Fix how pre-generated keyshares are added for tests (#1061)

* Rename test keyshares * Fix adding pre-generated keyshares for tests * Rm unused argument to test helper * Use copy not clone and other review suggestions * Charlie should be the chosen new signer in reshare integration test chainspec * WIP fix reshare test * Include correct nodes in chainspec integration test for reshare mock * Fix client remove program test * Ignore proactive refresh test * fix test * clean * fix integration test * fmt * clean * add unsafe to test command * fix * fix * lint * fix * ignore sign eth tx --------- Co-authored-by: Jesse Abramowitz <[email protected]>
entropyxyz · Sep 25, 2024 · 2800d61 · 2800d61
1 parent f286071
commit 2800d61
Show file tree

Hide file tree

Showing 24 changed files with 141 additions and 95 deletions.
diff --git a/crates/client/src/tests.rs b/crates/client/src/tests.rs
@@ -18,9 +18,9 @@ use crate::{
 use entropy_testing_utils::{
     constants::{TEST_PROGRAM_WASM_BYTECODE, TSS_ACCOUNTS},
     helpers::{derive_mock_pck_verifying_key, encode_verifying_key},
-    jump_start_network,
+    jump_start_network, spawn_testing_validators,
     substrate_context::test_context_stationary,
-    test_node_process_testing_state,
+    test_node_process_testing_state, ChainSpecType,
 };
 use serial_test::serial;
 use sp_core::{sr25519, Pair, H256};
@@ -134,6 +134,9 @@ async fn test_store_and_remove_program() {
 async fn test_remove_program_reference_counter() {
     let program_owner = AccountKeyring::Ferdie.pair();
 
+    let (_validator_ips, _validator_ids) =
+        spawn_testing_validators(ChainSpecType::Integration).await;
+
     let force_authoring = true;
     let substrate_context = test_node_process_testing_state(force_authoring).await;
     let api = get_api(&substrate_context.ws_url).await.unwrap();

diff --git a/crates/testing-utils/Cargo.toml b/crates/testing-utils/Cargo.toml
@@ -17,7 +17,7 @@ parity-scale-codec="3.6.12"
 lazy_static       ="1.5.0"
 hex-literal       ="0.4.1"
 tokio             ={ version="1.40", features=["macros", "fs", "rt-multi-thread", "io-util", "process"] }
-axum              ={ version="0.7.6" }
+axum              ={ version="0.7.5" }
 entropy-shared    ={ version="0.2.0", path="../shared" }
 entropy-kvdb      ={ version="0.2.0", path="../kvdb", default-features=false }
 entropy-tss       ={ version="0.2.0", path="../threshold-signature-server", features=["test_helpers"] }

diff --git a/...tion/dave-keyshare-held-by-alice.keyshare → ...hares/production/dave-keyshare-0.keyshare b/...tion/dave-keyshare-held-by-alice.keyshare → ...hares/production/dave-keyshare-0.keyshare
diff --git a/...uction/dave-keyshare-held-by-bob.keyshare → ...hares/production/dave-keyshare-1.keyshare b/...uction/dave-keyshare-held-by-bob.keyshare → ...hares/production/dave-keyshare-1.keyshare
diff --git a/...on/dave-keyshare-held-by-charlie.keyshare → ...hares/production/dave-keyshare-2.keyshare b/...on/dave-keyshare-held-by-charlie.keyshare → ...hares/production/dave-keyshare-2.keyshare
diff --git a/...ction/eve-keyshare-held-by-alice.keyshare → ...shares/production/eve-keyshare-0.keyshare b/...ction/eve-keyshare-held-by-alice.keyshare → ...shares/production/eve-keyshare-0.keyshare
diff --git a/...duction/eve-keyshare-held-by-bob.keyshare → ...shares/production/eve-keyshare-1.keyshare b/...duction/eve-keyshare-held-by-bob.keyshare → ...shares/production/eve-keyshare-1.keyshare
diff --git a/...ion/eve-keyshare-held-by-charlie.keyshare → ...shares/production/eve-keyshare-2.keyshare b/...ion/eve-keyshare-held-by-charlie.keyshare → ...shares/production/eve-keyshare-2.keyshare
diff --git a/...test/dave-keyshare-held-by-alice.keyshare → ...s/keyshares/test/dave-keyshare-0.keyshare b/...test/dave-keyshare-held-by-alice.keyshare → ...s/keyshares/test/dave-keyshare-0.keyshare
diff --git a/...s/test/dave-keyshare-held-by-bob.keyshare → ...s/keyshares/test/dave-keyshare-1.keyshare b/...s/test/dave-keyshare-held-by-bob.keyshare → ...s/keyshares/test/dave-keyshare-1.keyshare
diff --git a/...st/dave-keyshare-held-by-charlie.keyshare → ...s/keyshares/test/dave-keyshare-2.keyshare b/...st/dave-keyshare-held-by-charlie.keyshare → ...s/keyshares/test/dave-keyshare-2.keyshare
diff --git a/.../test/eve-keyshare-held-by-alice.keyshare → ...ls/keyshares/test/eve-keyshare-0.keyshare b/.../test/eve-keyshare-held-by-alice.keyshare → ...ls/keyshares/test/eve-keyshare-0.keyshare
diff --git a/...es/test/eve-keyshare-held-by-bob.keyshare → ...ls/keyshares/test/eve-keyshare-1.keyshare b/...es/test/eve-keyshare-held-by-bob.keyshare → ...ls/keyshares/test/eve-keyshare-1.keyshare
diff --git a/...est/eve-keyshare-held-by-charlie.keyshare → ...ls/keyshares/test/eve-keyshare-2.keyshare b/...est/eve-keyshare-held-by-charlie.keyshare → ...ls/keyshares/test/eve-keyshare-2.keyshare
diff --git a/crates/testing-utils/src/helpers.rs b/crates/testing-utils/src/helpers.rs
@@ -27,11 +27,9 @@ pub use tdx_quote::encode_verifying_key;
 /// A helper for setting up tests which starts both a set of TS servers and a chain node and returns
 /// the chain API as well as IP addresses and PartyId of the started validators
 pub async fn spawn_tss_nodes_and_start_chain(
-    add_parent_key: bool,
     chain_spec_type: ChainSpecType,
 ) -> (OnlineClient<EntropyConfig>, LegacyRpcMethods<EntropyConfig>, Vec<String>, Vec<PartyId>) {
-    let (validator_ips, validator_ids) =
-        spawn_testing_validators(add_parent_key, chain_spec_type.clone()).await;
+    let (validator_ips, validator_ids) = spawn_testing_validators(chain_spec_type).await;
 
     let (api, rpc) = match chain_spec_type {
         ChainSpecType::Development => {

diff --git a/crates/threshold-signature-server/src/attestation/tests.rs b/crates/threshold-signature-server/src/attestation/tests.rs
@@ -33,7 +33,7 @@ async fn test_attest() {
 
     let cxt = test_node_process_stationary().await;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(false, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     let api = get_api(&cxt.ws_url).await.unwrap();
     let rpc = get_rpc(&cxt.ws_url).await.unwrap();

diff --git a/crates/threshold-signature-server/src/helpers/launch.rs b/crates/threshold-signature-server/src/helpers/launch.rs
@@ -65,7 +65,7 @@ pub const FORBIDDEN_KEY_DIFFIE_HELLMAN_PUBLIC: &str = "DH_PUBLIC";
 
 // Deafult name for TSS server
 // Will set mnemonic and db path
-#[derive(Debug, PartialEq)]
+#[derive(Debug, PartialEq, Clone, Copy)]
 pub enum ValidatorName {
     Alice,
     Bob,

diff --git a/crates/threshold-signature-server/src/helpers/tests.rs b/crates/threshold-signature-server/src/helpers/tests.rs
@@ -34,6 +34,7 @@ use crate::{
         substrate::submit_transaction,
         validator::get_signer_and_x25519_secret_from_mnemonic,
     },
+    r#unsafe::api::UnsafeQuery,
     signing_client::ListenerState,
     AppState,
 };
@@ -42,7 +43,7 @@ use entropy_kvdb::{encrypted_sled::PasswordMethod, get_db_path, kv_manager::KvMa
 use entropy_protocol::PartyId;
 #[cfg(test)]
 use entropy_shared::EncodedVerifyingKey;
-use entropy_shared::{DAVE_VERIFYING_KEY, EVE_VERIFYING_KEY, NETWORK_PARENT_KEY};
+use entropy_shared::{EVE_VERIFYING_KEY, NETWORK_PARENT_KEY};
 use std::time::Duration;
 use subxt::{
     backend::legacy::LegacyRpcMethods, ext::sp_core::sr25519, tx::PairSigner,
@@ -121,7 +122,7 @@ pub async fn create_clients(
 }
 
 /// A way to specify which chainspec to use in testing
-#[derive(Clone, PartialEq)]
+#[derive(Copy, Clone, PartialEq)]
 pub enum ChainSpecType {
     /// The development chainspec, which has 3 TSS nodes
     Development,
@@ -132,7 +133,6 @@ pub enum ChainSpecType {
 /// Spawn either 3 or 4 TSS nodes depending on chain configuration, adding pre-stored keyshares if
 /// desired
 pub async fn spawn_testing_validators(
-    add_parent_key: bool,
     chain_spec_type: ChainSpecType,
 ) -> (Vec<String>, Vec<PartyId>) {
     let add_fourth_server = chain_spec_type == ChainSpecType::Integration;
@@ -165,11 +165,6 @@ pub async fn spawn_testing_validators(
 
     let mut ids = vec![alice_id, bob_id, charlie_id];
 
-    put_keyshares_in_db("alice", alice_kv, add_parent_key).await;
-    put_keyshares_in_db("bob", bob_kv, add_parent_key).await;
-    put_keyshares_in_db("charlie", charlie_kv, add_parent_key).await;
-    // Don't give dave keyshares as dave is not initially in the signing committee
-
     let listener_alice = tokio::net::TcpListener::bind(format!("0.0.0.0:{}", ports[0]))
         .await
         .expect("Unable to bind to given server address.");
@@ -215,25 +210,30 @@ pub async fn spawn_testing_validators(
 }
 
 /// Add the pre-generated test keyshares to a kvdb
-async fn put_keyshares_in_db(holder_name: &str, kvdb: KvManager, add_parent_key: bool) {
-    let mut user_names_and_verifying_keys =
-        vec![("eve", hex::encode(EVE_VERIFYING_KEY)), ("dave", hex::encode(DAVE_VERIFYING_KEY))];
-    if add_parent_key {
-        user_names_and_verifying_keys.push(("eve", hex::encode(NETWORK_PARENT_KEY)))
-    }
-    for (user_name, user_verifying_key) in user_names_and_verifying_keys {
-        let keyshare_bytes = {
-            let project_root =
-                project_root::get_project_root().expect("Error obtaining project root.");
-            let file_path = project_root.join(format!(
-                "crates/testing-utils/keyshares/production/{}-keyshare-held-by-{}.keyshare",
-                user_name, holder_name
-            ));
-            std::fs::read(file_path).unwrap()
-        };
-        let reservation = kvdb.kv().reserve_key(user_verifying_key).await.unwrap();
-        kvdb.kv().put(reservation, keyshare_bytes).await.unwrap();
-    }
+async fn put_keyshares_in_db(index: usize, validator_name: ValidatorName) {
+    // Eve's keyshares are used as the network parent key
+    let user_name = "eve";
+    let keyshare_bytes = {
+        let project_root = project_root::get_project_root().expect("Error obtaining project root.");
+        let file_path = project_root.join(format!(
+            "crates/testing-utils/keyshares/production/{}-keyshare-{}.keyshare",
+            user_name, index
+        ));
+        std::fs::read(file_path).unwrap()
+    };
+
+    let unsafe_put = UnsafeQuery { key: hex::encode(NETWORK_PARENT_KEY), value: keyshare_bytes };
+    let unsafe_put = serde_json::to_string(&unsafe_put).unwrap();
+
+    let port = 3001 + (validator_name as usize);
+    let http_client = reqwest::Client::new();
+    http_client
+        .post(format!("http://127.0.0.1:{port}/unsafe/put"))
+        .header("Content-Type", "application/json")
+        .body(unsafe_put.clone())
+        .send()
+        .await
+        .unwrap();
 }
 
 /// Removes the program at the program hash
@@ -284,6 +284,7 @@ pub async fn jump_start_network_with_signer(
 
     let validators_names =
         vec![ValidatorName::Alice, ValidatorName::Bob, ValidatorName::Charlie, ValidatorName::Dave];
+    let mut keyshare_index = 0;
     for validator_name in validators_names {
         let mnemonic = development_mnemonic(&Some(validator_name));
         let (tss_signer, _static_secret) =
@@ -292,8 +293,13 @@ pub async fn jump_start_network_with_signer(
             entropy::tx().registry().confirm_jump_start(BoundedVec(EVE_VERIFYING_KEY.to_vec()));
 
         // Ignore the error as one confirmation will fail
-        let _result =
-            submit_transaction(api, rpc, &tss_signer, &jump_start_confirm_request, None).await;
+        if submit_transaction(api, rpc, &tss_signer, &jump_start_confirm_request, None)
+            .await
+            .is_ok()
+        {
+            put_keyshares_in_db(keyshare_index, validator_name).await;
+            keyshare_index += 1;
+        }
     }
 }
 

diff --git a/crates/threshold-signature-server/src/signing_client/tests.rs b/crates/threshold-signature-server/src/signing_client/tests.rs
@@ -38,14 +38,15 @@ use parity_scale_codec::Encode;
 use serial_test::serial;
 use sp_keyring::AccountKeyring;
 
+#[ignore]
 #[tokio::test]
 #[serial]
 async fn test_proactive_refresh() {
     initialize_test_logger().await;
     clean_tests();
     let _cxt = test_node_process_testing_state(false).await;
 
-    let (validator_ips, _ids) = spawn_testing_validators(false, ChainSpecType::Integration).await;
+    let (validator_ips, _ids) = spawn_testing_validators(ChainSpecType::Integration).await;
     let signing_committee_ips = &validator_ips[..3].to_vec();
 
     let client = reqwest::Client::new();

diff --git a/crates/threshold-signature-server/src/user/tests.rs b/crates/threshold-signature-server/src/user/tests.rs
@@ -170,9 +170,8 @@ async fn test_signature_requests_fail_on_different_conditions() {
     let one = AccountKeyring::One;
     let two = AccountKeyring::Two;
 
-    let add_parent_key_to_kvdb = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key_to_kvdb, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     // Here we need to use `--chain=integration-tests` and force authoring otherwise we won't be
     // able to get our chain in the right state to be jump started.
@@ -307,9 +306,8 @@ async fn signature_request_with_derived_account_works() {
     let bob = AccountKeyring::Bob;
     let charlie = AccountKeyring::Charlie;
 
-    let add_parent_key_to_kvdb = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key_to_kvdb, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     // Here we need to use `--chain=integration-tests` and force authoring otherwise we won't be
     // able to get our chain in the right state to be jump started.
@@ -356,9 +354,8 @@ async fn test_signing_fails_if_wrong_participants_are_used() {
 
     let one = AccountKeyring::Dave;
 
-    let add_parent_key = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     let force_authoring = true;
     let substrate_context = test_node_process_testing_state(force_authoring).await;
@@ -436,9 +433,8 @@ async fn test_request_limit_are_updated_during_signing() {
     let one = AccountKeyring::One;
     let two = AccountKeyring::Two;
 
-    let add_parent_key = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     let force_authoring = true;
     let substrate_context = test_node_process_testing_state(force_authoring).await;
@@ -539,9 +535,8 @@ async fn test_fails_to_sign_if_non_signing_group_participants_are_used() {
     let one = AccountKeyring::One;
     let two = AccountKeyring::Two;
 
-    let add_parent_key = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     let force_authoring = true;
     let substrate_context = test_node_process_testing_state(force_authoring).await;
@@ -631,9 +626,8 @@ async fn test_program_with_config() {
     let one = AccountKeyring::One;
     let two = AccountKeyring::Two;
 
-    let add_parent_key = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     let force_authoring = true;
     let substrate_context = test_node_process_testing_state(force_authoring).await;
@@ -716,9 +710,8 @@ async fn test_jumpstart_network() {
 
     let alice = AccountKeyring::Alice;
 
-    let add_parent_key = false;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     let force_authoring = true;
     let substrate_context = test_node_process_testing_state(force_authoring).await;
@@ -917,9 +910,8 @@ async fn test_fail_infinite_program() {
     let one = AccountKeyring::One;
     let two = AccountKeyring::Two;
 
-    let add_parent_key = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     let force_authoring = true;
     let substrate_context = test_node_process_testing_state(force_authoring).await;
@@ -998,9 +990,8 @@ async fn test_device_key_proxy() {
     let one = AccountKeyring::One;
     let two = AccountKeyring::Two;
 
-    let add_parent_key_to_kvdb = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key_to_kvdb, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     // Here we need to use `--chain=integration-tests` and force authoring otherwise we won't be
     // able to get our chain in the right state to be jump started.
@@ -1138,7 +1129,7 @@ async fn test_faucet() {
     let alice = AccountKeyring::Alice;
 
     let (validator_ips, _validator_ids) =
-        spawn_testing_validators(false, ChainSpecType::Development).await;
+        spawn_testing_validators(ChainSpecType::Development).await;
     let substrate_context = test_node_process_testing_state(true).await;
     let entropy_api = get_api(&substrate_context.ws_url).await.unwrap();
     let rpc = get_rpc(&substrate_context.ws_url).await.unwrap();
@@ -1310,9 +1301,8 @@ async fn test_registration_flow() {
     let bob = AccountKeyring::Bob;
     let charlie = AccountKeyring::Charlie;
 
-    let add_parent_key_to_kvdb = true;
     let (_validator_ips, _validator_ids) =
-        spawn_testing_validators(add_parent_key_to_kvdb, ChainSpecType::Integration).await;
+        spawn_testing_validators(ChainSpecType::Integration).await;
 
     // Here we need to use `--chain=integration-tests` and force authoring otherwise we won't be
     // able to get our chain in the right state to be jump started.