Add mock external signer binary

Dockerfile

@@ -333,6 +333,7 @@ RUN rm -f /home/user/target/machines/latest
 COPY --from=prover-export /bin/jit                                         /usr/local/bin/
 COPY --from=node-builder  /workspace/target/bin/deploy                     /usr/local/bin/
 COPY --from=node-builder  /workspace/target/bin/seq-coordinator-invalidate /usr/local/bin/
+COPY --from=node-builder  /workspace/target/bin/mockexternalsigner        /usr/local/bin/
 COPY --from=module-root-calc /workspace/target/machines/latest/machine.wavm.br /home/user/target/machines/latest/
 COPY --from=module-root-calc /workspace/target/machines/latest/until-host-io-state.bin /home/user/target/machines/latest/
 COPY --from=module-root-calc /workspace/target/machines/latest/module-root.txt /home/user/target/machines/latest/

Makefile

@@ -169,7 +169,7 @@ all: build build-replay-env test-gen-proofs
 	@touch .make/all
 
 .PHONY: build
-build: $(patsubst %,$(output_root)/bin/%, nitro deploy relay daserver datool seq-coordinator-invalidate nitro-val seq-coordinator-manager dbconv)
+build: $(patsubst %,$(output_root)/bin/%, nitro deploy relay daserver datool mockexternalsigner seq-coordinator-invalidate nitro-val seq-coordinator-manager dbconv)
 	@printf $(done)
 
 .PHONY: build-node-deps
@@ -314,6 +314,9 @@ $(output_root)/bin/daserver: $(DEP_PREDICATE) build-node-deps
 $(output_root)/bin/datool: $(DEP_PREDICATE) build-node-deps
 	go build $(GOLANG_PARAMS) -o $@ "$(CURDIR)/cmd/datool"
 
+$(output_root)/bin/mockexternalsigner: $(DEP_PREDICATE) build-node-deps
+	go build $(GOLANG_PARAMS) -o $@ "$(CURDIR)/cmd/mockexternalsigner"
+
 $(output_root)/bin/seq-coordinator-invalidate: $(DEP_PREDICATE) build-node-deps
 	go build $(GOLANG_PARAMS) -o $@ "$(CURDIR)/cmd/seq-coordinator-invalidate"
 

arbnode/dataposter/data_poster.go

@@ -41,6 +41,7 @@ import (
 	"github.com/ethereum/go-ethereum/signer/core/apitypes"
 
 	"github.com/offchainlabs/nitro/arbnode/dataposter/dbstorage"
+	"github.com/offchainlabs/nitro/arbnode/dataposter/externalsignertest"
 	"github.com/offchainlabs/nitro/arbnode/dataposter/noop"
 	redisstorage "github.com/offchainlabs/nitro/arbnode/dataposter/redis"
 	"github.com/offchainlabs/nitro/arbnode/dataposter/slice"
@@ -1297,6 +1298,21 @@ type ExternalSignerCfg struct {
 	InsecureSkipVerify bool `koanf:"insecure-skip-verify"`
 }
 
+func ExternalSignerTestCfg(addr common.Address, url string) (*ExternalSignerCfg, error) {
+	cp, err := externalsignertest.CertPaths()
+	if err != nil {
+		return nil, fmt.Errorf("getting certificates path: %w", err)
+	}
+	return &ExternalSignerCfg{
+		Address:          common.Bytes2Hex(addr.Bytes()),
+		URL:              url,
+		Method:           externalsignertest.SignerMethod,
+		RootCA:           cp.ServerCert,
+		ClientCert:       cp.ClientCert,
+		ClientPrivateKey: cp.ClientKey,
+	}, nil
+}
+
 type DangerousConfig struct {
 	// This should be used with caution, only when dataposter somehow gets in a
 	// bad state and we require clearing it.

arbnode/dataposter/dataposter_test.go

@@ -3,7 +3,6 @@ package dataposter
 import (
 	"context"
 	"errors"
-	"fmt"
 	"math/big"
 	"testing"
 	"time"
@@ -25,21 +24,6 @@ import (
 	"github.com/offchainlabs/nitro/util/arbmath"
 )
 
