syntax = "proto3";
package ethereum.prysm.v2;

import "proto/eth/ext/options.proto";
import "proto/prysm/v1alpha1/attestation.proto";
import "proto/prysm/v1alpha1/beacon_block.proto";
import "proto/prysm/v2/beacon_block.proto";
import "google/api/annotations.proto";
import "google/protobuf/empty.proto";

option csharp_namespace = "Ethereum.Prysm.V2";
option go_package = "github.com/prysmaticlabs/prysm/proto/prysm/v2;v2";
option java_multiple_files = true;
option java_outer_classname = "KeymanagerProto";
option java_package = "org.ethereum.prysm.v2";
option php_namespace = "Ethereum\\Prysm\\v2";

// RemoteSigner service API.
//
// Defines a remote-signing keymanager which manages eth2
// validator accounts and can sign respective messages.
service RemoteSigner {
    // ListPublicKeysResponse managed by a remote signer.
    rpc ListValidatingPublicKeys(google.protobuf.Empty) returns (ListPublicKeysResponse) {
        option (google.api.http) = {
            get: "/accounts/v2/remote/accounts"
        };
    }

    // Sign a remote request via gRPC.
    rpc Sign(SignRequest) returns (SignResponse) {
        option (google.api.http) = {
            post: "/accounts/v2/remote/sign"
        };
    }
}

// ListPublicKeysResponse contains public keys
// for the validator secrets managed by the remote signer.
message ListPublicKeysResponse {
    // List of 48 byte, BLS12-381 validating public keys.
    repeated bytes validating_public_keys = 2;
}

// SignRequest is a message type used by a keymanager
// as part of Prysm's accounts v2 implementation.
message SignRequest {
    // 48 byte public key corresponding to an associated private key
    // being requested to sign data.
    bytes public_key = 1;

    // Raw bytes signing root the client is requesting to sign. The client is
    // expected to determine these raw bytes from the appropriate BLS
    // signing domain as well as the signing root of the data structure
    // the bytes represent.
    bytes signing_root = 2;

    // Signature domain and the beacon chain objects to allow server to verify
    // the contents and to prevent slashing.
    bytes signature_domain = 3;
    // Beacon chain objects. [100-200]
    oneof object {
        // Phase0 objects.
        ethereum.eth.v1alpha1.BeaconBlock block = 101;
        ethereum.eth.v1alpha1.AttestationData attestation_data = 102;
        ethereum.eth.v1alpha1.AggregateAttestationAndProof aggregate_attestation_and_proof = 103;
        ethereum.eth.v1alpha1.VoluntaryExit exit = 104;
        uint64 slot = 105 [(ethereum.eth.ext.cast_type) = "github.com/prysmaticlabs/eth2-types.Slot"];
        uint64 epoch = 106 [(ethereum.eth.ext.cast_type) = "github.com/prysmaticlabs/eth2-types.Epoch"];

        // Altair objects.
        ethereum.prysm.v2.BeaconBlockAltair blockV2 = 107;
    }
}

// SignResponse returned by a RemoteSigner gRPC service.
message SignResponse {
    enum Status {
        UNKNOWN = 0;
        SUCCEEDED = 1;
        DENIED = 2;
        FAILED = 3;
    }

    // BLS12-381 signature for the data specified in the request.
    bytes signature = 1;

    // Status of the signing response, standardized as an enum
    // to ensure different remote signing servers follow the
    // same conventions.
    Status status = 2;
}