privval

package
v1.1.0-dev.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 23, 2024 License: Apache-2.0 Imports: 45 Imported by: 0

Documentation

Overview

Package privval provides different implementations of the types.PrivValidator.

FilePV

FilePV is the simplest implementation and developer default. It uses one file for the private key and another to store state.

SignerListenerEndpoint

SignerListenerEndpoint establishes a connection to an external process, like a Key Management Server (KMS), using a socket. SignerListenerEndpoint listens for the external KMS process to dial in. SignerListenerEndpoint takes a listener, which determines the type of connection (ie. encrypted over tcp, or unencrypted over unix).

SignerDialerEndpoint

SignerDialerEndpoint is a simple wrapper around a net.Conn. It's used by both IPCVal and TCPVal.

SignerClient

SignerClient handles remote validator connections that provide signing services. In production, it's recommended to wrap it with RetrySignerClient to avoid termination in case of temporary errors.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrConnectionTimeout  = EndpointTimeoutError{}
	ErrNoConnection       = errors.New("endpoint is not connected")
	ErrReadTimeout        = errors.New("endpoint read timed out")
	ErrUnexpectedResponse = errors.New("empty response")
	ErrWriteTimeout       = errors.New("endpoint write timed out")
)

Socket errors.

View Source 
var (
	ErrDialRetryMax = errors.New("dialed maximum retries")
)

Socket errors.

View Source 
var (
	ErrSmallOrderRemotePubKey = errors.New("detected low order point from remote peer")
)

Functions

func DefaultValidationRequestHandler 

func DefaultValidationRequestHandler(
	ctx context.Context,
	privVal types.PrivValidator,
	req privvalproto.Message,
	chainID string,
) (privvalproto.Message, error)

func IsConnTimeout 

func IsConnTimeout(err error) bool

IsConnTimeout returns a boolean indicating whether the error is known to report that a connection timeout occurred. This detects both fundamental network timeouts, as well as ErrConnTimeout errors.

Types

type DashConsensusPublicKey 

type DashConsensusPublicKey struct {
	tmcrypto.PubKey
	// contains filtered or unexported fields
}

DashConesensusPublicKey is a public key that constructs SignID in the background, to avoid this additional step when verifying signatures.

func NewDashConsensusPublicKey 

func NewDashConsensusPublicKey(baseKey tmcrypto.PubKey, quorumHash tmcrypto.QuorumHash, quorumType btcjson.LLMQType) *DashConsensusPublicKey

NewDashConsensusPublicKey wraps a public key with transparent handling of SignID according to DIP-7

func (DashConsensusPublicKey) VerifySignature 

func (pub DashConsensusPublicKey) VerifySignature(msg []byte, sig []byte) bool

func (DashConsensusPublicKey) VerifySignatureDigest 

func (pub DashConsensusPublicKey) VerifySignatureDigest(hash []byte, sig []byte) bool

type DashCoreMockSignerServer 

type DashCoreMockSignerServer struct {
	// contains filtered or unexported fields
}

func NewDashCoreMockSignerServer 

func NewDashCoreMockSignerServer(
	_endpoint *SignerDialerEndpoint,
	chainID string,
	quorumHash crypto.QuorumHash,
	privVal types.PrivValidator,
) *DashCoreMockSignerServer

func (*DashCoreMockSignerServer) Run 

func (ss *DashCoreMockSignerServer) Run(port int) error

OnStart implements service.Service.

type DashCoreSignerClient 

type DashCoreSignerClient struct {
	// contains filtered or unexported fields
}

DashCoreSignerClient implements DashPrivValidator. Handles remote validator connections that provide signing services

func NewDashCoreSignerClient 

func NewDashCoreSignerClient(
	client dashcore.Client,
	defaultQuorumType btcjson.LLMQType,
	logger log.Logger,
) (*DashCoreSignerClient, error)

