CBST2-04: Update JWT secrets on reload and revoke module endpoint #295
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ltitanb
requested changes
Jul 8, 2025
ltitanb
requested changes
Jul 9, 2025
jclapis
requested changes
Jul 14, 2025
jclapis
approved these changes
Jul 22, 2025
sambacha
added a commit
to manifoldfinance/commit-boost-client
that referenced
this pull request
Aug 15, 2025
* bump version * Successful cross-compilation, but runtime has memory allocation issues * Working with OpenSSL static-linked * Got dynamic linking working, added a feature flag to toggle dynamic vs. static * Fixed the vendored build arg * Reintroduced the cargo chef setup * Ported the cross-compilation stuff into PBS * Split the dockerfiles into separate builder / image definitions * Added a build guide * Refactored the Github release action to use the Docker builder * Fixed the Docker image binary filenames * Cleaned up the Darwin artifact step * Made the CI workflow and justfile use the same toolchain as the source * Revert "Made the CI workflow and justfile use the same toolchain as the source" This reverts commit 58c6117. * Testing removal of OpenSSL vendored option * Updating just in the CI workflow * Refactored the signer to support host and port config settings * Updated docs * Fixing Clippy in CI workflow * Removed obviated CI setup * Minor dedup of RwLock guard acquisition * Added rate limiting for signer clients with repeated JWT auth failures * Added Signer config validation * Started unit test setup for the Signer * Finished a basic signer module unit test * Added a JWT failure unit test * Added a rate limit test and cleaned up a bit * Added unique ports to unit tests for parallel execution * Cleaned up the build Dockerfile and removed an extra dependency layer * Ported the build script over to the justfile * Added a justfile recipe for installing protoc * Update crates/cli/src/docker_init.rs Co-authored-by: ltitanb <163874448+ltitanb@users.noreply.github.com> * Added example signer config params * Cleaned up signer config loading from feedback * Added JWT auth fields to the example config * Started building the JWT config file * Added tests * Started migration from JWTS_ENV to the config file * Signing requests now uses the module's signing ID * Finished added signing ID support and a quick test * Fixed some example config parameters * Added a test to ensure modules can't create the same sigs * Made the jwt_config_file optional * Started working on docs * Redid implementation with the original JWTS env var * Started the signer doc * Overhauled the signing_id setup to be directly in the signed struct * Made proposer commitments nested Merkle trees to allow Dirk support * Added the signer request guide * Added quotes to some HTML * Added some simple JWT secret info * Adding a closing tag * Added prop commit signature verification helpers for modules to use * Fixed some params in da_commit * Cleaned load_module_signing_configs a bit * Fixed some docs language * Refactored into compute_prop_commit_signing_root * CBST2-04: Update JWT secrets on reload and revoke module endpoint (Commit-Boost#295) * Signing IDs are no longer optional in the config * Refactored some of the signer consts for consistency * Updated the Signer API docs * Merge sigp-audit-fixes (Commit-Boost#348) Co-authored-by: Manuel Iñaki Bilbao <manuel.bilbao@lambdaclass.com> Co-authored-by: ltitanb <163874448+ltitanb@users.noreply.github.com> * Move from [u8; 32] to B256 everywhere (Commit-Boost#347) * Cleaned up some hashmap usage * Removed compute_tree_hash_root() * Some minor cleanup * Fixed some docs --------- Co-authored-by: eltitanb <lorenzo@gattaca.com> Co-authored-by: Joe Clapis <jclapis@outlook.com> Co-authored-by: ltitanb <163874448+ltitanb@users.noreply.github.com> Co-authored-by: Manuel Iñaki Bilbao <manuel.bilbao@lambdaclass.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Now the
reloadendpoint on the signer module allows to update the JWT secrets too.Also, a new
revoke_moduleendpoint was added, to quickly remove the permissions for a compromised module.This two endpoints are now under a new middleware that validates a special "admin" JWT, whose secret is autogenerated on the
initcommand.