys() error

RefreshValidatingKeys refreshes the list of validating keys from the remote signer.

func (*VaultRemoteHTTPWallet) Sign ¶

func (km *VaultRemoteHTTPWallet) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)

Sign implements KeyManager interface.

func (*VaultRemoteHTTPWallet) SignAttestation ¶

func (km *VaultRemoteHTTPWallet) SignAttestation(pubKey [48]byte, domain [32]byte, data *ethpb.AttestationData) (*bls.Signature, error)

SignAttestation implements ProtectingKeyManager interface.

func (*VaultRemoteHTTPWallet) SignGeneric ¶

func (km *VaultRemoteHTTPWallet) SignGeneric(pubKey [48]byte, root [32]byte, domain [32]byte) (*bls.Signature, error)

SignGeneric implements ProtectingKeyManager interface.

func (*VaultRemoteHTTPWallet) SignProposal ¶

func (km *VaultRemoteHTTPWallet) SignProposal(pubKey [48]byte, domain [32]byte, data *ethpb.BeaconBlockHeader) (*bls.Signature, error)

SignProposal implements ProtectingKeyManager interface.

type VaultSignRequest ¶

type VaultSignRequest struct {
	Domain          string `json:"domain"`
	Slot            uint64 `json:"slot"`
	CommitteeIndex  uint64 `json:"committeeIndex"`
	BeaconBlockRoot string `json:"beaconBlockRoot"`
	SourceEpoch     uint64 `json:"sourceEpoch"`
	SourceRoot      string `json:"sourceRoot"`
	TargetEpoch     uint64 `json:"targetEpoch"`
	TargetRoot      string `json:"targetRoot"`
}

VaultSignRequest is the request body of vault sign endpoint.

type VaultSignResponse ¶

type VaultSignResponse struct {
	Data VaultSignatureModel `json:"data"`
}

VaultSignResponse is the vault sign response model.

type VaultSignatureModel ¶

type VaultSignatureModel struct {
	Signature string `json:"signature"`
}

type Wallet ¶ added in v0.3.2

type Wallet struct {
	// contains filtered or unexported fields
}

Wallet is a key manager that loads keys from a local Ethereum 2 wallet.

func (*Wallet) FetchValidatingKeys ¶ added in v0.3.2

func (km *Wallet) FetchValidatingKeys() ([][48]byte, error)

FetchValidatingKeys fetches the list of public keys that should be used to validate with.

func (*Wallet) Sign ¶ added in v0.3.2

func (km *Wallet) Sign(pubKey [48]byte, root [32]byte) (*bls.Signature, error)

Sign signs a message for the validator to broadcast.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL