From ebedb3890283adf176ff9c28262ec58844bba048 Mon Sep 17 00:00:00 2001 From: Cedric Cordenier Date: Tue, 10 Oct 2023 13:46:37 +0100 Subject: [PATCH] [BCF-2689] Use an in-memory keystore for tests - Remove unused migration methods from the keystore - Split the keystore ORM in two, between methods which access the `encrypted_key_rings` table, and methods which access `evm.key_states` - Create an in-memory version of the base ORM, which doesn't actually write to the DB. Methods which access `evm.key_states` are unaffected by this. This will prevent tests from competing to get a row-level lock on the singleton keystore record. - Start using this in-memory keystore in `cltest` and in tests generally. Note: tests in the keystore package themselves are unaffected by this, since we still want to have test coverage over the behaviour that accesses the DB. --- .../cosmos/cosmostxm/txm_internal_test.go | 2 +- core/chains/cosmos/cosmostxm/txm_test.go | 2 +- core/chains/evm/txmgr/confirmer_test.go | 6 +- core/chains/evm/txmgr/txmgr_test.go | 3 +- core/internal/cltest/cltest.go | 4 +- core/services/keystore/csa.go | 17 ---- core/services/keystore/csa_test.go | 18 ---- core/services/keystore/eth.go | 34 ++------ core/services/keystore/eth_internal_test.go | 35 -------- core/services/keystore/keystoretest.go | 80 +++++++++++++++++ core/services/keystore/master.go | 30 ++++--- core/services/keystore/mocks/csa.go | 26 ------ core/services/keystore/mocks/ocr.go | 26 ------ core/services/keystore/mocks/p2p.go | 26 ------ core/services/keystore/mocks/vrf.go | 26 ------ core/services/keystore/ocr.go | 17 ---- core/services/keystore/ocr_test.go | 22 ----- core/services/keystore/orm.go | 35 ++------ core/services/keystore/orm_test.go | 87 ------------------- core/services/keystore/p2p.go | 17 ---- core/services/keystore/p2p_test.go | 17 ---- core/services/keystore/vrf.go | 20 ----- core/services/keystore/vrf_test.go | 24 ----- core/services/ocrcommon/peer_wrapper_test.go | 14 ++- core/services/vrf/delegate_test.go | 6 +- core/services/vrf/v2/integration_v2_test.go | 2 +- core/services/vrf/v2/listener_v2_test.go | 6 +- 27 files changed, 137 insertions(+), 465 deletions(-) delete mode 100644 core/services/keystore/eth_internal_test.go create mode 100644 core/services/keystore/keystoretest.go delete mode 100644 core/services/keystore/orm_test.go diff --git a/core/chains/cosmos/cosmostxm/txm_internal_test.go b/core/chains/cosmos/cosmostxm/txm_internal_test.go index 2f0b4fda06f..c236242b84c 100644 --- a/core/chains/cosmos/cosmostxm/txm_internal_test.go +++ b/core/chains/cosmos/cosmostxm/txm_internal_test.go @@ -52,7 +52,7 @@ func newReaderWriterMock(t *testing.T) *tcmocks.ReaderWriter { func TestTxm(t *testing.T) { db := pgtest.NewSqlxDB(t) lggr := testutils.LoggerAssertMaxLevel(t, zapcore.ErrorLevel) - ks := keystore.New(db, utils.FastScryptParams, lggr, pgtest.NewQConfig(true)) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, pgtest.NewQConfig(true)) require.NoError(t, ks.Unlock("blah")) for i := 0; i < 4; i++ { diff --git a/core/chains/cosmos/cosmostxm/txm_test.go b/core/chains/cosmos/cosmostxm/txm_test.go index a3322ed2744..a7a8d0280c6 100644 --- a/core/chains/cosmos/cosmostxm/txm_test.go +++ b/core/chains/cosmos/cosmostxm/txm_test.go @@ -56,7 +56,7 @@ func TestTxm_Integration(t *testing.T) { eb := pg.NewEventBroadcaster(cfg.Database().URL(), 0, 0, lggr, uuid.New()) require.NoError(t, eb.Start(testutils.Context(t))) t.Cleanup(func() { require.NoError(t, eb.Close()) }) - ks := keystore.New(db, utils.FastScryptParams, lggr, pgtest.NewQConfig(true)) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, pgtest.NewQConfig(true)) zeConfig := sdk.GetConfig() fmt.Println(zeConfig) accounts, testdir, tendermintURL := cosmosclient.SetupLocalCosmosNode(t, chainID, *cosmosChain.GasToken) diff --git a/core/chains/evm/txmgr/confirmer_test.go b/core/chains/evm/txmgr/confirmer_test.go index 0a7b2b117b2..f6e92c5e88d 100644 --- a/core/chains/evm/txmgr/confirmer_test.go +++ b/core/chains/evm/txmgr/confirmer_test.go @@ -2412,8 +2412,6 @@ func TestEthConfirmer_RebroadcastWhereNecessary_TerminallyUnderpriced_ThenGoesTh require.NoError(t, ec.RebroadcastWhereNecessary(testutils.Context(t), currentHead)) }) - realKst := cltest.NewKeyStore(t, db, cfg.Database()).Eth() - t.Run("multiple gas bumps with existing broadcast attempts are retried with more gas until success in legacy mode", func(t *testing.T) { ethClient := evmtest.NewEthClientMockWithDefaultChain(t) ec := cltest.NewEthConfirmer(t, txStore, ethClient, evmcfg, kst, nil) @@ -2439,7 +2437,7 @@ func TestEthConfirmer_RebroadcastWhereNecessary_TerminallyUnderpriced_ThenGoesTh ).Run(func(args mock.Arguments) { unsignedLegacyTx := args.Get(1).(*types.Transaction) // Use the real keystore to do the actual signing - thisSignedLegacyTx, err := realKst.SignTx(fromAddress, unsignedLegacyTx, testutils.FixtureChainID) + thisSignedLegacyTx, err := ethKeyStore.SignTx(fromAddress, unsignedLegacyTx, testutils.FixtureChainID) require.NoError(t, err) *signedLegacyTx = *thisSignedLegacyTx }).Times(4) // 3 failures 1 success @@ -2471,7 +2469,7 @@ func TestEthConfirmer_RebroadcastWhereNecessary_TerminallyUnderpriced_ThenGoesTh ).Run(func(args mock.Arguments) { unsignedDxFeeTx := args.Get(1).