privval

package
v0.0.0-...-be384fd Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 8, 2024 License: Apache-2.0 Imports: 45 Imported by: 0

Documentation

Overview

Package privval provides different implementations of the types.PrivValidator.

FilePV

FilePV is the simplest implementation and developer default. It uses one file for the private key and another to store state.

SignerListenerEndpoint

SignerListenerEndpoint establishes a connection to an external process, like a Key Management Server (KMS), using a socket. SignerListenerEndpoint listens for the external KMS process to dial in. SignerListenerEndpoint takes a listener, which determines the type of connection (ie. encrypted over tcp, or unencrypted over unix).

SignerDialerEndpoint

SignerDialerEndpoint is a simple wrapper around a net.Conn. It's used by both IPCVal and TCPVal.

SignerClient

SignerClient handles remote validator connections that provide signing services. In production, it's recommended to wrap it with RetrySignerClient to avoid termination in case of temporary errors.

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrConnectionTimeout  = EndpointTimeoutError{}
	ErrNoConnection       = errors.New("endpoint is not connected")
	ErrReadTimeout        = errors.New("endpoint read timed out")
	ErrUnexpectedResponse = errors.New("empty response")
	ErrWriteTimeout       = errors.New("endpoint write timed out")
)

Socket errors.

View Source
var (
	ErrDialRetryMax = errors.New("dialed maximum retries")
)

Socket errors.

View Source
var (
	ErrSmallOrderRemotePubKey = errors.New("detected low order point from remote peer")
)

Functions

func DefaultValidationRequestHandler

func DefaultValidationRequestHandler(
	ctx context.Context,
	privVal types.PrivValidator,
	req privvalproto.Message,
	chainID string,
) (privvalproto.Message, error)

func IsConnTimeout

func IsConnTimeout(err error) bool

IsConnTimeout returns a boolean indicating whether the error is known to report that a connection timeout occurred. This detects both fundamental network timeouts, as well as ErrConnTimeout errors.

Types

type EndpointTimeoutError

type EndpointTimeoutError struct{}

EndpointTimeoutError occurs when endpoint times out.

func (EndpointTimeoutError) Error

func (e EndpointTimeoutError) Error() string

Implement the net.Error interface.

func (EndpointTimeoutError) Temporary

func (e EndpointTimeoutError) Temporary() bool

func (EndpointTimeoutError) Timeout

func (e EndpointTimeoutError) Timeout() bool

type FilePV

type FilePV struct {
	Key           FilePVKey
	LastSignState FilePVLastSignState
	// contains filtered or unexported fields
}

FilePV implements PrivValidator using data persisted to disk to prevent double signing. NOTE: the directories containing pv.Key.filePath and pv.LastSignState.filePath must already exist. It includes the LastSignature and LastSignBytes so we don't lose the signature if the process crashes after signing but before the resulting consensus message is processed.

func GenFilePV

func GenFilePV(keyFilePath, stateFilePath string) *FilePV

GenFilePV generates a new validator with randomly generated private key and sets the filePaths, but does not call Save().

func LoadFilePV

func LoadFilePV(keyFilePath, stateFilePath string) (*FilePV, error)

LoadFilePV loads a FilePV from the filePaths. The FilePV handles double signing prevention by persisting data to the stateFilePath. If either file path does not exist, the program will exit.

func LoadFilePVEmptyState

func LoadFilePVEmptyState(keyFilePath, stateFilePath string) (*FilePV, error)

LoadFilePVEmptyState loads a FilePV from the given keyFilePath, with an empty LastSignState. If the keyFilePath does not exist, the program will exit.

func LoadOrGenFilePV

func LoadOrGenFilePV(keyFilePath, stateFilePath string) (*FilePV, error)

LoadOrGenFilePV loads a FilePV from the given filePaths or else generates a new one and saves it to the filePaths.

func MustLoadOrGenFilePVFromConfig

func MustLoadOrGenFilePVFromConfig(cfg *config.Config) *FilePV

MustLoadOrGenFilePVFromConfig calls LoadOrGenFilePV if gets an error then panic

func NewFilePVOneKey

func NewFilePVOneKey(
	privKey crypto.PrivKey, proTxHash []byte, quorumHash crypto.QuorumHash,
	thresholdPublicKey crypto.PubKey, keyFilePath, stateFilePath string,
) *FilePV

NewFilePVOneKey generates a new validator from the given key and paths.

func NewFilePVWithOptions

func NewFilePVWithOptions(opts ...FilePVOption) (*FilePV, error)

NewFilePVWithOptions ...

func (*FilePV) ExtractIntoValidator

func (pv *FilePV) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

ExtractIntoValidator ...

func (*FilePV) GetFirstPubKey

func (pv *FilePV) GetFirstPubKey(_ctx context.Context) (crypto.PubKey, error)

GetFirstPubKey returns the first public key of the validator. Implements PrivValidator.

func (*FilePV) GetFirstQuorumHash

func (pv *FilePV) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*FilePV) GetHeight

func (pv *FilePV) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

GetHeight ...

func (*FilePV) GetPrivateKey

func (pv *FilePV) GetPrivateKey(context context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

GetPrivateKey ...

func (*FilePV) GetProTxHash

func (pv *FilePV) GetProTxHash(_ctx context.Context) (crypto.ProTxHash, error)

GetProTxHash returns the pro tx hash of the validator. Implements PrivValidator.

func (*FilePV) GetPubKey

func (pv *FilePV) GetPubKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetPubKey returns the public key of the validator. Implements PrivValidator.

func (*FilePV) GetPublicKey

func (pv *FilePV) GetPublicKey(context context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*FilePV) GetQuorumHashes

func (pv *FilePV) GetQuorumHashes(_ctx context.Context) ([]crypto.QuorumHash, error)

func (*FilePV) GetThresholdPublicKey

func (pv *FilePV) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetThresholdPublicKey ...

func (*FilePV) Reset

func (pv *FilePV) Reset() error

Reset resets all fields in the FilePV. NOTE: Unsafe!

func (*FilePV) Save

func (pv *FilePV) Save() error

Save persists the FilePV to disk.

func (*FilePV) SignProposal

func (pv *FilePV) SignProposal(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	proposal *tmproto.Proposal,
) (tmbytes.HexBytes, error)

SignProposal signs a canonical representation of the proposal, along with the chainID. Implements PrivValidator.

func (*FilePV) SignVote

func (pv *FilePV) SignVote(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	vote *tmproto.Vote,
	_logger log.Logger,
) error

SignVote signs a canonical representation of the vote, along with the chainID. Implements PrivValidator.

func (*FilePV) String

func (pv *FilePV) String() string

String returns a string representation of the FilePV.

func (*FilePV) UpdatePrivateKey

func (pv *FilePV) UpdatePrivateKey(
	_ctx context.Context,
	privateKey crypto.PrivKey,
	quorumHash crypto.QuorumHash,
	thresholdPublicKey crypto.PubKey,
	height int64,
)

type FilePVKey

type FilePVKey struct {
	PrivateKeys map[string]crypto.QuorumKeys
	// heightString -> quorumHash
	UpdateHeights map[string]crypto.QuorumHash
	// quorumHash -> heightString
	FirstHeightOfQuorums map[string]string
	ProTxHash            crypto.ProTxHash
	// contains filtered or unexported fields
}

FilePVKey stores the immutable part of PrivValidator.

func (FilePVKey) MarshalJSON

func (pvKey FilePVKey) MarshalJSON() ([]byte, error)

func (FilePVKey) Save

func (pvKey FilePVKey) Save() error

Save persists the FilePVKey to its filePath.

func (FilePVKey) ThresholdPublicKeyForQuorumHash

func (pvKey FilePVKey) ThresholdPublicKeyForQuorumHash(quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*FilePVKey) UnmarshalJSON

func (pvKey *FilePVKey) UnmarshalJSON(data []byte) error

type FilePVLastSignState

type FilePVLastSignState struct {
	Height         int64            `json:"height,string"`
	Round          int32            `json:"round"`
	Step           int8             `json:"step"`
	BlockSignature []byte           `json:"block_signature,omitempty"`
	BlockSignBytes tmbytes.HexBytes `json:"block_sign_bytes,omitempty"`
	// contains filtered or unexported fields
}

FilePVLastSignState stores the mutable part of PrivValidator.

func (*FilePVLastSignState) Save

func (lss *FilePVLastSignState) Save() error

Save persists the FilePvLastSignState to its filePath.

type FilePVOption

type FilePVOption func(filePV *FilePV) error

FilePVOption ...

func WithKeyAndStateFilePaths

func WithKeyAndStateFilePaths(keyFilePath, stateFilePath string) FilePVOption

WithKeyAndStateFilePaths ...

func WithPrivateKey

func WithPrivateKey(key crypto.PrivKey, quorumHash crypto.QuorumHash, thresholdPublicKey *crypto.PubKey) FilePVOption

func WithPrivateKeys

func WithPrivateKeys(
	keys []crypto.PrivKey, quorumHashes []crypto.QuorumHash, thresholdPublicKeys *[]crypto.PubKey,
) FilePVOption

WithPrivateKeys ...

func WithPrivateKeysMap

func WithPrivateKeysMap(privateKeysMap map[string]crypto.QuorumKeys) FilePVOption

func WithProTxHash

func WithProTxHash(proTxHash types.ProTxHash) FilePVOption

WithProTxHash ...

func WithUpdateHeights

func WithUpdateHeights(updateHeights map[string]crypto.QuorumHash) FilePVOption

type HellarConsensusPublicKey

type HellarConsensusPublicKey struct {
	tmcrypto.PubKey
	// contains filtered or unexported fields
}

HellarConesensusPublicKey is a public key that constructs SignID in the background, to avoid this additional step when verifying signatures.

func NewHellarConsensusPublicKey

func NewHellarConsensusPublicKey(baseKey tmcrypto.PubKey, quorumHash tmcrypto.QuorumHash, quorumType btcjson.LLMQType) *HellarConsensusPublicKey

NewHellarConsensusPublicKey wraps a public key with transparent handling of SignID according to DIP-7

func (HellarConsensusPublicKey) VerifySignature

func (pub HellarConsensusPublicKey) VerifySignature(msg []byte, sig []byte) bool

func (HellarConsensusPublicKey) VerifySignatureDigest

func (pub HellarConsensusPublicKey) VerifySignatureDigest(hash []byte, sig []byte) bool

type HellarCoreMockSignerServer

type HellarCoreMockSignerServer struct {
	// contains filtered or unexported fields
}

func NewHellarCoreMockSignerServer

func NewHellarCoreMockSignerServer(
	_endpoint *SignerDialerEndpoint,
	chainID string,
	quorumHash crypto.QuorumHash,
	privVal types.PrivValidator,
) *HellarCoreMockSignerServer

func (*HellarCoreMockSignerServer) Run

func (ss *HellarCoreMockSignerServer) Run(port int) error

OnStart implements service.Service.

type HellarCoreSignerClient

type HellarCoreSignerClient struct {
	// contains filtered or unexported fields
}

HellarCoreSignerClient implements HellarPrivValidator. Handles remote validator connections that provide signing services

func NewHellarCoreSignerClient

func NewHellarCoreSignerClient(
	client hellarcore.Client,
	defaultQuorumType btcjson.LLMQType,
	logger log.Logger,
) (*HellarCoreSignerClient, error)

NewHellarCoreSignerClient returns an instance of SignerClient. it will start the endpoint (if not already started)

func (*HellarCoreSignerClient) Close

func (sc *HellarCoreSignerClient) Close() error

Close closes the underlying connection

func (*HellarCoreSignerClient) ExtractIntoValidator

func (sc *HellarCoreSignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

func (*HellarCoreSignerClient) GetFirstQuorumHash

func (sc *HellarCoreSignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*HellarCoreSignerClient) GetHeight

func (sc *HellarCoreSignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

func (*HellarCoreSignerClient) GetPrivateKey

func (sc *HellarCoreSignerClient) GetPrivateKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

func (*HellarCoreSignerClient) GetProTxHash

func (sc *HellarCoreSignerClient) GetProTxHash(_ctx context.Context) (crypto.ProTxHash, error)

func (*HellarCoreSignerClient) GetPubKey

func (sc *HellarCoreSignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetPubKey retrieves a public key from a remote signer returns an error if client is not able to provide the key

func (*HellarCoreSignerClient) GetThresholdPublicKey

func (sc *HellarCoreSignerClient) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*HellarCoreSignerClient) HellarRPCClient

func (sc *HellarCoreSignerClient) HellarRPCClient() hellarcore.Client

HellarRPCClient implements HellarPrivValidator

func (*HellarCoreSignerClient) Ping

func (sc *HellarCoreSignerClient) Ping() error

Ping sends a ping request to the remote signer and will retry 2 extra times if failure

func (*HellarCoreSignerClient) QuorumSign

func (sc *HellarCoreSignerClient) QuorumSign(
	ctx context.Context,
	msgHash []byte,
	requestIDHash []byte,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
) ([]byte, []byte, error)

QuorumSign implements HellarPrivValidator

func (*HellarCoreSignerClient) QuorumVerify

func (sc *HellarCoreSignerClient) QuorumVerify(
	quorumType btcjson.LLMQType,
	requestID tmbytes.HexBytes,
	messageHash tmbytes.HexBytes,
	signature tmbytes.HexBytes,
	quorumHash tmbytes.HexBytes,
) (bool, error)

QuorumVerify implements hellarcore.QuorumVerifier

func (*HellarCoreSignerClient) SignProposal

func (sc *HellarCoreSignerClient) SignProposal(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, proposalProto *tmproto.Proposal,
) (tmbytes.HexBytes, error)

SignProposal requests a remote signer to sign a proposal

func (*HellarCoreSignerClient) SignVote

func (sc *HellarCoreSignerClient) SignVote(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash,
	protoVote *tmproto.Vote, logger log.Logger) error

SignVote requests a remote signer to sign a vote

func (*HellarCoreSignerClient) UpdatePrivateKey

func (sc *HellarCoreSignerClient) UpdatePrivateKey(
	_ctx context.Context,
	_privateKey crypto.PrivKey,
	_quorumHash crypto.QuorumHash,
	_thresholdPublicKey crypto.PubKey,
	_height int64,
)

type HellarPrivValidator

type HellarPrivValidator interface {
	types.PrivValidator
	hellarcore.QuorumVerifier
	HellarRPCClient() hellarcore.Client
	// QuorumSign executes quorum signature process and returns signature and signHash
	QuorumSign(
		ctx context.Context,
		msgHash []byte,
		requestIDHash []byte,
		quorumType btcjson.LLMQType,
		quorumHash crypto.QuorumHash,
	) (signature []byte, signHash []byte, err error)
}

HellarPrivValidator is a PrivValidator that uses Hellar-specific logic

type RemoteSignerError

type RemoteSignerError struct {
	// TODO(ismail): create an enum of known errors
	Code        int
	Description string
}

RemoteSignerError allows (remote) validators to include meaningful error descriptions in their reply.

func (*RemoteSignerError) Error

func (e *RemoteSignerError) Error() string

type RetrySignerClient

type RetrySignerClient struct {
	// contains filtered or unexported fields
}

RetrySignerClient wraps SignerClient adding retry for each operation (except Ping) w/ a timeout.

func NewRetrySignerClient

func NewRetrySignerClient(sc *SignerClient, retries int, timeout time.Duration) *RetrySignerClient

NewRetrySignerClient returns RetrySignerClient. If +retries+ is 0, the client will be retrying each operation indefinitely.

func (*RetrySignerClient) Close

func (sc *RetrySignerClient) Close() error

func (*RetrySignerClient) ExtractIntoValidator

func (sc *RetrySignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

func (*RetrySignerClient) GetFirstQuorumHash

func (sc *RetrySignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*RetrySignerClient) GetHeight

func (sc *RetrySignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

func (*RetrySignerClient) GetPrivateKey

func (sc *RetrySignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

func (*RetrySignerClient) GetProTxHash

func (sc *RetrySignerClient) GetProTxHash(ctx context.Context) (crypto.ProTxHash, error)

func (*RetrySignerClient) GetPubKey

func (sc *RetrySignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*RetrySignerClient) GetThresholdPublicKey

func (sc *RetrySignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*RetrySignerClient) IsConnected

func (sc *RetrySignerClient) IsConnected() bool

func (*RetrySignerClient) Ping

func (sc *RetrySignerClient) Ping(ctx context.Context) error

func (*RetrySignerClient) SignProposal

func (sc *RetrySignerClient) SignProposal(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, proposal *tmproto.Proposal,
) (tmbytes.HexBytes, error)

func (*RetrySignerClient) SignVote

func (sc *RetrySignerClient) SignVote(
	ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash,
	vote *tmproto.Vote, _logger log.Logger) error

func (*RetrySignerClient) UpdatePrivateKey

func (sc *RetrySignerClient) UpdatePrivateKey(
	_ctx context.Context, _privateKey crypto.PrivKey, _quorumHash crypto.QuorumHash, _thresholdPublicKey crypto.PubKey, _height int64,
)

func (*RetrySignerClient) WaitForConnection

func (sc *RetrySignerClient) WaitForConnection(ctx context.Context, maxWait time.Duration) error

type SecretConnection

type SecretConnection struct {
	// contains filtered or unexported fields
}

SecretConnection implements net.Conn. It is an implementation of the STS protocol. See https://github.com/tendermint/tendermint/blob/0.1/docs/sts-final.pdf for details on the protocol.

Consumers of the SecretConnection are responsible for authenticating the remote peer's pubkey against known information, like a nodeID. Otherwise they are vulnerable to MITM. (TODO(ismail): see also https://github.com/tendermint/tendermint/issues/3010)

func MakeSecretConnection

func MakeSecretConnection(conn io.ReadWriteCloser, locPrivKey crypto.PrivKey) (*SecretConnection, error)

MakeSecretConnection performs handshake and returns a new authenticated SecretConnection. Returns nil if there is an error in handshake. Caller should call conn.Close() See docs/sts-final.pdf for more information.

func (*SecretConnection) Close

func (sc *SecretConnection) Close() error

Implements net.Conn

func (*SecretConnection) LocalAddr

func (sc *SecretConnection) LocalAddr() net.Addr

func (*SecretConnection) Read

func (sc *SecretConnection) Read(data []byte) (n int, err error)

CONTRACT: data smaller than dataMaxSize is read atomically.

func (*SecretConnection) RemoteAddr

func (sc *SecretConnection) RemoteAddr() net.Addr

func (*SecretConnection) RemotePubKey

func (sc *SecretConnection) RemotePubKey() crypto.PubKey

RemotePubKey returns authenticated remote pubkey

func (*SecretConnection) SetDeadline

func (sc *SecretConnection) SetDeadline(t time.Time) error

func (*SecretConnection) SetReadDeadline

func (sc *SecretConnection) SetReadDeadline(t time.Time) error

func (*SecretConnection) SetWriteDeadline

func (sc *SecretConnection) SetWriteDeadline(t time.Time) error

func (*SecretConnection) Write

func (sc *SecretConnection) Write(data []byte) (n int, err error)

Writes encrypted frames of `totalFrameSize + aeadSizeOverhead`. CONTRACT: data smaller than dataMaxSize is written atomically.

type SignerClient

type SignerClient struct {
	// contains filtered or unexported fields
}

SignerClient implements PrivValidator. Handles remote validator connections that provide signing services

func NewSignerClient

func NewSignerClient(ctx context.Context, endpoint *SignerListenerEndpoint, chainID string) (*SignerClient, error)

