-
Notifications
You must be signed in to change notification settings - Fork 711
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
frame-session: Introduce a proper proof of key ownership #1739
base: master
Are you sure you want to change the base?
Conversation
bot fmt |
@bkchr https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/3833889 was started for your command Comment |
@bkchr Command |
Scrape that, we need a new RPC for this. |
This is mostly in the Polkadot wiki, I will ping the w3f folks and also setup a system where they can listen to mentioned of this |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good
} | ||
|
||
impl_opaque_keys! { | ||
/// Some comment |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comment?
/// The `owner` should be something that can be used on chain for verifying the ownership of the | ||
/// generated keys using the returned `proof`. For example `owner` could be set to the account | ||
/// id of the account registering the returned public session keys. The actual data to pass for | ||
/// `owner` depends on the runtime logic verifying the `proof`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we can add an example here?
Something like: "For example, "session pallet" set_keys
requires owner
to be the account used to sign the extrinsic."
fn generate_session_keys(seed: Option<Vec<u8>>) -> Vec<u8> { | ||
SessionKeys::generate(seed) | ||
fn generate_session_keys(_: Vec<u8>, _: Option<Vec<u8>>) -> sp_session::OpaqueGeneratedSessionKeys { | ||
sp_session::OpaqueGeneratedSessionKeys { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpick. Makes sense to implement Default
for OpaqueGeneratedSessionKeys
? I see a couple of use cases around
The CI pipeline was cancelled due to failure one of the required jobs. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Logic looks good to me! 👍
This is a very important work and I'm not sure if my comment should be considered after its merger for future improvement or not.
In that regard, it seems that the correct way of implementing the macro is perhaps to implement the proof of possession generation and verification inside each crypto module and then call that function instead of generic sign and verify and perhaps call generic sign and verify inside that function for all key types except for BLS.
|
frame_session::set_keys
supports providing aproof
as second parameter. Thisproof
was not yet checked. This pull request introduces a verification of this proof and also a way of generating thisproof
. Theproof
in FRAME are concatenatedSignatures
. TheseSignatures
are in the same order as the public keys in theSessionKeys
struct. Each signature is signing theowner
, proofing that the generating party has access over the private key associated to the public session key. Theowner
in FRAME is the account id of the account that will callset_keys
, aka the account of thevalidator
.This pull request is changing the
SessionKeys
runtime api. This still requires a RFC, as this is a public interface of the Polkadot runtime.@jacogr polkadot-js should provide a way to use the runtime api directly to generate the sessions keys.
@paritytech/docs-audit this will require updates of the validator documentation to tell them what to pass for
owner
and that they need to passproof
toset_keys
.