Merge pull request #1164 from input-output-hk/damien/668/protocol-key-for-verification-key-signature

Protocol key for verification key signature

Author: dlachaume

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "mithril-aggregator"
-version = "0.3.69"
+version = "0.3.70"
 description = "A Mithril Aggregator server"
 authors = { workspace = true }
 edition = { workspace = true }

mithril-aggregator/Cargo.toml

@@ -55,7 +55,9 @@ impl SignerRegistrationRecord {
             signer_id: other.party_id,
             epoch_setting_id: epoch,
             verification_key: other.verification_key.to_json_hex().unwrap(),
-            verification_key_signature: other.verification_key_signature,
+            verification_key_signature: other
+                .verification_key_signature
+                .map(|k| k.to_json_hex().unwrap()),
             operational_certificate: other
                 .operational_certificate
                 .map(|o| o.to_json_hex().unwrap()),
@@ -71,7 +73,9 @@ impl From<SignerRegistrationRecord> for Signer {
         Self {
             party_id: other.signer_id,
             verification_key: other.verification_key.try_into().unwrap(),
-            verification_key_signature: other.verification_key_signature,
+            verification_key_signature: other
+                .verification_key_signature
+                .map(|k| (k.try_into().unwrap())),
             operational_certificate: other
                 .operational_certificate
                 .map(|o| (o.try_into().unwrap())),
@@ -85,7 +89,9 @@ impl From<SignerRegistrationRecord> for SignerWithStake {
         Self {
             party_id: other.signer_id,
             verification_key: other.verification_key.try_into().unwrap(),
-            verification_key_signature: other.verification_key_signature,
+            verification_key_signature: other
+                .verification_key_signature
+                .map(|k| (k.try_into().unwrap())),
             operational_certificate: other
                 .operational_certificate
                 .map(|o| (o.try_into().unwrap())),

mithril-aggregator/src/database/provider/signer_registration.rs

@@ -13,7 +13,10 @@ impl TryFromMessageAdapter<RegisterSignerMessage, Signer> for FromRegisterSigner
         Ok(Signer {
             party_id: register_signer_message.party_id,
             verification_key: register_signer_message.verification_key.try_into()?,
-            verification_key_signature: register_signer_message.verification_key_signature,
+            verification_key_signature: match register_signer_message.verification_key_signature {
+                Some(verification_key_signature) => Some(verification_key_signature.try_into()?),
+                _ => None,
+            },
             operational_certificate: match register_signer_message.operational_certificate {
                 Some(operational_certificate) => Some(operational_certificate.try_into()?),
                 _ => None,

mithril-aggregator/src/message_adapters/from_register_signer.rs

@@ -29,7 +29,9 @@ impl ToCertificatePendingMessageAdapter {
             .map(|signer| SignerMessage {
                 party_id: signer.party_id,
                 verification_key: signer.verification_key.try_into().unwrap(),
-                verification_key_signature: signer.verification_key_signature,
+                verification_key_signature: signer
+                    .verification_key_signature
+                    .map(|k| k.try_into().unwrap()),
                 kes_period: signer.kes_period,
                 operational_certificate: signer
                     .operational_certificate

mithril-aggregator/src/message_adapters/to_certificate_pending_message.rs

@@ -5,9 +5,7 @@ use tokio::sync::RwLock;
 
 use mithril_common::{
     chain_observer::ChainObserver,
-    crypto_helper::{
-        key_decode_hex, KESPeriod, ProtocolKeyRegistration, ProtocolRegistrationError,
-    },
+    crypto_helper::{KESPeriod, ProtocolKeyRegistration, ProtocolRegistrationError},
     entities::{Epoch, Signer, SignerWithStake, StakeDistribution},
     store::StoreError,
     StdResult,
@@ -224,18 +222,7 @@ impl SignerRegisterer for MithrilSignerRegisterer {
             "" => None,
             party_id => Some(party_id.to_string()),
         };
-        let verification_key_signature = match &signer.verification_key_signature {
-            Some(verification_key_signature) => Some(
-                key_decode_hex(verification_key_signature)
-                    .map_err(SignerRegistrationError::Codec)?,
-            ),
-            _ => None,
-        };
-        let operational_certificate = signer
-            .operational_certificate
-            .as_ref()
-            .map(|op_cert| op_cert.to_owned().into());
-        let kes_period = match &operational_certificate {
+        let kes_period = match &signer.operational_certificate {
             Some(operational_certificate) => Some(
                 self.chain_observer
                     .get_current_kes_period(operational_certificate)
@@ -248,8 +235,8 @@ impl SignerRegisterer for MithrilSignerRegisterer {
         };
         let party_id_save = key_registration.register(
             party_id_register.clone(),
-            operational_certificate,
-            verification_key_signature,
+            signer.operational_certificate.clone(),
+            signer.verification_key_signature.clone(),
             kes_period,
             signer.verification_key.clone(),
         )?;

mithril-aggregator/src/signer_registerer.rs

@@ -1,6 +1,6 @@
 [package]
 name = "mithril-common"
-version = "0.2.91"
+version = "0.2.92"
 authors = { workspace = true }
 edition = { workspace = true }
 documentation = { workspace = true }

mithril-common/Cargo.toml

@@ -4,11 +4,12 @@
 //! guarantees that mithril-stm will not be misused in the context of Cardano.  
 
