Documentation ¶
Overview ¶
Package privval provides different implementations of the types.PrivValidator.
FilePV ¶
FilePV is the simplest implementation and developer default. It uses one file for the private key and another to store state.
SignerListenerEndpoint ¶
SignerListenerEndpoint establishes a connection to an external process, like a Key Management Server (KMS), using a socket. SignerListenerEndpoint listens for the external KMS process to dial in. SignerListenerEndpoint takes a listener, which determines the type of connection (ie. encrypted over tcp, or unencrypted over unix).
SignerDialerEndpoint ¶
SignerDialerEndpoint is a simple wrapper around a net.Conn. It's used by both IPCVal and TCPVal.
SignerClient ¶
SignerClient handles remote validator connections that provide signing services. In production, it's recommended to wrap it with RetrySignerClient to avoid termination in case of temporary errors.
Index ¶
- Variables
- func DefaultValidationRequestHandler(ctx context.Context, privVal types.PrivValidator, req privvalproto.Message, ...) (privvalproto.Message, error)
- func IsConnTimeout(err error) bool
- type EndpointTimeoutError
- type FilePV
- func GenFilePV(keyFilePath, stateFilePath string) *FilePV
- func LoadFilePV(keyFilePath, stateFilePath string) (*FilePV, error)
- func LoadFilePVEmptyState(keyFilePath, stateFilePath string) (*FilePV, error)
- func LoadOrGenFilePV(keyFilePath, stateFilePath string) (*FilePV, error)
- func MustLoadOrGenFilePVFromConfig(cfg *config.Config) *FilePV
- func NewFilePVOneKey(privKey crypto.PrivKey, proTxHash []byte, quorumHash crypto.QuorumHash, ...) *FilePV
- func NewFilePVWithOptions(opts ...FilePVOption) (*FilePV, error)
- func (pv *FilePV) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
- func (pv *FilePV) GetFirstPubKey(_ctx context.Context) (crypto.PubKey, error)
- func (pv *FilePV) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)
- func (pv *FilePV) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)
- func (pv *FilePV) GetPrivateKey(context context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
- func (pv *FilePV) GetProTxHash(_ctx context.Context) (crypto.ProTxHash, error)
- func (pv *FilePV) GetPubKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (pv *FilePV) GetPublicKey(context context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (pv *FilePV) GetQuorumHashes(_ctx context.Context) ([]crypto.QuorumHash, error)
- func (pv *FilePV) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (pv *FilePV) Reset() error
- func (pv *FilePV) Save() error
- func (pv *FilePV) SignProposal(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) (tmbytes.HexBytes, error)
- func (pv *FilePV) SignVote(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) error
- func (pv *FilePV) String() string
- func (pv *FilePV) UpdatePrivateKey(_ctx context.Context, privateKey crypto.PrivKey, quorumHash crypto.QuorumHash, ...)
- type FilePVKey
- type FilePVLastSignState
- type FilePVOption
- func WithKeyAndStateFilePaths(keyFilePath, stateFilePath string) FilePVOption
- func WithPrivateKey(key crypto.PrivKey, quorumHash crypto.QuorumHash, ...) FilePVOption
- func WithPrivateKeys(keys []crypto.PrivKey, quorumHashes []crypto.QuorumHash, ...) FilePVOption
- func WithPrivateKeysMap(privateKeysMap map[string]crypto.QuorumKeys) FilePVOption
- func WithProTxHash(proTxHash types.ProTxHash) FilePVOption
- func WithUpdateHeights(updateHeights map[string]crypto.QuorumHash) FilePVOption
- type HellarConsensusPublicKey
- type HellarCoreMockSignerServer
- type HellarCoreSignerClient
- func (sc *HellarCoreSignerClient) Close() error
- func (sc *HellarCoreSignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
- func (sc *HellarCoreSignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)
- func (sc *HellarCoreSignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)
- func (sc *HellarCoreSignerClient) GetPrivateKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
- func (sc *HellarCoreSignerClient) GetProTxHash(_ctx context.Context) (crypto.ProTxHash, error)
- func (sc *HellarCoreSignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (sc *HellarCoreSignerClient) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (sc *HellarCoreSignerClient) HellarRPCClient() hellarcore.Client
- func (sc *HellarCoreSignerClient) Ping() error
- func (sc *HellarCoreSignerClient) QuorumSign(ctx context.Context, msgHash []byte, requestIDHash []byte, ...) ([]byte, []byte, error)
- func (sc *HellarCoreSignerClient) QuorumVerify(quorumType btcjson.LLMQType, requestID tmbytes.HexBytes, ...) (bool, error)
- func (sc *HellarCoreSignerClient) SignProposal(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) (tmbytes.HexBytes, error)
- func (sc *HellarCoreSignerClient) SignVote(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) error
- func (sc *HellarCoreSignerClient) UpdatePrivateKey(_ctx context.Context, _privateKey crypto.PrivKey, ...)