NewSignerClient returns an instance of SignerClient. it will start the endpoint (if not already started)

func (*SignerClient) Close

func (sc *SignerClient) Close() error

Close closes the underlying connection

func (*SignerClient) ExtractIntoValidator

func (sc *SignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator

func (*SignerClient) GetFirstQuorumHash

func (sc *SignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)

func (*SignerClient) GetHeight

func (sc *SignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)

func (*SignerClient) GetPrivateKey

func (sc *SignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)

func (*SignerClient) GetProTxHash

func (sc *SignerClient) GetProTxHash(ctx context.Context) (crypto.ProTxHash, error)

func (*SignerClient) GetPubKey

func (sc *SignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

GetPubKey retrieves a public key from a remote signer returns an error if client is not able to provide the key

func (*SignerClient) GetThresholdPublicKey

func (sc *SignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)

func (*SignerClient) IsConnected

func (sc *SignerClient) IsConnected() bool

IsConnected indicates with the signer is connected to a remote signing service

func (*SignerClient) Ping

func (sc *SignerClient) Ping(ctx context.Context) error

Ping sends a ping request to the remote signer

func (*SignerClient) SignProposal

func (sc *SignerClient) SignProposal(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	proposal *tmproto.Proposal,
) (tmbytes.HexBytes, error)

SignProposal requests a remote signer to sign a proposal

func (*SignerClient) SignVote

func (sc *SignerClient) SignVote(
	ctx context.Context,
	chainID string,
	quorumType btcjson.LLMQType,
	quorumHash crypto.QuorumHash,
	vote *tmproto.Vote,
	_logger log.Logger,
) error

SignVote requests a remote signer to sign a vote

func (*SignerClient) UpdatePrivateKey

func (sc *SignerClient) UpdatePrivateKey(
	_ctx context.Context, _privateKey crypto.PrivKey, _quorumHash crypto.QuorumHash, _thresholdPublicKey crypto.PubKey, _height int64,
)

func (*SignerClient) WaitForConnection

func (sc *SignerClient) WaitForConnection(ctx context.Context, maxWait time.Duration) error

WaitForConnection waits maxWait for a connection or returns a timeout error

type SignerDialerEndpoint

type SignerDialerEndpoint struct {
	// contains filtered or unexported fields
}

SignerDialerEndpoint dials using its dialer and responds to any signature requests using its privVal.

func NewSignerDialerEndpoint

func NewSignerDialerEndpoint(
	logger log.Logger,
	dialer SocketDialer,
	options ...SignerServiceEndpointOption,
) *SignerDialerEndpoint

NewSignerDialerEndpoint returns a SignerDialerEndpoint that will dial using the given dialer and respond to any signature requests over the connection using the given privVal.

func (*SignerDialerEndpoint) Close

func (se *SignerDialerEndpoint) Close() error

Close closes the underlying net.Conn.

func (*SignerDialerEndpoint) DropConnection

func (se *SignerDialerEndpoint) DropConnection()

IsConnected indicates if there is an active connection

func (*SignerDialerEndpoint) GetAvailableConnection

func (se *SignerDialerEndpoint) GetAvailableConnection(connectionAvailableCh chan net.Conn) bool

TryGetConnection retrieves a connection if it is already available

func (*SignerDialerEndpoint) IsConnected

func (se *SignerDialerEndpoint) IsConnected() bool

IsConnected indicates if there is an active connection

func (*SignerDialerEndpoint) OnStart

func (*SignerDialerEndpoint) OnStop

func (sd *SignerDialerEndpoint) OnStop()

func (*SignerDialerEndpoint) ReadMessage

func (se *SignerDialerEndpoint) ReadMessage() (msg privvalproto.Message, err error)

ReadMessage reads a message from the endpoint

func (*SignerDialerEndpoint) SetConnection

func (se *SignerDialerEndpoint) SetConnection(newConnection net.Conn)

SetConnection replaces the current connection object

func (*SignerDialerEndpoint) WaitConnection

func (se *SignerDialerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, maxWait time.Duration) error

TryGetConnection retrieves a connection if it is already available

func (*SignerDialerEndpoint) WriteMessage

func (se *SignerDialerEndpoint) WriteMessage(msg privvalproto.Message) (err error)

WriteMessage writes a message from the endpoint

type SignerListenerEndpoint

type SignerListenerEndpoint struct {
	// contains filtered or unexported fields
}

SignerListenerEndpoint listens for an external process to dial in and keeps the connection alive by dropping and reconnecting.

