diff --git a/rs/crypto/benches/ni_dkg.rs b/rs/crypto/benches/ni_dkg.rs index de2fb4aafe0..5ee0ab88d4e 100644 --- a/rs/crypto/benches/ni_dkg.rs +++ b/rs/crypto/benches/ni_dkg.rs @@ -29,7 +29,7 @@ fn crypto_nidkg_benchmarks(criterion: &mut Criterion) { let test_cases = test_cases(&[13, 28, 40]); for test_case in test_cases { - let group = &mut criterion.benchmark_group(test_case.name()); + let group = &mut criterion.benchmark_group(test_case.name().to_string()); group .sample_size(test_case.sample_size) .sampling_mode(test_case.sampling_mode); @@ -157,7 +157,7 @@ fn bench_load_transcript( env_to_copy.save_to_dir(path); ( - NiDkgTestEnvironment::new_from_dir(path, rng), + NiDkgTestEnvironment::new_from_dir_with_remote_vault(path, rng), transcript_to_load.clone(), config.random_receiver_id(rng), ) @@ -198,7 +198,7 @@ fn bench_retain_keys( // clean-up the dir if it exists let _ = std::fs::remove_dir_all(path); env_to_copy.save_to_dir(path); - let env = NiDkgTestEnvironment::new_from_dir(path, rng); + let env = NiDkgTestEnvironment::new_from_dir_with_remote_vault(path, rng); let mut transcripts = HashSet::new(); transcripts.insert(transcript1.clone()); @@ -299,7 +299,7 @@ fn prepare_create_reshare_dealing_test_vectors( .dealer_count(test_case.num_of_dealers) .max_corrupt_dealers(get_faults_tolerated(test_case.num_of_dealers)) .build(rng); - let mut env = NiDkgTestEnvironment::new_for_config(config0.get(), rng); + let mut env = NiDkgTestEnvironment::new_for_config_with_remote_vault(config0.get(), rng); let transcript0 = run_ni_dkg_and_create_single_transcript(config0.get(), &env.crypto_components); let config = RandomNiDkgConfig::reshare(transcript0, 0..=0, test_case.num_of_nodes, rng); @@ -329,7 +329,7 @@ fn prepare_create_initial_dealing_test_vectors( .dealer_count(test_case.num_of_dealers) .max_corrupt_dealers(get_faults_tolerated(test_case.num_of_dealers)) .build(rng); - let env = NiDkgTestEnvironment::new_for_config(config.get(), rng); + let env = NiDkgTestEnvironment::new_for_config_with_remote_vault(config.get(), rng); (env, config) } @@ -347,7 +347,7 @@ fn prepare_verify_dealing_test_vectors( .dealer_count(test_case.num_of_dealers) .max_corrupt_dealers(get_faults_tolerated(test_case.num_of_dealers)) .build(rng); - let env = NiDkgTestEnvironment::new_for_config(config.get(), rng); + let env = NiDkgTestEnvironment::new_for_config_with_remote_vault(config.get(), rng); let mut dealers: Vec<_> = config.dealer_ids().drain().collect(); dealers.sort_unstable(); @@ -380,7 +380,7 @@ fn prepare_create_transcript_test_vectors( .dealer_count(test_case.num_of_dealers) .max_corrupt_dealers(get_faults_tolerated(test_case.num_of_dealers)) .build(rng); - let mut env = NiDkgTestEnvironment::new_for_config(config.get(), rng); + let mut env = NiDkgTestEnvironment::new_for_config_with_remote_vault(config.get(), rng); let dealings = create_dealings(config.get(), &env.crypto_components); let creator_node_id = config.random_receiver_id(rng); retain_only(&mut env, &creator_node_id); @@ -398,7 +398,7 @@ fn prepare_load_transcript_test_vectors( .dealer_count(test_case.num_of_dealers) .max_corrupt_dealers(get_faults_tolerated(test_case.num_of_dealers)) .build(rng); - let env = NiDkgTestEnvironment::new_for_config(config.get(), rng); + let env = NiDkgTestEnvironment::new_for_config_with_remote_vault(config.get(), rng); let transcript = run_ni_dkg_and_create_single_transcript(config.get(), &env.crypto_components); (env, config, transcript) @@ -422,7 +422,7 @@ fn prepare_retain_keys_test_vectors( .registry_version(ic_base_types::RegistryVersion::from(1)) .max_corrupt_dealers(get_faults_tolerated(test_case.num_of_dealers)) .build(rng); - let mut env = NiDkgTestEnvironment::new_for_config(config0.get(), rng); + let mut env = NiDkgTestEnvironment::new_for_config_with_remote_vault(config0.get(), rng); let transcript0 = run_ni_dkg_and_create_single_transcript(config0.get(), &env.crypto_components); diff --git a/rs/crypto/benches/threshold_sig.rs b/rs/crypto/benches/threshold_sig.rs index d79278f80f6..0c2ee4b912c 100644 --- a/rs/crypto/benches/threshold_sig.rs +++ b/rs/crypto/benches/threshold_sig.rs @@ -1,6 +1,6 @@ use criterion::measurement::Measurement; use criterion::BatchSize::SmallInput; -use criterion::{criterion_group, criterion_main, BenchmarkGroup, Criterion}; +use criterion::{criterion_group, criterion_main, BenchmarkGroup, BenchmarkId, Criterion}; use ic_crypto::THRESHOLD_SIG_DATA_STORE_CAPACITY; use ic_crypto_temp_crypto::TempCryptoComponentGeneric; use ic_crypto_test_utils::crypto_for; @@ -20,6 +20,7 @@ use rand_chacha::ChaCha20Rng; use std::collections::BTreeMap; use std::convert::TryInto; use std::time::Duration; +use strum::IntoEnumIterator; criterion_main!(benches); criterion_group!( @@ -30,17 +31,45 @@ criterion_group!( * bench_threshold_sig_100_nodes_threshold_34, */ ); +#[derive(strum_macros::EnumIter, PartialEq, Copy, Clone, Default)] +enum VaultType { + Local, + #[default] + Remote, +} + +impl std::fmt::Debug for VaultType { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + match self { + VaultType::Remote => write!(f, "remote_vault"), + VaultType::Local => write!(f, "local_vault"), + } + } +} + fn bench_threshold_sig_1_node_threshold_1(criterion: &mut Criterion) { - let group = &mut criterion.benchmark_group("crypto_threshold_sig_1_node_threshold_1"); - group.sample_size(25); - bench_threshold_sig_n_nodes(group, 1, 1); + for vault_type in VaultType::iter() { + let group = &mut criterion.benchmark_group(format!( + "crypto_threshold_sig_1_node_threshold_1_{vault_type:?}" + )); + group.sample_size(25); + for message_size in [32, 1_000_000] { + bench_threshold_sig_n_nodes(group, 1, 1, message_size, vault_type); + } + } } fn bench_threshold_sig_28_nodes_threshold_10(criterion: &mut Criterion) { - let group = &mut criterion.benchmark_group("crypto_threshold_sig_28_nodes_threshold_10"); - group.sample_size(25); - group.measurement_time(Duration::from_secs(7)); - bench_threshold_sig_n_nodes(group, 28, 10); + for vault_type in VaultType::iter() { + let group = &mut criterion.benchmark_group(format!( + "crypto_threshold_sig_28_nodes_threshold_10_{vault_type:?}" + )); + group.sample_size(25); + group.measurement_time(Duration::from_secs(7)); + for message_size in [32, 1_000_000] { + bench_threshold_sig_n_nodes(group, 28, 10, message_size, vault_type); + } + } } // CRP-1176: Loading the NI-DKG transcript for all nodes in such a large subnet @@ -57,6 +86,8 @@ fn bench_threshold_sig_n_nodes( group: &mut BenchmarkGroup<'_, M>, num_of_nodes_in_subnet: usize, threshold: Threshold, + message_size: usize, + vault_type: VaultType, ) { let rng = &mut reproducible_rng(); let dkg_tag = dkg_tag(num_of_nodes_in_subnet, threshold); @@ -64,7 +95,13 @@ fn bench_threshold_sig_n_nodes( .dkg_tag(dkg_tag) .subnet_size(num_of_nodes_in_subnet) .build(rng); - let env = NiDkgTestEnvironment::new_for_config(config.get(), rng); + + let env = match vault_type { + VaultType::Local => NiDkgTestEnvironment::new_for_config(config.get(), rng), + VaultType::Remote => { + NiDkgTestEnvironment::new_for_config_with_remote_vault(config.get(), rng) + } + }; let nodes_in_subnet: Vec<_> = config.receiver_ids().iter().copied().collect(); @@ -74,37 +111,51 @@ fn bench_threshold_sig_n_nodes( } let dkg_id = transcript.dkg_id; - bench_threshold_sign(group, &nodes_in_subnet, &env.crypto_components, dkg_id, rng); - bench_verify_threshold_sig_share_excl_loading_pubkey( + bench_threshold_sign( group, &nodes_in_subnet, &env.crypto_components, dkg_id, + message_size, rng, ); - bench_verify_threshold_sig_share_incl_loading_pubkey( - group, - &nodes_in_subnet, - &env.crypto_components, - dkg_id, - &transcript, - rng, - ); - let threshold_many_random_subnet_nodes = random_nodes(&nodes_in_subnet, threshold, rng); - bench_combine_threshold_sig_shares( - group, - &threshold_many_random_subnet_nodes, - &env.crypto_components, - dkg_id, - rng, - ); - bench_verify_threshold_sig_combined( - group, - &threshold_many_random_subnet_nodes, - &env.crypto_components, - dkg_id, - rng, - ); + + if vault_type == VaultType::Remote { + bench_verify_threshold_sig_share_excl_loading_pubkey( + group, + &nodes_in_subnet, + &env.crypto_components, + dkg_id, + message_size, + rng, + ); + bench_verify_threshold_sig_share_incl_loading_pubkey( + group, + &nodes_in_subnet, + &env.crypto_components, + dkg_id, + &transcript, + message_size, + rng, + ); + let threshold_many_random_subnet_nodes = random_nodes(&nodes_in_subnet, threshold, rng); + bench_combine_threshold_sig_shares( + group, + &threshold_many_random_subnet_nodes, + &env.crypto_components, + dkg_id, + message_size, + rng, + ); + bench_verify_threshold_sig_combined( + group, + &threshold_many_random_subnet_nodes, + &env.crypto_components, + dkg_id, + message_size, + rng, + ); + } } fn bench_threshold_sign( @@ -112,12 +163,13 @@ fn bench_threshold_sign( nodes_in_subnet: &[NodeId], crypto_components: &BTreeMap>, dkg_id: NiDkgId, + message_size: usize, rng: &mut R, ) { - group.bench_function("threshold_sign", |bench| { + group.bench_function(BenchmarkId::new("threshold_sign", message_size), |bench| { bench.iter_batched( || { - let message = signable_with_random_32_bytes(rng); + let message = signable_with_random_bytes(message_size, rng); let signer = crypto_for(random_node(nodes_in_subnet, rng), crypto_components); (message, signer) }, @@ -135,40 +187,47 @@ fn bench_verify_threshold_sig_share_incl_loading_pubkey>, dkg_id: NiDkgId, transcript: &NiDkgTranscript, + message_size: usize, rng: &mut R, ) { - group.bench_function("verify_threshold_sig_share_incl_loading_pubkey", |bench| { - bench.iter_batched( - || { - let message = signable_with_random_32_bytes(rng); - let signer_node_id = random_node(nodes_in_subnet, rng); - let signer = crypto_for(signer_node_id, crypto_components); - let sig_share = signer - .sign_threshold(&message, dkg_id) - .expect("failed to threshold sign"); + group.bench_function( + BenchmarkId::new( + "verify_threshold_sig_share_incl_loading_pubkey", + message_size, + ), + |bench| { + bench.iter_batched( + || { + let message = signable_with_random_bytes(message_size, rng); + let signer_node_id = random_node(nodes_in_subnet, rng); + let signer = crypto_for(signer_node_id, crypto_components); + let sig_share = signer + .sign_threshold(&message, dkg_id) + .expect("failed to threshold sign"); - let verifier_node_id = random_node(nodes_in_subnet, rng); - let verifier = crypto_for(verifier_node_id, crypto_components); + let verifier_node_id = random_node(nodes_in_subnet, rng); + let verifier = crypto_for(verifier_node_id, crypto_components); - // Because the public key used for verifying signature shares is - // calculated _lazily_ and then stored in the verifier's threshold - // signature data store, purge the verifier's data store before - // performing the benchmark to ensure that the public key is - // calculated as part of the benchmark. After purging, the - // transcript is loaded again. - purge_dkg_id_from_data_store(dkg_id, verifier, transcript); - load_transcript(transcript, crypto_components, verifier_node_id); + // Because the public key used for verifying signature shares is + // calculated _lazily_ and then stored in the verifier's threshold + // signature data store, purge the verifier's data store before + // performing the benchmark to ensure that the public key is + // calculated as part of the benchmark. After purging, the + // transcript is loaded again. + purge_dkg_id_from_data_store(dkg_id, verifier, transcript); + load_transcript(transcript, crypto_components, verifier_node_id); - (sig_share, message, verifier, signer_node_id) - }, - |(sig_share, message, verifier, signer_node_id)| { - assert!