[Mint] Fix key rotation (#177)

* rotate keys every 5 seconds * every 10 seconds * do not regenerate all past keys for each epoch cycle * remove automatic rotation * make format * print to logger * rephrase print
2025-12-24 03:54:21 +01:00 · 2023-04-26 20:20:17 +02:00
parent 28812919ac
commit 87f9241de1
3 changed files with 39 additions and 7 deletions
--- a/cashu/mint/ledger.py
+++ b/cashu/mint/ledger.py
@@ -42,6 +42,7 @@ class Ledger:
        self.crud = crud
        self.lightning = lightning
        self.pubkey = derive_pubkey(self.master_key)
+        self.keysets = MintKeysets([])

    async def load_used_proofs(self):
        """Load all used proofs from database."""
@@ -86,11 +87,21 @@ class Ledger:
        """
        # load all past keysets from db
        tmp_keysets: List[MintKeyset] = await self.crud.get_keyset(db=self.db)
-        self.keysets = MintKeysets(tmp_keysets)
-        logger.trace(f"Loading {len(self.keysets.keysets)} keysets form db.")
-        # generate all derived keys from stored derivation paths of past keysets
+        # add keysets from db to current keysets
+        for k in tmp_keysets:
+            if k.id and k.id not in self.keysets.keysets:
+                self.keysets.keysets[k.id] = k
+
+        logger.debug(
+            f"Currently, there are {len(self.keysets.keysets)} active keysets."
+        )
+
+        # generate all private keys, public keys, and keyset id from the derivation path for all keysets that are not yet generated
        for _, v in self.keysets.keysets.items():
-            logger.trace(f"Generating keys for keyset {v.id}")
+            # we already generated the keys for this keyset
+            if v.id and v.public_keys and len(v.public_keys):
+                continue
+            logger.debug(f"Generating keys for keyset {v.id}")
            v.generate_keys(self.master_key)
        # load the current keyset
        self.keyset = await self.load_keyset(self.derivation_path, autosave)
@@ -128,6 +139,7 @@ class Ledger:
            BlindedSignature: Generated promise.
        """
        keyset = keyset if keyset else self.keyset
+        logger.trace(f"Generating promise with keyset {keyset.id}.")
        private_key_amount = keyset.private_keys[amount]
        C_ = b_dhke.step2_bob(B_, private_key_amount)
        await self.crud.store_promise(
@@ -155,6 +167,9 @@ class Ledger:
        if not proof.id:
            private_key_amount = self.keyset.private_keys[proof.amount]
        else:
+            logger.trace(
+                f"Validating proof with keyset {self.keysets.keysets[proof.id].id}."
+            )
            # use the appropriate active keyset for this proof.id
            private_key_amount = self.keysets.keysets[proof.id].private_keys[
                proof.amount