Update to work with async keystore – Companion PR for #7000 (#1740)

* Fix keystore types

* Use SyncCryptoStorePtr

* Borrow keystore

* Fix unused imports

* Fix polkadot service

* Fix bitfield-distribution tests

* Fix indentation

* Fix backing tests

* Fix tests

* Fix provisioner tests

* Removed SyncCryptoStorePtr

* Fix services

* Address PR feedback

* Address PR feedback - 2

* Update CryptoStorePtr imports to be from sp_keystore

* Typo

* Fix CryptoStore import

* Document the reason behind using filesystem keystore

* Remove VALIDATORS

* Fix duplicate dependency

* Mark sp-keystore as optional

* Fix availability distribution

* Fix call to sign_with

* Fix keystore usage

* Remove tokio and fix parachains Cargo config

* Typos

* Fix keystore dereferencing

* Fix CryptoStore import

* Fix provisioner

* Fix node backing

* Update services

* Cleanup dependencies

* Use sync_keystore

* Fix node service

* Fix node service - 2

* Fix node service - 3

* Rename CryptoStorePtr to SyncCryptoStorePtr

* "Update Substrate"

* Apply suggestions from code review

* Update node/core/backing/Cargo.toml

* Update primitives/src/v0.rs

Co-authored-by: Bastian Köcher <bkchr@users.noreply.github.com>

* Fix wasm build

* Update Cargo.lock

Co-authored-by: parity-processbot <>
Co-authored-by: Bastian Köcher <bkchr@users.noreply.github.com>

polkadot/node/network/availability-distribution/Cargo.toml

@@ -9,21 +9,23 @@ futures = "0.3.5"
 log = "0.4.11"
 streamunordered = "0.5.1"
 codec = { package="parity-scale-codec", version = "1.3.4", features = ["std"]  }
+derive_more = "0.99.9"
 polkadot-primitives = { path = "../../../primitives" }
 polkadot-erasure-coding = { path = "../../../erasure-coding" }
 polkadot-subsystem = { package = "polkadot-node-subsystem", path = "../../subsystem" }
 polkadot-network-bridge = { path = "../../network/bridge" }
 polkadot-node-network-protocol = { path = "../../network/protocol" }
 polkadot-node-subsystem-util = { path = "../../subsystem-util" }
-sc-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }
-derive_more = "0.99.9"
 sp-core = { git = "https://github.com/paritytech/substrate", branch = "master", features = ["std"]  }
+sp-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }
 
 [dev-dependencies]
 polkadot-subsystem-testhelpers = { package = "polkadot-node-subsystem-test-helpers", path = "../../subsystem-test-helpers" }
 bitvec = { version = "0.17.4", default-features = false, features = ["alloc"] }
 sp-core = { git = "https://github.com/paritytech/substrate", branch = "master", features = ["std"] }
+sp-application-crypto = { git = "https://github.com/paritytech/substrate", branch = "master" }
 sp-keyring = { git = "https://github.com/paritytech/substrate", branch = "master" }
+sc-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }
 parking_lot = "0.11.0"
 futures-timer = "3.0.2"
 env_logger = "0.7.1"

polkadot/node/network/availability-distribution/src/lib.rs

@@ -25,12 +25,8 @@
 use codec::{Decode, Encode};
 use futures::{channel::oneshot, FutureExt};
 
-use keystore::KeyStorePtr;
-use sp_core::{
-	crypto::Public,
-	traits::BareCryptoStore,
-};
-use sc_keystore as keystore;
+use sp_core::crypto::Public;
+use sp_keystore::{CryptoStore, SyncCryptoStorePtr};
 
 use log::{trace, warn};
 use polkadot_erasure_coding::branch_hash;
@@ -293,7 +289,7 @@ impl ProtocolState {
 /// which depends on the message type received.
 async fn handle_network_msg<Context>(
 	ctx: &mut Context,
-	keystore: KeyStorePtr,
+	keystore: &SyncCryptoStorePtr,
 	state: &mut ProtocolState,
 	metrics: &Metrics,
 	bridge_message: NetworkBridgeEvent<protocol_v1::AvailabilityDistributionMessage>,
@@ -332,7 +328,7 @@ where
 /// Handle the changes necessary when our view changes.
 async fn handle_our_view_change<Context>(
 	ctx: &mut Context,
-	keystore: KeyStorePtr,
+	keystore: &SyncCryptoStorePtr,
 	state: &mut ProtocolState,
 	view: View,
 	metrics: &Metrics,
@@ -353,7 +349,7 @@ where
 		let validator_index = obtain_our_validator_index(
 			&validators,
 			keystore.clone(),
-		);
+		).await;
 		state.add_relay_parent(ctx, added, validators, validator_index).await?;
 	}
 
@@ -579,18 +575,16 @@ where
 /// Obtain the first key which has a signing key.
 /// Returns the index within the validator set as `ValidatorIndex`, if there exists one,
 /// otherwise, `None` is returned.
-fn obtain_our_validator_index(
+async fn obtain_our_validator_index(
 	validators: &[ValidatorId],
-	keystore: KeyStorePtr,
+	keystore: SyncCryptoStorePtr,
 ) -> Option<ValidatorIndex> {
-	let keystore = keystore.read();
-	validators.iter().enumerate().find_map(|(idx, validator)| {
-		if keystore.has_keys(&[(validator.to_raw_vec(), PARACHAIN_KEY_TYPE_ID)]) {
-			Some(idx as ValidatorIndex)
-		} else {
-			None
+	for (idx, validator) in validators.iter().enumerate() {
+		if CryptoStore::has_keys(&*keystore, &[(validator.to_raw_vec(), PARACHAIN_KEY_TYPE_ID)]).await {
+			return Some(idx as ValidatorIndex)
 		}
-	})
+	}
+	None
 }
 
 /// Handle an incoming message from a peer.
@@ -712,7 +706,7 @@ where
 /// The bitfield distribution subsystem.
 pub struct AvailabilityDistributionSubsystem {
 	/// Pointer to a keystore, which is required for determining this nodes validator index.
-	keystore: KeyStorePtr,
+	keystore: SyncCryptoStorePtr,
 	/// Prometheus metrics.
 	metrics: Metrics,
 }
@@ -722,7 +716,7 @@ impl AvailabilityDistributionSubsystem {
 	const K: usize = 3;
 
 	/// Create a new instance of the availability distribution.
-	pub fn new(keystore: KeyStorePtr, metrics: Metrics) -> Self {
+	pub fn new(keystore: SyncCryptoStorePtr, metrics: Metrics) -> Self {
 		Self { keystore, metrics }
 	}
 
@@ -741,7 +735,7 @@ impl AvailabilityDistributionSubsystem {
 				} => {
 					if let Err(e) = handle_network_msg(
 						&mut ctx,
-						self.keystore.clone(),
+						&self.keystore.clone(),
 						&mut state,
 						&self.metrics,
 						event,

polkadot/node/network/availability-distribution/src/tests.rs

@@ -20,7 +20,7 @@ use polkadot_erasure_coding::{branches, obtain_chunks_v1 as obtain_chunks};
 use polkadot_primitives::v1::{
 	AvailableData, BlockData, CandidateCommitments, CandidateDescriptor, GroupIndex,
 	GroupRotationInfo, HeadData, PersistedValidationData, OccupiedCore,
-	PoV, ScheduledCore, ValidatorPair,
+	PoV, ScheduledCore,
 };
 use polkadot_subsystem_testhelpers::{self as test_helpers};
 use polkadot_node_subsystem_util::TimeoutExt;
@@ -29,7 +29,10 @@ use polkadot_node_network_protocol::ObservedRole;
 use futures::{executor, future, Future};
 use futures_timer::Delay;
 use smallvec::smallvec;
-use std::time::Duration;
+use std::{sync::Arc, time::Duration};
+use sc_keystore::LocalKeystore;
+use sp_keystore::{SyncCryptoStorePtr, SyncCryptoStore};
+use sp_application_crypto::AppKey;
 
 macro_rules! view {
 		( $( $hash:expr ),* $(,)? ) => [
@@ -57,7 +60,7 @@ struct TestHarness {
 }
 
 fn test_harness<T: Future<Output = ()>>(
-	keystore: KeyStorePtr,
+	keystore: SyncCryptoStorePtr,
 	test: impl FnOnce(TestHarness) -> T,
 ) {
 	let _ = env_logger::builder()
@@ -144,7 +147,7 @@ struct TestState {
 	validator_index: Option<ValidatorIndex>,
 	validator_groups: (Vec<Vec<ValidatorIndex>>, GroupRotationInfo),
 	head_data: HashMap<ParaId, HeadData>,
-	keystore: KeyStorePtr,
+	keystore: SyncCryptoStorePtr,
 	relay_parent: Hash,
 	ancestors: Vec<Hash>,
 	availability_cores: Vec<CoreState>,
@@ -170,11 +173,9 @@ impl Default for TestState {
 			Sr25519Keyring::Dave,
 		];
 
-		let keystore = keystore::Store::new_in_memory();
+		let keystore: SyncCryptoStorePtr = Arc::new(LocalKeystore::in_memory());
 
-		keystore
-			.write()
-			.insert_ephemeral_from_seed::<ValidatorPair>(&validators[0].to_seed())
+		SyncCryptoStore::sr25519_generate_new(&*keystore, ValidatorId::ID, Some(&validators[0].to_seed()))
 			.expect("Insert key into keystore");
 
 		let validator_public = validator_pubkeys(&validators);

polkadot/node/network/bitfield-distribution/Cargo.toml

@@ -22,8 +22,12 @@ sc-network = { git = "https://github.com/paritytech/substrate", branch = "master
 polkadot-node-subsystem-test-helpers = { path = "../../subsystem-test-helpers" }
 bitvec = { version = "0.17.4", default-features = false, features = ["alloc"] }
 sp-core = { git = "https://github.com/paritytech/substrate", branch = "master" }
+sp-application-crypto = { git = "https://github.com/paritytech/substrate", branch = "master" }
+sp-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }
+sc-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }
 parking_lot = "0.11.0"
 maplit = "1.0.2"
 smol = "0.3.3"
 env_logger = "0.7.1"
 assert_matches = "1.3.0"
+tempfile = "3.1.0"

polkadot/node/network/bitfield-distribution/src/lib.rs

@@ -674,10 +674,13 @@ mod test {
 	use bitvec::bitvec;
 	use futures::executor;
 	use maplit::hashmap;
-	use polkadot_primitives::v1::{Signed, ValidatorPair, AvailabilityBitfield};
+	use polkadot_primitives::v1::{Signed, AvailabilityBitfield};
 	use polkadot_node_subsystem_test_helpers::make_subsystem_context;
 	use polkadot_node_subsystem_util::TimeoutExt;
-	use sp_core::crypto::Pair;
+	use sp_keystore::{SyncCryptoStorePtr, SyncCryptoStore};
+	use sp_application_crypto::AppKey;
+	use sc_keystore::LocalKeystore;
+	use std::sync::Arc;
 	use std::time::Duration;
 	use assert_matches::assert_matches;
 	use polkadot_node_network_protocol::ObservedRole;
@@ -735,22 +738,28 @@ mod test {
 		}
 	}
 
-	fn state_with_view(view: View, relay_parent: Hash) -> (ProtocolState, SigningContext, ValidatorPair) {
+	fn state_with_view(
+		view: View,
+		relay_parent: Hash,
+		keystore_path: &tempfile::TempDir,
+	) -> (ProtocolState, SigningContext, SyncCryptoStorePtr, ValidatorId) {
 		let mut state = ProtocolState::default();
 
-		let (validator_pair, _seed) = ValidatorPair::generate();
-		let validator = validator_pair.public();
-
 		let signing_context = SigningContext {
 			session_index: 1,
 			parent_hash: relay_parent.clone(),
 		};
 
+		let keystore : SyncCryptoStorePtr = Arc::new(LocalKeystore::open(keystore_path.path(), None)
+			.expect("Creates keystore"));
+		let validator = SyncCryptoStore::sr25519_generate_new(&*keystore, ValidatorId::ID, None)
+			.expect("generating sr25519 key not to fail");
+
 		state.per_relay_parent = view.0.iter().map(|relay_parent| {(
 				relay_parent.clone(),
 				PerRelayParentData {
 					signing_context: signing_context.clone(),
-					validator_set: vec![validator.clone()],
+					validator_set: vec![validator.clone().into()],
 					one_per_validator: hashmap!{},
 					message_received_from_peer: hashmap!{},
 					message_sent_to_peer: hashmap!{},
@@ -759,7 +768,7 @@ mod test {
 
 		state.view = view;
 
-		(state, signing_context, validator_pair)
+		(state, signing_context, keystore, validator.into())
 	}
 
 	#[test]
@@ -780,16 +789,19 @@ mod test {
 			parent_hash: hash_a.clone(),
 		};
 
-		// validator 0 key pair
-		let (validator_pair, _seed) = ValidatorPair::generate();
-		let validator = validator_pair.public();
-
 		// another validator not part of the validatorset
-		let (mallicious, _seed) = ValidatorPair::generate();
+		let keystore_path = tempfile::tempdir().expect("Creates keystore path");
+		let keystore : SyncCryptoStorePtr = Arc::new(LocalKeystore::open(keystore_path.path(), None)
+			.expect("Creates keystore"));
+		let malicious = SyncCryptoStore::sr25519_generate_new(&*keystore, ValidatorId::ID, None)
+								.expect("Malicious key created");
+		let validator = SyncCryptoStore::sr25519_generate_new(&*keystore, ValidatorId::ID, None)
+								.expect("Malicious key created");
 
 		let payload = AvailabilityBitfield(bitvec![bitvec::order::Lsb0, u8; 1u8; 32]);
 		let signed =
-			Signed::<AvailabilityBitfield>::sign(payload, &signing_context, 0, &mallicious);
+			executor::block_on(Signed::<AvailabilityBitfield>::sign(&keystore, payload, &signing_context, 0, &malicious.into()))
+			.expect("should be signed");
 
 		let msg = BitfieldGossipMessage {
 			relay_parent: hash_a.clone(),
@@ -801,7 +813,7 @@ mod test {
 			make_subsystem_context::<BitfieldDistributionMessage, _>(pool);
 
 		let mut state = prewarmed_state(
-			validator.clone(),
+			validator.into(),
 			signing_context.clone(),
 			msg.clone(),
 			vec![peer_b.clone()],
@@ -842,15 +854,17 @@ mod test {
 		let peer_b = PeerId::random();
 		assert_ne!(peer_a, peer_b);
 
+		let keystore_path = tempfile::tempdir().expect("Creates keystore path");
 		// validator 0 key pair
-		let (mut state, signing_context, validator_pair) =
-			state_with_view(view![hash_a, hash_b], hash_a.clone());
+		let (mut state, signing_context, keystore, validator) =
+			state_with_view(view![hash_a, hash_b], hash_a.clone(), &keystore_path);
 
 		state.peer_views.insert(peer_b.clone(), view![hash_a]);
 
 		let payload = AvailabilityBitfield(bitvec![bitvec::order::Lsb0, u8; 1u8; 32]);
 		let signed =
-			Signed::<AvailabilityBitfield>::sign(payload, &signing_context, 42, &validator_pair);
+			executor::block_on(Signed::<AvailabilityBitfield>::sign(&keystore, payload, &signing_context, 42, &validator))
+			.expect("should be signed");
 
 		let msg = BitfieldGossipMessage {
 			relay_parent: hash_a.clone(),
@@ -896,14 +910,16 @@ mod test {
 		let peer_b = PeerId::random();
 		assert_ne!(peer_a, peer_b);
 
+		let keystore_path = tempfile::tempdir().expect("Creates keystore path");
 		// validator 0 key pair
-		let (mut state, signing_context, validator_pair) =
-			state_with_view(view![hash_a, hash_b], hash_a.clone());
+		let (mut state, signing_context, keystore, validator) =
+			state_with_view(view![hash_a, hash_b], hash_a.clone(), &keystore_path);
 
 		// create a signed message by validator 0
 		let payload = AvailabilityBitfield(bitvec![bitvec::order::Lsb0, u8; 1u8; 32]);
 		let signed_bitfield =
-			Signed::<AvailabilityBitfield>::sign(payload, &signing_context, 0, &validator_pair);
+			executor::block_on(Signed::<AvailabilityBitfield>::sign(&keystore, payload, &signing_context, 0, &validator))
+			.expect("should be signed");
 
 		let msg = BitfieldGossipMessage {
 			relay_parent: hash_a.clone(),
@@ -1007,13 +1023,16 @@ mod test {
 		let peer_b = PeerId::random();
 		assert_ne!(peer_a, peer_b);
 
+		let keystore_path = tempfile::tempdir().expect("Creates keystore path");
 		// validator 0 key pair
-		let (mut state, signing_context, validator_pair) = state_with_view(view![hash_a, hash_b], hash_a.clone());
+		let (mut state, signing_context, keystore, validator) =
+			state_with_view(view![hash_a, hash_b], hash_a.clone(), &keystore_path);
 
 		// create a signed message by validator 0
 		let payload = AvailabilityBitfield(bitvec![bitvec::order::Lsb0, u8; 1u8; 32]);
 		let signed_bitfield =
-			Signed::<AvailabilityBitfield>::sign(payload, &signing_context, 0, &validator_pair);
+			executor::block_on(Signed::<AvailabilityBitfield>::sign(&keystore, payload, &signing_context, 0, &validator))
+			.expect("should be signed");
 
 		let msg = BitfieldGossipMessage {
 			relay_parent: hash_a.clone(),

polkadot/node/network/statement-distribution/Cargo.toml

@@ -27,3 +27,6 @@ polkadot-node-subsystem-test-helpers = { path = "../../subsystem-test-helpers" }
 assert_matches = "1.3.0"
 sp-keyring = { git = "https://github.com/paritytech/substrate", branch = "master" }
 sp-core = { git = "https://github.com/paritytech/substrate", branch = "master" }
+sp-application-crypto = { git = "https://github.com/paritytech/substrate", branch = "master" }
+sp-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }
+sc-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }

polkadot/node/network/statement-distribution/src/lib.rs

@@ -978,11 +978,15 @@ impl metrics::Metrics for Metrics {
 #[cfg(test)]
 mod tests {
 	use super::*;
+	use std::sync::Arc;
 	use sp_keyring::Sr25519Keyring;
+	use sp_application_crypto::AppKey;
 	use node_primitives::Statement;
 	use polkadot_primitives::v1::CommittedCandidateReceipt;
 	use assert_matches::assert_matches;
-	use futures::executor;
+	use futures::executor::{self, block_on};
+	use sp_keystore::{CryptoStore, SyncCryptoStorePtr, SyncCryptoStore};
+	use sc_keystore::LocalKeystore;
 
 	#[test]
 	fn active_head_accepts_only_2_seconded_per_validator() {
@@ -1022,13 +1026,22 @@ mod tests {
 
 		let mut head_data = ActiveHeadData::new(validators, session_index);
 
+		let keystore: SyncCryptoStorePtr = Arc::new(LocalKeystore::in_memory());
+		let alice_public = SyncCryptoStore::sr25519_generate_new(
+			&*keystore, ValidatorId::ID, Some(&Sr25519Keyring::Alice.to_seed())
+		).unwrap();
+		let bob_public = SyncCryptoStore::sr25519_generate_new(
+			&*keystore, ValidatorId::ID, Some(&Sr25519Keyring::Bob.to_seed())
+		).unwrap();
+
 		// note A
-		let a_seconded_val_0 = SignedFullStatement::sign(
+		let a_seconded_val_0 = block_on(SignedFullStatement::sign(
+			&keystore,
 			Statement::Seconded(candidate_a.clone()),
 			&signing_context,
 			0,
-			&Sr25519Keyring::Alice.pair().into(),
-		);
+			&alice_public.into(),
+		)).expect("should be signed");
 		let noted = head_data.note_statement(a_seconded_val_0.clone());
 
 		assert_matches!(noted, NotedStatement::Fresh(_));
@@ -1039,42 +1052,46 @@ mod tests {
 		assert_matches!(noted, NotedStatement::UsefulButKnown);
 
 		// note B
-		let noted = head_data.note_statement(SignedFullStatement::sign(
+		let noted = head_data.note_statement(block_on(SignedFullStatement::sign(
+			&keystore,
 			Statement::Seconded(candidate_b.clone()),
 			&signing_context,
 			0,
-			&Sr25519Keyring::Alice.pair().into(),
-		));
+			&alice_public.into(),
+		)).expect("should be signed"));
 
 		assert_matches!(noted, NotedStatement::Fresh(_));
 
 		// note C (beyond 2 - ignored)
-		let noted = head_data.note_statement(SignedFullStatement::sign(
+		let noted = head_data.note_statement(block_on(SignedFullStatement::sign(
+			&keystore,
 			Statement::Seconded(candidate_c.clone()),
 			&signing_context,
 			0,
-			&Sr25519Keyring::Alice.pair().into(),
-		));
+			&alice_public.into(),
+		)).expect("should be signed"));
 
 		assert_matches!(noted, NotedStatement::NotUseful);
 
