Re-sign and re-share using proofs and EIP1271 signature

Makefile

@@ -46,6 +46,10 @@ docker-demo-initiator:
 	@echo "Running initiator in docker demo"
 	docker-compose up --build initiator
 
+docker-demo-resign:
+	@echo "Running resigning in docker demo"
+	docker-compose up --build resign
+
 docker-demo-ping:
 	@echo "Running ping operators in docker demo"
 	docker-compose up --build ping

cli/cli.go

@@ -16,6 +16,7 @@ func init() {
 	RootCmd.AddCommand(operator.StartDKGOperator)
 	RootCmd.AddCommand(initiator.HealthCheck)
 	RootCmd.AddCommand(verify.Verify)
+	RootCmd.AddCommand(initiator.StartResigning)
 }
 
 // RootCmd represents the root command of DKG-tool CLI
@@ -32,6 +33,7 @@ func Execute(appName, version string) {
 	RootCmd.Version = version
 	initiator.HealthCheck.Version = version
 	initiator.StartDKG.Version = version
+	initiator.StartResigning.Version = version
 	operator.StartDKGOperator.Version = version
 	if err := RootCmd.Execute(); err != nil {
 		log.Fatal("failed to execute root command", zap.Error(err))

cli/flags/flags.go

@@ -29,6 +29,7 @@ const (
 	clientCACertPath  = "clientCACertPath"
 	serverTLSCertPath = "serverTLSCertPath"
 	serverTLSKeyPath  = "serverTLSKeyPath"
+	proofsFilePath    = "proofsFilePath"
 )
 
 // WithdrawAddressFlag  adds withdraw address flag to the command
@@ -136,6 +137,11 @@ func OperatorIDFlag(c *cobra.Command) {
 	AddPersistentIntFlag(c, operatorID, 0, "Operator ID", false)
 }
 
+// ProofsFilePath add file path to proofs flag to the command
+func ProofsFilePath(c *cobra.Command){
+	AddPersistentStringFlag(c, proofsFilePath, "proofs.json", "Path to proofs file", false)
+}
+
 // AddPersistentStringFlag adds a string flag to the command
 func AddPersistentStringFlag(c *cobra.Command, flag, value, description string, isRequired bool) {
 	req := ""

cli/initiator/initiator.go

@@ -6,15 +6,14 @@ import (
 	"fmt"
 	"log"
 
-	"github.com/sourcegraph/conc/pool"
-	"github.com/spf13/cobra"
-	"go.uber.org/zap"
-
 	e2m_core "github.com/bloxapp/eth2-key-manager/core"
 	cli_utils "github.com/bloxapp/ssv-dkg/cli/utils"
 	"github.com/bloxapp/ssv-dkg/pkgs/crypto"
 	"github.com/bloxapp/ssv-dkg/pkgs/initiator"
 	"github.com/bloxapp/ssv-dkg/pkgs/wire"
+	"github.com/sourcegraph/conc/pool"
+	"github.com/spf13/cobra"
+	"go.uber.org/zap"
 )
 
 const (
@@ -62,11 +61,7 @@ var StartDKG = &cobra.Command{
 		if err != nil {
 			logger.Fatal("😥 Failed to load operators: ", zap.Error(err))
 		}
-		logger.Info("🔑 opening initiator RSA private key file")
-		ethnetwork := e2m_core.MainNetwork
-		if cli_utils.Network != "now_test_network" {
-			ethnetwork = e2m_core.NetworkFromString(cli_utils.Network)
-		}
+		ethNetwork := e2m_core.NetworkFromString(cli_utils.Network)
 		// start the ceremony
 		ctx := context.Background()
 		pool := pool.NewWithResults[*Result]().WithContext(ctx).WithFirstError().WithMaxGoroutines(maxConcurrency)
@@ -82,7 +77,7 @@ var StartDKG = &cobra.Command{
 				id := crypto.NewID()
 				nonce := cli_utils.Nonce + uint64(i)
 				// Perform the ceremony.
-				depositData, keyShares, proofs, err := dkgInitiator.StartDKG(id, cli_utils.WithdrawAddress.Bytes(), operatorIDs, ethnetwork, cli_utils.OwnerAddress, nonce)
+				depositData, keyShares, proofs, err := dkgInitiator.StartDKG(id, cli_utils.WithdrawAddress.Bytes(), operatorIDs, ethNetwork, cli_utils.OwnerAddress, nonce)
 				if err != nil {
 					return nil, err
 				}

