From 5e85addd449107e56372afec0e39407d1ac1430a Mon Sep 17 00:00:00 2001 From: Arshavir Ter-Gabrielyan Date: Thu, 6 Feb 2025 17:55:12 +0100 Subject: [PATCH] chore(registry): Remove obsolete ECDSA API (#3827) This PR removes the legacy ECDSA fields from the Registry canister's subnet operations since those were obsolete. --- .../ic_boundary/src/test_utils.rs | 1 - rs/crypto/src/keygen/tests.rs | 2 +- rs/crypto/temp_crypto/src/lib.rs | 5 +- rs/crypto/tests/integration_test.rs | 2 +- .../integration_tests/src/subnet_handler.rs | 5 -- rs/prep/src/subnet_configuration.rs | 1 - .../def/registry/subnet/v1/subnet.proto | 10 +--- .../src/gen/registry/registry.subnet.v1.rs | 7 --- .../src/gen/state/registry.subnet.v1.rs | 7 --- .../src/gen/types/registry.subnet.v1.rs | 7 --- rs/registry/admin/src/create_subnet.rs | 1 - rs/registry/admin/src/recover_subnet.rs | 4 -- rs/registry/admin/src/update_subnet.rs | 6 --- rs/registry/canister/canister/registry.did | 5 -- .../canister/src/invariants/crypto/tests.rs | 4 +- .../src/mutations/do_create_subnet.rs | 9 ---- .../src/mutations/do_recover_subnet.rs | 10 ---- .../src/mutations/do_update_subnet.rs | 46 +------------------ rs/registry/canister/tests/create_subnet.rs | 1 - rs/registry/canister/tests/recover_subnet.rs | 5 -- rs/registry/canister/tests/update_subnet.rs | 17 ------- rs/test_utilities/registry/src/lib.rs | 1 - rs/tests/ckbtc/src/lib.rs | 3 -- rs/tests/consensus/tecdsa/utils/src/lib.rs | 4 -- rs/tests/consensus/utils/src/ssh_access.rs | 3 -- rs/tests/driver/src/nns.rs | 1 - 26 files changed, 10 insertions(+), 157 deletions(-) diff --git a/rs/boundary_node/ic_boundary/src/test_utils.rs b/rs/boundary_node/ic_boundary/src/test_utils.rs index 5fd9ddbdecd..625ddd786f4 100644 --- a/rs/boundary_node/ic_boundary/src/test_utils.rs +++ b/rs/boundary_node/ic_boundary/src/test_utils.rs @@ -133,7 +133,6 @@ pub fn test_subnet_record() -> SubnetRecord { max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, } } diff --git a/rs/crypto/src/keygen/tests.rs b/rs/crypto/src/keygen/tests.rs index 80401ced142..523cd2293da 100644 --- a/rs/crypto/src/keygen/tests.rs +++ b/rs/crypto/src/keygen/tests.rs @@ -1146,7 +1146,7 @@ mod rotate_idkg_dealing_encryption_keys { #[test] fn should_not_rotate_key_when_no_ecdsa_config_exists() { let setup = Setup::builder() - .with_ecdsa_subnet_config(EcdsaSubnetConfig::new_without_ecdsa_config( + .with_ecdsa_subnet_config(EcdsaSubnetConfig::new_without_chain_key_config( subnet_id(), Some(node_id()), )) diff --git a/rs/crypto/temp_crypto/src/lib.rs b/rs/crypto/temp_crypto/src/lib.rs index 8b982034c64..4b27c1eb65b 100644 --- a/rs/crypto/temp_crypto/src/lib.rs +++ b/rs/crypto/temp_crypto/src/lib.rs @@ -1095,7 +1095,6 @@ impl EcdsaSubnetConfig { max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: Some(ChainKeyConfig { key_configs: vec![KeyConfig { key_id: Some(ic_protobuf::types::v1::MasterPublicKeyId { @@ -1117,9 +1116,9 @@ impl EcdsaSubnetConfig { } } - pub fn new_without_ecdsa_config(subnet_id: SubnetId, node_id: Option) -> Self { + pub fn new_without_chain_key_config(subnet_id: SubnetId, node_id: Option) -> Self { let mut subnet_config = Self::new(subnet_id, node_id, None); - subnet_config.subnet_record.ecdsa_config = None; + subnet_config.subnet_record.chain_key_config = None; subnet_config } diff --git a/rs/crypto/tests/integration_test.rs b/rs/crypto/tests/integration_test.rs index ce3c5f0e8e2..67dd666855a 100644 --- a/rs/crypto/tests/integration_test.rs +++ b/rs/crypto/tests/integration_test.rs @@ -1212,7 +1212,7 @@ fn should_return_all_keys_registered_from_check_keys_with_registry_if_no_ecdsa_c ) .with_time_source(Arc::clone(&time) as Arc<_>) .with_node_id(node_id()) - .with_ecdsa_subnet_config(EcdsaSubnetConfig::new_without_ecdsa_config( + .with_ecdsa_subnet_config(EcdsaSubnetConfig::new_without_chain_key_config( subnet_id(), Some(node_id()), )) diff --git a/rs/nns/integration_tests/src/subnet_handler.rs b/rs/nns/integration_tests/src/subnet_handler.rs index cdddeeb8d80..45d0693e192 100644 --- a/rs/nns/integration_tests/src/subnet_handler.rs +++ b/rs/nns/integration_tests/src/subnet_handler.rs @@ -50,7 +50,6 @@ fn test_submit_and_accept_update_subnet_proposal() { max_number_of_canisters: 100, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, }; @@ -87,9 +86,6 @@ fn test_submit_and_accept_update_subnet_proposal() { is_halted: Some(true), halt_at_cup_height: Some(true), features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: Some(200), ssh_readonly_access: Some(vec!["pub_key_0".to_string()]), ssh_backup_access: Some(vec!["pub_key_1".to_string()]), @@ -171,7 +167,6 @@ fn test_submit_and_accept_update_subnet_proposal() { max_number_of_canisters: 200, ssh_readonly_access: vec!["pub_key_0".to_string()], ssh_backup_access: vec!["pub_key_1".to_string()], - ecdsa_config: None, chain_key_config: None, } ); diff --git a/rs/prep/src/subnet_configuration.rs b/rs/prep/src/subnet_configuration.rs index 6e518b7c4c9..40694517a16 100644 --- a/rs/prep/src/subnet_configuration.rs +++ b/rs/prep/src/subnet_configuration.rs @@ -314,7 +314,6 @@ impl SubnetConfig { max_number_of_canisters: self.max_number_of_canisters, ssh_readonly_access: self.ssh_readonly_access, ssh_backup_access: self.ssh_backup_access, - ecdsa_config: None, chain_key_config: self.chain_key_config, }; diff --git a/rs/protobuf/def/registry/subnet/v1/subnet.proto b/rs/protobuf/def/registry/subnet/v1/subnet.proto index 10ca593a4a1..34f59c3e892 100644 --- a/rs/protobuf/def/registry/subnet/v1/subnet.proto +++ b/rs/protobuf/def/registry/subnet/v1/subnet.proto @@ -61,13 +61,6 @@ message SubnetRecord { // to make sure the NNS can be backed up. repeated string ssh_backup_access = 26; - // ECDSA Config. This field cannot be set back to `None` once it has been set - // to `Some`. To remove a key, the list of `key_ids` can be set to not include a particular key. - // If a removed key is not held by another subnet, it will be lost. - // - // Deprecated; please use chain_key_config instead. - EcdsaConfig ecdsa_config = 27; - // If `true`, the subnet will be halted after reaching the next cup height: it will no longer // create or execute blocks. // @@ -81,7 +74,7 @@ message SubnetRecord { // key. If the removed key is not held by another subnet, it will be lost. optional ChainKeyConfig chain_key_config = 29; - reserved 1, 2, 4, 6, 13, 20, 21, 22; + reserved 1, 2, 4, 6, 13, 20, 21, 22, 27; reserved "ic_version_id"; reserved "initial_dkg_transcript"; reserved "ingress_bytes_per_block_soft_cap"; @@ -89,6 +82,7 @@ message SubnetRecord { reserved "max_instructions_per_message"; reserved "max_instructions_per_round"; reserved "max_instructions_per_install_code"; + reserved "ecdsa_config"; } message EcdsaInitialization { diff --git a/rs/protobuf/src/gen/registry/registry.subnet.v1.rs b/rs/protobuf/src/gen/registry/registry.subnet.v1.rs index a52519c9d03..1417471d947 100644 --- a/rs/protobuf/src/gen/registry/registry.subnet.v1.rs +++ b/rs/protobuf/src/gen/registry/registry.subnet.v1.rs @@ -57,13 +57,6 @@ pub struct SubnetRecord { /// to make sure the NNS can be backed up. #[prost(string, repeated, tag = "26")] pub ssh_backup_access: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, - /// ECDSA Config. This field cannot be set back to `None` once it has been set - /// to `Some`. To remove a key, the list of `key_ids` can be set to not include a particular key. - /// If a removed key is not held by another subnet, it will be lost. - /// - /// Deprecated; please use chain_key_config instead. - #[prost(message, optional, tag = "27")] - pub ecdsa_config: ::core::option::Option, /// If `true`, the subnet will be halted after reaching the next cup height: it will no longer /// create or execute blocks. /// diff --git a/rs/protobuf/src/gen/state/registry.subnet.v1.rs b/rs/protobuf/src/gen/state/registry.subnet.v1.rs index 2481c2220fb..7ffa61be0f6 100644 --- a/rs/protobuf/src/gen/state/registry.subnet.v1.rs +++ b/rs/protobuf/src/gen/state/registry.subnet.v1.rs @@ -57,13 +57,6 @@ pub struct SubnetRecord { /// to make sure the NNS can be backed up. #[prost(string, repeated, tag = "26")] pub ssh_backup_access: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, - /// ECDSA Config. This field cannot be set back to `None` once it has been set - /// to `Some`. To remove a key, the list of `key_ids` can be set to not include a particular key. - /// If a removed key is not held by another subnet, it will be lost. - /// - /// Deprecated; please use chain_key_config instead. - #[prost(message, optional, tag = "27")] - pub ecdsa_config: ::core::option::Option, /// If `true`, the subnet will be halted after reaching the next cup height: it will no longer /// create or execute blocks. /// diff --git a/rs/protobuf/src/gen/types/registry.subnet.v1.rs b/rs/protobuf/src/gen/types/registry.subnet.v1.rs index 2481c2220fb..7ffa61be0f6 100644 --- a/rs/protobuf/src/gen/types/registry.subnet.v1.rs +++ b/rs/protobuf/src/gen/types/registry.subnet.v1.rs @@ -57,13 +57,6 @@ pub struct SubnetRecord { /// to make sure the NNS can be backed up. #[prost(string, repeated, tag = "26")] pub ssh_backup_access: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, - /// ECDSA Config. This field cannot be set back to `None` once it has been set - /// to `Some`. To remove a key, the list of `key_ids` can be set to not include a particular key. - /// If a removed key is not held by another subnet, it will be lost. - /// - /// Deprecated; please use chain_key_config instead. - #[prost(message, optional, tag = "27")] - pub ecdsa_config: ::core::option::Option, /// If `true`, the subnet will be halted after reaching the next cup height: it will no longer /// create or execute blocks. /// diff --git a/rs/registry/admin/src/create_subnet.rs b/rs/registry/admin/src/create_subnet.rs index 8ff058d9a93..03ab8c0a00c 100644 --- a/rs/registry/admin/src/create_subnet.rs +++ b/rs/registry/admin/src/create_subnet.rs @@ -285,7 +285,6 @@ impl ProposeToCreateSubnetCmd { chain_key_config, // Deprecated fields. - ecdsa_config: None, ingress_bytes_per_block_soft_cap: Default::default(), gossip_max_artifact_streams_per_peer: Default::default(), gossip_max_chunk_wait_ms: Default::default(), diff --git a/rs/registry/admin/src/recover_subnet.rs b/rs/registry/admin/src/recover_subnet.rs index e9cae5e5773..6eb2fd4f2a0 100644 --- a/rs/registry/admin/src/recover_subnet.rs +++ b/rs/registry/admin/src/recover_subnet.rs @@ -203,9 +203,6 @@ impl ProposeToUpdateRecoveryCupCmd { replacement_nodes, registry_store_uri, chain_key_config, - - // Deprecated fields - ecdsa_config: None, } } } @@ -242,7 +239,6 @@ mod tests { .unwrap_or_else(|err| panic!("Invalid state hash: {}", err)), replacement_nodes: None, registry_store_uri: None, - ecdsa_config: None, chain_key_config: None, } } diff --git a/rs/registry/admin/src/update_subnet.rs b/rs/registry/admin/src/update_subnet.rs index b4fdc096f36..0eff0559601 100644 --- a/rs/registry/admin/src/update_subnet.rs +++ b/rs/registry/admin/src/update_subnet.rs @@ -323,9 +323,6 @@ impl ProposeToUpdateSubnetCmd { chain_key_signing_disable, // Deprecated fields - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_artifact_streams_per_peer: None, max_chunk_wait_ms: None, max_duplicity: None, @@ -381,9 +378,6 @@ mod tests { is_halted: None, halt_at_cup_height: None, features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: None, ssh_readonly_access: None, ssh_backup_access: None, diff --git a/rs/registry/canister/canister/registry.did b/rs/registry/canister/canister/registry.did index cd059d0ba1f..b85905843de 100644 --- a/rs/registry/canister/canister/registry.did +++ b/rs/registry/canister/canister/registry.did @@ -80,7 +80,6 @@ type CreateSubnetPayload = record { gossip_pfn_evaluation_period_ms : nat32; max_ingress_messages_per_block : nat64; max_number_of_canisters : nat64; - ecdsa_config : opt EcdsaInitialConfig; chain_key_config : opt InitialChainKeyConfig; gossip_max_artifact_streams_per_peer : nat32; replica_version_id : text; @@ -255,7 +254,6 @@ type RecoverSubnetPayload = record { replacement_nodes : opt vec principal; subnet_id : principal; registry_store_uri : opt record { text; text; nat64 }; - ecdsa_config : opt EcdsaInitialConfig; chain_key_config : opt InitialChainKeyConfig; state_hash : blob; time_ns : nat64; @@ -423,9 +421,6 @@ type UpdateSubnetPayload = record { chain_key_config : opt ChainKeyConfig; chain_key_signing_enable : opt vec MasterPublicKeyId; chain_key_signing_disable : opt vec MasterPublicKeyId; - ecdsa_config : opt EcdsaConfig; - ecdsa_key_signing_enable : opt vec EcdsaKeyId; - ecdsa_key_signing_disable : opt vec EcdsaKeyId; }; type ChainKeyConfig = record { diff --git a/rs/registry/canister/src/invariants/crypto/tests.rs b/rs/registry/canister/src/invariants/crypto/tests.rs index 876f1631ec7..411ac6b0767 100644 --- a/rs/registry/canister/src/invariants/crypto/tests.rs +++ b/rs/registry/canister/src/invariants/crypto/tests.rs @@ -1020,11 +1020,11 @@ mod ecdsa_signing_subnet_lists { max_queue_size: Default::default(), }) .collect(); - let ecdsa_config = ChainKeyConfig { + let chain_key_config = ChainKeyConfig { key_configs, ..Default::default() }; - Some(ChainKeyConfigPb::from(ecdsa_config)) + Some(ChainKeyConfigPb::from(chain_key_config)) } else { None }; diff --git a/rs/registry/canister/src/mutations/do_create_subnet.rs b/rs/registry/canister/src/mutations/do_create_subnet.rs index be4900b68a9..ad974c9ad45 100644 --- a/rs/registry/canister/src/mutations/do_create_subnet.rs +++ b/rs/registry/canister/src/mutations/do_create_subnet.rs @@ -179,11 +179,6 @@ impl Registry { /// Ensures that a valid `subnet_id` is specified for `KeyConfigRequest`s. /// Ensures that master public keys (a) exist and (b) are present on the requested subnet. fn validate_create_subnet_payload(&self, payload: &CreateSubnetPayload) { - assert_eq!