Zenith // Horcrux Compatibility

[danbryan]

I noticed that horcrux is not supported by Zenith.
https://meka.tech/zenith#signing

@danbryan will be chatting with them on October 13th and will ask for details about why it's not supported, and if their is anything strangelove can do to help.

[chillyvee]

Since TMKMS is supported, maybe it's not yet tested rather than "does not work"?

[tsenart]

Hey all,

We are working on a Tendermint ADR for expansion of the PrivValidator interface. For the time being, tmkms is compatible because we maintain a fork that essentially allows external block building requests to be signed (i.e. authenticated). These requests, unlike Votes and Proposals, don't end up on-chain state and don't risk any slashing of validators, so they don't need double signing prevention.

We found it hard to modify horcrux to support signing of this additional message because the double signing prevention logic is spread across many layers and we didn't have the time to dig deeper at that point. We'd be happy for you to contribute to this effort!

[danbryan]

For meketek signing on horcrux, we need to add support for the additional handlers.

• add request handlers for SignMekatekBuild and SignMekatekChallenge

meka-dev/tmkms@v0.12.2...v0.12.2-mekatek.2

[tsenart]

@danbryan: Only SignMekatekBuild is necessary. SignMekatekChallenge is deprecated.