aljaz/sphinx-key
1
1
Fork 0
mirror of https://github.com/stakwork/sphinx-key.git synced 2026-02-06 16:24:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
620 Commits 26 Branches 4 Tags
vls-msg-breakup
Commit Graph

620 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
irriden
eee088933a signer: collect mqtt bytes into a vector of vectors 
this allows us to parse huge mainnet addblock messages.

the max we've seen so far is around 45KB. in that case, we previously would require
two contiguous, 45KB chunks of memory; one for the mqtt raw bytes, and the other for
the message struct returned by msgs::read. with this commit, we still require a
45KB contiguous chunk for msgs::read, but now the network bytes come in broken up
into a vector of vectors, which makes room for that 45KB allocation.
 2023-12-05 03:44:26 +00:00
irriden
61ef67ec8c build: remove integrated binary signatures 
our secure boot feature checks the signatures of hashes of ota binaries
 2023-12-04 19:07:47 +00:00
irriden
7a1dca6f35 build: use set -e to interrupt scripts on first failure 2023-12-02 01:49:57 +00:00
irriden
6eb337630d sphinx-key: disable hardware aes acceleration 
we otherwise hit the error below, when parsing mainnet block 812548:

Timed out waiting for completion of AES Interrupt
https://github.com/espressif/esp-idf/issues/10647

This measure does not incur a memory, or latency cost
 2023-12-02 01:24:31 +00:00
irriden
50cbd4c138 sphinx-key: revert cargo lock 
otherwise we get a stackoverflow
 2023-11-30 19:45:16 +00:00
irriden
1a4d955f74 bump vls, remove unused deps, cargo update 2023-11-30 16:57:45 +00:00
irriden
b18ce5eb8e remove test.rs 
that file is completely unused
 2023-11-30 03:31:42 +00:00
irriden
be2917b045 broker: cache preapproves 
largely copied from
https://gitlab.com/lightning-signer/validating-lightning-signer/-/merge_requests/564
 2023-11-29 20:25:29 +00:00
irriden
226c35b518 build: remove git pull from deploy script 2023-11-26 00:49:17 +00:00
irriden
4651966b63 broker: pull tungstenite security patches 2023-11-26 00:47:39 +00:00
irriden
01fe20c2e0 broker: use bitcoin and secp256k1 from vls re-exports 2023-11-25 19:34:56 +00:00
irriden
af7e5eca08 broker: switch rumqttd branch to asdf 2023-11-25 19:21:33 +00:00
irriden
1bce903224 bump sphinx-rs 2023-11-25 03:29:42 +00:00
irriden
00bf29288f sphinx-key: read config wifi creds from sdcard 2023-11-25 03:23:56 +00:00
irriden
7ae668b981 bump sphinx-rs 2023-11-24 20:19:18 +00:00
irriden
2df5d4dc82 pull security patches in dependencies 2023-11-24 19:08:15 +00:00
irriden
34c579f1e2 sphinx-key: ota binary checks in standalone module 2023-11-24 18:12:11 +00:00
irriden
51dcf9361a build: add standalone script to clear sd card 2023-11-23 18:35:06 +00:00
irriden
b4491c48ab sphinx-key: split button led sd into separate mods 
fixes tons of warnings when building the clear binary
 2023-11-23 17:40:47 +00:00
irriden
460f3dbe97 sphinx-key: remove tls feature 
not needed any longer, mqtts no longer a memory problem
to specify mqtt vs mqtts, add the mqtt[s]:// to the broker url
 2023-11-23 02:35:45 +00:00
irriden
66ba02e88a build: add espflash dependency check 2023-11-23 02:28:57 +00:00
irriden
ef70fe8c59 sphinx-key: use bitcoin::sign_message for ota sig checks 2023-11-22 21:36:15 +00:00
irriden
66e4a11759 sphinx-key: secure boot 
adds two layers of signature checks
one done by sphinx-key in ota.rs via secp256k1
another done by esp-idf via espsecure.py

