add bls signer to plugin

Layr-Labs · Jan 8, 2025 · 6bd9746 · 6bd9746
1 parent 550d354
commit 6bd9746
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 17 deletions.
diff --git a/node/operator.go b/node/operator.go
@@ -100,15 +100,15 @@ func RegisterOperator(ctx context.Context, operator *Operator, transactor core.W
 
 // DeregisterOperator deregisters the operator with the given public key from the specified quorums that it is registered with at the supplied block number.
 // If the operator isn't registered with any of the specified quorums, this function will return error, and no quorum will be deregistered.
-func DeregisterOperator(ctx context.Context, operator *Operator, KeyPair *core.KeyPair, transactor core.Writer) error {
+func DeregisterOperator(ctx context.Context, operator *Operator, pubKeyG1 *core.G1Point, transactor core.Writer) error {
 	if len(operator.QuorumIDs) > 1+core.MaxQuorumID {
 		return fmt.Errorf("cannot provide more than %d quorums", 1+core.MaxQuorumID)
 	}
 	blockNumber, err := transactor.GetCurrentBlockNumber(ctx)
 	if err != nil {
 		return fmt.Errorf("failed to get current block number: %w", err)
 	}
-	return transactor.DeregisterOperator(ctx, KeyPair.GetPubKeyG1(), blockNumber, operator.QuorumIDs)
+	return transactor.DeregisterOperator(ctx, pubKeyG1, blockNumber, operator.QuorumIDs)
 }
 
 // UpdateOperatorSocket updates the socket for the given operator

diff --git a/node/plugin/cmd/main.go b/node/plugin/cmd/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"context"
+	"encoding/hex"
 	"log"
 	"os"
 	"strings"
@@ -14,7 +15,8 @@ import (
 	"github.com/Layr-Labs/eigenda/core/eth"
 	"github.com/Layr-Labs/eigenda/node"
 	"github.com/Layr-Labs/eigenda/node/plugin"
-	"github.com/Layr-Labs/eigensdk-go/crypto/bls"
+	sdkSigner "github.com/Layr-Labs/eigensdk-go/signer/bls"
+	sdkSignerTypes "github.com/Layr-Labs/eigensdk-go/signer/bls/types"
 	gethcommon "github.com/ethereum/go-ethereum/common"
 	"github.com/urfave/cli"
 )
@@ -35,6 +37,9 @@ func main() {
 		plugin.ChurnerUrlFlag,
 		plugin.NumConfirmationsFlag,
 		plugin.PubIPProviderFlag,
+		plugin.BLSRemoteSignerUrlFlag,
+		plugin.BLSPublicKeyHexFlag,
+		plugin.BLSSignerCertFileFlag,
 	}
 	app.Name = "eigenda-node-plugin"
 	app.Usage = "EigenDA Node Plugin"
@@ -54,22 +59,47 @@ func pluginOps(ctx *cli.Context) {
 	}
 	log.Printf("Info: plugin configs and flags parsed")
 
-	kp, err := bls.ReadPrivateKeyFromFile(config.BlsKeyFile, config.BlsKeyPassword)
+	signerCfg := sdkSignerTypes.SignerConfig{
+		PublicKeyHex:     config.BLSPublicKeyHex,
+		CerberusUrl:      config.BLSRemoteSignerUrl,
+		CerberusPassword: config.BlsKeyPassword,
+		TLSCertFilePath:  config.BLSSignerCertFile,
+		Path:             config.BLSSignerCertFile,
+		Password:         config.BlsKeyPassword,
+	}
+	if config.BLSRemoteSignerUrl != "" {
+		signerCfg.SignerType = sdkSignerTypes.Cerberus
+	} else {
+		signerCfg.SignerType = sdkSignerTypes.Local
+	}
+	signer, err := sdkSigner.NewSigner(signerCfg)
 	if err != nil {
-		log.Printf("Error: failed to read or decrypt the BLS private key: %v", err)
+		log.Printf("Error: failed to create BLS signer: %v", err)
 		return
 	}
-	g1point := &core.G1Point{
-		G1Affine: kp.PubKey.G1Affine,
+
+	opID, err := signer.GetOperatorId()
+	if err != nil {
+		log.Printf("Error: failed to get operator ID: %v", err)
+		return
 	}
-	keyPair := &core.KeyPair{
-		PrivKey: kp.PrivKey,
-		PubKey:  g1point,
+	operatorID, err := core.OperatorIDFromHex(opID)
+	if err != nil {
+		log.Printf("Error: failed to convert operator ID: %v", err)
+		return
+	}
+	pubKeyG1Hex := signer.GetPublicKeyG1()
+	pubKeyG1, err := hex.DecodeString(pubKeyG1Hex)
+	if err != nil {
+		log.Printf("Error: failed to decode public key G1: %v", err)
+		return
+	}
+	pubKeyG1Point := new(core.G1Point)
+	pubKeyG1Point, err = pubKeyG1Point.Deserialize(pubKeyG1)
+	if err != nil {
+		log.Printf("Error: failed to deserialize public key G1: %v", err)
+		return
 	}
-	log.Printf("Info: Bls key read and decrypted from %s", config.BlsKeyFile)
-
-	// TODO(madhur): use sdkSigner
-	operatorID := keyPair.GetPubKeyG1().GetOperatorID()
 
