Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Keybase: Multiple Signature Algorithms #5439

Merged
merged 31 commits into from
Jan 14, 2020
Merged

Conversation

sunnya97
Copy link
Member

@sunnya97 sunnya97 commented Dec 20, 2019

Description

This PR further modularizes the work started by @austinabell in #4941, in order to allow multiple signature algorithms to be supported by the same keybase. Required by #4789.


For contributor use:

  • Targeted PR against correct branch (see CONTRIBUTING.md)
  • Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
  • Code follows the module structure standards.
  • Wrote unit and integration tests
  • Updated relevant documentation (docs/) or specification (x/<module>/spec/)
  • Added relevant godoc comments.
  • Added a relevant changelog entry to the Unreleased section in CHANGELOG.md
  • Re-reviewed Files changed in the Github PR explorer

For admin use:

  • Added appropriate labels to PR (ex. WIP, R4R, docs, etc)
  • Reviewers assigned
  • Squashed all commits, uses message "Merge pull request #XYZ: [title]" (coding standards)

@sunnya97 sunnya97 added R4R C:Keys Keybase, KMS and HSMs labels Dec 20, 2019
@sunnya97 sunnya97 added WIP and removed R4R labels Dec 20, 2019
client/keys/import.go Outdated Show resolved Hide resolved
client/keys/add.go Outdated Show resolved Hide resolved
@sunnya97 sunnya97 added R4R and removed WIP labels Dec 20, 2019
Copy link
Contributor

@alessio alessio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It all makes sense and looks good. I'd just like to see two things being taken care of:

  • Coverage
  • CHANGELOG entry cause multiple API breaking changes are introduced

CHANGELOG.md Outdated Show resolved Hide resolved
Copy link
Collaborator

@fedekunze fedekunze left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @sunnya97. A lot of errors are not being checked. Also, the provided hdPath is not validated.

Nit, I personally don't like the term algo as it means "something" in Spanish. Better use the full word algorithm.

client/keys/import.go Outdated Show resolved Hide resolved
client/keys/list_test.go Show resolved Hide resolved
client/keys/show_test.go Show resolved Hide resolved
x/auth/ante/sigverify.go Show resolved Hide resolved
crypto/keys/mintkey/mintkey.go Outdated Show resolved Hide resolved
CHANGELOG.md Outdated Show resolved Hide resolved
crypto/keys/mintkey/mintkey.go Outdated Show resolved Hide resolved
crypto/keys/keybase_base.go Show resolved Hide resolved
crypto/keys/keybase_base.go Show resolved Hide resolved
crypto/keys/keybase_base.go Outdated Show resolved Hide resolved
@sunnya97
Copy link
Member Author

sunnya97 commented Jan 3, 2020

There was already a type called SigningAlgo being used in the keybase, so I kept with that terminology. Do you think it's worth going through and changing it everywhere? Algorithm is too wordy imo

Copy link
Collaborator

@fedekunze fedekunze left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK. Will wait for @bez and @AdityaSripal review too before merging

crypto/keys/keybase_base.go Show resolved Hide resolved
@sunnya97 sunnya97 requested review from AdityaSripal and removed request for jackzampolin and rigelrozanski January 7, 2020 01:38
@sunnya97 sunnya97 requested a review from jackzampolin as a code owner January 9, 2020 05:19
Copy link
Contributor

@alexanderbez alexanderbez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look fine. I left some feedback, mainly questions 👍

@@ -112,6 +116,14 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keys.Keybase, inBuf *bufio.
interactive := viper.GetBool(flagInteractive)
showMnemonic := !viper.GetBool(flagNoBackup)

algo := keys.SigningAlgo(viper.GetString(flagKeyAlgo))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Secp256k1 is already the default. Why manually do this?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Setting Secp256k1 as the default wasn't working for me, something weird with cobra.

func baseSecpPrivKeyGen(bz [32]byte) tmcrypto.PrivKey {
return secp256k1.PrivKeySecp256k1(bz)
// StdPrivKeyGen generates a secp256k1 private key from the given bytes
func StdPrivKeyGen(bz []byte, algo SigningAlgo) tmcrypto.PrivKey {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems...hacky. Why do we need this? For testing purposes only? The method name is not indicative of it only supporting secp256k1 keys. Can we at least expand it to support all other known key types too?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, by default, I think we only want to support secp256k1, as that's what the current x/auth module in the Cosmos SDK does. But I agree, it's probably a good ideas to add SecpPrivKeyGen as separate function, and have StdPrivKeyGen use it. That was when we add other keys as the Std defaults, we just add them to the Std function.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But I agree, it's probably a good idea to add SecpPrivKeyGen as a separate function, and have StdPrivKeyGen use it. That was when we add other keys as the Std defaults, we just add them to the Std function.

