Merge branch 'signer-json-api' into augment-sign-requests

jclapis · jclapis · commit 46ec92bdcc73 · 2025-08-19T01:37:40.000-04:00
diff --git a/crates/common/src/commit/response.rs b/crates/common/src/commit/response.rs
@@ -1,7 +1,4 @@
-use std::{fmt, fmt::Display};
-
 use alloy::{
-    hex,
     primitives::{Address, B256, U256},
     rpc::types::beacon::BlsSignature,
 };
@@ -32,21 +29,6 @@ impl BlsSignResponse {
     }
 }
 
-impl Display for BlsSignResponse {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(
-            f,
-            "BLS Signature(pubkey: {}, object_root: {}, module_id: {}, nonce: {}, chain_id: {} signature: {})",
-            self.pubkey,
-            hex::encode_prefixed(self.object_root),
-            self.module_signing_id,
-            self.nonce,
-            self.chain_id,
-            hex::encode_prefixed(self.signature)
-        )
-    }
-}
-
 #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
 pub struct EcdsaSignResponse {
     pub address: Address,
@@ -69,18 +51,3 @@ impl EcdsaSignResponse {
         Self { address, object_root, module_signing_id, nonce, chain_id, signature }
     }
 }
-
-impl Display for EcdsaSignResponse {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(
-            f,
-            "ECDSA Signature(address: {}, object_root: {}, module_id: {}, nonce: {}, chain_id: {} signature: 0x{})",
-            self.address,
-            hex::encode_prefixed(self.object_root),
-            self.module_signing_id,
-            self.nonce,
-            self.chain_id,
-            self.signature
-        )
-    }
-}
diff --git a/crates/signer/src/service.rs b/crates/signer/src/service.rs
@@ -5,7 +5,10 @@ use std::{
     time::{Duration, Instant},
 };
 
-use alloy::{primitives::Address, rpc::types::beacon::BlsPublicKey};
+use alloy::{
+    primitives::{Address, B256, U256},
+    rpc::types::beacon::BlsPublicKey,
+};
 use axum::{
     extract::{ConnectInfo, Request, State},
     http::StatusCode,
@@ -304,57 +307,17 @@ async fn handle_request_signature_bls(
     Json(request): Json<SignConsensusRequest>,
 ) -> Result<impl IntoResponse, SignerModuleError> {
     let req_id = Uuid::new_v4();
-    let Some(signing_id) = state.jwts.read().get(&module_id).map(|m| m.signing_id) else {
-        error!(event = "bls_request_signature", ?module_id, ?req_id, "Module signing ID not found");
-        return Err(SignerModuleError::RequestError("Module signing ID not found".to_string()));
-    };
     debug!(event = "bls_request_signature", ?module_id, %request, ?req_id, "New request");
-
-    let manager = state.manager.read().await;
-    let res = match &*manager {
-        SigningManager::Local(local_manager) => local_manager
-            .sign_consensus(
-                &request.pubkey,
-                &request.object_root,
-                Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce: request.nonce }),
-            )
-            .await
-            .map(|sig| {
-                Json(BlsSignResponse::new(
-                    request.pubkey,
-                    request.object_root,
-                    signing_id,
-                    request.nonce,
-                    local_manager.get_chain().id(),
-                    sig,
-                ))
-                .into_response()
-            }),
-        SigningManager::Dirk(dirk_manager) => dirk_manager
-            .request_consensus_signature(
-                &request.pubkey,
-                &request.object_root,
-                Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce: request.nonce }),
-            )
-            .await
-            .map(|sig| {
-                Json(BlsSignResponse::new(
-                    request.pubkey,
-                    request.object_root,
-                    signing_id,
-                    request.nonce,
-                    dirk_manager.get_chain().id(),
-                    sig,
-                ))
-                .into_response()
-            }),
-    };
-
-    if let Err(err) = &res {
-        error!(event = "request_signature", ?module_id, ?req_id, "{err}");
-    }
-
-    res
+    handle_request_signature_bls_impl(
+        &module_id,
+        &state,
+        &req_id,
+        false,
+        &request.pubkey,
+        &request.object_root,
+        request.nonce,
+    )
+    .await
 }
 
 /// Validates a BLS key signature request using a proxy key and returns the
@@ -365,7 +328,30 @@ async fn handle_request_signature_proxy_bls(
     Json(request): Json<SignProxyRequest<BlsPublicKey>>,
 ) -> Result<impl IntoResponse, SignerModuleError> {
     let req_id = Uuid::new_v4();
-    let Some(signing_id) = state.jwts.read().get(&module_id).map(|m| m.signing_id) else {
+    debug!(event = "proxy_bls_request_signature", ?module_id, %request, ?req_id, "New request");
+    handle_request_signature_bls_impl(
+        &module_id,
+        &state,
+        &req_id,
+        true,
+        &request.proxy,
+        &request.object_root,
+        request.nonce,
+    )
+    .await
+}
+
+/// Implementation for handling a BLS signature request
+async fn handle_request_signature_bls_impl(
+    module_id: &ModuleId,
+    state: &SigningState,
+    req_id: &Uuid,
+    is_proxy: bool,
+    signing_pubkey: &BlsPublicKey,
+    object_root: &B256,
+    nonce: u64,
+) -> Result<impl IntoResponse, SignerModuleError> {
+    let Some(signing_id) = state.jwts.read().get(module_id).map(|m| m.signing_id) else {
         error!(
             event = "proxy_bls_request_signature",
             ?module_id,
@@ -374,53 +360,48 @@ async fn handle_request_signature_proxy_bls(
         );
         return Err(SignerModuleError::RequestError("Module signing ID not found".to_string()));
     };
-    debug!(event = "proxy_bls_request_signature", ?module_id, %request, ?req_id, "New request");
 
-    let manager = state.manager.read().await;
-    let res = match &*manager {
-        SigningManager::Local(local_manager) => local_manager
-            .sign_proxy_bls(
-                &request.proxy,
-                &request.object_root,
-                Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce: request.nonce }),
-            )
-            .await
-            .map(|sig| {
-                Json(BlsSignResponse::new(
-                    request.proxy,
-                    request.object_root,
-                    signing_id,
-                    request.nonce,
-                    local_manager.get_chain().id(),
-                    sig,
-                ))
-                .into_response()
-            }),
-        SigningManager::Dirk(dirk_manager) => dirk_manager
-            .request_proxy_signature(
-                &request.proxy,
-                &request.object_root,
-                Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce: request.nonce }),
-            )
-            .await
-            .map(|sig| {
-                Json(BlsSignResponse::new(
-                    request.proxy,
-                    request.object_root,
-                    signing_id,
-                    request.nonce,
-                    dirk_manager.get_chain().id(),
-                    sig,
-                ))
-                .into_response()
-            }),
-    };
-
-    if let Err(err) = &res {
-        error!(event = "request_signature", ?module_id, ?req_id, "{err}");
+    let chain_id: U256;
+    match &*state.manager.read().await {
+        SigningManager::Local(local_manager) => {
+            chain_id = local_manager.get_chain().id();
+            if is_proxy {
+                local_manager
+                    .sign_proxy_bls(
+                        signing_pubkey,
+                        object_root,
+                        Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce }),
+                    )
+                    .await
+            } else {
+                local_manager
+                    .sign_consensus(
+                        signing_pubkey,
+                        object_root,
+                        Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce }),
+                    )
+                    .await
+            }
+        }
+        SigningManager::Dirk(dirk_manager) => {
+            chain_id = dirk_manager.get_chain().id();
+            dirk_manager
+                .request_proxy_signature(
+                    signing_pubkey,
+                    object_root,
+                    Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce }),
+                )
+                .await
+        }
     }
-
-    res
+    .map(|sig| {
+        Json(BlsSignResponse::new(*signing_pubkey, *object_root, signing_id, nonce, chain_id, sig))
+            .into_response()
+    })
+    .map_err(|err| {
+        error!(event = "request_signature", ?module_id, ?req_id, "{err}");
+        err
+    })
 }
 
 /// Validates an ECDSA key signature request using a proxy key and returns the
@@ -442,27 +423,23 @@ async fn handle_request_signature_proxy_ecdsa(
     };
     debug!(event = "proxy_ecdsa_request_signature", ?module_id, %request, ?req_id, "New request");
 
-    let manager = state.manager.read().await;
-    let res = match &*manager {
-        SigningManager::Local(local_manager) => local_manager
-            .sign_proxy_ecdsa(
-                &request.proxy,
-                &request.object_root,
-                Some(&SignatureRequestInfo { module_signing_id: signing_id, nonce: request.nonce }),
-            )
-            .await
-            .map(|sig| {
-                Json(EcdsaSignResponse::new(
-                    request.proxy,
-                    request.object_root,
-                    signing_id,
-                    request.nonce,
-                    local_manager.get_chain().id(),
-                    sig,
-                ))
-                .into_response()
-            }),
+    let chain_id: U256;
+    match &*state.manager.read().await {
+        SigningManager::Local(local_manager) => {
+            chain_id = local_manager.get_chain().id();
+            local_manager
+                .sign_proxy_ecdsa(
+                    &request.proxy,
+                    &request.object_root,
+                    Some(&SignatureRequestInfo {
+                        module_signing_id: signing_id,
+                        nonce: request.nonce,
+                    }),
+                )
+                .await
+        }
         SigningManager::Dirk(_) => {
+            chain_id = U256::ZERO; // Dirk does not support ECDSA proxy signing
             error!(
                 event = "request_signature",
                 ?module_id,
@@ -471,13 +448,22 @@ async fn handle_request_signature_proxy_ecdsa(
             );
             Err(SignerModuleError::DirkNotSupported)
         }
-    };
-
-    if let Err(err) = &res {
-        error!(event = "request_signature", ?module_id, ?req_id, "{err}");
     }
-
-    res
+    .map(|sig| {
+        Json(EcdsaSignResponse::new(
+            request.proxy,
+            request.object_root,
+            signing_id,
+            request.nonce,
+            chain_id,
+            sig,
+        ))
+        .into_response()
+    })
+    .map_err(|err| {
+        error!(event = "request_signature", ?module_id, ?req_id, "{err}");
+        err
+    })
 }
 
 async fn handle_generate_proxy(
