Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: transfer set up from a covenant signer to a covenant emulator #50

Merged
merged 42 commits into from
Dec 17, 2024
Merged
Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
ecf7bf1
Create transfer-setup.md
samricotta Nov 29, 2024
37764a4
Update transfer-setup.md
samricotta Nov 29, 2024
44b4c1e
Update transfer-setup.md
samricotta Nov 29, 2024
6ac5008
Update transfer-setup.md
samricotta Nov 29, 2024
b9f29a5
Update transfer-setup.md
samricotta Nov 29, 2024
fa4f3df
Update transfer-setup.md
samricotta Nov 29, 2024
8d9c94b
Update docs with new flow
samricotta Dec 2, 2024
df33891
Update README.md
samricotta Dec 2, 2024
c17fc3a
Update README.md
samricotta Dec 2, 2024
e0fd704
Update README.md
samricotta Dec 2, 2024
6133297
Update README.md
samricotta Dec 2, 2024
91f44a2
Update README.md
samricotta Dec 2, 2024
934babb
Update README.md
samricotta Dec 2, 2024
30d7c56
updates
samricotta Dec 2, 2024
da0bae2
part 2 updates review
samricotta Dec 3, 2024
9c303ec
Update transition-guide.md
samricotta Dec 3, 2024
024b11b
Update transition-guide.md
samricotta Dec 3, 2024
bb527e4
update toc
samricotta Dec 3, 2024
5e2d29f
last updates for emulator and signer
samricotta Dec 3, 2024
137bc87
add a bit
vitsalis Dec 3, 2024
00b34a2
update docs for signer and emulator
samricotta Dec 4, 2024
79eb0a5
Update transition-from-phase1.md
samricotta Dec 4, 2024
8e22d54
Update transition-from-phase1.md
samricotta Dec 6, 2024
2489ba6
review
samricotta Dec 9, 2024
9b5aa4e
comments
samricotta Dec 11, 2024
2db34ca
chore: add show key command that prints the pub key (#49)
RafilxTenfen Nov 29, 2024
6dd0c8c
feat: Add docker workflows for covenant_signer (#51)
maiquanghiep Dec 3, 2024
cce0e5d
Add cosmos tag for CosmosKeyStoreConfig (#52)
maiquanghiep Dec 3, 2024
7f4c9fe
chore: bump workflows version (#56)
maiquanghiep Dec 5, 2024
17b8e01
chore: bump babylon to v0.18.0 and update min unbonding time blocks (…
RafilxTenfen Dec 5, 2024
3a9ca04
chore: add release to changelog (#58) (#59) (#64)
RafilxTenfen Dec 9, 2024
0627fc2
feat: add babylon address to keys output (#63)
RafilxTenfen Dec 9, 2024
928a690
Update covenant-emulator-setup.md
samricotta Dec 11, 2024
39dc75f
Update covenant-emulator-setup.md
samricotta Dec 11, 2024
227bb8c
Merge branch 'main' of github.com:babylonlabs-io/covenant-emulator in…
RafilxTenfen Dec 11, 2024
3af1b93
Delete emulator-installation.md
samricotta Dec 11, 2024
6a5cfd2
comments
samricotta Dec 12, 2024
667dc80
Update transition-from-phase1.md
samricotta Dec 12, 2024
8bdbee4
restructuring
vitsalis Dec 16, 2024
4c1ed11
wip
samricotta Dec 16, 2024
9068a22
Merge branch 'main' into sam/docs-import
samricotta Dec 17, 2024
c0e65a9
small changes
samricotta Dec 17, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
307 changes: 307 additions & 0 deletions covenant-signer/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,307 @@
# Covenant Signer
samricotta marked this conversation as resolved.
Show resolved Hide resolved
vitsalis marked this conversation as resolved.
Show resolved Hide resolved

## Table of Contents
1. [Purpose of this guide](#purpose-of-this-guide)
2. [Prerequisites](#prerequisites)
3. [Install covenant emulator](#install-covenant-emulator)
4. [Export the key from the Bitcoin node](#export-the-key-from-the-bitcoin-node)
5. [Import the key into the cosmos keyring](#import-the-key-into-the-cosmos-keyring)
6. [Create the configuration file](#create-the-configuration-file)
7. [Running the Covenant Signer](#running-the-covenant-signer)
8. [Using the covenant signer for signing transactions](#using-the-covenant-signer-for-signing-transactions)

## 1. Purpose of this guide

This guide outlines the setup and configuration of the
[covenant signer](https://github.com/babylonlabs-io/covenant-emulator/tree/main/covenant-signer).
in conjunction with the [covenant emulator](https://github.com/babylonlabs-io/covenant-emulator).

## 2. Prerequisites

To successfully complete this guide, ensure the following setup and resources
are in place:

1. Setup of bitcoin node in order to retrieve keys. For more information, refer to
[Bitcoin Node Setup](https://github.com/babylonlabs-io/covenant-signer/blob/main/docs/deployment.md#2-bitcoind-setup).
2. Ensure you have access to the private Bitcoin key, also referred to as the
covenant emulator key, which will be used for signing operations.

## 3. Install covenant signer binary

If you havent already, download [Golang 1.21](https://go.dev/dl) 
samricotta marked this conversation as resolved.
Show resolved Hide resolved

Using the go version 1.21. Once installed run:
samricotta marked this conversation as resolved.
Show resolved Hide resolved

```shell
go version
```

Subsequently clone the covenant [repository](https://github.com/babylonlabs-io/covenant-emulator).

```shell
git clone [email protected]:babylonlabs-io/covenant-emulator.git
cd covenant-emulator
git checkout <tag>
samricotta marked this conversation as resolved.
Show resolved Hide resolved
```

Run the following command to build the binaries and
install them to your `$GOPATH/bin` directory:

```shell
cd covenant-signer
make install
```

This command will:
- Build and compile all Go packages
- Install `covenant-signer` binary to `$GOPATH/bin`
- Make commands globally accessible from your terminal

If your shell cannot find the installed binary, make sure `$GOPATH/bin` is in
the `$PATH` of your shell. Use the following command to add it to your profile
depending on your shell.

```shell
export PATH=$HOME/go/bin:$PATH
echo 'export PATH=$HOME/go/bin:$PATH' >> ~/.profile
```

## 4. Export the key from the Bitcoin node

At this stage, you should already have access to the Bitcoin node.
If you need a refresher on setting up `bitcoind`, refer to the [setup guide](https://github.com/babylonlabs-io/covenant-signer/blob/main/docs/deployment.md#2-bitcoind-setup).
Once you have node access, you can proceed with the next steps.

Load wallet with your covenant key.
samricotta marked this conversation as resolved.
Show resolved Hide resolved

```shell
bitcoind bitcoin-cli loadwallet "covenant-wallet"
```

If we want to then confirm that this was successful, we can then retrieve
information about our address to the corresponding key that was returned.
samricotta marked this conversation as resolved.
Show resolved Hide resolved

```shell
bitcoind bitcoin-cli getaddressinfo bcrt1qazasawj3ard0ffwj04zpxlw2pt9cp7kwmnqyvk
```

This should generate output information on your address.

```json
{
"address": "bcrt1qazasawj3ard0ffwj04zpxlw2pt9cp7kwmnqyvk",
"scriptPubKey": "0014e8bb0eba51e8daf4a5d27d44137dca0acb80face",
"ismine": true,
"solvable": true,
"desc": "wpkh([5e174bde/84h/1h/0h/0/0]023a79b546c79d7f7c5ff20620d914b5cf7250631d12f6e26427ed9d3f98c5ccb1)#ye9usklr",
"parent_desc": "wpkh([5e174bde/84h/1h/0h]tpubDDeLN74J6FLfbwXGzwrqQ8ZCG9e4c9uVLP5TjLxLwZVNewFwZ5qB14mu7Fa1g1MStVvUAwXDZHkBzjjNpiRCq9JoA8yxDW9hh7xyqGkhter/0/*)#59fjcx8s",
"iswatchonly": false,
"isscript": false,
"iswitness": true,
"witness_version": 0,
"witness_program": "e8bb0eba51e8daf4a5d27d44137dca0acb80face",
"pubkey": "023a79b546c79d7f7c5ff20620d914b5cf7250631d12f6e26427ed9d3f98c5ccb1",
"ischange": false,
"timestamp": 1732624709,
"hdkeypath": "m/84h/1h/0h/0/0",
"hdseedid": "0000000000000000000000000000000000000000",
"hdmasterfingerprint": "5e174bde",
"labels": [
""
]
}
```

