From 48063a6fb60c6ea5bfae22aa1764f5932b7a9381 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Dr=C3=A9an?= Date: Wed, 8 Apr 2026 11:27:55 +0200 Subject: [PATCH 1/2] fix: disable BuildKit provenance attestation in release workflow --- .github/workflows/release.yaml | 1 + proto/engine/v1/engine.proto | 13 +++++++++---- src/grpc/grpc.types.ts | 7 +++---- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2938072..2f117cc 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -100,6 +100,7 @@ jobs: tags: ${{ env.IMAGE_NAME }}:${{ github.sha }} cache-from: type=gha cache-to: type=gha,mode=max + provenance: false - name: Install Cosign uses: sigstore/cosign-installer@v4.0.0 diff --git a/proto/engine/v1/engine.proto b/proto/engine/v1/engine.proto index f46db16..6974e4f 100644 --- a/proto/engine/v1/engine.proto +++ b/proto/engine/v1/engine.proto @@ -20,10 +20,15 @@ service Controller { /** Supported algorithms. */ enum Algorithm { - ALGORITHM_UNSPECIFIED = 0; - FROST_ED25519 = 1; - FROST_SCHNORR_SECP256K1 = 2; - CGGMP24_ECDSA_SECP256K1 = 3; + /** FROST with ed25519 curve. Signature shares are 64 raw bytes (r ‖ s). */ + FROST_ED25519 = 0; + /** FROST with secp256k1 curve. Signature shares are 64 raw bytes (r ‖ s). */ + FROST_SCHNORR_SECP256K1 = 1; + /** + * CGGMP24 protocol with secp256k1 curve. Signature shares + * are r, s, and recovery id. + */ + CGGMP24_ECDSA_SECP256K1 = 2; } message GenerateKeyRequest { diff --git a/src/grpc/grpc.types.ts b/src/grpc/grpc.types.ts index 19da9a2..7dccc8f 100644 --- a/src/grpc/grpc.types.ts +++ b/src/grpc/grpc.types.ts @@ -6,10 +6,9 @@ import { type Observable } from "rxjs"; * Use numeric values so they serialize correctly over gRPC. */ enum Algorithm { - ALGORITHM_UNSPECIFIED = 0, - FROST_ED25519 = 1, - FROST_SCHNORR_SECP256K1 = 2, - CGGMP24_ECDSA_SECP256K1 = 3, + FROST_ED25519 = 0, + FROST_SCHNORR_SECP256K1 = 1, + CGGMP24_ECDSA_SECP256K1 = 2, } /** From 1002540cca7b608be96c9a3a4a6f6dcd25054fce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Dr=C3=A9an?= Date: Wed, 8 Apr 2026 11:34:34 +0200 Subject: [PATCH 2/2] fix: remove invalid IsNotIn decorator on Algorithm enum field --- src/tasks/key-generation/key-generation.dto.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/tasks/key-generation/key-generation.dto.ts b/src/tasks/key-generation/key-generation.dto.ts index 8ddcbb0..19b7897 100644 --- a/src/tasks/key-generation/key-generation.dto.ts +++ b/src/tasks/key-generation/key-generation.dto.ts @@ -4,7 +4,6 @@ import { IsEnum, IsInt, IsNotEmpty, - IsNotIn, IsString, Length, Matches, @@ -86,7 +85,6 @@ class KeyGenerationRequestDto { }) @IsEnum(Algorithm) @Validate(ThresholdWithinParticipants) - @IsNotIn([Algorithm.ALGORITHM_UNSPECIFIED]) algorithm: Algorithm; /**