Skip to content

Commit

Permalink
Check in old dev secret
Browse files Browse the repository at this point in the history
  • Loading branch information
r-n-o committed Nov 13, 2024
1 parent ec7f31f commit a1c9305
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 9 deletions.
1 change: 1 addition & 0 deletions src/integration/fixtures/preprod/old_dev.secret.keep
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
79d88e2069d49dd24452b39cf17eb07581eb5350aa55e918cede5e4e7f171c70
17 changes: 8 additions & 9 deletions src/integration/tests/preprod_sharding.rs
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,14 @@ use qos_p256::{
derive_secret, encrypt::P256EncryptPair, P256Pair, P256_ENCRYPT_DERIVE_PATH,
};

// Note: the dev secret is NOT checked in QOS. It can be found in our keys repo
// (tkhq/keys:deployment/preprod/evm-parser/manifest-set/dev.secret) This secret
// is not security sensitive since it belongs to our dev/preprod environment but
// I want to avoid duplicating it in case there's drift for whatever reason.
// However I've choosen to commit the old encrypted shares and quorum public
// keys because they're useful anchors for this tests. The quorum public keys
// and old dev shares for each enclaves are committed in
// Note: the dev secret can also be found in our keys repo
// (tkhq/keys:deployment/preprod/evm-parser/manifest-set/dev.secret)
// This secret is not security sensitive since it belongs to our dev/preprod
// environment I've also chosen to commit the old encrypted shares and quorum
// public keys because they're useful anchors for this tests. The quorum public
// keys and old dev shares for each enclaves are committed in
// ./fixtures/preprod/$ENCLAVE_NAME/
const OLD_DEV_SECRET_PATH: &str = "./fixtures/preprod/old_dev.secret";
const OLD_DEV_SECRET_PATH: &str = "./fixtures/preprod/old_dev.secret.keep";

#[test]
fn preprod_reshard_ceremony() {
Expand Down Expand Up @@ -79,7 +78,7 @@ fn preprod_reshard_ceremony() {
}

// Load previous dev secret (1/1 setting)
let dev_secret_utf8_bytes = fs::read(OLD_DEV_SECRET_PATH).expect("Cannot read old dev secret. Did you add it to at ./fixtures/preprod/old_dev.secret?");
let dev_secret_utf8_bytes = fs::read(OLD_DEV_SECRET_PATH).unwrap();
let dev_secret_hex_bytes =
qos_hex::decode(std::str::from_utf8(&dev_secret_utf8_bytes).unwrap())
.unwrap();
Expand Down

0 comments on commit a1c9305

Please sign in to comment.