address review comments

Author: JasonVranek

crates/common/src/config/mod.rs

@@ -137,14 +137,12 @@ impl CommitBoostConfig {
             })
     }
 
-    /// Helper to return if signer uses TLS
     pub fn signer_uses_tls(&self) -> bool {
         self.signer
             .as_ref()
             .is_some_and(|signer_config| matches!(signer_config.tls_mode, TlsMode::Certificate(_)))
     }
 
-    /// Helper to return signer's server URL
     pub fn signer_server_url(&self, default_port: u16) -> String {
         if let Some(SignerConfig { inner: SignerType::Remote { url }, .. }) = &self.signer {
             url.to_string()
@@ -155,7 +153,6 @@ impl CommitBoostConfig {
         }
     }
 
-    /// Helper to return the path to the signer's TLS certificates if any
     pub fn signer_certs_path(&self) -> Option<&PathBuf> {
         self.signer
             .as_ref()

crates/common/src/config/signer.rs

@@ -46,12 +46,10 @@ pub struct ModuleSigningConfig {
 
 impl ModuleSigningConfig {
     pub fn validate(&self) -> Result<()> {
-        // Ensure the JWT secret is not empty
         if self.jwt_secret.is_empty() {
             bail!("JWT secret cannot be empty");
         }
 
-        // Ensure the signing ID is a valid B256
         if self.signing_id.is_zero() {
             bail!("Signing ID cannot be zero");
         }
@@ -249,7 +247,6 @@ impl StartSignerConfig {
 
         let (admin_secret, jwt_secrets) = load_jwt_secrets()?;
 
-        // Load the module signing configs
         let mod_signing_configs = load_module_signing_configs(&config, &jwt_secrets)
             .wrap_err("Failed to load module signing configs")?;
 
@@ -380,22 +377,18 @@ pub fn load_module_signing_configs(
     let mut seen_jwt_secrets = HashMap::new();
     let mut seen_signing_ids = HashMap::new();
     for module in modules {
-        // Validate the module ID
         ensure!(!module.id.is_empty(), "Module ID cannot be empty");
 
-        // Make sure it hasn't been used yet
         ensure!(
             !mod_signing_configs.contains_key(&module.id),
             "Duplicate module config detected: ID {} is already used",
             module.id
         );
 
-        // Make sure the JWT secret is present
         let jwt_secret = match jwt_secrets.get(&module.id) {
             Some(secret) => secret.clone(),
             None => bail!("JWT secret for module {} is missing", module.id),
         };
-        // Create the module signing config and validate it
         let module_signing_config = ModuleSigningConfig {
             module_name: module.id.clone(),
             jwt_secret,
@@ -405,7 +398,6 @@ pub fn load_module_signing_configs(
             .validate()
             .wrap_err(format!("Invalid signing config for module {}", module.id))?;
 
-        // Check for duplicates in JWT secrets and signing IDs
         if let Some(existing_module) =
             seen_jwt_secrets.insert(module_signing_config.jwt_secret.clone(), &module.id)
         {
@@ -441,7 +433,7 @@ mod tests {
 
     fn make_local_signer_config(tls_mode: TlsMode) -> SignerConfig {
         SignerConfig {
-            host: Ipv4Addr::new(127, 0, 0, 1),
+            host: Ipv4Addr::LOCALHOST,
             port: 20000,
             docker_image: SIGNER_IMAGE_DEFAULT.to_string(),
             jwt_auth_fail_limit: 3,
@@ -468,7 +460,7 @@ mod tests {
             pbs: StaticPbsConfig {
                 docker_image: String::from("cb-fake-repo/fake-cb:latest"),
                 pbs_config: PbsConfig {
-                    host: Ipv4Addr::new(127, 0, 0, 1),
+                    host: Ipv4Addr::LOCALHOST,
                     port: 0,
                     relay_check: false,
                     wait_all_registrations: false,

crates/common/src/utils.rs

@@ -419,7 +419,6 @@ pub fn decode_admin_jwt(jwt: Jwt) -> eyre::Result<JwtAdminClaims> {
     Ok(claims)
 }
 
-/// Validate a JWT with the given secret
 pub fn validate_jwt(
     jwt: Jwt,
     secret: &str,
@@ -457,7 +456,6 @@ pub fn validate_jwt(
     Ok(())
 }
 
