Recording on Youtube: https://youtu.be/R24-3iIau0g
Dial in Information is at: https://casperlabs.atlassian.net/wiki/spaces/REL/pages/136544674/Weekly%2BWorkshops%2BHome
Ledger Leap (Stefan & Thomas)
During this workshop, we will demonstrate CasperLabs' flexible multi-signature functionality within smart contracts. We will demonstrate the ‘threshold’ feature within an account, and how keys with sufficient weight can sign a deploy to meet a threshold, and how other keys lack the necessary weight to meet the threshold. Time permitting, we will update the authority of keys provided during the call to enable that key to sign the deployment.
Demonstrate the capability of CasperLabs weighted keys
Install the client
Build the contracts
Deploy to your local network
Check the outcome of the transaction by using GraphQL
We will record the session.
Create some keys
View the default weights for the key.
Update the key weights using a deployment
View the weights.
Change the threshold of an account for key management and deploy management and observe the new thresholds
Observe how the heavy key can sign a deployment but a light key cannot.
Clone the repository on your machine
git clone -b dev https://github.com/CasperLabs/CasperLabs.git |
2. Install the CasperLabs client using brew, apt, docker or tarball ….
3. Compile contracts
cd execution-engine make setup make build-contracts |
4. Let’s look at the weight of Key1 - go to clarity.casperlabs.io and look at GraphQL
Let’s get the latest block:
query { dagSlice(depth: 1) { blockHash } } |
Now - let’s open a new tab in GraphQL and lets examine the account associated with Key1 : Use Graph QL to see the keys associated with the contract. Obtain your Hex key and replace it in keyBase16 - and the latest block hash in ‘blockHashBase16Prefix’ and then run this graphQL query.
query { globalState( blockHashBase16Prefix: "The latest block hash" StateQueries: [ { keyType: Address keyBase16: "Your Hex Key" pathSegments: [] } ] ) { value { __typename ... on Account { pubKey associatedKeys { pubKey weight } actionThreshold { deploymentThreshold keyManagementThreshold } } } } } |
You should see a result that looks like this:
{ "data": { "globalState": [ { "value": { "__typename": "Account", "pubKey": "3eaaf54978990c040150bf3b98e0128a3aab24d1bb1b484956678673531387fe", "associatedKeys": [ { "pubKey": "3eaaf54978990c040150bf3b98e0128a3aab24d1bb1b484956678673531387fe", "weight": 1 } ], "actionThreshold": { "deploymentThreshold": 1, "keyManagementThreshold": 1 } } } ] } } |
5. Now we will add a new key with weight of 5 to this account.
Export the session arguments (this simplifies the deploy command)
export NEW_WEIGHT=5 export NEW_KEY_HEX=publickey2 export ARGS="[\ {\"name\": \"method\", \"value\": {\"string_value\": \"set_key_weight\"}}, \ {\"name\": \"target-account\", \"value\": {\"bytes_value\": \"${NEW_KEY_HEX}\"}}, \ {\"name\": \"weight\", \"value\": {\"bytes_value\": \"${NEW_WEIGHT}\"}} \ ]" |
Send the deployment
casperlabs-client --host deploy.casperlabs.io deploy --session [path to wasm file keys_manager.wasm] --session-args "${ARGS}" --payment-amount 10000000 --private-key [path to your private key1] |
(the path for the contract under CasperLabs is ‘execution-engine/target/wasm32-unknown-unknown/release/keys_manager.wasm’)
Confirm that the deploy succeeded.
6. Let’s look at the key weights again:
We should see a weight of 5 for the weight on the new key2 that we just added.
Repeat the GraphQL query - and observe a different weight for the key.
