feat(server): introducle table separation in preparation of shamir secret sharing vault

2026-04-19 14:04:27 +02:00
parent 2b44570ab4
commit 5f239c426d
9 changed files with 85 additions and 35 deletions
--- a/server/crates/arbiter-server/src/actors/bootstrap.rs
+++ b/server/crates/arbiter-server/src/actors/bootstrap.rs
@@ -48,7 +48,7 @@ impl Bootstrapper {
        let row_count: i64 = {
            let mut conn = db.get().await?;

-            schema::operator_client::table
+            schema::operator_identity::table
                .count()
                .get_result(&mut conn)
                .await?
--- a/server/crates/arbiter-server/src/db/models.rs
+++ b/server/crates/arbiter-server/src/db/models.rs
@@ -248,14 +248,25 @@ pub struct ProgramClient {
 }

 #[derive(Queryable, Debug)]
-#[diesel(table_name = schema::operator_client, check_for_backend(Sqlite))]
-pub struct OperatorClient {
+#[diesel(table_name = schema::operator_identity, check_for_backend(Sqlite))]
+pub struct OperatorIdentity {
    pub id: i32,
    pub public_key: Vec<u8>,
    pub created_at: SqliteTimestamp,
    pub updated_at: SqliteTimestamp,
 }

+#[derive(Queryable, Debug)]
+#[diesel(table_name = schema::operator, check_for_backend(Sqlite))]
+pub struct Operator {
+    pub id: i32,
+    pub share: Vec<u8>,
+    pub share_nonce: Vec<u8>,
+    pub created_at: SqliteTimestamp,
+    pub updated_at: SqliteTimestamp,
+}
+
+
 #[derive(Models, Queryable, Debug, Insertable, Selectable)]
 #[diesel(table_name = evm_ether_transfer_limit, check_for_backend(Sqlite))]
 #[view(
--- a/server/crates/arbiter-server/src/db/schema.rs
+++ b/server/crates/arbiter-server/src/db/schema.rs
@@ -152,6 +152,25 @@ diesel::table! {
    }
 }

+diesel::table! {
+    operator (id) {
+        id -> Nullable<Integer>,
+        share -> Binary,
+        share_nonce -> Binary,
+        created_at -> Integer,
+        updated_at -> Integer,
+    }
+}
+
+diesel::table! {
+    operator_identity (id) {
+        id -> Integer,
+        public_key -> Binary,
+        created_at -> Integer,
+        updated_at -> Integer,
+    }
+}
+
 diesel::table! {
    program_client (id) {
        id -> Integer,
@@ -185,15 +204,6 @@ diesel::table! {
    }
 }

-diesel::table! {
-    operator_client (id) {
-        id -> Integer,
-        public_key -> Binary,
-        created_at -> Integer,
-        updated_at -> Integer,
-    }
-}
-
 diesel::joinable!(aead_encrypted -> root_key_history (associated_root_key_id));
 diesel::joinable!(arbiter_settings -> root_key_history (root_key_id));
 diesel::joinable!(arbiter_settings -> tls_history (tls_id));
@@ -212,6 +222,7 @@ diesel::joinable!(evm_transaction_log -> evm_wallet_access (wallet_access_id));
 diesel::joinable!(evm_wallet -> aead_encrypted (aead_encrypted_id));
 diesel::joinable!(evm_wallet_access -> evm_wallet (wallet_id));
 diesel::joinable!(evm_wallet_access -> program_client (client_id));
+diesel::joinable!(operator -> operator_identity (id));
 diesel::joinable!(program_client -> client_metadata (metadata_id));

 diesel::allow_tables_to_appear_in_same_query!(
@@ -230,8 +241,9 @@ diesel::allow_tables_to_appear_in_same_query!(
    evm_wallet,
    evm_wallet_access,
    integrity_envelope,
+    operator,
+    operator_identity,
    program_client,
    root_key_history,
    tls_history,
-    operator_client,
 );
--- a/server/crates/arbiter-server/src/peers/operator/auth/state.rs
+++ b/server/crates/arbiter-server/src/peers/operator/auth/state.rs
@@ -4,7 +4,7 @@ use super::{
 };
 use crate::{
    actors::bootstrap::ConsumeToken,
-    db::{DatabasePool, schema::operator_client},
+    db::{DatabasePool, schema::operator_identity},
    peers::operator::auth::Outbound,
 };
 use arbiter_crypto::authn::{self, AuthChallenge, OPERATOR_CONTEXT};
@@ -44,9 +44,9 @@ async fn get_client_id(db: &DatabasePool, pubkey: &authn::PublicKey) -> Result<O
        Error::internal("Database unavailable")
    })?;

-    operator_client::table
-        .filter(operator_client::public_key.eq(pubkey.to_bytes()))
-        .select(operator_client::id)
+    operator_identity::table
+        .filter(operator_identity::public_key.eq(pubkey.to_bytes()))
+        .select(operator_identity::id)
        .first::<i32>(&mut conn)
        .await
        .optional()
@@ -63,9 +63,9 @@ async fn register_key(db: &DatabasePool, pubkey: &authn::PublicKey) -> Result<i3
        Error::internal("Database unavailable")
    })?;

-    let id: i32 = diesel::insert_into(operator_client::table)
-        .values((operator_client::public_key.eq(pubkey_bytes),))
-        .returning(operator_client::id)
+    let id: i32 = diesel::insert_into(operator_identity::table)
+        .values((operator_identity::public_key.eq(pubkey_bytes),))
+        .returning(operator_identity::id)
        .get_result(&mut conn)
        .await
        .map_err(|e| {