Introduce interface for signing providers #12714

pull sipa wants to merge 1 commits into bitcoin:master from sipa:201803_signingprovider changing 3 files +35 −29
  1. sipa commented at 3:23 AM on March 18, 2018: member

    CKeyStore is a rich interface that provides many features, including knowledge of scripts and pubkeys for solving, private keys for signing, in addition to watch-only keys and scripts, and distinguishing lack of keys from them just being encrypted.

    The signing logic in script/sign does not actually need most of these features. Here we introduce a simpler interface (SigningProvider) which only provides keys and scripts. This is actually sufficient for signing.

    In addtion, we swap the dependency between keystore and script/sign (keystore now depends on script/script with CKeyStore deriving from SigningProvider, rather than CKeyStore being the interface that signing relies on).

    This is a very early step towards the design in https://gist.github.com/sipa/125cfa1615946d0c3f3eec2ad7f250a2, separating the concern between deciding what outputs are ours and signing.

  2. fanquake added the label Refactoring on Mar 18, 2018
  3. jonasschnelli commented at 5:01 AM on March 18, 2018: contributor

    Makes sense. utACK b6cb981e9e62a9886891b200fcf6b144f1e2e2f5

  4. meshcollider commented at 10:07 AM on March 18, 2018: contributor

    Concept ACK

  5. jimpo commented at 11:31 PM on March 18, 2018: contributor

    utACK b6cb981e9e62a9886891b200fcf6b144f1e2e2f5.

  6. l2a5b1 commented at 11:12 AM on March 19, 2018: contributor

    Strong concept ACK.

    I very much appreciate this PR as it promotes the separation of concerns and the use of loosely coupled components.

    Some thoughts:

    • CKeyStore can become a pure interface by itself by moving its cs_KeyStore member and the AddKey implementation to CBasicKeyStore (I am happy to follow up on this if this is desired, but out of scope);
    • Declare SigningProvider in its own header file;
    • Rename the variable names where its type has been refactored from CKeyStore to SigningProvider to signingProvider-like equivalents.
  7. sipa commented at 6:50 PM on March 19, 2018: member

    CKeyStore can become a pure interface by itself by moving its cs_KeyStore member and the AddKey implementation to CBasicKeyStore (I am happy to follow up on this if this is desired, but out of scope);

    Indeed, this is possible (and has been possible for a while). I have some bigger changes planned, though (see below).

    Declare SigningProvider in its own header file;

    I disagree. SigningProvider is part of the signing module. It's the interface you need to implement to use the signing logic. Making keystore a separate module was partly responsible for it gaining many of its unnecessary responsibilities.

    Rename the variable names where its type has been refactored from CKeyStore to SigningProvider to signingProvider-like equivalents.

    Indeed, but there are many more changes coming here, and I'd like to avoid code churn.

    In a way, I think, SigningProvider is what CKeyStore should have been. At the time it was created, it was necessary to break a cyclic dependency between script and wallet, and SigningProvider would have been sufficient for that. However, instead of just being the interface to provide information to the signing logic, it became the class that was actually responsible for maintaining that information. Later is was extended with even more responsibilities (maintaining all information to determine whether an output is ours, rather than just information for signing).

    Effectively keystore now manages a rather arbitrary subset of the wallet's data (keys and script and watchonly, but no key chains, pool, labels, metadata) - which isn't even enough to fully control the "which outputs are ours" concern now that HD derivation etc are implemented. I think keystore should either be fully merged back into wallet, or be extended to become the storage of all "record" related information (see the gist linked to in the PR description).

  8. l2a5b1 commented at 6:16 PM on March 21, 2018: contributor

    Thanks for the feedback @sipa, appreciate it!

    Just to elaborate on the suggestion to decouple the pure interface SigningProvider:

    As far as I can tell with b6cb981 there is a compilation dependency between implementations of the SigningProvider and the signing module, meaning that each time when the signing module needs to be compiled, implementations of the SigningProvider - which may not have been changed nor care about the recompiled signing module - will be recompiled as a result.

    I took notice of the comment below:

    SigningProvider is part of the signing module. It's the interface you need to implement to use the signing logic.

    CKeyStore and CBasicKeyStore only seem to use the signing module by way of implementing the SigningProvider interface class. Decoupling the SigningProvider interface class doesn't conceptually change that design if you would keep the signingprovider.h and sign.h header files together, but it will break the compilation dependency between the signing module and implementations of the SigningProvider interface class.