-func signerTestCfg(addr common.Address, url string) (*ExternalSignerCfg, error) {
-	cp, err := externalsignertest.CertPaths()
-	if err != nil {
-		return nil, fmt.Errorf("getting certificates path: %w", err)
-	}
-	return &ExternalSignerCfg{
-		Address:          common.Bytes2Hex(addr.Bytes()),
-		URL:              url,
-		Method:           externalsignertest.SignerMethod,
-		RootCA:           cp.ServerCert,
-		ClientCert:       cp.ClientCert,
-		ClientPrivateKey: cp.ClientKey,
-	}, nil
-}
-
 var (
 	blobTx = types.NewTx(
 		&types.BlobTx{
@@ -80,7 +64,7 @@ func TestExternalSigner(t *testing.T) {
 			return
 		}
 	}()
-	signerCfg, err := signerTestCfg(srv.Address, srv.URL())
+	signerCfg, err := ExternalSignerTestCfg(srv.Address, srv.URL())
 	if err != nil {
 		t.Fatalf("Error getting signer test config: %v", err)
 	}

arbnode/dataposter/externalsignertest/externalsignertest.go

@@ -42,7 +42,7 @@ type CertAbsPaths struct {
 type SignerServer struct {
 	*http.Server
 	*SignerAPI
-	listener net.Listener
+	Listener net.Listener
 }
 
 func basePath() (string, error) {
@@ -147,7 +147,7 @@ func (s *SignerServer) Start() error {
 	if err != nil {
 		return err
 	}
-	if err := s.ServeTLS(s.listener, cp.ServerCert, cp.ServerKey); err != nil && !errors.Is(err, http.ErrServerClosed) {
+	if err := s.ServeTLS(s.Listener, cp.ServerCert, cp.ServerKey); err != nil && !errors.Is(err, http.ErrServerClosed) {
 		return err
 	}
 	return nil

cmd/mockexternalsigner/mockexternalsigner.go

@@ -0,0 +1,97 @@
+package main
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"encoding/json"
+	"fmt"
+	"math/big"
+	"net/http"
+	"os"
+	"time"
+
+	"github.com/ethereum/go-ethereum/rpc"
+
+	"github.com/offchainlabs/nitro/arbnode/dataposter"
+	"github.com/offchainlabs/nitro/arbnode/dataposter/externalsignertest"
+	"github.com/offchainlabs/nitro/cmd/genericconf"
+	"github.com/offchainlabs/nitro/cmd/util"
+	"github.com/offchainlabs/nitro/util/testhelpers"
+)
+
+func main() {
+	args := os.Args
+	if len(args) != 2 {
+		panic("Usage: mockexternalsigner [private_key]")
+	}
+	srv, err := NewServer(args[1])
+	if err != nil {
+		panic(err)
+	}
+	go func() {
+		if err := srv.Start(); err != nil {
+			panic(err)
+		}
+	}()
+	signerCfg, err := dataposter.ExternalSignerTestCfg(srv.Address, srv.URL())
+	if err != nil {
+		panic(err)
+	}
+	signerCfgBytes, err := json.Marshal(signerCfg)
+	if err != nil {
+		panic(err)
+	}
+	fmt.Println(string(signerCfgBytes))
+
+}
+
+func NewServer(privateKey string) (*externalsignertest.SignerServer, error) {
+	rpcServer := rpc.NewServer()
+	txOpts, _, err := util.OpenWallet(
+		"mockexternalsigner",
+		&genericconf.WalletConfig{PrivateKey: privateKey},
+		big.NewInt(1337),
+	)
+	if err != nil {
+		return nil, err
+	}
+	s := &externalsignertest.SignerAPI{SignerFn: txOpts.Signer, Address: txOpts.From}
+	if err := rpcServer.RegisterName("test", s); err != nil {
+		return nil, err
+	}
+	cp, err := externalsignertest.CertPaths()
+	if err != nil {
+		return nil, err
+	}
+	clientCert, err := os.ReadFile(cp.ClientCert)
+	if err != nil {
+		return nil, err
+	}
+	pool := x509.NewCertPool()
+	pool.AppendCertsFromPEM(clientCert)
+
+	ln, err := testhelpers.FreeTCPPortListener()
+	if err != nil {
+		return nil, err
+	}
+
+	httpServer := &http.Server{
+		Addr:              ln.Addr().String(),
+		Handler:           rpcServer,
+		ReadTimeout:       30 * time.Second,
+		ReadHeaderTimeout: 30 * time.Second,
+		WriteTimeout:      30 * time.Second,
+		IdleTimeout:       120 * time.Second,
+		TLSConfig: &tls.Config{
+			MinVersion: tls.VersionTLS12,
+			ClientAuth: tls.RequireAndVerifyClientCert,
+			ClientCAs:  pool,
+		},
+	}
+
+	return &externalsignertest.SignerServer{
+		Server:    httpServer,
+		SignerAPI: s,
+		Listener:  ln,
+	}, nil
+}

system_tests/batch_poster_test.go

@@ -64,21 +64,6 @@ func addNewBatchPoster(ctx context.Context, t *testing.T, builder *NodeBuilder,
 	}
 }
 
