diff --git a/Cargo.lock b/Cargo.lock index 520bb046d..f50dcd201 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -7402,6 +7402,7 @@ dependencies = [ "frame-support 29.0.2", "frame-system", "log", + "p256", "pallet-bags-list", "pallet-balances", "pallet-parameters", diff --git a/pallets/staking/Cargo.toml b/pallets/staking/Cargo.toml index 60beae497..281e1e334 100644 --- a/pallets/staking/Cargo.toml +++ b/pallets/staking/Cargo.toml @@ -17,6 +17,7 @@ scale-info ={ version="2.11", default-features=false, features=["derive"] } log ={ version="0.4.22", default-features=false } serde ={ version="1.0.210", default-features=false } rand_chacha={ version="0.3", default-features=false } +p256 ={ version="0.13.2", default-features=false, features=["ecdsa", "alloc"] } frame-benchmarking={ version="29.0.0", default-features=false, optional=true } frame-support ={ version="29.0.0", default-features=false } diff --git a/pallets/staking/src/lib.rs b/pallets/staking/src/lib.rs index f6ea6f16a..85b51ae5a 100644 --- a/pallets/staking/src/lib.rs +++ b/pallets/staking/src/lib.rs @@ -115,6 +115,7 @@ pub mod pallet { pub tss_account: AccountId, pub x25519_public_key: X25519PublicKey, pub endpoint: TssServerURL, + pub provisioning_certification_key: VerifyingKey, } /// Info that is requiered to do a proactive refresh #[derive(Clone, Encode, Decode, Eq, PartialEq, RuntimeDebug, TypeInfo, Default)] @@ -238,7 +239,7 @@ pub mod pallet { /// A type used to simplify the genesis configuration definition. pub type ThresholdServersConfig = ( ::ValidatorId, - (::AccountId, X25519PublicKey, TssServerURL), + (::AccountId, X25519PublicKey, TssServerURL, VerifyingKey), ); #[pallet::genesis_config] @@ -265,6 +266,7 @@ pub mod pallet { tss_account: server_info_tuple.0.clone(), x25519_public_key: server_info_tuple.1, endpoint: server_info_tuple.2.clone(), + provisioning_certification_key: server_info_tuple.3.clone(), }; ThresholdServers::::insert(validator_stash, server_info.clone()); diff --git a/pallets/staking/src/mock.rs b/pallets/staking/src/mock.rs index 0d1fe7159..9ab987bfd 100644 --- a/pallets/staking/src/mock.rs +++ b/pallets/staking/src/mock.rs @@ -400,8 +400,11 @@ pub fn new_test_ext() -> sp_io::TestExternalities { balances: vec![(1, 100), (2, 100), (3, 100), (4, 100)], }; let pallet_staking_extension = pallet_staking_extension::GenesisConfig:: { - // (ValidatorID, (AccountId, X25519PublicKey, TssServerURL)) - threshold_servers: vec![(5, (7, NULL_ARR, vec![20])), (6, (8, NULL_ARR, vec![40]))], + // (ValidatorID, (AccountId, X25519PublicKey, TssServerURL, VerifyingKey)) + threshold_servers: vec![ + (5, (7, NULL_ARR, vec![20], BoundedVec::with_max_capacity())), + (6, (8, NULL_ARR, vec![40], BoundedVec::with_max_capacity())), + ], proactive_refresh_data: (vec![], vec![]), mock_signer_rotate: (false, vec![], vec![]), }; diff --git a/pallets/staking/src/tests.rs b/pallets/staking/src/tests.rs index a6639b9f5..7f1c21ba1 100644 --- a/pallets/staking/src/tests.rs +++ b/pallets/staking/src/tests.rs @@ -22,6 +22,7 @@ use frame_support::{assert_noop, assert_ok}; use frame_system::{EventRecord, Phase}; use pallet_parameters::SignersSize; use pallet_session::SessionManager; +use sp_runtime::BoundedVec; const NULL_ARR: [u8; 32] = [0; 32]; #[test] @@ -29,11 +30,21 @@ fn basic_setup_works() { new_test_ext().execute_with(|| { assert_eq!( Staking::threshold_server(5).unwrap(), - ServerInfo { tss_account: 7, x25519_public_key: NULL_ARR, endpoint: vec![20] } + ServerInfo { + tss_account: 7, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity() + } ); assert_eq!( Staking::threshold_server(6).unwrap(), - ServerInfo { tss_account: 8, x25519_public_key: NULL_ARR, endpoint: vec![40] } + ServerInfo { + tss_account: 8, + x25519_public_key: NULL_ARR, + endpoint: vec![40], + provisioning_certification_key: BoundedVec::with_max_capacity() + } ); assert_eq!(Staking::threshold_to_stash(7).unwrap(), 5); assert_eq!(Staking::threshold_to_stash(8).unwrap(), 6); @@ -51,8 +62,12 @@ fn it_takes_in_an_endpoint() { pallet_staking::RewardDestination::Account(1), )); - let server_info = - ServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), @@ -68,6 +83,7 @@ fn it_takes_in_an_endpoint() { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20, 20, 20, 20], + provisioning_certification_key: BoundedVec::with_max_capacity(), }; assert_noop!( Staking::validate( @@ -78,8 +94,12 @@ fn it_takes_in_an_endpoint() { Error::::EndpointTooLong ); - let server_info = - ServerInfo { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20, 20] }; + let server_info = ServerInfo { + tss_account: 5, + x25519_public_key: NULL_ARR, + endpoint: vec![20, 20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_noop!( Staking::validate( RuntimeOrigin::signed(4), @@ -100,8 +120,12 @@ fn it_will_not_allow_validator_to_use_existing_tss_account() { pallet_staking::RewardDestination::Account(1), )); - let server_info = - ServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), @@ -134,8 +158,12 @@ fn it_changes_endpoint() { pallet_staking::RewardDestination::Account(1), )); - let server_info = - ServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), @@ -161,8 +189,12 @@ fn it_changes_threshold_account() { pallet_staking::RewardDestination::Account(1), )); - let server_info = - ServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), @@ -185,8 +217,12 @@ fn it_changes_threshold_account() { pallet_staking::RewardDestination::Account(2), )); - let server_info = - ServerInfo { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 5, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), pallet_staking::ValidatorPrefs::default(), @@ -209,8 +245,12 @@ fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { pallet_staking::RewardDestination::Account(1), )); - let server_info = - ServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(1), pallet_staking::ValidatorPrefs::default(), @@ -224,8 +264,12 @@ fn it_will_not_allow_existing_tss_account_when_changing_threshold_account() { pallet_staking::RewardDestination::Account(2), )); - let server_info = - ServerInfo { tss_account: 5, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 5, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), pallet_staking::ValidatorPrefs::default(), @@ -250,8 +294,12 @@ fn it_deletes_when_no_bond_left() { pallet_staking::RewardDestination::Account(1), )); - let server_info = - ServerInfo { tss_account: 3, x25519_public_key: NULL_ARR, endpoint: vec![20] }; + let server_info = ServerInfo { + tss_account: 3, + x25519_public_key: NULL_ARR, + endpoint: vec![20], + provisioning_certification_key: BoundedVec::with_max_capacity(), + }; assert_ok!(Staking::validate( RuntimeOrigin::signed(2), pallet_staking::ValidatorPrefs::default(),