Merge pull request #4659 from stacks-network/4595-nakamoto-stacks-signer-should-store-its-dkg-shares-in-stackerdb-to-enable-disaster-recovery

feat: Signer using StackerDB for persisting DKG shares

Author: netrome

Cargo.lock

@@ -33,6 +33,7 @@ tiny_http = "0.12"
 wsts = { workspace = true }
 
 [dev-dependencies]
+mutants = "0.0.3"
 rand_core = { workspace = true }
 rand = { workspace = true }
 

libsigner/Cargo.toml

@@ -38,6 +38,7 @@ use blockstack_lib::net::api::postblock_proposal::{
     BlockValidateReject, BlockValidateResponse, ValidateRejectCode,
 };
 use blockstack_lib::util_lib::boot::boot_code_id;
+use clarity::util::retry::BoundReader;
 use clarity::vm::types::serialization::SerializationError;
 use clarity::vm::types::QualifiedContractIdentifier;
 use hashbrown::{HashMap, HashSet};
@@ -94,14 +95,17 @@ MessageSlotID {
     /// Transactions list for miners and signers to observe
     Transactions = 11,
     /// DKG Results
-    DkgResults = 12
+    DkgResults = 12,
+    /// Persisted encrypted signer state containing DKG shares
+    EncryptedSignerState = 13
 });
 
 define_u8_enum!(SignerMessageTypePrefix {
     BlockResponse = 0,
     Packet = 1,
     Transactions = 2,
-    DkgResults = 3
+    DkgResults = 3,
+    EncryptedSignerState = 4
 });
 
 impl MessageSlotID {
@@ -136,12 +140,14 @@ impl TryFrom<u8> for SignerMessageTypePrefix {
 }
 
 impl From<&SignerMessage> for SignerMessageTypePrefix {
+    #[cfg_attr(test, mutants::skip)]
     fn from(message: &SignerMessage) -> Self {
         match message {
             SignerMessage::Packet(_) => SignerMessageTypePrefix::Packet,
             SignerMessage::BlockResponse(_) => SignerMessageTypePrefix::BlockResponse,
             SignerMessage::Transactions(_) => SignerMessageTypePrefix::Transactions,
             SignerMessage::DkgResults { .. } => SignerMessageTypePrefix::DkgResults,
+            SignerMessage::EncryptedSignerState(_) => SignerMessageTypePrefix::EncryptedSignerState,
         }
     }
 }
@@ -234,9 +240,12 @@ pub enum SignerMessage {
         /// The polynomial commits used to construct the aggregate key
         party_polynomials: Vec<(u32, PolyCommitment)>,
     },
+    /// The encrypted state of the signer to be persisted
+    EncryptedSignerState(Vec<u8>),
 }
 
 impl Debug for SignerMessage {
+    #[cfg_attr(test, mutants::skip)]
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {
             Self::BlockResponse(b) => Debug::fmt(b, f),
@@ -255,12 +264,16 @@ impl Debug for SignerMessage {
                     .field("party_polynomials", &party_polynomials)
                     .finish()
             }
+            Self::EncryptedSignerState(s) => {
+                f.debug_tuple("EncryptedSignerState").field(s).finish()
+            }
         }
     }
 }
 
 impl SignerMessage {
     /// Helper function to determine the slot ID for the provided stacker-db writer id
+    #[cfg_attr(test, mutants::skip)]
     pub fn msg_id(&self) -> MessageSlotID {
         match self {
             Self::Packet(packet) => match packet.msg {
@@ -278,6 +291,7 @@ impl SignerMessage {
             Self::BlockResponse(_) => MessageSlotID::BlockResponse,
             Self::Transactions(_) => MessageSlotID::Transactions,
             Self::DkgResults { .. } => MessageSlotID::DkgResults,
+            Self::EncryptedSignerState(_) => MessageSlotID::EncryptedSignerState,
         }
     }
 }
@@ -345,10 +359,14 @@ impl StacksMessageCodec for SignerMessage {
                     party_polynomials.iter().map(|(a, b)| (a, b)),
                 )?;
             }
+            SignerMessage::EncryptedSignerState(encrypted_state) => {
+                write_next(fd, encrypted_state)?;
+            }
         };
         Ok(())
     }
 