NewDashCoreSignerClient returns an instance of SignerClient. it will start the endpoint (if not already started)

func (*DashCoreSignerClient) Close 

func (sc *DashCoreSignerClient) Close() error

Close closes the underlying connection

func (*DashCoreSignerClient) DashRPCClient 

func (sc *DashCoreSignerClient) DashRPCClient() dashcore.Client

DashRPCClient implements DashPrivValidator

func (*DashCoreSignerClient) ExtractIntoValidator 

func (sc *DashCoreSignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

func (*DashCoreSignerClient) GetFirstQuorumHash 

func (sc *DashCoreSignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*DashCoreSignerClient) GetHeight 

func (sc *DashCoreSignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

func (*DashCoreSignerClient) GetPrivateKey 

func (sc *DashCoreSignerClient) GetPrivateKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

func (*DashCoreSignerClient) GetProTxHash 

func (sc *DashCoreSignerClient) GetProTxHash(_ctx context.Context) (crypto.ProTxHash, error)

func (*DashCoreSignerClient) GetPubKey 

func (sc *DashCoreSignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetPubKey retrieves a public key from a remote signer returns an error if client is not able to provide the key

func (*DashCoreSignerClient) GetThresholdPublicKey 

func (sc *DashCoreSignerClient) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*DashCoreSignerClient) Ping 

func (sc *DashCoreSignerClient) Ping() error

Ping sends a ping request to the remote signer and will retry 2 extra times if failure

func (*DashCoreSignerClient) QuorumSign 

func (sc *DashCoreSignerClient) QuorumSign(
	ctx context.Context,
	msgHash []byte,
	requestIDHash []byte,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
) ([]byte, []byte, error)

QuorumSign implements DashPrivValidator

func (*DashCoreSignerClient) QuorumVerify 

func (sc *DashCoreSignerClient) QuorumVerify(
	quorumType btcjson.LLMQType,
	requestID tmbytes.HexBytes,
	messageHash tmbytes.HexBytes,
	signature tmbytes.HexBytes,
	quorumHash tmbytes.HexBytes,
) (bool, error)

QuorumVerify implements dashcore.QuorumVerifier

func (*DashCoreSignerClient) SignProposal 

func (sc *DashCoreSignerClient) SignProposal(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, proposalProto *tmproto.Proposal,
) (tmbytes.HexBytes, error)

SignProposal requests a remote signer to sign a proposal

func (*DashCoreSignerClient) SignVote 

func (sc *DashCoreSignerClient) SignVote(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash,
	protoVote *tmproto.Vote, logger log.Logger) error

SignVote requests a remote signer to sign a vote

func (*DashCoreSignerClient) UpdatePrivateKey 

func (sc *DashCoreSignerClient) UpdatePrivateKey(
	_ctx context.Context,
	_privateKey crypto.PrivKey,
	_quorumHash crypto.QuorumHash,
	_thresholdPublicKey crypto.PubKey,
	_height int64,
)

type DashPrivValidator 

type DashPrivValidator interface {
	types.PrivValidator
	dashcore.QuorumVerifier
	DashRPCClient() dashcore.Client
	// QuorumSign executes quorum signature process and returns signature and signHash
	QuorumSign(
		ctx context.Context,
		msgHash []byte,
		requestIDHash []byte,
		quorumType btcjson.LLMQType,
		quorumHash crypto.QuorumHash,
	) (signature []byte, signHash []byte, err error)
}

DashPrivValidator is a PrivValidator that uses Dash-specific logic

type EndpointTimeoutError 

type EndpointTimeoutError struct{}

EndpointTimeoutError occurs when endpoint times out.

func (EndpointTimeoutError) Error 

func (e EndpointTimeoutError) Error() string

Implement the net.Error interface.

func (EndpointTimeoutError) Temporary 

func (e EndpointTimeoutError) Temporary() bool

func (EndpointTimeoutError) Timeout 

func (e EndpointTimeoutError) Timeout() bool

type FilePV 

type FilePV struct {
	Key           FilePVKey
	LastSignState FilePVLastSignState
	// contains filtered or unexported fields
}

FilePV implements PrivValidator using data persisted to disk to prevent double signing. NOTE: the directories containing pv.Key.filePath and pv.LastSignState.filePath must already exist. It includes the LastSignature and LastSignBytes so we don't lose the signature if the process crashes after signing but before the resulting consensus message is processed.