The process will send pings every ~3s (read/write timeout * 2/3) to keep the connection alive.

func NewSignerListener

func NewSignerListener(listenAddr string, logger log.Logger) (*SignerListenerEndpoint, error)

NewSignerListener creates a new SignerListenerEndpoint using the corresponding listen address

func NewSignerListenerEndpoint

func NewSignerListenerEndpoint(
	logger log.Logger,
	listener net.Listener,
	options ...SignerListenerEndpointOption,
) *SignerListenerEndpoint

NewSignerListenerEndpoint returns an instance of SignerListenerEndpoint.

func (*SignerListenerEndpoint) Close

func (se *SignerListenerEndpoint) Close() error

Close closes the underlying net.Conn.

func (*SignerListenerEndpoint) DropConnection

func (se *SignerListenerEndpoint) DropConnection()

IsConnected indicates if there is an active connection

func (*SignerListenerEndpoint) GetAvailableConnection

func (se *SignerListenerEndpoint) GetAvailableConnection(connectionAvailableCh chan net.Conn) bool

TryGetConnection retrieves a connection if it is already available

func (*SignerListenerEndpoint) IsConnected

func (se *SignerListenerEndpoint) IsConnected() bool

IsConnected indicates if there is an active connection

func (*SignerListenerEndpoint) OnStart

func (sl *SignerListenerEndpoint) OnStart(ctx context.Context) error

OnStart implements service.Service.

func (*SignerListenerEndpoint) OnStop

func (sl *SignerListenerEndpoint) OnStop()

OnStop implements service.Service

func (*SignerListenerEndpoint) ReadMessage

func (se *SignerListenerEndpoint) ReadMessage() (msg privvalproto.Message, err error)

ReadMessage reads a message from the endpoint

func (*SignerListenerEndpoint) SendRequest

SendRequest ensures there is a connection, sends a request and waits for a response

func (*SignerListenerEndpoint) SetConnection

func (se *SignerListenerEndpoint) SetConnection(newConnection net.Conn)

SetConnection replaces the current connection object

func (*SignerListenerEndpoint) WaitConnection

func (se *SignerListenerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, maxWait time.Duration) error

TryGetConnection retrieves a connection if it is already available

func (*SignerListenerEndpoint) WaitForConnection

func (sl *SignerListenerEndpoint) WaitForConnection(ctx context.Context, maxWait time.Duration) error

WaitForConnection waits maxWait for a connection or returns a timeout error

func (*SignerListenerEndpoint) WriteMessage

func (se *SignerListenerEndpoint) WriteMessage(msg privvalproto.Message) (err error)

WriteMessage writes a message from the endpoint

type SignerListenerEndpointOption

type SignerListenerEndpointOption func(*SignerListenerEndpoint)

SignerListenerEndpointOption sets an optional parameter on the SignerListenerEndpoint.

func SignerListenerEndpointTimeoutReadWrite

func SignerListenerEndpointTimeoutReadWrite(timeout time.Duration) SignerListenerEndpointOption

SignerListenerEndpointTimeoutReadWrite sets the read and write timeout for connections from external signing processes.

Default: 5s

type SignerServer

type SignerServer struct {
	service.BaseService
	// contains filtered or unexported fields
}

func NewSignerServer

func NewSignerServer(endpoint *SignerDialerEndpoint, chainID string, privVal types.PrivValidator) *SignerServer

func (*SignerServer) OnStart

func (ss *SignerServer) OnStart(ctx context.Context) error

OnStart implements service.Service.

func (*SignerServer) OnStop

func (ss *SignerServer) OnStop()

OnStop implements service.Service.

func (*SignerServer) SetRequestHandler

func (ss *SignerServer) SetRequestHandler(validationRequestHandler ValidationRequestHandlerFunc)

