Allow VC to create password files via HTTP API

2026-03-22 06:14:38 +00:00 · 2022-08-29 15:30:02 +10:00
parent be8463770f
commit 2abde0b666
15 changed files with 189 additions and 47 deletions
--- a/common/validator_dir/src/builder.rs
+++ b/common/validator_dir/src/builder.rs
@@ -78,6 +78,13 @@ impl<'a> Builder<'a> {
        self
    }

+    /// Optionally supply a directory in which to store the passwords for the validator keystores.
+    /// If `None` is provided, do not store the password.
+    pub fn password_dir_opt(mut self, password_dir_opt: Option<PathBuf>) -> Self {
+        self.password_dir = password_dir_opt;
+        self
+    }
+
    /// Build the `ValidatorDir` use the given `keystore` which can be unlocked with `password`.
    ///
    /// The builder will not necessarily check that `password` can unlock `keystore`.
@@ -234,7 +241,7 @@ impl<'a> Builder<'a> {
                if self.store_withdrawal_keystore {
                    // Write the withdrawal password to file.
                    write_password_to_file(
-                        password_dir.join(withdrawal_keypair.pk.as_hex_string()),
+                        keystore_password_path(&password_dir, &withdrawal_keystore),
                        withdrawal_password.as_bytes(),
                    )?;

@@ -250,7 +257,7 @@ impl<'a> Builder<'a> {
        if let Some(password_dir) = self.password_dir.as_ref() {
            // Write the voting password to file.
            write_password_to_file(
-                password_dir.join(format!("0x{}", voting_keystore.pubkey())),
+                keystore_password_path(&password_dir, &voting_keystore),
                voting_password.as_bytes(),
            )?;
        }
@@ -262,6 +269,12 @@ impl<'a> Builder<'a> {
    }
 }

+pub fn keystore_password_path<P: AsRef<Path>>(password_dir: P, keystore: &Keystore) -> PathBuf {
+    password_dir
+        .as_ref()
+        .join(format!("0x{}", keystore.pubkey()))
+}
+
 /// Writes a JSON keystore to file.
 fn write_keystore_to_file(path: PathBuf, keystore: &Keystore) -> Result<(), Error> {
    if path.exists() {
--- a/common/validator_dir/src/lib.rs
+++ b/common/validator_dir/src/lib.rs
@@ -15,6 +15,6 @@ pub use crate::validator_dir::{
    ETH1_DEPOSIT_TX_HASH_FILE,
 };
 pub use builder::{
-    Builder, Error as BuilderError, ETH1_DEPOSIT_DATA_FILE, VOTING_KEYSTORE_FILE,
-    WITHDRAWAL_KEYSTORE_FILE,
+    keystore_password_path, Builder, Error as BuilderError, ETH1_DEPOSIT_DATA_FILE,
+    VOTING_KEYSTORE_FILE, WITHDRAWAL_KEYSTORE_FILE,
 };
--- a/common/validator_dir/src/validator_dir.rs
+++ b/common/validator_dir/src/validator_dir.rs
@@ -1,5 +1,5 @@
 use crate::builder::{
-    ETH1_DEPOSIT_AMOUNT_FILE, ETH1_DEPOSIT_DATA_FILE, VOTING_KEYSTORE_FILE,
+    keystore_password_path, ETH1_DEPOSIT_AMOUNT_FILE, ETH1_DEPOSIT_DATA_FILE, VOTING_KEYSTORE_FILE,
    WITHDRAWAL_KEYSTORE_FILE,
 };
 use deposit_contract::decode_eth1_tx_data;
@@ -219,9 +219,7 @@ pub fn unlock_keypair<P: AsRef<Path>>(
    )
    .map_err(Error::UnableToReadKeystore)?;

-    let password_path = password_dir
-        .as_ref()
-        .join(format!("0x{}", keystore.pubkey()));
+    let password_path = keystore_password_path(password_dir, &keystore);
    let password: PlainText = read(&password_path)
        .map_err(|_| Error::UnableToReadPassword(password_path))?
        .into();