-func externalSignerTestCfg(addr common.Address, url string) (*dataposter.ExternalSignerCfg, error) {
-	cp, err := externalsignertest.CertPaths()
-	if err != nil {
-		return nil, fmt.Errorf("getting certificates path: %w", err)
-	}
-	return &dataposter.ExternalSignerCfg{
-		Address:          common.Bytes2Hex(addr.Bytes()),
-		URL:              url,
-		Method:           externalsignertest.SignerMethod,
-		RootCA:           cp.ServerCert,
-		ClientCert:       cp.ClientCert,
-		ClientPrivateKey: cp.ClientKey,
-	}, nil
-}
-
 func testBatchPosterParallel(t *testing.T, useRedis bool) {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
@@ -105,7 +90,7 @@ func testBatchPosterParallel(t *testing.T, useRedis bool) {
 	builder := NewNodeBuilder(ctx).DefaultConfig(t, true)
 	builder.nodeConfig.BatchPoster.Enable = false
 	builder.nodeConfig.BatchPoster.RedisUrl = redisUrl
-	signerCfg, err := externalSignerTestCfg(srv.Address, srv.URL())
+	signerCfg, err := dataposter.ExternalSignerTestCfg(srv.Address, srv.URL())
 	if err != nil {
 		t.Fatalf("Error getting external signer config: %v", err)
 	}

system_tests/fast_confirm_test.go

@@ -25,6 +25,7 @@ import (
 	"github.com/ethereum/go-ethereum/params"
 
 	"github.com/offchainlabs/nitro/arbnode"
+	"github.com/offchainlabs/nitro/arbnode/dataposter"
 	"github.com/offchainlabs/nitro/arbnode/dataposter/externalsignertest"
 	"github.com/offchainlabs/nitro/arbnode/dataposter/storage"
 	"github.com/offchainlabs/nitro/arbos/l2pricing"
@@ -174,7 +175,7 @@ func TestFastConfirmation(t *testing.T) {
 	err = stakerA.Initialize(ctx)
 	Require(t, err)
 	cfg := arbnode.ConfigDefaultL1NonSequencerTest()
-	signerCfg, err := externalSignerTestCfg(srv.Address, srv.URL())
+	signerCfg, err := dataposter.ExternalSignerTestCfg(srv.Address, srv.URL())
 	if err != nil {
 		t.Fatalf("Error getting external signer config: %v", err)
 	}
@@ -375,7 +376,7 @@ func TestFastConfirmationWithSafe(t *testing.T) {
 	err = stakerA.Initialize(ctx)
 	Require(t, err)
 	cfg := arbnode.ConfigDefaultL1NonSequencerTest()
-	signerCfg, err := externalSignerTestCfg(srv.Address, srv.URL())
+	signerCfg, err := dataposter.ExternalSignerTestCfg(srv.Address, srv.URL())
 	if err != nil {
 		t.Fatalf("Error getting external signer config: %v", err)
 	}

system_tests/staker_test.go

@@ -26,6 +26,7 @@ import (
 	"github.com/ethereum/go-ethereum/params"
 
 	"github.com/offchainlabs/nitro/arbnode"
+	"github.com/offchainlabs/nitro/arbnode/dataposter"
 	"github.com/offchainlabs/nitro/arbnode/dataposter/externalsignertest"
 	"github.com/offchainlabs/nitro/arbnode/dataposter/storage"
 	"github.com/offchainlabs/nitro/arbos/l2pricing"
@@ -229,7 +230,7 @@ func stakerTestImpl(t *testing.T, faultyStaker bool, honestStakerInactive bool)
 	}
 	Require(t, err)
 	cfg := arbnode.ConfigDefaultL1NonSequencerTest()
-	signerCfg, err := externalSignerTestCfg(srv.Address, srv.URL())
+	signerCfg, err := dataposter.ExternalSignerTestCfg(srv.Address, srv.URL())
 	if err != nil {
 		t.Fatalf("Error getting external signer config: %v", err)
 	}