cli/initiator/resigning.go

@@ -0,0 +1,130 @@
+package initiator
+
+import (
+	"context"
+	"encoding/hex"
+	"fmt"
+	"log"
+
+	e2m_core "github.com/bloxapp/eth2-key-manager/core"
+	cli_utils "github.com/bloxapp/ssv-dkg/cli/utils"
+	"github.com/bloxapp/ssv-dkg/pkgs/crypto"
+	"github.com/bloxapp/ssv-dkg/pkgs/initiator"
+	"github.com/bloxapp/ssv-dkg/pkgs/wire"
+	"github.com/sourcegraph/conc/pool"
+	"github.com/spf13/cobra"
+	"go.uber.org/zap"
+)
+
+func init() {
+	cli_utils.SetResigningFlags(StartResigning)
+}
+
+var StartResigning = &cobra.Command{
+	Use:   "resign",
+	Short: "Resigning DKG results",
+	RunE: func(cmd *cobra.Command, args []string) error {
+		fmt.Println(`
+		██████╗ ██╗  ██╗ ██████╗     ██████╗ ███████╗███████╗██╗ ██████╗ ███╗   ██╗
+		██╔══██╗██║ ██╔╝██╔════╝     ██╔══██╗██╔════╝██╔════╝██║██╔════╝ ████╗  ██║
+		██║  ██║█████╔╝ ██║  ███╗    ██████╔╝█████╗  ███████╗██║██║  ███╗██╔██╗ ██║
+		██║  ██║██╔═██╗ ██║   ██║    ██╔══██╗██╔══╝  ╚════██║██║██║   ██║██║╚██╗██║
+		██████╔╝██║  ██╗╚██████╔╝    ██║  ██║███████╗███████║██║╚██████╔╝██║ ╚████║
+		╚═════╝ ╚═╝  ╚═╝ ╚═════╝     ╚═╝  ╚═╝╚══════╝╚══════╝╚═╝ ╚═════╝ ╚═╝  ╚═══╝
+																				`)
+
+		if err := cli_utils.SetViperConfig(cmd); err != nil {
+			return err
+		}
+		if err := cli_utils.BindResigningFlags(cmd); err != nil {
+			return err
+		}
+		logger, err := cli_utils.SetGlobalLogger(cmd, "dkg-initiator")
+		if err != nil {
+			return err
+		}
+		defer func() {
+			if err := cli_utils.Sync(logger); err != nil {
+				log.Printf("Failed to sync logger: %v", err)
+			}
+		}()
+		logger.Info("🪛 Initiator`s", zap.String("Version", cmd.Version))
+		// Load operators
+		opMap, err := cli_utils.LoadOperators(logger)
+		if err != nil {
+			logger.Fatal("😥 Failed to load operators: ", zap.Error(err))
+		}
+		operatorIDs, err := cli_utils.StingSliceToUintArray(cli_utils.OperatorIDs)
+		if err != nil {
+			logger.Fatal("😥 Failed to load participants: ", zap.Error(err))
+		}
+		ethNetwork := e2m_core.NetworkFromString(cli_utils.Network)
+		arrayOfSignedProofs, err := wire.LoadProofs(cli_utils.ProofsFilePath)
+		if err != nil {
+			logger.Fatal("😥 Failed to read proofs json file:", zap.Error(err))
+		}
+		// start the ceremony
+		ctx := context.Background()
+		pool := pool.NewWithResults[*Result]().WithContext(ctx).WithFirstError().WithMaxGoroutines(maxConcurrency)
+		for i := 0; i < len(arrayOfSignedProofs); i++ {
+			i := i
+			pool.Go(func(ctx context.Context) (*Result, error) {
+				// Create new DKG initiator
+				dkgInitiator, err := initiator.New(opMap.Clone(), logger, cmd.Version, cli_utils.ClientCACertPath)
+				if err != nil {
+					return nil, err
+				}
+				// Create a new ID
+				id := crypto.NewID()
+				nonce := cli_utils.Nonce + uint64(i)
+				// Perform the resigning ceremony
+				depositData, keyShares, proofs, err := dkgInitiator.StartResigning(id, operatorIDs, arrayOfSignedProofs[i], ethNetwork, cli_utils.WithdrawAddress.Bytes(), cli_utils.OwnerAddress, nonce)
+				if err != nil {
+					return nil, err
+				}
+				logger.Debug("Resigning ceremony completed",
+					zap.String("id", hex.EncodeToString(id[:])),
+					zap.Uint64("nonce", nonce),
+					zap.String("pubkey", keyShares.Shares[0].ShareData.PublicKey),
+				)
+				return &Result{
+					id:          id,
+					depositData: depositData,
+					keyShares:   keyShares,
+					nonce:       nonce,
+					proof:       proofs,
+				}, nil
+			})
+		}
+		results, err := pool.Wait()
+		if err != nil {
+			logger.Fatal("😥 Failed to initiate Resigning ceremony: ", zap.Error(err))
+		}
+		var depositDataArr []*wire.DepositDataCLI
+		var keySharesArr []*wire.KeySharesCLI
+		var proofs [][]*wire.SignedProof
+		for _, res := range results {
+			depositDataArr = append(depositDataArr, res.depositData)
+			keySharesArr = append(keySharesArr, res.keyShares)
+			proofs = append(proofs, res.proof)
+		}
+		// Save results
+		logger.Info("🎯 All data is validated.")
+		if err := cli_utils.WriteResults(
+			logger,
+			depositDataArr,
+			keySharesArr,
+			proofs,
+			false,
+			len(arrayOfSignedProofs),
+			cli_utils.OwnerAddress,
+			cli_utils.Nonce,
+			cli_utils.WithdrawAddress,
+			cli_utils.OutputPath,
+		); err != nil {
+			logger.Fatal("Could not save results", zap.Error(err))
+		}
+		logger.Info("🚀 Resigning ceremony completed")
+		return nil
+	},
+}

