Commit-Boost · ltitanb · Aug 19, 2025 · Apr 2, 2025 · May 5, 2025 · May 6, 2025
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -34,6 +34,7 @@ cb-signer = { path = "crates/signer" }
 cipher = "0.4"
 clap = { version = "4.5.4", features = ["derive", "env"] }
 color-eyre = "0.6.3"
+const_format = "0.2.34"
 ctr = "0.9.2"
 derive_more = { version = "2.0.1", features = ["deref", "display", "from", "into"] }
 docker-compose-types = "0.16.0"

diff --git a/api/signer-api.yml b/api/signer-api.yml
diff --git a/crates/common/Cargo.toml b/crates/common/Cargo.toml
@@ -15,6 +15,7 @@ bimap.workspace = true
 blst.workspace = true
 bytes.workspace = true
 cipher.workspace = true
+const_format.workspace = true
 ctr.workspace = true
 derive_more.workspace = true
 docker-image.workspace = true

diff --git a/crates/common/src/commit/client.rs b/crates/common/src/commit/client.rs
@@ -1,22 +1,29 @@
 use std::time::{Duration, Instant};
 
-use alloy::{primitives::Address, rpc::types::beacon::BlsSignature};
+use alloy::primitives::Address;
 use eyre::WrapErr;
 use reqwest::header::{HeaderMap, HeaderValue, AUTHORIZATION};
-use serde::Deserialize;
+use serde::{Deserialize, Serialize};
 use url::Url;
 
 use super::{
-    constants::{GENERATE_PROXY_KEY_PATH, GET_PUBKEYS_PATH, REQUEST_SIGNATURE_PATH},
+    constants::{GENERATE_PROXY_KEY_PATH, GET_PUBKEYS_PATH},
     error::SignerClientError,
     request::{
         EncryptionScheme, GenerateProxyRequest, GetPubkeysResponse, ProxyId, SignConsensusRequest,
-        SignProxyRequest, SignRequest, SignedProxyDelegation,
+        SignProxyRequest, SignedProxyDelegation,
     },
 };
 use crate::{
+    commit::{
+        constants::{
+            REQUEST_SIGNATURE_BLS_PATH, REQUEST_SIGNATURE_PROXY_BLS_PATH,
+            REQUEST_SIGNATURE_PROXY_ECDSA_PATH,
+        },
+        response::{BlsSignResponse, EcdsaSignResponse},
+    },
     constants::SIGNER_JWT_EXPIRATION,
-    signer::{BlsPublicKey, EcdsaSignature},
+    signer::BlsPublicKey,
     types::{Jwt, ModuleId},
     utils::create_jwt,
     DEFAULT_REQUEST_TIMEOUT,
@@ -99,13 +106,18 @@ impl SignerClient {
     }
 
     /// Send a signature request
-    async fn request_signature<T>(&mut self, request: &SignRequest) -> Result<T, SignerClientError>
+    async fn request_signature<Q, T>(
+        &mut self,
+        route: &str,
+        request: &Q,
+    ) -> Result<T, SignerClientError>
     where
+        Q: Serialize,
         T: for<'de> Deserialize<'de>,
     {
         self.refresh_jwt()?;
 
-        let url = self.url.join(REQUEST_SIGNATURE_PATH)?;
+        let url = self.url.join(route)?;
         let res = self.client.post(url).json(&request).send().await?;
 
         let status = res.status();
@@ -126,22 +138,22 @@ impl SignerClient {
     pub async fn request_consensus_signature(
         &mut self,
         request: SignConsensusRequest,
-    ) -> Result<BlsSignature, SignerClientError> {
-        self.request_signature(&request.into()).await
+    ) -> Result<BlsSignResponse, SignerClientError> {
+        self.request_signature(REQUEST_SIGNATURE_BLS_PATH, &request).await
     }
 
