Consolidate TSS commands

zeta-chain · Nov 6, 2024 · 2190194 · 2190194
1 parent 6d3f2a7
commit 2190194
Show file tree

Hide file tree

Showing 8 changed files with 116 additions and 104 deletions.
diff --git a/cmd/zetaclientd/encrypt_tss.go b/cmd/zetaclientd/encrypt_tss.go
diff --git a/cmd/zetaclientd/gen_pre_params.go b/cmd/zetaclientd/gen_pre_params.go
diff --git a/cmd/zetaclientd/init_config.go b/cmd/zetaclientd/init_config.go
@@ -38,22 +38,31 @@ var initializeConfigOpts initializeConfigOptions
 func setupInitializeConfigOptions() {
 	f, cfg := InitializeConfigCmd.Flags(), &initializeConfigOpts
 
-	f.StringVar(&cfg.peer, "peer", "", "peer address, e.g. /dns/tss1/tcp/6668/ipfs/16Uiu2HAmACG5DtqmQsHtXg4G2sLS65ttv84e7MrL4kapkjfmhxAp")
+	const (
+		usagePeer     = "peer address e.g. /dns/tss1/tcp/6668/ipfs/16Uiu2HAmACG5DtqmQsH..."
+		usageHotKey   = "hotkey for zetaclient this key is used for TSS and ZetaClient operations"
+		usageLogLevel = "log level (0:debug, 1:info, 2:warn, 3:error, 4:fatal, 5:panic)"
+		usageP2PDiag  = "p2p diagnostic ticker (default: 0 means no ticker)"
+		usageTicker   = "config update ticker (default: 0 means no ticker)"
+		usageKeyring  = "keyring backend to use (test, file)"
+	)
+
+	f.StringVar(&cfg.peer, "peer", "", usagePeer)
 	f.StringVar(&cfg.publicIP, "public-ip", "", "public ip address")
 	f.StringVar(&cfg.preParamsPath, "pre-params", "~/preParams.json", "pre-params file path")
 	f.StringVar(&cfg.chainID, "chain-id", "athens_7001-1", "chain id")
 	f.StringVar(&cfg.zetacoreURL, "zetacore-url", "127.0.0.1", "zetacore node URL")
 	f.StringVar(&cfg.authzGranter, "operator", "", "granter for the authorization , this should be operator address")
-	f.StringVar(&cfg.authzHotkey, "hotkey", "hotkey", "hotkey for zetaclient this key is used for TSS and ZetaClient operations")
-	f.Int8Var(&cfg.level, "log-level", int8(zerolog.InfoLevel), "log level (0:debug, 1:info, 2:warn, 3:error, 4:fatal, 5:panic , 6: NoLevel , 7: Disable)")
+	f.StringVar(&cfg.authzHotkey, "hotkey", "hotkey", usageHotKey)
+	f.Int8Var(&cfg.level, "log-level", int8(zerolog.InfoLevel), usageLogLevel)
 	f.StringVar(&cfg.logFormat, "log-format", "json", "log format (json, test)")
 	f.BoolVar(&cfg.logSampler, "log-sampler", false, "set to to true to turn on log sampling")
 	f.BoolVar(&cfg.p2pDiagnostic, "p2p-diagnostic", false, "enable p2p diagnostic")
-	f.Uint64Var(&cfg.p2pDiagnosticTicker, "p2p-diagnostic-ticker", 30, "p2p diagnostic ticker (default: 0 means no ticker)")
-	f.Uint64Var(&cfg.configUpdateTicker, "config-update-ticker", 5, "config update ticker (default: 0 means no ticker)")
+	f.Uint64Var(&cfg.p2pDiagnosticTicker, "p2p-diagnostic-ticker", 30, usageP2PDiag)
+	f.Uint64Var(&cfg.configUpdateTicker, "config-update-ticker", 5, usageTicker)
 	f.StringVar(&cfg.TssPath, "tss-path", "~/.tss", "path to tss location")
 	f.BoolVar(&cfg.TestTssKeysign, "test-tss", false, "set to to true to run a check for TSS keysign on startup")
-	f.StringVar(&cfg.KeyringBackend, "keyring-backend", string(config.KeyringBackendTest), "keyring backend to use (test, file)")
+	f.StringVar(&cfg.KeyringBackend, "keyring-backend", string(config.KeyringBackendTest), usageKeyring)
 	f.BoolVar(&cfg.HsmMode, "hsm-mode", false, "enable hsm signer, default disabled")
 	f.StringVar(&cfg.HsmHotKey, "hsm-hotkey", "hsm-hotkey", "name of hotkey associated with hardware security module")
 	f.StringVar(&cfg.RelayerKeyPath, "relayer-key-path", "~/.zetacored/relayer-keys", "path to relayer keys")

diff --git a/cmd/zetaclientd/main.go b/cmd/zetaclientd/main.go
@@ -40,6 +40,22 @@ var (
 		Short:   "Initialize Zetaclient Configuration file",
 		RunE:    InitializeConfig,
 	}
+	TSSCmd = &cobra.Command{
+		Use:   "tss",
+		Short: "TSS commands",
+	}
+	TSSEncryptCmd = &cobra.Command{
+		Use:   "encrypt [file-path] [secret-key]",
+		Short: "Utility command to encrypt existing tss key-share file",
+		Args:  cobra.ExactArgs(2),
+		RunE:  TSSEncryptFile,
+	}
+	TSSGeneratePreParamsCmd = &cobra.Command{
+		Use:   "tss gen-pre-params [path]",
+		Short: "Generate pre parameters for TSS",
+		Args:  cobra.ExactArgs(1),
+		RunE:  TSSGeneratePreParams,
+	}
 )
 
 var (
@@ -67,6 +83,10 @@ func init() {
 	RootCmd.AddCommand(VersionCmd)
 	RootCmd.AddCommand(StartCmd)
 	RootCmd.AddCommand(InitializeConfigCmd)
+
+	RootCmd.AddCommand(TSSCmd)
+	TSSCmd.AddCommand(TSSEncryptCmd)
+	TSSCmd.AddCommand(TSSGeneratePreParamsCmd)
 }
 
 func setupGlobalOptions() {

diff --git a/cmd/zetaclientd/start.go b/cmd/zetaclientd/start.go
@@ -219,12 +219,12 @@ func Start(_ *cobra.Command, _ []string) error {
 
 	// Generate a new TSS if keygen is set and add it into the tss server
 	// If TSS has already been generated, and keygen was successful ; we use the existing TSS
-	err = GenerateTSS(ctx, masterLogger, zetacoreClient, server)
+	err = mc.Generate(ctx, masterLogger, zetacoreClient, server)
 	if err != nil {
 		return err
 	}
 
-	tss, err := mc.NewTSS(
+	tss, err := mc.New(
 		ctx,
 		zetacoreClient,
 		tssHistoricalList,
@@ -236,7 +236,7 @@ func Start(_ *cobra.Command, _ []string) error {
 		return err
 	}
 	if cfg.TestTssKeysign {
-		err = TestTSS(tss.CurrentPubkey, *tss.Server, masterLogger)
+		err = mc.TestTSS(tss.CurrentPubkey, *tss.Server, masterLogger)
 		if err != nil {
 			startLogger.Error().Err(err).Msgf("TestTSS error : %s", tss.CurrentPubkey)
 		}

diff --git a/cmd/zetaclientd/tss.go b/cmd/zetaclientd/tss.go
@@ -0,0 +1,68 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/bnb-chain/tss-lib/ecdsa/keygen"
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+
+	"github.com/zeta-chain/node/pkg/crypto"
+)
+
+// TSSEncryptFile encrypts the given file with the given secret key
+func TSSEncryptFile(_ *cobra.Command, args []string) error {
+	var (
+		filePath = filepath.Clean(args[0])
+		password = args[1]
+	)
+
+	data, err := os.ReadFile(filePath)
+	if err != nil {
+		return err
+	}
+
+	if !json.Valid(data) {
+		return fmt.Errorf("file %s is not a valid json, may already be encrypted", filePath)
+	}
+
+	// encrypt the data
+	cipherText, err := crypto.EncryptAES256GCM(data, password)
+	if err != nil {
+		return errors.Wrap(err, "failed to encrypt data")
+	}
+
+	if err := os.WriteFile(filePath, cipherText, 0o600); err != nil {
+		return errors.Wrap(err, "failed to write encrypted data to file")
+	}
+
+	fmt.Printf("File %s successfully encrypted\n", filePath)
+
+	return nil
+}
+
+func TSSGeneratePreParams(_ *cobra.Command, args []string) error {
+	startTime := time.Now()
+	preParams, err := keygen.GeneratePreParams(time.Second * 300)
+	if err != nil {
+		return err
+	}
+
+	file, err := os.OpenFile(args[0], os.O_RDWR|os.O_CREATE, 0600)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	if err = json.NewEncoder(file).Encode(preParams); err != nil {
+		return err
+	}
+
+	fmt.Printf("Generated new pre-parameters in %s\n", time.Since(startTime).String())
+
+	return nil
+}
diff --git a/cmd/zetaclientd/keygen_tss.go → zetaclient/tss/generate.go b/cmd/zetaclientd/keygen_tss.go → zetaclient/tss/generate.go
@@ -1,4 +1,4 @@
-package main
+package tss
 
 import (
 	"context"
@@ -19,20 +19,20 @@ import (
 	"github.com/zeta-chain/node/zetaclient/chains/interfaces"
 	zctx "github.com/zeta-chain/node/zetaclient/context"
 	"github.com/zeta-chain/node/zetaclient/metrics"
-	mc "github.com/zeta-chain/node/zetaclient/tss"
 	"github.com/zeta-chain/node/zetaclient/zetacore"
 )
 
-// GenerateTSS generates a new TSS if keygen is set.
+// Generate generates a new TSS if keygen is set.
 // If a TSS was generated successfully in the past,and the keygen was successful, the function will return without doing anything.
 // If a keygen has been set the functions will wait for the correct block to arrive and generate a new TSS.
 // In case of a successful keygen a TSS success vote is broadcasted to zetacore and the newly generate TSS is tested. The generated keyshares are stored in the correct directory
 // In case of a failed keygen a TSS failed vote is broadcasted to zetacore.
-func GenerateTSS(
+func Generate(
 	ctx context.Context,
 	logger zerolog.Logger,
 	zetaCoreClient *zetacore.Client,
-	keygenTssServer *tss.TssServer) error {
+	keygenTssServer *tss.TssServer,
+) error {
 	keygenLogger := logger.With().Str("module", "keygen").Logger()
 	app, err := zctx.FromContext(ctx)
 	if err != nil {
@@ -176,7 +176,7 @@ func TestTSS(pubkey string, tssServer tss.TssServer, logger zerolog.Logger) erro
 	keygenLogger := logger.With().Str("module", "test-keygen").Logger()
 	keygenLogger.Info().Msgf("KeyGen success ! Doing a Key-sign test")
 	// KeySign can fail even if TSS keygen is successful, just logging the error here to break out of outer loop and report TSS
-	err := mc.TestKeysign(pubkey, tssServer)
+	err := TestKeysign(pubkey, tssServer)
 	if err != nil {
 		return err
 	}

diff --git a/zetaclient/tss/tss_signer.go b/zetaclient/tss/tss_signer.go
@@ -1,4 +1,6 @@
 // Package tss provides the TSS signer functionalities for the zetaclient to sign transactions on external chains
+// TODO revamp the whole package
+// https://github.com/zeta-chain/node/issues/3119
 package tss
 
 import (
@@ -85,8 +87,8 @@ type TSS struct {
 	KeysignsTracker *ConcurrentKeysignsTracker
 }
 
-// NewTSS creates a new TSS instance which can be used to sign transactions
-func NewTSS(
+// New TSS constructor
+func New(
 	ctx context.Context,
 	client interfaces.ZetacoreClient,
 	tssHistoricalList []observertypes.TSS,