func GenFilePV 

func GenFilePV(keyFilePath, stateFilePath string) *FilePV

GenFilePV generates a new validator with randomly generated private key and sets the filePaths, but does not call Save().

func LoadFilePV 

func LoadFilePV(keyFilePath, stateFilePath string) (*FilePV, error)

LoadFilePV loads a FilePV from the filePaths. The FilePV handles double signing prevention by persisting data to the stateFilePath. If either file path does not exist, the program will exit.

func LoadFilePVEmptyState 

func LoadFilePVEmptyState(keyFilePath, stateFilePath string) (*FilePV, error)

LoadFilePVEmptyState loads a FilePV from the given keyFilePath, with an empty LastSignState. If the keyFilePath does not exist, the program will exit.

func LoadOrGenFilePV 

func LoadOrGenFilePV(keyFilePath, stateFilePath string) (*FilePV, error)

LoadOrGenFilePV loads a FilePV from the given filePaths or else generates a new one and saves it to the filePaths.

func MustLoadOrGenFilePVFromConfig 

func MustLoadOrGenFilePVFromConfig(cfg *config.Config) *FilePV

MustLoadOrGenFilePVFromConfig calls LoadOrGenFilePV if gets an error then panic

func NewFilePVOneKey 

func NewFilePVOneKey(
	privKey crypto.PrivKey, proTxHash []byte, quorumHash crypto.QuorumHash,
	thresholdPublicKey crypto.PubKey, keyFilePath, stateFilePath string,
) *FilePV

NewFilePVOneKey generates a new validator from the given key and paths.

func NewFilePVWithOptions 

func NewFilePVWithOptions(opts ...FilePVOption) (*FilePV, error)

NewFilePVWithOptions ...

func (*FilePV) ExtractIntoValidator 

func (pv *FilePV) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

ExtractIntoValidator ...

func (*FilePV) GetFirstPubKey 

func (pv *FilePV) GetFirstPubKey(_ctx context.Context) (crypto.PubKey, error)

GetFirstPubKey returns the first public key of the validator. Implements PrivValidator.

func (*FilePV) GetFirstQuorumHash 

func (pv *FilePV) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*FilePV) GetHeight 

func (pv *FilePV) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

GetHeight ...

func (*FilePV) GetPrivateKey 

func (pv *FilePV) GetPrivateKey(context context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

GetPrivateKey ...

func (*FilePV) GetProTxHash 

func (pv *FilePV) GetProTxHash(_ctx context.Context) (crypto.ProTxHash, error)

GetProTxHash returns the pro tx hash of the validator. Implements PrivValidator.

func (*FilePV) GetPubKey 

func (pv *FilePV) GetPubKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetPubKey returns the public key of the validator. Implements PrivValidator.

func (*FilePV) GetPublicKey 

func (pv *FilePV) GetPublicKey(context context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*FilePV) GetQuorumHashes 

func (pv *FilePV) GetQuorumHashes(_ctx context.Context) ([]crypto.QuorumHash, error)

func (*FilePV) GetThresholdPublicKey 

func (pv *FilePV) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetThresholdPublicKey ...

func (*FilePV) Reset 

func (pv *FilePV) Reset() error

Reset resets all fields in the FilePV. NOTE: Unsafe!

func (*FilePV) Save 

func (pv *FilePV) Save() error

Save persists the FilePV to disk.

func (*FilePV) SignProposal 

func (pv *FilePV) SignProposal(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	proposal *tmproto.Proposal,
) (tmbytes.HexBytes, error)

SignProposal signs a canonical representation of the proposal, along with the chainID. Implements PrivValidator.

func (*FilePV) SignVote 

func (pv *FilePV) SignVote(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	vote *tmproto.Vote,
	_logger log.Logger,
) error

SignVote signs a canonical representation of the vote, along with the chainID. Implements PrivValidator.

func (*FilePV) String 

func (pv *FilePV) String() string

String returns a string representation of the FilePV.