 use crate::crypto_helper::{
-    cardano::{OpCert, ParseError, SerDeShelleyFileFormat},
+    cardano::{ParseError, SerDeShelleyFileFormat},
     types::{
         ProtocolParameters, ProtocolPartyId, ProtocolSignerVerificationKey,
         ProtocolSignerVerificationKeySignature, ProtocolStakeDistribution,
     },
+    ProtocolOpCert,
 };
 
 use mithril_stm::key_reg::{ClosedKeyReg, KeyReg};
@@ -143,7 +144,11 @@ impl StmInitializerWrapper {
                     .map_err(|_| ProtocolInitializerErrorWrapper::KesUpdate(period))?;
             }
 
-            Some(kes_sk.sign(&stm_initializer.verification_key().to_bytes()))
+            Some(
+                kes_sk
+                    .sign(&stm_initializer.verification_key().to_bytes())
+                    .into(),
+            )
         } else {
             println!("WARNING: Non certified signer registration by providing only a Pool Id is decommissionned and must be used for tests only!");
             None
@@ -162,7 +167,7 @@ impl StmInitializerWrapper {
 
     /// Extract the verification key signature.
     pub fn verification_key_signature(&self) -> Option<ProtocolSignerVerificationKeySignature> {
-        self.kes_signature
+        self.kes_signature.clone()
     }
 
     /// Extract the protocol parameters of the initializer
@@ -215,7 +220,7 @@ impl StmInitializerWrapper {
 
         Ok(Self {
             stm_initializer,
-            kes_signature: Some(kes_signature),
+            kes_signature: Some(kes_signature.into()),
         })
     }
 }
@@ -236,7 +241,7 @@ impl KeyRegWrapper {
     pub fn register(
         &mut self,
         party_id: Option<ProtocolPartyId>, // TODO: Parameter should be removed once the signer certification is fully deployed
-        opcert: Option<OpCert>, // TODO: Option should be removed once the signer certification is fully deployed
+        opcert: Option<ProtocolOpCert>, // TODO: Option should be removed once the signer certification is fully deployed
         kes_sig: Option<ProtocolSignerVerificationKeySignature>, // TODO: Option should be removed once the signer certification is fully deployed
         kes_period: Option<KESPeriod>,
         pk: ProtocolSignerVerificationKey,
@@ -295,7 +300,7 @@ impl KeyRegWrapper {
 mod test {
 
     use super::*;
-    use crate::crypto_helper::cardano::ColdKeyGenerator;
+    use crate::crypto_helper::{cardano::ColdKeyGenerator, OpCert};
 
     use rand_chacha::ChaCha20Rng;
     use rand_core::SeedableRng;
@@ -356,8 +361,9 @@ mod test {
         )
         .unwrap();
 
-        let opcert1: OpCert = OpCert::from_file(operational_certificate_file_1)
-            .expect("opcert deserialization should not fail");
+        let opcert1 = OpCert::from_file(operational_certificate_file_1)
+            .expect("opcert deserialization should not fail")
+            .into();
 
         let key_registration_1 = key_reg.register(
             None,
@@ -377,8 +383,9 @@ mod test {
         )
         .unwrap();
 
-        let opcert2: OpCert = OpCert::from_file(operational_certificate_file_2)
-            .expect("opcert deserialization should not fail");
+        let opcert2 = OpCert::from_file(operational_certificate_file_2)
+            .expect("opcert deserialization should not fail")
+            .into();
 
         let key_registration_2 = key_reg.register(
             None,

mithril-common/src/crypto_helper/cardano/key_certification.rs

@@ -85,23 +85,18 @@ fn setup_signer_with_stake(
     SignerWithStake::new(
         party_id.to_owned(),
         protocol_initializer.verification_key().into(),
-        protocol_initializer
-            .verification_key_signature()
-            .as_ref()
-            .map(|verification_key_signature| {
-                key_encode_hex(verification_key_signature)
-                    .expect("key_encode_hex of verification_key_signature should not fail")
-            }),
+        protocol_initializer.verification_key_signature(),
         operational_certificate,
         kes_period,
         stake,
     )
 }
 
-fn decode_op_cert_in_dir(dir: Option<PathBuf>) -> Option<OpCert> {
+fn decode_op_cert_in_dir(dir: Option<PathBuf>) -> Option<ProtocolOpCert> {
     dir.as_ref().map(|dir| {
         OpCert::from_file(dir.join("opcert.cert"))
             .expect("operational certificate decoding should not fail")
+            .into()
     })
 }
 
@@ -128,7 +123,7 @@ pub fn setup_signers_from_stake_distribution(
             party_id,
             *stake,
             &protocol_initializer,
-            operational_certificate.as_ref().map(|o| o.clone().into()),
+            operational_certificate.clone(),
             kes_period,
         );
 

mithril-common/src/crypto_helper/tests_setup.rs

@@ -11,7 +11,6 @@ use mithril_stm::{
 
 use blake2::{digest::consts::U32, Blake2b};
 use ed25519_dalek;
-use kes_summed_ed25519::kes::Sum6KesSig;
 
 /// A protocol version
 pub type ProtocolVersion<'a> = &'a str;
@@ -49,9 +48,6 @@ pub type ProtocolKeyRegistration = KeyRegWrapper;
 /// Alias of a wrapper of [MithrilStm:ClosedKeyReg](struct@mithril_stm::key_reg::KeyReg).
 pub type ProtocolClosedKeyRegistration = ClosedKeyReg<D>;
 
-/// Alias of [KES:Sum6KesSig](https://github.com/input-output-hk/kes/blob/master/src/kes.rs).
-pub type ProtocolSignerVerificationKeySignature = Sum6KesSig;
-
 /// Alias of [MithrilStm:StmAggrVerificationKey](struct@mithril_stm::stm::StmAggrVerificationKey).
 pub type ProtocolAggregateVerificationKey = StmAggrVerificationKey<D>;