( - payload.ecdsa_config, None, - "Field ecdsa_config is deprecated. Please use chain_key_config instead.", - ); - // Verify that all Nodes exist payload.node_ids.iter().for_each(|node_id| { match self.get( @@ -285,9 +280,6 @@ pub struct CreateSubnetPayload { pub ssh_readonly_access: Vec, pub ssh_backup_access: Vec, - // Obsolete. Please use `chain_key_config` instead. - pub ecdsa_config: Option, - pub chain_key_config: Option, // TODO(NNS1-2444): The fields below are deprecated and they are not read anywhere. @@ -524,7 +516,6 @@ impl From for SubnetRecord { .expect("Invalid InitialChainKeyConfig") }) .map(ChainKeyConfigPb::from), - ecdsa_config: None, // obsolete (chain_key_config is used instead now) } } } diff --git a/rs/registry/canister/src/mutations/do_recover_subnet.rs b/rs/registry/canister/src/mutations/do_recover_subnet.rs index 94bcdb48e97..d7a30a5ffff 100644 --- a/rs/registry/canister/src/mutations/do_recover_subnet.rs +++ b/rs/registry/canister/src/mutations/do_recover_subnet.rs @@ -8,7 +8,6 @@ use crate::chain_key::{InitialChainKeyConfigInternal, KeyConfigRequestInternal}; use crate::{ common::LOG_PREFIX, - mutations::do_create_subnet::EcdsaInitialConfig, registry::{Registry, Version}, }; use candid::{CandidType, Deserialize, Encode}; @@ -225,11 +224,6 @@ impl Registry { /// This is similar to validation in do_create_subnet except for constraints to avoid requesting /// keys from the subnet. fn validate_recover_subnet_payload(&self, payload: &RecoverSubnetPayload) { - assert_eq!( - payload.ecdsa_config, None, - "Field ecdsa_config is deprecated. Please use chain_key_config instead.", - ); - let Some(initial_chain_key_config) = &payload.chain_key_config else { return; // Nothing to do. }; @@ -271,9 +265,6 @@ pub struct RecoverSubnetPayload { /// downloaded pub registry_store_uri: Option<(String, String, u64)>, - /// Obsolete. Please use `chain_key_config` instead. - pub ecdsa_config: Option, - /// Chain key configuration must be specified if keys will be recovered to this subnet. /// Any keys that this subnet could sign for will immediately be available to sign with. /// Any new keys will not. @@ -512,7 +503,6 @@ mod test { state_hash: vec![], replacement_nodes: None, registry_store_uri: None, - ecdsa_config: None, chain_key_config: None, } } diff --git a/rs/registry/canister/src/mutations/do_update_subnet.rs b/rs/registry/canister/src/mutations/do_update_subnet.rs index d4bcaf4e608..21a43ca7e0b 100644 --- a/rs/registry/canister/src/mutations/do_update_subnet.rs +++ b/rs/registry/canister/src/mutations/do_update_subnet.rs @@ -2,14 +2,13 @@ use crate::{common::LOG_PREFIX, mutations::common::has_duplicates, registry::Reg use candid::{CandidType, Deserialize}; use dfn_core::println; use ic_base_types::{subnet_id_into_protobuf, SubnetId}; -use ic_management_canister_types::{EcdsaKeyId, MasterPublicKeyId}; +use ic_management_canister_types::MasterPublicKeyId; use ic_protobuf::registry::subnet::v1::{ SubnetFeatures as SubnetFeaturesPb, SubnetRecord as SubnetRecordPb, }; use ic_registry_keys::{make_chain_key_signing_subnet_list_key, make_subnet_record_key}; use ic_registry_subnet_features::{ - ChainKeyConfig as ChainKeyConfigInternal, EcdsaConfig, KeyConfig as KeyConfigInternal, - SubnetFeatures, + ChainKeyConfig as ChainKeyConfigInternal, KeyConfig as KeyConfigInternal, SubnetFeatures, }; use ic_registry_subnet_type::SubnetType; use ic_registry_transport::{pb::v1::RegistryMutation, upsert}; @@ -25,12 +24,6 @@ impl Registry { pub fn do_update_subnet(&mut self, payload: UpdateSubnetPayload) { println!("{}do_update_subnet: {:?}", LOG_PREFIX, payload); - assert_eq!( - payload.ecdsa_key_signing_enable, - None, - "Fields ecdsa_key_signing_{{en,dis}}able are deprecated. Please use chain_key_signing_{{en,dis}}able instead.", - ); - self.validate_update_payload_chain_key_config(&payload); self.validate_update_sev_feature(&payload); @@ -71,17 +64,6 @@ impl Registry { fn validate_update_payload_chain_key_config(&self, payload: &UpdateSubnetPayload) { let subnet_id = payload.subnet_id; - assert_eq!( - payload.ecdsa_key_signing_enable, - None, - "Fields ecdsa_key_signing_{{en,dis}}able are deprecated. Please use chain_key_signing_{{en,dis}}able instead.", - ); - - assert_eq!( - payload.ecdsa_config, None, - "Field ecdsa_config is deprecated. Please use chain_key_config instead.", - ); - let payload_chain_key_config = payload.chain_key_config.clone().map(|chain_key_config| { ChainKeyConfigInternal::try_from(chain_key_config).unwrap_or_else(|err| { panic!( @@ -258,14 +240,6 @@ pub struct UpdateSubnetPayload { pub features: Option, - /// The following three ecdsa_* fields will soon be deprecated and replaced with chain_* fields. - /// This defines keys held by the subnet, - pub ecdsa_config: Option, - /// This enables signing for keys the subnet holds, which is not held in the SubnetRecord - pub ecdsa_key_signing_enable: Option>, - /// This disables signing for keys the subnet holds, which is not held in the SubnetRecord - pub ecdsa_key_signing_disable: Option>, - pub chain_key_config: Option, pub chain_key_signing_enable: Option>, pub chain_key_signing_disable: Option>, @@ -459,10 +433,7 @@ fn merge_subnet_record( is_halted, halt_at_cup_height, features, - ecdsa_config, chain_key_config, - ecdsa_key_signing_enable: _, - ecdsa_key_signing_disable: _, chain_key_signing_enable: _, chain_key_signing_disable: _, max_number_of_canisters, @@ -552,9 +523,6 @@ mod tests { is_halted: None, halt_at_cup_height: None, features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: None, ssh_readonly_access: None, ssh_backup_access: None, @@ -595,7 +563,6 @@ mod tests { ssh_readonly_access: vec![], ssh_backup_access: vec![], chain_key_config: None, - ecdsa_config: None, }; let key_id = EcdsaKeyId { @@ -638,9 +605,6 @@ mod tests { } .into(), ), - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: Some(10), ssh_readonly_access: Some(vec!["pub_key_0".to_string()]), ssh_backup_access: Some(vec!["pub_key_1".to_string()]), @@ -686,7 +650,6 @@ mod tests { chain_key_config: Some(ChainKeyConfigPb::from( ChainKeyConfigInternal::try_from(chain_key_config).unwrap() )), - ecdsa_config: None, // obsolete (chain_key_config is used instead now) max_number_of_canisters: 10, ssh_readonly_access: vec!["pub_key_0".to_string()], ssh_backup_access: vec!["pub_key_1".to_string()], @@ -714,7 +677,6 @@ mod tests { max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, }; @@ -737,9 +699,6 @@ mod tests { is_halted: None, halt_at_cup_height: Some(true), features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: Some(50), ssh_readonly_access: None, ssh_backup_access: None, @@ -777,7 +736,6 @@ mod tests { max_number_of_canisters: 50, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, } ); diff --git a/rs/registry/canister/tests/create_subnet.rs b/rs/registry/canister/tests/create_subnet.rs index db70b22dc4a..2b9b117667d 100644 --- a/rs/registry/canister/tests/create_subnet.rs +++ b/rs/registry/canister/tests/create_subnet.rs @@ -392,7 +392,6 @@ fn