chore: Tidy event-db migrations (#493)

# Description

Make event-db ready for testnet.

---------

Co-authored-by: Joaquín Rosales <joaquin.rosales@iohk.io>

services/voting-node/voting_node/committee.py

@@ -5,10 +5,12 @@
 class WalletKeys(BaseModel):
     """The keys to an external wallet.
 
+    `seckey` is the secret key for the wallet.
+    `pubkey` is the public key for the wallet.
     `hex_encoded` is used to generate the genesis block.
     """
 
-    seckey: str | None
+    seckey: str
     pubkey: str
     hex_encoded: str
 

services/voting-node/voting_node/models.py

@@ -149,6 +149,7 @@ class Committee(BaseModel):
     `event_id` the number of committee members.
     `size` the number of committee members.
     `threshold` the minimum number of members needed to tally.
+    `committee_pk` the encrypted private key of the Committee address.
     `committee_id` the hex-encoded public key of the Committee address.
     `crs` the encrypted Common Reference String shared in the creation of every set of committee member keys.
     `members` list of containing the communication and member secrets of each member of the commitee.
@@ -161,6 +162,7 @@ class Committee(BaseModel):
     size: int
     threshold: int
     crs: str
+    committee_pk: str
     committee_id: str
     members: list[CommitteeMember] | None = None
     election_key: ElectionKey

services/voting-node/voting_node/storage.py

@@ -37,6 +37,7 @@ async def get_committee(self, event_id: int) -> Committee:
             tc.event as event_id,
             ev.committee_size as size,
             ev.committee_threshold as threshold,
+            tc.committee_pk as committee_pk,
             tc.committee_id as committee_id,
             member_crs as crs,
             tc.election_key as election_key
@@ -99,17 +100,20 @@ async def save_committee(self, event_id: int, committee: Committee):
 
         Raise exception if the tally committee already exists. There can only be one tally per event.
         """
-        fields = "event, committee_id, member_crs, election_key"
-        values = "$1, $2, $3, $4"
+        fields = "event, committee_pk, committee_id, member_crs, election_key"
+        values = "$1, $2, $3, $4, $5"
         query = f"INSERT INTO tally_committee({fields}) VALUES({values}) RETURNING row_id"
         # fetch secret from envvar, fail if not present
         encrypt_pass = os.environ[SECRET_SECRET]
+        # encrypt the Committee private key before adding to DB
+        enc_pk = encrypt_secret(committee.committee_pk, encrypt_pass)
         # encrypt the CRS before adding to DB
         enc_crs = encrypt_secret(committee.crs, encrypt_pass)
         result = await self.conn.execute(
             query,
             event_id,
             committee.committee_id,
+            enc_pk,
             enc_crs,
             committee.election_key.pubkey,
         )

services/voting-node/voting_node/tasks.py

@@ -562,7 +562,6 @@ async def setup_tally_committee(self):
                 crs = secrets.token_hex(32)
             committee = await utils.create_committee(
                 self.jcli(),
-                committee_wallet.hex_encoded,
                 event.row_id,
                 event.committee_size,
                 event.committee_threshold,

services/voting-node/voting_node/utils.py

@@ -258,14 +258,18 @@ async def create_committee_member_keys(
     return MemberKeys(seckey=member_sk, pubkey=member_sk)
 
 
-async def create_committee(jcli: JCli, committee_id: str, event_id: int, size: int, threshold: int, crs: str) -> Committee:
+async def create_committee(jcli: JCli, event_id: int, size: int, threshold: int, crs: str) -> Committee:
     """Return a Committee.
 
     `committee_id` is the hex-encoded public key of the Committee wallet.
     `size` is equal to the number of committee members. If set to 0, voting and tallying will be public.
     `threshold` is the minimum number of committee members needed to carry out the tally.
     `crs` is the common reference string shared by all member keys.
     """
+    logger.debug("creating committee wallet info")
+    committee_wallet = await create_wallet_keyset(jcli)
+    committee_pk = committee_wallet.seckey
+    committee_id = committee_wallet.hex_encoded
     communication_keys = [await create_communication_keys(jcli) for _ in range(size)]
 
     def comm_pk(kp: CommunicationKeys) -> str:
@@ -291,6 +295,7 @@ def member_pk(kp: MemberKeys) -> str:
         size=size,
         threshold=threshold,
         crs=crs,
+        committee_pk=committee_pk,
         committee_id=committee_id,
         members=members,
         election_key=election_key,

src/event-db/migrations/V8__catalyst_automation.sql

@@ -31,6 +31,7 @@ CREATE TABLE tally_committee (
 
     event INTEGER NOT NULL UNIQUE,
 
+    committee_pk TEXT NOT NULL,
     committee_id TEXT NOT NULL,
     member_crs TEXT,
     election_key TEXT,
@@ -41,6 +42,7 @@ CREATE TABLE tally_committee (
 COMMENT ON TABLE tally_committee IS 'Table for storing data about the tally committee per voting event.';
 COMMENT ON COLUMN tally_committee.row_id IS 'Unique ID for this committee member for this event.';
 COMMENT ON COLUMN tally_committee.event  IS 'The event this committee member is for.';
+COMMENT ON COLUMN tally_committee.committee_pk  IS 'Encrypted private key for the committee wallet. This key can be used to get the committee public address.';
 COMMENT ON COLUMN tally_committee.committee_id  IS 'The hex-encoded public key for the committee wallet.';
 COMMENT ON COLUMN tally_committee.member_crs  IS 'Encrypted Common Reference String shared in the creation of every set of committee member keys.';
 COMMENT ON COLUMN tally_committee.election_key  IS 'Public key generated with all committee member public keys, and is used to encrypt votes. NULL if the event.committee_size is 0.';