The most important field to focus on is `hdkeypath` that contains derivation path
samricotta marked this conversation as resolved.
Show resolved Hide resolved
of our key. In the example it is `84h/1h/0h/0/0` (the intilal `m/` can be ignored).

Next, list all descriptors in the wallet, ensuring that private keys are included
samricotta marked this conversation as resolved.
Show resolved Hide resolved
in the output:

```shell
docker exec -it bitcoind bitcoin-cli -chain=regtest -rpcuser=user -rpcpassword=pass listdescriptors true
samricotta marked this conversation as resolved.
Show resolved Hide resolved
```

The terminal should produce output similar to the following:

```json
{
"wallet_name": "covenant-wallet",
"descriptors": [
{
"desc": "wpkh(tprv8ZgxMBicQKsPe9aCeUQgMEMy2YMZ6PHnn2iCuG12y5E8oYhYNEvUqUkNy6sJ7ViBmFUMicikHSK2LBUNPx5do5EDJBjG7puwd6azci2wEdq/84h/1h/0h/0/*)#sachkrde",
"timestamp": 1732624709,
"active": true,
"internal": false,
"range": [
0,
1000
],
"next": 1,
"next_index": 1
}
...
]
}

samricotta marked this conversation as resolved.
Show resolved Hide resolved
```

The most important field to note is the `desc` value:

```json
"desc": "wpkh(tprv8ZgxMBicQKsPe9aCeUQgMEMy2YMZ6PHnn2iCuG12y5E8oYhYNEvUqUkNy6sJ7ViBmFUMicikHSK2LBUNPx5do5EDJBjG7puwd6azci2wEdq/84h/1h/0h/0/*)#sachkrde"
```

Here, you can see the string starting with `tprv8ZgxMBicQKsPe9aCeUQgMEMy2YMZ6PHnn2iCuG12y5E8oYhYNEvUqUkNy6sJ7ViBmFUMicikHSK2LBUNPx5do5EDJBjG7puwd6azci2wEdq`is the **base58-encoded master private key** of the covenant wallet. This key is critical for signing operations and should be securely stored.
samricotta marked this conversation as resolved.
Show resolved Hide resolved


#### Deriving the Covenant Private Key from the Master Key
samricotta marked this conversation as resolved.
Show resolved Hide resolved

You can derive the covenant private key from the master key by performing a **BIP32 derivation**. The `covenant-signer`repository includes a command to accomplish this:

```shell
covenant-signer derive-child-key \ tprv8ZgxMBicQKsPe9aCeUQgMEMy2YMZ6PHnn2iCuG12y5E8oYhYNEvUqUkNy6sJ7ViBmFUMicikHSK2LBUNPx5do5EDJBjG7puwd6azci2wEdq \ 84h/1h/0h/0/0
samricotta marked this conversation as resolved.
Show resolved Hide resolved
```

The output will display the derived private and public keys:

```shell
Derived private key: fe1c56c494c730f13739c0655bf06e615409870200047fc65cdf781837cf7f06
Derived public key: 023a79b546c79d7f7c5ff20620d914b5cf7250631d12f6e26427ed9d3f98c5ccb1
```

As seen, the **Derived Public Key**:

```
023a79b546c79d7f7c5ff20620d914b5cf7250631d12f6e26427ed9d3f98c5ccb1
```

Matches the public key obtained earlier using the `getaddressinfo` command.