(*types.Transaction) // Use the real keystore to do the actual signing - thisSignedDxFeeTx, err := realKst.SignTx(fromAddress, unsignedDxFeeTx, testutils.FixtureChainID) + thisSignedDxFeeTx, err := ethKeyStore.SignTx(fromAddress, unsignedDxFeeTx, testutils.FixtureChainID) require.NoError(t, err) *signedDxFeeTx = *thisSignedDxFeeTx }).Times(4) // 3 failures 1 success diff --git a/core/chains/evm/txmgr/txmgr_test.go b/core/chains/evm/txmgr/txmgr_test.go index 5d2975e2db5..7932167ff48 100644 --- a/core/chains/evm/txmgr/txmgr_test.go +++ b/core/chains/evm/txmgr/txmgr_test.go @@ -522,9 +522,8 @@ func TestTxm_CreateTransaction_OutOfEth(t *testing.T) { config, dbConfig, evmConfig := makeConfigs(t) ethClient := evmtest.NewEthClientMockWithDefaultChain(t) - kst := cltest.NewKeyStore(t, db, dbConfig) estimator := gas.NewEstimator(logger.TestLogger(t), ethClient, config, evmConfig.GasEstimator()) - txm, err := makeTestEvmTxm(t, db, ethClient, estimator, evmConfig, evmConfig.GasEstimator(), evmConfig.Transactions(), dbConfig, dbConfig.Listener(), kst.Eth(), nil) + txm, err := makeTestEvmTxm(t, db, ethClient, estimator, evmConfig, evmConfig.GasEstimator(), evmConfig.Transactions(), dbConfig, dbConfig.Listener(), etKeyStore, nil) require.NoError(t, err) t.Run("if another key has any transactions with insufficient eth errors, transmits as normal", func(t *testing.T) { diff --git a/core/internal/cltest/cltest.go b/core/internal/cltest/cltest.go index 3a9c1724353..ec67f08449d 100644 --- a/core/internal/cltest/cltest.go +++ b/core/internal/cltest/cltest.go @@ -379,7 +379,7 @@ func NewApplicationWithConfig(t testing.TB, cfg chainlink.GeneralConfig, flagsAn } } - keyStore := keystore.New(db, utils.FastScryptParams, lggr, cfg.Database()) + keyStore := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg.Database()) mailMon := utils.NewMailboxMonitor(cfg.AppID().String()) loopRegistry := plugins.NewLoopRegistry(lggr) @@ -687,7 +687,7 @@ func (ta *TestApplication) NewAuthenticatingShell(prompter cmd.Prompter) *cmd.Sh // NewKeyStore returns a new, unlocked keystore func NewKeyStore(t testing.TB, db *sqlx.DB, cfg pg.QConfig) keystore.Master { - keystore := keystore.New(db, utils.FastScryptParams, logger.TestLogger(t), cfg) + keystore := keystore.NewInMemory(db, utils.FastScryptParams, logger.TestLogger(t), cfg) require.NoError(t, keystore.Unlock(Password)) return keystore } diff --git a/core/services/keystore/csa.go b/core/services/keystore/csa.go index 4dd01139452..01491b85b35 100644 --- a/core/services/keystore/csa.go +++ b/core/services/keystore/csa.go @@ -23,8 +23,6 @@ type CSA interface { Import(keyJSON []byte, password string) (csakey.KeyV2, error) Export(id string, password string) ([]byte, error) EnsureKey() error - - GetV1KeysAsV2() ([]csakey.KeyV2, error) } type csa struct { @@ -158,21 +156,6 @@ func (ks *csa) EnsureKey() error { return ks.safeAddKey(key) } -func (ks *csa) GetV1KeysAsV2() (keys []csakey.KeyV2, _ error) { - v1Keys, err := ks.orm.GetEncryptedV1CSAKeys() - if err != nil { - return keys, err - } - for _, keyV1 := range v1Keys { - err := keyV1.Unlock(ks.password) - if err != nil { - return keys, err - } - keys = append(keys, keyV1.ToV2()) - } - return keys, nil -} - func (ks *csa) getByID(id string) (csakey.KeyV2, error) { key, found := ks.keyRing.CSA[id] if !found { diff --git a/core/services/keystore/csa_test.go b/core/services/keystore/csa_test.go index 50de926647d..f163f8fb200 100644 --- a/core/services/keystore/csa_test.go +++ b/core/services/keystore/csa_test.go @@ -13,7 +13,6 @@ import ( "github.com/smartcontractkit/chainlink/v2/core/internal/testutils/pgtest" "github.com/smartcontractkit/chainlink/v2/core/services/keystore" "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/csakey" - "github.com/smartcontractkit/chainlink/v2/core/utils" ) func Test_CSAKeyStore_E2E(t *testing.T) { @@ -169,21 +168,4 @@ func Test_CSAKeyStore_E2E(t *testing.T) { require.NoError(t, err) require.Equal(t, 1, len(keys)) }) - - t.Run("returns V1 keys as V2", func(t *testing.T) { - defer reset() - defer require.NoError(t, utils.JustError(db.Exec("DELETE FROM csa_keys"))) - - k, err := csakey.New(cltest.Password, utils.FastScryptParams) - require.NoError(t, err) - - err = utils.JustError(db.Exec(`INSERT INTO csa_keys (public_key, encrypted_private_key, created_at, updated_at) VALUES ($1, $2, NOW(), NOW())`, k.PublicKey, k.EncryptedPrivateKey)) - require.NoError(t, err) - - keys, err := ks.GetV1KeysAsV2() - require.NoError(t, err) - - assert.Len(t, keys, 1) - assert.Equal(t, fmt.Sprintf("CSAKeyV2{PrivateKey: , PublicKey: %s}", keys[0].PublicKey), keys[0].GoString()) - }) } diff --git a/core/services/keystore/eth.go b/core/services/keystore/eth.go index 0f9083f32a2..0df496f7e16 100644 --- a/core/services/keystore/eth.go +++ b/core/services/keystore/eth.go @@ -53,15 +53,19 @@ type Eth interface { type eth struct { *keyManager + keystateORM + q pg.Q subscribers [](chan struct{}) subscribersMu *sync.RWMutex } var _ Eth = ð{} -func newEthKeyStore(km *keyManager) *eth { +func newEthKeyStore(km *keyManager, orm keystateORM, q pg.Q) *eth { return ð{ + keystateORM: orm, keyManager: km, + q: q, subscribers: make([](chan struct{}), 0), subscribersMu: new(sync.RWMutex), } @@ -193,7 +197,7 @@ func (ks *eth) addKey(address common.Address, chainID *big.Int, qopts ...pg.QOpt sql := `INSERT INTO evm.key_states (address, disabled, evm_chain_id, created_at, updated_at) VALUES ($1, false, $2, NOW(), NOW()) RETURNING *;` - q := ks.orm.q.WithOpts(qopts...) + q := ks.q.WithOpts(qopts...) if err := q.Get(state, sql, address, chainID.String()); err != nil { return errors.Wrap(err, "failed to insert evm_key_state") } @@ -216,7 +220,7 @@ func (ks *eth) Enable(address common.Address, chainID *big.Int, qopts ...pg.QOpt // caller must hold lock! func (ks *eth) enable(address common.Address, chainID *big.Int, qopts ...pg.QOpt) error { state := new(ethkey.State) - q := ks.orm.q.WithOpts(qopts...) + q := ks.q.WithOpts(qopts...) sql := `UPDATE evm.key_states SET disabled = false, updated_at = NOW() WHERE address = $1 AND evm_chain_id = $2 RETURNING *;` if err := q.Get(state, sql, address, chainID.String()); err != nil { @@ -240,7 +244,7 @@ func (ks *eth) Disable(address common.Address, chainID *big.Int, qopts ...pg.QOp func (ks *eth) disable(address common.Address, chainID *big.Int, qopts ...pg.QOpt) error { state := new(ethkey.State) - q := ks.orm.q.WithOpts(qopts...) + q := ks.q.WithOpts(qopts...) sql := `UPDATE evm.key_states SET disabled = false, updated_at = NOW() WHERE address = $1 AND evm_chain_id = $2 RETURNING id, address, evm_chain_id, disabled, created_at, updated_at;` if err := q.Get(state, sql, address, chainID.String()); err != nil { @@ -480,26 +484,6 @@ func (ks *eth) EnabledAddressesForChain(chainID *big.Int) (addresses []common.Ad return } -func (ks *eth) getV1KeysAsV2() (keys []ethkey.KeyV2, fundings []bool, _ error) { - v1Keys, err := ks.orm.GetEncryptedV1EthKeys() - if err != nil { - return nil, nil, errors.Wrap(err, "failed to get encrypted v1 eth keys") - } - if len(v1Keys) == 0 { - return nil, nil, nil - } - for _, keyV1 := range v1Keys { - dKey, err := keystore.DecryptKey(keyV1.JSON, ks.password) - if err != nil { - return nil, nil, errors.Wrapf(err, "could not decrypt eth key %s", keyV1.Address.Hex()) - } - keyV2 := ethkey.FromPrivateKey(dKey.PrivateKey) - keys = append(keys, keyV2) - fundings = append(fundings, keyV1.IsFunding) - } - return keys, fundings, nil -} - // XXXTestingOnlySetState is only used in tests to manually update a key's state func (ks *eth) XXXTestingOnlySetState(state ethkey.State) { ks.lock.Lock() @@ -514,7 +498,7 @@ func (ks *eth) XXXTestingOnlySetState(state ethkey.State) { *existingState = state sql := `UPDATE evm.key_states SET address = :address, is_disabled = :is_disabled, evm_chain_id = :evm_chain_id, updated_at = NOW() WHERE address = :address;` - _, err := ks.orm.q.NamedExec(sql, state) + _, err := ks.q.NamedExec(sql, state) if err != nil { panic(err.Error()) } diff --git a/core/services/keystore/eth_internal_test.go b/core/services/keystore/eth_internal_test.go deleted file mode 100644 index 5fe6e6e7698..00000000000 --- a/core/services/keystore/eth_internal_test.go +++ /dev/null @@ -1,35 +0,0 @@ -package keystore - -import ( - "fmt" - "testing" - - "github.com/smartcontractkit/chainlink/v2/core/internal/testutils" - "github.com/smartcontractkit/chainlink/v2/core/internal/testutils/pgtest" - "github.com/smartcontractkit/chainlink/v2/core/utils" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -func Test_EthKeyStore(t *testing.T) { - db := pgtest.NewSqlxDB(t) - - keyStore := ExposedNewMaster(t, db, pgtest.NewQConfig(true)) - err := keyStore.Unlock(testutils.Password) - require.NoError(t, err) - ks := keyStore.Eth() - - t.Run("returns V1 keys as V2", func(t *testing.T) { - ethAddress := testutils.NewAddress() - err = utils.JustError(db.Exec(`INSERT INTO keys (address, json, created_at, updated_at, is_funding, deleted_at) VALUES ($1, '{"address":"6fdac88ddfd811d130095373986889ed90e0d622","crypto":{"cipher":"aes-128-ctr","ciphertext":"557f5324e770c3d203751c1f0f7fb5076386c49f5b05e3f20b3abb59758fd3c3","cipherparams":{"iv":"bd9472543fab7cc63027cbcd039daff0"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":2,"p":1,"r":8,"salt":"647b54770a3fda830b4440ae57c44cf7506297295fe4d72b1ff943e3a8ddb94a"},"mac":"0c654ee29ee06b3816fc0040d84ebd648c557144a77ccc55b9568355f53397b3"},"id":"6fdac88d-dfd8-11d1-3009-5373986889ed","version":3}', NOW(), NOW(), false, NULL)`, ethAddress)) - require.NoError(t, err) - - keys, fundings, err := ks.(*eth).getV1KeysAsV2() - require.NoError(t, err) - - assert.Len(t, keys, 1) - assert.Equal(t, fmt.Sprintf("EthKeyV2{PrivateKey: , Address: %s}", keys[0].Address), keys[0].GoString()) - assert.Equal(t, false, fundings[0]) - }) -} diff --git a/core/services/keystore/keystoretest.go b/core/services/keystore/keystoretest.go new file mode 100644 index 00000000000..7e0280f974a --- /dev/null +++ b/core/services/keystore/keystoretest.go @@ -0,0 +1,80 @@ +package keystore + +import ( + "sync" + + "github.com/smartcontractkit/sqlx" + + "github.com/smartcontractkit/chainlink/v2/core/logger" + "github.com/smartcontractkit/chainlink/v2/core/services/pg" + "github.com/smartcontractkit/chainlink/v2/core/utils" +) + +// memoryORM is an in-memory version of the keystore. This is +// only intended to be used in tests to avoid DB lock contention on +// the single DB row that stores the key material. +// +// Note: we store `q` on the struct since `saveEncryptedKeyRing` needs +// to support DB callbacks. +type memoryORM struct { + keyRing *encryptedKeyRing + q pg.Queryer + mu sync.RWMutex +} + +func (o *memoryORM) isEmpty() (bool, error) { + return false, nil +} + +func (o *memoryORM) saveEncryptedKeyRing(kr *encryptedKeyRing, callbacks ...func(pg.Queryer) error) error { + o.mu.Lock() + defer o.mu.Unlock() + o.keyRing = kr + for _, c := range callbacks { + c(o.q) + } + return nil +} + +func (o *memoryORM) getEncryptedKeyRing() (encryptedKeyRing, error) { + o.mu.RLock() + defer o.mu.RUnlock() + if o.keyRing == nil { + return encryptedKeyRing{}, nil + } + return *o.keyRing, nil +} + +func newInMemoryORM(q pg.Queryer) *memoryORM { + return &memoryORM{q: q} +} + +// NewInMemory sets up a keystore which NOOPs attempts to access the `encrypted_key_rings` table. Accessing `evm.key_states` +// will still hit the DB. +func NewInMemory(db *sqlx.DB, scryptParams utils.ScryptParams, lggr