sourcenetwork · nasdf · Oct 10, 2023 · Oct 6, 2023 · Oct 6, 2023 · Oct 10, 2023
diff --git a/cli/start.go b/cli/start.go
@@ -17,6 +17,7 @@ import (
 	"net/http"
 	"os"
 	"os/signal"
+	"path/filepath"
 	"strings"
 	"syscall"
 
@@ -239,12 +240,22 @@ func start(ctx context.Context, cfg *config.Config) (*defraInstance, error) {
 	// init the p2p node
 	var n *net.Node
 	if !cfg.Net.P2PDisabled {
-		log.FeedbackInfo(ctx, "Starting P2P node", logging.NewKV("P2P address", cfg.Net.P2PAddress))
-		n, err = net.NewNode(
-			ctx,
-			db,
+		nodeOpts := []net.NodeOpt{
 			net.WithConfig(cfg),
-		)
+		}
+		if cfg.Datastore.Store == badgerDatastoreName {
+			// It would be ideal to not have the key path tied to the datastore.
+			// Running with memory store mode will always generate a random key.
+			// Adding support for an ephemeral mode and moving the key to the
+			// config would solve both of these issues.
+			key, err := loadOrGeneratePrivateKey(filepath.Join(cfg.Rootdir, "data", "key"))
+			if err != nil {
+				return nil, err
+			}
+			nodeOpts = append(nodeOpts, net.WithPrivateKey(key))
+		}
+		log.FeedbackInfo(ctx, "Starting P2P node", logging.NewKV("P2P address", cfg.Net.P2PAddress))
+		n, err = net.NewNode(ctx, db, nodeOpts...)
 		if err != nil {
 			db.Close(ctx)
 			return nil, errors.Wrap("failed to start P2P node", err)

diff --git a/cli/utils.go b/cli/utils.go
@@ -13,7 +13,9 @@ package cli
 import (
 	"context"
 	"encoding/json"
+	"os"
 
+	"github.com/libp2p/go-libp2p/core/crypto"
 	"github.com/spf13/cobra"
 
 	"github.com/sourcenetwork/defradb/client"
@@ -105,6 +107,42 @@ func createConfig(cfg *config.Config) error {
 	return cfg.CreateRootDirAndConfigFile()
 }
 
+// loadOrGeneratePrivateKey loads the private key from the given path
+// or generates a new key and writes it to a file at the given path.
+func loadOrGeneratePrivateKey(path string) (crypto.PrivKey, error) {
+	key, err := loadPrivateKey(path)
+	if err == nil {
+		return key, nil
+	}
+	if os.IsNotExist(err) {
+		return generatePrivateKey(path)
+	}
+	return nil, err
+}
+
+// generatePrivateKey generates a new private key and writes it
+// to a file at the given path.
+func generatePrivateKey(path string) (crypto.PrivKey, error) {
+	key, _, err := crypto.GenerateKeyPair(crypto.Ed25519, 0)
+	if err != nil {
+		return nil, err
+	}
+	data, err := crypto.MarshalPrivateKey(key)
+	if err != nil {
+		return nil, err
+	}
+	return key, os.WriteFile(path, data, 0644)
+}
+
+// loadPrivateKey reads the private key from the file at the given path.
+func loadPrivateKey(path string) (crypto.PrivKey, error) {
+	data, err := os.ReadFile(path)
+	if err != nil {
+		return nil, err
+	}
+	return crypto.UnmarshalPrivateKey(data)
+}
+
 func writeJSON(cmd *cobra.Command, out any) error {
 	enc := json.NewEncoder(cmd.OutOrStdout())
 	enc.SetIndent("", "  ")

diff --git a/net/config.go b/net/config.go
@@ -16,6 +16,7 @@ import (
 	"time"
 