#### Importing the Derived Private Key into the Cosmos Keyring

The derived private key can now be imported into the Cosmos keyring. Use the
following command:

```shell
babylond keys import-hex cov fe1c56c494c730f13739c0655bf06e615409870200047fc65cdf781837cf7f06
```

To confirm that the import was successful, run:

```shell
babylond keys show cov
```

The output will display the details of the imported key:

```shell
address: bbn1azasawj3ard0ffwj04zpxlw2pt9cp7kwjcdqmc
name: cov
pubkey: '{"@type":"/cosmos.crypto.secp256k1.PubKey","key":"Ajp5tUbHnX98X/IGINkUtc9yUGMdEvbiZCftnT+Yxcyx"}'
type: local

```

Here, the `key` field contains the base64-encoded public key. After decoding,
this key:

```shell
023a79b546c79d7f7c5ff20620d914b5cf7250631d12f6e26427ed9d3f98c5ccb1
```

Matches the public key derived earlier and seen in the outputs of `getaddressinfo` 
and `derive-child-key`.

Congratulations! You have successfully imported your keys from the prior setup
and verified your setup for the covenant emulator.

## 6. Create the configuration file

Use the example configuration [file](./example/config.toml) to create your own
configuration file. Then, replace the placeholder values with your own configuration.

```toml
[keystore]
keystore-type = "cosmos"

[keystore.cosmos]
# pointing to the directory where the key is stored, unless specified otherwise
key-directory = "/path/to/keydir"

# the backend to be used for storing the key, in this case file
keyring-backend = "file"

# the name of the key you used when importing the key
key-name = "your-key-name"

# the chain id of the chain to be used
chain-id = "your-chain-id"

[server-config]
samricotta marked this conversation as resolved.
Show resolved Hide resolved
host = "127.0.0.1"
port = 9791

[metrics]
samricotta marked this conversation as resolved.
Show resolved Hide resolved
host = "127.0.0.1"
port = 2113
```

samricotta marked this conversation as resolved.
Show resolved Hide resolved
## 7. Running the Covenant Signer

The covenant signer can be run using the following command:

```shell
covenant-signer start --config ./path/to/config.toml
```

the covenant signer must be run in a secure network and only accessible by the
samricotta marked this conversation as resolved.
Show resolved Hide resolved
covenant emulator.

Once the covenant signer is set up and unlocked, you can configure the covenant
emulator to use it. The URL of the covenant signer, which is http://127.0.0.1:9791,
should be specified in the covenant emulator's configuration file under the
remotesigner section.

It's important to note that the key specified in the covenant emulator's
samricotta marked this conversation as resolved.
Show resolved Hide resolved
configuration is not the covenant key itself. Instead, it is a
key used for sending Cosmos transactions.

samricotta marked this conversation as resolved.
Show resolved Hide resolved
## 8. Using the covenant signer for signing transactions

To enable signing transactions with the covenant key, you need to unlock it first.
samricotta marked this conversation as resolved.
Show resolved Hide resolved

```shell
curl -X POST http://127.0.0.1:9791/v1/unlock -d '{"passphrase": "<passphrase>"}'
```

Now that the key is unlocked you can add its url to the covenant emulator's
configuration file. See [here](./docs/transfer-setup.md#42-configure-the-covenant-emulator)
samricotta marked this conversation as resolved.
Show resolved Hide resolved
for more information.

You can sign transactions using the following command. However, ensure that both
the staking and unbonding transactions are provided in hex format:

```shell
curl -X POST http://127.0.0.1:9791/v1/sign-transactions \
-d '{
samricotta marked this conversation as resolved.
Show resolved Hide resolved
"staking_tx_hex": "",
"unbonding_tx_hex": ""
}'
```
samricotta marked this conversation as resolved.
Show resolved Hide resolved

This will generate a signature for the provided transactions and return it in JSON
format.

```json
{
"staking_tx_signature": "<hex_encoded_signature>",
"unbonding_tx_signature": "<hex_encoded_signature>"
}
```

These signatures can then be used to verify that the transactions were signed by
the covenant key.

Congratulations! You have successfully setup the covenant signer and are now able
to sign transactions with the covenant key.
Loading