I see you've already done this! Nice. But I see no harm in supporting all the algos here. Also, we should return an error if the provided algo is not supported or recognized, so the caller doesn't blindly receive nil in such a case.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we not want the standard default to be only supporting secp keys?

masterPriv, ch := hd.ComputeMastersFromSeed(seed)
return hd.DerivePrivateKeyForPath(masterPriv, ch, fullHdPath)
// StdDeriveKey derives and returns the secp256k1 private key for the given seed and HD path.
func StdDeriveKey(mnemonic string, bip39Passphrase, hdPath string, algo SigningAlgo) ([]byte, error) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same comment as StdPrivKeyGen. I'd recommend updating the godoc to be more general and support all known key types. There isn't even an error returned if the algo isn't SECP256K1.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See above.

crypto/keys/lazy_keybase.go Outdated Show resolved Hide resolved
crypto/keys/mintkey/mintkey.go Show resolved Hide resolved
crypto/keys/mintkey/mintkey.go Outdated Show resolved Hide resolved
crypto/keys/mintkey/mintkey.go Outdated Show resolved Hide resolved
crypto/keys/mintkey/mintkey.go Outdated Show resolved Hide resolved
func baseSecpPrivKeyGen(bz [32]byte) tmcrypto.PrivKey {
return secp256k1.PrivKeySecp256k1(bz)
// StdPrivKeyGen generates a secp256k1 private key from the given bytes
func StdPrivKeyGen(bz []byte, algo SigningAlgo) tmcrypto.PrivKey {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But I agree, it's probably a good idea to add SecpPrivKeyGen as a separate function, and have StdPrivKeyGen use it. That was when we add other keys as the Std defaults, we just add them to the Std function.

I see you've already done this! Nice. But I see no harm in supporting all the algos here. Also, we should return an error if the provided algo is not supported or recognized, so the caller doesn't blindly receive nil in such a case.

masterPriv, ch := hd.ComputeMastersFromSeed(seed)
return hd.DerivePrivateKeyForPath(masterPriv, ch, fullHdPath)
// StdDeriveKey derives and returns the secp256k1 private key for the given seed and HD path.
func StdDeriveKey(mnemonic string, bip39Passphrase, hdPath string, algo SigningAlgo) ([]byte, error) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See above.

crypto/keys/mintkey/mintkey.go Show resolved Hide resolved
@alexanderbez alexanderbez added the T: API Breaking Breaking changes that impact APIs and the SDK only (not state machine). label Jan 13, 2020
Copy link
Contributor

@alexanderbez alexanderbez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes break keys stored in the current master version of keybase requiring a keymigration. But being how we have yet to release v0.38 and users will have to migrate anyway, this may be moot.

Can you please confirm @alessio that users have to migrate all keys in their local keybase with the advent of v0.38 release?

@alessio
Copy link
Contributor

alessio commented Jan 14, 2020 via email

Copy link
Contributor

@alexanderbez alexanderbez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

testedACK

@alexanderbez alexanderbez merged commit f367087 into master Jan 14, 2020
@alexanderbez alexanderbez deleted the keybase_multi_algo branch January 14, 2020 15:40
@codecov
Copy link

codecov bot commented Jan 14, 2020

Codecov Report

Merging #5439 into master will increase coverage by 0.01%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #5439      +/-   ##
==========================================
+ Coverage   54.35%   54.36%   +0.01%     
==========================================
  Files         313      313              
  Lines       18908    18908              
==========================================
+ Hits        10277    10279       +2     
+ Misses       7844     7842       -2     
  Partials      787      787
Impacted Files Coverage Δ
x/mock/app.go 64.18% <0%> (+1.35%) ⬆️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
C:Keys Keybase, KMS and HSMs T: API Breaking Breaking changes that impact APIs and the SDK only (not state machine).
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants