Commit-Boost · ltitanb · Dec 2, 2024 · Nov 22, 2024 · Nov 25, 2024 · Nov 25, 2024
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -55,6 +55,9 @@ toml = "0.8.13"
 serde = { version = "1.0.202", features = ["derive"] }
 serde_json = "1.0.117"
 serde_yaml = "0.9.33"
+hex = "0.4"
+base64 = "0.22.1"
+unicode-normalization = "0.1.24"
 
 # telemetry
 tracing = "0.1.40"
@@ -68,6 +71,11 @@ tree_hash = "0.8"
 tree_hash_derive = "0.8"
 eth2_keystore = { git = "https://github.com/sigp/lighthouse", rev = "9e12c21f268c80a3f002ae0ca27477f9f512eb6f" }
 k256 = "0.13"
+aes = "0.8"
+ctr = "0.9.2"
+cipher = "0.4"
+pbkdf2 = "0.12.2"
+sha2 = "0.10.8"
 
 # docker
 docker-compose-types = "0.12.0"

diff --git a/config.example.toml b/config.example.toml
@@ -125,10 +125,12 @@ headers = { X-MyCustomHeader = "ADifferentCustomValue" }
 docker_image = "ghcr.io/commit-boost/signer:latest"
 # Configuration for how the Signer module should load validator keys. Currently two types of loaders are supported:
 #   - File: load keys from a plain text file (unsafe, use only for testing purposes)
-#   - ValidatorsDir: load keys from a `keys` and `secrets` folder (ERC-2335 style keystores as used in Lighthouse)
+#   - ValidatorsDir: load keys from a `keys` and `secrets` file/folder (ERC-2335 style keystores)
 [signer.loader]
 # File: path to the keys file
 key_path = "./keys.example.json"
+# ValidatorsDir: format of the keystore (Lighthouse, Prysm, Teku or Lodestar)
+# format = "Lighthouse"
 # ValidatorsDir: path to the keys directory
 # keys_path = ""
 # ValidatorsDir: path to the secrets directory

diff --git a/crates/cli/src/docker_init.rs b/crates/cli/src/docker_init.rs
@@ -9,9 +9,10 @@ use cb_common::{
         CommitBoostConfig, LogsSettings, ModuleKind, BUILDER_PORT_ENV, BUILDER_URLS_ENV,
         CHAIN_SPEC_ENV, CONFIG_DEFAULT, CONFIG_ENV, JWTS_ENV, LOGS_DIR_DEFAULT, LOGS_DIR_ENV,
         METRICS_PORT_ENV, MODULE_ID_ENV, MODULE_JWT_ENV, PBS_ENDPOINT_ENV, PBS_MODULE_NAME,
-        PROXY_DIR_DEFAULT, PROXY_DIR_ENV, SIGNER_DEFAULT, SIGNER_DIR_KEYS_DEFAULT,
-        SIGNER_DIR_KEYS_ENV, SIGNER_DIR_SECRETS_DEFAULT, SIGNER_DIR_SECRETS_ENV, SIGNER_KEYS_ENV,
-        SIGNER_MODULE_NAME, SIGNER_PORT_ENV, SIGNER_URL_ENV,
+        PROXY_DIR_DEFAULT, PROXY_DIR_ENV, SIGNER_DEFAULT, SIGNER_DIR_FORMAT_DEFAULT,
+        SIGNER_DIR_FORMAT_ENV, SIGNER_DIR_KEYS_DEFAULT, SIGNER_DIR_KEYS_ENV,
+        SIGNER_DIR_SECRETS_DEFAULT, SIGNER_DIR_SECRETS_ENV, SIGNER_KEYS_ENV, SIGNER_MODULE_NAME,
+        SIGNER_PORT_ENV, SIGNER_URL_ENV,
     },
     signer::{ProxyStore, SignerLoader},
     types::ModuleId,
@@ -319,7 +320,7 @@ pub fn handle_docker_init(config_path: String, output_dir: String) -> Result<()>
                     let (k, v) = get_env_val(SIGNER_KEYS_ENV, SIGNER_DEFAULT);
                     signer_envs.insert(k, v);
                 }
-                SignerLoader::ValidatorsDir { keys_path, secrets_path } => {
+                SignerLoader::ValidatorsDir { keys_path, secrets_path, format: _ } => {
                     volumes.push(Volumes::Simple(format!(
                         "{}:{}:ro",
                         keys_path.display(),
@@ -335,6 +336,9 @@ pub fn handle_docker_init(config_path: String, output_dir: String) -> Result<()>
                     )));
                     let (k, v) = get_env_val(SIGNER_DIR_SECRETS_ENV, SIGNER_DIR_SECRETS_DEFAULT);
                     signer_envs.insert(k, v);
+
+                    let (k, v) = get_env_val(SIGNER_DIR_FORMAT_ENV, SIGNER_DIR_FORMAT_DEFAULT);
+                    signer_envs.insert(k, v);
                 }
             };
 

diff --git a/crates/common/Cargo.toml b/crates/common/Cargo.toml
@@ -35,6 +35,11 @@ tree_hash.workspace = true
 tree_hash_derive.workspace = true
 eth2_keystore.workspace = true
 k256.workspace = true
+aes.workspace = true
+ctr.workspace = true
+cipher.workspace = true
+pbkdf2.workspace = true
+sha2.workspace = true
 
 # misc
 thiserror.workspace = true
@@ -43,3 +48,7 @@ url.workspace = true
 rand.workspace = true
 bimap.workspace = true
 derive_more.workspace = true
+
+unicode-normalization.workspace = true
+hex.workspace = true
+base64.workspace = true
diff --git a/crates/common/src/config/constants.rs b/crates/common/src/config/constants.rs
@@ -45,6 +45,9 @@ pub const SIGNER_DIR_KEYS_DEFAULT: &str = "/keys";
 /// Path to `secrets` folder
 pub const SIGNER_DIR_SECRETS_ENV: &str = "CB_SIGNER_LOADER_SECRETS_DIR";
 pub const SIGNER_DIR_SECRETS_DEFAULT: &str = "/secrets";
+/// Format of the directory structure for keys
+pub const SIGNER_DIR_FORMAT_ENV: &str = "CB_SIGNER_LOADER_FORMAT";
+pub const SIGNER_DIR_FORMAT_DEFAULT: &str = "lighthouse";
 /// Path to store proxies
 pub const PROXY_DIR_ENV: &str = "CB_PROXY_STORE_DIR";
 pub const PROXY_DIR_DEFAULT: &str = "/proxies";