Use Signed Message for Key Devrivation #1981
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## feature/ct_module #1981 +/- ##
=====================================================
+ Coverage 60.89% 60.99% +0.09%
=====================================================
Files 283 284 +1
Lines 26982 27029 +47
=====================================================
+ Hits 16431 16485 +54
+ Misses 9289 9280 -9
- Partials 1262 1264 +2
|
dssei
approved these changes
Dec 12, 2024
mj850
added a commit
that referenced
this pull request
Apr 4, 2025
* ciphertext example type * fix linting errors * commit generated code * codec + some validation + routing * adding zk related objects * tests * remove challenge from ciphertext validity proof * revert params.pb.go * Fix test to use correct result object for proofs. Add range proofs * Add decryption test * RemainingBalanceEqualityProof * TransferAmountLoEqualityProof & TransferAmountHiEqualityProof tests * fix formatting * add missing validations * auditors * add marshalling/unmarshalling of the messages * go mod tidy * fix linting issues * add more tests * tests for zk.go * more tests * Scaffolding (#1916) * scaffolding for new module * keeper scaffolding * scaffold with types * go sum * comments pt1 * comments * drop prev580 * CT types - Apply balance close account (#1919) * pending balance type * convert apply pending balance to a message type * close account type * Add Deposit and InitializeAccount types (#1921) * new types * add deposit to msgs * add import issues * revert evm/params to old state * withdraw with tests * small changes * refactor and add tests * comment * Genesis draft (#1924) * Genesis draft * revert evm params * revert evm params -2 * working simple test * linting * addressing linter errors * remove creating address for now * Ct queries (#1927) * add genesis init/export tests * refactor store * confidential transfers queries * working draft test * more tests * refactor tests * all accounts query * formatting * add pagination to request/response * update implementation to use paginated response instead * formatting * remove redundant param * all accounts with denoms * clean up commented code * return GetAccount back to keeper * formatting * Add msg_server methods (#1923) * new types * add deposit to msgs * add import issues * revert evm/params to old state * withdraw with tests * small changes * refactor and add tests * comment * refactor initialize type * types * non module account types * msg server methods with module accounts * tests scaffold * add msg server tests * codeql * test issues * test improvements * comments * todo * app * basic cli and first draft command for ct module (#1929) * basic cli and first draft command for ct module * add second command draft * draft of init account * close account update * lint errors * Add confidential transfer queries to seid (#1931) * update codec * cleanup and queryies * enable in module * add other query * fix bug * fix lint * add decryption query * cleanup * validate address * comments * rectify test failures * speed up withdraw test * make other tests slightly faster * Update confidential transfers swagger/openAPI spec (#1937) * - fix ct account by address and denom REST query - update swagger * - regenerate with latest changes - set module version to 1 * Add other confidential tx methods to seid (#1933) * add other tx commands * small fixes * add param validation * fix apply pending balance method * check denom for initialize * add util tests * bug * fix initialize tests * Ct ACL mappings (#1947) * - add acl mapping for MsgTransfer * transfer message acl dependency tests * acls for initialize account and deposit * acls for withdraw message * acls for apply pending balance * - acls for close account - fix init account test (cause of new check) * formatting * self-review teaks * address review comments * Add query decrypted tx method to confidential transfers client (#1950) * queries work * comments * update doc * use decryptor instead of from flag * validate decryptor * lint * merge * Add Integration tests for CT Module (#1958) * Add integration tests * fix test * make tests independent and add transfer test * add to github actions workflow * readability * workflow * err codes * bug * add ct to load test framework (#1959) * add ct to load test framework * comment out receiver account creation for now * - add ct account population script - add ct query client - add 4 types of ct messages for load test * - script updates * - add error handling * script updates * formatting * disable state writing for transfers * add metrics * Revert "add metrics" This reverts commit a7814b1. * self review fixes * Use BigInt in CT Module (#1966) * save * backend tests passing * test * types test * acl tests * utils * codeql * lint * Manually consume gas for expensive txes and add params (#1972) * save * backend tests passing * test * types test * acl tests * utils * codeql * draft * register subspace * params disable * add scaling gas * update tests * add tests for disable feature * integration tests fees bump * update close account test * lint * comments * comments * refactor ct cli to use SDK coin format (#1977) * refactor ct cli to use coin format like e.g. 1usei * update integration tests * formatting * update integration tests * update integration tests - 2 * Use updated CachedRangeVerifier (#1975) * test new verifier * update to prod version * update cryptography version * try optimize test * add optimization * small optimization * params revert * fix deps * rollback evm params * change pendingBalanceLo in decryptable account object * Bump coinbase crypto lib version (#1985) - update kryptology version * Increase test coverage (#1986) * - remove dead code - add test for keys * - basic test for transfer object * - transfer invalid inputs * - wrong private key test * - refactor tests * - refactor tests - tests for createTransferPartyParams * - add more checks to transfers * - tests for VerifyTransferProofs * - tests for VerifyTransferProofs * fix tests * increase test time-out * tests for VerifyAuditorProof * MsgInitializeAccount tests * MsgTransfer#FromProto invalid inputs tests * - tests for transfer msg decrypt * - tests for InitializeAccount invalid fields * - tests for MsgInitializeAccount_Decrypt * - tests for MsgApplyPendingBalance * - tests for MsgWithdraw * - route and type message tests * Use Signed Message for Key Devrivation (#1981) * change key devrivation * hash again * version * issues * types test * add tests * bump unit test timeout * add fixed prefix before hashing denom * mertge issues * Consume gas before verifying range proof (#1987) * Consume gas before verifying range proof * bump timeout * uint64 * test issue * - fix tests * - few more tests * Ct transfer precompile (#1994) * - transfer precompile draft * - formating * - flatten abi.json * - refactor test * - more tests * - self-review tweaks * Transfer with auditors precompile (#1997) * - transfer precompile draft * - formating * - flatten abi.json * - refactor test * - more tests * - add transfer with auditors, old tests passing * - add auditors to sol and abi * - self-review tweaks * - transfer with auditors draft * - move auditor conversion logic to a separate method * - tests * - move get account to utils * - add transfer with auditors payload cli support * - fix auditors payload cli * - fix lint warnings * - fix slice size * - add check for empty auditor array * - add panic recover logic to getAuditorsFromArg * Ct init account precompile (#2017) * - add sol init account * - precompile + basic tests * self-review tweaks * ct init account payload cli * caller should = the user address * add caller check for transfers * refactor address retrieval logic. Add more tests * Support Sei addresses in transfer precompiles (#2021) * - add sol init account * - precompile + basic tests * self-review tweaks * ct init account payload cli * caller should = the user address * add caller check for transfers * refactor address retrieval logic. Add more tests * support Sei addresses in transfer precompile * add tests for Sei addresses * update tests * self-review tweaks * Ct deposit precompile (#2023) * - add sol init account * - precompile + basic tests * deposit precompile * refactor test * Use caller instead of from address (#2030) * - add sol init account * - precompile + basic tests * deposit precompile * refactor test * use caller instead of from address * add amount field comment * few tweaks * roll back init-account changes * remove unintended changes * remove unintended changes - 2 * use caller in transfer * init account precompile integration test * deposit precompile integration test * transfer precompile integration test * self review * Add ApplyPendingBalance, Withdraw and CloseAccount to ConfidentialTransfers Precompile (#2033) * apply precompile * add withdraw precompile as well * update with queries * update precompiles for sender * close account and integration tests * lint * Ct Account query precompile (#2038) * - add sol init account * - precompile + basic tests * Basic account precompile query code and test * unit tests * integration test * Fix account not found error code (#2041) update error code for case when account already exists * Ct EVM transactions decryption (#2046) * working draft * get to address from events * get conversion of EVM tx to Sei tx * rafactor CT precompile to expose calldata parsing methods * working draft * self review tweaks * fix formatting * Add few clarifying comments * update artifacts ver * Add ACL Mappings for InitializeAccount (#2076) c-03 missing resource dependencies * L-09 Proto Serialization Failures (#2079) * L-09 Proto Serialization Failures * lint * change to post * L02/05 Update proto messages (#2077) L-02/05 update protos * Add range proofs for transfer amounts (#2070) * update range proof for msg server * bump upload artifacts * workflow * bump timeout to 15 mins * order of transfer proof validaiton * order * add range proof verification cost * bump up gas accordingly * test changes * remove remaining gas check * remaining gas * Update RPC Response in CT CLI Query with Error (#2078) * add error to rpc response * check for response.error * add timeout to httpclient * Consume more gas in each CT operation. Limit number of auditors (#2080) * - consume more gas for CT operations - limit number of auditors to 5 * self review tweaks * - fix precompile test - formatting * remove redundant nil check * - move gas cost to params - add more max auditor list validations * - re-use helper method * - add missed gas consumption * - fix tests - propagate validation error message * adding allowlist to CT (#2082) * adding allowlist to transfer * tests for transfer with allow list * restrict withdrawals and deposits as well * - add acl mappings * - add block list dep mapping * Validation fixes (#2084) * - add missing validations - require both supply and metadata on account init * - add negative amount check on withdrawals * - add bech32 check for auditor address * - add denom validation check * - add denom validation check - 2 * - more missed validations * - fix tests * - fix tests - 2 * fix gas in test * Limit the tokens that can be used with the CT Module (#2086) * check for denom exponent * base * whitelist params * tests * typo * tests * clarify * Update CT_Module with main (#2102) merge module with main * fix integration tests * transfer test * gas test fix * test gas --------- Co-authored-by: _dssei_ <denys@seinetwork.io> Co-authored-by: Denys S <150304777+dssei@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Describe your changes and provide context
Currently, the CT Module relies directly on the private key for deriving keys. For each account, a new keypair is deterministically generated using the KeyGen(privateKey, denom) method, which computes the SHA256 of the privateKey with denom as the salt, then uses that hash to create a private key (random number)
The benefit of doing this is that users can generate a key that is as secure as their addresses' ecdsa private key, without having to manage additional keys.
This is fine for clients such as seid which have direct access to the users private key, but the majority of other clients (wallets etc), do not have direct access to the users private key. This would make the feature very difficult to use outside of seid.
To make things easier for wallets, the change proposed here is that instead of using
SHA256Hash(privatekey, denom)as the key generation function, we useSign(privateKey, denom), then SHA256 hash it one more time with an arbitrary salt to prevent the signature from being used.Sign(privateKey, denom) is as secure, since it cannot be generated by anyone except with knowledge of the ecdsa private key. However, this enables the key generation to be performed by Wallets, enabling applications to derive the keyPair on the client side by requesting that the user sign the denom. This will increase the future usability of this feature and integratability with dapps.
On the client side, they can generate Sign(privateKey, denom) using EVM wallet clients with
One note is that this implementation only enables EVM wallets to do this - cosmos wallets have different signing methods and will still not be able to interact with this module naturally.
more work to be done to look into how to add usability to this module.
This PR is dependent on the changes in sei-protocol/sei-cryptography#7
Testing performed to validate your change