 	cconnmgr "github.com/libp2p/go-libp2p/core/connmgr"
+	"github.com/libp2p/go-libp2p/core/crypto"
 	"github.com/libp2p/go-libp2p/p2p/net/connmgr"
 	ma "github.com/multiformats/go-multiaddr"
 	"google.golang.org/grpc"
@@ -27,7 +28,7 @@ import (
 type Options struct {
 	ListenAddrs       []ma.Multiaddr
 	TCPAddr           ma.Multiaddr
-	DataPath          string
+	PrivateKey        crypto.PrivKey
 	EnablePubSub      bool
 	EnableRelay       bool
 	GRPCServerOptions []grpc.ServerOption
@@ -74,7 +75,6 @@ func WithConfig(cfg *config.Config) NodeOpt {
 		}
 		opt.EnableRelay = cfg.Net.RelayEnabled
 		opt.EnablePubSub = cfg.Net.PubSubEnabled
-		opt.DataPath = cfg.Datastore.Badger.Path
 		opt.ConnManager, err = NewConnManager(100, 400, time.Second*20)
 		if err != nil {
 			return err
@@ -83,10 +83,10 @@ func WithConfig(cfg *config.Config) NodeOpt {
 	}
 }
 
-// DataPath sets the data path.
-func WithDataPath(path string) NodeOpt {
+// WithPrivateKey sets the p2p host private key.
+func WithPrivateKey(priv crypto.PrivKey) NodeOpt {
 	return func(opt *Options) error {
-		opt.DataPath = path
+		opt.PrivateKey = priv
 		return nil
 	}
 }

diff --git a/net/config_test.go b/net/config_test.go
@@ -14,6 +14,7 @@ import (
 	"testing"
 	"time"
 
+	"github.com/libp2p/go-libp2p/core/crypto"
 	ma "github.com/multiformats/go-multiaddr"
 	"github.com/stretchr/testify/require"
 
@@ -65,12 +66,14 @@ func TestWithConfigWitTCPAddressError(t *testing.T) {
 	require.Contains(t, err.Error(), "failed to parse multiaddr")
 }
 
-func TestWithDataPath(t *testing.T) {
-	path := "test/path"
-	opt, err := NewMergedOptions(WithDataPath(path))
+func TestWithPrivateKey(t *testing.T) {
+	key, _, err := crypto.GenerateKeyPair(crypto.Ed25519, 0)
+	require.NoError(t, err)
+
+	opt, err := NewMergedOptions(WithPrivateKey(key))
 	require.NoError(t, err)
 	require.NotNil(t, opt)
-	require.Equal(t, path, opt.DataPath)
+	require.Equal(t, key, opt.PrivateKey)
 }
 
 func TestWithPubSub(t *testing.T) {

diff --git a/net/dialer_test.go b/net/dialer_test.go
@@ -27,16 +27,12 @@ func TestDial_WithConnectedPeer_NoError(t *testing.T) {
 		ctx,
 		db,
 		WithListenP2PAddrStrings("/ip4/0.0.0.0/tcp/0"),
-		// WithDataPath() is a required option with the current implementation of key management
-		WithDataPath(t.TempDir()),
 	)
 	assert.NoError(t, err)
 	n2, err := NewNode(
 		ctx,
 		db,
 		WithListenP2PAddrStrings("/ip4/0.0.0.0/tcp/0"),
-		// WithDataPath() is a required option with the current implementation of key management
-		WithDataPath(t.TempDir()),
 	)
 	assert.NoError(t, err)
 	addrs, err := netutils.ParsePeers([]string{n1.host.Addrs()[0].String() + "/p2p/" + n1.PeerID().String()})
@@ -55,16 +51,12 @@ func TestDial_WithConnectedPeerAndSecondConnection_NoError(t *testing.T) {
 		ctx,
 		db,
 		WithListenP2PAddrStrings("/ip4/0.0.0.0/tcp/0"),
-		// WithDataPath() is a required option with the current implementation of key management
-		WithDataPath(t.TempDir()),
 	)
 	assert.NoError(t, err)
 	n2, err := NewNode(
 		ctx,
 		db,
 		WithListenP2PAddrStrings("/ip4/0.0.0.0/tcp/0"),
-		// WithDataPath() is a required option with the current implementation of key management
-		WithDataPath(t.TempDir()),
 	)
 	assert.NoError(t, err)
 	addrs, err := netutils.ParsePeers([]string{n1.host.Addrs()[0].String() + "/p2p/" + n1.PeerID().String()})
@@ -86,16 +78,12 @@ func TestDial_WithConnectedPeerAndSecondConnectionWithConnectionShutdown_Closing
 		ctx,
 		db,
 		WithListenP2PAddrStrings("/ip4/0.0.0.0/tcp/0"),
-		// WithDataPath() is a required option with the current implementation of key management
-		WithDataPath(t.TempDir()),
 	)
 	assert.NoError(t, err)
 	n2, err := NewNode(
 		ctx,
 		db,
 		WithListenP2PAddrStrings("/ip4/0.0.0.0/tcp/0"),
-		// WithDataPath() is a required option with the current implementation of key management
-		WithDataPath(t.TempDir()),
 	)
 	assert.NoError(t, err)
 	addrs, err := netutils.ParsePeers([]string{n1.host.Addrs()[0].String() + "/p2p/" + n1.PeerID().String()})

