charon
charon copied to clipboard
ObolNetwork
Missing threshold parameter check for the create cluster command
🐞 Bug Report
Description
The create cluster command does not prevent misconfigurations where the threshold exceeds the number of nodes (eg 4-out-of-3 setting). This can lead to erroneous secret sharings that will not be capable of threshold signing nor reconstructing the joint secret.
Similarly, the create dkg command allows to pass --threshold=1 as input parameter but the subsequent dkg command will fail because the kryptology library returns an error if the threshold is smaller than 2.
Has this worked before in a previous version?
Yes, in all previous versions.
🔬 Minimal Reproduction
charon create cluster \
--nodes=3 \
--network=holesky \
--num-validators=1 \
--name="Quickstart Guide Cluster" \
--cluster-dir="cluster" \
--fee-recipient-addresses=0x000000000000000000000000000000000000dead \
--withdrawal-addresses=0x000000000000000000000000000000000000dead \
--threshold=4
🔥 Error
When trying to recombine the joint secret, it prints the following:
charon combine --cluster-dir="./cluster" --output-dir="./combined"
07:47:15.008 INFO cmd Recombining private key shares {"input_dir": "/opt/charon/cluster", "output_dir": "/opt/charon/combined"}
07:47:15.044 INFO cmd Loading keystore {"path": "/opt/charon/cluster/node0/validator_keys"}
07:47:15.109 INFO cmd Loading keystore {"path": "/opt/charon/cluster/node1/validator_keys"}
07:47:15.173 INFO cmd Loading keystore {"path": "/opt/charon/cluster/node2/validator_keys"}
07:47:15.237 ERRO cmd Fatal error: insufficient private key shares found for validator {"validator_index": 0, "expected": 4, "actual": 3}
cmd/combine/combine.go:99 .Combine
cmd/combine.go:56 .newCombineFunc
cmd/combine.go:31 .func1
cmd/cmd.go:91 .func1
main.go:19 .main
🌍 Your Environment
Operating System:
Ubuntu 24.04 LTS
What version of Charon are you running? (Which release)
1.0.1
Anything else relevant (validator index / public key)?
