Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

exp/services/recoverysigner: add support for configuring and using multiple signing keys #2627

Merged
merged 5 commits into from
May 28, 2020
Merged

Conversation

leighmcculloch
Copy link
Member

@leighmcculloch leighmcculloch commented May 27, 2020

PR Checklist

PR Structure

  • This PR has reasonably narrow scope (if not, break it down into smaller PRs).
  • This PR avoids mixing refactoring changes with feature changes (split into two PRs
    otherwise).
  • This PR's title starts with name of package that is most changed in the PR, ex.
    services/friendbot, or all or doc if the changes are broad or impact many
    packages.

Thoroughness

  • This PR adds tests for the most critical parts of the new functionality or fixes.
  • I've updated any docs (developer docs, .md
    files, etc... affected by this change). Take a look in the docs folder for a given service,
    like this one.

Release planning

  • I've updated the relevant CHANGELOG (here for Horizon) if
    needed with deprecations, added features, breaking changes, and DB schema changes.
  • I've decided if this PR requires a new major/minor version according to
    semver, or if it's mainly a patch change. The PR is targeted at the next
    release branch if it's not a patch change.

What

Add support for configuring and using multiple signing keys where the
first signing key in the list is the default used for signing and the
others can be selected according to SEP-30 v0.3.0.

Why

The reference implementation adheres to the API changes defined in
SEP-30 v0.3.0 that supported multiple signing keys per registered
account for the purpose of rotating signing keys, however the reference
implementation does not actually support multiple signing keys being
configured at one time.

Closes #2620.

Note

Much of this code is possibly going to be rewritten for #2343 where
global keys will be supplemented with unique keys for each account that
get stored in the database.

Known limitations

There is some code duplicity in this PR that I don't think is worth
optimizing on until unique keys are implemented as trying to abstract
commonalities may make @howardtw's job harder if the abstraction
doesn't quite align with the logic he inserts. I think we should revisit any
duplicate code once the unique key logic is added.

…ltiple signing keys

### What
Add support for configuring and using multiple signing keys where the
first signing key in the list is the default used for signing and the
others can be selected according to SEP-30 v0.3.0.

### Why
The reference implementation adheres to the API changes defined in
SEP-30 v0.3.0 that supported multiple signing keys per registered
account for the purpose of rotating signing keys, however the reference
implementation does not actually support multiple signing keys being
configured at one time.

### Note
Much of this code is possibly going to be rewritten for #2620 where
global keys will be supplemented with unique keys for each account that
get stored in the database.
@leighmcculloch leighmcculloch requested review from howardtw and a team May 27, 2020 00:31
@leighmcculloch leighmcculloch self-assigned this May 27, 2020
@cla-bot cla-bot bot added the cla: yes label May 27, 2020
@howardtw
Copy link
Contributor

👀

Copy link
Contributor

@howardtw howardtw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

exp/services/recoverysigner: add support for configuring and using multiple signing keys
2 participants