Open josephawallace opened 1 year ago
josephawallace
commented
1 year ago Files being saved successfully (keygen confirmed). Signing failing midway through - seems like a deadlock on one node, then that node isn't sending any message and then they all stall. As a related side note, should look into putting timeouts on basically everything that requires outreach.
josephawallace
commented
1 year ago Signature request should no longer come through pubsub channel by default. The request should be direct to the peers - the client will keep track of which peers were used for which keys, and will call on those peers when needed. If the client loses its list, it can "force" the request be sent and use a pubsub channel in that case to find the needed peers.
As far as the database goes, keygen/signature data is being saved properly. The keygen data is being saved as pubkey->keySaveData and the signature are saved as time->signature (the signature store will only be used for records). The last big step is figuring out encryption at rest.
josephawallace
commented
1 year ago Looks like HCP/Vault will be used to encrypt data at rest within the nodes' databases and manage communication/access between services that are deployed to the cloud. It might also be used to make deployments. Long story short, no need to implement encrypting data at rest to satisfy this story - that will done in another story when it's time to set HCP up completely.
Description
In order to reliably query for needed data, nodes should use a database. This querying for data becomes much more important as the system for requesting keygen/signing changes to use a pubsub mechanism. When a signature request comes in through a pubsub channel, how will the nodes know if they have a relevant file for the request? They should query their database.
Todo
Encrypt keygen/signature files so that no one but the application can read the them, potentially using Vault