Merge pull request #109 from ralexstokes/update-hash-function

Updates the hash function used to Keccak-256 Closes #111
2018-12-19 17:11:47 +11:00 · 2018-12-19 17:11:47 +11:00 · 459be0b4b6
commit 459be0b4b6
parent 1ffdcd363d bd3d388b92
7 changed files with 48 additions and 38 deletions
--- a/beacon_chain/utils/bls/src/lib.rs
+++ b/beacon_chain/utils/bls/src/lib.rs
@ -10,16 +10,24 @@ pub use self::bls_aggregates::Signature;

 pub const BLS_AGG_SIG_BYTE_SIZE: usize = 97;

-use hashing::proof_of_possession_hash;
+use hashing::canonical_hash;
+use std::default::Default;
+
+fn extend_if_needed(hash: &mut Vec<u8>) {
+    // NOTE: bls_aggregates crate demands 48 bytes, this may be removed as we get closer to production
+    hash.resize(48, Default::default())
+}

 /// For some signature and public key, ensure that the signature message was the public key and it
 /// was signed by the secret key that corresponds to that public key.
 pub fn verify_proof_of_possession(sig: &Signature, pubkey: &PublicKey) -> bool {
-    let hash = proof_of_possession_hash(&pubkey.as_bytes());
+    let mut hash = canonical_hash(&pubkey.as_bytes());
+    extend_if_needed(&mut hash);
    sig.verify_hashed(&hash, &pubkey)
 }

 pub fn create_proof_of_possession(keypair: &Keypair) -> Signature {
-    let hash = proof_of_possession_hash(&keypair.pk.as_bytes());
+    let mut hash = canonical_hash(&keypair.pk.as_bytes());
+    extend_if_needed(&mut hash);
    Signature::new_hashed(&hash, &keypair.sk)
 }
--- a/beacon_chain/utils/hashing/Cargo.toml
+++ b/beacon_chain/utils/hashing/Cargo.toml
@ -4,4 +4,4 @@ version = "0.1.0"
 authors = ["Paul Hauner <paul@paulhauner.com>"]

 [dependencies]
-blake2-rfc = "0.2.18"
+tiny-keccak = "1.4.2"
--- a/beacon_chain/utils/hashing/src/lib.rs
+++ b/beacon_chain/utils/hashing/src/lib.rs
@ -1,17 +1,30 @@
-extern crate blake2_rfc;
+extern crate tiny_keccak;

-use self::blake2_rfc::blake2b::blake2b;
+use tiny_keccak::Keccak;

 pub fn canonical_hash(input: &[u8]) -> Vec<u8> {
-    let result = blake2b(64, &[], input);
-    result.as_bytes()[0..32].to_vec()
+    let mut keccak = Keccak::new_keccak256();
+    keccak.update(input);
+    let mut result = vec![0; 32];
+    keccak.finalize(result.as_mut_slice());
+    result
 }

-pub fn proof_of_possession_hash(input: &[u8]) -> Vec<u8> {
-    let result = blake2b(64, &[], input);
-    let mut hash = result.as_bytes()[32..64].to_vec();
-    // TODO: this padding is not part of the spec, it is required otherwise Milagro will panic.
-    // We should either drop the padding or ensure the padding is in the spec.
-    hash.append(&mut vec![0; 18]);
-    hash
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use std::convert::From;
+
+    #[test]
+    fn test_hashing() {
+        let input: Vec<u8> = From::from("hello");
+
+        let output = canonical_hash(input.as_ref());
+        let expected = &[
+            0x1c, 0x8a, 0xff, 0x95, 0x06, 0x85, 0xc2, 0xed, 0x4b, 0xc3, 0x17, 0x4f, 0x34, 0x72,
+            0x28, 0x7b, 0x56, 0xd9, 0x51, 0x7b, 0x9c, 0x94, 0x81, 0x27, 0x31, 0x9a, 0x09, 0xa7,
+            0xa3, 0x6d, 0xea, 0xc8,
+        ];
+        assert_eq!(expected, output.as_slice());
+    }
 }
--- a/beacon_chain/utils/ssz_helpers/src/ssz_beacon_block.rs
+++ b/beacon_chain/utils/ssz_helpers/src/ssz_beacon_block.rs
@ -220,6 +220,8 @@ mod tests {
    use super::super::types::{Attestation, BeaconBlock, SpecialRecord};
    use super::*;

+    use super::canonical_hash;
+
    fn get_block_ssz(b: &BeaconBlock) -> Vec<u8> {
        let mut ssz_stream = SszStream::new();
        ssz_stream.append(b);
@ -292,9 +294,10 @@ mod tests {
        // it was simply printed then copied into the code. This test
        // will tell us if the hash changes, not that it matches some
        // canonical reference.
+        // TODO: make sure this test conforms to canonical test vectors; it is not clear that it currently does so
        let expected_hash = [
-            254, 192, 124, 164, 240, 137, 162, 126, 50, 255, 118, 88, 189, 151, 221, 4, 40, 121,
-            198, 33, 248, 221, 104, 255, 46, 234, 146, 161, 202, 140, 109, 175,
+            132, 43, 230, 49, 234, 240, 253, 146, 85, 121, 104, 79, 35, 0, 126, 162, 132, 99, 145,
+            13, 30, 57, 118, 5, 175, 136, 174, 7, 52, 161, 87, 196,
        ];
        assert_eq!(hash, expected_hash);

--- a/beacon_chain/utils/vec_shuffle/src/lib.rs
+++ b/beacon_chain/utils/vec_shuffle/src/lib.rs
@ -47,7 +47,10 @@ mod tests {
    use std::fs::File;
    use std::io::prelude::*;

+    // TODO: update test vectors to use keccak instead of blake.
+    // https://github.com/sigp/lighthouse/issues/121
    #[test]
+    #[should_panic]
    fn test_shuffling() {
        let mut file = File::open("./src/specs/shuffle_test_vectors.yaml").unwrap();
        let mut yaml_str = String::new();
--- a/beacon_chain/utils/vec_shuffle/src/rng.rs
+++ b/beacon_chain/utils/vec_shuffle/src/rng.rs
@ -87,15 +87,4 @@ mod tests {
        x = int_from_byte_slice(&[0x8f, 0xbb, 0xc7], 0);
        assert_eq!(x, 9419719);
    }
-
-    #[test]
-    fn test_shuffling_hash_fn() {
-        let digest = canonical_hash(&canonical_hash(&"4kn4driuctg8".as_bytes())); // double-hash is intentional
-        let expected = [
-            103, 21, 99, 143, 60, 75, 116, 81, 248, 175, 190, 114, 54, 65, 23, 8, 3, 116, 160, 178,
-            7, 75, 63, 47, 180, 239, 191, 247, 57, 194, 144, 88,
-        ];
-        assert_eq!(digest.len(), expected.len());
-        assert_eq!(digest, expected)
-    }
 }
--- a/beacon_chain/validator_induction/src/inductor.rs
+++ b/beacon_chain/validator_induction/src/inductor.rs
@ -110,8 +110,8 @@ impl ValidatorInductor {
 mod tests {
    use super::*;

-    use bls::{Keypair, Signature};
-    use hashing::proof_of_possession_hash;
+    use bls::{create_proof_of_possession, Keypair, Signature};
+    use hashing::canonical_hash;
    use types::{Address, Hash256};

    fn registration_equals_record(reg: &ValidatorRegistration, rec: &ValidatorRecord) -> bool {
@ -122,12 +122,6 @@ mod tests {
            & (verify_proof_of_possession(&reg.proof_of_possession, &rec.pubkey))
    }

-    /// Generate a proof of possession for some keypair.
-    fn get_proof_of_possession(kp: &Keypair) -> Signature {
-        let pop_message = proof_of_possession_hash(&kp.pk.as_bytes());
-        Signature::new_hashed(&pop_message, &kp.sk)
-    }
-
    /// Generate a basic working ValidatorRegistration for use in tests.
    fn get_registration() -> ValidatorRegistration {
        let kp = Keypair::random();
@ -136,7 +130,7 @@ mod tests {
            withdrawal_shard: 0,
            withdrawal_address: Address::zero(),
            randao_commitment: Hash256::zero(),
-            proof_of_possession: get_proof_of_possession(&kp),
+            proof_of_possession: create_proof_of_possession(&kp),
        }
    }

@ -266,7 +260,7 @@ mod tests {

        let mut r = get_registration();
        let kp = Keypair::random();
-        r.proof_of_possession = get_proof_of_possession(&kp);
+        r.proof_of_possession = create_proof_of_possession(&kp);

        let mut inductor = ValidatorInductor::new(0, 1024, validators);
        let result = inductor.induct(&r, ValidatorStatus::PendingActivation);