search

near / mpc

31 stars 6 forks source link

Reject unregistered participants #492

Closed volovyks closed 3 months ago

github-actions[bot] commented 3 months ago

Terraform Feature Environment (dev-492)

Terraform Initialization ⚙️success

Terraform Apply success

Show Apply Plan ``` data.external.git_checkout: Reading... data.external.git_checkout: Read complete after 0s [id=-] data.google_compute_network.dev_network: Reading... data.google_compute_network.prod_network: Reading... data.google_compute_subnetwork.dev_subnetwork: Reading... data.google_compute_subnetwork.prod_subnetwork: Reading... google_service_account.service_account: Refreshing state... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] module.mpc-leader-lb.google_compute_region_network_endpoint_group.default_neg: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/networkEndpointGroups/mpc-dev-492-leader-neg] google_secret_manager_secret_iam_member.fast_auth_partners_secret_access: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-fast-auth-partners-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] google_service_account_iam_binding.serivce-account-iam: Refreshing state... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com/roles/iam.serviceAccountUser] google_secret_manager_secret_iam_member.account_creator_secret_access: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-recovery-account-creator-sk-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] google_project_iam_member.service-account-datastore-user: Refreshing state... [id=pagoda-discovery-platform-dev/roles/datastore.user/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] google_secret_manager_secret_iam_member.cipher_key_secret_access[2]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] google_secret_manager_secret_iam_member.cipher_key_secret_access[0]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] data.google_compute_network.dev_network: Read complete after 0s [id=projects/pagoda-shared-infrastructure/global/networks/dev] google_secret_manager_secret_iam_member.cipher_key_secret_access[1]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] data.google_compute_network.prod_network: Read complete after 0s [id=projects/pagoda-shared-infrastructure/global/networks/prod] google_secret_manager_secret_iam_member.secret_share_secret_access[2]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] google_secret_manager_secret_iam_member.secret_share_secret_access[0]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] google_secret_manager_secret_iam_member.secret_share_secret_access[1]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-492@pagoda-discovery-platform-dev.iam.gserviceaccount.com] module.mpc-leader-lb.google_compute_region_backend_service.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/backendServices/mpc-dev-492-leader-backend-service] data.google_compute_subnetwork.dev_subnetwork: Read complete after 0s [id=projects/pagoda-shared-infrastructure/regions/us-east1/subnetworks/cloudrun-main-dev-us-east1] data.google_compute_subnetwork.prod_subnetwork: Read complete after 0s [id=projects/pagoda-shared-infrastructure/regions/us-east1/subnetworks/cloudrun-main-prod-us-east1] module.mpc-leader-lb.google_compute_region_url_map.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/urlMaps/mpc-dev-492-leader-url-map] module.signer[1].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-492] module.signer[2].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-492] module.signer[0].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-492] module.mpc-leader-lb.google_compute_region_target_http_proxy.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/targetHttpProxies/mpc-dev-492-leader-http-proxy] module.signer[2].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-492/roles/run.invoker/allUsers] module.signer[1].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-492/roles/run.invoker/allUsers] module.signer[0].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-492/roles/run.invoker/allUsers] module.mpc-leader-lb.google_compute_forwarding_rule.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/forwardingRules/mpc-dev-492-leader-forwarding-rule] module.leader.google_cloud_run_v2_service.leader: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-492] module.leader.google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-492/roles/run.invoker/allUsers] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.leader.google_cloud_run_v2_service.leader will be updated in-place ~ resource "google_cloud_run_v2_service" "leader" { id = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-492" name = "mpc-recovery-leader-dev-492" # (17 unchanged attributes hidden) ~ template { # (6 unchanged attributes hidden) ~ containers { ~ image = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:a5800fb7c935d268b5ab3527d02c273e0712c84a" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:1802d8599a4a05a08c625bc5050070b4f2608377" # (2 unchanged attributes hidden) # (16 unchanged blocks hidden) } # (2 unchanged blocks hidden) } # (1 unchanged block hidden) } # module.signer[0].google_cloud_run_v2_service.signer will be updated in-place ~ resource "google_cloud_run_v2_service" "signer" { id = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-492" name = "mpc-recovery-signer-0-dev-492" # (17 unchanged attributes hidden) ~ template { # (6 unchanged attributes hidden) ~ containers { ~ image = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:a5800fb7c935d268b5ab3527d02c273e0712c84a" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:1802d8599a4a05a08c625bc5050070b4f2608377" # (2 unchanged attributes hidden) # (11 unchanged blocks hidden) } # (2 unchanged blocks hidden) } # (1 unchanged block hidden) } # module.signer[1].google_cloud_run_v2_service.signer will be updated in-place ~ resource "google_cloud_run_v2_service" "signer" { id = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-492" name = "mpc-recovery-signer-1-dev-492" # (17 unchanged attributes hidden) ~ template { # (6 unchanged attributes hidden) ~ containers { ~ image = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:a5800fb7c935d268b5ab3527d02c273e0712c84a" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:1802d8599a4a05a08c625bc5050070b4f2608377" # (2 unchanged attributes hidden) # (11 unchanged blocks hidden) } # (2 unchanged blocks hidden) } # (1 unchanged block hidden) } # module.signer[2].google_cloud_run_v2_service.signer will be updated in-place ~ resource "google_cloud_run_v2_service" "signer" { id = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-492" name = "mpc-recovery-signer-2-dev-492" # (17 unchanged attributes hidden) ~ template { # (6 unchanged attributes hidden) ~ containers { ~ image = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:a5800fb7c935d268b5ab3527d02c273e0712c84a" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:1802d8599a4a05a08c625bc5050070b4f2608377" # (2 unchanged attributes hidden) # (11 unchanged blocks hidden) } # (2 unchanged blocks hidden) } # (1 unchanged block hidden) } Plan: 0 to add, 4 to change, 0 to destroy. module.signer[2].google_cloud_run_v2_service.signer: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-492] module.signer[0].google_cloud_run_v2_service.signer: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-492] module.signer[1].google_cloud_run_v2_service.signer: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-492] module.signer[2].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-2-dev-492, 10s elapsed] module.signer[0].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-0-dev-492, 10s elapsed] module.signer[1].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-1-dev-492, 10s elapsed] module.signer[2].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-2-dev-492, 20s elapsed] module.signer[0].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-0-dev-492, 20s elapsed] module.signer[1].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-1-dev-492, 20s elapsed] module.signer[0].google_cloud_run_v2_service.signer: Modifications complete after 21s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-492] module.signer[1].google_cloud_run_v2_service.signer: Modifications complete after 21s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-492] module.signer[2].google_cloud_run_v2_service.signer: Modifications complete after 21s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-492] module.leader.google_cloud_run_v2_service.leader: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-492] module.leader.google_cloud_run_v2_service.leader: Still modifying... [id=projects/pagoda-discovery-platform-dev/...1/services/mpc-recovery-leader-dev-492, 10s elapsed] module.leader.google_cloud_run_v2_service.leader: Still modifying... [id=projects/pagoda-discovery-platform-dev/...1/services/mpc-recovery-leader-dev-492, 20s elapsed] module.leader.google_cloud_run_v2_service.leader: Modifications complete after 21s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-492] Apply complete! Resources: 0 added, 4 changed, 0 destroyed. Outputs: leader_node = "https://mpc-recovery-leader-dev-492-7tk2cmmtcq-ue.a.run.app" ```