+    #[cfg_attr(test, mutants::skip)]
     fn consensus_deserialize<R: Read>(fd: &mut R) -> Result<Self, CodecError> {
         let type_prefix_byte = read_next::<u8, _>(fd)?;
         let type_prefix = SignerMessageTypePrefix::try_from(type_prefix_byte)?;
@@ -383,6 +401,15 @@ impl StacksMessageCodec for SignerMessage {
                     party_polynomials,
                 }
             }
+            SignerMessageTypePrefix::EncryptedSignerState => {
+                // Typically the size of the signer state is much smaller, but in the fully degenerate case the size of the persisted state is
+                // 2800 * 32 * 4 + C for some small constant C.
+                // To have some margin, we're expanding the left term with an additional factor 4
+                let max_encrypted_state_size = 2800 * 32 * 4 * 4;
+                let mut bound_reader = BoundReader::from_reader(fd, max_encrypted_state_size);
+                let encrypted_state = read_next::<_, _>(&mut bound_reader)?;
+                SignerMessage::EncryptedSignerState(encrypted_state)
+            }
         };
         Ok(message)
     }

libsigner/src/messages.rs

@@ -62,5 +62,5 @@ pub mod consts {
 
     /// The number of StackerDB slots each signing key needs
     ///  to use to participate in DKG and block validation signing.
-    pub const SIGNER_SLOTS_PER_USER: u32 = 13;
+    pub const SIGNER_SLOTS_PER_USER: u32 = 14;
 }

stacks-common/src/libcommon.rs

@@ -19,10 +19,10 @@ use blockstack_lib::net::api::poststackerdbchunk::StackerDBErrorCodes;
 use hashbrown::HashMap;
 use libsigner::{MessageSlotID, SignerMessage, SignerSession, StackerDBSession};
 use libstackerdb::{StackerDBChunkAckData, StackerDBChunkData};
-use slog::{slog_debug, slog_warn};
+use slog::{slog_debug, slog_error, slog_warn};
 use stacks_common::codec::{read_next, StacksMessageCodec};
 use stacks_common::types::chainstate::StacksPrivateKey;
-use stacks_common::{debug, warn};
+use stacks_common::{debug, error, warn};
 
 use super::ClientError;
 use crate::client::retry_with_exponential_backoff;
@@ -130,7 +130,7 @@ impl StackerDB {
             };
 
             debug!(
-                "Sending a chunk to stackerdb slot ID {slot_id} with version {slot_version} to contract {:?}!\n{chunk:?}",
+                "Sending a chunk to stackerdb slot ID {slot_id} with version {slot_version} and message ID {msg_id} to contract {:?}!\n{chunk:?}",
                 &session.stackerdb_contract_id
             );
 
@@ -243,6 +243,51 @@ impl StackerDB {
         Self::get_transactions(&mut self.next_transaction_session, signer_ids)
     }
 
+    /// Get the encrypted state for the given signer
+    pub fn get_encrypted_signer_state(
+        &mut self,
+        signer_id: SignerSlotID,
+    ) -> Result<Option<Vec<u8>>, ClientError> {
+        debug!("Getting the persisted encrypted state for signer {signer_id}");
+        let Some(state_session) = self
+            .signers_message_stackerdb_sessions
+            .get_mut(&MessageSlotID::EncryptedSignerState)
+        else {
+            return Err(ClientError::NotConnected);
+        };
+
+        let send_request = || {
+            state_session
+                .get_latest_chunks(&[signer_id.0])
+                .map_err(backoff::Error::transient)
+        };
+
+        let Some(chunk) = retry_with_exponential_backoff(send_request)?.pop().ok_or(
+            ClientError::UnexpectedResponseFormat(format!(
+                "Missing response for state session request for signer {}",
+                signer_id
+            )),
+        )?
+        else {
+            debug!("No persisted state for signer {signer_id}");
+            return Ok(None);
+        };
+
+        if chunk.is_empty() {
+            debug!("Empty persisted state for signer {signer_id}");
+            return Ok(None);
+        }
+
+        let SignerMessage::EncryptedSignerState(state) =
+            read_next::<SignerMessage, _>(&mut chunk.as_slice())?
+        else {
+            error!("Wrong message type stored in signer state slot for signer {signer_id}");
+            return Ok(None);
+        };
+
+        Ok(Some(state))
+    }
+
     /// Retrieve the signer set this stackerdb client is attached to
     pub fn get_signer_set(&self) -> u32 {
         u32::try_from(self.reward_cycle % 2).expect("FATAL: reward cycle % 2 exceeds u32::MAX")

stacks-signer/src/client/stackerdb.rs

@@ -696,15 +696,21 @@ impl StacksClient {
 
 #[cfg(test)]
 mod tests {
+    use std::collections::HashMap;
     use std::io::{BufWriter, Write};
     use std::thread::spawn;
 