- type HellarPrivValidator
- type RemoteSignerError
- type RetrySignerClient
- func (sc *RetrySignerClient) Close() error
- func (sc *RetrySignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
- func (sc *RetrySignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)
- func (sc *RetrySignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)
- func (sc *RetrySignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
- func (sc *RetrySignerClient) GetProTxHash(ctx context.Context) (crypto.ProTxHash, error)
- func (sc *RetrySignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (sc *RetrySignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (sc *RetrySignerClient) IsConnected() bool
- func (sc *RetrySignerClient) Ping(ctx context.Context) error
- func (sc *RetrySignerClient) SignProposal(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) (tmbytes.HexBytes, error)
- func (sc *RetrySignerClient) SignVote(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) error
- func (sc *RetrySignerClient) UpdatePrivateKey(_ctx context.Context, _privateKey crypto.PrivKey, ...)
- func (sc *RetrySignerClient) WaitForConnection(ctx context.Context, maxWait time.Duration) error
- type SecretConnection
- func (sc *SecretConnection) Close() error
- func (sc *SecretConnection) LocalAddr() net.Addr
- func (sc *SecretConnection) Read(data []byte) (n int, err error)
- func (sc *SecretConnection) RemoteAddr() net.Addr
- func (sc *SecretConnection) RemotePubKey() crypto.PubKey
- func (sc *SecretConnection) SetDeadline(t time.Time) error
- func (sc *SecretConnection) SetReadDeadline(t time.Time) error
- func (sc *SecretConnection) SetWriteDeadline(t time.Time) error
- func (sc *SecretConnection) Write(data []byte) (n int, err error)
- type SignerClient
- func (sc *SignerClient) Close() error
- func (sc *SignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
- func (sc *SignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)
- func (sc *SignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)
- func (sc *SignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
- func (sc *SignerClient) GetProTxHash(ctx context.Context) (crypto.ProTxHash, error)
- func (sc *SignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (sc *SignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
- func (sc *SignerClient) IsConnected() bool
- func (sc *SignerClient) Ping(ctx context.Context) error
- func (sc *SignerClient) SignProposal(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) (tmbytes.HexBytes, error)
- func (sc *SignerClient) SignVote(ctx context.Context, chainID string, quorumType btcjson.LLMQType, ...) error
- func (sc *SignerClient) UpdatePrivateKey(_ctx context.Context, _privateKey crypto.PrivKey, ...)
- func (sc *SignerClient) WaitForConnection(ctx context.Context, maxWait time.Duration) error
- type SignerDialerEndpoint
- func (se *SignerDialerEndpoint) Close() error
- func (se *SignerDialerEndpoint) DropConnection()
- func (se *SignerDialerEndpoint) GetAvailableConnection(connectionAvailableCh chan net.Conn) bool
- func (se *SignerDialerEndpoint) IsConnected() bool
- func (sd *SignerDialerEndpoint) OnStart(context.Context) error
- func (sd *SignerDialerEndpoint) OnStop()
- func (se *SignerDialerEndpoint) ReadMessage() (msg privvalproto.Message, err error)
- func (se *SignerDialerEndpoint) SetConnection(newConnection net.Conn)
- func (se *SignerDialerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, ...) error
- func (se *SignerDialerEndpoint) WriteMessage(msg privvalproto.Message) (err error)
- type SignerListenerEndpoint
- func (se *SignerListenerEndpoint) Close() error
- func (se *SignerListenerEndpoint) DropConnection()
- func (se *SignerListenerEndpoint) GetAvailableConnection(connectionAvailableCh chan net.Conn) bool
- func (se *SignerListenerEndpoint) IsConnected() bool
- func (sl *SignerListenerEndpoint) OnStart(ctx context.Context) error
- func (sl *SignerListenerEndpoint) OnStop()
- func (se *SignerListenerEndpoint) ReadMessage() (msg privvalproto.Message, err error)
- func (sl *SignerListenerEndpoint) SendRequest(ctx context.Context, request privvalproto.Message) (*privvalproto.Message, error)
- func (se *SignerListenerEndpoint) SetConnection(newConnection net.Conn)
- func (se *SignerListenerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, ...) error
- func (sl *SignerListenerEndpoint) WaitForConnection(ctx context.Context, maxWait time.Duration) error
- func (se *SignerListenerEndpoint) WriteMessage(msg privvalproto.Message) (err error)
- type SignerListenerEndpointOption
- type SignerServer
- type SignerServiceEndpointOption
- type SocketDialer
- type TCPListener
- type TCPListenerOption
- type UnixListener
- type UnixListenerOption
- type ValidationRequestHandlerFunc
Constants ¶
This section is empty.