Pusher: @volovyks, Action: pull_request, Working Directory: `, Workflow:Terraform Feature Env`

URL: https://mpc-recovery-leader-dev-492-7tk2cmmtcq-ue.a.run.app

volovyks commented 3 months ago

@ppca we will need to update our and partner configs once this is merged

ppca commented 3 months ago

If this allowlist is an ENV variable, then each time we update the allowlist, we'd need to ping the partners to update their node. It's probably OK to ping them, and then when all nodes have updated, the new participant would be able to join. If we want this update to be automatic, we'd then need be ok with allowlist being public. Basically we specify the allowlist in code. Then every time we update the allowlist, we simply rebuild the docker image and update the the public image. And the watchtower inside each partner's VM will update their multichain node too.

volovyks commented 3 months ago

A public list is not a bad thing. We can keep it in the contract that is controlled by Pagoda. But let's not forget about decentralization. Each partner should make their own decision on "who can join" because now the vote function is called automatically. cc @DavidM-D

ppca commented 3 months ago

keeping it in the contract sounds like a good idea to me.

ChaoticTempest commented 3 months ago

So the issue with this is that since we restart the node to reflect these changes, it might be bad to do so since the service should be running regardless of whether or not resharing is happening or not. So imagine all nodes restart at once to do this voting which isn't ideal for the liveliness of the service. So in that case, it's better to just have the CLI commands handy for people to use at that point. And let's just disallow people from joining arbitrarily for now then with this PR

volovyks commented 3 months ago

We can get rid of that endpoint completely and ask node providers to use CLI, yes. But we will force them to keep the key locally on their PC. The situation when all the nodes restart simultaneously is unlikely because people will update this list manually.

I do not have a strong opinion here, since all the options have downsides.

ChaoticTempest commented 3 months ago

@volovyks so they can ssh into the node itself and then directly use the local key already stored there to do CLI call if that helps. Additionally, with the changes you have here with the allowlist, they would have to restart the node to do a manual CLI call

volovyks commented 3 months ago

Closing in favour of https://github.com/near/mpc-recovery/pull/498