feat(vault)!: implement full Shamir re-key flow and governance execution (§3.3–§3.5)
- Add `rekey.proto` with `ContributePassphrase` / `ContributeRecoveryPassphrase` / `RekeyResult`
- Wire `rekey` as a 4th vault stream payload in `vault.proto` and gRPC dispatch
- Add `RekeyRootKey` message to `Vault` actor: generates new random seal key, re-encrypts root key, writes new `root_key_history` row
- Add `StartRekey`, `ContributeRekey`, `ContributeRecoveryRekey` messages to `VaultCoordinator`; `finalize_rekey` uses threshold-1 fast path identical to bootstrap
- `execute_replace_operator` now UPDATEs `operator_identity.public_key` in-place (avoids FK constraint violation), deletes stale `operator` share row, then triggers `StartRekey`
- `execute_update_shamir_parameters` triggers `StartRekey` instead of warning stub
- `ProposalKind::ReplaceOperator` carries `old_operator_id`; encode/decode updated accordingly
- `GlobalActors::spawn` extracts `vault_coordinator` before `Ok(Self { … })` so it can be cloned into `ProposalManager::new`
- Add `handle_rekey` in session handlers forwarding passphrase contributions to `VaultCoordinator`
- Fix test: rename `replace_operator_inserts_identity_row` → `replace_operator_updates_pubkey_and_starts_rekey`, assert count stays 1 and pubkey is updated
This commit is contained in:
CleverWild
@@ -12,19 +12,20 @@ message Request {
|
||||
|
||||
message CreateProposalRequest {
|
||||
oneof kind {
|
||||
ApproveSdkClientPayload approve_sdk_client = 1;
|
||||
GrantWalletAccessPayload grant_wallet_access = 3;
|
||||
ApproveServerUpdatePayload approve_server_update = 4;
|
||||
ReplaceOperatorPayload replace_operator = 5;
|
||||
UpdateShamirParametersPayload update_shamir_parameters = 6;
|
||||
ApprovePersistentGrantPayload approve_persistent_grant = 7;
|
||||
ApproveSdkClientPayload approve_sdk_client = 1;
|
||||
GrantWalletAccessPayload grant_wallet_access = 3;
|
||||
ApproveServerUpdatePayload approve_server_update = 4;
|
||||
ReplaceOperatorPayload replace_operator = 5;
|
||||
UpdateShamirParametersPayload update_shamir_parameters = 6;
|
||||
ApprovePersistentGrantPayload approve_persistent_grant = 7;
|
||||
ApproveOneOffTransactionPayload approve_one_off_transaction = 8;
|
||||
}
|
||||
optional uint32 ttl_secs = 2;
|
||||
}
|
||||
|
||||
message ReplaceOperatorPayload {
|
||||
bytes new_pubkey = 1;
|
||||
int32 old_operator_id = 1;
|
||||
bytes new_pubkey = 2;
|
||||
}
|
||||
|
||||
message UpdateShamirParametersPayload {
|
||||
@@ -52,9 +53,9 @@ message QueryPendingRequest {}
|
||||
|
||||
message Response {
|
||||
oneof payload {
|
||||
CreateProposalResponse created = 1;
|
||||
VoteResponse voted = 2;
|
||||
QueryPendingResponse pending = 3;
|
||||
CreateProposalResponse created = 1;
|
||||
VoteResponse voted = 2;
|
||||
QueryPendingResponse pending = 3;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,10 +68,10 @@ message VoteResponse {
|
||||
}
|
||||
|
||||
enum VoteOutcome {
|
||||
VOTE_OUTCOME_UNSPECIFIED = 0;
|
||||
VOTE_OUTCOME_PENDING = 1;
|
||||
VOTE_OUTCOME_APPROVED = 2;
|
||||
VOTE_OUTCOME_REJECTED = 3;
|
||||
VOTE_OUTCOME_UNSPECIFIED = 0;
|
||||
VOTE_OUTCOME_PENDING = 1;
|
||||
VOTE_OUTCOME_APPROVED = 2;
|
||||
VOTE_OUTCOME_REJECTED = 3;
|
||||
}
|
||||
|
||||
message ProposalSummary {
|
||||
@@ -97,39 +98,39 @@ message VolumeLimitProto {
|
||||
}
|
||||
|
||||
message EtherTransferSpecProto {
|
||||
repeated bytes targets = 1;
|
||||
VolumeLimitProto limit = 2;
|
||||
repeated bytes targets = 1;
|
||||
VolumeLimitProto limit = 2;
|
||||
}
|
||||
|
||||
message TokenTransferSpecProto {
|
||||