func (*FilePV) UpdatePrivateKey 

func (pv *FilePV) UpdatePrivateKey(
	_ctx context.Context,
	privateKey crypto.PrivKey,
	quorumHash crypto.QuorumHash,
	thresholdPublicKey crypto.PubKey,
	height int64,
)

type FilePVKey 

type FilePVKey struct {
	PrivateKeys map[string]crypto.QuorumKeys
	// heightString -> quorumHash
	UpdateHeights map[string]crypto.QuorumHash
	// quorumHash -> heightString
	FirstHeightOfQuorums map[string]string
	ProTxHash            crypto.ProTxHash
	// contains filtered or unexported fields
}

FilePVKey stores the immutable part of PrivValidator.

func (FilePVKey) MarshalJSON 

func (pvKey FilePVKey) MarshalJSON() ([]byte, error)

func (FilePVKey) Save 

func (pvKey FilePVKey) Save() error

Save persists the FilePVKey to its filePath.

func (FilePVKey) ThresholdPublicKeyForQuorumHash 

func (pvKey FilePVKey) ThresholdPublicKeyForQuorumHash(quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*FilePVKey) UnmarshalJSON 

func (pvKey *FilePVKey) UnmarshalJSON(data []byte) error

type FilePVLastSignState 

type FilePVLastSignState struct {
	Height         int64            `json:"height,string"`
	Round          int32            `json:"round"`
	Step           int8             `json:"step"`
	BlockSignature []byte           `json:"block_signature,omitempty"`
	BlockSignBytes tmbytes.HexBytes `json:"block_sign_bytes,omitempty"`
	// contains filtered or unexported fields
}

FilePVLastSignState stores the mutable part of PrivValidator.

func (*FilePVLastSignState) Save 

func (lss *FilePVLastSignState) Save() error

Save persists the FilePvLastSignState to its filePath.

type FilePVOption 

type FilePVOption func(filePV *FilePV) error

FilePVOption ...

func WithKeyAndStateFilePaths 

func WithKeyAndStateFilePaths(keyFilePath, stateFilePath string) FilePVOption

WithKeyAndStateFilePaths ...

func WithPrivateKey 

func WithPrivateKey(key crypto.PrivKey, quorumHash crypto.QuorumHash, thresholdPublicKey *crypto.PubKey) FilePVOption

func WithPrivateKeys 

func WithPrivateKeys(
	keys []crypto.PrivKey, quorumHashes []crypto.QuorumHash, thresholdPublicKeys *[]crypto.PubKey,
) FilePVOption

WithPrivateKeys ...

func WithPrivateKeysMap 

func WithPrivateKeysMap(privateKeysMap map[string]crypto.QuorumKeys) FilePVOption

func WithProTxHash 

func WithProTxHash(proTxHash types.ProTxHash) FilePVOption

WithProTxHash ...

func WithUpdateHeights 

func WithUpdateHeights(updateHeights map[string]crypto.QuorumHash) FilePVOption

type RemoteSignerError 

type RemoteSignerError struct {
	// TODO(ismail): create an enum of known errors
	Code        int
	Description string
}

RemoteSignerError allows (remote) validators to include meaningful error descriptions in their reply.

func (*RemoteSignerError) Error 

func (e *RemoteSignerError) Error() string

type RetrySignerClient 

type RetrySignerClient struct {
	// contains filtered or unexported fields
}

RetrySignerClient wraps SignerClient adding retry for each operation (except Ping) w/ a timeout.

func NewRetrySignerClient 

func NewRetrySignerClient(sc *SignerClient, retries int, timeout time.Duration) *RetrySignerClient

NewRetrySignerClient returns RetrySignerClient. If +retries+ is 0, the client will be retrying each operation indefinitely.

