Skip to content

Update kdf#395

Merged
eigmax merged 8 commits intoGOATNetwork:devfrom
KSlashh:update-kdf
Apr 2, 2026
Merged

Update kdf#395
eigmax merged 8 commits intoGOATNetwork:devfrom
KSlashh:update-kdf

Conversation

@KSlashh
Copy link
Copy Markdown
Collaborator

@KSlashh KSlashh commented Mar 27, 2026
edited
Loading

  • Use a separate challenger address/key for NST (disprove) broadcast.
  • Switch key derivation flows to HKDF for better security.
  • Introduce committee instance key lifecycle (create/load/delete) with encrypted disk storage.
  • Migrate committee instance key usage to load-or-create flow.
  • Add instance_committee_key_cleanup_monitor to delete committee instance key after pegin-confirm + timelock.

@KSlashh KSlashh marked this pull request as draft March 27, 2026 02:15
@KSlashh KSlashh marked this pull request as ready for review March 30, 2026 06:30
@KSlashh KSlashh marked this pull request as draft March 30, 2026 06:30
eigmax
eigmax reviewed Apr 2, 2026
View reviewed changes
Comment thread crates/bitvm2-ga/src/keys.rs Outdated

fn derive_bip32_root(master_key: &Keypair) -> Xpriv {
let seed = hkdf_expand(master_key, HKDF_SALT, BITVM_BIP32_ROOT_DOMAIN, 64);
Xpriv::new_master(Network::Bitcoin, &seed)
Copy link
Copy Markdown
Contributor

@eigmax eigmax Mar 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's hardcoded network.

eigmax
eigmax reviewed Apr 2, 2026
View reviewed changes
Comment thread node/src/handle.rs
instance_id: Uuid,
) -> Result<bitcoin::key::Keypair> {
let envelope_path = committee_instance_keys_envelope_path(instance_id);
match committee_master_key.load_instance_keypair(instance_id, &envelope_path) {
Copy link
Copy Markdown
Contributor

@eigmax eigmax Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the envelope exists but is corrupted or has a version mismatch, the function will overwrite it with a new key — losing the old committee identity for that instance. Should distinguish "file not found" from "file corrupt/tampered" and only auto-create on missing.

@KSlashh KSlashh marked this pull request as ready for review April 2, 2026 14:19
@eigmax eigmax merged commit a8c84e1 into GOATNetwork:dev Apr 2, 2026
3 checks passed
@KSlashh KSlashh deleted the update-kdf branch April 20, 2026 07:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eigmax eigmax eigmax left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@KSlashh @eigmax