Use relative KES periods for evolution and signing

nc6 · nc6 · commit deda980c45f4 · 2020-05-14T16:40:41.000+02:00
Previously KES keys would be evolved to the _current_ KES period, and
would sign at that period. But this is incorrect; we should be caring
about the number of evolutions since the first period, defined by the
operational certificate.

As such, we now sign with the _relative_ KES period (e.g. the number of
evolutions), and evolve the keys accordingly.
diff --git a/ouroboros-consensus-shelley/src/Ouroboros/Consensus/Shelley/Protocol.hs b/ouroboros-consensus-shelley/src/Ouroboros/Consensus/Shelley/Protocol.hs
@@ -162,11 +162,11 @@ forgeTPraosFields :: ( MonadRandom m
                   -> (TPraosToSign c -> toSign)
                   -> m (TPraosFields c toSign)
 forgeTPraosFields updateNodeState TPraosProof{..} kesPeriod mkToSign = do
-    hotKESKey   <- evolveKESKeyIfNecessary updateNodeState kesPeriod
+    hotKESKey <- evolveKESKeyIfNecessary updateNodeState (SL.KESPeriod kesEvolution)
     let
       signature = signedKES
         ()
-        kesPeriodNat
+        kesEvolution
         (mkToSign signedFields)
         hotKESKey
     return TPraosFields {
@@ -175,6 +175,9 @@ forgeTPraosFields updateNodeState TPraosProof{..} kesPeriod mkToSign = do
       }
   where
     SL.KESPeriod kesPeriodNat = kesPeriod
+    SL.OCert _ _ (SL.KESPeriod c0) _ = tpraosIsCoreNodeOpCert
+
+    kesEvolution = if kesPeriodNat >= c0 then kesPeriodNat - c0 else 0
 
     TPraosIsCoreNode{..} = tpraosIsCoreNode
 
@@ -193,7 +196,7 @@ forgeTPraosFields updateNodeState TPraosProof{..} kesPeriod mkToSign = do
 evolveKESKeyIfNecessary
   :: forall m c. (MonadRandom m, TPraosCrypto c)
   => NodeState.Update m (TPraosNodeState c)
-  -> SL.KESPeriod
+  -> SL.KESPeriod -- ^ Relative KES period (to the start period of the OCert)
   -> m (SignKeyKES (KES c))
 evolveKESKeyIfNecessary updateNodeState (SL.KESPeriod kesPeriod) = do
     getOudatedKeyOrCurrentKey >>= \case
