[key-server] handle committee mode #358
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
joyqvq
force-pushed
the
joy/dkg-init-cli
branch
from
0206f54 to
536076a
Compare
joyqvq
force-pushed
the
joy/server-mode
branch
from
ec95e32 to
bcea534
Compare
joyqvq
force-pushed
the
joy/dkg-init-cli
branch
2 times, most recently
from
246025c to
d9174d5
Compare
joyqvq
force-pushed
the
joy/server-mode
branch
from
bcea534 to
74a77e9
Compare
joyqvq
changed the base branch from
joy/dkg-init-cli
to
joy/seal-committee-only
joyqvq
force-pushed
the
joy/server-mode
branch
from
74a77e9 to
022951b
Compare
joyqvq
force-pushed
the
joy/server-mode
branch
3 times, most recently
from
9752b01 to
05a3799
Compare
benr-ml
reviewed
Nov 2, 2025
joyqvq
force-pushed
the
joy/server-mode
branch
2 times, most recently
from
adee3a1 to
4b433e7
Compare
joyqvq
commented
Nov 5, 2025
benr-ml
reviewed
Nov 5, 2025
crates/key-server/src/master_keys.rs
Outdated
| #[derive(Clone)] | ||
| pub(crate) enum CommitteeKeyState { | ||
| Active { | ||
| master_key: IbeMasterKey, |
Collaborator
There was a problem hiding this comment.
we can move master_share to Committee enum
Collaborator
Author
There was a problem hiding this comment.
you mean collapse it into pub enum ServerMode?
i was considering this, KeyServerOptions that has ServerMode also has a bunch of "configurations", is it a good idea to move key materials there? (perhaps thats why it was set up separately before?)
joyqvq
force-pushed
the
joy/server-mode
branch
2 times, most recently
from
9c53815 to
0cf46e3
Compare
Collaborator
Author
|
cc @benr-ml i revised it to use the key server obj instead of committee. im still working on adding more tests, but see pr description and lmk if they make sense high level? |
joyqvq
force-pushed
the
joy/server-mode
branch
3 times, most recently
from
4c7d38a to
e32447f
Compare
Collaborator
yes, the high level makes sense. perhaps we can use env variable MASTER_SHARE_X for version X to make it slightly more explicit |
joyqvq
force-pushed
the
joy/server-mode
branch
from
6f2e360 to
83a6743
Compare
joyqvq
force-pushed
the
joy/server-mode
branch
6 times, most recently
from
08fc13b to
5496c63
Compare
joyqvq
force-pushed
the
joy/server-mode
branch
2 times, most recently
from
3f4620c to
e4303e1
Compare
joyqvq
force-pushed
the
joy/server-mode
branch
from
e4303e1 to
8c2dbb1
Compare
benr-ml
approved these changes
Nov 19, 2025
| # - "0x3333333333333333333333333333333333333333333333333333333333333333" | ||
|
|
||
| # #### COMMITTEE MODE #### | ||
| # See step 7 in the member runbook for fresh DKG and key rotation in details. |
Collaborator
There was a problem hiding this comment.
Suggested change
| # See step 7 in the member runbook for fresh DKG and key rotation in details. | |
| # See the runbook for fresh DKG and key rotation in details. |
| # #### COMMITTEE MODE #### | ||
| # See step 7 in the member runbook for fresh DKG and key rotation in details. | ||
| # | ||
| # Environment variables use versioned naming: MASTER_SHARE_VX |
Collaborator
There was a problem hiding this comment.
Suggested change
| # Environment variables use versioned naming: MASTER_SHARE_VX | |
| # Environment variables use versioned naming: MASTER_SHARE_VX where X is a version of the committee (e.g. 1) |
| # Environment variables use versioned naming: MASTER_SHARE_VX | ||
| # | ||
| # - For active mode (onchain version = target version = X): | ||
| # Must provide MASTER_SHARE_VX where X matches both onchain and target versions. |
Collaborator
There was a problem hiding this comment.
Suggested change
| # Must provide MASTER_SHARE_VX where X matches both onchain and target versions. | |
| # Must set the env variable MASTER_SHARE_VX where X matches the onchain version. |
| # Example: For version 0, set MASTER_SHARE_V0, other versioned shares will be ignored. | ||
| # | ||
| # - For rotation mode (onchain version = X, target version = X+1): | ||
| # Must provide MASTER_SHARE_VX and MASTER_SHARE_VX+1. |
Collaborator
There was a problem hiding this comment.
Suggested change
| # Must provide MASTER_SHARE_VX and MASTER_SHARE_VX+1. | |
| # Must set the env variables MASTER_SHARE_VX and MASTER_SHARE_VY where Y = X+1 |
| # Must provide MASTER_SHARE_VX and MASTER_SHARE_VX+1. | ||
| # The server uses MASTER_SHARE_VX and automatically switches to MASTER_SHARE_VX+1 | ||
| # when the onchain version updates to X+1. | ||
| # Example: For rotation from v1 to v2, set both MASTER_SHARE_V1 and MASTER_SHARE_V2. |
Collaborator
There was a problem hiding this comment.
Suggested change
| # Example: For rotation from v1 to v2, set both MASTER_SHARE_V1 and MASTER_SHARE_V2. | |
| # Example: For rotation from version 1 to 2, set both MASTER_SHARE_V1 and MASTER_SHARE_V2. |
| # server_mode: !Committee | ||
| # member_address: '<MY_ADDRESS>' | ||
| # key_server_obj_id: '<KEY_SERVER_OBJ_ID>' | ||
| # target_key_server_version: 2 |
Collaborator
There was a problem hiding this comment.
abusing target_key_server_version for both cases confused me a bit, maybe we could make it more explicit - instead of target_key_server_version , use committee_state: enum { Active, Rotation(target_version) } - if Active, determine the version from the ks obj; if Rotation, determine both versions from target_version?
| let master_keys = MasterKeys::load(&options).unwrap_or_else(|e| { | ||
|
|
||
| // Fetch current version onchain. | ||
| let current_version = match &options.server_mode { |
Collaborator
There was a problem hiding this comment.
Suggested change
| let current_version = match &options.server_mode { | |
| let committee_version = match &options.server_mode { |
| // Derive KeyServerV2 dynamic field ID on KeyServer object. | ||
| // This is a regular dynamic_field, not dynamic_object_field. | ||
| // Key type: u64, Key value: EXPECTED_KEY_SERVER_VERSION | ||
| let v2_field_name_bcs = bcs::to_bytes(&EXPECTED_KEY_SERVER_VERSION)?; |
Collaborator
There was a problem hiding this comment.
Suggested change
| let v2_field_name_bcs = bcs::to_bytes(&EXPECTED_KEY_SERVER_VERSION)?; | |
| let v2_field_name_bcs = bcs::to_bytes(&EXPECTED_KEY_SERVER_VERSION).unwrap(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Test plan
make the config file: crates/key-server/key-server-config.example
run with
output: