Documentation ¶
Overview ¶
Package local defines an implementation of an on-disk, EIP-2335 keystore.json approach towards defining validator accounts in Prysm. A validating private key is encrypted using a passphrase and its resulting encrypted file is stored as a keystore.json file under a unique, human-readable, account namespace. This local keymanager approach relies on storing account information on-disk, making it trivial to import, backup and list all associated accounts for a user.
EIP-2335 is a keystore format defined by https://eips.ethereum.org/EIPS/eip-2335 for storing and defining encryption for BLS12-381 private keys, utilized by Ethereum. This keystore.json format is not compatible with the current keystore standard used in eth1 due to a lack of support for KECCAK-256. Passwords utilized for key encryptions are strings of arbitrary unicode characters. The password is first converted to its NFKD representation, stripped of control codes specified in the EIP link above, and finally the password is UTF-8 encoded.
Index ¶
- Constants
- Variables
- func CreatePrintoutOfKeys(keys [][]byte) string
- func ResetCaches()
- type AccountsKeystoreRepresentation
- type InteropKeymanagerConfig
- type Keymanager
- func (km *Keymanager) CreateAccountsKeystore(ctx context.Context, seeds, publicKeys [][]byte) (*AccountsKeystoreRepresentation, error)
- func (km *Keymanager) CreateOrUpdateInMemoryAccountsStore(_ context.Context, seeds, publicKeys [][]byte) error
- func (km *Keymanager) DeleteKeystores(ctx context.Context, publicKeys [][]byte) ([]*zondpbservice.DeletedKeystoreStatus, error)
- func (*Keymanager) ExtractKeystores(_ context.Context, publicKeys []dilithium.PublicKey, password string) ([]*keymanager.Keystore, error)
- func (_ *Keymanager) FetchValidatingPublicKeys(ctx context.Context) ([][dilithium2.CryptoPublicKeyBytes]byte, error)
- func (km *Keymanager) FetchValidatingSeeds(ctx context.Context) ([][common2.SeedSize]byte, error)
- func (km *Keymanager) ImportKeypairs(ctx context.Context, privKeys, pubKeys [][]byte) error
- func (km *Keymanager) ImportKeystores(ctx context.Context, keystores []*keymanager.Keystore, passwords []string) ([]*zondpbservice.ImportedKeystoreStatus, error)
- func (km *Keymanager) ListKeymanagerAccounts(ctx context.Context, cfg keymanager.ListKeymanagerAccountConfig) error
- func (km *Keymanager) SaveStoreAndReInitialize(ctx context.Context, store *accountStore) error
- func (_ *Keymanager) Sign(ctx context.Context, req *validatorpb.SignRequest) (dilithium.Signature, error)
- func (km *Keymanager) SubscribeAccountChanges(pubKeysChan chan [][dilithium2.CryptoPublicKeyBytes]byte) event.Subscription
- func (_ *Keymanager) ValidatingAccountNames() ([]string, error)
- type SetupConfig
Constants ¶
const ( // KeystoreFileNameFormat exposes the filename the keystore should be formatted in. KeystoreFileNameFormat = "keystore-%d.json" // AccountsPath where all local keymanager keystores are kept. AccountsPath = "accounts" // AccountsKeystoreFileName exposes the name of the keystore file. AccountsKeystoreFileName = "all-accounts.keystore.json" )
Variables ¶
var ( ErrNoPasswords = errors.New("no passwords provided for keystores") ErrMismatchedNumPasswords = errors.New("number of passwords does not match number of keystores") )
Functions ¶
func CreatePrintoutOfKeys ¶
Types ¶
type AccountsKeystoreRepresentation ¶
type AccountsKeystoreRepresentation struct { Crypto map[string]interface{} `json:"crypto"` ID string `json:"uuid"` Version uint `json:"version"` Name string `json:"name"` }
AccountsKeystoreRepresentation defines an internal Prysm representation of validator accounts, encrypted according to the EIP-2334 standard.
func CreateAccountsKeystoreRepresentation ¶
func CreateAccountsKeystoreRepresentation( _ context.Context, store *accountStore, walletPW string, ) (*AccountsKeystoreRepresentation, error)
CreateAccountsKeystoreRepresentation is a pure function that takes an accountStore and wallet password and returns the encrypted formatted json version for local writing.
type InteropKeymanagerConfig ¶
InteropKeymanagerConfig is used on validator launch to initialize the keymanager. InteropKeys are used for testing purposes.
type Keymanager ¶
type Keymanager struct {
// contains filtered or unexported fields
}
Keymanager implementation for local keystores utilizing EIP-2335.
func NewInteropKeymanager ¶
func NewInteropKeymanager(_ context.Context, offset, numValidatorKeys uint64) (*Keymanager, error)
NewInteropKeymanager instantiates a new imported keymanager with the deterministically generated interop keys. InteropKeys are used for testing purposes.
func NewKeymanager ¶
func NewKeymanager(ctx context.Context, cfg *SetupConfig) (*Keymanager, error)
NewKeymanager instantiates a new local keymanager from configuration options.
func (*Keymanager) CreateAccountsKeystore ¶
func (km *Keymanager) CreateAccountsKeystore(ctx context.Context, seeds, publicKeys [][]byte) (*AccountsKeystoreRepresentation, error)
CreateAccountsKeystore creates a new keystore holding the provided keys.
func (*Keymanager) CreateOrUpdateInMemoryAccountsStore ¶
func (km *Keymanager) CreateOrUpdateInMemoryAccountsStore(_ context.Context, seeds, publicKeys [][]byte) error
CreateOrUpdateInMemoryAccountsStore will set or update the local accounts store and update the local cache. This function DOES NOT save the accounts store to disk.
func (*Keymanager) DeleteKeystores ¶
func (km *Keymanager) DeleteKeystores( ctx context.Context, publicKeys [][]byte, ) ([]*zondpbservice.DeletedKeystoreStatus, error)
DeleteKeystores takes in public keys and removes the accounts from the wallet. This includes their disk keystore and cached keystore, but maintains the slashing protection history in the database. 1) Copy the in memory keystore 2) Delete the keys from copied in memory keystore 3) Save the copy to disk 4) Reinitialize account store and updating the keymanager 5) Return API response
func (*Keymanager) ExtractKeystores ¶
func (*Keymanager) ExtractKeystores( _ context.Context, publicKeys []dilithium.PublicKey, password string, ) ([]*keymanager.Keystore, error)
ExtractKeystores retrieves the secret keys for specified public keys in the function input, encrypts them using the specified password, and returns their respective EIP-2335 keystores.
func (*Keymanager) FetchValidatingPublicKeys ¶
func (_ *Keymanager) FetchValidatingPublicKeys(ctx context.Context) ([][dilithium2.CryptoPublicKeyBytes]byte, error)
FetchValidatingPublicKeys fetches the list of active public keys from the local account keystores.
func (*Keymanager) FetchValidatingSeeds ¶
FetchValidatingSeeds fetches the list of private keys from the secret keys cache
func (*Keymanager) ImportKeypairs ¶
func (km *Keymanager) ImportKeypairs(ctx context.Context, privKeys, pubKeys [][]byte) error
ImportKeypairs directly into the keymanager.
func (*Keymanager) ImportKeystores ¶
func (km *Keymanager) ImportKeystores( ctx context.Context, keystores []*keymanager.Keystore, passwords []string, ) ([]*zondpbservice.ImportedKeystoreStatus, error)
ImportKeystores into the local keymanager from an external source. 1) Copy the in memory keystore 2) Update copied keystore with new keys 3) Save the copy to disk 4) Reinitialize account store and updating the keymanager 5) Return Statuses
func (*Keymanager) ListKeymanagerAccounts ¶
func (km *Keymanager) ListKeymanagerAccounts(ctx context.Context, cfg keymanager.ListKeymanagerAccountConfig) error
func (*Keymanager) SaveStoreAndReInitialize ¶
func (km *Keymanager) SaveStoreAndReInitialize(ctx context.Context, store *accountStore) error
SaveStoreAndReInitialize saves the store to disk and re-initializes the account keystore from file
func (*Keymanager) Sign ¶
func (_ *Keymanager) Sign(ctx context.Context, req *validatorpb.SignRequest) (dilithium.Signature, error)
Sign signs a message using a validator key.
func (*Keymanager) SubscribeAccountChanges ¶
func (km *Keymanager) SubscribeAccountChanges(pubKeysChan chan [][dilithium2.CryptoPublicKeyBytes]byte) event.Subscription
SubscribeAccountChanges creates an event subscription for a channel to listen for public key changes at runtime, such as when new validator accounts are imported into the keymanager while the validator process is running.
func (*Keymanager) ValidatingAccountNames ¶
func (_ *Keymanager) ValidatingAccountNames() ([]string, error)
ValidatingAccountNames for a local keymanager.
type SetupConfig ¶
SetupConfig includes configuration values for initializing a keymanager, such as passwords, the wallet, and more.