Line data Source code
1 : #ifndef HEADER_fd_src_disco_keyguard_fd_keyguard_h 2 : #define HEADER_fd_src_disco_keyguard_fd_keyguard_h 3 : 4 : /* fd_keyguard creates digital signatures on behalf of validator 5 : components. */ 6 : 7 : #include "../fd_disco_base.h" 8 : 9 : FD_PROTOTYPES_BEGIN 10 : 11 : /* FD_KEYGUARD_SIGN_REQ_MTU is the maximum size (inclusive) of a signing 12 : request payload. The payload in this case is the message byte array 13 : passed to fd_ed25519_sign. */ 14 : 15 0 : #define FD_KEYGUARD_SIGN_REQ_MTU (2048UL) 16 : 17 : /* Role definitions ***************************************************/ 18 : 19 0 : #define FD_KEYGUARD_ROLE_VOTER (0) /* vote transaction sender */ 20 0 : #define FD_KEYGUARD_ROLE_GOSSIP (1) /* gossip participant */ 21 0 : #define FD_KEYGUARD_ROLE_LEADER (2) /* block producer (shreds) */ 22 0 : #define FD_KEYGUARD_ROLE_REPAIR (4) /* Repair tile */ 23 0 : #define FD_KEYGUARD_ROLE_BUNDLE (5) /* Bundle tile */ 24 : #define FD_KEYGUARD_ROLE_CNT (6) /* number of known roles */ 25 : 26 : /* Payload types ******************************************************/ 27 : 28 0 : #define FD_KEYGUARD_PAYLOAD_LG_TXN (0) /* Solana transaction message (e.g. vote) */ 29 0 : #define FD_KEYGUARD_PAYLOAD_LG_GOSSIP (1) /* Gossip CrdsData */ 30 0 : #define FD_KEYGUARD_PAYLOAD_LG_PRUNE (2) /* Gossip PruneData */ 31 0 : #define FD_KEYGUARD_PAYLOAD_LG_SHRED (3) /* Solana legacy or merkle shred */ 32 0 : #define FD_KEYGUARD_PAYLOAD_LG_TLS_CV (4) /* TLS 1.3 certificate verify payload */ 33 0 : #define FD_KEYGUARD_PAYLOAD_LG_REPAIR (6) /* RepairProtocol */ 34 0 : #define FD_KEYGUARD_PAYLOAD_LG_PING (7) /* Gossip/Repair ping protocol */ 35 0 : #define FD_KEYGUARD_PAYLOAD_LG_BUNDLE (8) /* Bundle block producer authentication */ 36 : 37 0 : #define FD_KEYGUARD_PAYLOAD_TXN (1UL<<FD_KEYGUARD_PAYLOAD_LG_TXN ) 38 0 : #define FD_KEYGUARD_PAYLOAD_GOSSIP (1UL<<FD_KEYGUARD_PAYLOAD_LG_GOSSIP) 39 0 : #define FD_KEYGUARD_PAYLOAD_PRUNE (1UL<<FD_KEYGUARD_PAYLOAD_LG_PRUNE ) 40 0 : #define FD_KEYGUARD_PAYLOAD_SHRED (1UL<<FD_KEYGUARD_PAYLOAD_LG_SHRED ) 41 0 : #define FD_KEYGUARD_PAYLOAD_TLS_CV (1UL<<FD_KEYGUARD_PAYLOAD_LG_TLS_CV) 42 0 : #define FD_KEYGUARD_PAYLOAD_REPAIR (1UL<<FD_KEYGUARD_PAYLOAD_LG_REPAIR) 43 0 : #define FD_KEYGUARD_PAYLOAD_PING (1UL<<FD_KEYGUARD_PAYLOAD_LG_PING ) 44 0 : #define FD_KEYGUARD_PAYLOAD_BUNDLE (1UL<<FD_KEYGUARD_PAYLOAD_LG_BUNDLE) 45 : 46 : /* Sign types *********************************************************/ 47 : 48 0 : #define FD_KEYGUARD_SIGN_TYPE_ED25519 (0) /* ed25519_sign(input) */ 49 0 : #define FD_KEYGUARD_SIGN_TYPE_SHA256_ED25519 (1) /* ed25519_sign(sha256(data)) */ 50 0 : #define FD_KEYGUARD_SIGN_TYPE_PUBKEY_CONCAT_ED25519 (2) /* ed25519_sign(pubkey-data) */ 51 : 52 : /* Type confusion/ambiguity checks ************************************/ 53 : 54 : /* fd_keyguard_payload_match returns a bitwise OR of 55 : FD_KEYGUARD_PAYLOAD_{...}. 56 : 57 : [data,data+sz) is the payload that is requested to be signed. 58 : 59 : sign_type is in FD_KEYGUARD_SIGN_TYPE_{...}. 60 : 61 : Returns 0 if none matched. fd_ulong_popcnt(return value) is 1 if the 62 : payload is unambiguously of a single type. */ 63 : 64 : FD_FN_PURE ulong 65 : fd_keyguard_payload_match( uchar const * data, 66 : ulong sz, 67 : int sign_type ); 68 : 69 : /* Authorization ******************************************************/ 70 : 71 : struct fd_keyguard_authority { 72 : uchar identity_pubkey[32]; 73 : }; 74 : 75 : typedef struct fd_keyguard_authority fd_keyguard_authority_t; 76 : 77 : /* fd_keyguard_payload_authorize decides whether the keyguard accepts 78 : a signing request. 79 : 80 : [data,data+sz) is the payload that is requested to be signed. 81 : 82 : role is one of FD_KEYGUARD_ROLE_{...}. It is assumed that the origin 83 : of the request was previously authorized for the given role. 84 : 85 : Returns 1 if authorized, otherwise 0. 86 : 87 : This function is more restrictive than the respective 88 : fd_keyguard_payload_matches functions. */ 89 : 90 : int 91 : fd_keyguard_payload_authorize( fd_keyguard_authority_t const * authority, 92 : uchar const * data, 93 : ulong sz, 94 : int role, 95 : int sign_type ); 96 : 97 : FD_PROTOTYPES_END 98 : 99 : #endif /* HEADER_fd_src_disco_keyguard_fd_keyguard_h */