cli/utils/utils.go

@@ -68,6 +68,11 @@ var (
 	CeremonyDir string
 )
 
+// resigning flags
+var (
+	ProofsFilePath string
+)
+
 // SetViperConfig reads a yaml config file if provided
 func SetViperConfig(cmd *cobra.Command) error {
 	if err := viper.BindPFlag("configPath", cmd.PersistentFlags().Lookup("configPath")); err != nil {
@@ -191,6 +196,19 @@ func SetVerifyFlags(cmd *cobra.Command) {
 	flags.AddPersistentStringFlag(cmd, "owner", "", "Owner address", true)
 }
 
+func SetResigningFlags(cmd *cobra.Command) {
+	SetBaseFlags(cmd)
+	flags.OperatorsInfoFlag(cmd)
+	flags.OperatorsInfoPathFlag(cmd)
+	flags.OperatorIDsFlag(cmd)
+	flags.OwnerAddressFlag(cmd)
+	flags.NonceFlag(cmd)
+	flags.NetworkFlag(cmd)
+	flags.WithdrawAddressFlag(cmd)
+	flags.ProofsFilePath(cmd)
+	flags.ClientCACertPathFlag(cmd)
+}
+
 func SetHealthCheckFlags(cmd *cobra.Command) {
 	flags.AddPersistentStringSliceFlag(cmd, "ip", []string{}, "Operator ip:port", true)
 }
@@ -323,6 +341,91 @@ func BindInitFlags(cmd *cobra.Command) error {
 	return nil
 }
 