make_create_subnet_payload(node_ids: Vec) -> CreateSubnetPayload { max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, // Unused section follows ingress_bytes_per_block_soft_cap: Default::default(), diff --git a/rs/registry/canister/tests/recover_subnet.rs b/rs/registry/canister/tests/recover_subnet.rs index 8c7788dd998..d4b182d23b6 100644 --- a/rs/registry/canister/tests/recover_subnet.rs +++ b/rs/registry/canister/tests/recover_subnet.rs @@ -164,7 +164,6 @@ fn test_recover_subnet_with_replacement_nodes() { state_hash: vec![10, 20, 30], replacement_nodes: Some(unassigned_node_ids.clone()), registry_store_uri: None, - ecdsa_config: None, chain_key_config: None, }; @@ -371,7 +370,6 @@ fn test_recover_subnet_gets_chain_keys_when_needed(key_id: MasterPublicKeyId) { state_hash: vec![10, 20, 30], replacement_nodes: None, registry_store_uri: None, - ecdsa_config: None, // deprecated chain_key_config: Some(InitialChainKeyConfig { key_configs: vec![KeyConfigRequest { key_config: Some(KeyConfig { @@ -609,7 +607,6 @@ fn test_recover_subnet_without_chain_key_removes_it_from_signing_list(key_id: Ma signature_request_timeout_ns, idkg_key_rotation_period_ms, }), - ecdsa_config: None, // deprecated }; // When we recover a subnet with specified ecdsa_keys @@ -766,7 +763,6 @@ fn test_recover_subnet_resets_the_halt_at_cup_height_flag() { state_hash: vec![10, 20, 30], replacement_nodes: None, registry_store_uri: None, - ecdsa_config: None, chain_key_config: None, }; @@ -1067,7 +1063,6 @@ fn test_recover_subnet_resets_cup_contents() { state_hash: vec![10, 20, 30], replacement_nodes: None, registry_store_uri: None, - ecdsa_config: None, // deprecated chain_key_config: Some(InitialChainKeyConfig { key_configs: vec![KeyConfigRequest { key_config: Some(KeyConfig { diff --git a/rs/registry/canister/tests/update_subnet.rs b/rs/registry/canister/tests/update_subnet.rs index dea72bdfdf2..a3a06be8ccb 100644 --- a/rs/registry/canister/tests/update_subnet.rs +++ b/rs/registry/canister/tests/update_subnet.rs @@ -67,9 +67,6 @@ fn test_the_anonymous_user_cannot_update_a_subnets_configuration() { is_halted: None, halt_at_cup_height: None, features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: Some(10), ssh_readonly_access: Some(vec!["pub_key_0".to_string()]), ssh_backup_access: Some(vec!["pub_key_1".to_string()]), @@ -151,7 +148,6 @@ fn test_a_canister_other_than_the_governance_canister_cannot_update_a_subnets_co max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, }; @@ -194,9 +190,6 @@ fn test_a_canister_other_than_the_governance_canister_cannot_update_a_subnets_co is_halted: None, halt_at_cup_height: None, features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: Some(100), ssh_readonly_access: None, ssh_backup_access: None, @@ -277,7 +270,6 @@ fn test_the_governance_canister_can_update_a_subnets_configuration() { max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, } .encode_to_vec(), @@ -312,9 +304,6 @@ fn test_the_governance_canister_can_update_a_subnets_configuration() { is_halted: Some(true), halt_at_cup_height: Some(true), features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, max_number_of_canisters: Some(42), ssh_readonly_access: Some(vec!["pub_key_0".to_string()]), ssh_backup_access: Some(vec!["pub_key_1".to_string()]), @@ -371,7 +360,6 @@ fn test_the_governance_canister_can_update_a_subnets_configuration() { max_number_of_canisters: 42, ssh_readonly_access: vec!["pub_key_0".to_string()], ssh_backup_access: vec!