     pub async fn request_proxy_signature_ecdsa(
         &mut self,
         request: SignProxyRequest<Address>,
-    ) -> Result<EcdsaSignature, SignerClientError> {
-        self.request_signature(&request.into()).await
+    ) -> Result<EcdsaSignResponse, SignerClientError> {
+        self.request_signature(REQUEST_SIGNATURE_PROXY_ECDSA_PATH, &request).await
     }
 
     pub async fn request_proxy_signature_bls(
         &mut self,
         request: SignProxyRequest<BlsPublicKey>,
-    ) -> Result<BlsSignature, SignerClientError> {
-        self.request_signature(&request.into()).await
+    ) -> Result<BlsSignResponse, SignerClientError> {
+        self.request_signature(REQUEST_SIGNATURE_PROXY_BLS_PATH, &request).await
     }
 
     async fn generate_proxy_key<T>(

diff --git a/crates/common/src/commit/constants.rs b/crates/common/src/commit/constants.rs
@@ -1,5 +1,12 @@
+use const_format::concatcp;
+
 pub const GET_PUBKEYS_PATH: &str = "/signer/v1/get_pubkeys";
-pub const REQUEST_SIGNATURE_PATH: &str = "/signer/v1/request_signature";
+pub const REQUEST_SIGNATURE_BASE_PATH: &str = "/signer/v1/request_signature";
+pub const REQUEST_SIGNATURE_BLS_PATH: &str = concatcp!(REQUEST_SIGNATURE_BASE_PATH, "/bls");
+pub const REQUEST_SIGNATURE_PROXY_BLS_PATH: &str =
+    concatcp!(REQUEST_SIGNATURE_BASE_PATH, "/proxy-bls");
+pub const REQUEST_SIGNATURE_PROXY_ECDSA_PATH: &str =
+    concatcp!(REQUEST_SIGNATURE_BASE_PATH, "/proxy-ecdsa");
 pub const GENERATE_PROXY_KEY_PATH: &str = "/signer/v1/generate_proxy_key";
 pub const STATUS_PATH: &str = "/status";
 pub const RELOAD_PATH: &str = "/reload";

diff --git a/crates/common/src/commit/mod.rs b/crates/common/src/commit/mod.rs
@@ -2,3 +2,4 @@ pub mod client;
 pub mod constants;
 pub mod error;
 pub mod request;
+pub mod response;
diff --git a/crates/common/src/commit/request.rs b/crates/common/src/commit/request.rs
@@ -9,7 +9,6 @@ use alloy::{
     primitives::{aliases::B32, Address, B256},
     rpc::types::beacon::BlsSignature,
 };
-use derive_more::derive::From;
 use serde::{Deserialize, Deserializer, Serialize};
 use tree_hash::TreeHash;
 use tree_hash_derive::TreeHash;
@@ -74,40 +73,6 @@ impl<T: ProxyId> fmt::Display for SignedProxyDelegation<T> {
     }
 }
 
-// TODO(David): This struct shouldn't be visible to module authors
-#[derive(Debug, Clone, Serialize, Deserialize, From)]
-#[serde(tag = "type", rename_all = "snake_case")]
-pub enum SignRequest {
-    Consensus(SignConsensusRequest),
-    ProxyBls(SignProxyRequest<BlsPublicKey>),
-    ProxyEcdsa(SignProxyRequest<Address>),
-}
-
-impl Display for SignRequest {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        match self {
-            SignRequest::Consensus(req) => write!(
-                f,
-                "Consensus(pubkey: {}, object_root: {})",
-                req.pubkey,
-                hex::encode_prefixed(req.object_root)
-            ),
-            SignRequest::ProxyBls(req) => write!(
-                f,
-                "BLS(proxy: {}, object_root: {})",
-                req.proxy,
-                hex::encode_prefixed(req.object_root)
-            ),
-            SignRequest::ProxyEcdsa(req) => write!(
-                f,
-                "ECDSA(proxy: {}, object_root: {})",
-                req.proxy,
-                hex::encode_prefixed(req.object_root)
-            ),
-        }
-    }
-}
-
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct SignConsensusRequest {
     pub pubkey: BlsPublicKey,
@@ -132,6 +97,17 @@ impl SignConsensusRequest {
     }
 }
 