func (*RetrySignerClient) Close 

func (sc *RetrySignerClient) Close() error

func (*RetrySignerClient) ExtractIntoValidator 

func (sc *RetrySignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

func (*RetrySignerClient) GetFirstQuorumHash 

func (sc *RetrySignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*RetrySignerClient) GetHeight 

func (sc *RetrySignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

func (*RetrySignerClient) GetPrivateKey 

func (sc *RetrySignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

func (*RetrySignerClient) GetProTxHash 

func (sc *RetrySignerClient) GetProTxHash(ctx context.Context) (crypto.ProTxHash, error)

func (*RetrySignerClient) GetPubKey 

func (sc *RetrySignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*RetrySignerClient) GetThresholdPublicKey 

func (sc *RetrySignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*RetrySignerClient) IsConnected 

func (sc *RetrySignerClient) IsConnected() bool

func (*RetrySignerClient) Ping 

func (sc *RetrySignerClient) Ping(ctx context.Context) error

func (*RetrySignerClient) SignProposal 

func (sc *RetrySignerClient) SignProposal(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, proposal *tmproto.Proposal,
) (tmbytes.HexBytes, error)

func (*RetrySignerClient) SignVote 

func (sc *RetrySignerClient) SignVote(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash,
	vote *tmproto.Vote, _logger log.Logger) error

func (*RetrySignerClient) UpdatePrivateKey 

func (sc *RetrySignerClient) UpdatePrivateKey(
	_ctx context.Context, _privateKey crypto.PrivKey, _quorumHash crypto.QuorumHash, _thresholdPublicKey crypto.PubKey, _height int64,
)

func (*RetrySignerClient) WaitForConnection 

func (sc *RetrySignerClient) WaitForConnection(ctx context.Context, maxWait time.Duration) error

type SecretConnection 

type SecretConnection struct {
	// contains filtered or unexported fields
}

SecretConnection implements net.Conn. It is an implementation of the STS protocol. See https://github.com/tendermint/tendermint/blob/0.1/docs/sts-final.pdf for details on the protocol.

Consumers of the SecretConnection are responsible for authenticating the remote peer's pubkey against known information, like a nodeID. Otherwise they are vulnerable to MITM. (TODO(ismail): see also https://github.com/tendermint/tendermint/issues/3010)

func MakeSecretConnection 

func MakeSecretConnection(conn io.ReadWriteCloser, locPrivKey crypto.PrivKey) (*SecretConnection, error)

MakeSecretConnection performs handshake and returns a new authenticated SecretConnection. Returns nil if there is an error in handshake. Caller should call conn.Close() See docs/sts-final.pdf for more information.

func (*SecretConnection) Close 

func (sc *SecretConnection) Close() error

Implements net.Conn

func (*SecretConnection) LocalAddr 

func (sc *SecretConnection) LocalAddr() net.Addr

func (*SecretConnection) Read 

func (sc *SecretConnection) Read(data []byte) (n int, err error)

CONTRACT: data smaller than dataMaxSize is read atomically.

func (*SecretConnection) RemoteAddr 

func (sc *SecretConnection) RemoteAddr() net.Addr

func (*SecretConnection) RemotePubKey 

func (sc *SecretConnection) RemotePubKey() crypto.PubKey

RemotePubKey returns authenticated remote pubkey

func (*SecretConnection) SetDeadline 

func (sc *SecretConnection) SetDeadline(t time.Time) error

func (*SecretConnection) SetReadDeadline 

func (sc *SecretConnection) SetReadDeadline(t time.Time) error

func (*SecretConnection) SetWriteDeadline 

func (sc *SecretConnection) SetWriteDeadline(t time.Time) error

func (*SecretConnection) Write 

func (sc *SecretConnection) Write(data []byte) (n int, err error)

Writes encrypted frames of `totalFrameSize + aeadSizeOverhead`. CONTRACT: data smaller than dataMaxSize is written atomically.

type SignerClient 

type SignerClient struct {
	// contains filtered or unexported fields
}

SignerClient implements PrivValidator. Handles remote validator connections that provide signing services

func NewSignerClient 

func NewSignerClient(ctx context.Context, endpoint *SignerListenerEndpoint, chainID string) (*SignerClient, error)