Variables ¶
var ( ErrConnectionTimeout = EndpointTimeoutError{} ErrNoConnection = errors.New("endpoint is not connected") ErrReadTimeout = errors.New("endpoint read timed out") ErrUnexpectedResponse = errors.New("empty response") ErrWriteTimeout = errors.New("endpoint write timed out") )
Socket errors.
var (
ErrDialRetryMax = errors.New("dialed maximum retries")
)
Socket errors.
var (
ErrSmallOrderRemotePubKey = errors.New("detected low order point from remote peer")
)
Functions ¶
func DefaultValidationRequestHandler ¶
func DefaultValidationRequestHandler( ctx context.Context, privVal types.PrivValidator, req privvalproto.Message, chainID string, ) (privvalproto.Message, error)
func IsConnTimeout ¶
IsConnTimeout returns a boolean indicating whether the error is known to report that a connection timeout occurred. This detects both fundamental network timeouts, as well as ErrConnTimeout errors.
Types ¶
type EndpointTimeoutError ¶
type EndpointTimeoutError struct{}
EndpointTimeoutError occurs when endpoint times out.
func (EndpointTimeoutError) Error ¶
func (e EndpointTimeoutError) Error() string
Implement the net.Error interface.
func (EndpointTimeoutError) Temporary ¶
func (e EndpointTimeoutError) Temporary() bool
func (EndpointTimeoutError) Timeout ¶
func (e EndpointTimeoutError) Timeout() bool
type FilePV ¶
type FilePV struct { Key FilePVKey LastSignState FilePVLastSignState // contains filtered or unexported fields }
FilePV implements PrivValidator using data persisted to disk to prevent double signing. NOTE: the directories containing pv.Key.filePath and pv.LastSignState.filePath must already exist. It includes the LastSignature and LastSignBytes so we don't lose the signature if the process crashes after signing but before the resulting consensus message is processed.
func GenFilePV ¶
GenFilePV generates a new validator with randomly generated private key and sets the filePaths, but does not call Save().
func LoadFilePV ¶
LoadFilePV loads a FilePV from the filePaths. The FilePV handles double signing prevention by persisting data to the stateFilePath. If either file path does not exist, the program will exit.
func LoadFilePVEmptyState ¶
LoadFilePVEmptyState loads a FilePV from the given keyFilePath, with an empty LastSignState. If the keyFilePath does not exist, the program will exit.
func LoadOrGenFilePV ¶
LoadOrGenFilePV loads a FilePV from the given filePaths or else generates a new one and saves it to the filePaths.
func MustLoadOrGenFilePVFromConfig ¶
MustLoadOrGenFilePVFromConfig calls LoadOrGenFilePV if gets an error then panic
func NewFilePVOneKey ¶
func NewFilePVOneKey( privKey crypto.PrivKey, proTxHash []byte, quorumHash crypto.QuorumHash, thresholdPublicKey crypto.PubKey, keyFilePath, stateFilePath string, ) *FilePV
NewFilePVOneKey generates a new validator from the given key and paths.
func NewFilePVWithOptions ¶
func NewFilePVWithOptions(opts ...FilePVOption) (*FilePV, error)
NewFilePVWithOptions ...
func (*FilePV) ExtractIntoValidator ¶
func (pv *FilePV) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
ExtractIntoValidator ...
func (*FilePV) GetFirstPubKey ¶
GetFirstPubKey returns the first public key of the validator. Implements PrivValidator.
func (*FilePV) GetFirstQuorumHash ¶
func (*FilePV) GetPrivateKey ¶
func (pv *FilePV) GetPrivateKey(context context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
GetPrivateKey ...
func (*FilePV) GetProTxHash ¶
GetProTxHash returns the pro tx hash of the validator. Implements PrivValidator.
func (*FilePV) GetPubKey ¶
func (pv *FilePV) GetPubKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
GetPubKey returns the public key of the validator. Implements PrivValidator.
func (*FilePV) GetPublicKey ¶
func (*FilePV) GetQuorumHashes ¶
func (*FilePV) GetThresholdPublicKey ¶
func (pv *FilePV) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
GetThresholdPublicKey ...
func (*FilePV) SignProposal ¶
func (pv *FilePV) SignProposal( ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, proposal *tmproto.Proposal, ) (tmbytes.HexBytes, error)
SignProposal signs a canonical representation of the proposal, along with the chainID. Implements PrivValidator.
func (*FilePV) SignVote ¶
func (pv *FilePV) SignVote( ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, vote *tmproto.Vote, _logger log.Logger, ) error
SignVote signs a canonical representation of the vote, along with the chainID. Implements PrivValidator.