(verifier - .verify_threshold_sig_share(&sig_share, &message, dkg_id, signer_node_id) - .is_ok()); - }, - SmallInput, - ) - }); + (sig_share, message, verifier, signer_node_id) + }, + |(sig_share, message, verifier, signer_node_id)| { + assert!(verifier + .verify_threshold_sig_share(&sig_share, &message, dkg_id, signer_node_id) + .is_ok()); + }, + SmallInput, + ) + }, + ); } fn bench_verify_threshold_sig_share_excl_loading_pubkey( @@ -176,38 +235,45 @@ fn bench_verify_threshold_sig_share_excl_loading_pubkey>, dkg_id: NiDkgId, + message_size: usize, rng: &mut R, ) { - group.bench_function("verify_threshold_sig_share_excl_loading_pubkey", |bench| { - bench.iter_batched( - || { - let message = signable_with_random_32_bytes(rng); - let signer_node_id = random_node(nodes_in_subnet, rng); - let signer = crypto_for(signer_node_id, crypto_components); - let sig_share = signer - .sign_threshold(&message, dkg_id) - .expect("failed to threshold sign"); - let verifier = crypto_for(random_node(nodes_in_subnet, rng), crypto_components); + group.bench_function( + BenchmarkId::new( + "verify_threshold_sig_share_excl_loading_pubkey", + message_size, + ), + |bench| { + bench.iter_batched( + || { + let message = signable_with_random_bytes(message_size, rng); + let signer_node_id = random_node(nodes_in_subnet, rng); + let signer = crypto_for(signer_node_id, crypto_components); + let sig_share = signer + .sign_threshold(&message, dkg_id) + .expect("failed to threshold sign"); + let verifier = crypto_for(random_node(nodes_in_subnet, rng), crypto_components); - // Because the public key used for verifying signature shares is - // calculated _lazily_ and then stored in the verifier's threshold - // signature data store, verify the signature share once before - // the benchmark is performed to ensure the public key is available - // in the data store during the benchmark. - assert!(verifier - .verify_threshold_sig_share(&sig_share, &message, dkg_id, signer_node_id) - .is_ok()); + // Because the public key used for verifying signature shares is + // calculated _lazily_ and then stored in the verifier's threshold + // signature data store, verify the signature share once before + // the benchmark is performed to ensure the public key is available + // in the data store during the benchmark. + assert!(verifier + .verify_threshold_sig_share(&sig_share, &message, dkg_id, signer_node_id) + .is_ok()); - (sig_share, message, verifier, signer_node_id) - }, - |(sig_share, message, verifier, signer_node_id)| { - assert!(verifier - .verify_threshold_sig_share(&sig_share, &message, dkg_id, signer_node_id) - .is_ok()); - }, - SmallInput, - ) - }); + (sig_share, message, verifier, signer_node_id) + }, + |(sig_share, message, verifier, signer_node_id)| { + assert!(verifier + .verify_threshold_sig_share(&sig_share, &message, dkg_id, signer_node_id) + .is_ok()); + }, + SmallInput, + ) + }, + ); } fn bench_combine_threshold_sig_shares( @@ -215,25 +281,29 @@ fn bench_combine_threshold_sig_shares( nodes: &[NodeId], crypto_components: &BTreeMap>, dkg_id: NiDkgId, + message_size: usize, rng: &mut R, ) { - group.bench_function("combine_threshold_sig_shares", |bench| { - bench.iter_batched( - || { - let message = signable_with_random_32_bytes(rng); - let sig_shares = - sign_threshold_for_each(nodes, &message, dkg_id, crypto_components); - let combiner = crypto_for(random_node(nodes, rng), crypto_components); - (sig_shares, combiner) - }, - |(sig_shares, combiner)| { - assert!(combiner - .combine_threshold_sig_shares(sig_shares, dkg_id) - .is_ok()); - }, - SmallInput, - ) - }); + group.bench_function( + BenchmarkId::new("combine_threshold_sig_shares", message_size), + |bench| { + bench.iter_batched( + || { + let message = signable_with_random_bytes(message_size, rng); + let sig_shares = + sign_threshold_for_each(nodes, &message, dkg_id, crypto_components); + let combiner = crypto_for(random_node(nodes, rng), crypto_components); + (sig_shares, combiner) + }, + |(sig_shares, combiner)| { + assert!(combiner + .combine_threshold_sig_shares(sig_shares, dkg_id) + .is_ok()); + }, + SmallInput, + ) + }, + ); } fn bench_verify_threshold_sig_combined( @@ -241,28 +311,32 @@ fn bench_verify_threshold_sig_combined( nodes: &[NodeId], crypto_components: &BTreeMap>, dkg_id: NiDkgId, + message_size: usize, rng: &mut R, ) { - group.bench_function("verify_threshold_sig_combined", |bench| { - bench.iter_batched( - || { - let message = signable_with_random_32_bytes(rng); - let sig_shares = - sign_threshold_for_each(nodes, &message, dkg_id, crypto_components); - let threshold_sig = crypto_for(random_node(nodes, rng), crypto_components) - .combine_threshold_sig_shares(sig_shares, dkg_id) - .expect("failed to combine threshold signature shares"); - let verifier = crypto_for(random_node(nodes, rng), crypto_components); - (threshold_sig, message, verifier) - }, - |(threshold_sig, message, verifier)| { - assert!(verifier - .verify_threshold_sig_combined(&threshold_sig, &message, dkg_id) - .is_ok()); - }, - SmallInput, - ) - }); + group.bench_function( + BenchmarkId::new("verify_threshold_sig_combined", message_size), + |bench| { + bench.iter_batched( + || { + let message = signable_with_random_bytes(message_size, rng); + let sig_shares = + sign_threshold_for_each(nodes, &message, dkg_id, crypto_components); + let threshold_sig = crypto_for(random_node(nodes, rng), crypto_components) + .combine_threshold_sig_shares(sig_shares, dkg_id) + .expect("failed to combine threshold signature shares"); + let verifier = crypto_for(random_node(nodes, rng), crypto_components); + (threshold_sig, message, verifier) + }, + |(threshold_sig, message, verifier)| { + assert!(verifier + .verify_threshold_sig_combined(&threshold_sig, &message, dkg_id) + .is_ok()); + }, + SmallInput, + ) + }, + ); } fn random_bytes(n: u128, rng: &mut R) -> Vec { @@ -298,8 +372,8 @@ fn purge_dkg_id_from_data_store( } } -fn signable_with_random_32_bytes(rng: &mut R) -> SignableMock { - SignableMock::new(random_bytes(32, rng)) +fn signable_with_random_bytes(num_bytes: usize, rng: &mut R) -> SignableMock { + SignableMock::new(random_bytes(num_bytes as u128, rng)) } fn dkg_tag(num_of_nodes_in_subnet: usize, threshold: Threshold) -> NiDkgTag { diff --git a/rs/crypto/test_utils/ni-dkg/src/lib.rs b/rs/crypto/test_utils/ni-dkg/src/lib.rs index 7e3410d42ca..6294bbd434c 100644 --- a/rs/crypto/test_utils/ni-dkg/src/lib.rs +++ b/rs/crypto/test_utils/ni-dkg/src/lib.rs @@ -674,23 +674,52 @@ pub struct NiDkgTestEnvironment { pub crypto_components: BTreeMap>, pub registry_data: Arc, pub registry: Arc, + use_remote_vault: bool, } impl NiDkgTestEnvironment { /// Creates a new empty test environment. + /// The crypto components are initialized with local vaults. pub fn new() -> Self { + Self::new_impl(false) + } + + pub fn new_with_remote_vault() -> Self { + Self::new_impl(true) + } + + fn new_impl(use_remote_vault: bool) -> Self { let registry_data = Arc::new(ProtoRegistryDataProvider::new()); let registry = Arc::new(FakeRegistryClient::new(Arc::clone(®istry_data) as Arc<_>)); Self { crypto_components: BTreeMap::new(), registry_data, registry, + use_remote_vault, } } /// Creates a new test environment appropriate for the given