feat(crypto): CRP-2618 require omitting pre_signature_to_create_in_advance for vetKD #7981
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…nce for vetKD in proposals
fspreiss
changed the title
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
mbjorkqvist
approved these changes
Dec 17, 2025
Contributor
mbjorkqvist
left a comment
mbjorkqvist
left a comment
There was a problem hiding this comment.
Rubber-stamping DeFi change!
fspreiss
dismissed
github-actions[bot]’s stale review
- Done (updated unreleased_changelog.md).
- No breaking changes, given that the
KeyConfig::pre_signatures_to_create_in_advancefield in the registry canister API was alreadyoptional. - No data migration needed.
- No security review needed as not security critical.
eichhorl
reviewed
Dec 17, 2025
michael-weigelt
approved these changes
Dec 17, 2025
eichhorl
approved these changes
Dec 18, 2025
daniel-wong-dfinity-org
approved these changes
Jan 5, 2026
daniel-wong-dfinity-org
approved these changes
Jan 7, 2026
Contributor
daniel-wong-dfinity-org
left a comment
daniel-wong-dfinity-org
left a comment
There was a problem hiding this comment.
Still approved.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adapts the registry canister and ic-admin so that for {Create|Update|Recover}SubnetPayload the
KeyConfig'spre_signatures_to_create_in_advancefield is no longer needed/allowed for vetKD keys (and generally for keys that don't have pre-signatures). So far, this field was always required, and for vetKD keys this was confusing because vetKD doesn't have the concept of pre-signatures.The protobuf representation in the registry is unchanged, because there the
pre_signatures_to_create_in_advancefield was already optional. For existing registry entries for vetKD keys, the currently set value of 0 remains unchanged, while new entries that are created in the future will not have the field set any more.This change is possible now that the registry canister was recently adapted (see Proposal 139679) to allow omitting
pre_signatures_to_create_in_advancefor keys that don't require it (#7859).An alternative to this approach here would be to turn the
ChainKeyConfig'sKeyConfiginto a protobuf enum. However, this would require an involved multi-step migration of registry data structures.