před 4 roky · 584bfcba2d
--- a/bridge/cmd/guardiand/bridge.go
+++ b/bridge/cmd/guardiand/bridge.go
@@ -353,16 +353,6 @@ func runBridge(cmd *cobra.Command, args []string) {
 
				 		}
			
 
				 	}
			
 
				 
			
 
				-	// Load Terra fee payer key
			
 
				-	var terraFeePayer string
			
 
				-	if *unsafeDevMode {
			
 
				-		terra.WriteDevnetKey(*terraKeyPath)
			
 
				-	}
			
 
				-	terraFeePayer, err = terra.ReadKey(*terraKeyPath)
			
 
				-	if err != nil {
			
 
				-		logger.Fatal("Failed to load Terra fee payer key", zap.Error(err))
			
 
				-	}
			
 
				-
			
 
				 	adminService, err := adminServiceRunnable(logger, *adminSocketPath, injectC)
			
 
				 	if err != nil {
			
 
				 		logger.Fatal("failed to create admin service socket", zap.Error(err))
			
@@ -410,7 +400,6 @@ func runBridge(cmd *cobra.Command, args []string) {
 
				 			*terraLCD,
			
 
				 			*terraChainID,
			
 
				 			*terraContract,
			
 
				-			terraFeePayer,
			
 
				 		)
			
 
				 		if err := supervisor.Run(ctx, "processor", p.Run); err != nil {
			
 
				 			return err
			
--- a/bridge/pkg/processor/processor.go
+++ b/bridge/pkg/processor/processor.go
@@ -14,7 +14,6 @@ import (
 
				 	"github.com/certusone/wormhole/bridge/pkg/devnet"
			
 
				 	gossipv1 "github.com/certusone/wormhole/bridge/pkg/proto/gossip/v1"
			
 
				 	"github.com/certusone/wormhole/bridge/pkg/supervisor"
			
 
				-	"github.com/certusone/wormhole/bridge/pkg/terra"
			
 
				 	"github.com/certusone/wormhole/bridge/pkg/vaa"
			
 
				 )
			
 
				 
			
@@ -79,7 +78,6 @@ type Processor struct {
 
				 	terraLCD      string
			
 
				 	terraChainID  string
			
 
				 	terraContract string
			
 
				-	terraFeePayer string
			
 
				 
			
 
				 	logger *zap.Logger
			
 
				 
			
@@ -109,8 +107,7 @@ func NewProcessor(
 
				 	devnetEthRPC string,
			
 
				 	terraLCD string,
			
 
				 	terraChainID string,
			
 
				-	terraContract string,
			
 
				-	terraFeePayer string) *Processor {
			
 
				+	terraContract string) *Processor {
			
 
				 
			
 
				 	return &Processor{
			
 
				 		lockC:              lockC,
			
@@ -127,7 +124,6 @@ func NewProcessor(
 
				 		terraLCD:      terraLCD,
			
 
				 		terraChainID:  terraChainID,
			
 
				 		terraContract: terraContract,
			
 
				-		terraFeePayer: terraFeePayer,
			
 
				 
			
 
				 		logger:  supervisor.Logger(ctx),
			
 
				 		state:   &aggregationState{vaaMap{}},
			
@@ -185,25 +181,6 @@ func (p *Processor) checkDevModeGuardianSetUpdate(ctx context.Context) error {
 
				 
			
 
				 			p.logger.Info("devnet guardian set change submitted to Ethereum", zap.Any("trx", trx), zap.Any("vaa", v))
			
 
				 
			
 
				-			if p.terraEnabled {
			
 
				-				// Submit to Terra
			
 
				-				go func() {
			
 
				-					for {
			
 
				-						timeout, cancel := context.WithTimeout(ctx, 5*time.Second)
			
 
				-						trxResponse, err := terra.SubmitVAA(timeout, p.terraLCD, p.terraChainID, p.terraContract, p.terraFeePayer, v)
			
 
				-						if err != nil {
			
 
				-							cancel()
			
 
				-							p.logger.Error("failed to submit Terra devnet guardian set change, retrying", zap.Error(err))
			
 
				-							time.Sleep(1 * time.Second)
			
 
				-							continue
			
 
				-						}
			
 
				-						cancel()
			
 
				-						p.logger.Info("devnet guardian set change submitted to Terra", zap.Any("trxResponse", trxResponse), zap.Any("vaa", v))
			
 
				-						break
			
 
				-					}
			
 
				-				}()
			
 
				-			}
			
 
				-
			
 
				 			// Submit VAA to Solana as well. This is asynchronous and can fail, leading to inconsistent devnet state.
			
 
				 			p.vaaC <- v
			
 
				 		}
			
--- a/bridge/pkg/terra/sender.go
+++ b/bridge/pkg/terra/sender.go
@@ -6,13 +6,12 @@ import (
 
				 	"io/ioutil"
			
 
				 	"time"
			
 
				 
			
 
				-	"github.com/certusone/wormhole/bridge/pkg/devnet"
			
 
				-
			
 
				-	"github.com/certusone/wormhole/bridge/pkg/vaa"
			
 
				 	"github.com/terra-project/terra.go/client"
			
 
				 	"github.com/terra-project/terra.go/key"
			
 
				 	"github.com/terra-project/terra.go/msg"
			
 
				 	"github.com/terra-project/terra.go/tx"
			
 
				+
			
 
				+	"github.com/certusone/wormhole/bridge/pkg/vaa"
			
 
				 )
			
 
				 
			
 
				 type submitVAAMsg struct {
			
@@ -97,11 +96,3 @@ func ReadKey(path string) (string, error) {
 
				 	}
			
 
				 	return string(b), nil
			
 
				 }
			
 
				-
			
 
				-// WriteDevnetKey writes default devnet key to the file
			
 
				-func WriteDevnetKey(path string) {
			
 
				-	err := ioutil.WriteFile(path, []byte(devnet.TerraFeePayerKey), 0600)
			
 
				-	if err != nil {
			
 
				-		panic("Cannot write Terra key file")
			
 
				-	}
			
 
				-}
			
--- a/docs/operations.md
+++ b/docs/operations.md
@@ -210,8 +210,6 @@ You'll have to manage the following keys:
 
				    An attacker could potentially use it to censor your messages on the network. Other than that, it's not very
			
 
				    critical and can be rotated. The node will automatically create a node key at the path you specify if it doesn't exist.
			
 
				  
			
 
				- - _\[The **Terra fee payer** account. Terra support is still a work in progress - more details on this later\]._ 
			
 
				-
			
 
				 For production, we strongly recommend to either encrypt your disks, and/or take care to never have keys touch the disk.
			
 
				 One way to accomplish is to store keys on an in-memory ramfs, which can't be swapped out, and restore it from cold
			
 
				 storage or an HSM/vault whenever the node is rebooted. You might want to disable swap altogether. None of that is