Merge pull request #441 from EspressoSystems/ak/key-reshare

Introduce resharing and committee switch in Decrypter

Author: akonring

Cargo.lock

@@ -28,12 +28,10 @@ rust-version = "1.85.0"
 [workspace.dependencies]
 aes-gcm = { version = "0.10.3" }
 alloy = { version = "1.0", features = ["default", "arbitrary", "k256", "serde", "rlp"] }
-alloy-signer = "1.0"
-alloy-chains = "0.2"
 # derive feature is not exposed via `alloy`, thus has to explicitly declare here
 alloy-rlp = { version = "0.3.12", features = ["derive"] }
 anyhow = "1.0.89"
-arbitrary = "1.4.1"
+arbitrary = { version = "1", features = ["derive"] }
 arbtest = "0.3.2"
 ark-bls12-381 = "0.5"
 ark-bn254 = "0.5"

Cargo.toml

@@ -14,7 +14,6 @@ bincode = { workspace = true }
 bs58 = { workspace = true }
 committable = { workspace = true }
 constant_time_eq = { workspace = true }
-data-encoding = { workspace = true }
 ed25519-compact = { workspace = true }
 either = { workspace = true }
 rayon = { workspace = true }

multisig/Cargo.toml

@@ -6,11 +6,10 @@ edition.workspace = true
 rust-version.workspace = true
 
 [dependencies]
-arbitrary = { workspace = true, optional = true }
+arbitrary = { workspace = true, optional = true, features = ["derive"] }
 arrayvec = { workspace = true }
 async-trait = { workspace = true }
 bincode = { workspace = true }
-bytes = { workspace = true }
 committable = { workspace = true }
 multisig = { path = "../multisig" }
 serde = { workspace = true }

sailfish-types/Cargo.toml

@@ -115,6 +115,11 @@ impl<T: Committable, C: Comm<T> + Send> Coordinator<T, C> {
         matches!(self.state, State::Running | State::AwaitHandover)
     }
 
+    /// Is this coordinator started in a handover state?
+    pub fn awaits_handover(&self) -> bool {
+        matches!(self.state, State::AwaitHandover)
+    }
+
     /// The public key of this coordinator.
     pub fn public_key(&self) -> PublicKey {
         self.key

sailfish/src/coordinator.rs

@@ -13,9 +13,9 @@ use multisig::{Committee, x25519};
 use sailfish_types::UNKNOWN_COMMITTEE_ID;
 use timeboost::types::BundleVariant;
 use timeboost_builder::CertifierConfig;
-use timeboost_crypto::prelude::{DkgDecKey, ThresholdEncKeyCell};
+use timeboost_crypto::prelude::DkgDecKey;
 use timeboost_sequencer::SequencerConfig;
-use timeboost_types::{ChainConfig, DkgKeyStore};
+use timeboost_types::{ChainConfig, DecryptionKeyCell, KeyStore};
 use timeboost_utils::load_generation::make_bundle;
 use tokio::sync::broadcast;
 use tokio::time::{Duration, sleep};
@@ -25,7 +25,10 @@ use url::Url;
 fn make_configs<R>(
     size: NonZeroUsize,
     recover_index: R,
-) -> (ThresholdEncKeyCell, Vec<(SequencerConfig, CertifierConfig)>)
+) -> (
+    Vec<DecryptionKeyCell>,
+    Vec<(SequencerConfig, CertifierConfig)>,
+)
 where
     R: Into<Option<usize>>,
 {
@@ -77,7 +80,7 @@ where
             .map(|(kp, xp, _, _, _, pa, ..)| (kp.public_key(), xp.public_key(), pa.clone())),
     );
 
-    let dkg_keystore = DkgKeyStore::new(
+    let key_store = KeyStore::new(
         committee.clone(),
         parts
             .iter()
@@ -86,23 +89,22 @@ where
     );
 
     let mut cfgs = Vec::new();
+    let mut enc_keys = Vec::new();
     let recover_index = recover_index.into();
 
-    let enc_key = ThresholdEncKeyCell::new();
-
     for (i, (kpair, xpair, dkg_sk, sa, da, pa)) in parts.into_iter().enumerate() {
+        let enc_key = DecryptionKeyCell::new();
         let conf = SequencerConfig::builder()
             .sign_keypair(kpair.clone())
             .dh_keypair(xpair.clone())
             .dkg_key(dkg_sk)
-            .dkg_keystore(dkg_keystore.clone())
             .sailfish_addr(sa)
             .decrypt_addr(da)
             .sailfish_committee(sailfish_committee.clone())
-            .decrypt_committee(decrypt_committee.clone())
+            .decrypt_committee((decrypt_committee.clone(), key_store.clone()))
             .recover(recover_index.map(|r| r == i).unwrap_or(false))
             .leash_len(100)
-            .threshold_enc_key(enc_key.clone())
+            .threshold_dec_key(enc_key.clone())
             .chain_config(ChainConfig::new(
                 1,
                 "https://theserversroom.com/ethereum/54cmzzhcj1o/"
@@ -118,16 +120,17 @@ where
             .address(pa)
             .committee(produce_committee.clone())
             .build();
+        enc_keys.push(enc_key);
         cfgs.push((conf, pcf));
     }
 
