Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

op-signer, op-node: Integrate op-node with op-signer for block payload signing #12325

Merged
merged 5 commits into from
Dec 3, 2024
Merged

op-signer, op-node: Integrate op-node with op-signer for block payload signing #12325

merged 5 commits into from
Dec 3, 2024

Conversation

mininny
Copy link
Collaborator

@mininny mininny commented Oct 4, 2024
edited
Loading

Design Doc: ethereum-optimism/design-docs#103

Description

This PR adds remote signer configuration for op-node when signing the block payload for p2p gossiping in sequencers.

For block payload signing, domain [32]byte, chainID *big.Int, encodedMsg []byte are used. In RemoteSigner, these three arguments are hashed together to create a [32]byte signingHash.

The op-node then calls the opsigner_signBlockPayload rpc, which takes in a BlockPayloadArgs and returns [65]byte signature.

This signature is then used to gossip the p2p payload from the sequencer to other op-nodes.

To use remote signing, the following flags must be set:

--signer.endpoint=https://signer:port \
--signer.address=senderAddredss \
--signer.tls.cert=/config/tls/tls.crt \
--signer.tls.ca=/config/tls/ca.crt \
--signer.tls.key=/config/tls/tls.key

See corresponding op-signer pr at optimism-infra: ethereum-optimism/infra#59

Tests

  • This was tested with local devnet setup with custom cloud KMS key and op-node supporting remote signing of p2p gossip payload.

Additional context

Metadata

@mininny mininny mentioned this pull request Oct 7, 2024
Merged
@mininny mininny force-pushed the feature/mininny/integrate-op-signer-op-node branch from 0231b08 to ebeb2a4 Compare October 7, 2024 21:58
mininny
mininny commented Oct 7, 2024
View reviewed changes
op-node/p2p/gossip_test.go Outdated Show resolved Hide resolved
@mininny mininny marked this pull request as ready for review October 7, 2024 22:01
@mininny mininny requested review from a team as code owners October 7, 2024 22:01
@mininny mininny requested a review from axelKingsley October 7, 2024 22:01
@mininny mininny force-pushed the feature/mininny/integrate-op-signer-op-node branch from 9860c29 to 12c4820 Compare October 18, 2024 22:19
@trianglesphere trianglesphere mentioned this pull request Oct 23, 2024
Merged
protolambda
protolambda reviewed Oct 26, 2024
View reviewed changes
op-service/signer/client.go Outdated Show resolved Hide resolved
op-node/p2p/gossip_test.go Outdated Show resolved Hide resolved
op-node/p2p/gossip_test.go Outdated Show resolved Hide resolved
op-node/p2p/gossip_test.go Outdated Show resolved Hide resolved
@mininny mininny force-pushed the feature/mininny/integrate-op-signer-op-node branch 3 times, most recently from 957e7f4 to 9844e61 Compare October 28, 2024 20:35
@mininny mininny requested a review from protolambda October 28, 2024 20:35
@mininny mininny force-pushed the feature/mininny/integrate-op-signer-op-node branch from 9844e61 to 3669e4c Compare October 28, 2024 22:08
protolambda
protolambda reviewed Oct 31, 2024
View reviewed changes
op-node/p2p/gossip_test.go Outdated Show resolved Hide resolved
op-node/p2p/gossip_test.go Outdated Show resolved Hide resolved
op-node/p2p/gossip_test.go Outdated Show resolved Hide resolved
op-service/signer/cli_test.go Outdated Show resolved Hide resolved
op-service/signer/client.go Outdated Show resolved Hide resolved
@mininny mininny force-pushed the feature/mininny/integrate-op-signer-op-node branch 2 times, most recently from 54083cc to 466f5ff Compare October 31, 2024 16:48
@mininny mininny force-pushed the feature/mininny/integrate-op-signer-op-node branch from 466f5ff to 7484aa0 Compare December 3, 2024 05:07
@mininny mininny force-pushed the feature/mininny/integrate-op-signer-op-node branch from 7484aa0 to 1be74b5 Compare December 3, 2024 05:53
@mininny
Copy link
Collaborator Author

mininny commented Dec 3, 2024

/ci authorize 1be74b5

@mininny mininny added this pull request to the merge queue Dec 3, 2024
Merged via the queue into ethereum-optimism:develop with commit 4de5c8c Dec 3, 2024
45 checks passed
@mininny mininny deleted the feature/mininny/integrate-op-signer-op-node branch December 3, 2024 08:04
sigma pushed a commit that referenced this pull request Dec 19, 2024
@mininny @sigma
op-signer, op-node: Integrate op-node with op-signer for block payloa…
8942e4b 
…d signing (#12325)

* Initial implementation of integrating op-node with op-signer for remote signer configuration for block payload signing

* op-service: remove the requirement for signer.address to be set when using op-service

* op-service: add blockpayload_args to send to rpc opsigner_signBlockPayload

* Implement mock rpc in gossip_test and apply review

* Clean up tests
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@protolambda protolambda protolambda approved these changes

@axelKingsley axelKingsley Awaiting requested review from axelKingsley axelKingsley is a code owner automatically assigned from ethereum-optimism/op-stack

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mininny @protolambda