NewSignerClient returns an instance of SignerClient. it will start the endpoint (if not already started)

func (*SignerClient) Close 

func (sc *SignerClient) Close() error

Close closes the underlying connection

func (*SignerClient) ExtractIntoValidator 

func (sc *SignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

func (*SignerClient) GetFirstQuorumHash 

func (sc *SignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*SignerClient) GetHeight 

func (sc *SignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

func (*SignerClient) GetPrivateKey 

func (sc *SignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

func (*SignerClient) GetProTxHash 

func (sc *SignerClient) GetProTxHash(ctx context.Context) (crypto.ProTxHash, error)

func (*SignerClient) GetPubKey 

func (sc *SignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetPubKey retrieves a public key from a remote signer returns an error if client is not able to provide the key

func (*SignerClient) GetThresholdPublicKey 

func (sc *SignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*SignerClient) IsConnected 

func (sc *SignerClient) IsConnected() bool

IsConnected indicates with the signer is connected to a remote signing service

func (*SignerClient) Ping 

func (sc *SignerClient) Ping(ctx context.Context) error

Ping sends a ping request to the remote signer

func (*SignerClient) SignProposal 

func (sc *SignerClient) SignProposal(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	proposal *tmproto.Proposal,
) (tmbytes.HexBytes, error)

SignProposal requests a remote signer to sign a proposal

func (*SignerClient) SignVote 

func (sc *SignerClient) SignVote(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	vote *tmproto.Vote,
	_logger log.Logger,
) error

SignVote requests a remote signer to sign a vote

func (*SignerClient) UpdatePrivateKey 

func (sc *SignerClient) UpdatePrivateKey(
	_ctx context.Context, _privateKey crypto.PrivKey, _quorumHash crypto.QuorumHash, _thresholdPublicKey crypto.PubKey, _height int64,
)

func (*SignerClient) WaitForConnection 

func (sc *SignerClient) WaitForConnection(ctx context.Context, maxWait time.Duration) error

WaitForConnection waits maxWait for a connection or returns a timeout error

type SignerDialerEndpoint 

type SignerDialerEndpoint struct {
	// contains filtered or unexported fields
}

SignerDialerEndpoint dials using its dialer and responds to any signature requests using its privVal.

func NewSignerDialerEndpoint 

func NewSignerDialerEndpoint(
	logger log.Logger,
	dialer SocketDialer,
	options ...SignerServiceEndpointOption,
) *SignerDialerEndpoint

NewSignerDialerEndpoint returns a SignerDialerEndpoint that will dial using the given dialer and respond to any signature requests over the connection using the given privVal.

func (*SignerDialerEndpoint) Close 

func (se *SignerDialerEndpoint) Close() error

Close closes the underlying net.Conn.

func (*SignerDialerEndpoint) DropConnection 

func (se *SignerDialerEndpoint) DropConnection()

IsConnected indicates if there is an active connection

func (*SignerDialerEndpoint) GetAvailableConnection 

func (se *SignerDialerEndpoint) GetAvailableConnection(connectionAvailableCh chan net.Conn) bool

TryGetConnection retrieves a connection if it is already available

func (*SignerDialerEndpoint) IsConnected 

func (se *SignerDialerEndpoint) IsConnected() bool

IsConnected indicates if there is an active connection

func (*SignerDialerEndpoint) OnStart 

func (sd *SignerDialerEndpoint) OnStart(context.Context) error

func (*SignerDialerEndpoint) OnStop 

func (sd *SignerDialerEndpoint) OnStop()

func (*SignerDialerEndpoint) ReadMessage 

func (se *SignerDialerEndpoint) ReadMessage() (msg privvalproto.Message, err error)

ReadMessage reads a message from the endpoint

func (*SignerDialerEndpoint) SetConnection 

func (se *SignerDialerEndpoint) SetConnection(newConnection net.Conn)

SetConnection replaces the current connection object

func (*SignerDialerEndpoint) WaitConnection 

func (se *SignerDialerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, maxWait time.Duration) error

TryGetConnection retrieves a connection if it is already available

func (*SignerDialerEndpoint) WriteMessage 

func (se *SignerDialerEndpoint) WriteMessage(msg privvalproto.Message) (err error)

WriteMessage writes a message from the endpoint

type SignerListenerEndpoint 

type SignerListenerEndpoint struct {
	// contains filtered or unexported fields
}

SignerListenerEndpoint listens for an external process to dial in and keeps the connection alive by dropping and reconnecting.