logger.Logger, cfg pg.QConfig) *master { + dbORM := NewORM(db, lggr, cfg) + memoryORM := newInMemoryORM(dbORM.q) + + km := &keyManager{ + orm: memoryORM, + keystateORM: dbORM, + scryptParams: scryptParams, + lock: &sync.RWMutex{}, + logger: lggr.Named("KeyStore"), + } + + return &master{ + keyManager: km, + cosmos: newCosmosKeyStore(km), + csa: newCSAKeyStore(km), + eth: newEthKeyStore(km, dbORM, dbORM.q), + ocr: newOCRKeyStore(km), + ocr2: newOCR2KeyStore(km), + p2p: newP2PKeyStore(km), + solana: newSolanaKeyStore(km), + starknet: newStarkNetKeyStore(km), + vrf: newVRFKeyStore(km), + dkgSign: newDKGSignKeyStore(km), + dkgEncrypt: newDKGEncryptKeyStore(km), + } +} diff --git a/core/services/keystore/master.go b/core/services/keystore/master.go index ab4c3256c5c..fb28202b527 100644 --- a/core/services/keystore/master.go +++ b/core/services/keystore/master.go @@ -74,8 +74,10 @@ func New(db *sqlx.DB, scryptParams utils.ScryptParams, lggr logger.Logger, cfg p } func newMaster(db *sqlx.DB, scryptParams utils.ScryptParams, lggr logger.Logger, cfg pg.QConfig) *master { + orm := NewORM(db, lggr, cfg) km := &keyManager{ - orm: NewORM(db, lggr, cfg), + orm: orm, + keystateORM: orm, scryptParams: scryptParams, lock: &sync.RWMutex{}, logger: lggr.Named("KeyStore"), @@ -85,7 +87,7 @@ func newMaster(db *sqlx.DB, scryptParams utils.ScryptParams, lggr logger.Logger, keyManager: km, cosmos: newCosmosKeyStore(km), csa: newCSAKeyStore(km), - eth: newEthKeyStore(km), + eth: newEthKeyStore(km, orm, orm.q), ocr: newOCRKeyStore(km), ocr2: newOCR2KeyStore(km), p2p: newP2PKeyStore(km), @@ -141,17 +143,19 @@ func (ks *master) VRF() VRF { return ks.vrf } -func (ks *master) IsEmpty() (bool, error) { - var count int64 - err := ks.orm.q.QueryRow("SELECT count(*) FROM encrypted_key_rings").Scan(&count) - if err != nil { - return false, err - } - return count == 0, nil +type ORM interface { + isEmpty() (bool, error) + saveEncryptedKeyRing(*encryptedKeyRing, ...func(pg.Queryer) error) error + getEncryptedKeyRing() (encryptedKeyRing, error) +} + +type keystateORM interface { + loadKeyStates() (*keyStates, error) } type keyManager struct { - orm ksORM + orm ORM + keystateORM keystateORM scryptParams utils.ScryptParams keyRing *keyRing keyStates *keyStates @@ -160,6 +164,10 @@ type keyManager struct { logger logger.Logger } +func (km *keyManager) IsEmpty() (bool, error) { + return km.orm.isEmpty() +} + func (km *keyManager) Unlock(password string) error { km.lock.Lock() defer km.lock.Unlock() @@ -181,7 +189,7 @@ func (km *keyManager) Unlock(password string) error { kr.logPubKeys(km.logger) km.keyRing = kr - ks, err := km.orm.loadKeyStates() + ks, err := km.keystateORM.loadKeyStates() if err != nil { return errors.Wrap(err, "unable to load key states") } diff --git a/core/services/keystore/mocks/csa.go b/core/services/keystore/mocks/csa.go index 9996b86c8af..f34f1744a66 100644 --- a/core/services/keystore/mocks/csa.go +++ b/core/services/keystore/mocks/csa.go @@ -165,32 +165,6 @@ func (_m *CSA) GetAll() ([]csakey.KeyV2, error) { return r0, r1 } -// GetV1KeysAsV2 provides a mock function with given fields: -func (_m *CSA) GetV1KeysAsV2() ([]csakey.KeyV2, error) { - ret := _m.Called() - - var r0 []csakey.KeyV2 - var r1 error - if rf, ok := ret.Get(0).(func() ([]csakey.KeyV2, error)); ok { - return rf() - } - if rf, ok := ret.Get(0).(func() []csakey.KeyV2); ok { - r0 = rf() - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).([]csakey.KeyV2) - } - } - - if rf, ok := ret.Get(1).(func() error); ok { - r1 = rf() - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - // Import provides a mock function with given fields: keyJSON, password func (_m *CSA) Import(keyJSON []byte, password string) (csakey.KeyV2, error) { ret := _m.Called(keyJSON, password) diff --git a/core/services/keystore/mocks/ocr.go b/core/services/keystore/mocks/ocr.go index e7737be90c0..c765341171c 100644 --- a/core/services/keystore/mocks/ocr.go +++ b/core/services/keystore/mocks/ocr.go @@ -164,32 +164,6 @@ func (_m *OCR) GetAll() ([]ocrkey.KeyV2, error) { return r0, r1 } -// GetV1KeysAsV2 provides a mock function with given fields: -func (_m *OCR) GetV1KeysAsV2() ([]ocrkey.KeyV2, error) { - ret := _m.Called() - - var r0 []ocrkey.KeyV2 - var r1 error - if rf, ok := ret.Get(0).(func() ([]ocrkey.KeyV2, error)); ok { - return rf() - } - if rf, ok := ret.Get(0).(func() []ocrkey.KeyV2); ok { - r0 = rf() - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).([]ocrkey.KeyV2) - } - } - - if rf, ok := ret.Get(1).(func() error); ok { - r1 = rf() - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - // Import provides a mock function with given fields: keyJSON, password func (_m *OCR) Import(keyJSON []byte, password string) (ocrkey.KeyV2, error) { ret := _m.Called(keyJSON, password) diff --git a/core/services/keystore/mocks/p2p.go b/core/services/keystore/mocks/p2p.go index cb4bef6dc27..517ad521a7d 100644 --- a/core/services/keystore/mocks/p2p.go +++ b/core/services/keystore/mocks/p2p.go @@ -188,32 +188,6 @@ func (_m *P2P) GetOrFirst(id p2pkey.PeerID) (p2pkey.KeyV2, error) { return r0, r1 } -// GetV1KeysAsV2 provides a mock function with given fields: -func (_m *P2P) GetV1KeysAsV2() ([]p2pkey.KeyV2, error) { - ret := _m.Called() - - var r0 []p2pkey.KeyV2 - var r1 error - if rf, ok := ret.Get(0).(func() ([]p2pkey.KeyV2, error)); ok { - return rf() - } - if rf, ok := ret.Get(0).(func() []p2pkey.KeyV2); ok { - r0 = rf() - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).([]p2pkey.KeyV2) - } - } - - if rf, ok := ret.Get(1).