8000 Add account subcommands for BLS key handling by blukat29 · Pull Request #1951 · klaytn/klaytn · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
This repository was archived by the owner on Aug 19, 2024. It is now read-only.

Add account subcommands for BLS key handling #1951

Merged
merged 8 commits into from
Sep 8, 2023
Merged

Add account subcommands for BLS key handling #1951

merged 8 commits into from
Sep 8, 2023

Conversation

blukat29
Copy link
Contributor
@blukat29 blukat29 commented Sep 3, 2023
edited
Loading

Proposed changes

3 new subcommands under ken account, preparing for KIP-113 BLS public key registry and KIP-114 signature based random. These new command will be primarily used by the Consensus Node (CN) operators.

Expected use

CN operators can prepare their BLS private keys in one of the two methods.

  1. Derive from existing ECDSA key (nodekey). The operator simply has to submit the BLS public key info to KIP-113 registy. The public key info can be obtained via ken account bls-info --nodekey <nodekey> command.
  2. Generate and import independent BLS key. The operator can choose to use external tools such as staking-deposit-cli to generate an independent BLS private key. The generated EIP-2335 keystore can be imported using the ken account bls-decrypt --bls-nodekeystore <json> > <blsnodekey> command. Then the operator shall submit the BLS public key info with ken account bls-info --bls-nodekey <blsnodekey> command.

New CLI flags

--bls-nodekey         file containing 32-byte BLS private key. Analogous to --nodekey
--bls-nodekeyhex      hex string of 32-byte BLS private key. Analogous to --nodekeyhex
--bls-nodekeystore    EIP-2335 keystore file

ken account bls-info

   Calculate BLS public key info (the public key and proof-of-possession)
   then prints to STDOUT.

   The input must be one of the following:

   (1) A 32-byte raw EC private key (--nodekey, --nodekeyhex)
       In this case the EC private key is first derived to a BLS private key,
       then the BLS public key info is calculated.
   (2) A 32-byte raw BLS private key (--bls-nodekey, --bls-nodekeyhex)
   (3) An encrypted BLS keystore JSON (--bls-nodekeystore)

   EXAMPLES

   # Print public key info of the BLS key derived from the EC nodekey
   kcn account bls-info --nodekey /var/kcnd/data/nodekey

   # Print public key info of the saved BLS key
   kcn account bls-info --bls-nodekey /var/kcnd/data/bls-nodekey

   # Print public key info of the BLS key inside EIP-2335 keystore
   kcn account bls-info --bls-nodekeystore blskey.json

ken account bls-decrypt

   Decrypt an EIP-2335 keystore JSON and prints the raw BLS private key to STDOUT.

   EXAMPLES

   # Import the BLS private key from an existing EIP-2335 keystore file
   kcn account bls-decrypt --bls-nodekeystore blskey.json --password pw.txt > /var/kcnd/data/bls-nodekey

ken account bls-encrypt

   Encrypt a BLS private key to an EIP-2335 keystore JSON and prints to STDOUT.

   The input must be one of the following:

   (1) A 32-byte raw EC private key (--nodekey, --nodekeyhex).
       In this case the EC private key is first derived to a BLS private key, then encrypted.
   (2) A 32-byte raw BLS private key (--bls-nodekey, --bls-nodekeyhex)

   EXAMPLES

   # Store a backup BLS private key as an EIP-2335 keystore file
   kcn account bls-encrypt --bls-nodekey /var/kcnd/data/bls-nodekey --password pw.txt > bls-keystore.json

   # Change the password of an EIP-2335 keystore
   kcn account bls-encrypt \
     --bls-nodekeyhex $(kcn account bls-decrypt --bls-nodekeystore blskey.json --password pw1.txt) \
     --password pw2.txt > blskey.json

Types of changes

  • Bugfix
  • New feature or enhancement
  • Others

Checklist

  • I have read the CONTRIBUTING GUIDELINES doc
  • I have signed the CLA
  • Lint and unit tests pass locally with my changes ($ make test)
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)
  • Any dependent changes have been merged and published in downstream modules

Related issues

Further comments

@blukat29 blukat29 self-assigned this Sep 3, 2023
hyunsooda
hyunsooda reviewed Sep 5, 2023
View reviewed changes
yoomee1313
yoomee1313 reviewed Sep 6, 2023
View reviewed changes
@blukat29 blukat29 merged commit 047b790 into klaytn:dev Sep 8, 2023
@blukat29 blukat29 deleted the cmd-account-bls branch September 11, 2023 07:03
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ian0371 ian0371 ian0371 approved these changes

@hyunsooda hyunsooda hyunsooda approved these changes

@yoomee1313 yoomee1313 yoomee1313 approved these changes

@hyeonLewis hyeonLewis hyeonLewis approved these changes

@2dvorak 2dvorak Awaiting requested review from 2dvorak 2dvorak is a code owner

@kjeom kjeom Awaiting requested review from kjeom

@JayChoi1736 JayChoi1736 Awaiting requested review from JayChoi1736 JayChoi1736 is a code owner

@aidan-kwon aidan-kwon Awaiting requested review from aidan-kwon aidan-kwon is a code owner

Assignees

@blukat29 blukat29

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@blukat29 @ian0371 @hyunsooda @yoomee1313 @hyeonLewis
0