Skip to content

Split request_signature into separate paths that return JSON #350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ltitanb merged 107 commits into from
Aug 19, 2025
Merged

Split request_signature into separate paths that return JSON #350

ltitanb merged 107 commits into from
Aug 19, 2025

Conversation

@jclapis
Copy link
Collaborator

@jclapis jclapis commented Jul 29, 2025
edited
Loading

This PR does a few things:

  1. Splits the old /request_signature route of the signer service, which took a type, into three subroutes with the types baked in:
  • /request_signature/bls
  • /request_signature/proxy-bls
  • /request_signature/proxy-ecdsa
  1. Refactors the response from the above to return a full JSON object rather than just a raw signature string, e.g.:
{
  "pubkey": "0x883827193f7627cd04e621e1e8d56498362a52b2a30c9a1c72036eb935c4278dee23d38a24d2f7dda62689886f0c39f4",
  "object_root": "0x0123456789012345678901234567890123456789012345678901234567890123",
  "module_signing_id": "0x6a33a23ef26a4836979edff86c493a69b26ccf0b4a16491a815a13787657431b",
  "signature": "0xa43e623f009e615faa3987368f64d6286a4103de70e9a81d82562c50c91eae2d5d6fb9db9fe943aa8ee42fd92d8210c1149f25ed6aa72a557d74a0ed5646fdd0e8255ec58e3e2931695fe913863ba0cdf90d29f651bce0a34169a6f6ce5b3115"
}

This provides a complete capture of everything needed to verify a signature so it can be routed into middleware without needing prior any context for validation.

ltitanb and others added 30 commits May 13, 2025 17:17
@ltitanb @jclapis
bump version
c68125d
@jclapis
Successful cross-compilation, but runtime has memory allocation issues
d9979a2
@jclapis
Working with OpenSSL static-linked
97ef653
@jclapis
Got dynamic linking working, added a feature flag to toggle dynamic v…
91eefe2 
…s. static
@jclapis
Fixed the vendored build arg
de09415
@jclapis
Reintroduced the cargo chef setup
3aee63d
@jclapis
Ported the cross-compilation stuff into PBS
c07c717
@jclapis
Split the dockerfiles into separate builder / image definitions
699b7ec
@jclapis
Added a build guide
7165f12
@jclapis
Refactored the Github release action to use the Docker builder
9438dae
@jclapis
Fixed the Docker image binary filenames
12c020a
@jclapis
Cleaned up the Darwin artifact step
53cafc0
@jclapis
Made the CI workflow and justfile use the same toolchain as the source
58c6117
@jclapis
Revert "Made the CI workflow and justfile use the same toolchain as t…
45e581b 
…he source"

This reverts commit 58c6117.
@jclapis
Testing removal of OpenSSL vendored option
24a10c5
@jclapis
Updating just in the CI workflow
e36da54
@jclapis
Merge branch 'main' into cross-compile
843b110
@jclapis
Refactored the signer to support host and port config settings
e7c6d19
@jclapis
Updated docs
6117219
@jclapis
Fixing Clippy in CI workflow
c0f591d
@jclapis
Removed obviated CI setup
adbd34a
@jclapis
Minor dedup of RwLock guard acquisition
e3488b3
@jclapis
Added rate limiting for signer clients with repeated JWT auth failures
c3d7ec4
@jclapis
Added Signer config validation
9ddad64
@jclapis
Started unit test setup for the Signer
c62185e
@jclapis
Finished a basic signer module unit test
dc73c62
@jclapis
Added a JWT failure unit test
6c3d967
@jclapis
Added a rate limit test and cleaned up a bit
6464638
@jclapis
Added unique ports to unit tests for parallel execution
0313f18
@jclapis
Cleaned up the build Dockerfile and removed an extra dependency layer
346eea4
Base automatically changed from update-cbst2-02 to prevent-cross-module-sigs July 30, 2025 18:42
@jclapis jclapis marked this pull request as ready for review July 31, 2025 03:39
ltitanb
ltitanb requested changes Aug 14, 2025
View reviewed changes
@jclapis jclapis changed the base branch from prevent-cross-module-sigs to sigp-audit-fixes August 19, 2025 05:02
@ltitanb ltitanb merged commit af13089 into sigp-audit-fixes Aug 19, 2025
1 of 2 checks passed
@ltitanb ltitanb deleted the signer-json-api branch August 19, 2025 18:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ltitanb ltitanb ltitanb approved these changes

@ManuelBilbao ManuelBilbao Awaiting requested review from ManuelBilbao

Assignees

@jclapis jclapis

Labels

signer Signer module

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jclapis @ltitanb