Skip to content

Keystore signer impl#1598

Merged
connorwstein merged 6 commits intoARCH-331-keystore-encryptor-2from
ARCH-329-keystore-signer
Oct 10, 2025
Merged

Keystore signer impl#1598
connorwstein merged 6 commits intoARCH-331-keystore-encryptor-2from
ARCH-329-keystore-signer

Conversation

@connorwstein
Copy link
Copy Markdown
Contributor

@connorwstein connorwstein commented Oct 8, 2025
edited
Loading

Note I thought about passing a hash function parameter (e.g. nilable crypto.Hash, with the idea that the more we can encapsulate cryptographic stuff the better) but ended up thinking its not worth it:

  • Different signature schemes have different hashing approaches, for example ECDSA libraries generally just accept a 32 byte digest only and expect the caller to hash whereas Ed25519 by default allows arbitrary message lengths (internally uses SHA-512). Existing code generally uses the schemes in that manner, so leaving it this way is less disruptive to existing code and less likely that clients accidentally hash something twice or error for not hashing on ECDSA.
  • Took a peek at BTC for example which also uses ECDSA on S256 but unlike EVM chains it uses a double SHA-256 hash of a serialized BTC transaction. Supporting a double hash would complicate the API further, so again seems better to leave that client side.

@connorwstein connorwstein changed the base branch from main to ARCH-331-keystore-encryptor-2 October 8, 2025 19:09
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Oct 8, 2025
edited
Loading

✅ API Diff Results - No breaking changes

📄 View full apidiff report | 📚 Learn about apidiff

@connorwstein connorwstein marked this pull request as ready for review October 8, 2025 19:10
@connorwstein connorwstein requested a review from a team as a code owner October 8, 2025 19:10
connorwstein
connorwstein commented Oct 8, 2025
View reviewed changes
Comment thread keystore/signer.go
}

type VerifyRequest struct {
KeyName string
Copy link
Copy Markdown
Contributor Author

@connorwstein connorwstein Oct 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

General pattern I'm thinking about here:

  • KeyName is bound to private key material specifically and only used in APIs which need that access
  • For APIs that don't use private key material directly (but still belong in the API as they do cryptographic operations), supply all the inputs up front so its stateless. More flexible that way

Comment thread keystore/keystore.go Outdated
func publicKeyFromPrivateKey(privateKeyBytes internal.Raw, keyType KeyType) ([]byte, error) {
switch keyType {
case Ed25519:
return ed25519.PublicKey(internal.Bytes(privateKeyBytes)), nil
Copy link
Copy Markdown
Contributor Author

@connorwstein connorwstein Oct 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical issue caught in testing the signing, casting instead of properly converting.

jmank88
jmank88 reviewed Oct 8, 2025
View reviewed changes
Comment thread keystore/signer.go Outdated
jmank88
jmank88 reviewed Oct 9, 2025
View reviewed changes
Comment thread keystore/signer.go
@connorwstein connorwstein merged commit ac08a79 into ARCH-331-keystore-encryptor-2 Oct 10, 2025
10 of 12 checks passed
@connorwstein connorwstein deleted the ARCH-329-keystore-signer branch October 10, 2025 16:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmank88 jmank88 jmank88 approved these changes

@cedric-cordenier cedric-cordenier cedric-cordenier approved these changes

@EasterTheBunny EasterTheBunny Awaiting requested review from EasterTheBunny

@pavel-raykov pavel-raykov Awaiting requested review from pavel-raykov

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@connorwstein @jmank88 @cedric-cordenier