Crate entropy_tss
source ·Expand description
§Server
The Threshold Server which stores key shares and participates in the signing protocol.
§Overview
This exposes a HTTP API.
§The HTTP endpoints
Some endpoints are designed to be called by the user, some by the entropy chain node,
and some by other instances of server
:
§For the user
Most user-facing endpoints take a SignedMessage which is an encrypted, signed message.
§/user/sign_tx
- POST
[crate::user::api::sign_tx()]
Called by a user to submit a transaction to sign (the new way of doing signing). Takes a UserSignatureRequest encrypted in a SignedMessage.
The response is chunked response stream. If the UserSignatureRequest
could be processed, a
success response header is sent. Then the signing protocol runs. When the it finishes, a single
message will be sent on the response stream with the result.
If everything went well, the message will be a JSON object with a signle property “Ok” containing an array which contains two strings.
For example:
{"Ok":["t7Mcxfdigds3RoT6OO/P+uMFE+XigRjUpn72E1cRU4Q2u7cVxZlsNRYhnahA+DvSNHBddj0HRz5u/XPlJT9QOQE=","32d7c0bfd90b546993d1ad51c542e1fc9dd1706c7bca395c8bd7f9642ae842400769488404dabd25d438cf08785a6750f95e7489245b8760af115f450d5f0a83"]}
The first string is a base64 encoded signature produced by the signing protocol. This is a 65 byte signature, the final byte of which is a recovery ID.
The second string is a hex encoded sr25519 signature of the signature made by the TSS server, which can be used to authenticate that this response really came from this TSS server.
In case signing was not successfull, the message will be a JSON object with a signle property “Err” containing an error message, for example:
{"Err":"reqwest event error: Invalid status code: 500 Internal Server Error"}
Curl example for user/sign_tx
:
curl -X POST -H "Content-Type: application/json" \
-d '{"msg" "0x174...hex encoded signedmessage...","sig":"821754409744cbb878b44bd1e3dc575a4ea721e12d781b074fcdb808fc79fd33dd1928b1a281c0b6261a30536a7c0106a102f27dad1bc3ef475b626f0e57c983","pk":[172,133,159,138,33,110,235,27,50,11,76,118,209,24,218,61,116,7,250,82,52,132,208,169,128,18,109,59,77,13,34,10],"recip":[10,192,41,240,184,83,178,59,237,101,45,109,13,230,155,124,195,141,148,249,55,50,238,252,133,181,134,30,144,247,58,34],"a":[169,94,23,7,19,184,134,70,233,117,2,84,242,135,246,95,159,14,218,125,209,191,175,89,41,196,182,96,117,5,159,98],"nonce":[114,93,158,35,209,188,96,248,85,131,95,237]}' \
-H "Accept: application/json" \
http://127.0.0.1:3001/user/sign_tx
§For the blockchain node
§/user/new
- POST
[crate::user::api::new_user()]
Called by the off-chain worker (propagation pallet) during user registration. This takes a parity scale encoded entropy_shared::types::OcwMessageDkg which tells us which validators are in the registration group and will perform a DKG.
§For other instances of the threshold server
-
/user/receive_key
- recieve a keyshare from another threshold server in the same signing subgroup during registration or proactive refresh.Takes a [UserRegistrationInfo] containing the users account ID and associated keyshare, wrapped in a crate::validation::SignedMessage.
-
/ws
- Websocket server for signing and DKG protocol messages. This is opened by other threshold servers when the signing procotol is initiated. -
/validator/sync_kvdb
- POST - Called by another threshold server when joining to get the key-shares from a member of their sub-group.Takes a list of users account IDs for which shares are requested, wrapped in a crate::validation::SignedMessage. Responds with a list of crate::validation::SignedMessages each containing a serialized synedrion::KeyShare.
-
/version
- Get - get the node version info -
/heathlz
- Get - get if the node is running -
/hashes
- Get - get the hashes supported by the node
§For testing / development
Unsafe has additional routes which are for testing and development
purposes only and will not be used in production. These routes are only available if this crate
is compiled with the unsafe
feature enabled.
unsafe/get
- POST - get a value from the key-value store, given its key.unsafe/put
- POST - update an existing value in the key-value store.unsafe/delete
- POST - remove a value from the key-value store, given its key.unsafe/remove_keys
- GET - remove everything from the key-value store.
§Pieces Launched
Re-exports§
pub use crate::helpers::launch;
pub use crate::helpers::validator::get_signer;
pub use crate::helpers::validator::get_signer_and_x25519_secret;
Modules§
- A client interface for communicating with the Entropy blockchain
- Helper modules for various components of the TSS server
Structs§
Functions§
- Syncs a validator by: