fix(sidecar): signing options

chainbound · Oct 18, 2024 · eeab58e · eeab58e
1 parent e4bfb72
commit eeab58e
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 27 deletions.
diff --git a/bolt-sidecar/bin/sidecar.rs b/bolt-sidecar/bin/sidecar.rs
@@ -25,18 +25,18 @@ async fn main() -> Result<()> {
  bail!("Failed to initialize the sidecar driver with local signer: {:?}", err)
  }
  }
- } else if opts.signing.keystore.is_some() {
- match SidecarDriver::with_keystore_signer(&opts).await {
+ } else if opts.signing.commit_boost_jwt_hex.is_some() {
+ match SidecarDriver::with_commit_boost_signer(&opts).await {
  Ok(driver) => driver.run_forever().await,
  Err(err) => {
- bail!("Failed to initialize the sidecar driver with keystore signer: {:?}", err)
+ bail!("Failed to initialize the sidecar driver with commit boost: {:?}", err)
  }
  }
  } else {
- match SidecarDriver::with_commit_boost_signer(&opts).await {
+ match SidecarDriver::with_keystore_signer(&opts).await {
  Ok(driver) => driver.run_forever().await,
  Err(err) => {
- bail!("Failed to initialize the sidecar driver with commit boost: {:?}", err)
+ bail!("Failed to initialize the sidecar driver with keystore signer: {:?}", err)
  }
  }
  }

diff --git a/bolt-sidecar/src/config/signing.rs b/bolt-sidecar/src/config/signing.rs
@@ -7,10 +7,10 @@ use serde::Deserialize;
 use crate::common::{BlsSecretKeyWrapper, JwtSecretConfig};
 
 /// Command-line options for signing
-#[derive(Args, Deserialize, Debug)]
+#[derive(Args, Deserialize)]
 #[clap(
  group = ArgGroup::new("signing-opts").required(true)
- .args(&["private_key", "commit_boost_address", "keystore"])
+ .args(&["private_key", "commit_boost_address", "keystore_password", "keystore_secrets_path"])
 )]
 pub struct SigningOpts {
  /// Private key to use for signing preconfirmation requests
@@ -22,20 +22,6 @@ pub struct SigningOpts {
  /// JWT in hexadecimal format for authenticating with the commit-boost service
  #[clap(long, env = "BOLT_SIDECAR_CB_JWT_HEX", requires("commit_boost_address"))]
  pub commit_boost_jwt_hex: Option<JwtSecretConfig>,
- /// Options for the ERC-2335 keystore
- #[clap(flatten)]
- pub keystore: Option<KeystoreOpts>,
- /// Path to the delegations file. If not provided, the default path is used.
- #[clap(long, env = "BOLT_SIDECAR_DELEGATIONS_PATH")]
- pub delegations_path: Option<PathBuf>,
-}
-
-#[derive(Args, Deserialize)]
-#[clap(
- group = ArgGroup::new("keystore-opts").required(true)
- .args(&["keystore_password", "keystore_secrets_path"])
-)]
-pub struct KeystoreOpts {
  /// The password for the ERC-2335 keystore.
  /// Reference: https://eips.ethereum.org/EIPS/eip-2335
  #[clap(long, env = "BOLT_SIDECAR_KEYSTORE_PASSWORD")]
@@ -47,12 +33,18 @@ pub struct KeystoreOpts {
  /// Path to the keystores folder. If not provided, the default path is used.
  #[clap(long, env = "BOLT_SIDECAR_KEYSTORE_PATH")]
  pub keystore_path: Option<PathBuf>,
+ /// Path to the delegations file. If not provided, the default path is used.
+ #[clap(long, env = "BOLT_SIDECAR_DELEGATIONS_PATH")]
+ pub delegations_path: Option<PathBuf>,
 }
 
 // Implement Debug manually to hide the keystore_password field
-impl fmt::Debug for KeystoreOpts {
+impl fmt::Debug for SigningOpts {
  fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
  f.debug_struct("SigningOpts")
+ .field("private_key", &self.private_key)
+ .field("commit_boost_address", &self.commit_boost_address)
+ .field("commit_boost_jwt_hex", &self.commit_boost_jwt_hex)
  .field("keystore_password", &"********") // Hides the actual password
  .field("keystore_path", &self.keystore_path)
  .field("keystore_secrets_path", &self.keystore_secrets_path)

diff --git a/bolt-sidecar/src/driver.rs b/bolt-sidecar/src/driver.rs
@@ -112,19 +112,19 @@ impl SidecarDriver<StateClient, PrivateKeySigner> {
  // The default state client simply uses the execution API URL to fetch state updates.
  let state_client = StateClient::new(opts.execution_api_url.clone());
 
- let keystore_opts = opts.signing.keystore.as_ref().expect("keystore is some");
+ let signing_opts = &opts.signing;
 
- let keystore = if let Some(psw) = keystore_opts.keystore_password.as_ref() {
+ let keystore = if let Some(psw) = signing_opts.keystore_password.as_ref() {
  KeystoreSigner::from_password(
- &parse_path(keystore_opts.keystore_path.as_ref(), KEYSTORES_DEFAULT_PATH),
+ &parse_path(signing_opts.keystore_path.as_ref(), KEYSTORES_DEFAULT_PATH),
  psw.as_ref(),
  opts.chain,
  )?
  } else {
  KeystoreSigner::from_secrets_directory(
- &parse_path(keystore_opts.keystore_path.as_ref(), KEYSTORES_DEFAULT_PATH),
+ &parse_path(signing_opts.keystore_path.as_ref(), KEYSTORES_DEFAULT_PATH),
  &parse_path(
- keystore_opts.keystore_secrets_path.as_ref(),
+ signing_opts.keystore_secrets_path.as_ref(),
  KEYSTORES_SECRETS_DEFAULT_PATH,
  ),
  opts.chain,