Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

feat: extend privval to support signing raw bytes #5138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rach-id wants to merge 24 commits into
base: v0.38.x
Choose a base branch
Loading
from
Open

feat: extend privval to support signing raw bytes #5138

rach-id wants to merge 24 commits into from

Conversation

@rach-id
Copy link

@rach-id rach-id commented May 27, 2025
edited
Loading

Added a new method to the PrivValidator interface that enables validators to securely sign arbitrary raw bytes.

Implements #5126 in v0.38.x

I will open a PR for main after this one gets merged or when it's reviewed and the changes are agreed upon.

PR checklist

  • Tests written/updated
  • Changelog entry added in .changelog (we use unclog to manage our changelog)
  • Updated relevant documentation (docs/ or spec/) and code comments

@rach-id rach-id requested review from a team as code owners May 27, 2025 12:05
@ironbird-prod
Copy link

ironbird-prod bot commented May 27, 2025

Ironbird - launch a network To use Ironbird, you can use the following commands:
  • /ironbird start OR /ironbird start --load-test-config= - Launch a testnet with the specified chain and load test configuration.
  • /ironbird chains - List of chain images that ironbird can use to spin-up testnet
  • /ironbird loadtests - List of load test modes that ironbird can run against testnet
Custom Load Test Configuration You can provide a custom load test configuration using the `--load-test-config=` flag: 
/ironbird start cosmos --load-test-config={
  "block_gas_limit_target": 0.75,
  "num_of_blocks": 50,
  "msgs": [
    {"weight": 0.3, "type": "MsgSend"},
    {"weight": 0.3, "type": "MsgMultiSend"},
	{"weight": 0.4, "type": "MsgArr", "ContainedType": "MsgSend", "NumMsgs": 3300}
  ]
}

Use /ironbird loadtests to see more examples.

@zrbecker
Copy link

zrbecker commented May 27, 2025

This is added in v1.x. We are not planning on backporting this behavior to 0.38

melekes
melekes reviewed Jun 4, 2025
View reviewed changes
types/priv_validator.go Outdated Show resolved Hide resolved
privval/signer_client.go Show resolved Hide resolved
@melekes melekes requested a review from Copilot June 4, 2025 06:19

This comment was marked as outdated.

Sign in to view

@rach-id @melekes
Update types/priv_validator.go
fdec289 
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>
tony-iqlusion
tony-iqlusion reviewed Jun 5, 2025
View reviewed changes
types/priv_validator.go Outdated Show resolved Hide resolved
@rach-id @tony-iqlusion
Update types/priv_validator.go
37760be 
Co-authored-by: Tony Arcieri (iqlusion) <tony@iqlusion.io>
@github-actions
Copy link

github-actions bot commented Jun 16, 2025

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale For use by stalebot label Jun 16, 2025
melekes
melekes approved these changes Jun 16, 2025
View reviewed changes
Copy link
Contributor

@melekes melekes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zrbecker zrbecker removed the stale For use by stalebot label Jun 16, 2025
This was referenced Jun 23, 2025
Open
Open
@melekes melekes requested a review from Copilot June 24, 2025 06:39
Copilot AI reviewed Jun 24, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Adds support for signing arbitrary raw byte messages in the PrivValidator API, including new request/response types, client/server handling, implementations, and tests.

  • Extend PrivValidator with SignRawBytes and implement canonical signing bytes (RawBytesMessageSignBytes)
  • Define new protobuf messages (SignRawBytesRequest, SignedRawBytesResponse) and wire them through client/server/retry logic
  • Provide FilePV, MockPV, and end-to-end tests for raw-bytes signing

