From 6bd9746f2f827acc54124ca4a28ba54412d0ccdc Mon Sep 17 00:00:00 2001 From: Madhur Shrimal Date: Wed, 8 Jan 2025 14:48:32 -0800 Subject: [PATCH] add bls signer to plugin --- node/operator.go | 4 +-- node/plugin/cmd/main.go | 60 ++++++++++++++++++++++++++++++----------- node/plugin/config.go | 26 ++++++++++++++++++ 3 files changed, 73 insertions(+), 17 deletions(-) diff --git a/node/operator.go b/node/operator.go index fe2f0d6683..9a1e3d99bc 100644 --- a/node/operator.go +++ b/node/operator.go @@ -100,7 +100,7 @@ func RegisterOperator(ctx context.Context, operator *Operator, transactor core.W // DeregisterOperator deregisters the operator with the given public key from the specified quorums that it is registered with at the supplied block number. // If the operator isn't registered with any of the specified quorums, this function will return error, and no quorum will be deregistered. -func DeregisterOperator(ctx context.Context, operator *Operator, KeyPair *core.KeyPair, transactor core.Writer) error { +func DeregisterOperator(ctx context.Context, operator *Operator, pubKeyG1 *core.G1Point, transactor core.Writer) error { if len(operator.QuorumIDs) > 1+core.MaxQuorumID { return fmt.Errorf("cannot provide more than %d quorums", 1+core.MaxQuorumID) } @@ -108,7 +108,7 @@ func DeregisterOperator(ctx context.Context, operator *Operator, KeyPair *core.K if err != nil { return fmt.Errorf("failed to get current block number: %w", err) } - return transactor.DeregisterOperator(ctx, KeyPair.GetPubKeyG1(), blockNumber, operator.QuorumIDs) + return transactor.DeregisterOperator(ctx, pubKeyG1, blockNumber, operator.QuorumIDs) } // UpdateOperatorSocket updates the socket for the given operator diff --git a/node/plugin/cmd/main.go b/node/plugin/cmd/main.go index da7508f6a3..adb1a25e7f 100644 --- a/node/plugin/cmd/main.go +++ b/node/plugin/cmd/main.go @@ -2,6 +2,7 @@ package main import ( "context" + "encoding/hex" "log" "os" "strings" @@ -14,7 +15,8 @@ import ( "github.com/Layr-Labs/eigenda/core/eth" "github.com/Layr-Labs/eigenda/node" "github.com/Layr-Labs/eigenda/node/plugin" - "github.com/Layr-Labs/eigensdk-go/crypto/bls" + sdkSigner "github.com/Layr-Labs/eigensdk-go/signer/bls" + sdkSignerTypes "github.com/Layr-Labs/eigensdk-go/signer/bls/types" gethcommon "github.com/ethereum/go-ethereum/common" "github.com/urfave/cli" ) @@ -35,6 +37,9 @@ func main() { plugin.ChurnerUrlFlag, plugin.NumConfirmationsFlag, plugin.PubIPProviderFlag, + plugin.BLSRemoteSignerUrlFlag, + plugin.BLSPublicKeyHexFlag, + plugin.BLSSignerCertFileFlag, } app.Name = "eigenda-node-plugin" app.Usage = "EigenDA Node Plugin" @@ -54,22 +59,47 @@ func pluginOps(ctx *cli.Context) { } log.Printf("Info: plugin configs and flags parsed") - kp, err := bls.ReadPrivateKeyFromFile(config.BlsKeyFile, config.BlsKeyPassword) + signerCfg := sdkSignerTypes.SignerConfig{ + PublicKeyHex: config.BLSPublicKeyHex, + CerberusUrl: config.BLSRemoteSignerUrl, + CerberusPassword: config.BlsKeyPassword, + TLSCertFilePath: config.BLSSignerCertFile, + Path: config.BLSSignerCertFile, + Password: config.BlsKeyPassword, + } + if config.BLSRemoteSignerUrl != "" { + signerCfg.SignerType = sdkSignerTypes.Cerberus + } else { + signerCfg.SignerType = sdkSignerTypes.Local + } + signer, err := sdkSigner.NewSigner(signerCfg) if err != nil { - log.Printf("Error: failed to read or decrypt the BLS private key: %v", err) + log.Printf("Error: failed to create BLS signer: %v", err) return } - g1point := &core.G1Point{ - G1Affine: kp.PubKey.G1Affine, + + opID, err := signer.GetOperatorId() + if err != nil { + log.Printf("Error: failed to get operator ID: %v", err) + return } - keyPair := &core.KeyPair{ - PrivKey: kp.PrivKey, - PubKey: g1point, + operatorID, err := core.OperatorIDFromHex(opID) + if err != nil { + log.Printf("Error: failed to convert operator ID: %v", err) + return + } + pubKeyG1Hex := signer.GetPublicKeyG1() + pubKeyG1, err := hex.DecodeString(pubKeyG1Hex) + if err != nil { + log.Printf("Error: failed to decode public key G1: %v", err) + return + } + pubKeyG1Point := new(core.G1Point) + pubKeyG1Point, err = pubKeyG1Point.Deserialize(pubKeyG1) + if err != nil { + log.Printf("Error: failed to deserialize public key G1: %v", err) + return } - log.Printf("Info: Bls key read and decrypted from %s", config.BlsKeyFile) - - // TODO(madhur): use sdkSigner - operatorID := keyPair.GetPubKeyG1().GetOperatorID() sk, privateKey, err := plugin.GetECDSAPrivateKey(config.EcdsaKeyFile, config.EcdsaKeyPassword) if err != nil { @@ -124,8 +154,8 @@ func pluginOps(ctx *cli.Context) { Socket: socket, Timeout: 10 * time.Second, PrivKey: sk.PrivateKey, - KeyPair: keyPair, - OperatorId: keyPair.GetPubKeyG1().GetOperatorID(), + Signer: signer, + OperatorId: operatorID, QuorumIDs: config.QuorumIDList, RegisterNodeAtStart: false, } @@ -140,7 +170,7 @@ func pluginOps(ctx *cli.Context) { log.Printf("Info: successfully opt-in the EigenDA, for operator ID: %x, operator address: %x, socket: %s, and quorums: %v", operatorID, sk.Address, config.Socket, config.QuorumIDList) } else if config.Operation == plugin.OperationOptOut { log.Printf("Info: Operator with Operator Address: %x and OperatorID: %x is opting out of EigenDA", sk.Address, operatorID) - err = node.DeregisterOperator(context.Background(), operator, keyPair, tx) + err = node.DeregisterOperator(context.Background(), operator, pubKeyG1Point, tx) if err != nil { log.Printf("Error: failed to opt-out EigenDA Node Network for operator ID: %x, operator address: %x, quorums: %v, error: %v", operatorID, sk.Address, config.QuorumIDList, err) return diff --git a/node/plugin/config.go b/node/plugin/config.go index 6d7ee2af5a..e97cbdaeb2 100644 --- a/node/plugin/config.go +++ b/node/plugin/config.go @@ -63,6 +63,26 @@ var ( Usage: "Password to decrypt the bls key", EnvVar: common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_KEY_PASSWORD"), } + BLSRemoteSignerUrlFlag = cli.StringFlag{ + Name: "bls-remote-signer-url", + Usage: "The URL of the BLS remote signer", + Required: false, + EnvVar: common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_REMOTE_SIGNER_URL"), + } + + BLSPublicKeyHexFlag = cli.StringFlag{ + Name: "bls-public-key-hex", + Usage: "The hex-encoded public key of the BLS signer", + Required: false, + EnvVar: common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_PUBLIC_KEY_HEX"), + } + + BLSSignerCertFileFlag = cli.StringFlag{ + Name: "bls-signer-cert-file", + Usage: "The path to the BLS signer certificate file", + Required: false, + EnvVar: common.PrefixEnvVar(flags.EnvVarPrefix, "BLS_SIGNER_CERT_FILE"), + } // The socket and the quorums to register. SocketFlag = cli.StringFlag{ @@ -119,6 +139,9 @@ type Config struct { BlsKeyFile string EcdsaKeyPassword string BlsKeyPassword string + BLSRemoteSignerUrl string + BLSPublicKeyHex string + BLSSignerCertFile string Socket string QuorumIDList []core.QuorumID ChainRpcUrl string @@ -157,6 +180,9 @@ func NewConfig(ctx *cli.Context) (*Config, error) { BlsKeyPassword: ctx.GlobalString(BlsKeyPasswordFlag.Name), EcdsaKeyFile: ctx.GlobalString(EcdsaKeyFileFlag.Name), BlsKeyFile: ctx.GlobalString(BlsKeyFileFlag.Name), + BLSRemoteSignerUrl: ctx.GlobalString(BLSRemoteSignerUrlFlag.Name), + BLSPublicKeyHex: ctx.GlobalString(BLSPublicKeyHexFlag.Name), + BLSSignerCertFile: ctx.GlobalString(BLSSignerCertFileFlag.Name), Socket: ctx.GlobalString(SocketFlag.Name), QuorumIDList: ids, ChainRpcUrl: ctx.GlobalString(ChainRpcUrlFlag.Name),