refactor: make server signing related configs optional (#47)

* refactor: update signing related configs to be optional

* fix: handle missing queue config gracefully in worker scheduling

Author: lancevincentsalera

src/main.rs

@@ -77,7 +77,7 @@ struct Config {
     #[serde(default)]
     queues: HashSet<queue::Config>,
     u5c: ledger::u5c::Config,
-    signing: signing::Config,
+    signing: Option<signing::Config>,
 }
 
 impl Config {

src/pipeline/ingest.rs

@@ -22,7 +22,7 @@ pub struct Stage {
     storage: Arc<SqliteTransaction>,
     priority: Arc<Priority>,
     u5c_adapter: Arc<dyn U5cDataAdapter>,
-    secret_adapter: Arc<dyn SigningAdapter>,
+    signing_adapter: Option<Arc<dyn SigningAdapter>>,
     config: Config,
     pub output: OutputPort<Vec<u8>>,
 }
@@ -32,14 +32,14 @@ impl Stage {
         storage: Arc<SqliteTransaction>,
         priority: Arc<Priority>,
         u5c_adapter: Arc<dyn U5cDataAdapter>,
-        secret_adapter: Arc<dyn SigningAdapter>,
+        signing_adapter: Option<Arc<dyn SigningAdapter>>,
         config: Config,
     ) -> Self {
         Self {
             storage,
             priority,
             u5c_adapter,
-            secret_adapter,
+            signing_adapter,
             config,
             output: Default::default(),
         }
@@ -91,13 +91,13 @@ impl gasket::framework::Worker<Stage> for Worker {
                 .config
                 .queues
                 .get(&tx.queue)
-                .map(|config| config.server_signing)
-                .unwrap_or(false);
+                .ok_or(WorkerError::Retry)?
+                .server_signing;
 
             if should_sign {
-                info!("Signing transaction {} with server key", tx.id);
-                tx.raw = stage.secret_adapter.sign(tx.raw).await.or_retry()?;
-                info!("Transaction {} signed successfully", tx.id);
+                let signer = stage.signing_adapter.as_ref().ok_or(WorkerError::Retry)?;
+                tx.raw = signer.sign(tx.raw).await.or_retry()?;
+                info!(tx_id = %tx.id, "Transaction signed with server key");
             }
 
             let metx = MultiEraTx::decode(&tx.raw).map_err(|_| WorkerError::Recv)?;

src/pipeline/mod.rs

@@ -10,7 +10,7 @@ use crate::{
     },
     network::peer_manager::PeerManager,
     queue::priority::Priority,
-    signing::hashicorp::HashicorpVaultClient,
+    signing::{hashicorp::HashicorpVaultClient, SigningAdapter},
     storage::{
         sqlite::{SqliteCursor, SqliteTransaction},
         Cursor,
@@ -48,13 +48,20 @@ pub async fn run(
     let peer_manager = Arc::new(peer_manager);
 
     let priority = Arc::new(Priority::new(tx_storage.clone(), config.queues.clone()));
-    let secret_adapter = Arc::new(HashicorpVaultClient::new(config.signing.clone())?);
+    let signing_adapter: Option<Arc<dyn SigningAdapter>> = config
+        .signing
+        .as_ref()
+        .map(|cfg| {
+            HashicorpVaultClient::new(cfg.clone())
+                .map(|c| Arc::new(c) as Arc<dyn SigningAdapter>)
+        })
+        .transpose()?;
 
     let mut ingest = ingest::Stage::new(
         tx_storage.clone(),
         priority.clone(),
         u5c_data_adapter.clone(),
-        secret_adapter,
+        signing_adapter,
         config.clone(),
     );
 

src/queue/mod.rs

@@ -15,6 +15,7 @@ pub struct Config {
     pub weight: u8,
     #[serde(default)]
     pub chained: bool,
+    #[serde(default)]
     pub server_signing: bool,
 }
 impl Default for Config {

src/server/submit.rs

@@ -69,7 +69,8 @@ impl SubmitService for SubmitServiceImpl {
                         self.queues.iter().find(|q| q.name == *DEFAULT_QUEUE)
                     })
                 })
-                .is_none_or(|config| !config.server_signing);
+                .map(|cfg| cfg.server_signing)
+                .is_none_or(|server_signing| !server_signing);
 
             if should_validate {
                 if let Err(error) = validate_tx(&metx, self.u5c_adapter.clone()).await {