Full transaction format with signer integration

[koxu1996]

This PR updates ASN.1 schema to compose full transaction data, and integrate Signer module with it.

Most importantly, this will unblock:

• Signatures verification in kairos-server - Verify signatures #7.
• Integration with Deposit event - Integrate kairos-tx with smart contract events #73.

Transaction format

The following top-level type was added to kairos-tx:

  Transaction ::= SEQUENCE {
    publicKey PublicKey,
    payload SigningPayload,
    hash PayloadHash,
    algorithm SigningAlgorithm,
    signature Signature,
    ...
  }

It represents full transaction data, including public key, hash (constructed from payload), algorithm (used for signing), and signature.

Notably, kairos_tx::asn::Transaction - similarly to payload - can be deterministically serialized and deserialized from bytes.

Signer integration

Interacting with full transaction is now included in the kairos-crypto package (under tx feature flag, enabled by default). The following methods are available in a signer trait:

• Create full transaction - CryptoSigner::sign_tx_payload(&self, payload: SigningPayload) -> Result<Transaction, CryptoError>.
• Validate transaction signature - CryptoSigner::verify_tx(&self, tx: Transaction) -> Result<(), CryptoError>.

Those are implemented for Casper signer, with full ed25519 and secp256k1 support.

[github-actions]

File	Coverage
All files	52%	❌
kairos-test-utils/src/cctl/parsers.rs	66%	✅
kairos-server/src/config.rs	0%	❌
kairos-server/src/errors.rs	12%	❌
kairos-server/src/state.rs	90%	✅
kairos-server/src/utils.rs	22%	❌
kairos-test-utils/src/cctl.rs	87%	✅
kairos-test-utils/src/kairos.rs	95%	✅
kairos-tx/src/asn.rs	48%	❌
kairos-tx/src/error.rs	0%	❌
kairos-server/tests/transactions.rs	85%	✅
kairos-server/src/state/transactions.rs	57%	❌
kairos-server/src/state/trie.rs	35%	❌
kairos-crypto/src/implementations/casper.rs	6%	❌
kairos-server/src/routes/deposit.rs	88%	✅
kairos-server/src/routes/transfer.rs	90%	✅
kairos-server/src/state/transactions/batch_state.rs	42%	❌

Minimum allowed coverage is 60%

Generated by 🐒 cobertura-action against 578f520

[marijanp]

Some tests would be great

[marijanp]

I think it would be great if all of these error types could take anything that is Debug and one could be able to propagate the inner errors message. I.e. I want to see what exact hashing error happened. The one that _e.to_string() would give me.

[koxu1996]

Done in 0242e4c.

[marijanp]

I don't see a benefit to this CryptoSigner trait. It should instead be replaced with a sign and verify generic function.
It also does too much at this point.

1. from_private_key_file and from_public_key should be removed and replaced with From trait implementations
2. to_public_key can be extracted to a From trait implementation too.
3. sign and verify could be extracted in a trait, but I would be surprised that there is nothing like this already somewhere.

Instead of all these steps, I would remove the CryptoSigner trait completely, and implement a generic function that says "if these traits are implemented ..." I will produce either this signed result or an error.

sign_tx could moreover be an alias for calling sign(tx.into()). If the ASN1 type would have a respective From trait implementation. And would moreover not require us to introduce a tx feature.

[Avi-D-coder]

I would prefer if from_private_key_file remain a method, not a From impl.
I don't like From/Into doing IO.

I agree we don't need the CryptoSigner trait, since there is only one implementation just keep the Signer struct.

Currently this implementation signs transaction hashes.
I have my doubts about signing transaction hashes rather than transactions bodies.
It is more general, but I suspect it's a lot of overhead in a zkVM on simple transfer/withdraw payloads.

[xcthulhu]

I have my doubts about signing transaction hashes rather than transactions bodies.

You have to hash the input before signing; signing algorithms take 255-bit input (for secp256k1) or 256-bit input (for ed25519). See https://crypto.stackexchange.com/a/59203

[marijanp]

I understand that you can compute the PayloadHash, I'm just wondering where the according computation happens? Or should it be added as a field here?

[koxu1996]

Thanks for catching it, I forgot to add hash field - added in 3003e72.

[koxu1996]

Computing PayloadHash happens in crypto module in sign_tx_payload(). This is the only safe method of constructing fully validated transaction.

[marijanp]

I don't understand the purpose of this function. it is basically new for a Transaction type. Not saying it should be a new.

[koxu1996]

You are right. I replaced this helper with constructor in 52b2854.

[Avi-D-coder]

Slightly off topic, but could we remove nonce from deposit?
What does it mean for the nonce of a deposit to not match account nonce.
Does the L1 contract have to reverse the deposit?
I think it would be simpler to remove it and denormalize the txn encoding.

I have to do that anyway for the trie/risc0 encoding representation of transactions.

[koxu1996]

Ready for re-review, tests are missing though.

[Avi-D-coder]

I don't love feature gated parts of traits.
Generally they should be separated out into a separate trait.

I also don't like having a trait with a single impl, but these issues can be addressed in followup at a much latter date.

[koxu1996]

Created follow up task - #86.

[Avi-D-coder]

Let's merge

[Rom3dius]

Good code

[koxu1996]

Some tests would be great

Follow up task created - #87.