-/// Validate an admin JWT with the given secret
 pub fn validate_admin_jwt(
     jwt: Jwt,
     secret: &str,

crates/signer/src/manager/dirk.rs

@@ -372,9 +372,9 @@ impl DirkManager {
     pub async fn generate_proxy_key(
         &mut self,
         module: &ModuleId,
-        consensus: BlsPublicKey,
+        consensus: &BlsPublicKey,
     ) -> Result<SignedProxyDelegation<BlsPublicKey>, SignerModuleError> {
-        let proxy_account = match self.consensus_accounts.get(&consensus) {
+        let proxy_account = match self.consensus_accounts.get(consensus) {
             Some(Account::Simple(account)) => {
                 self.generate_simple_proxy_account(account, module).await?
             }
@@ -393,7 +393,7 @@ impl DirkManager {
             proxy: proxy_account.inner.public_key().clone(),
         };
         let delegation_signature =
-            self.request_consensus_signature(&consensus, &message.tree_hash_root(), None).await?;
+            self.request_consensus_signature(consensus, &message.tree_hash_root(), None).await?;
 
         let delegation = SignedProxyDelegation { message, signature: delegation_signature };
 

crates/signer/src/manager/local.rs

@@ -94,13 +94,13 @@ impl LocalSigningManager {
     pub async fn create_proxy_bls(
         &mut self,
         module_id: ModuleId,
-        delegator: BlsPublicKey,
+        delegator: &BlsPublicKey,
     ) -> Result<SignedProxyDelegationBls, SignerModuleError> {
         let signer = BlsSigner::new_random();
         let proxy_pubkey = signer.pubkey();
 
         let message = ProxyDelegationBls { delegator: delegator.clone(), proxy: proxy_pubkey };
-        let signature = self.sign_consensus(&delegator, &message.tree_hash_root(), None).await?;
+        let signature = self.sign_consensus(delegator, &message.tree_hash_root(), None).await?;
         let delegation = SignedProxyDelegationBls { signature, message };
         let proxy_signer = BlsProxySigner { signer, delegation: delegation.clone() };
 
@@ -113,13 +113,13 @@ impl LocalSigningManager {
     pub async fn create_proxy_ecdsa(
         &mut self,
         module_id: ModuleId,
-        delegator: BlsPublicKey,
+        delegator: &BlsPublicKey,
     ) -> Result<SignedProxyDelegationEcdsa, SignerModuleError> {
         let signer = EcdsaSigner::new_random();
         let proxy_address = signer.address();
 
         let message = ProxyDelegationEcdsa { delegator: delegator.clone(), proxy: proxy_address };
-        let signature = self.sign_consensus(&delegator, &message.tree_hash_root(), None).await?;
+        let signature = self.sign_consensus(delegator, &message.tree_hash_root(), None).await?;
         let delegation = SignedProxyDelegationEcdsa { signature, message };
         let proxy_signer = EcdsaProxySigner { signer, delegation: delegation.clone() };
 
@@ -351,7 +351,7 @@ mod tests {
             let (mut signing_manager, consensus_pk) = init_signing_manager();
 
             let signed_delegation =
-                signing_manager.create_proxy_bls(MODULE_ID.clone(), consensus_pk).await.unwrap();
+                signing_manager.create_proxy_bls(MODULE_ID.clone(), &consensus_pk).await.unwrap();
 
             let validation_result = signed_delegation.validate(CHAIN);
 
@@ -372,7 +372,7 @@ mod tests {
             let (mut signing_manager, consensus_pk) = init_signing_manager();
 
             let mut signed_delegation =
-                signing_manager.create_proxy_bls(MODULE_ID.clone(), consensus_pk).await.unwrap();
+                signing_manager.create_proxy_bls(MODULE_ID.clone(), &consensus_pk).await.unwrap();
 
             signed_delegation.signature = BlsSignature::test_random();
 
@@ -386,7 +386,7 @@ mod tests {
             let (mut signing_manager, consensus_pk) = init_signing_manager();
 
             let signed_delegation =
-                signing_manager.create_proxy_bls(MODULE_ID.clone(), consensus_pk).await.unwrap();
+                signing_manager.create_proxy_bls(MODULE_ID.clone(), &consensus_pk).await.unwrap();
             let proxy_pk = signed_delegation.message.proxy;
 
             let data_root = B256::random();
@@ -433,7 +433,7 @@ mod tests {
             let (mut signing_manager, consensus_pk) = init_signing_manager();
 
             let signed_delegation =
-                signing_manager.create_proxy_ecdsa(MODULE_ID.clone(), consensus_pk).await.unwrap();
+                signing_manager.create_proxy_ecdsa(MODULE_ID.clone(), &consensus_pk).await.unwrap();
 
             let validation_result = signed_delegation.validate(CHAIN);
 
@@ -454,7 +454,7 @@ mod tests {
             let (mut signing_manager, consensus_pk) = init_signing_manager();
 
             let mut signed_delegation =
-                signing_manager.create_proxy_ecdsa(MODULE_ID.clone(), consensus_pk).await.unwrap();
+                signing_manager.create_proxy_ecdsa(MODULE_ID.clone(), &consensus_pk).await.unwrap();
 
             signed_delegation.signature = BlsSignature::test_random();
 
@@ -468,7 +468,7 @@ mod tests {
             let (mut signing_manager, consensus_pk) = init_signing_manager();
 
             let signed_delegation =
-                signing_manager.create_proxy_ecdsa(MODULE_ID.clone(), consensus_pk).await.unwrap();
+                signing_manager.create_proxy_ecdsa(MODULE_ID.clone(), &consensus_pk).await.unwrap();
             let proxy_pk = signed_delegation.message.proxy;
 
             let data_root = B256::random();