Set the node first public key in the auth keys

Because node can change keys when they are restarting based on their unavailability time, we have to base the shared secrets on the node's first public key
archethic-foundation · May 17, 2022 · a874ade · a874ade
1 parent c5a0ff0
commit a874ade
Show file tree

Hide file tree

Showing 6 changed files with 13 additions and 9 deletions.
diff --git a/lib/archethic/crypto.ex b/lib/archethic/crypto.ex
@@ -1034,8 +1034,10 @@ defmodule Archethic.Crypto do
       transaction_type: :node_shared_secrets
     )
 
-    if Ownership.authorized_public_key?(ownership, last_node_public_key()) do
-      encrypted_secret_key = Ownership.get_encrypted_key(ownership, last_node_public_key())
+    node_public_key = first_node_public_key()
+
+    if Ownership.authorized_public_key?(ownership, node_public_key) do
+      encrypted_secret_key = Ownership.get_encrypted_key(ownership, node_public_key)
 
       daily_nonce_date = SharedSecrets.next_application_date(timestamp)
 

diff --git a/lib/archethic/crypto/keystore/shared_secrets/software_impl.ex b/lib/archethic/crypto/keystore/shared_secrets/software_impl.ex
@@ -79,8 +79,10 @@ defmodule Archethic.Crypto.SharedSecretsKeystore.SoftwareImpl do
         validation_stamp: [:timestamp]
       ])
 
-    if Ownership.authorized_public_key?(ownership, Crypto.last_node_public_key()) do
-      encrypted_secret_key = Ownership.get_encrypted_key(ownership, Crypto.last_node_public_key())
+    node_public_key = Crypto.first_node_public_key()
+
+    if Ownership.authorized_public_key?(ownership, node_public_key) do
+      encrypted_secret_key = Ownership.get_encrypted_key(ownership, node_public_key)
 
       daily_nonce_date = SharedSecrets.next_application_date(timestamp)
 
@@ -210,7 +212,7 @@ defmodule Archethic.Crypto.SharedSecretsKeystore.SoftwareImpl do
     <<enc_daily_nonce_seed::binary-size(60), enc_transaction_seed::binary-size(60),
       enc_network_pool_seed::binary-size(60)>> = encrypted_secrets
 
-    with {:ok, aes_key} <- Crypto.ec_decrypt_with_last_node_key(encrypted_aes_key),
+    with {:ok, aes_key} <- Crypto.ec_decrypt_with_first_node_key(encrypted_aes_key),
          {:ok, daily_nonce_seed} <- Crypto.aes_decrypt(enc_daily_nonce_seed, aes_key),
          {:ok, transaction_seed} <- Crypto.aes_decrypt(enc_transaction_seed, aes_key),
          {:ok, network_pool_seed} <- Crypto.aes_decrypt(enc_network_pool_seed, aes_key) do

diff --git a/lib/archethic/shared_secrets/node_renewal.ex b/lib/archethic/shared_secrets/node_renewal.ex
@@ -51,7 +51,7 @@ defmodule Archethic.SharedSecrets.NodeRenewal do
   def next_authorized_node_public_keys do
     DB.get_latest_tps()
     |> Election.next_authorized_nodes(candidates(), P2P.authorized_nodes())
-    |> Enum.map(& &1.last_public_key)
+    |> Enum.map(& &1.first_public_key)
   end
 
   @doc """

diff --git a/test/archethic/bootstrap/sync_test.exs b/test/archethic/bootstrap/sync_test.exs
@@ -238,7 +238,7 @@ defmodule Archethic.Bootstrap.SyncTest do
         <<enc_daily_nonce_seed::binary-size(60), _enc_transaction_seed::binary-size(60),
           _enc_network_pool_seed::binary-size(60)>> = encrypted_secrets
 
-        {:ok, aes_key} = Crypto.ec_decrypt_with_last_node_key(encrypted_secret_key)
+        {:ok, aes_key} = Crypto.ec_decrypt_with_first_node_key(encrypted_secret_key)
         {:ok, daily_nonce_seed} = Crypto.aes_decrypt(enc_daily_nonce_seed, aes_key)
         daily_nonce_keypair = Crypto.generate_deterministic_keypair(daily_nonce_seed)
 

diff --git a/test/archethic/bootstrap_test.exs b/test/archethic/bootstrap_test.exs
@@ -88,7 +88,7 @@ defmodule Archethic.BootstrapTest do
         <<enc_daily_nonce_seed::binary-size(60), _enc_transaction_seed::binary-size(60),
           _enc_network_pool_seed::binary-size(60)>> = encrypted_secrets
 
-        {:ok, aes_key} = Crypto.ec_decrypt_with_last_node_key(encrypted_secret_key)
+        {:ok, aes_key} = Crypto.ec_decrypt_with_first_node_key(encrypted_secret_key)
         {:ok, daily_nonce_seed} = Crypto.aes_decrypt(enc_daily_nonce_seed, aes_key)
         daily_nonce_keypair = Crypto.generate_deterministic_keypair(daily_nonce_seed)
 

diff --git a/test/archethic/shared_secrets/node_renewal_test.exs b/test/archethic/shared_secrets/node_renewal_test.exs
@@ -33,7 +33,7 @@ defmodule Archethic.SharedSecrets.NodeRenewalTest do
         aes_key
       )
 
-    assert Ownership.authorized_public_key?(ownership, Crypto.last_node_public_key())
+    assert Ownership.authorized_public_key?(ownership, Crypto.first_node_public_key())
 
     assert {:ok, _, _} = NodeRenewal.decode_transaction_content(content)
   end
-Original file line number
+Diff line change
@@ Expand Up / @@ -33,7 +33,7 @@ defmodule Archethic.SharedSecrets.NodeRenewalTest do @@
             aes_key
           )
-        assert Ownership.authorized_public_key?(ownership, Crypto.last_node_public_key())
+        assert Ownership.authorized_public_key?(ownership, Crypto.first_node_public_key())
         assert {:ok, _, _} = NodeRenewal.decode_transaction_content(content)
       end
@@ Expand Down @@