see docs below:
https://docs.espressif.com/projects/esptool/en/latest/esp32c3/espsecure/index.html#remote-signing-using-an-external-hsm
https://docs.espressif.com/projects/esp-idf/en/latest/esp32c3/security/secure-boot-v2.html#signed-app-verification-without-hardware-secure-boot
https://docs.rs/secp256k1/latest/secp256k1/
 2023-11-22 03:05:27 +00:00
irriden
e6c11866bb tester: update example command files 2023-11-18 02:10:05 +00:00
irriden
7102138217 sphinx-key: check integrity of ota bin file 2023-11-18 02:06:01 +00:00
irriden
ac1a61f03b broker: pull rumqttd https fix 2023-11-15 23:31:20 +00:00
irriden
90d43c4e70 cargo clippy 2023-11-15 23:11:41 +00:00
irriden
5bef7ab78e sphinx-key: add tls to default features 2023-11-14 23:40:20 +00:00
irriden
dfe06d6dab sphinx-key: configs for a 60KB reduction in bin size 
all related to ssl, see below:
https://docs.espressif.com/projects/esp-idf/en/latest/esp32c3/api-guides/performance/size.html#minimizing-binary-mbedtls
 2023-11-14 23:37:24 +00:00
irriden
ed3c44e94d sphinx-key: mqtts 
see here for an explanation of settings - crucial for manageable memory footprint
https://docs.espressif.com/projects/esp-idf/en/latest/esp32c3/api-reference/protocols/mbedtls.html#reducing-heap-usage
 2023-11-14 19:31:44 +00:00
irriden
b7d20d31ca sphinx-key: https ota 2023-11-07 20:44:06 +00:00
irriden
4b85a85f0e broker: increase mqtt timeout from 4s to 10s 2023-10-31 23:46:37 +00:00
irriden
616acc868e sphinx-key: fetch ota update in the main thread 
we previously spawned a separate led thread, which caused two problems
1) starved the main thread, preventing any progress on signing
a solution here could have been to sleep the ota fetch thread every so often
2) also increased memory usage
a solution here is much smaller buffer for ota thread

both of these solutions significantly hindered the speed of the ota update

i like much better keeping the ota fetch blocking in the main thread,
and giving it the appropriate resources to perform the ota fetch fast

this commit also only sends a new status into the led_tx-led_rx channel when
necessary - we previously sent new statuses into the channel even if the led
was already at that state
 2023-10-30 23:04:09 +00:00
irriden
dde34efbdc sphinx-key: add the loop back in 2023-10-30 15:38:13 +00:00
irriden
3535ec5d62 tester: add env-example 2023-10-30 15:38:02 +00:00
irriden
d8e9a1e0cc sphinx-key: update esp-idf from 5.0.2 to 5.0.4 2023-10-30 15:37:49 +00:00
irriden
fd434c3546 sphinx-key: remove embedded-hal, embedded-svc dependencies 
embedded-svc is only necessary if you want to develop an app for multiple chips
this is not our case
 2023-10-30 15:36:52 +00:00
irriden
705caea73e sphinx-key: bump esp-rs deps 2023-10-30 15:36:20 +00:00
irriden
73d2c76be1 update txoo to 812000 checkpoint 2023-10-30 15:35:49 +00:00
irriden
9773e4bec2 factory: no std 2023-10-30 15:35:49 +00:00
irriden
0c0b59789b sphinx-key: do a full restart in case of a wifi connection failure 2023-10-23 21:12:41 +00:00
irriden
52ea111ea6 sphinx-key: tune configs to solve OOM on mainnet addblock msgs 
also pulls vls memory optimizations on these addblock msgs
 2023-10-19 23:12:18 +00:00
irriden
66045569ac sphinx-key: stop storing previous lss msg on sd card 2023-10-18 15:18:38 +00:00
irriden
dce2daa3d0 tester: notes on successful ota update 2023-10-16 22:44:33 +00:00
irriden
b6c8b5a7f1 tester: read command from cmd.json file 2023-10-16 22:13:10 +00:00
irriden
fdb207bf6e tester: update ctrl post message route 2023-10-16 21:47:28 +00:00
irriden
7caaf5ae36 more concise logging 2023-10-13 17:44:02 +00:00
irriden
c77e20e2b7 sphinx-key: no need to log full msg 2023-10-13 16:44:03 +00:00
irriden
9ab7fa1b73 broker: launch the frontend 
bumps sphinx-rs to include tracker_size_workaround feature from vls
otherwise the frontend eats up too much memory on esp32
uses the blocking handle::handle_message fn for impl SignerPort via
tokio::task::spawn_blocking
removes hard coded heartbeats, as these are now sent by the frontend
 2023-10-12 18:57:28 +00:00
irriden
0f0e5b5f9e factory: use same sdkconfig.defaults settings as sphinx-key 
very important for the long filenames settings
closes #133
 2023-10-05 09:25:25 +00:00