[network] Cleanup and remove encrypted network addresses

Encrypted network addresses are remnant of the permissioned
validator set.  This completely removes all references to it,
and cleans up the build.

Cargo.toml

@@ -9,7 +9,6 @@ members = [
     "config/global-constants",
     "config/management",
     "config/management/genesis",
-    "config/management/network-address-encryption",
     "config/management/operational",
     "config/seed-peer-generator",
     "consensus",

config/Cargo.toml

@@ -23,7 +23,6 @@ diem-crypto = { path = "../crates/diem-crypto" }
 diem-crypto-derive = { path = "../crates/diem-crypto-derive" }
 diem-global-constants = { path = "./global-constants"}
 diem-logger = { path = "../crates/diem-logger" }
-diem-network-address-encryption = { path = "management/network-address-encryption" }
 diem-secure-storage = { path = "../secure/storage" }
 diem-temppath = { path = "../crates/diem-temppath" }
 diem-types = { path = "../types" }

config/management/Cargo.toml

@@ -22,7 +22,6 @@ bcs = "0.1.2"
 diem-config = { path = ".."}
 diem-crypto = { path = "../../crates/diem-crypto" }
 diem-global-constants = { path = "../global-constants"}
-diem-network-address-encryption = {path = "network-address-encryption"}
 diem-secure-storage = { path = "../../secure/storage" }
 diem-time-service = { path = "../../crates/diem-time-service" }
 diem-types = { path = "../../types" }

config/management/genesis/Cargo.toml

@@ -26,7 +26,6 @@ diem-crypto = { path = "../../../crates/diem-crypto" }
 diem-framework-releases = { path = "../../../diem-move/diem-framework/DPN/releases"}
 diem-global-constants = { path = "../../global-constants" }
 diem-management = { path = ".." }
-diem-network-address-encryption = {path = "../network-address-encryption"}
 diem-secure-storage = { path = "../../../secure/storage" }
 diem-types = { path = "../../../types" }
 diem-workspace-hack = { version = "0.1", path = "../../../crates/diem-workspace-hack" }

config/management/genesis/src/storage_helper.rs

@@ -16,9 +16,7 @@ use diem_global_constants::{
 use diem_management::{error::Error, secure_backend::DISK};
 use diem_secure_storage::{CryptoStorage, KVStorage, Namespaced, OnDiskStorage, Storage};
 use diem_types::{
-    chain_id::ChainId,
-    network_address::{self, NetworkAddress},
-    transaction::Transaction,
+    chain_id::ChainId, network_address::NetworkAddress, transaction::Transaction,
     waypoint::Waypoint,
 };
 use std::{fs::File, path::Path};
@@ -90,14 +88,6 @@ impl StorageHelper {
             .set(SAFETY_DATA, SafetyData::new(0, 0, 0, 0, None))
             .unwrap();
         storage.set(WAYPOINT, Waypoint::default()).unwrap();
-        let mut encryptor = diem_network_address_encryption::Encryptor::new(storage);
-        encryptor.initialize().unwrap();
-        encryptor
-            .add_key(
-                network_address::encrypted::TEST_SHARED_VAL_NETADDR_KEY_VERSION,
-                network_address::encrypted::TEST_SHARED_VAL_NETADDR_KEY,
-            )
-            .unwrap();
     }
 
     pub fn create_waypoint(&self, chain_id: ChainId) -> Result<Waypoint, Error> {

config/management/genesis/src/validator_builder.rs

@@ -28,9 +28,6 @@ use diem_management::{
 use diem_secure_storage::{CryptoStorage, KVStorage, OnDiskStorage, Storage};
 use diem_types::{
     chain_id::ChainId,
-    network_address::encrypted::{
-        Key as NetworkAddressEncryptionKey, KeyVersion as NetworkAddressEncryptionKeyVersion,
-    },
     on_chain_config::{ConsensusConfigV2, OnChainConsensusConfig, VMPublishingOption},
     transaction::{authenticator::AuthenticationKey, Transaction},
     waypoint::Waypoint,
@@ -130,8 +127,6 @@ impl ValidatorConfig {
 pub struct RootKeys {
     pub root_key: Ed25519PrivateKey,
     pub treasury_compliance_key: Ed25519PrivateKey,
-    pub validator_network_address_encryption_key: NetworkAddressEncryptionKey,
-    pub validator_network_address_encryption_key_version: NetworkAddressEncryptionKeyVersion,
 }
 
 impl RootKeys {
@@ -146,14 +141,9 @@ impl RootKeys {
         let root_key = Ed25519PrivateKey::try_from(key.as_ref()).unwrap();
         let treasury_compliance_key = Ed25519PrivateKey::try_from(key.as_ref()).unwrap();
 