config. + /// The crypto components are initialized with local vaults. pub fn new_for_config(config: &NiDkgConfig, rng: &mut R) -> Self { - let mut env = Self::new(); + Self::new_for_config_impl(config, false, rng) + } + + /// Creates a new test environment appropriate for the given config. + /// The crypto components are initialized with remote vaults. + pub fn new_for_config_with_remote_vault( + config: &NiDkgConfig, + rng: &mut R, + ) -> Self { + Self::new_for_config_impl(config, true, rng) + } + + fn new_for_config_impl( + config: &NiDkgConfig, + use_remote_vault: bool, + rng: &mut R, + ) -> Self { + let mut env = Self::new_impl(use_remote_vault); env.update_for_config(config, rng); env } @@ -709,7 +738,12 @@ impl NiDkgTestEnvironment { ) { let new_node_ids = self.added_nodes(ni_dkg_config); for node_id in new_node_ids { - self.add_crypto_component_and_registry_entry(ni_dkg_config, node_id, rng); + self.add_crypto_component_and_registry_entry( + ni_dkg_config, + node_id, + self.use_remote_vault, + rng, + ); } self.registry.update_to_latest_version(); self.cleanup_unused_nodes(ni_dkg_config); @@ -729,10 +763,31 @@ impl NiDkgTestEnvironment { } /// Deserializes a new `NiDkgTestEnvironment` from disk. + /// The crypto components are initialized with local vaults. /// /// Note that this only works if the environment was originally serialized /// using `save_to_dir`. pub fn new_from_dir(toplevel_path: &Path, rng: &mut R) -> Self { + Self::new_from_dir_impl(toplevel_path, false, rng) + } + + /// Deserializes a new `NiDkgTestEnvironment` from disk. + /// The crypto components are initialized with remote vaults. + /// + /// Note that this only works if the environment was originally serialized + /// using `save_to_dir`. + pub fn new_from_dir_with_remote_vault( + toplevel_path: &Path, + rng: &mut R, + ) -> Self { + Self::new_from_dir_impl(toplevel_path, true, rng) + } + + fn new_from_dir_impl( + toplevel_path: &Path, + use_remote_vault: bool, + rng: &mut R, + ) -> Self { fn node_ids_from_dir_names(toplevel_path: &Path) -> BTreeMap { std::fs::read_dir(toplevel_path) .expect("crypto_root directory doesn't exist") @@ -759,14 +814,20 @@ impl NiDkgTestEnvironment { crypto_components: BTreeMap::new(), registry_data, registry, + use_remote_vault, }; for (node_id, crypto_root) in node_ids_from_dir_names(toplevel_path) { - let crypto_component = TempCryptoComponent::builder() + let crypto_component_builder = TempCryptoComponent::builder() .with_temp_dir_source(crypto_root) .with_registry(Arc::clone(&ret.registry) as Arc<_>) .with_node_id(node_id) - .with_rng(ChaCha20Rng::from_seed(rng.gen())) - .build(); + .with_rng(ChaCha20Rng::from_seed(rng.gen())); + let crypto_component_builder = if use_remote_vault { + crypto_component_builder.with_remote_vault() + } else { + crypto_component_builder + }; + let crypto_component = crypto_component_builder.build(); ret.crypto_components.insert(node_id, crypto_component); } @@ -788,15 +849,21 @@ impl NiDkgTestEnvironment { &mut self, ni_dkg_config: &NiDkgConfig, node_id: NodeId, + use_remote_vault: bool, rng: &mut R, ) { // Insert TempCryptoComponent - let temp_crypto = TempCryptoComponent::builder() + let temp_crypto_builder = TempCryptoComponent::builder() .with_registry(Arc::clone(&self.registry) as Arc<_>) .with_node_id(node_id) .with_keys(NodeKeysToGenerate::only_dkg_dealing_encryption_key()) - .with_rng(ChaCha20Rng::from_seed(rng.gen())) - .build(); + .with_rng(ChaCha20Rng::from_seed(rng.gen())); + let temp_crypto_builder = if use_remote_vault { + temp_crypto_builder.with_remote_vault() + } else { + temp_crypto_builder + }; + let temp_crypto = temp_crypto_builder.build(); let dkg_dealing_encryption_pubkey = temp_crypto .current_node_public_keys() .expect("Failed to retrieve node public keys")