Save keypair to and from repository

gnosisguild · Dec 2, 2024 · 221352d · 221352d
1 parent 95af527
commit 221352d
Show file tree

Hide file tree

Showing 11 changed files with 45 additions and 9 deletions.
diff --git a/package.json b/package.json
@@ -24,7 +24,7 @@
     "preciphernode:build": "yarn evm:compile",
     "committee:new": "cd packages/evm && yarn committee:new",
     "committee:publish": "cd packages/evm && yarn hardhat committee:publish",
-    "e3:activate": "cd packages/evm && yarn hardhat e3:activate",
+    "e3:activate": "cd packages/evm && yarn -s hardhat e3:activate",
     "e3:publishInput": "cd packages/evm && yarn hardhat e3:publishInput",
     "e3:publishCiphertext": "cd packages/evm && yarn hardhat e3:publishCiphertext",
     "evm:install": "cd packages/evm && yarn install",

diff --git a/packages/ciphernode/Cargo.lock b/packages/ciphernode/Cargo.lock
diff --git a/packages/ciphernode/Cargo.toml b/packages/ciphernode/Cargo.toml
@@ -36,7 +36,9 @@ bincode = "1.3.3"
 bs58 = "0.5.1"
 base64 = "0.22.1"
 clap = { version = "4.5.17", features = ["derive"] }
+cipher = { path = "./cipher" }
 dirs = "5.0.1"
+data = { path = "./data" }
 figment = { version = "0.10.19", features = ["yaml", "test"] }
 fhe_rs = { package = "fhe", git = "https://github.com/gnosisguild/fhe.rs", version = "0.1.0-beta.7" }
 fhe-traits = { git = "https://github.com/gnosisguild/fhe.rs", version = "0.1.0-beta.7" }

diff --git a/packages/ciphernode/enclave_node/src/aggregator.rs b/packages/ciphernode/enclave_node/src/aggregator.rs
@@ -81,7 +81,7 @@ pub async fn setup_aggregator(
         .build()
         .await?;
 
-    let (_, join_handle, peer_id) = NetworkRelay::setup_with_peer(bus.clone(), config.peers())?;
+    let (_, join_handle, peer_id) = NetworkRelay::setup_with_peer(bus.clone(), config.peers(), &cipher, repositories.libp2pid()).await?;
 
     if let Some(path) = pubkey_write_path {
         PublicKeyWriter::attach(path, bus.clone());

diff --git a/packages/ciphernode/enclave_node/src/ciphernode.rs b/packages/ciphernode/enclave_node/src/ciphernode.rs
@@ -73,7 +73,7 @@ pub async fn setup_ciphernode(
         .build()
         .await?;
 
-    let (_, join_handle, peer_id) = NetworkRelay::setup_with_peer(bus.clone(), config.peers())?;
+    let (_, join_handle, peer_id) = NetworkRelay::setup_with_peer(bus.clone(), config.peers(), &cipher, repositories.libp2pid()).await?;
 
     let nm = format!("CIPHER({})", &address.to_string()[0..5]);
     SimpleLogger::attach(&nm, bus.clone());

diff --git a/packages/ciphernode/net/Cargo.toml b/packages/ciphernode/net/Cargo.toml
@@ -11,6 +11,8 @@ repository = "https://github.com/gnosisguild/enclave/packages/ciphernode"
 async-std = { workspace = true, features = ["attributes"] }
 async-trait = { workspace = true }
 futures = { workspace = true }
+cipher = { workspace = true }
+data = { workspace = true }
 libp2p = { workspace = true, features = [
   "async-std",
   "gossipsub",

diff --git a/packages/ciphernode/net/src/network_relay.rs b/packages/ciphernode/net/src/network_relay.rs
@@ -1,3 +1,4 @@
+use std::sync::Arc;
 use std::{collections::HashSet, error::Error};
 
 use crate::NetworkPeer;
@@ -6,9 +7,12 @@ use crate::NetworkPeer;
 use actix::prelude::*;
 use anyhow::anyhow;
 use anyhow::Result;
+use cipher::Cipher;
+use data::Repository;
 use enclave_core::{EnclaveEvent, EventBus, EventId, Subscribe};
+use libp2p::identity::ed25519;
 use tokio::sync::mpsc::{Receiver, Sender};
-use tracing::{error, trace};
+use tracing::{error, info, instrument, trace};
 