(func() error); ok { - r1 = rf() - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - // Import provides a mock function with given fields: keyJSON, password func (_m *P2P) Import(keyJSON []byte, password string) (p2pkey.KeyV2, error) { ret := _m.Called(keyJSON, password) diff --git a/core/services/keystore/mocks/vrf.go b/core/services/keystore/mocks/vrf.go index 0aef5b26e7e..a28f5bafdcf 100644 --- a/core/services/keystore/mocks/vrf.go +++ b/core/services/keystore/mocks/vrf.go @@ -177,32 +177,6 @@ func (_m *VRF) GetAll() ([]vrfkey.KeyV2, error) { return r0, r1 } -// GetV1KeysAsV2 provides a mock function with given fields: password -func (_m *VRF) GetV1KeysAsV2(password string) ([]vrfkey.KeyV2, error) { - ret := _m.Called(password) - - var r0 []vrfkey.KeyV2 - var r1 error - if rf, ok := ret.Get(0).(func(string) ([]vrfkey.KeyV2, error)); ok { - return rf(password) - } - if rf, ok := ret.Get(0).(func(string) []vrfkey.KeyV2); ok { - r0 = rf(password) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).([]vrfkey.KeyV2) - } - } - - if rf, ok := ret.Get(1).(func(string) error); ok { - r1 = rf(password) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - // Import provides a mock function with given fields: keyJSON, password func (_m *VRF) Import(keyJSON []byte, password string) (vrfkey.KeyV2, error) { ret := _m.Called(keyJSON, password) diff --git a/core/services/keystore/ocr.go b/core/services/keystore/ocr.go index fcaaf928943..dda5bfa13c3 100644 --- a/core/services/keystore/ocr.go +++ b/core/services/keystore/ocr.go @@ -19,8 +19,6 @@ type OCR interface { Import(keyJSON []byte, password string) (ocrkey.KeyV2, error) Export(id string, password string) ([]byte, error) EnsureKey() error - - GetV1KeysAsV2() ([]ocrkey.KeyV2, error) } // KeyNotFoundError is returned when we don't find a requested key @@ -156,21 +154,6 @@ func (ks *ocr) EnsureKey() error { return ks.safeAddKey(key) } -func (ks *ocr) GetV1KeysAsV2() (keys []ocrkey.KeyV2, _ error) { - v1Keys, err := ks.orm.GetEncryptedV1OCRKeys() - if err != nil { - return keys, err - } - for _, keyV1 := range v1Keys { - pk, err := keyV1.Decrypt(ks.password) - if err != nil { - return keys, err - } - keys = append(keys, pk.ToV2()) - } - return keys, nil -} - func (ks *ocr) getByID(id string) (ocrkey.KeyV2, error) { key, found := ks.keyRing.OCR[id] if !found { diff --git a/core/services/keystore/ocr_test.go b/core/services/keystore/ocr_test.go index 96765836926..5698352ec30 100644 --- a/core/services/keystore/ocr_test.go +++ b/core/services/keystore/ocr_test.go @@ -1,14 +1,12 @@ package keystore_test import ( - "fmt" "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/smartcontractkit/chainlink/v2/core/internal/cltest" - "github.com/smartcontractkit/chainlink/v2/core/internal/testutils" configtest "github.com/smartcontractkit/chainlink/v2/core/internal/testutils/configtest/v2" "github.com/smartcontractkit/chainlink/v2/core/internal/testutils/pgtest" "github.com/smartcontractkit/chainlink/v2/core/services/keystore" @@ -113,24 +111,4 @@ func Test_OCRKeyStore_E2E(t *testing.T) { require.NoError(t, err) require.Equal(t, "7cfd89bbb018e4778a44fd61172e8834dd24b4a2baf61ead795143b117221c61", importedKey.ID()) }) - - t.Run("", func(t *testing.T) { - defer reset() - defer require.NoError(t, utils.JustError(db.Exec("DELETE FROM encrypted_ocr_key_bundles"))) - - ocr1 := utils.NewHash() - b, err := ocrkey.New() - require.NoError(t, err) - eb, err := b.Encrypt(cltest.Password, utils.FastScryptParams) - require.NoError(t, err) - - err = utils.JustError(db.Exec(`INSERT INTO encrypted_ocr_key_bundles (id, on_chain_signing_address, off_chain_public_key, encrypted_private_keys, created_at, updated_at, config_public_key, deleted_at) VALUES ($1, $2, $3, $4, NOW(), NOW(), $5, NULL)`, ocr1, testutils.NewAddress(), utils.NewHash(), eb.EncryptedPrivateKeys, utils.NewHash())) - require.NoError(t, err) - - keys, err := ks.GetV1KeysAsV2() - require.NoError(t, err) - - assert.Len(t, keys, 1) - assert.Equal(t, fmt.Sprintf("OCRKeyV2{ID: %s}", keys[0].ID()), keys[0].GoString()) - }) } diff --git a/core/services/keystore/orm.go b/core/services/keystore/orm.go index cb80ae7ef74..6f612105ea9 100644 --- a/core/services/keystore/orm.go +++ b/core/services/keystore/orm.go @@ -4,11 +4,7 @@ import ( "database/sql" "github.com/smartcontractkit/chainlink/v2/core/logger" - "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/csakey" "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/ethkey" - "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/ocrkey" - "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/p2pkey" - "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/vrfkey" "github.com/smartcontractkit/chainlink/v2/core/services/pg" "github.com/pkg/errors" @@ -28,6 +24,15 @@ type ksORM struct { lggr logger.Logger } +func (orm ksORM) isEmpty() (bool, error) { + var count int64 + err := orm.q.QueryRow("SELECT count(*) FROM encrypted_key_rings").Scan(&count) + if err != nil { + return false, err + } + return count == 0, nil +} + func (orm ksORM) saveEncryptedKeyRing(kr *encryptedKeyRing, callbacks ...func(pg.Queryer) error) error { return orm.q.Transaction(func(tx pg.Queryer) error { _, err := tx.Exec(` @@ -73,25 +78,3 @@ func (orm ksORM) loadKeyStates() (*keyStates, error) { } return ks, nil } - -// ~~~~~~~~~~~~~~~~~~~~ LEGACY FUNCTIONS FOR V1 MIGRATION ~~~~~~~~~~~~~~~~~~~~ - -func (orm ksORM) GetEncryptedV1CSAKeys() (retrieved []csakey.Key, err error) { - return retrieved, orm.q.Select(&retrieved, `SELECT * FROM csa_keys`) -} - -func (orm ksORM) GetEncryptedV1EthKeys() (retrieved []ethkey.Key, err