+// BindResigningFlags binds flags to yaml config parameters for the resigning of previous DKG result
+func BindResigningFlags(cmd *cobra.Command) error {
+	if err := BindBaseFlags(cmd); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("operatorsInfo", cmd.PersistentFlags().Lookup("operatorsInfo")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("operatorsInfoPath", cmd.PersistentFlags().Lookup("operatorsInfoPath")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("owner", cmd.PersistentFlags().Lookup("owner")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("nonce", cmd.PersistentFlags().Lookup("nonce")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("clientCACertPath", cmd.PersistentFlags().Lookup("clientCACertPath")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("proofsFilePath", cmd.PersistentFlags().Lookup("proofsFilePath")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("operatorIDs", cmd.PersistentFlags().Lookup("operatorIDs")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("withdrawAddress", cmd.PersistentFlags().Lookup("withdrawAddress")); err != nil {
+		return err
+	}
+	if err := viper.BindPFlag("network", cmd.Flags().Lookup("network")); err != nil {
+		return err
+	}
+	OperatorIDs = viper.GetStringSlice("operatorIDs")
+	if len(OperatorIDs) == 0 {
+		return fmt.Errorf("😥 Operator IDs flag cant be empty")
+	}
+	OperatorsInfoPath = viper.GetString("operatorsInfoPath")
+	if strings.Contains(OperatorsInfoPath, "../") {
+		return fmt.Errorf("😥 operatorsInfoPath flag should not contain traversal")
+	}
+	OperatorsInfo = viper.GetString("operatorsInfo")
+	if OperatorsInfoPath != "" && OperatorsInfo != "" {
+		return fmt.Errorf("😥 operators info can be provided either as a raw JSON string, or path to a file, not both")
+	}
+	if OperatorsInfoPath == "" && OperatorsInfo == "" {
+		return fmt.Errorf("😥 operators info should be provided either as a raw JSON string, or path to a file")
+	}
+	owner := viper.GetString("owner")
+	if owner == "" {
+		return fmt.Errorf("😥 Failed to get owner address flag value")
+	}
+	Nonce = viper.GetUint64("nonce")
+	ClientCACertPath = viper.GetStringSlice("clientCACertPath")
+	for _, certPath := range ClientCACertPath {
+		if strings.Contains(certPath, "../") {
+			return fmt.Errorf("😥 clientCACertPath flag should not contain traversal")
+		}
+	}
+	ProofsFilePath = viper.GetString("proofsFilePath")
+	if ProofsFilePath == "" {
+		return fmt.Errorf("😥 Failed to get path to proofs flag value")
+	}
+	if strings.Contains(ProofsFilePath, "../") {
+		return fmt.Errorf("😥 proofsFilePath flag should not contain traversal")
+	}
+	withdrawAddr := viper.GetString("withdrawAddress")
+	if withdrawAddr == "" {
+		return fmt.Errorf("😥 Failed to get withdrawal address flag value")
+	}
+	var err error
+	WithdrawAddress, err = utils.HexToAddress(withdrawAddr)
+	if err != nil {
+		return fmt.Errorf("😥 Failed to parse withdraw address: %s", err.Error())
+	}
+	Network = viper.GetString("network")
+	if Network == "" {
+		return fmt.Errorf("😥 Failed to get fork version flag value")
+	}
+	OwnerAddress, err = utils.HexToAddress(owner)
+	if err != nil {
+		return fmt.Errorf("😥 Failed to parse owner address: %s", err)
+	}
+	return nil
+}
+
 // BindOperatorFlags binds flags to yaml config parameters for the operator
 func BindOperatorFlags(cmd *cobra.Command) error {
 	if err := BindBaseFlags(cmd); err != nil {

docker-compose.yml

@@ -101,6 +101,19 @@ services:
     volumes:
       - ./examples:/data
 
+  resign:
+    image: ssv-dkg:latest
+    depends_on:
+      - operator1
+      - operator2
+      - operator3
+      - operator4
+    networks:
+      - shared_network
+    command: ["resign", "--configPath", "/data/config/resign.example.yaml"]
+    volumes:
+      - ./examples:/data
+
   ping:
     image: ssv-dkg:latest
     depends_on:

examples/config/resign.example.yaml

@@ -0,0 +1,33 @@
+operatorIDs: [1, 22, 44, 55]
+withdrawAddress: "0x81592c3de184a3e2c0dcb5a261bc107bfa91f494"
+owner: "0x81592c3de184a3e2c0dcb5a261bc107bfa91f494"
+nonce: 10
+network: "holesky"
+# operatorsInfo: '[{
+#   "id": 1,
+#   "public_key": "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdkFXRFppc1d4TUV5MGNwdjhoanAKQThDMWNYZ3VseHkyK0tDNldpWGo3NThuMjl4b1NsNHV1SjgwQ2NqQXJqbGQrWkNEWmxvSlhtMk51L0FFOFRaMgpQRW1UZFcxcGp5TmV1N2RDUWtGTHF3b3JGZ1AzVWdxczdQSEpqSE1mOUtTb1Y0eUxlbkxwYlR0L2tEczJ1Y1c3CnUrY3hvZFJ4d01RZHZiN29mT0FhbVhxR1haZ0NhNHNvdHZmSW9RS1dDaW9MczcvUkM3dHJrUGJONW4rbHQyZWEKd1J1SFRTTlNZcEdmbi9ud0FROHVDaW55SnNQV0Q0NUhldG9GekNKSlBnNjYzVzE1K1VsWU9tQVJCcWtaSVBISAp5V25ORjZTS2tRalI2MDJwQ3RXTkZRMi9wUVFqblJXbUkrU2FjMHhXRVQ3UUlsVmYxSGZ2NWRnWE9OT05hTTlFClN3SURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K",
+#   "ip": "http://operator1:3030"
+#   },
+#   {
+#   "id": 2,
+#   "public_key": "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdnRVRWFlallqY3pBUWhnSTQ0S3cKcGZYZjhCNk1ZUjhOMzFmRVFLRGRDVmo5dUNPcHVybzYzSDdxWXNzMzVGaVdxNmRwMjR3M0dCRTAzR1llU1BSZgowTEVBVEJkYlhCVkY3WGR6ei9sV2UrblJNRG1Xdm1DTUZjRlRPRU5FYmhuTXVjOEQ1K3ZFTmo5cTQzbE4vejhqCmE2T2M4S2tEL2E4SW02Nm54ZkRhMjFyMzNaSW9GL1g5d0g2K25EN3Jockx5bzJub1lxaVJpT1NTTkp2R25UY08KazBmckk4b2xFNjR1clhxWXFLN2ZicXNaN082NnphN2ROTmc3MW1EWHlpdDlSTUlyR3lSME5xN0FUSkxwbytoTApEcldoY0h4M0NWb1dQZzNuR2phN0duVFhXU2FWb1JPSnBRVU9oYXgxNVJnZ2FBOHpodGgyOUorNnNNY2R6ZitQCkZ3SURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K",
+#   "ip": "http://operator2:3030"
+#   },
+#   {
+#   "id": 3,
+#   "public_key": "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdlFhZlo0ODJQYXRsYnRrOVdIb2MKZDBWdWNWWDk4QUlzenAvazlFTlYyQU82SVhQUXVqU1BtdUZrQTlibThsSllnWTJPb0lQU0RmK1JHWGNMc2R0VApzdEJhQ2JPL0pMOFlSejk4NURKejhBRlhDU0J3bW5mbzROSFptUjJGMVdMTE5CS2wzdVQ5Q1VLbC9RUnpKRFF1CjNNYVJ6eE5FVmdONWtvU1Nid0NxVDNDSCtjam5QU0pIeGhiaTNTaldOSnJFb3ZRUmN3ZUlpYXRrZEdVNWJOUkoKUW1LVldhYzhzVklYN2NDNE54V2RDNG1VM1RPK2Vlei90N2xVcnhSNjdnb21TbGdwaU5weFJ1M2dFajRkSWpINwpsZDlTYW1ObEJPeHV5N0lFMEJpdm5nSUdIKzVwcXZVTXhoM0N5WkVtMjFHd3JTRFhqcVpwWG92OEUwQkQ5eGY4ClN3SURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K",
+#   "ip": "http://operator3:3030"
+#   },
+#   {
+#   "id": 4,
+#   "public_key": "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBeFRWM2I5OHU4NmtzcEhQcWgrS2QKKzRHd0lSeEhwRHpEZjVlc3hjZytxaTlvbDRERmplUXMrbGloeUp5cGdOMXJwdTlQVnR5cXp2K3k5cEVNa0VXTgovYjBUQmdRMEp5TzdmNGliY1d5UUcrNGhVUS9XY3h1ZW5aUDA3S0VwTjh4Tk8xN3BzbmhRMXRqQVhybDNGN1lYCmlZdXl5Z0Rta2w0YjYrUDR6MjNhR01VSEtnTnJ5aFlZTFV4dWdycDVRTnJTV3lXNXFtb2EvYnJDenQ2RFJYb1UKU25JSkpSUVpPS2NnckdKMHVBYjJDRmtsL0xuaElxT2RZZ21aUG9oRmprVEorRnZNdkZsMjAwZ1BHbVpxUS9MMgpsM2ZBdmhZYlZRMlRVeUtmU2orYXZ1WUFZZnhKeG5OcWlmdkNkVGNmQzc3c0N0eFFERWVjY0pTVnVDbGZWeTFZCll3SURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K",
+#   "ip": "http://operator4:3030"
+#   }]'
+operatorsInfoPath: /data/initiator/operators_info.json
+outputPath: /data/initiator/output
+logLevel: info
+logFormat: json
+logLevelFormat: capitalColor
+logFilePath: /data/initiator/output/initiator_debug.log
+# clientCACertPath: /data/initiator/rootCA.crt
+proofsFilePath: /data/initiator/output/ceremony-2024-04-22--16-36-19.354/proofs.json