Reviewed Changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
types/priv_validator.go Added SignRawBytes method and RawBytesMessageSignBytes
types/priv_validator_test.go Tests for raw-bytes signing helper
proto/tendermint/privval/types.proto Added SignRawBytesRequest/SignedRawBytesResponse
privval/signer_requestHandler.go Handle SignRawBytesRequest in request handler
privval/signer_client.go Implement SignerClient.SignRawBytes
privval/retry_signer_client.go Retry logic for SignRawBytes
privval/msgs.go Wrap raw-bytes messages in mustWrapMsg
privval/file.go FilePV.SignRawBytes implementation
privval/signer_client_test.go Added TestSignerRawBytes
Comments suppressed due to low confidence (2)

privval/retry_signer_client.go:98

  • There are no tests covering RetrySignerClient.SignRawBytes; consider adding unit tests to validate retry and error paths.
func (sc *RetrySignerClient) SignRawBytes(chainID, uniqueID string, rawBytes []byte) ([]byte, error) {

types/priv_validator.go:21

  • [nitpick] Add a doc comment for the new SignRawBytes interface method to explain its purpose, parameters, and return values.
	SignRawBytes(chainID, uniqueID string, rawBytes []byte) ([]byte, error)

types/priv_validator.go Show resolved Hide resolved
privval/signer_requestHandler.go Show resolved Hide resolved
privval/signer_client_test.go Show resolved Hide resolved
privval/retry_signer_client.go Show resolved Hide resolved
privval/file.go Show resolved Hide resolved
@rach-id
Copy link
Author

rach-id commented Jun 24, 2025

@zrbecker any update on when this can be merged? it's currently blocking our throughput increase work. Thanks 🙏

@rach-id rach-id mentioned this pull request Jul 7, 2025
Draft
5 tasks
@aljo242
Copy link
Collaborator

aljo242 commented Jul 24, 2025

@rach-id looks like we have some CI failures

@rach-id
Copy link
Author

rach-id commented Jul 25, 2025

@aljo242 Thanks. I updated the lines that are related to this PR. However, the rest seem to be from the rest of the repo and should be handled in a separate PR better. I can open that PR if you prefer.

For the test, it's a flake that also used to happen in celestia-core and had to fix. So it's not related to the changes. It just needs to be restarted a couple times.

@rach-id
Copy link
Author

rach-id commented Aug 4, 2025

@aljo242 any update on this? We would really like to know the status of this PR, if there are any concerns that we can discuss, any improvements we should add to speed up shipping it. Thanks.

@tschuyebuhl tschuyebuhl mentioned this pull request Sep 19, 2025
Open
tony-iqlusion added a commit to iqlusioninc/tmkms that referenced this pull request Oct 30, 2025
@tony-iqlusion
Vendor protos and re-enable Celestia SignRawBytes* extension
b1b60c4 
Re-enables support for signing raw bytes using a consensus key,
originally added in #969.

That PR originally sourced its protos via git from:

https://github.com/rach-id/tendermint-rs/commits/rachid/generate-latest-v38-protos

To avoid the git dependency, this vendors the relevant protos, until
such a time that they can be merged into CometBFT properly, i.e.:

cometbft/cometbft#5138
@tony-iqlusion tony-iqlusion mentioned this pull request Oct 30, 2025
Merged
tony-iqlusion added a commit to iqlusioninc/tmkms that referenced this pull request Oct 30, 2025
@tony-iqlusion
Vendor protos and re-enable Celestia SignRawBytes* extension
6583e12 
Re-enables support for signing raw bytes using a consensus key,
originally added in #969.

That PR originally sourced its protos via git from:

https://github.com/rach-id/tendermint-rs/commits/rachid/generate-latest-v38-protos

To avoid the git dependency, this vendors the relevant protos, until
such a time that they can be merged into CometBFT properly, i.e.:

cometbft/cometbft#5138
tony-iqlusion added a commit to iqlusioninc/tmkms that referenced this pull request Oct 30, 2025
@tony-iqlusion
Vendor protos and re-enable Celestia SignRawBytes* extension (#1134)
3e74749 
Re-enables support for signing raw bytes using a consensus key,
originally added in #969.

That PR originally sourced its protos via git from:

https://github.com/rach-id/tendermint-rs/commits/rachid/generate-latest-v38-protos

To avoid the git dependency, this vendors the relevant protos, until
such a time that they can be merged into CometBFT properly, i.e.:

cometbft/cometbft#5138
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+3 more reviewers

@tony-iqlusion tony-iqlusion tony-iqlusion left review comments

@zrbecker zrbecker zrbecker approved these changes

@melekes melekes melekes approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@rach-id @zrbecker @aljo242 @melekes @tony-iqlusion
Morty Proxy This is a proxified and sanitized view of the page, visit original site.