+    use blockstack_lib::burnchains::Address;
     use blockstack_lib::chainstate::nakamoto::NakamotoBlockHeader;
     use blockstack_lib::chainstate::stacks::address::PoxAddress;
     use blockstack_lib::chainstate::stacks::boot::{
         NakamotoSignerEntry, PoxStartCycleInfo, RewardSet,
     };
     use blockstack_lib::chainstate::stacks::ThresholdSignature;
+    use clarity::vm::types::{
+        ListData, ListTypeData, ResponseData, SequenceData, TupleData, TupleTypeSignature,
+        TypeSignature,
+    };
     use rand::thread_rng;
     use rand_core::RngCore;
     use stacks_common::bitvec::BitVec;
@@ -1039,9 +1045,59 @@ mod tests {
     #[test]
     fn parse_valid_signer_slots_should_succeed() {
         let mock = MockServerClient::new();
-        let clarity_value_hex =
-            "0x070b000000050c00000002096e756d2d736c6f7473010000000000000000000000000000000d067369676e6572051a8195196a9a7cf9c37cb13e1ed69a7bc047a84e050c00000002096e756d2d736c6f7473010000000000000000000000000000000d067369676e6572051a6505471146dcf722f0580911183f28bef30a8a890c00000002096e756d2d736c6f7473010000000000000000000000000000000d067369676e6572051a1d7f8e3936e5da5f32982cc47f31d7df9fb1b38a0c00000002096e756d2d736c6f7473010000000000000000000000000000000d067369676e6572051a126d1a814313c952e34c7840acec9211e1727fb80c00000002096e756d2d736c6f7473010000000000000000000000000000000d067369676e6572051a7374ea6bb39f2e8d3d334d62b9f302a977de339a";
-        let value = ClarityValue::try_deserialize_hex_untyped(clarity_value_hex).unwrap();
+
+        let signers = [
+            "ST20SA6BAK9YFKGVWP4Z1XNMTFF04FA2E0M8YRNNQ",
+            "ST1JGAHRH8VEFE8QGB04H261Z52ZF62MAH40CD6ZN",
+            "STEQZ3HS6VJXMQSJK0PC8ZSHTZFSZCDKHA7R60XT",
+            "ST96T6M18C9WJMQ39HW41B7CJ88Y2WKZQ1CK330M",
+            "ST1SQ9TKBPEFJX39X6D6P5EFK0AMQFQHKK9R0MJFC",
+        ];
+
+        let tuple_type_signature: TupleTypeSignature = [
+            (ClarityName::from("num_slots"), TypeSignature::UIntType),
+            (ClarityName::from("signer"), TypeSignature::PrincipalType),
+        ]
+        .into_iter()
+        .collect::<HashMap<_, _>>()
+        .try_into()
+        .unwrap();
+
+        let list_data: Vec<_> = signers
+            .into_iter()
+            .map(|signer| {
+                let principal_data = StacksAddress::from_string(signer).unwrap().into();
+
+                let data_map = [
+                    ("num-slots".into(), ClarityValue::UInt(14)),
+                    (
+                        "signer".into(),
+                        ClarityValue::Principal(PrincipalData::Standard(principal_data)),
+                    ),
+                ]
+                .into_iter()
+                .collect();
+
+                ClarityValue::Tuple(TupleData {
+                    type_signature: tuple_type_signature.clone(),
+                    data_map,
+                })
+            })
+            .collect();
+
+        let list_type_signature =
+            ListTypeData::new_list(TypeSignature::TupleType(tuple_type_signature), 5).unwrap();
+
+        let sequence = ClarityValue::Sequence(SequenceData::List(ListData {
+            data: list_data,
+            type_signature: list_type_signature,
+        }));
+
+        let value = ClarityValue::Response(ResponseData {
+            committed: true,
+            data: Box::new(sequence),
+        });
+
         let signer_slots = mock.client.parse_signer_slots(value).unwrap();
         assert_eq!(signer_slots.len(), 5);
         signer_slots