[Signing] Update executor block validator signer to use LoadedSigner,…

… add test key admin command (#1063)

networks/movement/movement-full-node/Cargo.toml

@@ -47,6 +47,10 @@ movement-signer = { workspace = true }
 movement-signer-loader = { workspace = true }
 syncador = { workspace = true }
 syncup = { workspace = true }
+aptos-crypto = { workspace = true }
+aptos-sdk = { workspace = true }
+k256 = { workspace = true }
+alloy-signer = { workspace = true }
 chrono = { workspace = true }
 
 [features]

networks/movement/movement-full-node/src/admin/mod.rs

@@ -5,6 +5,8 @@ pub mod governed_gas_pool;
 pub mod mcr;
 pub mod ops;
 pub mod rotate_key;
+pub mod testkey;
+
 use clap::Subcommand;
 
 #[derive(Subcommand, Debug)]
@@ -24,6 +26,8 @@ pub enum Admin {
 	Framework(framework::Framework),
 	#[clap(subcommand)]
 	Config(config::Config),
+	#[clap(subcommand)]
+	TestKey(testkey::TestKey),
 }
 
 impl Admin {
@@ -36,6 +40,7 @@ impl Admin {
 			Admin::Ops(ops) => ops.execute().await,
 			Admin::Framework(framework) => framework.execute().await,
 			Admin::Config(config) => config.execute().await,
+			Admin::TestKey(key) => key.execute().await,
 		}
 	}
 }

networks/movement/movement-full-node/src/admin/testkey/mod.rs

@@ -0,0 +1,77 @@
+use aptos_crypto::ed25519::Ed25519PublicKey;
+use aptos_sdk::types::transaction::authenticator::AuthenticationKey;
+use clap::Parser;
+use clap::Subcommand;
+use k256::ecdsa::VerifyingKey;
+use movement_signer::cryptography::ed25519::Ed25519;
+use movement_signer::cryptography::secp256k1::Secp256k1;
+use movement_signer::key::TryFromCanonicalString;
+use movement_signer::Signing;
+use movement_signer::Verify;
+use movement_signer_loader::identifiers::SignerIdentifier;
+use movement_signer_loader::{Load, LoadedSigner};
+
+#[derive(Subcommand, Debug)]
+#[clap(rename_all = "kebab-case", about = "Commands to test key name")]
+pub enum TestKey {
+	Ed25519(TestKeyParam),
+	Secp256k1(TestKeyParam),
+}
+
+impl TestKey {
+	pub async fn execute(&self) -> Result<(), anyhow::Error> {
+		match self {
+			TestKey::Ed25519(param) => param.execute_ed25519().await,
+			TestKey::Secp256k1(param) => param.execute_secp256k1().await,
+		}
+	}
+}
+
+#[derive(Debug, Parser, Clone)]
+#[clap(rename_all = "kebab-case", about = "Key to test.")]
+pub struct TestKeyParam {
+	#[clap(default_value = "{maptos,maptos-storage,movement-da-db}/**", value_name = "DB PATTERN")]
+	pub name: String,
+}
+
+impl TestKeyParam {
+	pub async fn execute_ed25519(&self) -> Result<(), anyhow::Error> {
+		let signer_identifier = SignerIdentifier::try_from_canonical_string(&self.name)
+			.map_err(|err| anyhow::anyhow!(err))?;
+		let loader: LoadedSigner<Ed25519> = signer_identifier.load().await?;
+
+		let public_key = Ed25519PublicKey::try_from(loader.public_key().await?.as_bytes())?;
+		let account_address = AuthenticationKey::ed25519(&public_key).account_address();
+
+		tracing::info!("Key loaded, account address:{account_address}");
+		tracing::info!("Try to sign a message ...");
+
+		let message = b"Hello, world!";
+		let signature = loader.sign(message).await?;
+		assert!(Ed25519::verify(message, &signature, &loader.public_key().await?)?);
+
+		tracing::info!("Message sign verify pass");
+
+		Ok(())
+	}
+	pub async fn execute_secp256k1(&self) -> Result<(), anyhow::Error> {
+		let signer_identifier = SignerIdentifier::try_from_canonical_string(&self.name)
+			.map_err(|err| anyhow::anyhow!(err))?;
+		let loader: LoadedSigner<Secp256k1> = signer_identifier.load().await?;
+		let pub_key = loader.public_key().await?;
+		let verify_key = VerifyingKey::from_sec1_bytes(pub_key.as_bytes())?;
+
+		let account_address = alloy_signer::utils::public_key_to_address(&verify_key);
+
+		tracing::info!("Key loaded, account address:{account_address}");
+		tracing::info!("Try to sign a message ...");
+
+		let message = b"Hello, world!";
+		let signature = loader.sign(message).await?;
+		assert!(Secp256k1::verify(message, &signature, &loader.public_key().await?)?);
+
+		tracing::info!("Message sign verify pass");
+
+		Ok(())
+	}
+}

