Split shares KV table

CMakeLists.txt

@@ -526,7 +526,7 @@ if(BUILD_TESTS)
     NAME recovery_test
     PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/recovery.py
     CONSENSUS cft
-    ADDITIONAL_ARGS --recovery 2
+    ADDITIONAL_ARGS --recovery 3
   )
 
   add_e2e_test(

src/crypto/symmetric_key.h

@@ -124,10 +124,9 @@ namespace crypto
       return serial;
     }
 
-    void apply(const std::vector<uint8_t>& serial)
+    void deserialise(const std::vector<uint8_t>& serial)
     {
       auto size = serial.size();
-
       auto data_ = serial.data();
       hdr = serialized::read(data_, size, GcmHeader<>::RAW_DATA_SIZE);
       cipher = serialized::read(data_, size, size);

src/node/entities.h

@@ -83,6 +83,8 @@ namespace ccf
     static constexpr auto GOV_HISTORY = "public:ccf.gov.governance.history";
     static constexpr auto SERVICE = "public:ccf.gov.service";
     static constexpr auto SHARES = "public:ccf.gov.shares";
+    static constexpr auto ENCRYPTED_LEDGER_SECRETS =
+      "public:ccf.internal.encrypted_ledger_secrets";
     static constexpr auto CONFIGURATION = "public:ccf.gov.config";
     static constexpr auto SUBMITTED_SHARES = "public:ccf.gov.submitted_shares";
     static constexpr auto SNAPSHOT_EVIDENCE =

src/node/genesis_gen.h

@@ -443,12 +443,6 @@ namespace ccf
       codeid->put(node_code_id, CodeStatus::ALLOWED_TO_JOIN);
     }
 
-    void add_key_share_info(const RecoverySharesInfo& key_share_info)
-    {
-      auto shares = tx.rw(tables.shares);
-      shares->put(0, key_share_info);
-    }
-
     bool set_recovery_threshold(size_t threshold, bool allow_zero = false)
     {
       auto config = tx.rw(tables.config);

src/node/ledger_secrets.h

@@ -46,6 +46,7 @@ namespace ccf
   }
 
   using LedgerSecretsMap = std::map<kv::Version, LedgerSecret>;
+  using VersionedLedgerSecret = LedgerSecretsMap::value_type;
 
   class LedgerSecrets
   {
@@ -160,7 +161,7 @@ namespace ccf
       self = id;
     }
 
-    LedgerSecretsMap::value_type get_latest(kv::Tx& tx)
+    VersionedLedgerSecret get_latest(kv::Tx& tx)
     {
       std::lock_guard<SpinLock> guard(lock);
 
@@ -172,12 +173,10 @@ namespace ccf
           "Could not retrieve latest ledger secret: no secret set");
       }
 
-      const auto& latest_ledger_secret = ledger_secrets.rbegin();
-      return std::make_pair(
-        latest_ledger_secret->first, latest_ledger_secret->second);
+      return *ledger_secrets.rbegin();
     }
 
-    std::pair<LedgerSecret, std::optional<LedgerSecret>>
+    std::pair<VersionedLedgerSecret, std::optional<VersionedLedgerSecret>>
     get_latest_and_penultimate(kv::Tx& tx)
     {
       std::lock_guard<SpinLock> guard(lock);
@@ -193,11 +192,10 @@ namespace ccf
       const auto& latest_ledger_secret = ledger_secrets.rbegin();
       if (ledger_secrets.size() < 2)
       {
-        return std::make_pair(latest_ledger_secret->second, std::nullopt);
+        return std::make_pair(*latest_ledger_secret, std::nullopt);
       }
       return std::make_pair(
-        latest_ledger_secret->second,
-        std::next(ledger_secrets.rbegin())->second);
+        *latest_ledger_secret, *std::next(latest_ledger_secret));
     }
 
     LedgerSecretsMap get(

src/node/network_tables.h

@@ -55,7 +55,8 @@ namespace ccf
     CodeIDs node_code_ids;
     MemberAcks member_acks;
     GovernanceHistory governance_history;
-    Shares shares;
+    RecoveryShares shares;
+    EncryptedLedgerSecretsInfo encrypted_ledger_secrets;
     SubmittedShares submitted_shares;
     Configuration config;
 
@@ -121,6 +122,7 @@ namespace ccf
       member_acks(Tables::MEMBER_ACKS),
       governance_history(Tables::GOV_HISTORY),
       shares(Tables::SHARES),
+      encrypted_ledger_secrets(Tables::ENCRYPTED_LEDGER_SECRETS),
       submitted_shares(Tables::SUBMITTED_SHARES),
       config(Tables::CONFIGURATION),
       ca_certs(Tables::CA_CERT_DERS),

src/node/node_state.h

@@ -161,7 +161,7 @@ namespace ccf
     crypto::Sha256Hash recovery_root;
     std::vector<kv::Version> view_history;
     consensus::Index last_recovered_signed_idx = 1;
-    std::list<RecoveredLedgerSecret> recovery_ledger_secrets;
+    RecoveredEncryptedLedgerSecrets recovery_ledger_secrets;
     consensus::Index ledger_idx = 0;
 
     struct StartupSnapshotInfo
@@ -380,7 +380,7 @@ namespace ccf
 
           setup_snapshotter(config.snapshot_tx_interval);
           bool from_snapshot = !config.startup_snapshot.empty();
-          setup_recovery_hook(from_snapshot);
+          setup_recovery_hook();
 
           if (from_snapshot)
           {
@@ -480,6 +480,14 @@ namespace ccf
             setup_progress_tracker();
             setup_history();
 
+            if (resp.network_info.public_only)
+            {
+              last_recovered_signed_idx =
+                resp.network_info.last_recovered_signed_idx;
+              setup_recovery_hook();
+              snapshotter->set_snapshot_generation(false);
+            }
+
             if (startup_snapshot_info)
             {
               // It is only possible to deserialise the entire snapshot then,
@@ -538,11 +546,6 @@ namespace ccf
 
             if (resp.network_info.public_only)
             {
-              last_recovered_signed_idx =
-                resp.network_info.last_recovered_signed_idx;
-              setup_recovery_hook(startup_snapshot_info != nullptr);
-              snapshotter->set_snapshot_generation(false);
-
               sm.advance(State::partOfPublicNetwork);
             }
             else
@@ -1004,8 +1007,7 @@ namespace ccf
 
         // Shares for the new ledger secret can only be issued now, once the
         // previous ledger secrets have been recovered
-        share_manager.issue_shares_on_recovery(
-          tx, last_recovered_signed_idx + 1);
+        share_manager.issue_recovery_shares(tx);
         GenesisGenerator g(network, tx);
         if (!g.open_service())
         {
@@ -1116,8 +1118,8 @@ namespace ccf
       std::lock_guard<SpinLock> guard(lock);
       sm.expect(State::partOfPublicNetwork);
 
-      auto restored_ledger_secrets =
-        share_manager.restore_recovery_shares_info(tx, recovery_ledger_secrets);
+      auto restored_ledger_secrets = share_manager.restore_recovery_shares_info(
+        tx, std::move(recovery_ledger_secrets));
 
       // Broadcast decrypted ledger secrets to other nodes for them to initiate
       // private recovery too
@@ -1139,7 +1141,6 @@ namespace ccf
       ledger_idx = recovery_store->current_version();
       read_ledger_idx(++ledger_idx);
 
-      recovery_ledger_secrets.clear();
       sm.advance(State::readingPrivateLedger);
     }
 
@@ -1280,7 +1281,7 @@ namespace ccf
       // once the local hook on the secrets table has been triggered.
 
       auto new_ledger_secret = make_ledger_secret();
-      share_manager.issue_shares_on_rekey(tx, new_ledger_secret);
+      share_manager.issue_recovery_shares(tx, new_ledger_secret);
       LedgerSecretsBroadcast::broadcast_new(
         network, node_encrypt_kp, tx, std::move(new_ledger_secret));
 
@@ -1595,68 +1596,51 @@ namespace ccf
       return last_recovered_signed_idx;
     }
 
-    void setup_recovery_hook(bool from_snapshot)
+    void setup_recovery_hook()
     {
-      // When recoverying from a snapshot, the first secret is valid from the
-      // version at which it was recorded
-      static bool is_first_secret = !from_snapshot;
-
       network.tables->set_map_hook(
-        network.shares.get_name(),
-        network.shares.wrap_map_hook(
-          [this](kv::Version version, const Shares::Write& w)
+        network.encrypted_ledger_secrets.get_name(),
+        network.encrypted_ledger_secrets.wrap_map_hook(
+          [this](
+            kv::Version version, const EncryptedLedgerSecretsInfo::Write& w)
             -> kv::ConsensusHookPtr {
-            for (const auto& [k, opt_v] : w)
+            if (w.size() > 1)
             {
-              if (!opt_v.has_value())
-              {
-                throw std::logic_error(
-                  fmt::format("Unexpected: removal from shares table ({})", k));
-              }
+              throw std::logic_error(fmt::format(
+                "Transaction contains {} writes to map {}, expected one",
+                w.size(),
+                network.encrypted_ledger_secrets.get_name()));
+            }
 
-              const auto& v = opt_v.value();
+            auto encrypted_ledger_secret_info = w.at(0);
+            if (!encrypted_ledger_secret_info.has_value())
+            {
+              throw std::logic_error(fmt::format(
+                "Removal from {} table",
+                network.encrypted_ledger_secrets.get_name()));
+            }
 
-              kv::Version ledger_secret_version;
-              if (is_first_secret)
-              {
-                // Special case for the first recovery share issuing (at network
-                // open), which is applicable from the very first transaction.
-                ledger_secret_version = 1;
-                is_first_secret = false;
-              }
-              else
-              {
-                // If the version is not set (rekeying), use the version
-                // from the hook plus one. Otherwise (recovery), use the
-                // version specified.
-                ledger_secret_version =
-                  v.wrapped_latest_ledger_secret.version == kv::NoVersion ?
-                  (version + 1) :
-                  v.wrapped_latest_ledger_secret.version;
-              }
+            // If the version of the next ledger secret is not set, deduce it
+            // from the hook version (i.e. ledger rekey)
+            if (!encrypted_ledger_secret_info->next_version.has_value())
+            {
+              encrypted_ledger_secret_info->next_version = version + 1;
+            }
 
-              // No encrypted ledger secret are stored in the case of a pure
-              // re-share (i.e. no ledger rekey).
-              if (
-                !v.encrypted_previous_ledger_secret.empty() ||
-                ledger_secret_version == 1)
-              {
-                LOG_TRACE_FMT(
-                  "Adding one encrypted recovery ledger secret at {}",
-                  ledger_secret_version);
+            LOG_DEBUG_FMT(
+              "Recovering encrypted ledger secret valid at seqno {}", version);
 
-                recovery_ledger_secrets.push_back(
-                  {ledger_secret_version, v.encrypted_previous_ledger_secret});
-              }
-            }
+            recovery_ledger_secrets.emplace_back(
+              std::move(encrypted_ledger_secret_info.value()));
 
             return kv::ConsensusHookPtr(nullptr);
           }));
     }
 
     void reset_recovery_hook()
     {
-      network.tables->unset_map_hook(network.shares.get_name());
+      network.tables->unset_map_hook(
+        network.encrypted_ledger_secrets.get_name());
     }
 
     void setup_n2n_channels()

src/node/rpc/member_frontend.h

@@ -936,7 +936,7 @@ namespace ccf
            // allocated to each recovery member
            try
            {
-             share_manager.issue_shares(tx);
+             share_manager.issue_recovery_shares(tx);
            }
            catch (const std::logic_error& e)
            {
@@ -975,7 +975,7 @@ namespace ccf
            const ProposalId& proposal_id, kv::Tx& tx, const nlohmann::json&) {
            try
            {
-             share_manager.issue_shares(tx);
+             share_manager.shuffle_recovery_shares(tx);
            }
            catch (const std::logic_error& e)
            {
@@ -1008,10 +1008,9 @@ namespace ccf
              return false;
            }
 
-           // Update recovery shares (same number of shares)
            try
            {
-             share_manager.issue_shares(tx);
+             share_manager.shuffle_recovery_shares(tx);
            }
            catch (const std::logic_error& e)
            {
@@ -1715,7 +1714,7 @@ namespace ccf
           // member, all recovery members are allocated new recovery shares
           try
           {
-            share_manager.issue_shares(ctx.tx);
+            share_manager.shuffle_recovery_shares(ctx.tx);
           }
           catch (const std::logic_error& e)
           {

src/node/rpc/test/member_voting_test.cpp

@@ -1784,7 +1784,7 @@ DOCTEST_TEST_CASE("Submit recovery shares")
       members[id] = {cert, enc_kp};
     }
     gen.set_recovery_threshold(recovery_threshold);
-    share_manager.issue_shares(gen_tx);
+    share_manager.issue_recovery_shares(gen_tx);
     gen.finalize();
     frontend.open();
   }

src/node/rpc/test/node_stub.h

@@ -91,7 +91,13 @@ namespace ccf
 
     void initiate_private_recovery(kv::Tx& tx) override
     {
-      share_manager.restore_recovery_shares_info(tx, {});
+      kv::Version current_ledger_secret_version = 1;
+      RecoveredEncryptedLedgerSecrets recovered_secrets;
+      recovered_secrets.push_back(
+        EncryptedLedgerSecretInfo{std::nullopt, current_ledger_secret_version});
+
+      share_manager.restore_recovery_shares_info(
+        tx, std::move(recovered_secrets));
     }
   };
 }

src/node/secret_broadcast.h

@@ -102,7 +102,7 @@ namespace ccf
       const std::vector<uint8_t>& cipher)
     {
       crypto::GcmCipher gcmcipher;
-      gcmcipher.apply(cipher);
+      gcmcipher.deserialise(cipher);
       std::vector<uint8_t> plain(gcmcipher.cipher.size());
 
       crypto::KeyAesGcm primary_shared_key(