-        let mut validator_network_address_encryption_key = NetworkAddressEncryptionKey::default();
-        rng.fill_bytes(&mut validator_network_address_encryption_key);
-
         Self {
             root_key,
             treasury_compliance_key,
-            validator_network_address_encryption_key,
-            validator_network_address_encryption_key_version: 0,
         }
     }
 }
@@ -216,14 +206,7 @@ impl ValidatorBuilder {
 
         // Generate and initialize Validator configs
         let mut validators = (0..self.num_validators.get())
-            .map(|i| {
-                self.initialize_validator_config(
-                    i,
-                    &mut rng,
-                    root_keys.validator_network_address_encryption_key,
-                    root_keys.validator_network_address_encryption_key_version,
-                )
-            })
+            .map(|i| self.initialize_validator_config(i, &mut rng))
             .collect::<Result<Vec<_>>>()?;
 
         // Build genesis
@@ -267,13 +250,7 @@ impl ValidatorBuilder {
     // Build helpers
     //
 
-    fn initialize_validator_config<R>(
-        &self,
-        index: usize,
-        rng: R,
-        validator_network_address_encryption_key: NetworkAddressEncryptionKey,
-        validator_network_address_encryption_key_version: NetworkAddressEncryptionKeyVersion,
-    ) -> Result<ValidatorConfig>
+    fn initialize_validator_config<R>(&self, index: usize, rng: R) -> Result<ValidatorConfig>
     where
         R: ::rand::RngCore + ::rand::CryptoRng,
     {
@@ -285,12 +262,7 @@ impl ValidatorBuilder {
 
         let mut validator =
             ValidatorConfig::new(name, storage_config, directory, self.template.clone());
-        Self::initialize_validator_storage(
-            &validator,
-            rng,
-            validator_network_address_encryption_key,
-            validator_network_address_encryption_key_version,
-        )?;
+        Self::initialize_validator_storage(&validator, rng)?;
 
         validator.config.set_data_dir(validator.directory.clone());
         let mut config = &mut validator.config;
@@ -365,12 +337,7 @@ impl ValidatorBuilder {
         storage_config
     }
 
-    fn initialize_validator_storage<R>(
-        validator: &ValidatorConfig,
-        mut rng: R,
-        validator_network_address_encryption_key: NetworkAddressEncryptionKey,
-        validator_network_address_encryption_key_version: NetworkAddressEncryptionKeyVersion,
-    ) -> Result<()>
+    fn initialize_validator_storage<R>(validator: &ValidatorConfig, mut rng: R) -> Result<()>
     where
         R: ::rand::RngCore + ::rand::CryptoRng,
     {
@@ -398,13 +365,6 @@ impl ValidatorBuilder {
         storage.set(SAFETY_DATA, SafetyData::new(0, 0, 0, 0, None))?;
         storage.set(WAYPOINT, Waypoint::default())?;
 
-        let mut encryptor = diem_network_address_encryption::Encryptor::new(storage);
-        encryptor.initialize()?;
-        encryptor.add_key(
-            validator_network_address_encryption_key_version,
-            validator_network_address_encryption_key,
-        )?;
-
         Ok(())
     }
 

config/management/genesis/src/verify.rs

@@ -10,7 +10,6 @@ use diem_management::{
     config::ConfigPath, error::Error, secure_backend::ValidatorBackend,
     storage::StorageWrapper as Storage,
 };
-use diem_network_address_encryption::Error as NetworkAddressError;
 use diem_temppath::TempPath;
 use diem_types::{
     account_address::AccountAddress, account_config, account_state::AccountState,
@@ -179,12 +178,9 @@ fn compare_genesis(
     let actual_validator_key = storage.x25519_public_from_private(VALIDATOR_NETWORK_KEY)?;
     let actual_fullnode_key = storage.x25519_public_from_private(FULLNODE_NETWORK_KEY)?;
 
-    let network_addrs: Vec<NetworkAddress> =
-        bcs::from_bytes(&validator_config.validator_network_addresses)
-            .map_err(|e| {
-                NetworkAddressError::AddressDeserialization(validator_account, e.to_string())
-            })
-            .unwrap_or_default();
+    let network_addrs: Vec<NetworkAddress> = validator_config
+        .validator_network_addresses()
+        .unwrap_or_default();
 
     let expected_validator_key = network_addrs
         .get(0)