celo-monorepo icon indicating copy to clipboard operation
celo-monorepo copied to clipboard

Published 20 hours ago verified publisher icon celo-org

Audit key management + key rotation logic and testing

Open alecps opened this issue 2 years ago • 5 comments

  • [x] Consider moving requestHasValidKeyVersion, getRequestKeyVersion, getResponseKeyVersion, etc. into common pkg
  • [x] Generate new domains polynomials if necessary
  • [x] Add new error for unsupported key versions and make sure it's being used
  • [x] Audit key rotation logic and add any necessary tests

Output:

  • Unit tests that check this part of the protocol

alecps avatar Aug 29 '22 16:08 alecps

Sprint planning:

  • signers have different versions of keys in key store
  • Combiner deals with key versions it accepts
  • Tricky because this was it's own PR and sort of warrants its own review (was a while back) to see if it still makes sense.
  • Could potentially ask Victor to help, but Alec wrote most of it
  • It's difficult to test key rotation logic, thinking about the methodology is the biggest effort here

Poker:

  • Izzy - Reading code you wrote a while back can be tricky
  • Alec - "Generate new domains polynomials if necessary" is a bit confusing (might need some help from victor)
  • Eela - could we do this after merging to master, can we do this later
  • Alec - We'll want an E2E in staging
  • Alec - This might become a major re-write of mock key store

arthurgousset avatar Sep 14 '22 15:09 arthurgousset

Sprint planning:

  • Alec - probably knocked off 1 dev day here. Still work outstanding on mock keystore. Happy with current estimat

arthurgousset avatar Sep 28 '22 15:09 arthurgousset

Sprint check-in:

  • Alec started working on this (good sense of work)

arthurgousset avatar Oct 05 '22 15:10 arthurgousset

Sprint planning:

  • Alec working on this atm

arthurgousset avatar Oct 12 '22 15:10 arthurgousset

https://github.com/celo-org/celo-monorepo/pull/9958

alecps avatar Oct 18 '22 03:10 alecps