+impl Display for SignConsensusRequest {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(
+            f,
+            "Consensus(pubkey: {}, object_root: {})",
+            self.pubkey,
+            hex::encode_prefixed(self.object_root)
+        )
+    }
+}
+
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct SignProxyRequest<T: ProxyId> {
     pub proxy: T,
@@ -156,6 +132,28 @@ impl<T: ProxyId> SignProxyRequest<T> {
     }
 }
 
+impl Display for SignProxyRequest<BlsPublicKey> {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(
+            f,
+            "BLS(proxy: {}, object_root: {})",
+            self.proxy,
+            hex::encode_prefixed(self.object_root)
+        )
+    }
+}
+
+impl Display for SignProxyRequest<Address> {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(
+            f,
+            "ECDSA(proxy: {}, object_root: {})",
+            self.proxy,
+            hex::encode_prefixed(self.object_root)
+        )
+    }
+}
+
 #[derive(Debug, Clone, Copy, Serialize, Deserialize)]
 pub enum EncryptionScheme {
     #[serde(rename = "bls")]
@@ -249,36 +247,6 @@ mod tests {
     use super::*;
     use crate::signer::EcdsaSignature;
 
-    #[test]
-    fn test_decode_request_signature() {
-        let data = r#"{
-            "type": "consensus",
-            "pubkey": "0xa3366b54f28e4bf1461926a3c70cdb0ec432b5c92554ecaae3742d33fb33873990cbed1761c68020e6d3c14d30a22050",
-            "object_root": "0x5c89913beafa0472168e0ec05e349b4ceb9985d25ab9fa8de53a60208c85b3a5"
-        }"#;
-
-        let request: SignRequest = serde_json::from_str(data).unwrap();
-        assert!(matches!(request, SignRequest::Consensus(..)));
-
-        let data = r#"{
-            "type": "proxy_bls",
-            "proxy": "0xa3366b54f28e4bf1461926a3c70cdb0ec432b5c92554ecaae3742d33fb33873990cbed1761c68020e6d3c14d30a22050",
-            "object_root": "0x5c89913beafa0472168e0ec05e349b4ceb9985d25ab9fa8de53a60208c85b3a5"
-        }"#;
-
-        let request: SignRequest = serde_json::from_str(data).unwrap();
-        assert!(matches!(request, SignRequest::ProxyBls(..)));
-
-        let data = r#"{
-            "type": "proxy_ecdsa",
-            "proxy": "0x4ca9939a8311a7cab3dde201b70157285fa81a9d",
-            "object_root": "0x5c89913beafa0472168e0ec05e349b4ceb9985d25ab9fa8de53a60208c85b3a5"
-        }"#;
-
-        let request: SignRequest = serde_json::from_str(data).unwrap();
-        assert!(matches!(request, SignRequest::ProxyEcdsa(..)));
-    }
-
     #[test]
     fn test_decode_response_signature() {
         let data = r#""0xa3ffa9241f78279f1af04644cb8c79c2d8f02bcf0e28e2f186f6dcccac0a869c2be441fda50f0dea895cfce2e53f0989a3ffa9241f78279f1af04644cb8c79c2d8f02bcf0e28e2f186f6dcccac0a869c2be441fda50f0dea895cfce2e53f0989""#;

diff --git a/crates/common/src/commit/response.rs b/crates/common/src/commit/response.rs
@@ -0,0 +1,45 @@
+use alloy::{
+    primitives::{Address, B256},
+    rpc::types::beacon::BlsSignature,
+};
+use serde::{Deserialize, Serialize};
+
+use crate::signer::{BlsPublicKey, EcdsaSignature};
+
+#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
+pub struct BlsSignResponse {
+    pub pubkey: BlsPublicKey,
+    pub object_root: B256,
+    pub module_signing_id: B256,
+    pub signature: BlsSignature,
+}
+
+impl BlsSignResponse {
+    pub fn new(
+        pubkey: BlsPublicKey,
+        object_root: B256,
+        module_signing_id: B256,
+        signature: BlsSignature,
+    ) -> Self {
+        Self { pubkey, object_root, module_signing_id, signature }
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
+pub struct EcdsaSignResponse {
+    pub address: Address,
+    pub object_root: B256,
+    pub module_signing_id: B256,
+    pub signature: EcdsaSignature,
+}
+
+impl EcdsaSignResponse {
+    pub fn new(
+        address: Address,
+        object_root: B256,
+        module_signing_id: B256,
+        signature: EcdsaSignature,
+    ) -> Self {
+        Self { address, object_root, module_signing_id, signature }
+    }
+}
diff --git a/crates/signer/src/constants.rs b/crates/signer/src/constants.rs
@@ -1,3 +1,5 @@
 pub const GET_PUBKEYS_ENDPOINT_TAG: &str = "get_pubkeys";
 pub const GENERATE_PROXY_KEY_ENDPOINT_TAG: &str = "generate_proxy_key";
-pub const REQUEST_SIGNATURE_ENDPOINT_TAG: &str = "request_signature";
+pub const REQUEST_SIGNATURE_BLS_ENDPOINT_TAG: &str = "request_signature_bls";
+pub const REQUEST_SIGNATURE_PROXY_BLS_ENDPOINT_TAG: &str = "request_signature_proxy_bls";
+pub const REQUEST_SIGNATURE_PROXY_ECDSA_ENDPOINT_TAG: &str = "request_signature_proxy_ecdsa";
diff --git a/crates/signer/src/metrics.rs b/crates/signer/src/metrics.rs
@@ -2,13 +2,15 @@
 
 use axum::http::Uri;
 use cb_common::commit::constants::{
-    GENERATE_PROXY_KEY_PATH, GET_PUBKEYS_PATH, REQUEST_SIGNATURE_PATH,
+    GENERATE_PROXY_KEY_PATH, GET_PUBKEYS_PATH, REQUEST_SIGNATURE_BLS_PATH,
+    REQUEST_SIGNATURE_PROXY_BLS_PATH, REQUEST_SIGNATURE_PROXY_ECDSA_PATH,
 };
 use lazy_static::lazy_static;
 use prometheus::{register_int_counter_vec_with_registry, IntCounterVec, Registry};
 
 use crate::constants::{
-    GENERATE_PROXY_KEY_ENDPOINT_TAG, GET_PUBKEYS_ENDPOINT_TAG, REQUEST_SIGNATURE_ENDPOINT_TAG,
+    GENERATE_PROXY_KEY_ENDPOINT_TAG, GET_PUBKEYS_ENDPOINT_TAG, REQUEST_SIGNATURE_BLS_ENDPOINT_TAG,
+    REQUEST_SIGNATURE_PROXY_BLS_ENDPOINT_TAG, REQUEST_SIGNATURE_PROXY_ECDSA_ENDPOINT_TAG,
 };
 
 lazy_static! {
@@ -28,7 +30,9 @@ pub fn uri_to_tag(uri: &Uri) -> &str {
     match uri.path() {
         GET_PUBKEYS_PATH => GET_PUBKEYS_ENDPOINT_TAG,
         GENERATE_PROXY_KEY_PATH => GENERATE_PROXY_KEY_ENDPOINT_TAG,
-        REQUEST_SIGNATURE_PATH => REQUEST_SIGNATURE_ENDPOINT_TAG,
+        REQUEST_SIGNATURE_BLS_PATH => REQUEST_SIGNATURE_BLS_ENDPOINT_TAG,
+        REQUEST_SIGNATURE_PROXY_BLS_PATH => REQUEST_SIGNATURE_PROXY_BLS_ENDPOINT_TAG,
+        REQUEST_SIGNATURE_PROXY_ECDSA_PATH => REQUEST_SIGNATURE_PROXY_ECDSA_ENDPOINT_TAG,
         _ => "unknown endpoint",
     }
 }