 	sk, privateKey, err := plugin.GetECDSAPrivateKey(config.EcdsaKeyFile, config.EcdsaKeyPassword)
 	if err != nil {
@@ -124,8 +154,8 @@ func pluginOps(ctx *cli.Context) {
 		Socket:              socket,
 		Timeout:             10 * time.Second,
 		PrivKey:             sk.PrivateKey,
-		KeyPair:             keyPair,
-		OperatorId:          keyPair.GetPubKeyG1().GetOperatorID(),
+		Signer:              signer,
+		OperatorId:          operatorID,
 		QuorumIDs:           config.QuorumIDList,
 		RegisterNodeAtStart: false,
 	}
@@ -140,7 +170,7 @@ func pluginOps(ctx *cli.Context) {
 		log.Printf("Info: successfully opt-in the EigenDA, for operator ID: %x, operator address: %x, socket: %s, and quorums: %v", operatorID, sk.Address, config.Socket, config.QuorumIDList)
 	} else if config.Operation == plugin.OperationOptOut {
 		log.Printf("Info: Operator with Operator Address: %x and OperatorID: %x is opting out of EigenDA", sk.Address, operatorID)
-		err = node.DeregisterOperator(context.Background(), operator, keyPair, tx)
+		err = node.DeregisterOperator(context.Background(), operator, pubKeyG1Point, tx)
 		if err != nil {
 			log.Printf("Error: failed to opt-out EigenDA Node Network for operator ID: %x, operator address: %x, quorums: %v, error: %v", operatorID, sk.Address, config.QuorumIDList, err)
 			return

diff --git a/node/plugin/config.go b/node/plugin/config.go
@@ -63,6 +63,26 @@ var (
 		Usage:    "Password to decrypt the bls key",
 		EnvVar:   common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_KEY_PASSWORD"),
 	}
+	BLSRemoteSignerUrlFlag = cli.StringFlag{
+		Name:     "bls-remote-signer-url",
+		Usage:    "The URL of the BLS remote signer",
+		Required: false,
+		EnvVar:   common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_REMOTE_SIGNER_URL"),
+	}
+
+	BLSPublicKeyHexFlag = cli.StringFlag{
+		Name:     "bls-public-key-hex",
+		Usage:    "The hex-encoded public key of the BLS signer",
+		Required: false,
+		EnvVar:   common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_PUBLIC_KEY_HEX"),
+	}
+
+	BLSSignerCertFileFlag = cli.StringFlag{
+		Name:     "bls-signer-cert-file",
+		Usage:    "The path to the BLS signer certificate file",
+		Required: false,
+		EnvVar:   common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_SIGNER_CERT_FILE"),
+	}
 
 	// The socket and the quorums to register.
 	SocketFlag = cli.StringFlag{
@@ -119,6 +139,9 @@ type Config struct {
 	BlsKeyFile                    string
 	EcdsaKeyPassword              string
 	BlsKeyPassword                string
+	BLSRemoteSignerUrl            string
+	BLSPublicKeyHex               string
+	BLSSignerCertFile             string
 	Socket                        string
 	QuorumIDList                  []core.QuorumID
 	ChainRpcUrl                   string
@@ -157,6 +180,9 @@ func NewConfig(ctx *cli.Context) (*Config, error) {
 		BlsKeyPassword:                ctx.GlobalString(BlsKeyPasswordFlag.Name),
 		EcdsaKeyFile:                  ctx.GlobalString(EcdsaKeyFileFlag.Name),
 		BlsKeyFile:                    ctx.GlobalString(BlsKeyFileFlag.Name),
+		BLSRemoteSignerUrl:            ctx.GlobalString(BLSRemoteSignerUrlFlag.Name),
+		BLSPublicKeyHex:               ctx.GlobalString(BLSPublicKeyHexFlag.Name),
+		BLSSignerCertFile:             ctx.GlobalString(BLSSignerCertFileFlag.Name),
 		Socket:                        ctx.GlobalString(SocketFlag.Name),
 		QuorumIDList:                  ids,
 		ChainRpcUrl:                   ctx.GlobalString(ChainRpcUrlFlag.Name),