bytes token_contract = 1;
|
||||
optional bytes target = 2;
|
||||
repeated VolumeLimitProto volume_limits = 3;
|
||||
bytes token_contract = 1;
|
||||
optional bytes target = 2;
|
||||
repeated VolumeLimitProto volume_limits = 3;
|
||||
}
|
||||
|
||||
message ApproveOneOffTransactionPayload {
|
||||
int32 client_id = 1;
|
||||
bytes wallet_address = 2;
|
||||
uint64 chain_id = 3;
|
||||
uint64 nonce = 4;
|
||||
uint64 gas_limit = 5;
|
||||
bytes max_fee_per_gas = 6;
|
||||
int32 client_id = 1;
|
||||
bytes wallet_address = 2;
|
||||
uint64 chain_id = 3;
|
||||
uint64 nonce = 4;
|
||||
uint64 gas_limit = 5;
|
||||
bytes max_fee_per_gas = 6;
|
||||
bytes max_priority_fee_per_gas = 7;
|
||||
bytes to = 8;
|
||||
bytes value = 9;
|
||||
bytes input = 10;
|
||||
bytes to = 8;
|
||||
bytes value = 9;
|
||||
bytes input = 10;
|
||||
}
|
||||
|
||||
message ApprovePersistentGrantPayload {
|
||||
int32 wallet_access_id = 1;
|
||||
uint64 chain_id = 2;
|
||||
optional int64 valid_from_secs = 3;
|
||||
optional int64 valid_until_secs = 4;
|
||||
optional bytes max_gas_fee_per_gas = 5;
|
||||
optional bytes max_priority_fee_per_gas = 6;
|
||||
optional TransactionRateLimitProto rate_limit = 7;
|
||||
int32 wallet_access_id = 1;
|
||||
uint64 chain_id = 2;
|
||||
optional int64 valid_from_secs = 3;
|
||||
optional int64 valid_until_secs = 4;
|
||||
optional bytes max_gas_fee_per_gas = 5;
|
||||
optional bytes max_priority_fee_per_gas = 6;
|
||||
optional TransactionRateLimitProto rate_limit = 7;
|
||||
oneof specific {
|
||||
EtherTransferSpecProto ether_transfer = 8;
|
||||
TokenTransferSpecProto token_transfer = 9;
|
||||
EtherTransferSpecProto ether_transfer = 8;
|
||||
TokenTransferSpecProto token_transfer = 9;
|
||||
}
|
||||
}
|
||||
|
||||
30
protobufs/operator/vault/rekey.proto
Normal file
30
protobufs/operator/vault/rekey.proto
Normal file
@@ -0,0 +1,30 @@
|
||||
syntax = "proto3";
|
||||
|
||||
package arbiter.operator.vault.rekey;
|
||||
|
||||
message ContributePassphrase {
|
||||
bytes passphrase = 1;
|
||||
}
|
||||
|
||||
message ContributeRecoveryPassphrase {
|
||||
int32 recovery_operator_id = 1;
|
||||
bytes passphrase = 2;
|
||||
}
|
||||
|
||||
enum RekeyResult {
|
||||
REKEY_RESULT_UNSPECIFIED = 0;
|
||||
REKEY_RESULT_SUCCESS = 1;
|
||||
REKEY_RESULT_AWAITING_CONTRIBUTIONS = 2;
|
||||
REKEY_RESULT_NOT_IN_PROGRESS = 3;
|
||||
}
|
||||
|
||||
message Request {
|
||||
oneof payload {
|
||||
ContributePassphrase contribute_passphrase = 1;
|
||||
ContributeRecoveryPassphrase contribute_recovery_passphrase = 2;
|
||||
}
|
||||
}
|
||||
|
||||
message Response {
|
||||
RekeyResult result = 1;
|
||||
}
|
||||
@@ -5,20 +5,23 @@ package arbiter.operator.vault;
|
||||
import "google/protobuf/empty.proto";
|
||||
import "shared/vault.proto";
|
||||
import "operator/vault/bootstrap.proto";
|
||||
import "operator/vault/rekey.proto";
|
||||
import "operator/vault/unseal.proto";
|
||||
|
||||
message Request {
|
||||
oneof payload {
|
||||
google.protobuf.Empty query_state = 1;
|
||||
unseal.Request unseal = 2;
|
||||
bootstrap.Request bootstrap = 3;
|
||||
unseal.Request unseal = 2;
|
||||
bootstrap.Request bootstrap = 3;
|
||||
rekey.Request rekey = 4;
|
||||
}
|
||||
}
|
||||
|
||||
message Response {
|
||||
oneof payload {
|
||||
arbiter.shared.VaultState state = 1;
|
||||
unseal.Response unseal = 2;
|
||||
bootstrap.Response bootstrap = 3;
|
||||
arbiter.shared.VaultState state = 1;
|
||||
unseal.Response unseal = 2;
|
||||
bootstrap.Response bootstrap = 3;
|
||||
rekey.Response rekey = 4;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user