Skip to content

feat(kms): enhance onboard page with site name, chain info, and k256 pubkey #571

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Leechael wants to merge 1 commit into
base: master
Choose a base branch
from
+39 −3
Draft

feat(kms): enhance onboard page with site name, chain info, and k256 pubkey #571

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions kms/kms.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,5 +46,8 @@ gateway_app_id = "any"
enabled = true
auto_bootstrap_domain = ""
quote_enabled = true
site_name = ""
eth_rpc_url = ""
kms_contract_address = ""
address = "0.0.0.0"
port = 8000
8 changes: 8 additions & 0 deletions kms/rpc/proto/kms_rpc.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,8 @@ message OnboardRequest {
}

message OnboardResponse {
// k256 public key (secp256k1) inherited from source KMS
bytes k256_pubkey = 1;
}

// Attestation info needed for on-chain KMS authorization.
Expand All @@ -143,6 +145,12 @@ message AttestationInfoResponse {
bytes os_image_hash = 3;
// Attestation mode (e.g. "dstack-tdx", "dstack-gcp-tdx")
string attestation_mode = 4;
// Custom site name for display
string site_name = 5;
// Ethereum RPC URL from auth API
string eth_rpc_url = 6;
// KMS contract address from auth API
string kms_contract_address = 7;
}

// The Onboard RPC service.
Expand Down
6 changes: 6 additions & 0 deletions kms/src/config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,4 +120,10 @@ pub(crate) struct OnboardConfig {
pub enabled: bool,
pub quote_enabled: bool,
pub auto_bootstrap_domain: String,
#[serde(default)]
pub site_name: String,
#[serde(default)]
pub eth_rpc_url: String,
#[serde(default)]
pub kms_contract_address: String,
}
6 changes: 5 additions & 1 deletion kms/src/onboard_service.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,9 +92,10 @@ impl OnboardRpc for OnboardHandler {
)
.await
.context("Failed to onboard")?;
let k256_pubkey = keys.k256_key.verifying_key().to_sec1_bytes().to_vec();
keys.store(&self.state.config)
.context("Failed to store keys")?;
Ok(OnboardResponse {})
Ok(OnboardResponse { k256_pubkey })
}

async fn get_attestation_info(self) -> Result<AttestationInfoResponse> {
Expand Down Expand Up @@ -135,6 +136,9 @@ impl OnboardRpc for OnboardHandler {
mr_aggregated: app_info.mr_aggregated.to_vec(),
os_image_hash: app_info.os_image_hash,
attestation_mode,
site_name: self.state.config.onboard.site_name.clone(),
eth_rpc_url: self.state.config.onboard.eth_rpc_url.clone(),
kms_contract_address: self.state.config.onboard.kms_contract_address.clone(),
})
}

Expand Down
19 changes: 17 additions & 2 deletions kms/src/www/onboard.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@

<body>
<div id="app" class="container">
<h1>dstack KMS Setup</h1>
<h1>{{ siteName || 'dstack KMS Setup' }}</h1>

<div v-if="attestationLoading" class="loading">Loading attestation info...</div>
<div v-else-if="attestationError" class="error">Attestation info: {{ attestationError }}</div>
Expand All @@ -176,6 +176,14 @@ <h3>Attestation Info (for on-chain registration)</h3>
<span class="info-label">OS Image Hash:</span>
<span class="info-value">0x{{ attestationInfo.os_image_hash }}</span>
</div>
<div v-if="attestationInfo.eth_rpc_url" class="info-row">
<span class="info-label">ETH RPC URL:</span>
<span class="info-value">{{ attestationInfo.eth_rpc_url }}</span>
</div>
<div v-if="attestationInfo.kms_contract_address" class="info-row">
<span class="info-label">KMS Contract:</span>
<span class="info-value">{{ attestationInfo.kms_contract_address }}</span>
</div>
</div>

<div v-if="!setupFinished">
Expand Down Expand Up @@ -261,7 +269,8 @@ <h2>Onboard from an Existing KMS Instance</h2>
setupFinished: false,
attestationInfo: null,
attestationLoading: true,
attestationError: ''
attestationError: '',
siteName: ''
}
},
async mounted() {
Expand All @@ -271,6 +280,9 @@ <h2>Onboard from an Existing KMS Instance</h2>
this.attestationError = data.error;
} else {
this.attestationInfo = data;
if (data.site_name) {
this.siteName = data.site_name;
}
}
} catch (err) {
this.attestationError = err.message;
Expand Down Expand Up @@ -310,6 +322,9 @@ <h2>Onboard from an Existing KMS Instance</h2>
if (data.error) throw new Error(data.error);

this.success = 'Onboarding successful!';
this.result = JSON.stringify({
k256Pubkey: '0x' + data.k256_pubkey,
}, null, 2);
this.error = '';
} catch (err) {
this.error = err.message;
Expand Down
Loading