chore: Cleanup eots interfaces (#337)

Patially addressed babylonlabs-io/pm#198 by
removing removing `passphrase` from EOTS manager interface and some
cleanups. Some notable changes:
- Removed `passphrase` parameter from every EOTS manager interface
- Removed `KeyRecord` interface as we don't rely on it to create EOTS
keys anymore (eotsd keys add instead).

CHANGELOG.md

@@ -46,6 +46,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
 * [#333](https://github.com/babylonlabs-io/finality-provider/pull/333) poller: skip if no new block is polled
 * [#328](https://github.com/babylonlabs-io/finality-provider/pull/328) Fix small bias in EOTS private key generation
+* [#337](https://github.com/babylonlabs-io/finality-provider/pull/337) Cleanup EOTS manager interfaces
 
 ## v1.0.0-rc.1
 

eotsmanager/client/rpcclient.go

@@ -11,7 +11,6 @@ import (
 
 	"github.com/babylonlabs-io/finality-provider/eotsmanager"
 	"github.com/babylonlabs-io/finality-provider/eotsmanager/proto"
-	"github.com/babylonlabs-io/finality-provider/eotsmanager/types"
 )
 
 var _ eotsmanager.EOTSManager = &EOTSManagerGRpcClient{}
@@ -50,23 +49,12 @@ func (c *EOTSManagerGRpcClient) Ping() error {
 	return nil
 }
 
-func (c *EOTSManagerGRpcClient) CreateKey(name, passphrase, hdPath string) ([]byte, error) {
-	req := &proto.CreateKeyRequest{Name: name, Passphrase: passphrase, HdPath: hdPath}
-	res, err := c.client.CreateKey(context.Background(), req)
-	if err != nil {
-		return nil, err
-	}
-
-	return res.Pk, nil
-}
-
-func (c *EOTSManagerGRpcClient) CreateRandomnessPairList(uid, chainID []byte, startHeight uint64, num uint32, passphrase string) ([]*btcec.FieldVal, error) {
+func (c *EOTSManagerGRpcClient) CreateRandomnessPairList(uid, chainID []byte, startHeight uint64, num uint32) ([]*btcec.FieldVal, error) {
 	req := &proto.CreateRandomnessPairListRequest{
 		Uid:         uid,
 		ChainId:     chainID,
 		StartHeight: startHeight,
 		Num:         num,
-		Passphrase:  passphrase,
 	}
 	res, err := c.client.CreateRandomnessPairList(context.Background(), req)
 	if err != nil {
@@ -93,29 +81,12 @@ func (c *EOTSManagerGRpcClient) SaveEOTSKeyName(pk *btcec.PublicKey, keyName str
 	return err
 }
 
-func (c *EOTSManagerGRpcClient) KeyRecord(uid []byte, passphrase string) (*types.KeyRecord, error) {
-	req := &proto.KeyRecordRequest{Uid: uid, Passphrase: passphrase}
-
-	res, err := c.client.KeyRecord(context.Background(), req)
-	if err != nil {
-		return nil, err
-	}
-
-	privKey, _ := btcec.PrivKeyFromBytes(res.PrivateKey)
-
-	return &types.KeyRecord{
-		Name:    res.Name,
-		PrivKey: privKey,
-	}, nil
-}
-
-func (c *EOTSManagerGRpcClient) SignEOTS(uid, chaiID, msg []byte, height uint64, passphrase string) (*btcec.ModNScalar, error) {
+func (c *EOTSManagerGRpcClient) SignEOTS(uid, chaiID, msg []byte, height uint64) (*btcec.ModNScalar, error) {
 	req := &proto.SignEOTSRequest{
-		Uid:        uid,
-		ChainId:    chaiID,
-		Msg:        msg,
-		Height:     height,
-		Passphrase: passphrase,
+		Uid:     uid,
+		ChainId: chaiID,
+		Msg:     msg,
+		Height:  height,
 	}
 	res, err := c.client.SignEOTS(context.Background(), req)
 	if err != nil {
@@ -128,13 +99,12 @@ func (c *EOTSManagerGRpcClient) SignEOTS(uid, chaiID, msg []byte, height uint64,
 	return &s, nil
 }
 
-func (c *EOTSManagerGRpcClient) UnsafeSignEOTS(uid, chaiID, msg []byte, height uint64, passphrase string) (*btcec.ModNScalar, error) {
+func (c *EOTSManagerGRpcClient) UnsafeSignEOTS(uid, chaiID, msg []byte, height uint64) (*btcec.ModNScalar, error) {
 	req := &proto.SignEOTSRequest{
-		Uid:        uid,
-		ChainId:    chaiID,
-		Msg:        msg,
-		Height:     height,
-		Passphrase: passphrase,
+		Uid:     uid,
+		ChainId: chaiID,
+		Msg:     msg,
+		Height:  height,
 	}
 	res, err := c.client.UnsafeSignEOTS(context.Background(), req)
 	if err != nil {
@@ -147,8 +117,8 @@ func (c *EOTSManagerGRpcClient) UnsafeSignEOTS(uid, chaiID, msg []byte, height u
 	return &s, nil
 }
 
-func (c *EOTSManagerGRpcClient) SignSchnorrSig(uid, msg []byte, passphrase string) (*schnorr.Signature, error) {
-	req := &proto.SignSchnorrSigRequest{Uid: uid, Msg: msg, Passphrase: passphrase}
+func (c *EOTSManagerGRpcClient) SignSchnorrSig(uid, msg []byte) (*schnorr.Signature, error) {
+	req := &proto.SignSchnorrSigRequest{Uid: uid, Msg: msg}
 	res, err := c.client.SignSchnorrSig(context.Background(), req)
 	if err != nil {
 		return nil, err

eotsmanager/cmd/eotsd/daemon/flags.go

@@ -3,7 +3,6 @@ package daemon
 const (
 	keyNameFlag           = "key-name"
 	eotsPkFlag            = "eots-pk"
-	passphraseFlag        = "passphrase"
 	forceFlag             = "force"
 	rpcListenerFlag       = "rpc-listener"
 	rpcClientFlag         = "rpc-client"

eotsmanager/cmd/eotsd/daemon/keys.go

@@ -5,22 +5,22 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"strings"
 
 	"github.com/btcsuite/btcd/btcec/v2/schnorr"
 
 	"github.com/babylonlabs-io/babylon/types"
-	"github.com/babylonlabs-io/finality-provider/eotsmanager"
-	eotsclient "github.com/babylonlabs-io/finality-provider/eotsmanager/client"
-	"github.com/babylonlabs-io/finality-provider/eotsmanager/config"
-	"github.com/babylonlabs-io/finality-provider/log"
-	"github.com/babylonlabs-io/finality-provider/util"
 	"github.com/cosmos/cosmos-sdk/client"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/client/keys"
 	cryptokeyring "github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/spf13/cobra"
 	"sigs.k8s.io/yaml"
+
+	"github.com/babylonlabs-io/finality-provider/eotsmanager"
+	eotsclient "github.com/babylonlabs-io/finality-provider/eotsmanager/client"
+	"github.com/babylonlabs-io/finality-provider/eotsmanager/config"
+	"github.com/babylonlabs-io/finality-provider/log"
+	"github.com/babylonlabs-io/finality-provider/util"
 )
 
 type KeyOutputWithPubKeyHex struct {
@@ -110,7 +110,7 @@ func saveKeyNameMapping(cmd *cobra.Command, keyName string) (*types.BIP340PubKey
 			return nil, err
 		}
 
-		kr, err := eotsmanager.InitKeyring(clientCtx.HomeDir, clientCtx.Keyring.Backend(), strings.NewReader(""))
+		kr, err := eotsmanager.InitKeyring(clientCtx.HomeDir, clientCtx.Keyring.Backend())
 		if err != nil {
 			return nil, fmt.Errorf("failed to init keyring: %w", err)
 		}
@@ -245,7 +245,7 @@ func printFromKey(cmd *cobra.Command, keyName string, eotsPk *types.BIP340PubKey
 	}
 
 	ctx := cmd.Context()
-	mnemonic := ctx.Value(mnemonicCtxKey).(string) //nolint: forcetypeassert
+	mnemonic := ctx.Value(mnemonicCtxKey).(string) // nolint: forcetypeassert
 	showMnemonic := ctx.Value(mnemonicShowCtxKey).(bool)
 
 	return printCreatePubKeyHex(cmd, k, eotsPk, showMnemonic, mnemonic, clientCtx.OutputFormat)

eotsmanager/cmd/eotsd/daemon/pop.go

@@ -101,7 +101,6 @@ func NewPopExportCmd() *cobra.Command {
 	f.String(sdkflags.FlagHome, config.DefaultEOTSDir, "EOTS home directory")
 	f.String(keyNameFlag, "", "EOTS key name")
 	f.String(eotsPkFlag, "", "EOTS public key of the finality-provider")
-	f.String(passphraseFlag, "", "EOTS passphrase used to decrypt the keyring")
 	f.String(sdkflags.FlagKeyringBackend, keyring.BackendTest, "EOTS backend of the keyring")
 
 	f.String(flagHomeBaby, "", "BABY home directory")
@@ -183,11 +182,6 @@ func validatePop(cmd *cobra.Command, args []string) error {
 }
 
 func exportPop(cmd *cobra.Command, _ []string) error {
-	eotsPassphrase, err := cmd.Flags().GetString(passphraseFlag)
-	if err != nil {
-		return err
-	}
-
 	eotsHomePath, eotsKeyName, eotsFpPubKeyStr, eotsKeyringBackend, err := eotsFlags(cmd)
 	if err != nil {
 		return err
@@ -211,7 +205,7 @@ func exportPop(cmd *cobra.Command, _ []string) error {
 