The process will send pings every ~3s (read/write timeout * 2/3) to keep the connection alive.

func NewSignerListener 

func NewSignerListener(listenAddr string, logger log.Logger) (*SignerListenerEndpoint, error)

NewSignerListener creates a new SignerListenerEndpoint using the corresponding listen address

func NewSignerListenerEndpoint 

func NewSignerListenerEndpoint(
	logger log.Logger,
	listener net.Listener,
	options ...SignerListenerEndpointOption,
) *SignerListenerEndpoint

NewSignerListenerEndpoint returns an instance of SignerListenerEndpoint.

func (*SignerListenerEndpoint) Close 

func (se *SignerListenerEndpoint) Close() error

Close closes the underlying net.Conn.

func (*SignerListenerEndpoint) DropConnection 

func (se *SignerListenerEndpoint) DropConnection()

IsConnected indicates if there is an active connection

func (*SignerListenerEndpoint) GetAvailableConnection 

func (se *SignerListenerEndpoint) GetAvailableConnection(connectionAvailableCh chan net.Conn) bool

TryGetConnection retrieves a connection if it is already available

func (*SignerListenerEndpoint) IsConnected 

func (se *SignerListenerEndpoint) IsConnected() bool

IsConnected indicates if there is an active connection

func (*SignerListenerEndpoint) OnStart 

func (sl *SignerListenerEndpoint) OnStart(ctx context.Context) error

OnStart implements service.Service.

func (*SignerListenerEndpoint) OnStop 

func (sl *SignerListenerEndpoint) OnStop()

OnStop implements service.Service

func (*SignerListenerEndpoint) ReadMessage 

func (se *SignerListenerEndpoint) ReadMessage() (msg privvalproto.Message, err error)

ReadMessage reads a message from the endpoint

func (*SignerListenerEndpoint) SendRequest 

func (sl *SignerListenerEndpoint) SendRequest(ctx context.Context, request privvalproto.Message) (*privvalproto.Message, error)

SendRequest ensures there is a connection, sends a request and waits for a response

func (*SignerListenerEndpoint) SetConnection 

func (se *SignerListenerEndpoint) SetConnection(newConnection net.Conn)

SetConnection replaces the current connection object

func (*SignerListenerEndpoint) WaitConnection 

func (se *SignerListenerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, maxWait time.Duration) error

TryGetConnection retrieves a connection if it is already available

func (*SignerListenerEndpoint) WaitForConnection 

func (sl *SignerListenerEndpoint) WaitForConnection(ctx context.Context, maxWait time.Duration) error

WaitForConnection waits maxWait for a connection or returns a timeout error

func (*SignerListenerEndpoint) WriteMessage 

func (se *SignerListenerEndpoint) WriteMessage(msg privvalproto.Message) (err error)

WriteMessage writes a message from the endpoint

type SignerListenerEndpointOption 

type SignerListenerEndpointOption func(*SignerListenerEndpoint)

SignerListenerEndpointOption sets an optional parameter on the SignerListenerEndpoint.

func SignerListenerEndpointTimeoutReadWrite 

func SignerListenerEndpointTimeoutReadWrite(timeout time.Duration) SignerListenerEndpointOption

SignerListenerEndpointTimeoutReadWrite sets the read and write timeout for connections from external signing processes.

Default: 5s

type SignerServer 

type SignerServer struct {
	service.BaseService
	// contains filtered or unexported fields
}

func NewSignerServer 

func NewSignerServer(endpoint *SignerDialerEndpoint, chainID string, privVal types.PrivValidator) *SignerServer

func (*SignerServer) OnStart 

func (ss *SignerServer) OnStart(ctx context.Context) error

OnStart implements service.Service.

func (*SignerServer) OnStop 

func (ss *SignerServer) OnStop()

OnStop implements service.Service.

func (*SignerServer) SetRequestHandler 

func (ss *SignerServer) SetRequestHandler(validationRequestHandler ValidationRequestHandlerFunc)