error) { - return retrieved, orm.q.Select(&retrieved, `SELECT * FROM keys WHERE deleted_at IS NULL`) -} - -func (orm ksORM) GetEncryptedV1OCRKeys() (retrieved []ocrkey.EncryptedKeyBundle, err error) { - return retrieved, orm.q.Select(&retrieved, `SELECT * FROM encrypted_ocr_key_bundles WHERE deleted_at IS NULL`) -} - -func (orm ksORM) GetEncryptedV1P2PKeys() (retrieved []p2pkey.EncryptedP2PKey, err error) { - return retrieved, orm.q.Select(&retrieved, `SELECT * FROM encrypted_p2p_keys WHERE deleted_at IS NULL`) -} - -func (orm ksORM) GetEncryptedV1VRFKeys() (retrieved []vrfkey.EncryptedVRFKey, err error) { - return retrieved, orm.q.Select(&retrieved, `SELECT * FROM encrypted_vrf_keys WHERE deleted_at IS NULL`) -} diff --git a/core/services/keystore/orm_test.go b/core/services/keystore/orm_test.go deleted file mode 100644 index 2cfc7b9e26a..00000000000 --- a/core/services/keystore/orm_test.go +++ /dev/null @@ -1,87 +0,0 @@ -package keystore_test - -import ( - "math/big" - "testing" - - "github.com/ethereum/go-ethereum/common/hexutil" - "github.com/libp2p/go-libp2p-core/peer" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "go.uber.org/multierr" - - "github.com/smartcontractkit/chainlink/v2/core/internal/cltest" - "github.com/smartcontractkit/chainlink/v2/core/internal/testutils" - "github.com/smartcontractkit/chainlink/v2/core/internal/testutils/pgtest" - "github.com/smartcontractkit/chainlink/v2/core/logger" - "github.com/smartcontractkit/chainlink/v2/core/services/keystore" - "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/csakey" - "github.com/smartcontractkit/chainlink/v2/core/services/keystore/keys/vrfkey" - "github.com/smartcontractkit/chainlink/v2/core/utils" -) - -func Test_ORM(t *testing.T) { - db := pgtest.NewSqlxDB(t) - cfg := pgtest.NewQConfig(false) - - orm := keystore.NewORM(db, logger.TestLogger(t), cfg) - - csa := csakey.MustNewV2XXXTestingOnly(big.NewInt(42)) - eth1 := testutils.NewAddress() - eth2 := testutils.NewAddress() - ocr1 := utils.NewHash() - ocr2 := utils.NewHash() - p1 := cltest.MustRandomP2PPeerID(t) - p2 := cltest.MustRandomP2PPeerID(t) - v1 := vrfkey.MustNewV2XXXTestingOnly(big.NewInt(1)) - v2 := vrfkey.MustNewV2XXXTestingOnly(big.NewInt(2)) - err := multierr.Combine( - // csakeys has no deleted_at column - utils.JustError(db.Exec(`INSERT INTO csa_keys (public_key, encrypted_private_key, created_at, updated_at) VALUES ($1, '{}', NOW(), NOW())`, csa.PublicKey)), - - // two per key-type, one deleted and one not deleted - utils.JustError(db.Exec(`INSERT INTO keys (address, json, created_at, updated_at, is_funding, deleted_at) VALUES ($1, '{}', NOW(), NOW(), false, NULL)`, eth1)), - utils.JustError(db.Exec(`INSERT INTO keys (address, json, created_at, updated_at, is_funding, deleted_at) VALUES ($1, '{}', NOW(), NOW(), false, NOW())`, eth2)), - utils.JustError(db.Exec(`INSERT INTO encrypted_ocr_key_bundles (id, on_chain_signing_address, off_chain_public_key, encrypted_private_keys, created_at, updated_at, config_public_key, deleted_at) VALUES ($1, $2, $3, '{}', NOW(), NOW(), $4, NULL)`, ocr1, testutils.NewAddress(), utils.NewHash(), utils.NewHash())), - utils.JustError(db.Exec(`INSERT INTO encrypted_ocr_key_bundles (id, on_chain_signing_address, off_chain_public_key, encrypted_private_keys, created_at, updated_at, config_public_key, deleted_at) VALUES ($1, $2, $3, '{}', NOW(), NOW(), $4, NOW())`, ocr2, testutils.NewAddress(), utils.NewHash(), utils.NewHash())), - utils.JustError(db.Exec(`INSERT INTO encrypted_p2p_keys (peer_id, pub_key, encrypted_priv_key, created_at, updated_at, deleted_at) VALUES ($1, $2, '{}', NOW(), NOW(), NULL)`, p1.Pretty(), utils.NewHash())), - utils.JustError(db.Exec(`INSERT INTO encrypted_p2p_keys (peer_id, pub_key, encrypted_priv_key, created_at, updated_at, deleted_at) VALUES ($1, $2, '{}', NOW(), NOW(), NOW())`, p2.Pretty(), utils.NewHash())), - utils.JustError(db.Exec(`INSERT INTO encrypted_vrf_keys (public_key, vrf_key, created_at, updated_at, deleted_at) VALUES ($1, '{}', NOW(), NOW(), NULL)`, v1.PublicKey)), - utils.JustError(db.Exec(`INSERT INTO encrypted_vrf_keys (public_key, vrf_key, created_at, updated_at, deleted_at) VALUES ($1, '{}', NOW(), NOW(), NOW())`, v2.PublicKey)), - ) - require.NoError(t, err) - - t.Run("legacy functions for V1 migration", func(t *testing.T) { - t.Run("GetEncryptedV1CSAKeys", func(t *testing.T) { - ks, err := orm.GetEncryptedV1CSAKeys() - require.NoError(t, err) - assert.Len(t, ks, 1) - }) - t.Run("GetEncryptedV1EthKeys", func(t *testing.T) { - ks, err := orm.GetEncryptedV1EthKeys() - require.NoError(t, err) - assert.Len(t, ks, 1) - assert.Equal(t, eth1, ks[0].Address.Address()) - }) - t.Run("GetEncryptedV1OCRKeys", func(t *testing.T) { - ks, err := orm.GetEncryptedV1OCRKeys() - require.NoError(t, err) - assert.Len(t, ks, 1) - assert.Equal(t, ocr1.String(), hexutil.Encode(ks[0].ID[:])) - }) - t.Run("GetEncryptedV1P2PKeys", func(t *testing.T) { - ks, err := orm.GetEncryptedV1P2PKeys() - require.NoError(t, err) - assert.Len(t, ks, 1) - assert.Equal(t, p1, peer.ID(ks[0].PeerID)) - - }) - t.Run("GetEncryptedV1VRFKeys", func(t *testing.T) { - ks, err := orm.GetEncryptedV1VRFKeys() - require.NoError(t, err) - assert.Len(t, ks, 1) - assert.Equal(t, v1.PublicKey, ks[0].PublicKey) - }) - }) - -} diff --git a/core/services/keystore/p2p.go b/core/services/keystore/p2p.go index c6b21d0c1aa..657dfbc8973 100644 --- a/core/services/keystore/p2p.go +++ b/core/services/keystore/p2p.go @@ -22,8 +22,6 @@ type P2P interface { Export(id p2pkey.PeerID, password string) ([]byte, error) EnsureKey() error - GetV1KeysAsV2() ([]p2pkey.KeyV2, error) - GetOrFirst(id p2pkey.PeerID) (p2pkey.KeyV2, error) } @@ -152,21 +150,6 @@ func (ks *p2p) EnsureKey() error { return ks.safeAddKey(key) } -func (ks *p2p) GetV1KeysAsV2() (keys []p2pkey.KeyV2, _ error) { - v1Keys, err := ks.orm.GetEncryptedV1P2PKeys() - if err != nil { - return keys, err - } - for _, keyV1 := range v1Keys { - pk, err := keyV1.Decrypt(ks.password) - if err != nil { - return keys, err - } - keys = append(keys, pk.ToV2()) - } - return keys, nil -} - var ( ErrNoP2PKey = errors.New("no p2p keys exist") ) diff --git a/core/services/keystore/p2p_test.go b/core/services/keystore/p2p_test.go index 07fa167a95b..63654786fd1 100644 --- a/core/services/keystore/p2p_test.go +++ b/core/services/keystore/p2p_test.go @@ -177,21 +177,4 @@ func Test_P2PKeyStore_E2E(t *testing.T) { require.NoError(t, err) require.Equal(t, "12D3KooWSq2UZgSXvhGLG5uuAAmz1JNjxHMJViJB39aorvbbYo8p", importedKey.ID()) }) - - t.Run("returns V1 keys as V2", func(t *testing.T) { - defer reset() - defer require.NoError(t, utils.JustError(db.Exec("DELETE FROM encrypted_p2p_keys"))) - - p1 := cltest.MustRandomP2PPeerID(t) - err := utils.JustError(db.Exec(`INSERT INTO encrypted_p2p_keys (peer_id, pub_key, encrypted_priv_key, created_at, updated_at, deleted_at) VALUES ($1, $2, '{"cipher":"aes-128-ctr","ciphertext":"adb2dff72148a8cd467f6f06a03869e7cedf180cf2a4decdb86875b2e1cf3e58c4bd2b721ecdaa88a0825fa9abfc309bf32dbb35a5c0b6cb01ac89a956d78e0550eff351","cipherparams":{"iv":"6cc4381766a4efc39f762b2b8d09dfba"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"ff5055ae4cdcdc2d0404307d578262e2caeb0210f82db3a0ecbdba727c6f5259"},"mac":"d37e4f1dea98d85960ef3205099fc71741715ae56a3b1a8f9215a78de9b95595"}', NOW(), NOW(), NULL)`, p1.Pretty(), utils.NewHash())) - require.NoError(t, err) - - keyStore.SetPassword("p4SsW0rD1!@#_") - - keys, err := ks.GetV1KeysAsV2() - require.NoError(t, err) - - assert.Len(t, keys, 1) - assert.Equal(t, fmt.Sprintf("P2PKeyV2{PrivateKey: , PeerID: %s}", keys[0].PeerID().Raw()), keys[0].GoString()) - }) } diff --git a/core/services/keystore/vrf.go b/core/services/keystore/vrf.go index 30db044a566..91e77557674 100644 --- a/core/services/keystore/vrf.go +++ b/core/services/keystore/vrf.go @@ -21,8 +21,6 @@ type VRF interface { Export(id string, password string) ([]byte, error) GenerateProof(id string, seed *big.Int) (vrfkey.Proof, error) - - GetV1KeysAsV2(password string) ([]vrfkey.KeyV2, error) } var ( @@ -143,24 +141,6 @@ func (ks *vrf) GenerateProof(id string, seed *big.Int) (vrfkey.Proof, error) { return key.GenerateProof(seed) } -func (ks *vrf) GetV1KeysAsV2(password string) (keys []vrfkey.KeyV2, _ error) { - if len(password) == 0 { - return keys, nil - } - v1Keys, err := ks.orm.GetEncryptedV1VRFKeys() - if err != nil { - return keys, err - } - for _, keyV1 := range v1Keys { - pk, err := vrfkey.Decrypt(keyV1, password) // V1 VRF keys have their own password - if err != nil { - return keys, err - } - keys = append(keys, pk.ToV2()) - } - return keys, nil -} - func (ks *vrf) getByID(id string) (vrfkey.KeyV2, error) { key, found := ks.keyRing.VRF[id] if !found { diff --git a/core/services/keystore/vrf_test.go b/core/services/keystore/vrf_test.go index 516ca230cc2..f0c6949bbea 100644 --- a/core/services/keystore/vrf_test.go +++ b/core/services/keystore/vrf_test.go @@ -169,28 +169,4 @@ func Test_VRFKeyStore_E2E(t *testing.T) { assert.NotZero(t, pf) }) }) - - t.Run("returns V1 keys as V2", func(t *testing.T) { - defer reset() - defer require.NoError(t, utils.JustError(db.Exec("DELETE FROM encrypted_vrf_keys"))) - - v1 := vrfkey.MustNewV2XXXTestingOnly(big.NewInt(1)) - err := utils.JustError(db.Exec(`INSERT INTO encrypted_vrf_keys (public_key, vrf_key, created_at, updated_at, deleted_at) VALUES ($1, '{"address":"b94276ad4e5452732ec0cccf30ef7919b67844b6","crypto":{"cipher":"aes-128-ctr","ciphertext":"ff66d61d02dba54a61bab1ceb8414643f9e76b7351785d2959e2c8b50ee69a92","cipherparams":{"iv":"75705da271b11e330a27b8d593a3930c"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"efe5b372e4fe79d0af576a79d65a1ee35d0792d9c92b70107b5ada1817ea7c7b"},"mac":"e4d0bb08ffd004ab03aeaa42367acbd9bb814c6cfd981f5157503f54c30816e7"},"version": 3}', NOW(), NOW(), NULL)`, v1.PublicKey)) - require.NoError(t, err) - - t.Run("returns 0 keys passing password as empty string", func(t *testing.T) { - keys, err := ks.GetV1KeysAsV2("") - require.NoError(t, err) - - assert.Len(t, keys, 0) - }) - - t.Run("returns V1 keys as V2", func(t *testing.T) { - keys, err := ks.GetV1KeysAsV2("p4SsW0rD1!@#_") - require.NoError(t, err) - - assert.Len(t, keys, 1) - assert.Equal(t, fmt.Sprintf("VRFKeyV2{PublicKey: %s}", keys[0].PublicKey), keys[0].GoString()) - }) - }) } diff --git a/core/services/ocrcommon/peer_wrapper_test.go b/core/services/ocrcommon/peer_wrapper_test.go index 18c8b82bfa6..640ca70c209 100644 --- a/core/services/ocrcommon/peer_wrapper_test.go +++ b/core/services/ocrcommon/peer_wrapper_test.go @@ -25,8 +25,6 @@ func Test_SingletonPeerWrapper_Start(t *testing.T) { db := pgtest.NewSqlxDB(t) - require.NoError(t, utils.JustError(db.Exec(`DELETE FROM encrypted_key_rings`))) - peerID, err := p2ppeer.Decode("12D3KooWPjceQrSwdWXPyLLeABRXmuqt69Rg3sBYbU1Nft9HyQ6X") require.NoError(t, err) @@ -51,8 +49,6 @@ func Test_SingletonPeerWrapper_Start(t *testing.T) { c.P2P.V1.Enabled = ptr(true) c.P2P.PeerID = ptr(k.PeerID()) }) - keyStore = cltest.NewKeyStore(t, db, cfg.Database()) - pw := ocrcommon.NewSingletonPeerWrapper(keyStore, cfg.P2P(), cfg.OCR(), cfg.Database(), db, logger.TestLogger(t)) require.NoError(t, pw.Start(testutils.Context(t)), "foo") @@ -66,6 +62,9 @@ func Test_SingletonPeerWrapper_Start(t *testing.T) { }) keyStore := cltest.NewKeyStore(t, db, cfg.Database()) + _, err := keyStore.P2P().Create() + require.NoError(t, err) + pw := ocrcommon.NewSingletonPeerWrapper(keyStore, cfg.P2P(), cfg.OCR(), cfg.Database(), db, logger.TestLogger(t)) require.Contains(t, pw.Start(testutils.Context(t)).Error(), "unable to find P2P key with id") @@ -83,7 +82,6 @@ func Test_SingletonPeerWrapper_Start(t *testing.T) { c.P2P.V1.Enabled = ptr(true) c.P2P.PeerID = ptr(k2.PeerID()) }) - keyStore = cltest.NewKeyStore(t, db, cfg.Database()) pw := ocrcommon.NewSingletonPeerWrapper(keyStore, cfg.P2P(), cfg.OCR(), cfg.Database(), db, logger.TestLogger(t)) @@ -98,6 +96,9 @@ func Test_SingletonPeerWrapper_Start(t *testing.T) { }) keyStore := cltest.NewKeyStore(t, db, cfg.Database()) + _, err := keyStore.P2P().Create() + require.NoError(t, err) + pw := ocrcommon.NewSingletonPeerWrapper(keyStore, cfg.P2P(), cfg.OCR(), cfg.Database(), db, logger.TestLogger(t)) require.Contains(t, pw.Start(testutils.Context(t)).Error(), "unable to find P2P key with id") @@ -109,8 +110,6 @@ func Test_SingletonPeerWrapper_Close(t *testing.T) { db := pgtest.NewSqlxDB(t) - require.NoError(t, utils.JustError(db.Exec(`DELETE FROM encrypted_key_rings`))) - cfg := configtest.NewGeneralConfig(t, nil) keyStore := cltest.NewKeyStore(t, db, cfg.Database()) k, err := keyStore.P2P().Create() @@ -130,7 +129,6 @@ func Test_SingletonPeerWrapper_Close(t *testing.T) { c.P2P.V2.AnnounceAddresses = ptr(p2paddresses) }) - keyStore = cltest.NewKeyStore(t, db, cfg.Database()) pw := ocrcommon.NewSingletonPeerWrapper(keyStore, cfg.P2P(), cfg.OCR(), cfg.Database(), db, logger.TestLogger(t)) diff --git a/core/services/vrf/delegate_test.go b/core/services/vrf/delegate_test.go index fc96f008d40..05bfcbb3739 100644 --- a/core/services/vrf/delegate_test.go +++ b/core/services/vrf/delegate_test.go @@ -77,7 +77,7 @@ func buildVrfUni(t *testing.T, db *sqlx.DB, cfg chainlink.GeneralConfig) vrfUniv prm := pipeline.NewORM(db, lggr, cfg.Database(), cfg.JobPipeline().MaxSuccessfulRuns()) btORM := bridges.NewORM(db, lggr, cfg.Database()) txm := txmmocks.NewMockEvmTxManager(t) - ks := keystore.New(db, utils.FastScryptParams, lggr, cfg.Database()) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg.Database()) relayExtenders := evmtest.NewChainRelayExtenders(t, evmtest.TestChainOpts{LogBroadcaster: lb, KeyStore: ks.Eth(), Client: ec, DB: db, GeneralConfig: cfg, TxManager: txm}) legacyChains := evmrelay.NewLegacyChainsFromRelayerExtenders(relayExtenders) jrm := job.NewORM(db, legacyChains, prm, btORM, ks, lggr, cfg.Database()) @@ -565,7 +565,7 @@ func Test_CheckFromAddressesExist(t *testing.T) { db := pgtest.NewSqlxDB(t) cfg := configtest.NewTestGeneralConfig(t) lggr := logger.TestLogger(t) - ks := keystore.New(db, utils.FastScryptParams, lggr, cfg.Database()) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg.Database()) require.NoError(t, ks.Unlock(testutils.Password)) var fromAddresses []string @@ -593,7 +593,7 @@ func Test_CheckFromAddressesExist(t *testing.T) { db := pgtest.NewSqlxDB(t) cfg := configtest.NewTestGeneralConfig(t) lggr := logger.TestLogger(t) - ks := keystore.New(db, utils.FastScryptParams, lggr, cfg.Database()) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg.Database()) require.NoError(t, ks.Unlock(testutils.Password)) var fromAddresses []string diff --git a/core/services/vrf/v2/integration_v2_test.go b/core/services/vrf/v2/integration_v2_test.go index b26bdf750ba..bc230e1278e 100644 --- a/core/services/vrf/v2/integration_v2_test.go +++ b/core/services/vrf/v2/integration_v2_test.go @@ -2004,7 +2004,7 @@ func TestStartingCountsV1(t *testing.T) { finalityDepth := 3 counts := vrf.GetStartingResponseCountsV1(q, lggr, 1337, uint32(finalityDepth)) assert.Equal(t, 0, len(counts)) - ks := keystore.New(db, utils.FastScryptParams, lggr, cfg.Database()) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg.Database()) err = ks.Unlock(testutils.Password) require.NoError(t, err) k, err := ks.Eth().Create(big.NewInt(1337)) diff --git a/core/services/vrf/v2/listener_v2_test.go b/core/services/vrf/v2/listener_v2_test.go index 77e279d8f7c..70d5b8154e0 100644 --- a/core/services/vrf/v2/listener_v2_test.go +++ b/core/services/vrf/v2/listener_v2_test.go @@ -153,7 +153,7 @@ func testMaybeSubtractReservedLink(t *testing.T, vrfVersion vrfcommon.Version) { lggr := logger.TestLogger(t) cfg := pgtest.NewQConfig(false) q := pg.NewQ(db, lggr, cfg) - ks := keystore.New(db, utils.FastScryptParams, lggr, cfg) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg) require.NoError(t, ks.Unlock("blah")) chainID := uint64(1337) k, err := ks.Eth().Create(big.NewInt(int64(chainID))) @@ -220,7 +220,7 @@ func testMaybeSubtractReservedNative(t *testing.T, vrfVersion vrfcommon.Version) lggr := logger.TestLogger(t) cfg := pgtest.NewQConfig(false) q := pg.NewQ(db, lggr, cfg) - ks := keystore.New(db, utils.FastScryptParams, lggr, cfg) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg) require.NoError(t, ks.Unlock("blah")) chainID := uint64(1337) k, err := ks.Eth().Create(big.NewInt(int64(chainID))) @@ -283,7 +283,7 @@ func TestMaybeSubtractReservedNativeV2(t *testing.T) { lggr := logger.TestLogger(t) cfg := pgtest.NewQConfig(false) q := pg.NewQ(db, lggr, cfg) - ks := keystore.New(db, utils.FastScryptParams, lggr, cfg) + ks := keystore.NewInMemory(db, utils.FastScryptParams, lggr, cfg) require.NoError(t, ks.Unlock("blah")) chainID := uint64(1337) subID := new(big.Int).SetUint64(1)