LCOV - code coverage report
Current view: top level - disco/keyguard - fd_keyguard.h (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 0 30 0.0 %
Date: 2025-03-20 12:08:36 Functions: 0 0 -

          Line data    Source code
       1             : #ifndef HEADER_fd_src_disco_keyguard_fd_keyguard_h
       2             : #define HEADER_fd_src_disco_keyguard_fd_keyguard_h
       3             : 
       4             : /* fd_keyguard creates digital signatures on behalf of validator
       5             :    components. */
       6             : 
       7             : #include "../fd_disco_base.h"
       8             : 
       9             : FD_PROTOTYPES_BEGIN
      10             : 
      11             : /* FD_KEYGUARD_SIGN_REQ_MTU is the maximum size (inclusive) of a signing
      12             :    request payload.  The payload in this case is the message byte array
      13             :    passed to fd_ed25519_sign. */
      14             : 
      15           0 : #define FD_KEYGUARD_SIGN_REQ_MTU (2048UL)
      16             : 
      17             : /* Role definitions ***************************************************/
      18             : 
      19           0 : #define FD_KEYGUARD_ROLE_VOTER        (0)  /* vote transaction sender */
      20           0 : #define FD_KEYGUARD_ROLE_GOSSIP       (1)  /* gossip participant */
      21           0 : #define FD_KEYGUARD_ROLE_LEADER       (2)  /* block producer (shreds) */
      22           0 : #define FD_KEYGUARD_ROLE_REPAIR       (4)  /* Repair tile */
      23           0 : #define FD_KEYGUARD_ROLE_BUNDLE       (5)  /* Bundle tile */
      24           0 : #define FD_KEYGUARD_ROLE_EVENT        (6)  /* Event tile */
      25           0 : #define FD_KEYGUARD_ROLE_BUNDLE_CRANK (7)  /* Sign cranking transactions for bundle tips */
      26             : #define FD_KEYGUARD_ROLE_CNT          (8)  /* number of known roles */
      27             : 
      28             : /* Payload types ******************************************************/
      29             : 
      30           0 : #define FD_KEYGUARD_PAYLOAD_LG_TXN    (0)  /* Solana transaction message (e.g. vote) */
      31           0 : #define FD_KEYGUARD_PAYLOAD_LG_GOSSIP (1)  /* Gossip CrdsData */
      32           0 : #define FD_KEYGUARD_PAYLOAD_LG_PRUNE  (2)  /* Gossip PruneData */
      33           0 : #define FD_KEYGUARD_PAYLOAD_LG_SHRED  (3)  /* Solana legacy or merkle shred */
      34           0 : #define FD_KEYGUARD_PAYLOAD_LG_TLS_CV (4)  /* TLS 1.3 certificate verify payload */
      35           0 : #define FD_KEYGUARD_PAYLOAD_LG_REPAIR (6)  /* RepairProtocol */
      36           0 : #define FD_KEYGUARD_PAYLOAD_LG_PING   (7)  /* Gossip/Repair ping protocol */
      37           0 : #define FD_KEYGUARD_PAYLOAD_LG_BUNDLE (8)  /* Bundle block producer authentication */
      38           0 : #define FD_KEYGUARD_PAYLOAD_LG_EVENT  (9)  /* Event reporter authentication */
      39             : 
      40           0 : #define FD_KEYGUARD_PAYLOAD_TXN    (1UL<<FD_KEYGUARD_PAYLOAD_LG_TXN   )
      41           0 : #define FD_KEYGUARD_PAYLOAD_GOSSIP (1UL<<FD_KEYGUARD_PAYLOAD_LG_GOSSIP)
      42           0 : #define FD_KEYGUARD_PAYLOAD_PRUNE  (1UL<<FD_KEYGUARD_PAYLOAD_LG_PRUNE )
      43           0 : #define FD_KEYGUARD_PAYLOAD_SHRED  (1UL<<FD_KEYGUARD_PAYLOAD_LG_SHRED )
      44           0 : #define FD_KEYGUARD_PAYLOAD_TLS_CV (1UL<<FD_KEYGUARD_PAYLOAD_LG_TLS_CV)
      45           0 : #define FD_KEYGUARD_PAYLOAD_REPAIR (1UL<<FD_KEYGUARD_PAYLOAD_LG_REPAIR)
      46           0 : #define FD_KEYGUARD_PAYLOAD_PING   (1UL<<FD_KEYGUARD_PAYLOAD_LG_PING  )
      47           0 : #define FD_KEYGUARD_PAYLOAD_BUNDLE (1UL<<FD_KEYGUARD_PAYLOAD_LG_BUNDLE)
      48           0 : #define FD_KEYGUARD_PAYLOAD_EVENT  (1UL<<FD_KEYGUARD_PAYLOAD_LG_EVENT )
      49             : 
      50             : /* Sign types *********************************************************/
      51             : 
      52           0 : #define FD_KEYGUARD_SIGN_TYPE_ED25519                          (0)  /* ed25519_sign(input) */
      53           0 : #define FD_KEYGUARD_SIGN_TYPE_SHA256_ED25519                   (1)  /* ed25519_sign(sha256(data)) */
      54           0 : #define FD_KEYGUARD_SIGN_TYPE_PUBKEY_CONCAT_ED25519            (2)  /* ed25519_sign(pubkey-data) */
      55           0 : #define FD_KEYGUARD_SIGN_TYPE_FD_METRICS_REPORT_CONCAT_ED25519 (3)  /* ed25519_sign(FD_METRICS_REPORT-data)) */
      56             : 
      57             : /* Type confusion/ambiguity checks ************************************/
      58             : 
      59             : /* fd_keyguard_payload_match returns a bitwise OR of
      60             :    FD_KEYGUARD_PAYLOAD_{...}.
      61             : 
      62             :    [data,data+sz) is the payload that is requested to be signed.
      63             : 
      64             :    sign_type is in FD_KEYGUARD_SIGN_TYPE_{...}.
      65             : 
      66             :    Returns 0 if none matched.  fd_ulong_popcnt(return value) is 1 if the
      67             :    payload is unambiguously of a single type. */
      68             : 
      69             : FD_FN_PURE ulong
      70             : fd_keyguard_payload_match( uchar const * data,
      71             :                            ulong         sz,
      72             :                            int           sign_type );
      73             : 
      74             : /* Authorization ******************************************************/
      75             : 
      76             : struct fd_keyguard_authority {
      77             :   uchar identity_pubkey[32];
      78             : };
      79             : 
      80             : typedef struct fd_keyguard_authority fd_keyguard_authority_t;
      81             : 
      82             : /* fd_keyguard_payload_authorize decides whether the keyguard accepts
      83             :    a signing request.
      84             : 
      85             :    [data,data+sz) is the payload that is requested to be signed.
      86             : 
      87             :    role is one of FD_KEYGUARD_ROLE_{...}.  It is assumed that the origin
      88             :    of the request was previously authorized for the given role.
      89             : 
      90             :    Returns 1 if authorized, otherwise 0.
      91             : 
      92             :    This function is more restrictive than the respective
      93             :    fd_keyguard_payload_matches functions. */
      94             : 
      95             : int
      96             : fd_keyguard_payload_authorize( fd_keyguard_authority_t const * authority,
      97             :                                uchar const *                   data,
      98             :                                ulong                           sz,
      99             :                                int                             role,
     100             :                                int                             sign_type );
     101             : 
     102             : FD_PROTOTYPES_END
     103             : 
     104             : #endif /* HEADER_fd_src_disco_keyguard_fd_keyguard_h */

Generated by: LCOV version 1.14