Merge pull request #1167 from input-output-hk/damien/668/protocol-key-for-genesis-keys

Protocol key for genesis keys

Author: dlachaume

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "mithril-aggregator"
-version = "0.3.71"
+version = "0.3.72"
 description = "A Mithril Aggregator server"
 authors = { workspace = true }
 edition = { workspace = true }

mithril-aggregator/Cargo.toml

@@ -1,8 +1,8 @@
-use anyhow::{anyhow, Context};
+use anyhow::Context;
 use clap::{Parser, Subcommand};
 use config::{builder::DefaultState, ConfigBuilder};
 use mithril_common::{
-    crypto_helper::{key_decode_hex, ProtocolGenesisSigner},
+    crypto_helper::{ProtocolGenesisSecretKey, ProtocolGenesisSigner},
     entities::HexEncodedGenesisSecretKey,
     StdResult,
 };
@@ -175,8 +175,8 @@ impl BootstrapGenesisSubCommand {
         let genesis_tools = GenesisTools::from_dependencies(dependencies)
             .await
             .with_context(|| "genesis-tools: initialization error")?;
-        let genesis_secret_key = key_decode_hex(&self.genesis_secret_key)
-            .map_err(|e| anyhow!(e).context("json hex decode of genesis secret key failure"))?;
+        let genesis_secret_key = ProtocolGenesisSecretKey::from_json_hex(&self.genesis_secret_key)
+            .with_context(|| "json hex decode of genesis secret key failure")?;
         let genesis_signer = ProtocolGenesisSigner::from_secret_key(genesis_secret_key);
         genesis_tools
             .bootstrap_test_genesis_certificate(genesis_signer)

mithril-aggregator/src/commands/genesis_command.rs

@@ -1,5 +1,5 @@
 use config::{ConfigError, Map, Source, Value, ValueKind};
-use mithril_common::crypto_helper::{key_encode_hex, ProtocolGenesisSigner};
+use mithril_common::crypto_helper::ProtocolGenesisSigner;
 use mithril_common::era::adapters::EraReaderAdapterType;
 use serde::{Deserialize, Serialize};
 use std::path::PathBuf;
@@ -143,7 +143,7 @@ impl Configuration {
             db_directory: PathBuf::new(),
             snapshot_directory: PathBuf::new(),
             data_stores_directory: PathBuf::from(":memory:"),
-            genesis_verification_key: key_encode_hex(genesis_verification_key).unwrap(),
+            genesis_verification_key: genesis_verification_key.to_json_hex().unwrap(),
             reset_digests_cache: false,
             disable_digests_cache: false,
             store_retention_limit: None,

mithril-aggregator/src/configuration.rs

@@ -4,7 +4,9 @@ use mithril_common::{
     api_version::APIVersionProvider,
     certificate_chain::{CertificateVerifier, MithrilCertificateVerifier},
     chain_observer::{CardanoCliChainObserver, CardanoCliRunner, ChainObserver, FakeObserver},
-    crypto_helper::{key_decode_hex, ProtocolGenesisSigner, ProtocolGenesisVerifier},
+    crypto_helper::{
+        ProtocolGenesisSigner, ProtocolGenesisVerificationKey, ProtocolGenesisVerifier,
+    },
     database::{ApplicationNodeType, DatabaseVersionChecker},
     digesters::{
         cache::{ImmutableFileDigestCacheProvider, JsonImmutableFileDigestCacheProviderBuilder},
@@ -617,14 +619,15 @@ impl DependenciesBuilder {
     async fn build_genesis_verifier(&mut self) -> Result<Arc<ProtocolGenesisVerifier>> {
         let genesis_verifier: ProtocolGenesisVerifier = match self.configuration.environment {
             ExecutionEnvironment::Production => ProtocolGenesisVerifier::from_verification_key(
-                key_decode_hex(&self.configuration.genesis_verification_key).map_err(|e| {
-                    DependenciesBuilderError::Initialization {
-                        message: format!(
-                            "Could not decode hex key to build genesis verifier: '{}' Error: {e}.",
-                            self.configuration.genesis_verification_key
-                        ),
-                        error: None,
-                    }
+                ProtocolGenesisVerificationKey::from_json_hex(
+                    &self.configuration.genesis_verification_key,
+                )
+                .map_err(|e| DependenciesBuilderError::Initialization {
+                    message: format!(
+                        "Could not decode hex key to build genesis verifier: '{}'",
+                        self.configuration.genesis_verification_key
+                    ),
+                    error: Some(e),
                 })?,
             ),
             _ => ProtocolGenesisSigner::create_deterministic_genesis_signer()