SetRequestHandler override the default function that is used to service requests

type SignerServiceEndpointOption

type SignerServiceEndpointOption func(*SignerDialerEndpoint)

SignerServiceEndpointOption sets an optional parameter on the SignerDialerEndpoint.

func SignerDialerEndpointConnRetries

func SignerDialerEndpointConnRetries(retries int) SignerServiceEndpointOption

SignerDialerEndpointConnRetries sets the amount of attempted retries to acceptNewConnection.

func SignerDialerEndpointRetryWaitInterval

func SignerDialerEndpointRetryWaitInterval(interval time.Duration) SignerServiceEndpointOption

SignerDialerEndpointRetryWaitInterval sets the retry wait interval to a custom value.

func SignerDialerEndpointTimeoutReadWrite

func SignerDialerEndpointTimeoutReadWrite(timeout time.Duration) SignerServiceEndpointOption

SignerDialerEndpointTimeoutReadWrite sets the read and write timeout for connections from client processes.

type SocketDialer

type SocketDialer func() (net.Conn, error)

SocketDialer dials a remote address and returns a net.Conn or an error.

func DialTCPFn

func DialTCPFn(addr string, timeoutReadWrite time.Duration, privKey crypto.PrivKey) SocketDialer

DialTCPFn dials the given tcp addr, using the given timeoutReadWrite and privKey for the authenticated encryption handshake.

func DialUnixFn

func DialUnixFn(addr string) SocketDialer

DialUnixFn dials the given unix socket.

type TCPListener

type TCPListener struct {
	*net.TCPListener
	// contains filtered or unexported fields
}

TCPListener wraps a *net.TCPListener to standardize protocol timeouts and potentially other tuning parameters. It also returns encrypted connections.

func NewTCPListener

func NewTCPListener(ln net.Listener, secretConnKey ed25519.PrivKey) *TCPListener

NewTCPListener returns a listener that accepts authenticated encrypted connections using the given secretConnKey and the default timeout values.

func (*TCPListener) Accept

func (ln *TCPListener) Accept() (net.Conn, error)

Accept implements net.Listener.

type TCPListenerOption

type TCPListenerOption func(*TCPListener)

TCPListenerOption sets an optional parameter on the tcpListener.

func TCPListenerTimeoutAccept

func TCPListenerTimeoutAccept(timeout time.Duration) TCPListenerOption

TCPListenerTimeoutAccept sets the timeout for the listener. A zero time value disables the timeout.

func TCPListenerTimeoutReadWrite

func TCPListenerTimeoutReadWrite(timeout time.Duration) TCPListenerOption

TCPListenerTimeoutReadWrite sets the read and write timeout for connections from external signing processes.

type UnixListener

type UnixListener struct {
	*net.UnixListener
	// contains filtered or unexported fields
}

UnixListener wraps a *net.UnixListener to standardize protocol timeouts and potentially other tuning parameters. It returns unencrypted connections.

func NewUnixListener

func NewUnixListener(ln net.Listener) *UnixListener

NewUnixListener returns a listener that accepts unencrypted connections using the default timeout values.

func (*UnixListener) Accept

func (ln *UnixListener) Accept() (net.Conn, error)

Accept implements net.Listener.

type UnixListenerOption

type UnixListenerOption func(*UnixListener)

func UnixListenerTimeoutAccept

func UnixListenerTimeoutAccept(timeout time.Duration) UnixListenerOption

UnixListenerTimeoutAccept sets the timeout for the listener. A zero time value disables the timeout.

func UnixListenerTimeoutReadWrite

func UnixListenerTimeoutReadWrite(timeout time.Duration) UnixListenerOption

UnixListenerTimeoutReadWrite sets the read and write timeout for connections from external signing processes.

type ValidationRequestHandlerFunc

type ValidationRequestHandlerFunc func(
	ctx context.Context,
	privVal types.PrivValidator,
	requestMessage privvalproto.Message,
	chainID string) (privvalproto.Message, error)

ValidationRequestHandlerFunc handles different remoteSigner requests

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL