Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Quorum Key Resharding Service #428

Closed
wants to merge 4 commits into from
Closed

Add Quorum Key Resharding Service #428

wants to merge 4 commits into from

Conversation

emostov
Copy link
Contributor

@emostov emostov commented Jan 23, 2024
edited
Loading

TODO:

  • Add new quorum key sharding logic. We will need to support both old and new sss logic for the reshard. We will use https://crates.io/crates/vsss-rs for the new sss
  • Update entropy usage to use chacha::ChaChaRng::from_entropy(); make sure to remove thread_rng usage.

Summary & Motivation (Problem vs. Solution)

QOS users need a way to reshard quorum keys.

This PR solves the issue by adding a new boot mode specifically for resharding keys. The process is similar to running a boot standard, in that members from the share set need to post shares to reconstruct the quorum keys. Once quorum keys are reconstructed, they are resharded to the new share set. New share set members can then pull their shares and verify that they can decrypt them.

Prior to reviewing the code in detail, take a look at src/qos_client/RESHARD_GUIDE.md, which describes how to execute quorum key resharding

How I Tested These Changes

  • E2E test for the positive case
  • Unit tests on the new service logic

Pre merge check list

  • Update CHANGELOG.MD
  • High level doc for quorum key resharding

@emostov emostov force-pushed the zeke-reshard-4 branch 3 times, most recently from bc26255 to 0ff98e8 Compare January 23, 2024 22:53
@emostov
Add Quorum Key Resharding Service
b3f7469 
wip

wip

get to compile

Initial reshard provision and unit test

code clean up

fix n choose k

refactor n choose k

Finish tests for reshard

add test for boot reshard

Add generate reshard input

wip

wip

wip

wip

Get reshard-renencrypt working

Get post share working

lint

wip

Build get reshard output

Add new secrets for file key

get full thing working e2e

refactor wip

get qos core to compile

Get all of qos core working

refactor to not use quorumpubkey wrapper

wip

Get e2e tests working with new input

Add logic for checking that e2e share recombination works

finish integration test

lint stuff

Improve human verifiactions

clean up
emostov added a commit that referenced this pull request Apr 18, 2024
@emostov
Update changelog for #428
86de27b
@emostov
Copy link
Contributor Author

emostov commented Apr 18, 2024

Superseded by #446

@emostov emostov closed this Apr 18, 2024
emostov added a commit that referenced this pull request Apr 22, 2024
@emostov
Update changelog for #428
28431b9
emostov added a commit that referenced this pull request Jun 18, 2024
@emostov
Update changelog for #428
712d75b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timurnkey timurnkey Awaiting requested review from timurnkey

@oliviathet oliviathet Awaiting requested review from oliviathet

@andrewkmin andrewkmin Awaiting requested review from andrewkmin

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@emostov