 		// note B (new validator)
-		let noted = head_data.note_statement(SignedFullStatement::sign(
+		let noted = head_data.note_statement(block_on(SignedFullStatement::sign(
+			&keystore,
 			Statement::Seconded(candidate_b.clone()),
 			&signing_context,
 			1,
-			&Sr25519Keyring::Bob.pair().into(),
-		));
+			&bob_public.into(),
+		)).expect("should be signed"));
 
 		assert_matches!(noted, NotedStatement::Fresh(_));
 
 		// note C (new validator)
-		let noted = head_data.note_statement(SignedFullStatement::sign(
+		let noted = head_data.note_statement(block_on(SignedFullStatement::sign(
+			&keystore,
 			Statement::Seconded(candidate_c.clone()),
 			&signing_context,
 			1,
-			&Sr25519Keyring::Bob.pair().into(),
-		));
+			&bob_public.into(),
+		)).expect("should be signed"));
 
 		assert_matches!(noted, NotedStatement::Fresh(_));
 	}
@@ -1252,33 +1269,48 @@ mod tests {
 			session_index,
 		};
 
+		let keystore: SyncCryptoStorePtr = Arc::new(LocalKeystore::in_memory());
+
+		let alice_public = SyncCryptoStore::sr25519_generate_new(
+			&*keystore, ValidatorId::ID, Some(&Sr25519Keyring::Alice.to_seed())
+		).unwrap();
+		let bob_public = SyncCryptoStore::sr25519_generate_new(
+			&*keystore, ValidatorId::ID, Some(&Sr25519Keyring::Bob.to_seed())
+		).unwrap();
+		let charlie_public = SyncCryptoStore::sr25519_generate_new(
+			&*keystore, ValidatorId::ID, Some(&Sr25519Keyring::Charlie.to_seed())
+		).unwrap();
+
 		let new_head_data = {
 			let mut data = ActiveHeadData::new(validators, session_index);
 
-			let noted = data.note_statement(SignedFullStatement::sign(
+			let noted = data.note_statement(block_on(SignedFullStatement::sign(
+				&keystore,
 				Statement::Seconded(candidate.clone()),
 				&signing_context,
 				0,
-				&Sr25519Keyring::Alice.pair().into(),
-			));
+				&alice_public.into(),
+			)).expect("should be signed"));
 
 			assert_matches!(noted, NotedStatement::Fresh(_));
 
-			let noted = data.note_statement(SignedFullStatement::sign(
+			let noted = data.note_statement(block_on(SignedFullStatement::sign(
+				&keystore,
 				Statement::Valid(candidate_hash),
 				&signing_context,
 				1,
-				&Sr25519Keyring::Bob.pair().into(),
-			));
+				&bob_public.into(),
+			)).expect("should be signed"));
 
 			assert_matches!(noted, NotedStatement::Fresh(_));
 
-			let noted = data.note_statement(SignedFullStatement::sign(
+			let noted = data.note_statement(block_on(SignedFullStatement::sign(
+				&keystore,
 				Statement::Valid(candidate_hash),
 				&signing_context,
 				2,
-				&Sr25519Keyring::Charlie.pair().into(),
-			));
+				&charlie_public.into(),
+			)).expect("should be signed"));
 
 			assert_matches!(noted, NotedStatement::Fresh(_));
 
@@ -1399,12 +1431,18 @@ mod tests {
 					session_index,
 				};
 
+				let keystore: SyncCryptoStorePtr = Arc::new(LocalKeystore::in_memory());
+				let alice_public = CryptoStore::sr25519_generate_new(
+					&*keystore, ValidatorId::ID, Some(&Sr25519Keyring::Alice.to_seed())
+				).await.unwrap();
+
 				let statement = SignedFullStatement::sign(
+					&keystore,
 					Statement::Seconded(candidate),
 					&signing_context,
 					0,
-					&Sr25519Keyring::Alice.pair().into(),
-				);
+					&alice_public.into(),
+				).await.expect("should be signed");
 
 				StoredStatement {
 					comparator: StoredStatementComparator {