-    (enc_key, cfgs)
+    (enc_keys, cfgs)
 }
 
 /// Generate random bundles at a fixed frequency.
-async fn gen_bundles(enc_key: ThresholdEncKeyCell, tx: broadcast::Sender<BundleVariant>) {
+async fn gen_bundles(enc_key: DecryptionKeyCell, tx: broadcast::Sender<BundleVariant>) {
     loop {
-        let Ok(b) = make_bundle(&enc_key) else {
+        let Ok(b) = make_bundle(enc_key.read().await.pubkey()) else {
             warn!("Failed to generate bundle");
             continue;
         };

tests/src/tests/timeboost.rs

@@ -27,7 +27,7 @@ async fn block_order() {
     init_logging();
 
     let num = NonZeroUsize::new(5).unwrap();
-    let (enc_key, cfg) = make_configs(num, RECOVER_INDEX);
+    let (enc_keys, cfg) = make_configs(num, RECOVER_INDEX);
 
     let mut rxs = Vec::new();
     let mut tasks = JoinSet::new();
@@ -74,10 +74,11 @@ async fn block_order() {
         rxs.push(rx)
     }
 
-    enc_key.read().await;
-    tracing::info!("DKG done");
+    for enc_key in &enc_keys {
+        enc_key.read().await;
+    }
 
-    tasks.spawn(gen_bundles(enc_key, bcast.clone()));
+    tasks.spawn(gen_bundles(enc_keys[0].clone(), bcast.clone()));
 
     // Collect all outputs:
     let mut outputs: Vec<Vec<BlockInfo>> = vec![Vec::new(); num.get()];

tests/src/tests/timeboost/block_order.rs

@@ -14,9 +14,9 @@ use sailfish::consensus::Consensus;
 use sailfish::rbc::Rbc;
 use sailfish::types::{ConsensusTime, RoundNumber, Timestamp};
 use sailfish::{Coordinator, Event};
-use timeboost_crypto::prelude::{DkgDecKey, ThresholdEncKeyCell};
+use timeboost_crypto::prelude::DkgDecKey;
 use timeboost_sequencer::SequencerConfig;
-use timeboost_types::{ChainConfig, DkgKeyStore};
+use timeboost_types::{ChainConfig, DecryptionKeyCell, KeyStore};
 use timeboost_utils::types::logging::init_logging;
 use tokio::select;
 use tokio::sync::{broadcast, mpsc};
@@ -119,15 +119,15 @@ where
         .map(|_| DkgDecKey::generate())
         .collect::<Vec<_>>();
 
-    let dkg_keystore = DkgKeyStore::new(
+    let key_store = KeyStore::new(
         committee.clone(),
         dkg_keys
             .iter()
             .enumerate()
             .map(|(i, sk)| (i as u8, sk.into())),
     );
 
-    let enc_key = ThresholdEncKeyCell::new();
+    let enc_key = DecryptionKeyCell::new();
 
     sign_keys
         .into_iter()
@@ -140,17 +140,19 @@ where
                 .sign_keypair(k)
                 .dh_keypair(x)
                 .dkg_key(dkg_key)
-                .dkg_keystore(dkg_keystore.clone())
                 .sailfish_addr(sa)
                 .decrypt_addr(da)
                 .sailfish_committee(sf_committee.clone())
-                .decrypt_committee(de_committee.clone())
+                .decrypt_committee((de_committee.clone(), key_store.clone()))
                 .maybe_previous_sailfish_committee(
                     set_prev.then(|| prev[0].sailfish_committee().clone()),
                 )
+                .maybe_previous_decrypt_committee(
+                    set_prev.then(|| prev[0].decrypt_committee().clone()),
+                )
                 .recover(false)
                 .leash_len(100)
-                .threshold_enc_key(enc_key.clone())
+                .threshold_dec_key(enc_key.clone())
                 .chain_config(ChainConfig::new(
                     1,
                     "https://theserversroom.com/ethereum/54cmzzhcj1o/"

tests/src/tests/timeboost/handover.rs

@@ -28,7 +28,7 @@ async fn transaction_order() {
     init_logging();
 
     let num = NonZeroUsize::new(5).unwrap();
-    let (enc_key, cfg) = make_configs(num, RECOVER_INDEX);
+    let (enc_keys, cfg) = make_configs(num, RECOVER_INDEX);
 
     let mut rxs = Vec::new();
     let mut tasks = JoinSet::new();
@@ -73,10 +73,11 @@ async fn transaction_order() {
         rxs.push(rx)
     }
 
-    enc_key.read().await;
-    tracing::info!("DKG done");
+    for enc_key in &enc_keys {
+        enc_key.read().await;
+    }
 
-    tasks.spawn(gen_bundles(enc_key, bcast.clone()));
+    tasks.spawn(gen_bundles(enc_keys[0].clone(), bcast.clone()));
 
     for _ in 0..NUM_OF_TRANSACTIONS {
         let first = rxs[0].recv().await.unwrap();

tests/src/tests/timeboost/transaction_order.rs

@@ -19,7 +19,6 @@ robusta = { path = "../robusta" }
 serde = { workspace = true }
 smallvec = { workspace = true }
 thiserror = { workspace = true }
-timeboost-proto = { path = "../timeboost-proto" }
 timeboost-types = { path = "../timeboost-types" }
 tokio = { workspace = true }
 tokio-util = { workspace = true }