iroha icon indicating copy to clipboard operation
iroha copied to clipboard
verified publisher icon hyperledger

refactor!: Use hash to validate genesis block

Open dima74 opened this issue 1 year ago • 3 comments

Description

  • Added genesis.hash config parameter and removed genesis.public_key
  • Added command kagami genesis hash which calculates hash of genesis block
  • kagami genesis sign still needs genesis key pair because it needs to be matched with genesis account id potentially present in genesis.json instructions
    • Maybe we could try to use genesis@genesis alias in genesis.json? That way kagami genesis sign will generate genesis key pair, replace genesis@genesis alias with actual genesis account id, and users will not have to deal with genesis key pair generation
  • Genesis domain and account is now added to the World after receiving genesis block (since we now don't know genesis account id at startup but need to use authority of genesis block)

Deployment changes

Will be needed to change from:

kagami genesis sign ... --out-file genesis.signed.scale
irohad

To:

  • kagami genesis sign ... --out-file genesis.signed.scale - as before, no changes
  • kagami genesis hash genesis.signed.scale - get hash of genesis block
  • Provide hash using GENESIS_HASH environment variable to irohad

Linked issue

Closes #4555

Benefits

Checklist

  • [x] I've read CONTRIBUTING.md
  • [x] I've used the standard signed-off commit format (or will squash just before merging)
  • [ ] All applicable CI checks pass (or I promised to make them pass later)
  • [ ] (optional) I've written unit tests for the code changes
  • [ ] I replied to all comments after code review, marking all implemented changes with thumbs up

dima74 avatar Jul 01 '24 09:07 dima74

@BAStos525

github-actions[bot] avatar Jul 01 '24 09:07 github-actions[bot]

So if we still have to use genesis account afaik what benefits do we gain by now also checking hash of genesis block?

Erigara avatar Jul 01 '24 13:07 Erigara

So if we still have to use genesis account afaik what benefits do we gain by now also checking hash of genesis block?

As I see kagami genesis sign might be simplified a bit (no genesis key pair needed) if we figure out how to do it. But I don't know how genesis account id can be removed altogether since it is used in genesis.json instructions like Transfer

dima74 avatar Jul 01 '24 14:07 dima74

Discussed with @mversic and decided that currently it is not worth to implement #4555. Originally it was expected that it will simplify things, but looks like there is no good and clean implementation, so will keep current approach with genesis public and private key (note that genesis private key is used only in kagami)

dima74 avatar Jul 04 '24 11:07 dima74