networks/movement/movement-full-node/src/node/partial.rs

@@ -83,6 +83,7 @@ where
 impl MovementPartialNode<Executor> {
 	pub async fn try_executor_from_config(config: Config) -> Result<Executor, anyhow::Error> {
 		let executor = Executor::try_from_config(config.execution_config.maptos_config.clone())
+			.await
 			.context("Failed to create the inner executor")?;
 		Ok(executor)
 	}
@@ -142,6 +143,7 @@ impl MovementPartialNode<Executor> {
 
 		debug!("Creating the executor");
 		let executor = Executor::try_from_config(config.execution_config.maptos_config.clone())
+			.await
 			.context("Failed to create the inner executor")?;
 
 		let (settlement_manager, commitment_events) = if config.mcr.should_settle() {

process-compose/movement-full-node/process-compose.yml

@@ -43,7 +43,7 @@ processes:
 
   movement-full-node:
     command: |
-      movement-full-node run
+      RUST_BACKTRACE=1 movement-full-node run
     depends_on:
       movement-celestia-da-light-node:
         condition: process_healthy

protocol-units/da/movement/protocol/celestia-runners/src/bin/celestia-appd.rs

@@ -14,7 +14,7 @@ async fn main() -> Result<(), anyhow::Error> {
 
 	// get the config file
 	let dot_movement = dot_movement::DotMovement::try_from_env()?;
-	let mut config_file = dot_movement.try_get_or_create_config_file().await?;
+	let config_file = dot_movement.try_get_or_create_config_file().await?;
 
 	// get a matching godfig object
 	let godfig: Godfig<CelestiaDaLightNodeConfig, ConfigFile> =

protocol-units/da/movement/protocol/celestia-runners/src/bin/celestia-bridge.rs

@@ -13,7 +13,7 @@ async fn main() -> Result<(), anyhow::Error> {
 		.init();
 
 	let dot_movement = dot_movement::DotMovement::try_from_env()?;
-	let mut config_file = dot_movement.try_get_or_create_config_file().await?;
+	let config_file = dot_movement.try_get_or_create_config_file().await?;
 
 	// get a matching godfig object
 	let godfig: Godfig<CelestiaDaLightNodeConfig, ConfigFile> =

protocol-units/da/movement/protocol/celestia-runners/src/bin/celestia-light.rs

@@ -13,7 +13,7 @@ async fn main() -> Result<(), anyhow::Error> {
 		.init();
 
 	let dot_movement = dot_movement::DotMovement::try_from_env()?;
-	let mut config_file = dot_movement.try_get_or_create_config_file().await?;
+	let config_file = dot_movement.try_get_or_create_config_file().await?;
 
 	// get a matching godfig object
 	let godfig: Godfig<CelestiaDaLightNodeConfig, ConfigFile> =

protocol-units/da/movement/protocol/setup/src/arabica.rs

@@ -156,7 +156,6 @@ impl Arabica {
 		let max_retries = 10;
 		let retry_delay = 5;
 		let mut retry_count = 0;
-		let mut success = false;
 
 		while retry_count < max_retries {
 			let response = reqwest::Client::new()
@@ -183,7 +182,6 @@ impl Arabica {
 				let tx_hash =
 					tx_hash.as_str().context("Failed to convert the txHash field to a string.")?;
 				info!("Transaction hash: {}", tx_hash);
-				success = true;
 				break;
 			} else {
 				info!("Error: txHash field not found in the response.");

protocol-units/da/movement/protocol/setup/src/bin/setup.rs

@@ -14,7 +14,7 @@ async fn main() -> Result<(), anyhow::Error> {
 
 	// get the config file
 	let dot_movement = dot_movement::DotMovement::try_from_env()?;
-	let mut config_file = dot_movement.try_get_or_create_config_file().await?;
+	let config_file = dot_movement.try_get_or_create_config_file().await?;
 
 	// get a matching godfig object
 	let godfig: Godfig<CelestiaDaLightNodeConfig, ConfigFile> =

protocol-units/da/movement/protocol/util/src/bin/wait_for_light_node.rs

@@ -15,7 +15,7 @@ async fn main() -> Result<(), anyhow::Error> {
 
 	// get the config file
 	let dot_movement = dot_movement::DotMovement::try_from_env()?;
-	let mut config_file = dot_movement.try_get_or_create_config_file().await?;
+	let config_file = dot_movement.try_get_or_create_config_file().await?;
 
 	// get a matching godfig object
 	let godfig: Godfig<CelestiaDaLightNodeConfig, ConfigFile> =

protocol-units/execution/maptos/dof/src/v1.rs

@@ -32,8 +32,8 @@ impl Executor {
 		Self { executor, finality_view }
 	}
 
-	pub fn try_from_config(config: Config) -> Result<Self, anyhow::Error> {
-		let executor = OptExecutor::try_from_config(config)?;
+	pub async fn try_from_config(config: Config) -> Result<Self, anyhow::Error> {
+		let executor = OptExecutor::try_from_config(config).await?;
 		Ok(Self::new(executor))
 	}
 }
@@ -174,11 +174,11 @@ mod tests {
 
 	use std::collections::HashMap;
 