diff --git a/net/node.go b/net/node.go
@@ -19,8 +19,6 @@ package net
 import (
 	"context"
 	"fmt"
-	"os"
-	"path/filepath"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -96,17 +94,21 @@ func NewNode(
 	}
 	fin.Add(peerstore)
 
-	hostKey, err := getHostKey(options.DataPath)
-	if err != nil {
-		return nil, fin.Cleanup(err)
+	if options.PrivateKey == nil {
+		// generate an ephemeral private key
+		key, _, err := crypto.GenerateKeyPair(crypto.Ed25519, 0)
+		if err != nil {
+			return nil, fin.Cleanup(err)
+		}
+		options.PrivateKey = key
 	}
 
 	var ddht *dualdht.DHT
 
 	libp2pOpts := []libp2p.Option{
 		libp2p.ConnectionManager(options.ConnManager),
 		libp2p.DefaultTransports,
-		libp2p.Identity(hostKey),
+		libp2p.Identity(options.PrivateKey),
 		libp2p.ListenAddrs(options.ListenAddrs...),
 		libp2p.Peerstore(peerstore),
 		libp2p.Routing(func(h host.Host) (routing.PeerRouting, error) {
@@ -381,46 +383,6 @@ func (n *Node) WaitForPushLogFromPeerEvent(id peer.ID) error {
 	}
 }
 
-// replace with proper keystore
-func getHostKey(keypath string) (crypto.PrivKey, error) {
-	// If a local datastore is used, the key is written to a file
-	pth := filepath.Join(keypath, "key")
-	_, err := os.Stat(pth)
-	if os.IsNotExist(err) {
-		key, bytes, err := newHostKey()
-		if err != nil {
-			return nil, err
-		}
-		if err := os.MkdirAll(keypath, os.ModePerm); err != nil {
-			return nil, err
-		}
-		if err = os.WriteFile(pth, bytes, 0400); err != nil {
-			return nil, err
-		}
-		return key, nil
-	} else if err != nil {
-		return nil, err
-	} else {
-		bytes, err := os.ReadFile(pth)
-		if err != nil {
-			return nil, err
-		}
-		return crypto.UnmarshalPrivateKey(bytes)
-	}
-}
-
-func newHostKey() (crypto.PrivKey, []byte, error) {
-	priv, _, err := crypto.GenerateKeyPair(crypto.Ed25519, 0)
-	if err != nil {
-		return nil, nil, err
-	}
-	key, err := crypto.MarshalPrivateKey(priv)
-	if err != nil {
-		return nil, nil, err
-	}
-	return priv, key, nil
-}
-
 func newDHT(ctx context.Context, h host.Host, dsb ds.Batching) (*dualdht.DHT, error) {
 	dhtOpts := []dualdht.Option{
 		dualdht.DHTOption(dht.NamespacedValidator("pk", record.PublicKeyValidator{})),