type FilePVKey ¶
type FilePVKey struct { PrivateKeys map[string]crypto.QuorumKeys // heightString -> quorumHash UpdateHeights map[string]crypto.QuorumHash // quorumHash -> heightString FirstHeightOfQuorums map[string]string ProTxHash crypto.ProTxHash // contains filtered or unexported fields }
FilePVKey stores the immutable part of PrivValidator.
func (FilePVKey) MarshalJSON ¶
func (FilePVKey) ThresholdPublicKeyForQuorumHash ¶
func (*FilePVKey) UnmarshalJSON ¶
type FilePVLastSignState ¶
type FilePVLastSignState struct { Height int64 `json:"height,string"` Round int32 `json:"round"` Step int8 `json:"step"` BlockSignature []byte `json:"block_signature,omitempty"` BlockSignBytes tmbytes.HexBytes `json:"block_sign_bytes,omitempty"` // contains filtered or unexported fields }
FilePVLastSignState stores the mutable part of PrivValidator.
func (*FilePVLastSignState) Save ¶
func (lss *FilePVLastSignState) Save() error
Save persists the FilePvLastSignState to its filePath.
type FilePVOption ¶
FilePVOption ...
func WithKeyAndStateFilePaths ¶
func WithKeyAndStateFilePaths(keyFilePath, stateFilePath string) FilePVOption
WithKeyAndStateFilePaths ...
func WithPrivateKey ¶
func WithPrivateKey(key crypto.PrivKey, quorumHash crypto.QuorumHash, thresholdPublicKey *crypto.PubKey) FilePVOption
func WithPrivateKeys ¶
func WithPrivateKeys( keys []crypto.PrivKey, quorumHashes []crypto.QuorumHash, thresholdPublicKeys *[]crypto.PubKey, ) FilePVOption
WithPrivateKeys ...
func WithPrivateKeysMap ¶
func WithPrivateKeysMap(privateKeysMap map[string]crypto.QuorumKeys) FilePVOption
func WithUpdateHeights ¶
func WithUpdateHeights(updateHeights map[string]crypto.QuorumHash) FilePVOption
type HellarConsensusPublicKey ¶
HellarConesensusPublicKey is a public key that constructs SignID in the background, to avoid this additional step when verifying signatures.
func NewHellarConsensusPublicKey ¶
func NewHellarConsensusPublicKey(baseKey tmcrypto.PubKey, quorumHash tmcrypto.QuorumHash, quorumType btcjson.LLMQType) *HellarConsensusPublicKey
NewHellarConsensusPublicKey wraps a public key with transparent handling of SignID according to DIP-7
func (HellarConsensusPublicKey) VerifySignature ¶
func (pub HellarConsensusPublicKey) VerifySignature(msg []byte, sig []byte) bool
func (HellarConsensusPublicKey) VerifySignatureDigest ¶
func (pub HellarConsensusPublicKey) VerifySignatureDigest(hash []byte, sig []byte) bool
type HellarCoreMockSignerServer ¶
type HellarCoreMockSignerServer struct {
// contains filtered or unexported fields
}
func NewHellarCoreMockSignerServer ¶
func NewHellarCoreMockSignerServer( _endpoint *SignerDialerEndpoint, chainID string, quorumHash crypto.QuorumHash, privVal types.PrivValidator, ) *HellarCoreMockSignerServer
func (*HellarCoreMockSignerServer) Run ¶
func (ss *HellarCoreMockSignerServer) Run(port int) error
OnStart implements service.Service.