7. Now we will update the thresholds for the account of Key1. NOTE: the key_management threshold must be equal or greater to the deployment_threshold. This is a safety measure which prevents the account from being locked out.
export METHOD="set_key_management_threshold" export NEW_THRESHOLD=2 export TARGS="[\ {\"name\": \"method\", \"value\": {\"string_value\": \"${METHOD}\"}}, \ {\"name\": \"weight\", \"value\": {\"bytes_value\": \"${NEW_THRESHOLD}\"}} \ ]" |
Run the deployment:
casperlabs-client --host deploy.casperlabs.io deploy --session [path to wasm file keys_manager.wasm] --session-args "${TARGS}" --payment-amount 10000000 --private-key [path to your private key1] |
Confirm the deploy worked.
Check the values in GraphQL - you should see a new key management threshold.
8. Now update the deployment thresholds for the account. This will authorize only key2 to perform the token transfer.
export METHOD="set_deployment_threshold" export NEW_THRESHOLD=2 export TARGS="[\ {\"name\": \"method\", \"value\": {\"string_value\": \"${METHOD}\"}}, \ {\"name\": \"weight\", \"value\": {\"bytes_value\": \"${NEW_THRESHOLD}\"}} \ ]" |
Repeat the GraphQL queries by getting the latest block hash.
casperlabs-client --host deploy.casperlabs.io deploy --session [path to wasm file keys_manager.wasm] --session-args "${TARGS}" --payment-amount 10000000 --from "public key1" --private-key [path to your private key2] |
Upon completing this deployment, Key1 will not be authorized to sign a token transfer.
Let’s export our arguments for the token transfer.
export TO_HEX="base16-of-key3" export AMOUNT="56" export TXARGS="[\ {\"name\": \"target-account\", \"value\": {\"bytes_value\": \"${TO_HEX}\"}}, \ {\"name\": \"amount\", \"value\": {\"long_value\": \"${AMOUNT}\"}} \ ]" |
Now let’s attempt a token transfer. We will sign this deployment with Key 1 -it should fail. NOTE: The user does not receive a message that the deployment failed. Nothing happens.
casperlabs-client --host deploy.casperlabs.io deploy --session [path to wasm file transfer_to_account.wasm] --session-args "${TXARGS}" --payment-amount 10000000 --private-key [path to your private key1] --from [base16 public key for (key1)] |
You can confirm this by checking the status of the deploy using the client:
casperlabs-client --host deploy.casperlabs.io show-deploy [deploy hash] |
Repeat the process with the higher weight key - key 2
casperlabs-client --host deploy.casperlabs.io deploy --session [path to wasm file transfer_to_account.wasm] --session-args "${TXARGS}" --payment-amount 10000000 --private-key [path to your private key2] --from [base16 public key for (key1)] |
Observe that the token transfer succeeds and token lands in the account3 balance.
CasperLabs Client 0.11.0 (5777274434bf8cb676c43b0a0ca28f4e015c683e)
Deployed to DevNet
Key weights work with thresholds. Any number of authorized keys can be used in combination to sign a deployment to meet a deploy threshold.
The key_management threshold must be equal or greater to the deployment_threshold. This is a safety measure which prevents the account from being locked out.
If the keys signing a deployment lack the sufficient weight to meet the threshold, the deployment fails to run on the node. Users do not get an error message about this. They observe that the transaction never appears in a block.
Title | Description | Notes |
---|---|---|
Verify pre-requisites | Check that everyone has managed to get through the setup. | Does everyone have keys in Clarity? Has everyone cloned the repository and built the contracts? Does everyone have the client installed? What is the version number for the Client? |
If you want to unwind the change to the thresholds, just repeat the process and reset the weights back to the defaults.
You can also attempt to remove the associated key also if you wish, after you have reduced the deployment thresholds and key management thresholds.
Go to Discord- we will help you there: https://discord.gg/mpZ9AYD
We need to figure out how users can see that they hit an authorization error. No block is created, because the deploy isn’t authorized, and this presently only shows up on the server logs. App developers may need to check that they don’t send a deploy until the requisite key weights are in place.