bender-labs / wrap-signer Goto Github PK

For now, when the signer fails, error messages are not very useful.
We should try to display diagnostics messages

Signers, if they want to use a different payment address than the implicit account associated with their key, must sign a message.
Signer should provide an endpoint to ease this process

For now, we fail fast. For every single error, we shutdown the signer. This is good, but in the case of temporary network errors, not so much.
So the goal here would be to introduce a retry policy for polling tezos and ethereum

For now, signer node will accept to sign whatever erc20 transfer has been observed, wether or not it is supported.

We could read minter contract storage to create a supported tokens list

Signer does not cope well if a bad tezos address is specified as the owner of an unwrap.
Since we shutdown for every single error, that means that the quorum would be stuck forever.

Several options here:

• ignore that kind of bad wrap requests
• sign an unwrap transaction, so the locked assets can be claimed.

In addition of cloud hsm and in memory keys, signer should support some kind of hardware.

Several options here:

• generic PKCS11 support
• specific hardware:
• SmartCard Hsm
• YubiHSM

Signer is not as unit tested as it should, mainly because it deals a lot with IO, which are not easy to unit test in the first place when you're not sure of the expected behaviour.

In addition to logs, signer node could provide some aggregated metrics, to ensure everything is fine.

Prometheus is an option, as it is very standard, but using structured logs could also do the trick.

We should be able to use Azure Key Vault as a backend for our keys

How to setup a signer node

Tokens, to be added, must be signed.
Signer should provide a way to handle this.

Maybe a simple endpoint, that would generate an event for the indexer to consume.

From times to times, the signer doesn't restart with its last polling level.