type HellarCoreSignerClient ¶
type HellarCoreSignerClient struct {
// contains filtered or unexported fields
}
HellarCoreSignerClient implements HellarPrivValidator. Handles remote validator connections that provide signing services
func NewHellarCoreSignerClient ¶
func NewHellarCoreSignerClient( client hellarcore.Client, defaultQuorumType btcjson.LLMQType, logger log.Logger, ) (*HellarCoreSignerClient, error)
NewHellarCoreSignerClient returns an instance of SignerClient. it will start the endpoint (if not already started)
func (*HellarCoreSignerClient) Close ¶
func (sc *HellarCoreSignerClient) Close() error
Close closes the underlying connection
func (*HellarCoreSignerClient) ExtractIntoValidator ¶
func (sc *HellarCoreSignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
func (*HellarCoreSignerClient) GetFirstQuorumHash ¶
func (sc *HellarCoreSignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)
func (*HellarCoreSignerClient) GetHeight ¶
func (sc *HellarCoreSignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)
func (*HellarCoreSignerClient) GetPrivateKey ¶
func (sc *HellarCoreSignerClient) GetPrivateKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
func (*HellarCoreSignerClient) GetProTxHash ¶
func (*HellarCoreSignerClient) GetPubKey ¶
func (sc *HellarCoreSignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
GetPubKey retrieves a public key from a remote signer returns an error if client is not able to provide the key
func (*HellarCoreSignerClient) GetThresholdPublicKey ¶
func (sc *HellarCoreSignerClient) GetThresholdPublicKey(_ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
func (*HellarCoreSignerClient) HellarRPCClient ¶
func (sc *HellarCoreSignerClient) HellarRPCClient() hellarcore.Client
HellarRPCClient implements HellarPrivValidator
func (*HellarCoreSignerClient) Ping ¶
func (sc *HellarCoreSignerClient) Ping() error
Ping sends a ping request to the remote signer and will retry 2 extra times if failure
func (*HellarCoreSignerClient) QuorumSign ¶
func (sc *HellarCoreSignerClient) QuorumSign( ctx context.Context, msgHash []byte, requestIDHash []byte, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, ) ([]byte, []byte, error)
QuorumSign implements HellarPrivValidator
func (*HellarCoreSignerClient) QuorumVerify ¶
func (sc *HellarCoreSignerClient) QuorumVerify( quorumType btcjson.LLMQType, requestID tmbytes.HexBytes, messageHash tmbytes.HexBytes, signature tmbytes.HexBytes, quorumHash tmbytes.HexBytes, ) (bool, error)
QuorumVerify implements hellarcore.QuorumVerifier
func (*HellarCoreSignerClient) SignProposal ¶
func (sc *HellarCoreSignerClient) SignProposal( ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, proposalProto *tmproto.Proposal, ) (tmbytes.HexBytes, error)
SignProposal requests a remote signer to sign a proposal
func (*HellarCoreSignerClient) SignVote ¶
func (sc *HellarCoreSignerClient) SignVote( ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, protoVote *tmproto.Vote, logger log.Logger) error
SignVote requests a remote signer to sign a vote
func (*HellarCoreSignerClient) UpdatePrivateKey ¶
func (sc *HellarCoreSignerClient) UpdatePrivateKey( _ctx context.Context, _privateKey crypto.PrivKey, _quorumHash crypto.QuorumHash, _thresholdPublicKey crypto.PubKey, _height int64, )
type HellarPrivValidator ¶
type HellarPrivValidator interface { types.PrivValidator hellarcore.QuorumVerifier HellarRPCClient() hellarcore.Client // QuorumSign executes quorum signature process and returns signature and signHash QuorumSign( ctx context.Context, msgHash []byte, requestIDHash []byte, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, ) (signature []byte, signHash []byte, err error) }
HellarPrivValidator is a PrivValidator that uses Hellar-specific logic
type RemoteSignerError ¶
type RemoteSignerError struct { // TODO(ismail): create an enum of known errors Code int Description string }
RemoteSignerError allows (remote) validators to include meaningful error descriptions in their reply.
func (*RemoteSignerError) Error ¶
func (e *RemoteSignerError) Error() string
type RetrySignerClient ¶
type RetrySignerClient struct {
// contains filtered or unexported fields
}
RetrySignerClient wraps SignerClient adding retry for each operation (except Ping) w/ a timeout.
func NewRetrySignerClient ¶
func NewRetrySignerClient(sc *SignerClient, retries int, timeout time.Duration) *RetrySignerClient
NewRetrySignerClient returns RetrySignerClient. If +retries+ is 0, the client will be retrying each operation indefinitely.
func (*RetrySignerClient) Close ¶
func (sc *RetrySignerClient) Close() error
func (*RetrySignerClient) ExtractIntoValidator ¶
func (sc *RetrySignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
func (*RetrySignerClient) GetFirstQuorumHash ¶
func (sc *RetrySignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)
func (*RetrySignerClient) GetHeight ¶
func (sc *RetrySignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)
func (*RetrySignerClient) GetPrivateKey ¶
func (sc *RetrySignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
func (*RetrySignerClient) GetProTxHash ¶
func (*RetrySignerClient) GetPubKey ¶
func (sc *RetrySignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
func (*RetrySignerClient) GetThresholdPublicKey ¶
func (sc *RetrySignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
func (*RetrySignerClient) IsConnected ¶
func (sc *RetrySignerClient) IsConnected() bool
func (*RetrySignerClient) SignProposal ¶
func (*RetrySignerClient) UpdatePrivateKey ¶
func (sc *RetrySignerClient) UpdatePrivateKey( _ctx context.Context, _privateKey crypto.PrivKey, _quorumHash crypto.QuorumHash, _thresholdPublicKey crypto.PubKey, _height int64, )
func (*RetrySignerClient) WaitForConnection ¶
type SecretConnection ¶
type SecretConnection struct {
// contains filtered or unexported fields
}
SecretConnection implements net.Conn. It is an implementation of the STS protocol. See https://github.com/tendermint/tendermint/blob/0.1/docs/sts-final.pdf for details on the protocol.