mithril-aggregator/src/dependency_injection/builder.rs

@@ -236,9 +236,9 @@ impl SignerRegisterer for MithrilSignerRegisterer {
         let party_id_save = key_registration.register(
             party_id_register.clone(),
             signer.operational_certificate.clone(),
-            signer.verification_key_signature.clone(),
+            signer.verification_key_signature,
             kes_period,
-            signer.verification_key.clone(),
+            signer.verification_key,
         )?;
         let mut signer_save = SignerWithStake::from_signer(
             signer.to_owned(),

mithril-aggregator/src/signer_registerer.rs

@@ -1,4 +1,4 @@
-use anyhow::anyhow;
+use anyhow::{anyhow, Context};
 use std::{fs::File, io::prelude::*, io::Write, path::Path, sync::Arc};
 use tokio::sync::RwLock;
 
@@ -139,8 +139,10 @@ impl GenesisTools {
         let mut genesis_secret_key_serialized = String::new();
         genesis_secret_key_file.read_to_string(&mut genesis_secret_key_serialized)?;
 
-        let genesis_secret_key = key_decode_hex(genesis_secret_key_serialized.trim())
-            .map_err(|e| anyhow!(e).context("Genesis secret key decode error"))?;
+        let genesis_secret_key = genesis_secret_key_serialized
+            .trim()
+            .try_into()
+            .with_context(|| "Genesis secret key decode error")?;
         let genesis_signer = ProtocolGenesisSigner::from_secret_key(genesis_secret_key);
 
         let mut to_sign_payload_file = File::open(to_sign_payload_path).unwrap();

mithril-aggregator/src/tools/genesis.rs

@@ -1,6 +1,6 @@
 [package]
 name = "mithril-client"
-version = "0.3.32"
+version = "0.3.33"
 description = "A Mithril Client"
 authors = { workspace = true }
 edition = { workspace = true }

mithril-client/Cargo.toml

@@ -9,7 +9,8 @@ use thiserror::Error;
 use mithril_common::{
     certificate_chain::CertificateVerifier,
     crypto_helper::{
-        key_decode_hex, key_encode_hex, ProtocolAggregateVerificationKey, ProtocolGenesisVerifier,
+        key_encode_hex, ProtocolAggregateVerificationKey, ProtocolGenesisVerificationKey,
+        ProtocolGenesisVerifier,
     },
     entities::{MithrilStakeDistribution, ProtocolMessagePartKey},
     messages::MithrilStakeDistributionListItemMessage,
@@ -141,11 +142,12 @@ impl MithrilStakeDistributionService for AppMithrilStakeDistributionService {
                 )
             })?;
 
-        let genesis_verification_key = key_decode_hex(genesis_verification_key).map_err(|e| {
-            MithrilStakeDistributionServiceError::InvalidParameters(anyhow!(e).context(format!(
-                "Invalid genesis verification key '{genesis_verification_key}'"
-            )))
-        })?;
+        let genesis_verification_key =
+            ProtocolGenesisVerificationKey::from_json_hex(genesis_verification_key)
+                .with_context(|| {
+                    format!("Invalid genesis verification key '{genesis_verification_key}'")
+                })
+                .map_err(MithrilStakeDistributionServiceError::InvalidParameters)?;
         self.certificate_verifier
             .verify_certificate_chain(
                 certificate.clone(),
@@ -309,7 +311,7 @@ mod tests {
             .download(
                 "hash-123",
                 &dirpath,
-                &key_encode_hex(genesis_verification_key).unwrap(),
+                &genesis_verification_key.to_json_hex().unwrap(),
             )
             .await
             .unwrap();
@@ -362,7 +364,7 @@ mod tests {
             .download(
                 "hash-123",
                 &dirpath,
-                &key_encode_hex(genesis_verification_key).unwrap(),
+                &genesis_verification_key.to_json_hex().unwrap(),
             )
             .await
             .unwrap_err();