 	bbnAddrStr := bbnAddr.String()
 	hashOfMsgToSign := tmhash.Sum([]byte(bbnAddrStr))
-	schnorrSigOverBabyAddr, eotsPk, err := eotsSignMsg(eotsManager, eotsKeyName, eotsFpPubKeyStr, eotsPassphrase, hashOfMsgToSign)
+	schnorrSigOverBabyAddr, eotsPk, err := eotsSignMsg(eotsManager, eotsKeyName, eotsFpPubKeyStr, hashOfMsgToSign)
 	if err != nil {
 		return fmt.Errorf("failed to sign address %s: %w", bbnAddrStr, err)
 	}
@@ -572,23 +566,23 @@ func eotsPubKey(
 
 func eotsSignMsg(
 	eotsManager *eotsmanager.LocalEOTSManager,
-	keyName, fpPkStr, passphrase string,
+	keyName, fpPkStr string,
 	hashOfMsgToSign []byte,
 ) (*schnorr.Signature, *bbntypes.BIP340PubKey, error) {
 	if len(fpPkStr) > 0 {
 		fpPk, err := bbntypes.NewBIP340PubKeyFromHex(fpPkStr)
 		if err != nil {
 			return nil, nil, fmt.Errorf("invalid finality-provider public key %s: %w", fpPkStr, err)
 		}
-		signature, err := eotsManager.SignSchnorrSig(*fpPk, hashOfMsgToSign, passphrase)
+		signature, err := eotsManager.SignSchnorrSig(*fpPk, hashOfMsgToSign)
 		if err != nil {
 			return nil, nil, fmt.Errorf("unable to sign msg with pk %s: %w", fpPkStr, err)
 		}
 
 		return signature, fpPk, nil
 	}
 
-	return eotsManager.SignSchnorrSigFromKeyname(keyName, passphrase, hashOfMsgToSign)
+	return eotsManager.SignSchnorrSigFromKeyname(keyName, hashOfMsgToSign)
 }
 
 func cmdCloseEots(

eotsmanager/eotsmanager.go

@@ -3,47 +3,33 @@ package eotsmanager
 import (
 	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/btcsuite/btcd/btcec/v2/schnorr"
-
-	"github.com/babylonlabs-io/finality-provider/eotsmanager/types"
 )
 
 type EOTSManager interface {
-	// CreateKey generates a key pair at the given name and persists it in storage.
-	// The key pair is formatted by BIP-340 (Schnorr Signatures)
-	// It fails if there is an existing key Info with the same name or public key.
-	CreateKey(name, passphrase, hdPath string) ([]byte, error)
-
 	// CreateRandomnessPairList generates a list of Schnorr randomness pairs from
 	// startHeight to startHeight+(num-1) where num means the number of public randomness
 	// It fails if the finality provider does not exist or a randomness pair has been created before
 	// or passPhrase is incorrect
 	// NOTE: the randomness is deterministically generated based on the EOTS key, chainID and
 	// block height
-	CreateRandomnessPairList(uid []byte, chainID []byte, startHeight uint64, num uint32, passphrase string) ([]*btcec.FieldVal, error)
-
-	// KeyRecord returns the finality provider record
-	// It fails if the finality provider does not exist or passPhrase is incorrect
-	KeyRecord(uid []byte, passphrase string) (*types.KeyRecord, error)
+	CreateRandomnessPairList(uid []byte, chainID []byte, startHeight uint64, num uint32) ([]*btcec.FieldVal, error)
 
 	// SignEOTS signs an EOTS using the private key of the finality provider and the corresponding
 	// secret randomness of the given chain at the given height
 	// It fails if the finality provider does not exist or there's no randomness committed to the given height
 	// or passPhrase is incorrect. Has built-in anti-slashing mechanism to ensure signature
 	// for the same height will not be signed twice.
-	SignEOTS(uid []byte, chainID []byte, msg []byte, height uint64, passphrase string) (*btcec.ModNScalar, error)
+	SignEOTS(uid []byte, chainID []byte, msg []byte, height uint64) (*btcec.ModNScalar, error)
 
 	// UnsafeSignEOTS should only be used in e2e tests for demonstration purposes.
 	// Does not offer double sign protection.
 	// Use SignEOTS for real operations.
-	UnsafeSignEOTS(uid []byte, chainID []byte, msg []byte, height uint64, passphrase string) (*btcec.ModNScalar, error)
+	UnsafeSignEOTS(uid []byte, chainID []byte, msg []byte, height uint64) (*btcec.ModNScalar, error)
 
 	// SignSchnorrSig signs a Schnorr signature using the private key of the finality provider
 	// It fails if the finality provider does not exist or the message size is not 32 bytes
 	// or passPhrase is incorrect
-	SignSchnorrSig(uid []byte, msg []byte, passphrase string) (*schnorr.Signature, error)
-
-	// SaveEOTSKeyName saves a new key under the EOTS key name mapping
-	SaveEOTSKeyName(pk *btcec.PublicKey, keyName string) error
+	SignSchnorrSig(uid []byte, msg []byte) (*schnorr.Signature, error)
 
 	Close() error
 }