Consumers of the SecretConnection are responsible for authenticating the remote peer's pubkey against known information, like a nodeID. Otherwise they are vulnerable to MITM. (TODO(ismail): see also https://github.com/tendermint/tendermint/issues/3010)
func MakeSecretConnection ¶
func MakeSecretConnection(conn io.ReadWriteCloser, locPrivKey crypto.PrivKey) (*SecretConnection, error)
MakeSecretConnection performs handshake and returns a new authenticated SecretConnection. Returns nil if there is an error in handshake. Caller should call conn.Close() See docs/sts-final.pdf for more information.
func (*SecretConnection) LocalAddr ¶
func (sc *SecretConnection) LocalAddr() net.Addr
func (*SecretConnection) Read ¶
func (sc *SecretConnection) Read(data []byte) (n int, err error)
CONTRACT: data smaller than dataMaxSize is read atomically.
func (*SecretConnection) RemoteAddr ¶
func (sc *SecretConnection) RemoteAddr() net.Addr
func (*SecretConnection) RemotePubKey ¶
func (sc *SecretConnection) RemotePubKey() crypto.PubKey
RemotePubKey returns authenticated remote pubkey
func (*SecretConnection) SetDeadline ¶
func (sc *SecretConnection) SetDeadline(t time.Time) error
func (*SecretConnection) SetReadDeadline ¶
func (sc *SecretConnection) SetReadDeadline(t time.Time) error
func (*SecretConnection) SetWriteDeadline ¶
func (sc *SecretConnection) SetWriteDeadline(t time.Time) error
type SignerClient ¶
type SignerClient struct {
// contains filtered or unexported fields
}
SignerClient implements PrivValidator. Handles remote validator connections that provide signing services
func NewSignerClient ¶
func NewSignerClient(ctx context.Context, endpoint *SignerListenerEndpoint, chainID string) (*SignerClient, error)
NewSignerClient returns an instance of SignerClient. it will start the endpoint (if not already started)
func (*SignerClient) Close ¶
func (sc *SignerClient) Close() error
Close closes the underlying connection
func (*SignerClient) ExtractIntoValidator ¶
func (sc *SignerClient) ExtractIntoValidator(ctx context.Context, quorumHash crypto.QuorumHash) *types.Validator
func (*SignerClient) GetFirstQuorumHash ¶
func (sc *SignerClient) GetFirstQuorumHash(_ctx context.Context) (crypto.QuorumHash, error)
func (*SignerClient) GetHeight ¶
func (sc *SignerClient) GetHeight(_ctx context.Context, quorumHash crypto.QuorumHash) (int64, error)
func (*SignerClient) GetPrivateKey ¶
func (sc *SignerClient) GetPrivateKey(_ctx context.Context, _quorumHash crypto.QuorumHash) (crypto.PrivKey, error)
func (*SignerClient) GetProTxHash ¶
func (*SignerClient) GetPubKey ¶
func (sc *SignerClient) GetPubKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
GetPubKey retrieves a public key from a remote signer returns an error if client is not able to provide the key
func (*SignerClient) GetThresholdPublicKey ¶
func (sc *SignerClient) GetThresholdPublicKey(ctx context.Context, quorumHash crypto.QuorumHash) (crypto.PubKey, error)
func (*SignerClient) IsConnected ¶
func (sc *SignerClient) IsConnected() bool
IsConnected indicates with the signer is connected to a remote signing service
func (*SignerClient) Ping ¶
func (sc *SignerClient) Ping(ctx context.Context) error
Ping sends a ping request to the remote signer
func (*SignerClient) SignProposal ¶
func (sc *SignerClient) SignProposal( ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, proposal *tmproto.Proposal, ) (tmbytes.HexBytes, error)
SignProposal requests a remote signer to sign a proposal
func (*SignerClient) SignVote ¶
func (sc *SignerClient) SignVote( ctx context.Context, chainID string, quorumType btcjson.LLMQType, quorumHash crypto.QuorumHash, vote *tmproto.Vote, _logger log.Logger, ) error
SignVote requests a remote signer to sign a vote
func (*SignerClient) UpdatePrivateKey ¶
func (sc *SignerClient) UpdatePrivateKey( _ctx context.Context, _privateKey crypto.PrivKey, _quorumHash crypto.QuorumHash, _thresholdPublicKey crypto.PubKey, _height int64, )
func (*SignerClient) WaitForConnection ¶
WaitForConnection waits maxWait for a connection or returns a timeout error
type SignerDialerEndpoint ¶
type SignerDialerEndpoint struct {
// contains filtered or unexported fields
}
SignerDialerEndpoint dials using its dialer and responds to any signature requests using its privVal.
func NewSignerDialerEndpoint ¶
func NewSignerDialerEndpoint( logger log.Logger, dialer SocketDialer, options ...SignerServiceEndpointOption, ) *SignerDialerEndpoint
NewSignerDialerEndpoint returns a SignerDialerEndpoint that will dial using the given dialer and respond to any signature requests over the connection using the given privVal.
func (*SignerDialerEndpoint) Close ¶
func (se *SignerDialerEndpoint) Close() error
Close closes the underlying net.Conn.
func (*SignerDialerEndpoint) DropConnection ¶
func (se *SignerDialerEndpoint) DropConnection()
IsConnected indicates if there is an active connection
func (*SignerDialerEndpoint) GetAvailableConnection ¶
TryGetConnection retrieves a connection if it is already available
func (*SignerDialerEndpoint) IsConnected ¶
func (se *SignerDialerEndpoint) IsConnected() bool
IsConnected indicates if there is an active connection
func (*SignerDialerEndpoint) OnStart ¶
func (sd *SignerDialerEndpoint) OnStart(context.Context) error
func (*SignerDialerEndpoint) OnStop ¶
func (sd *SignerDialerEndpoint) OnStop()
func (*SignerDialerEndpoint) ReadMessage ¶
func (se *SignerDialerEndpoint) ReadMessage() (msg privvalproto.Message, err error)
ReadMessage reads a message from the endpoint
func (*SignerDialerEndpoint) SetConnection ¶
SetConnection replaces the current connection object
func (*SignerDialerEndpoint) WaitConnection ¶
func (se *SignerDialerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, maxWait time.Duration) error
TryGetConnection retrieves a connection if it is already available
func (*SignerDialerEndpoint) WriteMessage ¶
func (se *SignerDialerEndpoint) WriteMessage(msg privvalproto.Message) (err error)
WriteMessage writes a message from the endpoint
type SignerListenerEndpoint ¶
type SignerListenerEndpoint struct {
// contains filtered or unexported fields
}
SignerListenerEndpoint listens for an external process to dial in and keeps the connection alive by dropping and reconnecting.
The process will send pings every ~3s (read/write timeout * 2/3) to keep the connection alive.
func NewSignerListener ¶
func NewSignerListener(listenAddr string, logger log.Logger) (*SignerListenerEndpoint, error)
NewSignerListener creates a new SignerListenerEndpoint using the corresponding listen address
func NewSignerListenerEndpoint ¶
func NewSignerListenerEndpoint( logger log.Logger, listener net.Listener, options ...SignerListenerEndpointOption, ) *SignerListenerEndpoint
NewSignerListenerEndpoint returns an instance of SignerListenerEndpoint.
func (*SignerListenerEndpoint) Close ¶
func (se *SignerListenerEndpoint) Close() error
Close closes the underlying net.Conn.
func (*SignerListenerEndpoint) DropConnection ¶
func (se *SignerListenerEndpoint) DropConnection()
IsConnected indicates if there is an active connection
func (*SignerListenerEndpoint) GetAvailableConnection ¶
TryGetConnection retrieves a connection if it is already available
func (*SignerListenerEndpoint) IsConnected ¶
func (se *SignerListenerEndpoint) IsConnected() bool
IsConnected indicates if there is an active connection
func (*SignerListenerEndpoint) OnStart ¶
func (sl *SignerListenerEndpoint) OnStart(ctx context.Context) error
OnStart implements service.Service.
func (*SignerListenerEndpoint) OnStop ¶
func (sl *SignerListenerEndpoint) OnStop()
OnStop implements service.Service
func (*SignerListenerEndpoint) ReadMessage ¶
func (se *SignerListenerEndpoint) ReadMessage() (msg privvalproto.Message, err error)
ReadMessage reads a message from the endpoint
func (*SignerListenerEndpoint) SendRequest ¶
func (sl *SignerListenerEndpoint) SendRequest(ctx context.Context, request privvalproto.Message) (*privvalproto.Message, error)
SendRequest ensures there is a connection, sends a request and waits for a response
func (*SignerListenerEndpoint) SetConnection ¶
SetConnection replaces the current connection object
func (*SignerListenerEndpoint) WaitConnection ¶
func (se *SignerListenerEndpoint) WaitConnection(ctx context.Context, connectionAvailableCh chan net.Conn, maxWait time.Duration) error
TryGetConnection retrieves a connection if it is already available
func (*SignerListenerEndpoint) WaitForConnection ¶
func (sl *SignerListenerEndpoint) WaitForConnection(ctx context.Context, maxWait time.Duration) error
WaitForConnection waits maxWait for a connection or returns a timeout error
func (*SignerListenerEndpoint) WriteMessage ¶
func (se *SignerListenerEndpoint) WriteMessage(msg privvalproto.Message) (err error)
WriteMessage writes a message from the endpoint
type SignerListenerEndpointOption ¶
type SignerListenerEndpointOption func(*SignerListenerEndpoint)
SignerListenerEndpointOption sets an optional parameter on the SignerListenerEndpoint.
func SignerListenerEndpointTimeoutReadWrite ¶
func SignerListenerEndpointTimeoutReadWrite(timeout time.Duration) SignerListenerEndpointOption
SignerListenerEndpointTimeoutReadWrite sets the read and write timeout for connections from external signing processes.
