cardano-base icon indicating copy to clipboard operation
cardano-base copied to clipboard

Published 20 hours ago verified publisher icon input-output-hk

KES Agent prerequisites

Open tdammers opened this issue 3 years ago • 1 comments
trafficstars

Adds:

  • Direct serialization/deserialization of KES sign keys: we need this in order to send keys over network sockets without touching the GHC heap (which would violate mlocking protections).
  • Cryptographic RNG: a wrapper around randombytes_buf() from libsodium, to be used for generating mlocked seeds, such that we can generate KES sign keys entirely in mlocked memory.

tdammers avatar Oct 13 '22 14:10 tdammers

This currently depends on ~~#388~~ #411 and #389; those should be dealt with first before merging this.

tdammers avatar Apr 19 '23 13:04 tdammers