 /// NetworkRelay Actor converts between EventBus events and Libp2p events forwarding them to a
 /// NetworkPeer for propagation over the p2p network
@@ -63,11 +67,31 @@ impl NetworkRelay {
     }
 
     /// Spawn a Libp2p peer and hook it up to this actor
-    pub fn setup_with_peer(
+    #[instrument(name = "libp2p", skip_all)]
+    pub async fn setup_with_peer(
         bus: Addr<EventBus>,
         peers: Vec<String>,
+        cipher: &Arc<Cipher>,
+        repository: Repository<Vec<u8>>,
     ) -> Result<(Addr<Self>, tokio::task::JoinHandle<Result<()>>, String)> {
-        let keypair = libp2p::identity::Keypair::generate_ed25519();
+        info!("Reading from repository");
+        let bytes = if let Some(bytes) = repository.read().await? {
+            let decrypted = cipher.decrypt_data(&bytes)?;
+            info!("Found keypair in repository");
+            decrypted
+        } else {
+            let kp = libp2p::identity::Keypair::generate_ed25519();
+            info!("Generated new keypair {}", kp.public().to_peer_id());
+            let innerkp = kp.try_into_ed25519()?;
+            let bytes = innerkp.to_bytes().to_vec();
+
+            repository.write(&cipher.encrypt_data(&mut bytes.clone())?);
+            info!("Saved new keypair to repository");
+            bytes
+        };
+
+        let ed25519_keypair = ed25519::Keypair::try_from_bytes(&mut bytes.clone())?;
+        let keypair: libp2p::identity::Keypair = ed25519_keypair.try_into()?;
         let mut peer = NetworkPeer::new(&keypair, peers, None, "tmp-enclave-gossip-topic")?;
         let rx = peer.rx().ok_or(anyhow!("Peer rx already taken"))?;
         let p2p_addr = NetworkRelay::setup(bus, peer.tx(), rx);

diff --git a/packages/ciphernode/router/src/repositories.rs b/packages/ciphernode/router/src/repositories.rs
@@ -74,6 +74,10 @@ impl Repositories {
         Repository::new(self.store.scope(format!("//eth_private_key")))
     }
 
+    pub fn libp2pid(&self) -> Repository<Vec<u8>> {
+        Repository::new(self.store.scope(format!("//libp2pid")))
+    }
+
     pub fn enclave_sol_reader(&self, chain_id: u64) -> Repository<EvmEventReaderState> {
         Repository::new(
             self.store

diff --git a/tests/basic_integration/base.sh b/tests/basic_integration/base.sh
@@ -58,7 +58,8 @@ heading "Mock encrypted plaintext"
 $SCRIPT_DIR/lib/fake_encrypt.sh --input "$SCRIPT_DIR/output/pubkey.bin" --output "$SCRIPT_DIR/output/output.bin" --plaintext $PLAINTEXT
 
 heading "Mock activate e3-id"
-yarn e3:activate --e3-id 0 --public-key "0x$PUBLIC_KEY" --network localhost
+# NOTE: using -s to avoid key spamming output
+yarn -s e3:activate --e3-id 0 --public-key "0x$PUBLIC_KEY" --network localhost
 
 heading "Mock publish input e3-id"
 yarn e3:publishInput --network localhost  --e3-id 0 --data 0x12345678

diff --git a/tests/basic_integration/lib/prebuild.sh b/tests/basic_integration/lib/prebuild.sh
@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 
-cd packages/ciphernode && RUSTFLAGS="-A warnings" cargo build --bin fake_encrypt --bin enclave;
+cd packages/ciphernode && RUSTFLAGS="-A warnings" cargo build --bin fake_encrypt --bin enclave --bin pack_e3_params;
diff --git a/tests/basic_integration/persist.sh b/tests/basic_integration/persist.sh
@@ -69,7 +69,8 @@ heading "Mock encrypted plaintext"
 $SCRIPT_DIR/lib/fake_encrypt.sh --input "$SCRIPT_DIR/output/pubkey.bin" --output "$SCRIPT_DIR/output/output.bin" --plaintext $PLAINTEXT
 
 heading "Mock activate e3-id"
-yarn e3:activate --e3-id 0 --public-key "0x$PUBLIC_KEY" --network localhost
+# NOTE using -s to avoid key spaming the output
+yarn -s e3:activate --e3-id 0 --public-key "0x$PUBLIC_KEY" --network localhost
 
 heading "Mock publish input e3-id"
 yarn e3:publishInput --network localhost  --e3-id 0 --data 0x12345678