SetRequestHandler override the default function that is used to service requests

type SignerServiceEndpointOption 

type SignerServiceEndpointOption func(*SignerDialerEndpoint)

SignerServiceEndpointOption sets an optional parameter on the SignerDialerEndpoint.

func SignerDialerEndpointConnRetries 

func SignerDialerEndpointConnRetries(retries int) SignerServiceEndpointOption

SignerDialerEndpointConnRetries sets the amount of attempted retries to acceptNewConnection.

func SignerDialerEndpointRetryWaitInterval 

func SignerDialerEndpointRetryWaitInterval(interval time.Duration) SignerServiceEndpointOption

SignerDialerEndpointRetryWaitInterval sets the retry wait interval to a custom value.

func SignerDialerEndpointTimeoutReadWrite 

func SignerDialerEndpointTimeoutReadWrite(timeout time.Duration) SignerServiceEndpointOption

SignerDialerEndpointTimeoutReadWrite sets the read and write timeout for connections from client processes.

type SocketDialer 

type SocketDialer func() (net.Conn, error)

SocketDialer dials a remote address and returns a net.Conn or an error.

func DialTCPFn 

func DialTCPFn(addr string, timeoutReadWrite time.Duration, privKey crypto.PrivKey) SocketDialer

DialTCPFn dials the given tcp addr, using the given timeoutReadWrite and privKey for the authenticated encryption handshake.

func DialUnixFn 

func DialUnixFn(addr string) SocketDialer

DialUnixFn dials the given unix socket.

type TCPListener 

type TCPListener struct {
	*net.TCPListener
	// contains filtered or unexported fields
}

TCPListener wraps a *net.TCPListener to standardize protocol timeouts and potentially other tuning parameters. It also returns encrypted connections.

func NewTCPListener 

func NewTCPListener(ln net.Listener, secretConnKey ed25519.PrivKey) *TCPListener

NewTCPListener returns a listener that accepts authenticated encrypted connections using the given secretConnKey and the default timeout values.

func (*TCPListener) Accept 

func (ln *TCPListener) Accept() (net.Conn, error)

Accept implements net.Listener.

type TCPListenerOption 

type TCPListenerOption func(*TCPListener)

TCPListenerOption sets an optional parameter on the tcpListener.

func TCPListenerTimeoutAccept 

func TCPListenerTimeoutAccept(timeout time.Duration) TCPListenerOption

TCPListenerTimeoutAccept sets the timeout for the listener. A zero time value disables the timeout.

func TCPListenerTimeoutReadWrite 

func TCPListenerTimeoutReadWrite(timeout time.Duration) TCPListenerOption

TCPListenerTimeoutReadWrite sets the read and write timeout for connections from external signing processes.

type UnixListener 

type UnixListener struct {
	*net.UnixListener
	// contains filtered or unexported fields
}

UnixListener wraps a *net.UnixListener to standardize protocol timeouts and potentially other tuning parameters. It returns unencrypted connections.

func NewUnixListener 

func NewUnixListener(ln net.Listener) *UnixListener

NewUnixListener returns a listener that accepts unencrypted connections using the default timeout values.

func (*UnixListener) Accept 

func (ln *UnixListener) Accept() (net.Conn, error)

Accept implements net.Listener.

type UnixListenerOption 

type UnixListenerOption func(*UnixListener)

func UnixListenerTimeoutAccept 

func UnixListenerTimeoutAccept(timeout time.Duration) UnixListenerOption

UnixListenerTimeoutAccept sets the timeout for the listener. A zero time value disables the timeout.

func UnixListenerTimeoutReadWrite 

func UnixListenerTimeoutReadWrite(timeout time.Duration) UnixListenerOption

UnixListenerTimeoutReadWrite sets the read and write timeout for connections from external signing processes.

type ValidationRequestHandlerFunc 

type ValidationRequestHandlerFunc func(
	ctx context.Context,
	privVal types.PrivValidator,
	requestMessage privvalproto.Message,
	chainID string) (privvalproto.Message, error)

ValidationRequestHandlerFunc handles different remoteSigner requests

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.