Milestone 3
Checklist
Number | Deliverable | Link | Notes |
---|---|---|---|
0a. | License | 🔗 | See below |
0b. | Documentation | 🔗 | See below |
0c. | Testing Guide | 🔗 | See below |
1. | An end-to-end proof of concept of a Kusama signing hardware/software stack. | See below | |
2. | Ledger Nano S TEE key provisioning app (NOTE: This aspect is subject to research outcomes and may not be necessary. As discussed with Jeff Burdges, it is possible that there is no need for external interaction in the case of session keys.) | See below | |
3. | Corresponding unit and integration tests (including fuzzing) | See below | |
4. | Documentation | See below |
Overview
- Integration with Kusama validation node infrastructure
- Integration and basic fuzzing of the signing service
- Documentation and guidelines recommending a set of validator good practices
- Ledger Nano S provisioning application (Given that this will be a technical app, we will provide instructions on how to sideload it and will not be submitted for publication in Ledger Live) - NOTE: This aspect is subject to research outcomes and may not be necessary. As discussed with Jeff Burdges, it is possible that there is no need for external interaction in the case of session keys.)
License
License
The repositories referenced in this milestone have all been published under either Apache 2.0 and GNU GPL2.
Repository | License | Link |
---|---|---|
Zondax/web-docs-tee | Apache 2.0 | 📄 License |
Zondax/tee-substrate-service | Apache 2.0 | 📄 License |
Zondax/hello-rustee | Apache 2.0 | 📄 License |
Zondax/buildroot-zondax | GNU GPL2 | 📄 License |
In the sections below we listed each part of this Milestone and the links to their respective test.
Item 1
Number | Deliverable | Link | Notes |
---|---|---|---|
1. | An end-to-end proof of concept of a Kusama signing hardware/software stack. |
In-person Workshop to demonstrate a hybrid network of cloud and TEE nodes validating.
Item 2
Number | Deliverable | Link | Notes |
---|---|---|---|
2. | Ledger Nano S TEE key provisioning app (NOTE: This aspect is subject to research outcomes and may not be necessary. As discussed with Jeff Burdges, it is possible that there is no need for external interaction in the case of session keys.) |
During the development of Milestone 1, it was recognized that private session keys could be generated sefely without any kind of external key provisioning. Instead, TEEs can generate keys and operators can register the public part of these keys using their controller keys.
For this reason, and to simplify the operation process this items was resolved in a much more efficient way that does not required a specialized provisioning tool.
Item 3
Number | Deliverable | Link | Notes |
---|---|---|---|
3. | Detailed description of the development and testing process. |
The documentation can be found in the Development section of the documentation link
Item 4
| Number | Deliverable | Link | Notes | | ------ | :--------------------------------------- | ---- | ----- | --- | | 4. | Corresponding tests | | | |
Given the hardware based nature of this project, several integration steps require manual configuration and verification of the hardware, nodes, etc. This will be presented during an on-site workshop