Make bls.Signer api fallible

[richardpringle]

• Make ProofOfPossession creation fallible
• Make bls.Signer api fallible

Why this should be merged

If we want to add any networking in between the keys, we'll need a fallible API.

I've implemented the rpcsigner here as a grpc client with a server implemented in a _test.go file. The idea here is that anyone who implements the interface.

Open Question:

There's one little gotchya here for anyone implementing the interface. It's that we expect the keys and signatures to be compressed when sent over the wire. I'm open to using the more general serialization OR adding the compressed prefix to the proto-message field names.

TODO:

Further, we should probably add a minimal test suite that an external implementor can run, however, I think could probably be implemented in a follow up PR as it is not a priority at the moment.

How this works

How this was tested

Need to be documented in RELEASES.md?

[richardpringle]

please help with naming!?

[joshua-kim]

Shouldn't this just be server.go? I don't think this is a test file - this is the server implementation

[richardpringle]

I thought I already responded to this (maybe I forgot to submit the comment). My issue here is that I actually don't want people to use this. There's no benefit to running this on the same server vs running a local-signer and there's no auth mechanism implementation for running it on a separate server.

Maybe the mistake is testing the client at all?

Maybe we can just have a set of tests that implementors can run to make sure this works as expected? Curious to hear your thoughts

[joshua-kim]

Suggested change

	BLSSignature: (func() *bls.Signature {
	sig, err := blsKey.SignProofOfPossession([]byte("wrong message"))
	require.NoError(t, err)
	return sig
	})(),
	BLSSignature: func() *bls.Signature {
	sig, err := blsKey.SignProofOfPossession([]byte("wrong message"))
	require.NoError(t, err)
	return sig
	}(),

[joshua-kim]

We wrap this with () in a few spots in this PR, but I don't think it's necessary?

[joshua-kim]

I don't have a strong preference for wrapping this error or not, but I think we should be consistent w/ whatever we end up doing for this and the above error earlier in this diff

[joshua-kim]

Maybe prefix this + the corresponding request/response types with Sign* to align this more closely with the existing Sign rpc, as they are similar apis with differing ciphertexts? i.e
rpc SignProofOfPossession(SignProofOfPossessionRequest) returns (SignProofOfPossessionResponse) {}?

[joshua-kim]

I would probably not use these functions... the way we're using collectN I think is over-engineering/not improving the readability of the tests. mapWithError is more useful than collectN so if you want to keep it in I'm fine with it, but I don't think writing out:

sig1, err := sk1.Sign(msg)
require.NoError(err)
sig2, err := sk2.Sign(msg)
require.NoError(err)
sig3, err := sk3.Sign(msg)
require.NoError(err)

sigs := []*bls.SIgnature{sig1, sig2, sig3}

is actually that bad IMO.

[joshua-kim]

This line is an example where I feel like the mapWithError util looks worse, instead of just writing out:

wrongSig, err := sk1.Sign(differentMsg)
require.NoError(err)
sig2, err := sk2.Sign(msg)
require.NoError(err)
sig3, err := sk3.Sign(msg)
require.NoError(err)

sigs := []*bls.SIgnature{wrongSig, sig2, sig3}

[joshua-kim]

1. This can be done in a one-liner
2. Generally Go uses the ok var name for bool return values

Suggested change

	isValid := bls.Verify(signer.PublicKey(), sig, msg)
	require.True(isValid)
	require.True(bls.Verify(signer.PublicKey(), sig, msg))

[joshua-kim]

Nit: The payloads of these messages in this test file don't need to be related to the test name + why make them longer when the contents don't matter? Ex. my IDE will pick up on this + we have to keep the test names/strings consistent

Suggested change

	msg := []byte("TestVerifyWrongMessageSignature local signer")
	wrongMsg := []byte("TestVerifyWrongMessageSignature local signer with wrong message")
	msg := []byte("foo")
	wrongMsg := []byte("bar")

[joshua-kim]

This can be refactored w/ TestVerifyValidSignature into a test-table if we the expected message a parameter

[richardpringle]

Is it really worth combining two tests into a table test? The logic is different for each test. In the first test, we have a message stored at variable msg. We sign the message and pass that same message and signature for verification. In the second test we have two separate inputs. We sign msg again, but we pass wrongMsg in for signature verification. Therefore the logic for each of the two tests are subtly different.

I could make a table test (with only two tests) that has a msg field as well as a verificationMsg field, but now I have to either copy/paste the same thing into one of the test-structs or define a variable outside. I'm kind of shoehorning things to save a few lines of code.

[joshua-kim]

Do we need tests on aggregation working? I feel like we already know aggregation will work because we are just implementing a type that produces bls.Signature and bls.Publickey, and those types + aggregation are already tested in the upstream package bls. I feel like coverage for rpcsigner only needs to cover that the Sign* functions produce signatures that are verifiable off of the PublicKey.

[joshua-kim]

Similar comment regarding test tables w/ the following test

[joshua-kim]

nit: SignRequest/SignResponse

[joshua-kim]

nit: SignProofOfPossessionSignatureRequest/Response

[joshua-kim]

nit: put this before Sign to be consistent w/ ordering on the interface

[joshua-kim]

Use TODO instead of Background

[joshua-kim]

I feel weird about this code owning the lifecycle of the connection since it's provided by the caller. Some of these errors don't look persistent + you can still re-use the connection since you can retry rpcs on different streams on the same http/2 connection even if this errored out.

You could probably make a strong case for some of these errors being persistent (i.e the empty public key case, the invalid pk case), but I would still think that you could handle all of these errors at the call-site through a connection close and have all the connection lifecycle managed there instead of having mixed ownership

[joshua-kim]

Related to my last comment but I think this can be removed as well

[joshua-kim]

Can't tell if this is hacky or clever but it works

[joshua-kim]

nit: lowercase all of the test names (not sure if this is a go standard or not, but it is consistent w/ the rest of our tests)

[joshua-kim]

I think you probably meant to wrap a require.True(...) around this

[joshua-kim]

same comment regarding ErrorIs

[joshua-kim]

Same comment regarding the assertion

[joshua-kim]

Can't these tests use require.ErrorIs which also handles error wrapping?

[joshua-kim]

Why do we re-use this instance across tests? Even if there isn't mutable state I generally try to avoid sharing types across tests to avoid introducing it accidentally

[joshua-kim]

I think this is supposed to return the pk instead of nil - my guess is that this isn't caught because of the missing assertions

[richardpringle]

This isn't tested, I'll add a comment

[richardpringle]

Comment added

[joshua-kim]

Why do we reslice here? Is this this sig otherwise not 96 bytes?

[richardpringle]

It's a failure case, I'll add a comment

[richardpringle]

comments added