diff --git a/CHANGELOG.md b/CHANGELOG.md index 2059899e3..b2d6fc876 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,9 @@ ### Bugs fixed - Update netty to fix CVE-2023-44487 +### Features Added +- Removed need for KZG trusted setup file and associated --Xtrusted-setup command line argument + ## 23.9.1 ### Breaking Changes diff --git a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfiguration.java b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfiguration.java index 37bde8250..f17b9e713 100644 --- a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfiguration.java +++ b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfiguration.java @@ -70,7 +70,6 @@ public class SignerConfiguration { private final Optional denebForkEpoch; private final Optional network; private final boolean keyManagerApiEnabled; - private final Optional trustedSetup; private Optional watermarkRepairParameters; private int downstreamHttpPort; private Optional downstreamTlsOptions; @@ -121,7 +120,6 @@ public SignerConfiguration( final int downstreamHttpPort, final Optional downstreamTlsOptions, final ChainIdProvider chainIdProvider, - final Optional trustedSetup, final Optional v3KeystoresBulkloadParameters) { this.hostname = hostname; this.logLevel = logLevel; @@ -165,7 +163,6 @@ public SignerConfiguration( this.downstreamHttpPort = downstreamHttpPort; this.downstreamTlsOptions = downstreamTlsOptions; this.chainIdProvider = chainIdProvider; - this.trustedSetup = trustedSetup; this.v3KeystoresBulkloadParameters = v3KeystoresBulkloadParameters; } @@ -345,10 +342,6 @@ public ChainIdProvider getChainIdProvider() { return chainIdProvider; } - public Optional getTrustedSetup() { - return trustedSetup; - } - public Optional getV3KeystoresBulkloadParameters() { return v3KeystoresBulkloadParameters; } diff --git a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfigurationBuilder.java b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfigurationBuilder.java index 23a0286d5..7c0e82ecb 100644 --- a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfigurationBuilder.java +++ b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/SignerConfigurationBuilder.java @@ -78,7 +78,6 @@ public class SignerConfigurationBuilder { private ClientTlsOptions downstreamTlsOptions; private ChainIdProvider chainIdProvider = new ConfigurationChainId(DEFAULT_CHAIN_ID); - private String trustedSetup; private KeystoresParameters v3KeystoresBulkloadParameters; @@ -305,11 +304,6 @@ public SignerConfigurationBuilder withChainIdProvider(final ChainIdProvider chai return this; } - public SignerConfigurationBuilder withTrustedSetup(final String trustedSetup) { - this.trustedSetup = trustedSetup; - return this; - } - public SignerConfigurationBuilder withV3KeystoresBulkloadParameters( final KeystoresParameters v3KeystoresBulkloadParameters) { this.v3KeystoresBulkloadParameters = v3KeystoresBulkloadParameters; @@ -363,7 +357,6 @@ public SignerConfiguration build() { downstreamHttpPort, Optional.ofNullable(downstreamTlsOptions), chainIdProvider, - Optional.ofNullable(trustedSetup), Optional.ofNullable(v3KeystoresBulkloadParameters)); } } diff --git a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsConfigFileImpl.java b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsConfigFileImpl.java index ba9dfc315..0096697d0 100644 --- a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsConfigFileImpl.java +++ b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsConfigFileImpl.java @@ -484,12 +484,6 @@ private String createEth2SlashingProtectionArgs() { signerConfig.getDenebForkEpoch().get())); } - if (signerConfig.getTrustedSetup().isPresent()) { - yamlConfig.append( - String.format( - YAML_STRING_FMT, "eth2.Xtrusted-setup", signerConfig.getTrustedSetup().get())); - } - if (signerConfig.getNetwork().isPresent()) { yamlConfig.append( String.format(YAML_STRING_FMT, "eth2.network", signerConfig.getNetwork().get())); diff --git a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsDefaultImpl.java b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsDefaultImpl.java index ab9be6f13..fd0d07c09 100644 --- a/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsDefaultImpl.java +++ b/acceptance-tests/src/test/java/tech/pegasys/web3signer/dsl/signer/runner/CmdLineParamsDefaultImpl.java @@ -292,11 +292,6 @@ private Collection createEth2Args() { params.add(Long.toString(signerConfig.getDenebForkEpoch().get())); } - if (signerConfig.getTrustedSetup().isPresent()) { - params.add("--Xtrusted-setup"); - params.add(signerConfig.getTrustedSetup().get()); - } - if (signerConfig.getNetwork().isPresent()) { params.add("--network"); params.add(signerConfig.getNetwork().get()); diff --git a/acceptance-tests/src/test/java/tech/pegasys/web3signer/tests/signing/Eth2CustomNetworkFileAcceptanceTest.java b/acceptance-tests/src/test/java/tech/pegasys/web3signer/tests/signing/Eth2CustomNetworkFileAcceptanceTest.java index 5862c24bb..ffe891b17 100644 --- a/acceptance-tests/src/test/java/tech/pegasys/web3signer/tests/signing/Eth2CustomNetworkFileAcceptanceTest.java +++ b/acceptance-tests/src/test/java/tech/pegasys/web3signer/tests/signing/Eth2CustomNetworkFileAcceptanceTest.java @@ -19,7 +19,6 @@ import tech.pegasys.teku.bls.BLSPublicKey; import tech.pegasys.teku.bls.BLSSecretKey; import tech.pegasys.teku.infrastructure.unsigned.UInt64; -import tech.pegasys.teku.networks.Eth2NetworkConfiguration; import tech.pegasys.teku.spec.Spec; import tech.pegasys.teku.spec.SpecFactory; import tech.pegasys.teku.spec.datastructures.util.ForkAndSpecMilestone; @@ -31,7 +30,6 @@ import java.nio.file.Path; import java.util.List; -import java.util.Objects; import com.fasterxml.jackson.core.JsonProcessingException; import com.google.common.io.Resources; @@ -53,10 +51,6 @@ public class Eth2CustomNetworkFileAcceptanceTest extends SigningAcceptanceTestBa BLSSecretKey.fromBytes(Bytes32.fromHexString(PRIVATE_KEY)); private static final BLSKeyPair KEY_PAIR = new BLSKeyPair(KEY); private static final BLSPublicKey PUBLIC_KEY = KEY_PAIR.getPublicKey(); - private static final String TRUSTED_SETUP_PATH = - Objects.requireNonNull( - Eth2NetworkConfiguration.class.getResource("minimal-trusted-setup.txt")) - .toExternalForm(); @BeforeEach void setup() { @@ -65,11 +59,7 @@ void setup() { METADATA_FILE_HELPERS.createUnencryptedYamlFileAt(keyConfigFile, PRIVATE_KEY, KeyType.BLS); final SignerConfigurationBuilder builder = new SignerConfigurationBuilder(); - builder - .withKeyStoreDirectory(testDirectory) - .withMode("eth2") - .withNetwork(NETWORK_CONFIG_PATH) - .withTrustedSetup(TRUSTED_SETUP_PATH); + builder.withKeyStoreDirectory(testDirectory).withMode("eth2").withNetwork(NETWORK_CONFIG_PATH); startSigner(builder.build()); } @@ -79,8 +69,7 @@ void signAndVerifyBlockV2SignatureForAllEnabledMilestones() throws Exception { SpecFactory.create( NETWORK_CONFIG_PATH.toString(), specConfigBuilder -> - specConfigBuilder.denebBuilder( - denebBuilder -> denebBuilder.trustedSetupPath(TRUSTED_SETUP_PATH))); + specConfigBuilder.denebBuilder(denebBuilder -> denebBuilder.kzgNoop(true))); final List enabledMilestones = spec.getEnabledMilestones(); assertThat(enabledMilestones.size()).isEqualTo(5); diff --git a/build.gradle b/build.gradle index dc9daadb9..2737a095b 100644 --- a/build.gradle +++ b/build.gradle @@ -166,6 +166,12 @@ allprojects { skipProjects = [ ':acceptance-tests' ] + analyzers { + retirejs { + enabled = false + } + assemblyEnabled = false + } } tasks.withType(JavaCompile) { diff --git a/commandline/src/main/java/tech/pegasys/web3signer/commandline/subcommands/Eth2SubCommand.java b/commandline/src/main/java/tech/pegasys/web3signer/commandline/subcommands/Eth2SubCommand.java index f54e57b08..0855136dd 100644 --- a/commandline/src/main/java/tech/pegasys/web3signer/commandline/subcommands/Eth2SubCommand.java +++ b/commandline/src/main/java/tech/pegasys/web3signer/commandline/subcommands/Eth2SubCommand.java @@ -125,15 +125,6 @@ private static class NetworkCliCompletionCandidates extends ArrayList { converter = UInt64Converter.class) private UInt64 denebForkEpoch; - @CommandLine.Option( - names = {"--Xtrusted-setup"}, - hidden = true, - paramLabel = "", - description = - "The trusted setup which is needed for KZG commitments. Only required when creating a custom network. This value should be a file or URL pointing to a trusted setup.", - arity = "1") - private String trustedSetup = null; // Depends on network configuration - @CommandLine.Option( names = {"--key-manager-api-enabled", "--enable-key-manager-api"}, paramLabel = "", @@ -190,7 +181,7 @@ private void logNetworkSpecInformation() { private Eth2NetworkConfiguration createEth2NetworkConfig() { Eth2NetworkConfiguration.Builder builder = Eth2NetworkConfiguration.builder(); - builder.applyNetworkDefaults(network); + builder.applyNetworkDefaults(network).kzgNoop(true); if (altairForkEpoch != null) { builder.altairForkEpoch(altairForkEpoch); } @@ -203,9 +194,6 @@ private Eth2NetworkConfiguration createEth2NetworkConfig() { if (denebForkEpoch != null) { builder.denebForkEpoch(denebForkEpoch); } - if (trustedSetup != null) { - builder.trustedSetup(trustedSetup); - } return builder.build(); } diff --git a/gradle/versions.gradle b/gradle/versions.gradle index 043f111e6..6dae5ebc3 100644 --- a/gradle/versions.gradle +++ b/gradle/versions.gradle @@ -90,7 +90,7 @@ dependencyManagement { dependency 'org.xipki.iaik:sunpkcs11-wrapper:1.4.10' - dependencySet(group: 'tech.pegasys.teku.internal', version: '23.9.1') { + dependencySet(group: 'tech.pegasys.teku.internal', version: '23.10.0') { entry ('bls') { exclude group: 'org.bouncycastle', name: 'bcprov-jdk15on' }