Address review comments

Author: tdammers

cabal.project

@@ -26,8 +26,6 @@ packages:
   sop-extras
   strict-sop-core
 
-allow-newer: plutus-core:cardano-crypto-class
-
 -- We want to always build the test-suites and benchmarks
 tests: true
 benchmarks: true

ouroboros-consensus-protocol/src/ouroboros-consensus-protocol/Ouroboros/Consensus/Protocol/Ledger/HotKey.hs

@@ -22,11 +22,12 @@ module Ouroboros.Consensus.Protocol.Ledger.HotKey (
   , kesStatus
     -- * Hot Key
   , HotKey (..)
+  , finalize
   , getOCert
   , KESEvolutionError (..)
   , KESEvolutionInfo
   , mkHotKey
-  , mkHotKeyEv
+  , mkHotKeyAtEvolution
   , mkEmptyHotKey
   , sign
   ) where
@@ -173,11 +174,16 @@ data HotKey c m = HotKey {
              -- ^ Start period (relative to the KES key's 0th evolution)
           -> m ()
 
-      -- | Release any resources held by the 'HotKey'. Must be run exactly once
-      -- per 'HotKey'.
-    , finalize :: m ()
+      -- | Release any resources held by the 'HotKey', except for the signing
+      -- key itself. User code should use 'finalize' instead.
+    , finalize_ :: m ()
     }
 
+-- | Release all resources held by the 'HotKey', including the signing key
+-- itself. Use this exactly once per 'HotKey' instance.
+finalize :: Monad m => HotKey c m -> m ()
+finalize hotKey = forget hotKey >> finalize_ hotKey
+
 deriving via (OnlyCheckWhnfNamed "HotKey" (HotKey c m)) instance NoThunks (HotKey c m)
 
 getOCert :: Monad m => HotKey c m -> m (OCert.OCert c)
@@ -224,22 +230,19 @@ mkHotKey ::
   -> Absolute.KESPeriod  -- ^ Start period
   -> Word64              -- ^ Max KES evolutions
   -> m (HotKey c m)
-mkHotKey ocert initKey startPeriod maxKESEvolutions = do
-  hotKey <- mkEmptyHotKey maxKESEvolutions (pure ())
-  set hotKey ocert initKey 0 startPeriod
-  return hotKey
+mkHotKey = mkHotKeyAtEvolution 0
 
 -- Create a new 'HotKey' and initialize it to the given initial KES key. The
 -- initial key should be at the given evolution.
-mkHotKeyEv ::
+mkHotKeyAtEvolution ::
      forall m c. (Crypto c, IOLike m)
   => Word
   -> OCert.OCert c
   -> SL.SignKeyKES c
   -> Absolute.KESPeriod  -- ^ Start period
   -> Word64              -- ^ Max KES evolutions
   -> m (HotKey c m)
-mkHotKeyEv evolution ocert initKey startPeriod maxKESEvolutions = do
+mkHotKeyAtEvolution evolution ocert initKey startPeriod maxKESEvolutions = do
   hotKey <- mkEmptyHotKey maxKESEvolutions (pure ())
   set hotKey ocert initKey evolution startPeriod
   return hotKey
@@ -283,7 +286,7 @@ mkEmptyHotKey maxKESEvolutions finalizer = do
               }
               , kesStateKey = KESKey newOCert newKey
             }
-      , finalize = finalizer
+      , finalize_ = finalizer
       }
   where
     initKESState :: KESState c

ouroboros-consensus-protocol/src/ouroboros-consensus-protocol/Ouroboros/Consensus/Protocol/Praos/Common.hs

@@ -254,12 +254,18 @@ data PraosCanBeLeader c = PraosCanBeLeader
   { -- | Stake pool cold key or genesis stakeholder delegate cold key.
     praosCanBeLeaderColdVerKey :: !(SL.VKey 'SL.BlockIssuer c),
     praosCanBeLeaderSignKeyVRF :: !(SL.SignKeyVRF c),
+    -- | How to obtain KES credentials (ocert + sign key)
     praosCanBeLeaderCredentialsSource :: !(PraosCredentialsSource c)
   }
   deriving (Generic)
 
 instance (NoThunks (KES.UnsoundPureSignKeyKES (KES c)), Crypto c) => NoThunks (PraosCanBeLeader c)
 
+-- | Defines a method for obtaining Praos credentials (opcert + KES signing key).
+-- Currently, the only available method is passing the credentials directly
+-- (using an unsound KES key that is subject to swapping and can be loaded from
+-- disk). Future versions may add constructors for sound methods (mlocking KES
+-- keys along the entire chain).
 data PraosCredentialsSource c
   = PraosCredentialsUnsound (OCert.OCert c) (KES.UnsoundPureSignKeyKES (KES c))
   deriving (Generic)