    Please note that this is just a friendly clarification. I am not pushing back on the concept (it wouldn't surprise me if I am still missing something very obvious).

  9. sipa commented at 6:36 PM on March 21, 2018: member

    @251Labs Sorry if I came across as claiming you're wrong, I'm just voicing my opinion about design. This is a useful discussion in any case.

    You're certainly right that keeping SigningProvider part of the signing module means a possibly unnecessary compilation dependency of provider implementations on script/sign.h, but I don't think this is a big issue.

    The point I was trying to make is that we should see SigningProvider as part of the "script signing interface", and not a separate thing. This is purely a code organization issue, not more. I believe that having keystore a separate module is partially responsible for it having become overloaded with unnecessary features.

  10. laanwj added this to the "Blockers" column in a project
  11. instagibbs commented at 8:55 PM on March 22, 2018: member

    concept ACK, will review

  12. in src/script/sign.h:19 in b6cb981e9e outdated 
      15 | +class CScriptID;
  16 |  class CTransaction;
  17 |  
  18 |  struct CMutableTransaction;
  19 |  
  20 | +/** An interface to be implemented by keystores that support signing. */
  13. promag commented at 12:54 AM on March 23, 2018: member

    utACK b6cb981.

    This seams an incomplete change while reading code like SigningProvider* keystore, but I guess who cares.

  14. instagibbs commented at 12:37 PM on March 23, 2018: member

    utACK https://github.com/bitcoin/bitcoin/pull/12714/commits/b6cb981e9e62a9886891b200fcf6b144f1e2e2f5

    follow-on renamings always nice in subsequent PRs

  15. Introduce interface for signing providers
    CKeyStore is a rich interface that provides many features, including knowledge
of scripts and pubkeys for solving, private keys for signing, in addition to
watch-only keys and scripts, and distinguishing lack of keys from them just
being encrypted.

The signing logic in script/sign does not actually need most of these features.
Here we introduce a simpler interface (SigningProvider) which *only* provides
keys and scripts. This is actually sufficient for signing.

In addtion, we swap the dependency between keystore and script/sign
(keystore now depends on script/script with CKeyStore deriving from
SigningProvider, rather than CKeyStore being the interface that signing
relies on).
    d40f06a3da
  16. sipa force-pushed on Mar 25, 2018
  17. sipa commented at 8:28 PM on March 25, 2018: member

    Updated to include a few non-invasive renames.

  18. instagibbs commented at 6:32 PM on March 26, 2018: member

    reACK https://github.com/bitcoin/bitcoin/pull/12714/commits/d40f06a3da5e6b1fd065885b08513263fa930cb8

    (m_)provider renaming

  19. laanwj commented at 6:16 PM on March 27, 2018: member

    utACK d40f06a3da5e6b1fd065885b08513263fa930cb8

  20. laanwj merged this on Mar 27, 2018
  21. laanwj closed this on Mar 27, 2018
  22. laanwj referenced this in commit bf8fc7d352 on Mar 27, 2018
  23. laanwj referenced this in commit e49ba2e23b on Mar 27, 2018
  24. fanquake removed this from the "Blockers" column in a project
  25. Fabcien referenced this in commit 86297ab2b7 on Aug 30, 2019
  26. PastaPastaPasta referenced this in commit dea67504a6 on Sep 27, 2020
  27. PastaPastaPasta referenced this in commit b00a66671f on Sep 27, 2020
  28. PastaPastaPasta referenced this in commit 4b866e6380 on Sep 27, 2020
  29. PastaPastaPasta referenced this in commit f8a2413b49 on Oct 14, 2020
  30. PastaPastaPasta referenced this in commit c85c34e557 on Oct 22, 2020
  31. PastaPastaPasta referenced this in commit c902e6075d on Oct 27, 2020
  32. UdjinM6 referenced this in commit 48b3cb47b7 on Jun 19, 2021
  33. UdjinM6 referenced this in commit 4bcb6dac1f on Jun 24, 2021
  34. UdjinM6 referenced this in commit f447f32b3a on Jun 26, 2021
  35. UdjinM6 referenced this in commit b7e885f388 on Jun 26, 2021
  36. UdjinM6 referenced this in commit 05f4da48fc on Jun 28, 2021
  37. MarcoFalke locked this on Sep 8, 2021
Contributors
sipajonasschnellimeshcolliderjimpol2a5b1instagibbspromaglaanwj
Labels
Refactoring
Linked (view graph)
#12762 Make CKeyStore an interface
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-19 09:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me