mithril-client/src/services/mithril_stake_distribution.rs

@@ -1,4 +1,4 @@
-use anyhow::{anyhow, Context};
+use anyhow::Context;
 use async_trait::async_trait;
 use futures::Future;
 use indicatif::{MultiProgress, ProgressBar, ProgressDrawTarget, ProgressState, ProgressStyle};
@@ -15,7 +15,7 @@ use tokio::{select, time::sleep};
 
 use mithril_common::{
     certificate_chain::CertificateVerifier,
-    crypto_helper::{key_decode_hex, ProtocolGenesisVerifier},
+    crypto_helper::{ProtocolGenesisVerificationKey, ProtocolGenesisVerifier},
     digesters::ImmutableDigester,
     entities::{Certificate, ProtocolMessagePartKey, SignedEntity, Snapshot},
     messages::{SnapshotListItemMessage, SnapshotMessage},
@@ -127,11 +127,12 @@ impl MithrilClientSnapshotService {
         genesis_verification_key: &str,
         certificate: &Certificate,
     ) -> StdResult<()> {
-        let genesis_verification_key = key_decode_hex(genesis_verification_key).map_err(|e| {
-            SnapshotServiceError::InvalidParameters(anyhow!(e).context(format!(
-                "Invalid genesis verification key '{genesis_verification_key}'"
-            )))
-        })?;
+        let genesis_verification_key =
+            ProtocolGenesisVerificationKey::from_json_hex(genesis_verification_key)
+                .with_context(|| {
+                    format!("Invalid genesis verification key '{genesis_verification_key}'")
+                })
+                .map_err(SnapshotServiceError::InvalidParameters)?;
         let genesis_verifier =
             ProtocolGenesisVerifier::from_verification_key(genesis_verification_key);
 
@@ -302,7 +303,7 @@ mod tests {
     use config::{builder::DefaultState, ConfigBuilder};
     use flate2::{write::GzEncoder, Compression};
     use mithril_common::{
-        crypto_helper::{key_encode_hex, tests_setup::setup_genesis},
+        crypto_helper::tests_setup::setup_genesis,
         digesters::DumbImmutableDigester,
         messages::{
             CertificateMessage, FromMessageAdapter, SnapshotListItemMessage, SnapshotListMessage,
@@ -548,7 +549,7 @@ mod tests {
             .download(
                 &snapshot,
                 &test_path,
-                &key_encode_hex(genesis_verification_key).unwrap(),
+                &genesis_verification_key.to_json_hex().unwrap(),
                 ProgressDrawTarget::hidden(),
             )
             .await
@@ -588,7 +589,7 @@ mod tests {
             .download(
                 &snapshot,
                 &test_path,
-                &key_encode_hex(genesis_verification_key).unwrap(),
+                &genesis_verification_key.to_json_hex().unwrap(),
                 ProgressDrawTarget::hidden(),
             )
             .await
@@ -634,7 +635,7 @@ mod tests {
             .download(
                 &signed_entity,
                 &test_path,
-                &key_encode_hex(genesis_verification_key).unwrap(),
+                &genesis_verification_key.to_json_hex().unwrap(),
                 ProgressDrawTarget::hidden(),
             )
             .await
@@ -682,7 +683,7 @@ mod tests {
             .download(
                 &snapshot,
                 &test_path,
-                &key_encode_hex(genesis_verification_key).unwrap(),
+                &genesis_verification_key.to_json_hex().unwrap(),
                 ProgressDrawTarget::hidden(),
             )
             .await