Skip to content

Upgrade VSS encryption and obfuscation scheme #627

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Upgrade VSS encryption and obfuscation scheme #627

wants to merge 3 commits into from

Conversation

tnull
Copy link
Collaborator

@tnull tnull commented Aug 22, 2025

Based on lightningdevkit/vss-rust-client#40

In this PR we'll fix minor issues with the data encryption and key obfuscation scheme currently employed by VssStore.

As these are breaking changes, we'll also include a migration procedure as part of this PR. Will be in draft until we have all parts ready.

@ldk-reviews-bot
Copy link

ldk-reviews-bot commented Aug 22, 2025
edited
Loading

👋 Hi! This PR is now in draft status.
I'll wait to assign reviewers until you mark it as ready for review.
Just convert it out of draft status when you're ready for review!

@tnull tnull marked this pull request as draft August 22, 2025 09:14
tnull added 3 commits August 22, 2025 11:53
@tnull
WIP: Bump vss-client dependency
0c61d67 
.. we bump the `vss-client` dependency.
@tnull
Supply data_decryption_key and aad for StorableBuilder
59651e8 
Previously, we the `vss-client` didn't allow to set `ChaCha20Poly1305RFC`'s `aad` field,
which had the `tag` not commit to any particular key. This would allow a
malicious VSS provider to substitute blobs stored under a different key
without the client noticing.

Here, we now set the `aad` field to the key under which the `Storable`
will be stored, ensuring that the retrieved data was originally stored
under the key we expected.

We also account for `StorableBuilder` now taking `data_decryption_key`
by reference on `build`/`deconstruct`.
@tnull
Zeroize VssStore's data_encryption_key on Drop
3490f2a 
.. to make sure it doesn't linger in memory.
@tnull tnull force-pushed the 2025-08-upgrade-vss-encryption-obfuscation-scheme branch from ac8ae88 to 3490f2a Compare August 22, 2025 09:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
blocked on upstream
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tnull @ldk-reviews-bot