-	fn setup(mut maptos_config: Config) -> Result<(Executor, TempDir), anyhow::Error> {
+	async fn setup(mut maptos_config: Config) -> Result<(Executor, TempDir), anyhow::Error> {
 		let tempdir = tempfile::tempdir()?;
 		// replace the db path with the temporary directory
 		maptos_config.chain.maptos_db_path.replace(tempdir.path().to_path_buf());
-		let executor = Executor::try_from_config(maptos_config)?;
+		let executor = Executor::try_from_config(maptos_config).await?;
 		Ok((executor, tempdir))
 	}
 
@@ -205,7 +205,7 @@ mod tests {
 		config.chain.maptos_private_key_signer_identifier = SignerIdentifier::Local(Local {
 			private_key_hex_bytes: private_key.to_encoded_string()?.to_string(),
 		});
-		let (executor, _tempdir) = setup(config)?;
+		let (executor, _tempdir) = setup(config).await?;
 		let block_id = HashValue::random();
 		let block_metadata = executor
 			.build_block_metadata(block_id.clone(), chrono::Utc::now().timestamp_micros() as u64)
@@ -231,7 +231,7 @@ mod tests {
 		config.chain.maptos_private_key_signer_identifier = SignerIdentifier::Local(Local {
 			private_key_hex_bytes: private_key.to_encoded_string()?.to_string(),
 		});
-		let (executor, _tempdir) = setup(config.clone())?;
+		let (executor, _tempdir) = setup(config.clone()).await?;
 		let (tx_sender, mut tx_receiver) = mpsc::channel(16);
 		let (context, background) = executor.background(tx_sender, &config)?;
 		let services = context.services();
@@ -265,7 +265,7 @@ mod tests {
 		});
 		config.chain.maptos_read_only = true;
 		let (tx_sender, _tx_receiver) = mpsc::channel(16);
-		let (executor, _tempdir) = setup(config.clone())?;
+		let (executor, _tempdir) = setup(config.clone()).await?;
 		let (context, background) = executor.background(tx_sender, &config)?;
 		let services = context.services();
 		let api = services.get_opt_apis();
@@ -295,7 +295,7 @@ mod tests {
 		config.chain.maptos_private_key_signer_identifier = SignerIdentifier::Local(Local {
 			private_key_hex_bytes: private_key.to_encoded_string()?.to_string(),
 		});
-		let (executor, _tempdir) = setup(config.clone())?;
+		let (executor, _tempdir) = setup(config.clone()).await?;
 		let (tx_sender, mut tx_receiver) = mpsc::channel(16);
 		let (context, background) = executor.background(tx_sender, &config)?;
 		let services = context.services();
@@ -356,7 +356,7 @@ mod tests {
 		config.chain.maptos_private_key_signer_identifier = SignerIdentifier::Local(Local {
 			private_key_hex_bytes: private_key.to_encoded_string()?.to_string(),
 		});
-		let (executor, _tempdir) = setup(config.clone())?;
+		let (executor, _tempdir) = setup(config.clone()).await?;
 		let (tx_sender, mut tx_receiver) = mpsc::channel(16);
 		let (context, background) = executor.background(tx_sender, &config)?;
 		let services = context.services();
@@ -438,7 +438,7 @@ mod tests {
 		// Create an executor instance from the environment configuration.
 		let config = Config::default();
 		let (tx_sender, _tx_receiver) = mpsc::channel(16);
-		let executor = Executor::try_from_config(config.clone())?;
+		let executor = Executor::try_from_config(config.clone()).await?;
 		let (context, background) = executor.background(tx_sender, &config)?;
 		let config = executor.config();
 		let services = context.services();
@@ -511,7 +511,7 @@ mod tests {
 		// Create an executor instance from the environment configuration.
 		let config = Config::default();
 		let (tx_sender, _tx_receiver) = mpsc::channel(16);
-		let executor = Executor::try_from_config(config.clone())?;
+		let executor = Executor::try_from_config(config.clone()).await?;
 		let (context, background) = executor.background(tx_sender, &config)?;
 		let config = executor.config();
 		let services = context.services();

protocol-units/execution/maptos/fin-view/src/fin_view.rs

@@ -79,7 +79,7 @@ mod tests {
 		// Create an Executor and a FinalityView instance from the environment configuration.
 		let config = Config::default();
 		let (tx_sender, _tx_receiver) = mpsc::channel(16);
-		let executor = Executor::try_from_config(config)?;
+		let executor = Executor::try_from_config(config).await?;
 		let (context, _transaction_pipe) = executor.background(tx_sender)?;
 		let finality_view = FinalityView::new(context.db_reader());
 		let service = finality_view.service(

protocol-units/execution/maptos/opt-executor/Cargo.toml

@@ -76,6 +76,7 @@ aptos-gas-schedule = { workspace = true }
 aptos-sdk = { workspace = true }
 tempfile = { workspace = true }
 movement-signer-loader = { workspace = true }
+movement-signer = { workspace = true }
 
 [dev-dependencies]
 dirs = { workspace = true }