diff --git a/core/src/main/java/tech/pegasys/web3signer/core/routes/eth2/CommitBoostGenerateProxyKeyRoute.java b/core/src/main/java/tech/pegasys/web3signer/core/routes/eth2/CommitBoostGenerateProxyKeyRoute.java index bd5156ed4..69d1e8330 100644 --- a/core/src/main/java/tech/pegasys/web3signer/core/routes/eth2/CommitBoostGenerateProxyKeyRoute.java +++ b/core/src/main/java/tech/pegasys/web3signer/core/routes/eth2/CommitBoostGenerateProxyKeyRoute.java @@ -12,15 +12,11 @@ */ package tech.pegasys.web3signer.core.routes.eth2; -import static tech.pegasys.web3signer.signing.KeyType.BLS; - import tech.pegasys.teku.spec.Spec; import tech.pegasys.web3signer.core.Context; import tech.pegasys.web3signer.core.routes.Web3SignerRoute; import tech.pegasys.web3signer.core.service.http.handlers.commitboost.CommitBoostGenerateProxyKeyHandler; -import tech.pegasys.web3signer.core.service.http.handlers.signing.SignerForIdentifier; import tech.pegasys.web3signer.signing.ArtifactSignerProvider; -import tech.pegasys.web3signer.signing.BlsArtifactSignature; import tech.pegasys.web3signer.signing.config.CommitBoostParameters; import tech.pegasys.web3signer.signing.config.DefaultArtifactSignerProvider; @@ -30,7 +26,7 @@ public class CommitBoostGenerateProxyKeyRoute implements Web3SignerRoute { private static final String PATH = "/signer/v1/generate_proxy_key"; private final Context context; - private final SignerForIdentifier blsSigner; + private final ArtifactSignerProvider artifactSignerProvider; private final CommitBoostParameters commitBoostParameters; private final Spec eth2Spec; @@ -43,15 +39,11 @@ public CommitBoostGenerateProxyKeyRoute( this.eth2Spec = eth2Spec; // there should be only one DefaultArtifactSignerProvider in eth2 mode - final ArtifactSignerProvider artifactSignerProvider = + artifactSignerProvider = context.getArtifactSignerProviders().stream() .filter(p -> p instanceof DefaultArtifactSignerProvider) .findFirst() .orElseThrow(); - - blsSigner = - new SignerForIdentifier<>( - artifactSignerProvider, sig -> sig.getSignatureData().toString(), BLS); } @Override @@ -60,7 +52,8 @@ public void register() { .getRouter() .route(HttpMethod.POST, PATH) .blockingHandler( - new CommitBoostGenerateProxyKeyHandler(blsSigner, commitBoostParameters, eth2Spec), + new CommitBoostGenerateProxyKeyHandler( + artifactSignerProvider, commitBoostParameters, eth2Spec), false) .failureHandler(context.getErrorHandler()) .failureHandler( diff --git a/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostGenerateProxyKeyHandler.java b/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostGenerateProxyKeyHandler.java index 98f9cd1fc..18ed3b541 100644 --- a/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostGenerateProxyKeyHandler.java +++ b/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostGenerateProxyKeyHandler.java @@ -20,9 +20,10 @@ import tech.pegasys.web3signer.core.service.http.SigningObjectMapperFactory; import tech.pegasys.web3signer.core.service.http.handlers.commitboost.json.GenerateProxyKeyBody; import tech.pegasys.web3signer.core.service.http.handlers.commitboost.json.ProxyDelegation; +import tech.pegasys.web3signer.core.service.http.handlers.commitboost.json.SignRequestType; import tech.pegasys.web3signer.core.service.http.handlers.commitboost.json.SignedProxyDelegation; -import tech.pegasys.web3signer.core.service.http.handlers.signing.SignerForIdentifier; import tech.pegasys.web3signer.signing.ArtifactSigner; +import tech.pegasys.web3signer.signing.ArtifactSignerProvider; import tech.pegasys.web3signer.signing.config.CommitBoostParameters; import java.util.Optional; @@ -33,7 +34,7 @@ import io.vertx.ext.web.RoutingContext; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.apache.tuweni.bytes.Bytes; +import org.apache.tuweni.bytes.Bytes32; public class CommitBoostGenerateProxyKeyHandler implements Handler { private static final Logger LOG = LogManager.getLogger(); @@ -42,17 +43,17 @@ public class CommitBoostGenerateProxyKeyHandler implements Handler signerForIdentifier; private final ProxyKeyGenerator proxyKeyGenerator; private final SigningRootGenerator signingRootGenerator; + private final CommitBoostSignerProvider commitBoostSignerProvider; public CommitBoostGenerateProxyKeyHandler( - final SignerForIdentifier signerForIdentifier, + final ArtifactSignerProvider artifactSignerProvider, final CommitBoostParameters commitBoostParameters, final Spec eth2Spec) { - this.signerForIdentifier = signerForIdentifier; - this.proxyKeyGenerator = new ProxyKeyGenerator(commitBoostParameters); - this.signingRootGenerator = + commitBoostSignerProvider = new CommitBoostSignerProvider(artifactSignerProvider); + proxyKeyGenerator = new ProxyKeyGenerator(commitBoostParameters); + signingRootGenerator = new SigningRootGenerator(eth2Spec, commitBoostParameters.getGenesisValidatorsRoot()); } @@ -71,28 +72,31 @@ public void handle(final RoutingContext context) { // Check for identifier, if not exist, fail with 404 final String identifier = normaliseIdentifier(proxyKeyBody.blsPublicKey()); - if (!signerForIdentifier.isSignerAvailable(identifier)) { + final boolean signerAvailable = + commitBoostSignerProvider.isSignerAvailable(identifier, SignRequestType.CONSENSUS); + if (!signerAvailable) { context.fail(NOT_FOUND); return; } - // Generate actual proxy key and encrypted keystore based on signature scheme - final ArtifactSigner artifactSigner; try { - artifactSigner = + // Generate actual proxy key and encrypted keystore based on signature scheme + final ArtifactSigner proxyArtifactSigner = switch (proxyKeyBody.scheme()) { case BLS -> proxyKeyGenerator.generateBLSProxyKey(identifier); case ECDSA -> proxyKeyGenerator.generateECProxyKey(identifier); }; - // Add generated proxy key to DefaultArtifactSignerProvider - signerForIdentifier.getSignerProvider().addProxySigner(artifactSigner, identifier).get(); + + // Add generated proxy ArtifactSigner to ArtifactSignerProvider + commitBoostSignerProvider.addProxySigner(proxyArtifactSigner, identifier); final ProxyDelegation proxyDelegation = - new ProxyDelegation(identifier, artifactSigner.getIdentifier()); - final Bytes signingRoot = + new ProxyDelegation(identifier, proxyArtifactSigner.getIdentifier()); + final Bytes32 signingRoot = signingRootGenerator.computeSigningRoot( proxyDelegation.toMerkleizable(proxyKeyBody.scheme()).hashTreeRoot()); - final Optional optionalSig = signerForIdentifier.sign(identifier, signingRoot); + final Optional optionalSig = + commitBoostSignerProvider.sign(identifier, SignRequestType.CONSENSUS, signingRoot); if (optionalSig.isEmpty()) { context.fail(NOT_FOUND); return; diff --git a/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostSignerProvider.java b/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostSignerProvider.java index 4136a59be..23c017d18 100644 --- a/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostSignerProvider.java +++ b/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/commitboost/CommitBoostSignerProvider.java @@ -33,10 +33,22 @@ public class CommitBoostSignerProvider { private final ArtifactSignerProvider artifactSignerProvider; + /** + * Constructor for the CommitBoostSignerProvider + * + * @param artifactSignerProvider The {@link ArtifactSignerProvider} to use for signing + */ public CommitBoostSignerProvider(final ArtifactSignerProvider artifactSignerProvider) { this.artifactSignerProvider = artifactSignerProvider; } + /** + * Check if a signer is available for the given identifier and type + * + * @param identifier The identifier to check + * @param type The type of signer to check + * @return true if a signer is available, false otherwise + */ public boolean isSignerAvailable(final String identifier, final SignRequestType type) { return switch (type) { case CONSENSUS -> artifactSignerProvider.availableIdentifiers().contains(identifier); @@ -55,6 +67,15 @@ public boolean isSignerAvailable(final String identifier, final SignRequestType }; } + /** + * Sign a message with the given identifier and type + * + * @param identifier The identifier to sign with + * @param type The type of signer to use + * @param signingRoot The root to sign + * @return An optional string of the signature in hex format. Empty if no signer available for + * given identifier + */ public Optional sign( final String identifier, final SignRequestType type, final Bytes32 signingRoot) { final Optional optionalArtifactSigner = @@ -78,4 +99,8 @@ public Optional sign( }) .orElse(Optional.empty()); } + + public void addProxySigner(final ArtifactSigner artifactSigner, final String identifier) { + artifactSignerProvider.addProxySigner(artifactSigner, identifier); + } } diff --git a/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/signing/SignerForIdentifier.java b/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/signing/SignerForIdentifier.java index 5776805e4..7148fb6fd 100644 --- a/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/signing/SignerForIdentifier.java +++ b/core/src/main/java/tech/pegasys/web3signer/core/service/http/handlers/signing/SignerForIdentifier.java @@ -56,15 +56,6 @@ public Optional signAndGetArtifactSignature(final String identifier, final By return signerProvider.getSigner(identifier).map(signer -> (T) signer.sign(data)); } - /** - * Get the signer provider - * - * @return signer provider - */ - public ArtifactSignerProvider getSignerProvider() { - return signerProvider; - } - /** * Converts hex string to bytes *