Default: 5s
type SignerServer ¶
type SignerServer struct { service.BaseService // contains filtered or unexported fields }
func NewSignerServer ¶
func NewSignerServer(endpoint *SignerDialerEndpoint, chainID string, privVal types.PrivValidator) *SignerServer
func (*SignerServer) OnStart ¶
func (ss *SignerServer) OnStart(ctx context.Context) error
OnStart implements service.Service.
func (*SignerServer) SetRequestHandler ¶
func (ss *SignerServer) SetRequestHandler(validationRequestHandler ValidationRequestHandlerFunc)
SetRequestHandler override the default function that is used to service requests
type SignerServiceEndpointOption ¶
type SignerServiceEndpointOption func(*SignerDialerEndpoint)
SignerServiceEndpointOption sets an optional parameter on the SignerDialerEndpoint.
func SignerDialerEndpointConnRetries ¶
func SignerDialerEndpointConnRetries(retries int) SignerServiceEndpointOption
SignerDialerEndpointConnRetries sets the amount of attempted retries to acceptNewConnection.
func SignerDialerEndpointRetryWaitInterval ¶
func SignerDialerEndpointRetryWaitInterval(interval time.Duration) SignerServiceEndpointOption
SignerDialerEndpointRetryWaitInterval sets the retry wait interval to a custom value.
func SignerDialerEndpointTimeoutReadWrite ¶
func SignerDialerEndpointTimeoutReadWrite(timeout time.Duration) SignerServiceEndpointOption
SignerDialerEndpointTimeoutReadWrite sets the read and write timeout for connections from client processes.
type SocketDialer ¶
SocketDialer dials a remote address and returns a net.Conn or an error.
type TCPListener ¶
type TCPListener struct { *net.TCPListener // contains filtered or unexported fields }
TCPListener wraps a *net.TCPListener to standardize protocol timeouts and potentially other tuning parameters. It also returns encrypted connections.
func NewTCPListener ¶
func NewTCPListener(ln net.Listener, secretConnKey ed25519.PrivKey) *TCPListener
NewTCPListener returns a listener that accepts authenticated encrypted connections using the given secretConnKey and the default timeout values.
type TCPListenerOption ¶
type TCPListenerOption func(*TCPListener)
TCPListenerOption sets an optional parameter on the tcpListener.
func TCPListenerTimeoutAccept ¶
func TCPListenerTimeoutAccept(timeout time.Duration) TCPListenerOption
TCPListenerTimeoutAccept sets the timeout for the listener. A zero time value disables the timeout.
func TCPListenerTimeoutReadWrite ¶
func TCPListenerTimeoutReadWrite(timeout time.Duration) TCPListenerOption
TCPListenerTimeoutReadWrite sets the read and write timeout for connections from external signing processes.
type UnixListener ¶
type UnixListener struct { *net.UnixListener // contains filtered or unexported fields }
UnixListener wraps a *net.UnixListener to standardize protocol timeouts and potentially other tuning parameters. It returns unencrypted connections.
func NewUnixListener ¶
func NewUnixListener(ln net.Listener) *UnixListener
NewUnixListener returns a listener that accepts unencrypted connections using the default timeout values.
type UnixListenerOption ¶
type UnixListenerOption func(*UnixListener)
func UnixListenerTimeoutAccept ¶
func UnixListenerTimeoutAccept(timeout time.Duration) UnixListenerOption
UnixListenerTimeoutAccept sets the timeout for the listener. A zero time value disables the timeout.
func UnixListenerTimeoutReadWrite ¶
func UnixListenerTimeoutReadWrite(timeout time.Duration) UnixListenerOption
UnixListenerTimeoutReadWrite sets the read and write timeout for connections from external signing processes.
type ValidationRequestHandlerFunc ¶
type ValidationRequestHandlerFunc func( ctx context.Context, privVal types.PrivValidator, requestMessage privvalproto.Message, chainID string) (privvalproto.Message, error)
ValidationRequestHandlerFunc handles different remoteSigner requests
Source Files ¶
- doc.go
- errors.go
- file.go
- hellar_consensus_key.go
- hellar_core_mock_signer_server.go
- hellar_core_signer_client.go
- msgs.go
- retry_signer_client.go
- secret_connection.go
- signer_client.go
- signer_dialer_endpoint.go
- signer_endpoint.go
- signer_listener_endpoint.go
- signer_requestHandler.go
- signer_server.go
- socket_dialers.go
- socket_listeners.go
- utils.go