-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Seed recovery process to survive kettle restarts #38
base: main
Are you sure you want to change the base?
Conversation
There is still a bug upon restarting the kettle during the Timelock demo. |
13153da
to
f4d531c
Compare
at first review, this seems redundant because the onboarding process already uses sealing to store the seed. So there isn't need for more flow, we just need to finish automation for the onboarding flow. |
I don't get what you mean this seems redundant? |
I'm still opposed to this merge fwiw for the reason of redundancy stated above |
In this PR we tackle the issue of losing the seed that generates the private key upon a kettle restart.
Here we rely on the bootstraping and onboarding steps to keep the exchanged ciphertext of the seed onchain.
This way, upon deriving the private key, if kettle has restarted, it will be detected that the seed is not there and initiates the recovery process.
A follow up task would be to discover ways to tackle sealing key revocation and renewals.
Note: this PR relies on the refactoring of volatileGet precompile in this PR
This PR adds the following:
1- seed recovery proccess
2- fix a minor bug in the offchain registry function (the address checking was wrongly placed)
3- Add unit tests to check the validity of the seed recovery process
4- Modify the kettle-bootstrap.ts script to do the registration and onboarding to enable seed recovery functionality
5- Refactors the Andromeda interface to use the volatileGet updated version from this PR