Add endpoints for event based decryption triggers #79
Conversation
Note: it changed from 'use 3rd party tooling' but does not mention, that the provided compiler implementation is opinionated, and 3rd party tooling could provide more flexible event triggers. Namely triggers that allow for some parameters to be omitted, e.g. topic0
… get_data_for_encryption endpoint
| ) *CryptoService { | ||
| return &CryptoService{ | ||
| CryptoUsecase: usecase.NewCryptoUsecase(db, contract.ShutterRegistryContract, contract.KeyperSetManagerContract, contract.KeyBroadcastContract, ethClient, config), | ||
| CryptoUsecase: usecase.NewCryptoUsecase(db, contract.ShutterRegistryContract, contract.ShutterEventRegistryContract, contract.KeyperSetManagerContract, contract.KeyBroadcastContract, ethClient, config), |
There was a problem hiding this comment.
I understand the API can still be deployed even if the event registry contract isn’t deployed; event endpoints will just fail at runtime with a 500 error. Nice‑to‑have: add a feature flag to enable/disable event triggers while still serving endpoints. If the contract isn’t deployed, return a 503 Service Unavailable error. Not required for the upcoming deployment.
| // @Description Retrieves all the necessary data required by clients for encrypting any message. Supports both time-based and event-based identity computation. If triggerDefinition is provided, the identity will be computed for event-based triggers. Otherwise, it uses time-based identity computation. | ||
| // @Tags Crypto | ||
| // @Produce json | ||
| // @Param address query string true "Ethereum address associated with the identity. If you are registering the identity yourself, pass the address of the account making the registration. If you want the API to register the identity on gnosis mainnet, pass the address: 0x228DefCF37Da29475F0EE2B9E4dfAeDc3b0746bc. For chiado pass the address: 0xb9C303443c9af84777e60D5C987AbF0c43844918" |
There was a problem hiding this comment.
We should clarify here that users are not able to register event-based identities by themselves, and should always use the API address. Please find below a suggested update:
Ethereum address associated with the identity.
Time‑based: use the address that will register the identity (your account if self‑registering, or the API signer address below if you are using the API register endpoint).
Event‑based (triggerDefinition provided): users cannot self‑register because the registry is owner‑only, please use the API signer address below.
Gnosis Mainnet API address: 0x228DefCF37Da29475F0EE2B9E4dfAeDc3b0746bc
Chiado API address: 0xb9C303443c9af84777e60D5C987AbF0c43844918
|
|
||
| identity := common.ComputeIdentity(identityPrefix[:], newSigner.From) | ||
|
|
||
| // TODO: check for already registered identities also against event based triggers! |
There was a problem hiding this comment.
We should implement this cross-check in both time-based and event-based identity registrations to avoid identity collisions where a timestamp trigger could release an event-based identity and vice-versa.
There was a problem hiding this comment.
This might not be needed if we compute the identities following my comment on identity calculation.
| return crypto.Keccak256(imageBytes) | ||
| } | ||
|
|
||
| func ComputeEventIdentity(prefix []byte, sender common.Address, triggerDefinition []byte) []byte { |
There was a problem hiding this comment.
The event identity calculation is inconsistent with the calculation in rolling shutter: https://github.com/shutter-network/rolling-shutter/blob/main/rolling-shutter/keyperimpl/shutterservice/eventtriggerregisteredprocessor.go#L123C6-L123C33
To make event triggers safe long‑term, we could:
-
Align identity derivation across repos (update rolling‑shutter to match API), and additionally add a domain separator, and enforce uniqueness on‑chain (requires a contract update). Suggested formula: eventIdentity = keccak(prefix + sender + 0x01 + triggerDefinition) (time‑based stays keccak(prefix + sender)). This ensures time-based and event-based identities don't collide if the trigger definition is empty.
-
Reject empty/0x triggerDefinition for event registrations.
-
Add a mapping in ShutterEventTriggerRegistry to revert on duplicate identity. This prevents event‑event duplicates without relying on API/DB race checks. We currently update on conflict: https://github.com/shutter-network/rolling-shutter/blob/main/rolling-shutter/keyperimpl/shutterservice/database/sql/queries/shutterservice.sql#L31
|
|
||
| identity := common.ComputeIdentity(identityPrefix[:], ethCommon.HexToAddress(address)) | ||
| var identity []byte | ||
| if len(triggerDefinitionHex) > 0 { |
There was a problem hiding this comment.
We should check for 0x here and treat it as an invalid trigger definition
| METRICS_PORT=4000 | ||
| METRICS_PORT=4000 | ||
| SHUTTER_EVENT_REGISTRY_CONTRACT_ADDRESS= | ||
| WHITELISTED_TRIGGER_CONTRACT_ADDRESSES= |
There was a problem hiding this comment.
Maybe add a comment here on how to add addresses to this string, that they need to be comma-separated
| // - "name": <matching argument name from signature> | ||
| // - "op": <one of: lt, lte, eq, gte, gt> | ||
| // - "number": <integer argument for numeric comparison> | ||
| // - "bytes": <hex encoded byte argument for non numeric matches with 'op==eq'> |
There was a problem hiding this comment.
It would be helpful to add a short note to clarify how different params should be passed: indexed params (topics) are eq‑only. For indexed static types (address, uint256, bytes32), pass the hex representation. For indexed dynamic types (string, bytes, arrays), pass keccak256(value) as hex. For non‑indexed uint256, use number with lt/lte/eq/gte/gt. For other non‑indexed types, use bytes with op=eq hex‑encoded value.
| return shs.UintGt | ||
| case "gte": | ||
| return shs.UintGte | ||
| default: |
There was a problem hiding this comment.
Unknown ops should return an explicit error here
| } | ||
| lp.ValuePredicate.Op = shs.BytesEq | ||
| lp.ValuePredicate.ByteArgs = [][]byte{Align(val)} | ||
| length = uint64(len([]byte(arg.Bytes)) / 32) |
There was a problem hiding this comment.
len([]byte(arg.Bytes)) is the length of the hex string, not the decoded bytes, and would cause offset miscalculation later on.
This implements API endpoints for event based decryption triggers.
WIP/TODO:
TODOcommentsRegisterEventIdentityis untested so far/compile_event_trigger_definition,/register_event_trigger) to rate limitingFixes #74
See also https://github.com/shutter-network/shutter-api?tab=readme-ov-file#1b-register-an-identity-with-event-based-decryption-triggers-wip