["pub_key_1".to_string()], - ecdsa_config: None, chain_key_config: None, } ); @@ -447,7 +435,6 @@ fn test_subnets_configuration_chain_key_fields_are_updated_correctly(key_id: Mas max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, }; @@ -590,7 +577,6 @@ fn test_subnets_configuration_chain_key_fields_are_updated_correctly(key_id: Mas subnet_record_1, SubnetRecord { chain_key_config: Some(expected_chain_key_config_pb), - ecdsa_config: None, // obsolete (chain_key_config is used instead now) ..initial_subnet_record } ); @@ -661,9 +647,6 @@ fn empty_update_subnet_payload(subnet_id: SubnetId) -> UpdateSubnetPayload { max_number_of_canisters: None, ssh_readonly_access: None, ssh_backup_access: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, chain_key_config: None, chain_key_signing_enable: None, chain_key_signing_disable: None, diff --git a/rs/test_utilities/registry/src/lib.rs b/rs/test_utilities/registry/src/lib.rs index 01604b08c28..33dd03500e0 100644 --- a/rs/test_utilities/registry/src/lib.rs +++ b/rs/test_utilities/registry/src/lib.rs @@ -214,7 +214,6 @@ pub fn test_subnet_record() -> SubnetRecord { max_number_of_canisters: 0, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, } } diff --git a/rs/tests/ckbtc/src/lib.rs b/rs/tests/ckbtc/src/lib.rs index fcb2483da45..18c2eea8954 100644 --- a/rs/tests/ckbtc/src/lib.rs +++ b/rs/tests/ckbtc/src/lib.rs @@ -306,9 +306,6 @@ fn empty_subnet_update() -> UpdateSubnetPayload { is_halted: None, halt_at_cup_height: None, features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, chain_key_config: None, chain_key_signing_disable: None, chain_key_signing_enable: None, diff --git a/rs/tests/consensus/tecdsa/utils/src/lib.rs b/rs/tests/consensus/tecdsa/utils/src/lib.rs index 6b8071ae0da..452213297ab 100644 --- a/rs/tests/consensus/tecdsa/utils/src/lib.rs +++ b/rs/tests/consensus/tecdsa/utils/src/lib.rs @@ -185,9 +185,6 @@ pub fn empty_subnet_update() -> UpdateSubnetPayload { is_halted: None, halt_at_cup_height: None, features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, chain_key_config: None, chain_key_signing_enable: None, chain_key_signing_disable: None, @@ -758,7 +755,6 @@ pub async fn create_new_subnet_with_keys( ssh_backup_access: vec![], chain_key_config: Some(chain_key_config), // Unused section follows - ecdsa_config: None, ingress_bytes_per_block_soft_cap: Default::default(), gossip_max_artifact_streams_per_peer: Default::default(), gossip_max_chunk_wait_ms: Default::default(), diff --git a/rs/tests/consensus/utils/src/ssh_access.rs b/rs/tests/consensus/utils/src/ssh_access.rs index 643230cdd6a..e0d826d1547 100644 --- a/rs/tests/consensus/utils/src/ssh_access.rs +++ b/rs/tests/consensus/utils/src/ssh_access.rs @@ -141,9 +141,6 @@ pub fn get_updatesubnetpayload_with_keys( is_halted: None, halt_at_cup_height: None, features: None, - ecdsa_config: None, - ecdsa_key_signing_enable: None, - ecdsa_key_signing_disable: None, chain_key_config: None, chain_key_signing_enable: None, chain_key_signing_disable: None, diff --git a/rs/tests/driver/src/nns.rs b/rs/tests/driver/src/nns.rs index 1b265a68373..c64e9805cf0 100644 --- a/rs/tests/driver/src/nns.rs +++ b/rs/tests/driver/src/nns.rs @@ -594,7 +594,6 @@ pub async fn submit_create_application_subnet_proposal( max_number_of_canisters: 4, ssh_readonly_access: vec![], ssh_backup_access: vec![], - ecdsa_config: None, chain_key_config: None, // Unused section follows ingress_bytes_per_block_soft_cap: Default::default(),