Skip to content

Commit

Permalink
feat(node): support execution without ecdsa key (#438)
Browse files Browse the repository at this point in the history
  • Loading branch information
jeffhubCB authored Apr 4, 2024
1 parent 228eccb commit de976d1
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 16 deletions.
37 changes: 25 additions & 12 deletions node/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -101,19 +101,32 @@ func NewConfig(ctx *cli.Context) (*Config, error) {

testMode := ctx.GlobalBool(flags.EnableTestModeFlag.Name)

// Decrypt ECDSA key
// Configuration options that require the Node Operator ECDSA key at runtime
registerNodeAtStart := ctx.GlobalBool(flags.RegisterAtNodeStartFlag.Name)
pubIPCheckInterval := ctx.GlobalDuration(flags.PubIPCheckIntervalFlag.Name)
needECDSAKey := registerNodeAtStart || pubIPCheckInterval > 0
if registerNodeAtStart && (ctx.GlobalString(flags.EcdsaKeyFileFlag.Name) == "" || ctx.GlobalString(flags.EcdsaKeyPasswordFlag.Name) == "") {
return nil, fmt.Errorf("%s and %s are required if %s is enabled", flags.EcdsaKeyFileFlag.Name, flags.EcdsaKeyPasswordFlag.Name, flags.RegisterAtNodeStartFlag.Name)
}
if pubIPCheckInterval > 0 && (ctx.GlobalString(flags.EcdsaKeyFileFlag.Name) == "" || ctx.GlobalString(flags.EcdsaKeyPasswordFlag.Name) == "") {
return nil, fmt.Errorf("%s and %s are required if %s is > 0", flags.EcdsaKeyFileFlag.Name, flags.EcdsaKeyPasswordFlag.Name, flags.PubIPCheckIntervalFlag.Name)
}

var ethClientConfig geth.EthClientConfig
if !testMode {
keyContents, err := os.ReadFile(ctx.GlobalString(flags.EcdsaKeyFileFlag.Name))
if err != nil {
return nil, fmt.Errorf("could not read ECDSA key file: %v", err)
}
sk, err := keystore.DecryptKey(keyContents, ctx.GlobalString(flags.EcdsaKeyPasswordFlag.Name))
if err != nil {
return nil, fmt.Errorf("could not decrypt the ECDSA file: %s", ctx.GlobalString(flags.EcdsaKeyFileFlag.Name))
}
ethClientConfig = geth.ReadEthClientConfigRPCOnly(ctx)
ethClientConfig.PrivateKeyString = fmt.Sprintf("%x", crypto.FromECDSA(sk.PrivateKey))
if needECDSAKey {
// Decrypt ECDSA key
keyContents, err := os.ReadFile(ctx.GlobalString(flags.EcdsaKeyFileFlag.Name))
if err != nil {
return nil, fmt.Errorf("could not read ECDSA key file: %v", err)
}
sk, err := keystore.DecryptKey(keyContents, ctx.GlobalString(flags.EcdsaKeyPasswordFlag.Name))
if err != nil {
return nil, fmt.Errorf("could not decrypt the ECDSA file: %s", ctx.GlobalString(flags.EcdsaKeyFileFlag.Name))
}
ethClientConfig.PrivateKeyString = fmt.Sprintf("%x", crypto.FromECDSA(sk.PrivateKey))
}
} else {
ethClientConfig = geth.ReadEthClientConfig(ctx)
}
Expand Down Expand Up @@ -155,7 +168,7 @@ func NewConfig(ctx *cli.Context) (*Config, error) {
EnableMetrics: ctx.GlobalBool(flags.EnableMetricsFlag.Name),
MetricsPort: ctx.GlobalString(flags.MetricsPortFlag.Name),
Timeout: timeout,
RegisterNodeAtStart: ctx.GlobalBool(flags.RegisterAtNodeStartFlag.Name),
RegisterNodeAtStart: registerNodeAtStart,
ExpirationPollIntervalSec: expirationPollIntervalSec,
EnableTestMode: testMode,
OverrideBlockStaleMeasure: ctx.GlobalInt64(flags.OverrideBlockStaleMeasureFlag.Name),
Expand All @@ -169,7 +182,7 @@ func NewConfig(ctx *cli.Context) (*Config, error) {
BLSOperatorStateRetrieverAddr: ctx.GlobalString(flags.BlsOperatorStateRetrieverFlag.Name),
EigenDAServiceManagerAddr: ctx.GlobalString(flags.EigenDAServiceManagerFlag.Name),
PubIPProvider: ctx.GlobalString(flags.PubIPProviderFlag.Name),
PubIPCheckInterval: ctx.GlobalDuration(flags.PubIPCheckIntervalFlag.Name),
PubIPCheckInterval: pubIPCheckInterval,
ChurnerUrl: ctx.GlobalString(flags.ChurnerUrlFlag.Name),
NumBatchValidators: ctx.GlobalInt(flags.NumBatchValidatorsFlag.Name),
ClientIPHeader: ctx.GlobalString(flags.ClientIPHeaderFlag.Name),
Expand Down
8 changes: 4 additions & 4 deletions node/flags/flags.go
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ var (
}
EcdsaKeyFileFlag = cli.StringFlag{
Name: common.PrefixFlag(FlagPrefix, "ecdsa-key-file"),
Required: true,
Required: false,
Usage: "Path to the encrypted ecdsa private key",
EnvVar: common.PrefixEnvVar(EnvVarPrefix, "ECDSA_KEY_FILE"),
}
Expand All @@ -113,7 +113,7 @@ var (
}
EcdsaKeyPasswordFlag = cli.StringFlag{
Name: common.PrefixFlag(FlagPrefix, "ecdsa-key-password"),
Required: true,
Required: false,
Usage: "Password to decrypt ecdsa private key",
EnvVar: common.PrefixEnvVar(EnvVarPrefix, "ECDSA_KEY_PASSWORD"),
}
Expand Down Expand Up @@ -244,9 +244,7 @@ var requiredFlags = []cli.Flag{
QuorumIDListFlag,
DbPathFlag,
BlsKeyFileFlag,
EcdsaKeyFileFlag,
BlsKeyPasswordFlag,
EcdsaKeyPasswordFlag,
BlsOperatorStateRetrieverFlag,
EigenDAServiceManagerFlag,
PubIPProviderFlag,
Expand All @@ -266,6 +264,8 @@ var optionalFlags = []cli.Flag{
InternalRetrievalPortFlag,
ClientIPHeaderFlag,
ChurnerUseSecureGRPC,
EcdsaKeyFileFlag,
EcdsaKeyPasswordFlag,
}

func init() {
Expand Down

0 comments on commit de976d1

Please sign in to comment.