cerc-io/lighthouse
16
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Support multiple BLS implementations (#1335)

Browse Source 
## Issue Addressed

NA

## Proposed Changes

- Refactor the `bls` crate to support multiple BLS "backends" (e.g., milagro, blst, etc).
- Removes some duplicate, unused code in `common/rest_types/src/validator.rs`.
- Removes the old "upgrade legacy keypairs" functionality (these were unencrypted keys that haven't been supported for a few testnets, no one should be using them anymore).

## Additional Info

Most of the files changed are just inconsequential changes to function names.

## TODO

- [x] Optimization levels
- [x] Infinity point: https://github.com/supranational/blst/issues/11
- [x] Ensure milagro *and* blst are tested via CI
- [x] What to do with unsafe code?
- [x] Test infinity point in signature sets
This commit is contained in:
Paul Hauner 2020-07-25 02:03:18 +00:00
parent 21bcc8848d
commit b73c497be2
117 changed files with 3009 additions and 2463 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/test-suite.yml vendored
View File

@ -77,7 +77,7 @@ jobs:
- uses: actions/checkout@v1
- name: Get latest version of stable Rust
run: rustup update stable
- name: Run eth2.0-spec-tests with and without fake_crypto
- name: Run eth2.0-spec-tests with blst, milagro and fake_crypto
run: make test-ef
dockerfile-ubuntu:
name: dockerfile-ubuntu

30
Cargo.lock generated
View File

@ -186,7 +186,7 @@ dependencies = [
[[package]]
name = "amcl"
version = "0.2.0"
source = "git+https://github.com/sigp/milagro_bls?tag=v1.1.0#32c9f9382fc73f8976a00aca9773e6a322bb2c9e"
source = "git+https://github.com/sigp/milagro_bls?branch=paulh#7662690845f3f2594e46cfe71b6b0bb91d5e1f82"
dependencies = [
"hex 0.3.2",
"lazy_static",
@ -360,6 +360,7 @@ dependencies = [
"fork_choice",
"futures 0.3.5",
"genesis",
"int_to_bytes",
"integer-sqrt",
"itertools 0.9.0",
"lazy_static",
@ -533,9 +534,11 @@ name = "bls"
version = "0.2.0"
dependencies = [
"arbitrary",
"blst",
"eth2_hashing",
"eth2_ssz",
"hex 0.4.2",
"ethereum-types",
"hex 0.3.2",
"milagro_bls",
"rand 0.7.3",
"serde",
@ -545,6 +548,16 @@ dependencies = [
"zeroize",
]
[[package]]
name = "blst"
version = "0.1.1"
source = "git+https://github.com/sigp/blst.git?rev=968c846a2dc46e836e407bbdbac1a38a597ebc46#968c846a2dc46e836e407bbdbac1a38a597ebc46"
dependencies = [
"cc",
"glob",
"threadpool",
]
[[package]]
name = "boot_node"
version = "0.1.0"
@ -1456,10 +1469,10 @@ name = "eth2_interop_keypairs"
version = "0.2.0"
dependencies = [
"base64 0.12.3",
"bls",
"eth2_hashing",
"hex 0.4.2",
"lazy_static",
"milagro_bls",
"num-bigint",
"serde",
"serde_derive",
@ -3093,7 +3106,7 @@ dependencies = [
[[package]]
name = "milagro_bls"
version = "1.1.0"
source = "git+https://github.com/sigp/milagro_bls?tag=v1.1.0#32c9f9382fc73f8976a00aca9773e6a322bb2c9e"
source = "git+https://github.com/sigp/milagro_bls?branch=paulh#7662690845f3f2594e46cfe71b6b0bb91d5e1f82"
dependencies = [
"amcl",
"hex 0.4.2",
@ -5256,6 +5269,15 @@ dependencies = [
"lazy_static",
]
[[package]]
name = "threadpool"
version = "1.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d050e60b33d41c19108b32cea32164033a9013fe3b46cbd4457559bfbf77afaa"
dependencies = [
"num_cpus",
]
[[package]]
name = "time"
version = "0.1.43"

1
Makefile
View File

@ -35,6 +35,7 @@ check-benches:
run-ef-tests:
cargo test --release --manifest-path=$(EF_TESTS)/Cargo.toml --features "ef_tests"
cargo test --release --manifest-path=$(EF_TESTS)/Cargo.toml --features "ef_tests,fake_crypto"
cargo test --release --manifest-path=$(EF_TESTS)/Cargo.toml --features "ef_tests,milagro"
# Runs only the tests/state_transition_vectors tests.
run-state-transition-tests:

2
account_manager/Cargo.toml
View File

@ -26,7 +26,7 @@ clap_utils = { path = "../common/clap_utils" }
eth2_wallet = { path = "../crypto/eth2_wallet" }
eth2_wallet_manager = { path = "../common/eth2_wallet_manager" }
rand = "0.7.2"
validator_dir = { path = "../common/validator_dir", features = ["unencrypted_keys"] }
validator_dir = { path = "../common/validator_dir" }
tokio = { version = "0.2.21", features = ["full"] }
eth2_keystore = { path = "../crypto/eth2_keystore" }
account_utils = { path = "../common/account_utils" }

3
account_manager/src/lib.rs
View File

@ -1,5 +1,4 @@
mod common;
pub mod upgrade_legacy_keypairs;
pub mod validator;
pub mod wallet;
@ -19,7 +18,6 @@ pub fn cli_app<'a, 'b>() -> App<'a, 'b> {
.about("Utilities for generating and managing Ethereum 2.0 accounts.")
.subcommand(wallet::cli_app())
.subcommand(validator::cli_app())
.subcommand(upgrade_legacy_keypairs::cli_app())
}
/// Run the account manager, returning an error if the operation did not succeed.
@ -27,7 +25,6 @@ pub fn run<T: EthSpec>(matches: &ArgMatches<'_>, env: Environment<T>) -> Result<
match matches.subcommand() {
(wallet::CMD, Some(matches)) => wallet::cli_run(matches)?,
(validator::CMD, Some(matches)) => validator::cli_run(matches, env)?,
(upgrade_legacy_keypairs::CMD, Some(matches)) => upgrade_legacy_keypairs::cli_run(matches)?,
(unknown, _) => {
return Err(format!(
"{} is not a valid {} command. See --help.",

149
account_manager/src/upgrade_legacy_keypairs.rs
View File

@ -1,149 +0,0 @@
//! This command allows migrating from the old method of storing keys (unencrypted SSZ) to the
//! current method of using encrypted EIP-2335 keystores.
//!
//! This command should be completely removed once the `unencrypted_keys` feature is removed from
//! the `validator_dir` command. This should hopefully be in mid-June 2020.
//!
//! ## Example
//!
//! This command will upgrade all keypairs in the `--validators-dir`, storing the newly-generated
//! passwords in `--secrets-dir`.
//!
//! ```ignore
//! lighthouse am upgrade-legacy-keypairs \
//! --validators-dir ~/.lighthouse/validators \
//! --secrets-dir ~/.lighthouse/secrets
//! ```
use crate::{SECRETS_DIR_FLAG, VALIDATOR_DIR_FLAG};
use clap::{App, Arg, ArgMatches};
use clap_utils::parse_required;
use eth2_keystore::KeystoreBuilder;
use rand::{distributions::Alphanumeric, Rng};
use std::fs::{create_dir_all, read_dir, write, File};
use std::path::{Path, PathBuf};
use types::Keypair;
use validator_dir::{
unencrypted_keys::load_unencrypted_keypair, VOTING_KEYSTORE_FILE, WITHDRAWAL_KEYSTORE_FILE,
};
pub const CMD: &str = "upgrade-legacy-keypairs";
pub const VOTING_KEYPAIR_FILE: &str = "voting_keypair";
pub const WITHDRAWAL_KEYPAIR_FILE: &str = "withdrawal_keypair";
pub fn cli_app<'a, 'b>() -> App<'a, 'b> {
App::new(CMD)
.about(
"Converts legacy unencrypted SSZ keypairs into encrypted keystores.",
)
.arg(
Arg::with_name(VALIDATOR_DIR_FLAG)
.long(VALIDATOR_DIR_FLAG)
.value_name("VALIDATORS_DIRECTORY")
.takes_value(true)
.required(true)
.help("The directory containing legacy validators. Generally ~/.lighthouse/validators"),
)
.arg(
Arg::with_name(SECRETS_DIR_FLAG)
.long(SECRETS_DIR_FLAG)
.value_name("SECRETS_DIRECTORY")
.takes_value(true)
.required(true)
.help("The directory where keystore passwords will be stored. Generally ~/.lighthouse/secrets"),
)
}
pub fn cli_run(matches: &ArgMatches) -> Result<(), String> {
let validators_dir: PathBuf = parse_required(matches, VALIDATOR_DIR_FLAG)?;
let secrets_dir: PathBuf = parse_required(matches, SECRETS_DIR_FLAG)?;
if !secrets_dir.exists() {
create_dir_all(&secrets_dir)
.map_err(|e| format!("Failed to create secrets dir {:?}: {:?}", secrets_dir, e))?;
}
read_dir(&validators_dir)
.map_err(|e| {
format!(
"Failed to read validators directory {:?}: {:?}",
validators_dir, e
)
})?
.try_for_each(|dir| {
let path = dir
.map_err(|e| format!("Unable to read dir: {}", e))?
.path();
if path.is_dir() {
if let Err(e) = upgrade_keypair(
&path,
&secrets_dir,
VOTING_KEYPAIR_FILE,
VOTING_KEYSTORE_FILE,
) {
println!("Validator {:?}: {:?}", path, e);
} else {
println!("Validator {:?} voting keys: success", path);
}
if let Err(e) = upgrade_keypair(
&path,
&secrets_dir,
WITHDRAWAL_KEYPAIR_FILE,
WITHDRAWAL_KEYSTORE_FILE,
) {
println!("Validator {:?}: {:?}", path, e);
} else {
println!("Validator {:?} withdrawal keys: success", path);
}
}
Ok(())
})
}
fn upgrade_keypair<P: AsRef<Path>>(
validator_dir: P,
secrets_dir: P,
input_filename: &str,
output_filename: &str,
) -> Result<(), String> {
let validator_dir = validator_dir.as_ref();
let secrets_dir = secrets_dir.as_ref();
let keypair: Keypair = load_unencrypted_keypair(validator_dir.join(input_filename))?;
let password = rand::thread_rng()
.sample_iter(&Alphanumeric)
.take(48)
.collect::<String>()
.into_bytes();
let keystore = KeystoreBuilder::new(&keypair, &password, "".into())
.map_err(|e| format!("Unable to create keystore builder: {:?}", e))?
.build()
.map_err(|e| format!("Unable to build keystore: {:?}", e))?;
let keystore_path = validator_dir.join(output_filename);
if keystore_path.exists() {
return Err(format!("{:?} already exists", keystore_path));
}
let mut file = File::create(&keystore_path).map_err(|e| format!("Cannot create: {:?}", e))?;
keystore
.to_json_writer(&mut file)
.map_err(|e| format!("Cannot write keystore to {:?}: {:?}", keystore_path, e))?;
let password_path = secrets_dir.join(keypair.pk.as_hex_string());
if password_path.exists() {
return Err(format!("{:?} already exists", password_path));
}
write(&password_path, &password)
.map_err(|e| format!("Unable to write password to {:?}: {:?}", password_path, e))?;
Ok(())
}

3
beacon_node/beacon_chain/Cargo.toml
View File

@ -9,6 +9,9 @@ default = ["participation_metrics"]
write_ssz_files = [] # Writes debugging .ssz files to /tmp during block processing.
participation_metrics = [] # Exposes validator participation metrics to Prometheus.
[dev-dependencies]
int_to_bytes = { path = "../../consensus/int_to_bytes" }
[dependencies]
eth2_config = { path = "../../common/eth2_config" }
merkle_proof = { path = "../../consensus/merkle_proof" }

4
beacon_node/beacon_chain/src/attestation_verification.rs
View File

@ -521,7 +521,7 @@ pub fn verify_attestation_signature<T: BeaconChainTypes>(
let _signature_verification_timer =
metrics::start_timer(&metrics::ATTESTATION_PROCESSING_SIGNATURE_TIMES);
if signature_set.is_valid() {
if signature_set.verify() {
Ok(())
} else {
Err(Error::InvalidSignature)
@ -589,7 +589,7 @@ pub fn verify_signed_aggregate_signatures<T: BeaconChainTypes>(
.map_err(BeaconChainError::SignatureSetError)?,
];
Ok(verify_signature_sets(signature_sets))
Ok(verify_signature_sets(signature_sets.iter()))
}
/// Assists in readability.

4
beacon_node/beacon_chain/src/beacon_chain.rs
View File

@ -862,7 +862,7 @@ impl<T: BeaconChainTypes> BeaconChain<T> {
root: target_root,
},
},
signature: AggregateSignature::empty_signature(),
signature: AggregateSignature::empty(),
})
}
@ -1654,7 +1654,7 @@ impl<T: BeaconChainTypes> BeaconChain<T> {
},
},
// The block is not signed here, that is the task of a validator client.
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
per_block_processing(

2
beacon_node/beacon_chain/src/builder.rs
View File

@ -666,7 +666,7 @@ fn genesis_block<T: EthSpec>(
message: BeaconBlock::empty(&spec),
// Empty signature, which should NEVER be read. This isn't to-spec, but makes the genesis
// block consistent with every other block.
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
genesis_block.message.state_root = genesis_state
.update_tree_hash_cache()

3
beacon_node/beacon_chain/src/errors.rs
View File

@ -6,7 +6,6 @@ use crate::observed_attesters::Error as ObservedAttestersError;
use crate::observed_block_producers::Error as ObservedBlockProducersError;
use operation_pool::OpPoolError;
use safe_arith::ArithError;
use ssz::DecodeError;
use ssz_types::Error as SszTypesError;
use state_processing::{
block_signature_verifier::Error as BlockSignatureVerifierError,
@ -69,7 +68,7 @@ pub enum BeaconChainError {
AttestationCacheLockTimeout,
ValidatorPubkeyCacheLockTimeout,
IncorrectStateForAttestation(RelativeEpochError),
InvalidValidatorPubkeyBytes(DecodeError),
InvalidValidatorPubkeyBytes(bls::Error),
ValidatorPubkeyCacheIncomplete(usize),
SignatureSetError(SignatureSetError),
BlockSignatureVerifierError(state_processing::block_signature_verifier::Error),

6
beacon_node/beacon_chain/src/snapshot_cache.rs
View File

@ -99,7 +99,7 @@ mod test {
use super::*;
use types::{
test_utils::{generate_deterministic_keypair, TestingBeaconStateBuilder},
BeaconBlock, Epoch, MainnetEthSpec, Signature, SignedBeaconBlock, Slot,
BeaconBlock, Epoch, MainnetEthSpec, SignedBeaconBlock, Slot,
};
const CACHE_SIZE: usize = 4;
@ -115,7 +115,9 @@ mod test {
beacon_state_root: Hash256::from_low_u64_be(i),
beacon_block: SignedBeaconBlock {
message: BeaconBlock::empty(&spec),
signature: Signature::new(&[42], &generate_deterministic_keypair(0).sk),
signature: generate_deterministic_keypair(0)
.sk
.sign(Hash256::from_low_u64_be(42)),
},
beacon_block_root: Hash256::from_low_u64_be(i),
}

13
beacon_node/beacon_chain/src/test_utils.rs
View File

@ -23,8 +23,8 @@ use tempfile::{tempdir, TempDir};
use tree_hash::TreeHash;
use types::{
AggregateSignature, Attestation, BeaconState, BeaconStateHash, ChainSpec, Domain, EthSpec,
Hash256, Keypair, SecretKey, SelectionProof, Signature, SignedAggregateAndProof,
SignedBeaconBlock, SignedBeaconBlockHash, SignedRoot, Slot, SubnetId,
Hash256, Keypair, SecretKey, SelectionProof, SignedAggregateAndProof, SignedBeaconBlock,
SignedBeaconBlockHash, SignedRoot, Slot, SubnetId,
};
pub use types::test_utils::generate_deterministic_keypairs;
@ -515,7 +515,7 @@ where
self.spec
.get_domain(epoch, Domain::Randao, fork, state.genesis_validators_root);
let message = epoch.signing_root(domain);
Signature::new(message.as_bytes(), sk)
sk.sign(message)
};
let (block, state) = self
@ -586,12 +586,9 @@ where
let message = attestation.data.signing_root(domain);
let mut agg_sig = AggregateSignature::new();
let mut agg_sig = AggregateSignature::infinity();
agg_sig.add(&Signature::new(
message.as_bytes(),
self.get_sk(*validator_index),
));
agg_sig.add_assign(&self.get_sk(*validator_index).sign(message));
agg_sig
};

3
beacon_node/beacon_chain/src/validator_pubkey_cache.rs
View File

@ -140,6 +140,7 @@ struct ValidatorPubkeyCacheFile(File);
enum Error {
Io(io::Error),
Ssz(DecodeError),
PubkeyDecode(bls::Error),
/// The file read from disk does not have a contiguous list of validator public keys. The file
/// has become corrupted.
InconsistentIndex {
@ -200,7 +201,7 @@ impl ValidatorPubkeyCacheFile {
let expected = last.map(|n| n + 1);
if expected.map_or(true, |expected| index == expected) {
last = Some(index);
pubkeys.push((&pubkey).try_into().map_err(Error::Ssz)?);
pubkeys.push((&pubkey).try_into().map_err(Error::PubkeyDecode)?);
indices.insert(pubkey, index);
} else {
return Err(Error::InconsistentIndex {

2
beacon_node/beacon_chain/tests/attestation_production.rs
View File

@ -111,7 +111,7 @@ fn produces_attestations() {
);
assert_eq!(
attestation.signature,
AggregateSignature::empty_signature(),
AggregateSignature::empty(),
"bad signature"
);
assert_eq!(data.index, index, "bad index");

32
beacon_node/beacon_chain/tests/attestation_verification.rs
View File

@ -8,13 +8,14 @@ use beacon_chain::{
test_utils::{AttestationStrategy, BeaconChainHarness, BlockStrategy, HarnessType},
BeaconChain, BeaconChainTypes,
};
use int_to_bytes::int_to_bytes32;
use state_processing::per_slot_processing;
use store::config::StoreConfig;
use tree_hash::TreeHash;
use types::{
test_utils::generate_deterministic_keypair, AggregateSignature, Attestation, EthSpec, Hash256,
Keypair, MainnetEthSpec, SecretKey, SelectionProof, Signature, SignedAggregateAndProof,
SignedBeaconBlock, SubnetId, Unsigned,
Keypair, MainnetEthSpec, SecretKey, SelectionProof, SignedAggregateAndProof, SignedBeaconBlock,
SubnetId, Unsigned,
};
pub type E = MainnetEthSpec;
@ -311,7 +312,7 @@ fn aggregated_gossip_verification() {
let aggregation_bits = &mut a.message.aggregate.aggregation_bits;
aggregation_bits.difference_inplace(&aggregation_bits.clone());
assert!(aggregation_bits.is_zero());
a.message.aggregate.signature = AggregateSignature::new();
a.message.aggregate.signature = AggregateSignature::infinity();
a
},
AttnError::EmptyAggregationBitfield
@ -330,7 +331,7 @@ fn aggregated_gossip_verification() {
{
let mut a = valid_aggregate.clone();
a.signature = Signature::new(&[42, 42], &validator_sk);
a.signature = validator_sk.sign(Hash256::from_low_u64_be(42));
a
},
@ -370,7 +371,9 @@ fn aggregated_gossip_verification() {
let mut i: u64 = 0;
a.message.selection_proof = loop {
i += 1;
let proof: SelectionProof = Signature::new(&i.to_le_bytes(), &validator_sk).into();
let proof: SelectionProof = validator_sk
.sign(Hash256::from_slice(&int_to_bytes32(i)))
.into();
if proof
.is_aggregator(committee_len, &harness.chain.spec)
.unwrap()
@ -397,8 +400,8 @@ fn aggregated_gossip_verification() {
{
let mut a = valid_aggregate.clone();
let mut agg_sig = AggregateSignature::new();
agg_sig.add(&Signature::new(&[42, 42], &aggregator_sk));
let mut agg_sig = AggregateSignature::infinity();
agg_sig.add_assign(&aggregator_sk.sign(Hash256::from_low_u64_be(42)));
a.message.aggregate.signature = agg_sig;
a
@ -727,8 +730,8 @@ fn unaggregated_gossip_verification() {
{
let mut a = valid_attestation.clone();
let mut agg_sig = AggregateSignature::new();
agg_sig.add(&Signature::new(&[42, 42], &validator_sk));
let mut agg_sig = AggregateSignature::infinity();
agg_sig.add_assign(&validator_sk.sign(Hash256::from_low_u64_be(42)));
a.signature = agg_sig;
a
@ -737,13 +740,10 @@ fn unaggregated_gossip_verification() {
AttnError::InvalidSignature
);
assert!(
harness
.chain
.verify_unaggregated_attestation_for_gossip(valid_attestation.clone(), subnet_id)
.is_ok(),
"valid attestation should be verified"
);
harness
.chain
.verify_unaggregated_attestation_for_gossip(valid_attestation.clone(), subnet_id)
.expect("valid attestation should be verified");
/*
* The following test ensures that:

8
beacon_node/beacon_chain/tests/block_verification.rs
View File

@ -68,13 +68,13 @@ fn chain_segment_blocks() -> Vec<SignedBeaconBlock<E>> {
fn junk_signature() -> Signature {
let kp = generate_deterministic_keypair(VALIDATOR_COUNT);
let message = &[42, 42];
Signature::new(message, &kp.sk)
let message = Hash256::from_slice(&[42; 32]);
kp.sk.sign(message)
}
fn junk_aggregate_signature() -> AggregateSignature {
let mut agg_sig = AggregateSignature::new();
agg_sig.add(&junk_signature());
let mut agg_sig = AggregateSignature::empty();
agg_sig.add_assign(&junk_signature());
agg_sig
}

6
beacon_node/beacon_chain/tests/op_verification.rs
View File

@ -201,7 +201,11 @@ fn attester_slashing() {
// Last half of the validators
let second_half = (VALIDATOR_COUNT as u64 / 2..VALIDATOR_COUNT as u64).collect::<Vec<_>>();
let signer = |idx: u64, message: &[u8]| Signature::new(message, &KEYPAIRS[idx as usize].sk);
let signer = |idx: u64, message: &[u8]| {
KEYPAIRS[idx as usize]
.sk
.sign(Hash256::from_slice(&message))
};
let make_slashing = |validators| {
TestingAttesterSlashingBuilder::double_vote::<_, E>(

2
beacon_node/eth1/src/deposit_log.rs
View File

@ -64,7 +64,7 @@ impl DepositLog {
};
let signature_is_valid = deposit_pubkey_signature_message(&deposit_data, spec)
.map_or(false, |msg| deposit_signature_set(&msg).is_valid());
.map_or(false, |msg| deposit_signature_set(&msg).verify());
Ok(DepositLog {
deposit_data,

2
beacon_node/eth1/tests/test.rs
View File

@ -44,7 +44,7 @@ fn random_deposit_data() -> DepositData {
pubkey: keypair.pk.into(),
withdrawal_credentials: Hash256::zero(),
amount: 32_000_000_000,
signature: Signature::empty_signature().into(),
signature: Signature::empty().into(),
};
deposit.signature = deposit.create_signature(&keypair.sk, &MainnetEthSpec::default_spec());

4
beacon_node/eth2_libp2p/src/rpc/protocol.rs
View File

@ -33,13 +33,13 @@ lazy_static! {
// same across different `EthSpec` implementations.
pub static ref SIGNED_BEACON_BLOCK_MIN: usize = SignedBeaconBlock::<MainnetEthSpec> {
message: BeaconBlock::empty(&MainnetEthSpec::default_spec()),
signature: Signature::empty_signature(),
signature: Signature::empty(),
}
.as_ssz_bytes()
.len();
pub static ref SIGNED_BEACON_BLOCK_MAX: usize = SignedBeaconBlock::<MainnetEthSpec> {
message: BeaconBlock::full(&MainnetEthSpec::default_spec()),
signature: Signature::empty_signature(),
signature: Signature::empty(),
}
.as_ssz_bytes()
.len();

10
beacon_node/eth2_libp2p/tests/rpc_tests.rs
View File

@ -127,7 +127,7 @@ async fn test_blocks_by_range_chunked_rpc() {
let empty_block = BeaconBlock::empty(&spec);
let empty_signed = SignedBeaconBlock {
message: empty_block,
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let rpc_response = Response::BlocksByRange(Some(Box::new(empty_signed)));
@ -238,7 +238,7 @@ async fn test_blocks_by_range_chunked_rpc_terminates_correctly() {
let empty_block = BeaconBlock::empty(&spec);
let empty_signed = SignedBeaconBlock {
message: empty_block,
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let rpc_response = Response::BlocksByRange(Some(Box::new(empty_signed)));
@ -365,7 +365,7 @@ async fn test_blocks_by_range_single_empty_rpc() {
let empty_block = BeaconBlock::empty(&spec);
let empty_signed = SignedBeaconBlock {
message: empty_block,
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let rpc_response = Response::BlocksByRange(Some(Box::new(empty_signed)));
@ -479,7 +479,7 @@ async fn test_blocks_by_root_chunked_rpc() {
let full_block = BeaconBlock::full(&spec);
let signed_full_block = SignedBeaconBlock {
message: full_block,
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let rpc_response = Response::BlocksByRoot(Some(Box::new(signed_full_block)));
@ -598,7 +598,7 @@ async fn test_blocks_by_root_chunked_rpc_terminates_correctly() {
let full_block = BeaconBlock::full(&spec);
let signed_full_block = SignedBeaconBlock {
message: full_block,
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let rpc_response = Response::BlocksByRoot(Some(Box::new(signed_full_block)));

2
beacon_node/genesis/src/interop.rs
View File

@ -31,7 +31,7 @@ pub fn interop_genesis_state<T: EthSpec>(
withdrawal_credentials: withdrawal_credentials(&keypair.pk),
pubkey: keypair.pk.clone().into(),
amount,
signature: Signature::empty_signature().into(),
signature: Signature::empty().into(),
};
data.signature = data.create_signature(&keypair.sk, spec);

7
beacon_node/operation_pool/src/lib.rs
View File

@ -901,8 +901,11 @@ mod release_tests {
}
fn attester_slashing(&self, slashed_indices: &[u64]) -> AttesterSlashing<MainnetEthSpec> {
let signer =
|idx: u64, message: &[u8]| Signature::new(message, &self.keypairs[idx as usize].sk);
let signer = |idx: u64, message: &[u8]| {
self.keypairs[idx as usize]
.sk
.sign(Hash256::from_slice(&message))
};
TestingAttesterSlashingBuilder::double_vote(
AttesterSlashingTestTask::Valid,
slashed_indices,

2
beacon_node/rest_api/src/helpers.rs
View File

@ -99,7 +99,7 @@ pub fn parse_pubkey_bytes(string: &str) -> Result<PublicKeyBytes, ApiError> {
if string.starts_with(PREFIX) {
let pubkey_bytes = hex::decode(string.trim_start_matches(PREFIX))
.map_err(|e| ApiError::BadRequest(format!("Invalid hex string: {:?}", e)))?;
let pubkey = PublicKeyBytes::from_bytes(pubkey_bytes.as_slice()).map_err(|e| {
let pubkey = PublicKeyBytes::deserialize(pubkey_bytes.as_slice()).map_err(|e| {
ApiError::BadRequest(format!("Unable to deserialize public key: {:?}.", e))
})?;
Ok(pubkey)

4
beacon_node/rest_api/tests/test.rs
View File

@ -62,7 +62,7 @@ fn get_randao_reveal<T: BeaconChainTypes>(
let epoch = slot.epoch(E::slots_per_epoch());
let domain = spec.get_domain(epoch, Domain::Randao, &fork, genesis_validators_root);
let message = epoch.signing_root(domain);
Signature::new(message.as_bytes(), &keypair.sk)
keypair.sk.sign(message)
}
/// Signs the given block (assuming the given `beacon_chain` uses deterministic keypairs).
@ -468,7 +468,7 @@ fn validator_block_post() {
// Try publishing the block without a signature, ensure it is flagged as invalid.
let empty_sig_block = SignedBeaconBlock {
message: block.clone(),
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let publish_status = env
.runtime()

2
common/deposit_contract/src/lib.rs
View File

@ -98,7 +98,7 @@ mod tests {
pubkey: keypair.pk.into(),
withdrawal_credentials: Hash256::from_slice(&[42; 32]),
amount: u64::max_value(),
signature: Signature::empty_signature().into(),
signature: Signature::empty().into(),
};
deposit_data.signature = deposit_data.create_signature(&keypair.sk, spec);
deposit_data

2
common/eth2_interop_keypairs/Cargo.toml
View File

@ -11,10 +11,10 @@ lazy_static = "1.4.0"
num-bigint = "0.3.0"
eth2_hashing = "0.1.0"
hex = "0.4.2"
milagro_bls = { git = "https://github.com/sigp/milagro_bls", tag = "v1.1.0" }
serde_yaml = "0.8.11"
serde = "1.0.110"
serde_derive = "1.0.110"
bls = { path = "../../crypto/bls" }
[dev-dependencies]
base64 = "0.12.1"

15
common/eth2_interop_keypairs/src/lib.rs
View File

@ -19,8 +19,8 @@
#[macro_use]
extern crate lazy_static;
use bls::{Keypair, PublicKey, SecretKey};
use eth2_hashing::hash;
use milagro_bls::{Keypair, PublicKey, SecretKey};
use num_bigint::BigUint;
use serde_derive::{Deserialize, Serialize};
use std::convert::TryInto;
@ -58,17 +58,14 @@ pub fn be_private_key(validator_index: usize) -> [u8; PRIVATE_KEY_BYTES] {
/// Return a public and private keypair for a given `validator_index`.
pub fn keypair(validator_index: usize) -> Keypair {
let sk = SecretKey::from_bytes(&be_private_key(validator_index)).unwrap_or_else(|_| {
let sk = SecretKey::deserialize(&be_private_key(validator_index)).unwrap_or_else(|_| {
panic!(
"Should build valid private key for validator index {}",
validator_index
)
});
Keypair {
pk: PublicKey::from_secret_key(&sk),
sk,
}
Keypair::from_components(sk.public_key(), sk)
}
#[derive(Serialize, Deserialize)]
@ -93,18 +90,18 @@ impl TryInto<Keypair> for YamlKeypair {
let sk = {
let mut bytes = vec![0; PRIVATE_KEY_BYTES - privkey.len()];
bytes.extend_from_slice(&privkey);
SecretKey::from_bytes(&bytes)
SecretKey::deserialize(&bytes)
.map_err(|e| format!("Failed to decode bytes into secret key: {:?}", e))?
};
let pk = {
let mut bytes = vec![0; PUBLIC_KEY_BYTES - pubkey.len()];
bytes.extend_from_slice(&pubkey);
PublicKey::from_bytes(&bytes)
PublicKey::deserialize(&bytes)
.map_err(|e| format!("Failed to decode bytes into public key: {:?}", e))?
};
Ok(Keypair { pk, sk })
Ok(Keypair::from_components(pk, sk))
}
}

4
common/eth2_interop_keypairs/tests/from_file.rs
View File

@ -14,8 +14,8 @@ fn load_from_yaml() {
keypairs.into_iter().enumerate().for_each(|(i, keypair)| {
assert_eq!(
keypair,
reference_keypair(i),
keypair.pk,
reference_keypair(i).pk,
"Decoded key {} does not match generated key",
i
)

2
common/eth2_interop_keypairs/tests/generation.rs
View File

@ -53,6 +53,6 @@ fn reference_public_keys() {
"Reference should be 48 bytes (public key size)"
);
assert_eq!(pair.pk.as_bytes().to_vec(), reference);
assert_eq!(pair.pk.serialize().to_vec(), reference);
});
}

26
common/rest_types/src/validator.rs
View File

@ -1,8 +1,6 @@
use bls::{PublicKey, PublicKeyBytes, Signature};
use eth2_hashing::hash;
use bls::{PublicKey, PublicKeyBytes};
use serde::{Deserialize, Serialize};
use ssz_derive::{Decode, Encode};
use std::convert::TryInto;
use types::{CommitteeIndex, Epoch, Slot};
/// A Validator duty with the validator public key represented a `PublicKeyBytes`.
@ -36,23 +34,6 @@ pub struct ValidatorDutyBase<T> {
}
impl<T> ValidatorDutyBase<T> {
/// Given a `slot_signature` determines if the validator of this duty is an aggregator.
// Note that we assume the signature is for the associated pubkey to avoid the signature
// verification
pub fn is_aggregator(&self, slot_signature: &Signature) -> bool {
if let Some(modulo) = self.aggregator_modulo {
let signature_hash = hash(&slot_signature.as_bytes());
let signature_hash_int = u64::from_le_bytes(
signature_hash[0..8]
.try_into()
.expect("first 8 bytes of signature should always convert to fixed array"),
);
signature_hash_int % modulo == 0
} else {
false
}
}
/// Return `true` if these validator duties are equal, ignoring their `block_proposal_slots`.
pub fn eq_ignoring_proposal_slots(&self, other: &Self) -> bool
where
@ -95,11 +76,14 @@ pub struct ValidatorSubscription {
#[cfg(test)]
mod test {
use super::*;
use bls::SecretKey;
#[test]
fn eq_ignoring_proposal_slots() {
let validator_pubkey = SecretKey::deserialize(&[1; 32]).unwrap().public_key();
let duty1 = ValidatorDuty {
validator_pubkey: PublicKey::default(),
validator_pubkey,
validator_index: Some(10),
attestation_slot: Some(Slot::new(50)),
attestation_committee_index: Some(2),

1
common/validator_dir/Cargo.toml
View File

@ -5,7 +5,6 @@ authors = ["Paul Hauner <paul@paulhauner.com>"]
edition = "2018"
[features]
unencrypted_keys = []
insecure_keys = []
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

4
common/validator_dir/src/builder.rs
View File

@ -170,7 +170,7 @@ impl<'a> Builder<'a> {
pubkey: voting_keypair.pk.clone().into(),
withdrawal_credentials,
amount,
signature: Signature::empty_signature().into(),
signature: Signature::empty().into(),
};
deposit_data.signature = deposit_data.create_signature(&voting_keypair.sk, &spec);
@ -220,7 +220,7 @@ impl<'a> Builder<'a> {
// Write the withdrawal password to file.
write_password_to_file(
self.password_dir
.join(withdrawal_keypair.pk.as_hex_string()),
.join(withdrawal_keypair.pk.to_hex_string()),
withdrawal_password.as_bytes(),
)?;

1
common/validator_dir/src/lib.rs
View File

@ -10,7 +10,6 @@
mod builder;
pub mod insecure_keys;
mod manager;
pub mod unencrypted_keys;
mod validator_dir;
pub use crate::validator_dir::{Error, Eth1DepositData, ValidatorDir, ETH1_DEPOSIT_TX_HASH_FILE};

6
common/validator_dir/src/manager.rs
View File

@ -107,14 +107,14 @@ impl Manager {
info!(
log,
"Decrypted validator keystore";
"voting_pubkey" => kp.pk.as_hex_string()
"voting_pubkey" => kp.pk.to_hex_string()
);
if lockfile_existed {
warn!(
log,
"Lockfile already existed";
"msg" => "ensure no other validator client is running on this host",
"voting_pubkey" => kp.pk.as_hex_string()
"voting_pubkey" => kp.pk.to_hex_string()
);
}
}
@ -147,7 +147,7 @@ impl Manager {
info!(
log,
"Decrypted validator keystore";
"voting_pubkey" => kp.pk.as_hex_string()
"voting_pubkey" => kp.pk.to_hex_string()
)
}
(kp, v)

48
common/validator_dir/src/unencrypted_keys.rs
View File

@ -1,48 +0,0 @@
//! The functionality in this module is only required for backward compatibility with the old
//! method of key generation (unencrypted, SSZ-encoded keypairs). It should be removed as soon as
//! we're confident that no-one is using these keypairs anymore (hopefully mid-June 2020).
#![cfg(feature = "unencrypted_keys")]
use bls::{BLS_PUBLIC_KEY_BYTE_SIZE as PK_LEN, BLS_SECRET_KEY_BYTE_SIZE as SK_LEN};
use eth2_keystore::PlainText;
use std::fs::File;
use std::io::Read;
use std::path::Path;
use types::{Keypair, PublicKey, SecretKey};
/// Read a keypair from disk, using the old format where keys were stored as unencrypted
/// SSZ-encoded keypairs.
///
/// This only exists as compatibility with the old scheme and should not be implemented on any new
/// features.
pub fn load_unencrypted_keypair<P: AsRef<Path>>(path: P) -> Result<Keypair, String> {
let path = path.as_ref();
if !path.exists() {
return Err(format!("Keypair file does not exist: {:?}", path));
}
let mut bytes = vec![];
File::open(&path)
.map_err(|e| format!("Unable to open keypair file: {}", e))?
.read_to_end(&mut bytes)
.map_err(|e| format!("Unable to read keypair file: {}", e))?;
let bytes: PlainText = bytes.into();
if bytes.len() != PK_LEN + SK_LEN {
return Err(format!("Invalid keypair byte length: {}", bytes.len()));
}
let pk_bytes = &bytes.as_bytes()[..PK_LEN];
let sk_bytes = &bytes.as_bytes()[PK_LEN..];
let pk = PublicKey::from_bytes(pk_bytes)
.map_err(|e| format!("Unable to decode public key: {:?}", e))?;
let sk = SecretKey::from_bytes(sk_bytes)
.map_err(|e| format!("Unable to decode secret key: {:?}", e))?;
Ok(Keypair { pk, sk })
}

8
consensus/state_processing/src/per_block_processing.rs
View File

@ -3,7 +3,6 @@ use errors::{BlockOperationError, BlockProcessingError, HeaderInvalid, IntoWithI
use rayon::prelude::*;
use safe_arith::{ArithError, SafeArith};
use signature_sets::{block_proposal_signature_set, get_pubkey_from_state, randao_signature_set};
use std::convert::TryInto;
use tree_hash::TreeHash;
use types::*;
@ -215,7 +214,7 @@ pub fn verify_block_signature<T: EthSpec>(
block_root,
spec
)?
.is_valid(),
.verify(),
HeaderInvalid::ProposalSignatureInvalid
);
@ -235,8 +234,7 @@ pub fn process_randao<T: EthSpec>(
if verify_signatures.is_true() {
// Verify RANDAO reveal signature.
block_verify!(
randao_signature_set(state, |i| get_pubkey_from_state(state, i), block, spec)?
.is_valid(),
randao_signature_set(state, |i| get_pubkey_from_state(state, i), block, spec)?.verify(),
BlockProcessingError::RandaoSignatureInvalid
);
}
@ -452,7 +450,7 @@ pub fn process_deposit<T: EthSpec>(
// depositing validator already exists in the registry.
state.update_pubkey_cache()?;
let pubkey: PublicKey = match (&deposit.data.pubkey).try_into() {
let pubkey: PublicKey = match deposit.data.pubkey.decompress() {
Err(_) => return Ok(()), //bad public key => return early
Ok(k) => k,
};

2
consensus/state_processing/src/per_block_processing/block_processing_builder.rs
View File

@ -126,7 +126,7 @@ impl<'a, T: EthSpec> BlockProcessingBuilder<'a, T> {
let mut attestation = Attestation {
aggregation_bits: BitList::with_capacity(committee.committee.len()).unwrap(),
data,
signature: AggregateSignature::new(),
signature: AggregateSignature::empty(),
};
for (i, &validator_index) in committee.committee.iter().enumerate() {

4
consensus/state_processing/src/per_block_processing/block_signature_verifier.rs
View File

@ -71,7 +71,7 @@ where
get_pubkey: F,
state: &'a BeaconState<T>,
spec: &'a ChainSpec,
sets: Vec<SignatureSet>,
sets: Vec<SignatureSet<'a>>,
}
impl<'a, T, F> BlockSignatureVerifier<'a, T, F>
@ -129,7 +129,7 @@ where
.sets
.into_par_iter()
.chunks(num_chunks)
.map(verify_signature_sets)
.map(|chunk| verify_signature_sets(chunk.iter()))
.reduce(|| true, |current, this| current && this);
if result {

2
consensus/state_processing/src/per_block_processing/is_valid_indexed_attestation.rs
View File

@ -45,7 +45,7 @@ pub fn is_valid_indexed_attestation<T: EthSpec>(
&indexed_attestation,
spec
)?
.is_valid(),
.verify(),
Invalid::BadSignature
);
}

77
consensus/state_processing/src/per_block_processing/signature_sets.rs
View File

@ -5,7 +5,6 @@
use bls::SignatureSet;
use ssz::DecodeError;
use std::borrow::Cow;
use std::convert::TryInto;
use tree_hash::TreeHash;
use types::{
AggregateSignature, AttesterSlashing, BeaconBlock, BeaconState, BeaconStateError, ChainSpec,
@ -56,7 +55,7 @@ where
.validators
.get(validator_index)
.and_then(|v| {
let pk: Option<PublicKey> = (&v.pubkey).try_into().ok();
let pk: Option<PublicKey> = v.pubkey.decompress().ok();
pk
})
.map(Cow::Owned)
@ -69,7 +68,7 @@ pub fn block_proposal_signature_set<'a, T, F>(
signed_block: &'a SignedBeaconBlock<T>,
block_root: Option<Hash256>,
spec: &'a ChainSpec,
) -> Result<SignatureSet>
) -> Result<SignatureSet<'a>>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -101,10 +100,10 @@ where
block.signing_root(domain)
};
Ok(SignatureSet::single(
Ok(SignatureSet::single_pubkey(
&signed_block.signature,
get_pubkey(proposer_index).ok_or_else(|| Error::ValidatorUnknown(proposer_index as u64))?,
message.as_bytes().to_vec(),
message,
))
}
@ -114,7 +113,7 @@ pub fn randao_signature_set<'a, T, F>(
get_pubkey: F,
block: &'a BeaconBlock<T>,
spec: &'a ChainSpec,
) -> Result<SignatureSet>
) -> Result<SignatureSet<'a>>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -130,10 +129,10 @@ where
let message = block.slot.epoch(T::slots_per_epoch()).signing_root(domain);
Ok(SignatureSet::single(
Ok(SignatureSet::single_pubkey(
&block.body.randao_reveal,
get_pubkey(proposer_index).ok_or_else(|| Error::ValidatorUnknown(proposer_index as u64))?,
message.as_bytes().to_vec(),
message,
))
}
@ -143,7 +142,7 @@ pub fn proposer_slashing_signature_set<'a, T, F>(
get_pubkey: F,
proposer_slashing: &'a ProposerSlashing,
spec: &'a ChainSpec,
) -> Result<(SignatureSet, SignatureSet)>
) -> Result<(SignatureSet<'a>, SignatureSet<'a>)>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -174,7 +173,7 @@ fn block_header_signature_set<'a, T: EthSpec>(
signed_header: &'a SignedBeaconBlockHeader,
pubkey: Cow<'a, PublicKey>,
spec: &'a ChainSpec,
) -> Result<SignatureSet> {
) -> Result<SignatureSet<'a>> {
let domain = spec.get_domain(
signed_header.message.slot.epoch(T::slots_per_epoch()),
Domain::BeaconProposer,
@ -182,13 +181,9 @@ fn block_header_signature_set<'a, T: EthSpec>(
state.genesis_validators_root,
);
let message = signed_header
.message
.signing_root(domain)
.as_bytes()
.to_vec();
let message = signed_header.message.signing_root(domain);
Ok(SignatureSet::single(
Ok(SignatureSet::single_pubkey(
&signed_header.signature,
pubkey,
message,
@ -202,7 +197,7 @@ pub fn indexed_attestation_signature_set<'a, 'b, T, F>(
signature: &'a AggregateSignature,
indexed_attestation: &'b IndexedAttestation<T>,
spec: &'a ChainSpec,
) -> Result<SignatureSet>
) -> Result<SignatureSet<'a>>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -224,9 +219,8 @@ where
);
let message = indexed_attestation.data.signing_root(domain);
let message = message.as_bytes().to_vec();
Ok(SignatureSet::new(signature, pubkeys, message))
Ok(SignatureSet::multiple_pubkeys(signature, pubkeys, message))
}
/// Returns the signature set for the given `indexed_attestation` but pubkeys are supplied directly
@ -238,7 +232,7 @@ pub fn indexed_attestation_signature_set_from_pubkeys<'a, 'b, T, F>(
fork: &Fork,
genesis_validators_root: Hash256,
spec: &'a ChainSpec,
) -> Result<SignatureSet>
) -> Result<SignatureSet<'a>>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -260,9 +254,8 @@ where
);
let message = indexed_attestation.data.signing_root(domain);
let message = message.as_bytes().to_vec();
Ok(SignatureSet::new(signature, pubkeys, message))
Ok(SignatureSet::multiple_pubkeys(signature, pubkeys, message))
}
/// Returns the signature set for the given `attester_slashing` and corresponding `pubkeys`.
@ -271,7 +264,7 @@ pub fn attester_slashing_signature_sets<'a, T, F>(
get_pubkey: F,
attester_slashing: &'a AttesterSlashing<T>,
spec: &'a ChainSpec,
) -> Result<(SignatureSet, SignatureSet)>
) -> Result<(SignatureSet<'a>, SignatureSet<'a>)>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>> + Clone,
@ -300,28 +293,24 @@ where
pub fn deposit_pubkey_signature_message(
deposit_data: &DepositData,
spec: &ChainSpec,
) -> Option<(PublicKey, Signature, Vec<u8>)> {
let pubkey = (&deposit_data.pubkey).try_into().ok()?;
let signature = (&deposit_data.signature).try_into().ok()?;
) -> Option<(PublicKey, Signature, Hash256)> {
let pubkey = deposit_data.pubkey.decompress().ok()?;
let signature = deposit_data.signature.decompress().ok()?;
let domain = spec.get_deposit_domain();
let message = deposit_data
.as_deposit_message()
.signing_root(domain)
.as_bytes()
.to_vec();
let message = deposit_data.as_deposit_message().signing_root(domain);
Some((pubkey, signature, message))
}
/// Returns the signature set for some set of deposit signatures, made with
/// `deposit_pubkey_signature_message`.
pub fn deposit_signature_set(
pubkey_signature_message: &(PublicKey, Signature, Vec<u8>),
pubkey_signature_message: &(PublicKey, Signature, Hash256),
) -> SignatureSet {
let (pubkey, signature, message) = pubkey_signature_message;
// Note: Deposits are valid across forks, thus the deposit domain is computed
// with the fok zeroed.
SignatureSet::single(&signature, Cow::Borrowed(pubkey), message.clone())
SignatureSet::single_pubkey(signature, Cow::Borrowed(pubkey), *message)
}
/// Returns a signature set that is valid if the `SignedVoluntaryExit` was signed by the indicated
@ -331,7 +320,7 @@ pub fn exit_signature_set<'a, T, F>(
get_pubkey: F,
signed_exit: &'a SignedVoluntaryExit,
spec: &'a ChainSpec,
) -> Result<SignatureSet>
) -> Result<SignatureSet<'a>>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -346,9 +335,9 @@ where
state.genesis_validators_root,
);
let message = exit.signing_root(domain).as_bytes().to_vec();
let message = exit.signing_root(domain);
Ok(SignatureSet::single(
Ok(SignatureSet::single_pubkey(
&signed_exit.signature,
get_pubkey(proposer_index).ok_or_else(|| Error::ValidatorUnknown(proposer_index as u64))?,
message,
@ -361,7 +350,7 @@ pub fn signed_aggregate_selection_proof_signature_set<'a, T, F>(
fork: &Fork,
genesis_validators_root: Hash256,
spec: &'a ChainSpec,
) -> Result<SignatureSet>
) -> Result<SignatureSet<'a>>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -374,11 +363,11 @@ where
fork,
genesis_validators_root,
);
let message = slot.signing_root(domain).as_bytes().to_vec();
let message = slot.signing_root(domain);
let signature = &signed_aggregate_and_proof.message.selection_proof;
let validator_index = signed_aggregate_and_proof.message.aggregator_index;
Ok(SignatureSet::single(
Ok(SignatureSet::single_pubkey(
signature,
get_pubkey(validator_index as usize)
.ok_or_else(|| Error::ValidatorUnknown(validator_index))?,
@ -392,7 +381,7 @@ pub fn signed_aggregate_signature_set<'a, T, F>(
fork: &Fork,
genesis_validators_root: Hash256,
spec: &'a ChainSpec,
) -> Result<SignatureSet>
) -> Result<SignatureSet<'a>>
where
T: EthSpec,
F: Fn(usize) -> Option<Cow<'a, PublicKey>>,
@ -410,15 +399,11 @@ where
fork,
genesis_validators_root,
);
let message = signed_aggregate_and_proof
.message
.signing_root(domain)
.as_bytes()
.to_vec();
let message = signed_aggregate_and_proof.message.signing_root(domain);
let signature = &signed_aggregate_and_proof.signature;
let validator_index = signed_aggregate_and_proof.message.aggregator_index;
Ok(SignatureSet::single(
Ok(SignatureSet::single_pubkey(
signature,
get_pubkey(validator_index as usize)
.ok_or_else(|| Error::ValidatorUnknown(validator_index))?,

2
consensus/state_processing/src/per_block_processing/verify_deposit.rs
View File

@ -21,7 +21,7 @@ pub fn verify_deposit_signature(deposit_data: &DepositData, spec: &ChainSpec) ->
.ok_or_else(|| error(DepositInvalid::BadBlsBytes))?;
verify!(
deposit_signature_set(&deposit_signature_message).is_valid(),
deposit_signature_set(&deposit_signature_message).verify(),
DepositInvalid::BadSignature
);

2
consensus/state_processing/src/per_block_processing/verify_exit.rs
View File

@ -93,7 +93,7 @@ fn verify_exit_parametric<T: EthSpec>(
signed_exit,
spec
)?
.is_valid(),
.verify(),
ExitInvalid::BadSignature
);
}

4
consensus/state_processing/src/per_block_processing/verify_proposer_slashing.rs
View File

@ -57,8 +57,8 @@ pub fn verify_proposer_slashing<T: EthSpec>(
proposer_slashing,
spec,
)?;
verify!(signature_set_1.is_valid(), Invalid::BadProposal1Signature);
verify!(signature_set_2.is_valid(), Invalid::BadProposal2Signature);
verify!(signature_set_1.verify(), Invalid::BadProposal1Signature);
verify!(signature_set_2.verify(), Invalid::BadProposal2Signature);
}
Ok(())

12
consensus/state_processing/tests/tests.rs
View File

@ -1,11 +1,11 @@
#![cfg(not(feature = "fake_crypto"))]
// #![cfg(not(feature = "fake_crypto"))]
use state_processing::{
per_block_processing, test_utils::BlockBuilder, BlockProcessingError, BlockSignatureStrategy,
};
use types::{
AggregateSignature, BeaconState, ChainSpec, EthSpec, Keypair, MinimalEthSpec, Signature,
SignedBeaconBlock, Slot,
AggregateSignature, BeaconState, ChainSpec, EthSpec, Hash256, Keypair, MinimalEthSpec,
Signature, SignedBeaconBlock, Slot,
};
const VALIDATOR_COUNT: usize = 64;
@ -92,15 +92,15 @@ where
// TODO: use lazy static
fn agg_sig() -> AggregateSignature {
let mut agg_sig = AggregateSignature::new();
agg_sig.add(&sig());
let mut agg_sig = AggregateSignature::infinity();
agg_sig.add_assign(&sig());
agg_sig
}
// TODO: use lazy static
fn sig() -> Signature {
let keypair = Keypair::random();
Signature::new(&[42, 42], &keypair.sk)
keypair.sk.sign(Hash256::from_low_u64_be(42))
}
type TestEthSpec = MinimalEthSpec;

3
consensus/types/src/aggregate_and_proof.rs
View File

@ -73,8 +73,7 @@ impl<T: EthSpec> AggregateAndProof<T> {
genesis_validators_root,
);
let message = self.aggregate.data.slot.signing_root(domain);
self.selection_proof
.verify(message.as_bytes(), validator_pubkey)
self.selection_proof.verify(validator_pubkey, message)
}
}

7
consensus/types/src/attestation.rs
View File

@ -1,6 +1,6 @@
use super::{
AggregateSignature, AttestationData, BitList, ChainSpec, Domain, EthSpec, Fork, SecretKey,
Signature, SignedRoot,
SignedRoot,
};
use crate::{test_utils::TestRandom, Hash256};
use safe_arith::ArithError;
@ -44,7 +44,7 @@ impl<T: EthSpec> Attestation<T> {
debug_assert!(self.signers_disjoint_from(other));
self.aggregation_bits = self.aggregation_bits.union(&other.aggregation_bits);
self.signature.add_aggregate(&other.signature);
self.signature.add_assign_aggregate(&other.signature);
}
/// Signs `self`, setting the `committee_position`'th bit of `aggregation_bits` to `true`.
@ -77,8 +77,7 @@ impl<T: EthSpec> Attestation<T> {
);
let message = self.data.signing_root(domain);
self.signature
.add(&Signature::new(message.as_bytes(), secret_key));
self.signature.add_assign(&secret_key.sign(message));
Ok(())
}

12
consensus/types/src/beacon_block.rs
View File

@ -35,7 +35,7 @@ impl<T: EthSpec> BeaconBlock<T> {
parent_root: Hash256::zero(),
state_root: Hash256::zero(),
body: BeaconBlockBody {
randao_reveal: Signature::empty_signature(),
randao_reveal: Signature::empty(),
eth1_data: Eth1Data {
deposit_root: Hash256::zero(),
block_hash: Hash256::zero(),
@ -63,7 +63,7 @@ impl<T: EthSpec> BeaconBlock<T> {
let signed_header = SignedBeaconBlockHeader {
message: header,
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let indexed_attestation: IndexedAttestation<T> = IndexedAttestation {
attesting_indices: VariableList::new(vec![
@ -72,7 +72,7 @@ impl<T: EthSpec> BeaconBlock<T> {
])
.unwrap(),
data: AttestationData::default(),
signature: AggregateSignature::new(),
signature: AggregateSignature::empty(),
};
let deposit_data = DepositData {
@ -95,7 +95,7 @@ impl<T: EthSpec> BeaconBlock<T> {
aggregation_bits: BitList::with_capacity(T::MaxValidatorsPerCommittee::to_usize())
.unwrap(),
data: AttestationData::default(),
signature: AggregateSignature::new(),
signature: AggregateSignature::empty(),
};
let deposit = Deposit {
@ -110,7 +110,7 @@ impl<T: EthSpec> BeaconBlock<T> {
let signed_voluntary_exit = SignedVoluntaryExit {
message: voluntary_exit,
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let mut block: BeaconBlock<T> = BeaconBlock::empty(spec);
@ -200,7 +200,7 @@ impl<T: EthSpec> BeaconBlock<T> {
genesis_validators_root,
);
let message = self.signing_root(domain);
let signature = Signature::new(message.as_bytes(), secret_key);
let signature = secret_key.sign(message);
SignedBeaconBlock {
message: self,
signature,

2
consensus/types/src/beacon_block_header.rs
View File

@ -54,7 +54,7 @@ impl BeaconBlockHeader {
let epoch = self.slot.epoch(E::slots_per_epoch());
let domain = spec.get_domain(epoch, Domain::BeaconProposer, fork, genesis_validators_root);
let message = self.signing_root(domain);
let signature = Signature::new(message.as_bytes(), secret_key);
let signature = secret_key.sign(message);
SignedBeaconBlockHeader {
message: self,
signature,

4
consensus/types/src/beacon_state.rs
View File

@ -10,7 +10,7 @@ use int_to_bytes::{int_to_bytes4, int_to_bytes8};
use pubkey_cache::PubkeyCache;
use safe_arith::{ArithError, SafeArith};
use serde_derive::{Deserialize, Serialize};
use ssz::ssz_encode;
use ssz::{ssz_encode, Encode};
use ssz_derive::{Decode, Encode};
use ssz_types::{typenum::Unsigned, BitVector, FixedVector};
use std::convert::TryInto;
@ -501,7 +501,7 @@ impl<T: EthSpec> BeaconState<T> {
1,
(committee.committee.len() as u64).safe_div(spec.target_aggregators_per_committee)?,
);
let signature_hash = hash(&slot_signature.as_bytes());
let signature_hash = hash(&slot_signature.as_ssz_bytes());
let signature_hash_int = u64::from_le_bytes(
signature_hash[0..8]
.try_into()

2
consensus/types/src/deposit_data.rs
View File

@ -38,7 +38,7 @@ impl DepositData {
let domain = spec.get_deposit_domain();
let msg = self.as_deposit_message().signing_root(domain);
SignatureBytes::from(Signature::new(msg.as_bytes(), secret_key))
SignatureBytes::from(secret_key.sign(msg))
}
}

3
consensus/types/src/lib.rs
View File

@ -96,8 +96,7 @@ pub type Address = H160;
pub type ForkVersion = [u8; 4];
pub use bls::{
AggregatePublicKey, AggregateSignature, Keypair, PublicKey, PublicKeyBytes, SecretKey,
Signature, SignatureBytes,
AggregateSignature, Keypair, PublicKey, PublicKeyBytes, SecretKey, Signature, SignatureBytes,
};
pub use ssz_types::{typenum, typenum::Unsigned, BitList, BitVector, FixedVector, VariableList};
pub use utils::{Graffiti, GRAFFITI_BYTES_LEN};

4
consensus/types/src/selection_proof.rs
View File

@ -27,7 +27,7 @@ impl SelectionProof {
);
let message = slot.signing_root(domain);
Self(Signature::new(message.as_bytes(), secret_key))
Self(secret_key.sign(message))
}
/// Returns the "modulo" used for determining if a `SelectionProof` elects an aggregator.
@ -74,7 +74,7 @@ impl SelectionProof {
);
let message = slot.signing_root(domain);
self.0.verify(message.as_bytes(), pubkey)
self.0.verify(pubkey, message)
}
}

4
consensus/types/src/signed_aggregate_and_proof.rs
View File

@ -57,7 +57,7 @@ impl<T: EthSpec> SignedAggregateAndProof<T> {
SignedAggregateAndProof {
message,
signature: Signature::new(signing_message.as_bytes(), &secret_key),
signature: secret_key.sign(signing_message),
}
}
@ -77,7 +77,7 @@ impl<T: EthSpec> SignedAggregateAndProof<T> {
genesis_validators_root,
);
let message = self.message.signing_root(domain);
self.signature.verify(message.as_bytes(), validator_pubkey)
self.signature.verify(validator_pubkey, message)
}
/// Verifies the signature of the `AggregateAndProof` as well the underlying selection_proof in

2
consensus/types/src/signed_beacon_block.rs
View File

@ -78,7 +78,7 @@ impl<E: EthSpec> SignedBeaconBlock<E> {
self.message.signing_root(domain)
};
self.signature.verify(message.as_bytes(), pubkey)
self.signature.verify(pubkey, message)
}
/// Convenience accessor for the block's slot.

2
consensus/types/src/test_utils/builders/testing_attestation_builder.rs
View File

@ -36,7 +36,7 @@ impl<T: EthSpec> TestingAttestationBuilder<T> {
let attestation = Attestation {
aggregation_bits,
data: data_builder.build(),
signature: AggregateSignature::new(),
signature: AggregateSignature::empty(),
};
Self {

6
consensus/types/src/test_utils/builders/testing_attester_slashing_builder.rs
View File

@ -64,7 +64,7 @@ impl TestingAttesterSlashingBuilder {
validator_indices.to_vec().into()
},
data: data_1,
signature: AggregateSignature::new(),
signature: AggregateSignature::empty(),
};
let mut attestation_2 = IndexedAttestation {
@ -76,7 +76,7 @@ impl TestingAttesterSlashingBuilder {
validator_indices.to_vec().into()
},
data: data_2,
signature: AggregateSignature::new(),
signature: AggregateSignature::empty(),
};
let add_signatures = |attestation: &mut IndexedAttestation<T>| {
@ -90,7 +90,7 @@ impl TestingAttesterSlashingBuilder {
for validator_index in validator_indices {
let signature = signer(*validator_index, message.as_bytes());
attestation.signature.add(&signature);
attestation.signature.add_assign(&signature);
}
};

6
consensus/types/src/test_utils/builders/testing_beacon_block_builder.rs
View File

@ -101,7 +101,7 @@ impl<T: EthSpec> TestingBeaconBlockBuilder<T> {
let epoch = self.block.slot.epoch(T::slots_per_epoch());
let domain = spec.get_domain(epoch, Domain::Randao, fork, genesis_validators_root);
let message = epoch.signing_root(domain);
self.block.body.randao_reveal = Signature::new(message.as_bytes(), sk);
self.block.body.randao_reveal = sk.sign(message);
}
/// Has the randao reveal been set?
@ -368,7 +368,7 @@ impl<T: EthSpec> TestingBeaconBlockBuilder<T> {
pub fn build_without_signing(self) -> SignedBeaconBlock<T> {
SignedBeaconBlock {
message: self.block,
signature: Signature::empty_signature(),
signature: Signature::empty(),
}
}
}
@ -410,7 +410,7 @@ pub fn build_double_vote_attester_slashing<T: EthSpec>(
.iter()
.position(|&i| i == validator_index)
.expect("Unable to find attester slashing key");
Signature::new(message, secret_keys[key_index])
secret_keys[key_index].sign(Hash256::from_slice(message))
};
TestingAttesterSlashingBuilder::double_vote(

2
consensus/types/src/test_utils/builders/testing_deposit_builder.rs
View File

@ -41,7 +41,7 @@ impl TestingDepositBuilder {
// Creating invalid public key bytes
let mut public_key_bytes: Vec<u8> = vec![0; 48];
public_key_bytes[0] = 255;
pubkeybytes = PublicKeyBytes::from_bytes(&public_key_bytes).unwrap();
pubkeybytes = PublicKeyBytes::deserialize(&public_key_bytes).unwrap();
}
DepositTestTask::BadSig => secret_key = new_key.sk,
_ => (),

4
consensus/types/src/test_utils/builders/testing_proposer_slashing_builder.rs
View File

@ -37,7 +37,7 @@ impl TestingProposerSlashingBuilder {
state_root: hash_1,
body_root: hash_1,
},
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
let slot_2 = if test_task == ProposerSlashingTestTask::ProposalEpochMismatch {
@ -52,7 +52,7 @@ impl TestingProposerSlashingBuilder {
slot: slot_2,
..signed_header_1.message
},
signature: Signature::empty_signature(),
signature: Signature::empty(),
};
if test_task != ProposerSlashingTestTask::BadProposal1Signature {

14
consensus/types/src/test_utils/generate_deterministic_keypairs.rs
View File

@ -27,20 +27,10 @@ pub fn generate_deterministic_keypairs(validator_count: usize) -> Vec<Keypair> {
///
/// This is used for testing only, and not to be used in production!
pub fn generate_deterministic_keypair(validator_index: usize) -> Keypair {
let raw = keypair(validator_index);
Keypair {
pk: PublicKey::from_raw(raw.pk),
sk: SecretKey::from_raw(raw.sk),
}
keypair(validator_index)
}
/// Loads a list of keypairs from file.
pub fn load_keypairs_from_yaml(path: PathBuf) -> Result<Vec<Keypair>, String> {
Ok(keypairs_from_yaml_file(path)?
.into_iter()
.map(|raw| Keypair {
pk: PublicKey::from_raw(raw.pk),
sk: SecretKey::from_raw(raw.sk),
})
.collect())
keypairs_from_yaml_file(path)
}

4
consensus/types/src/test_utils/test_random/aggregate_signature.rs
View File

@ -4,8 +4,8 @@ use bls::{AggregateSignature, Signature};
impl TestRandom for AggregateSignature {
fn random_for_test(rng: &mut impl RngCore) -> Self {
let signature = Signature::random_for_test(rng);
let mut aggregate_signature = AggregateSignature::new();
aggregate_signature.add(&signature);
let mut aggregate_signature = AggregateSignature::infinity();
aggregate_signature.add_assign(&signature);
aggregate_signature
}
}

3
consensus/types/src/test_utils/test_random/public_key.rs
View File

@ -3,7 +3,6 @@ use bls::{PublicKey, SecretKey};
impl TestRandom for PublicKey {
fn random_for_test(rng: &mut impl RngCore) -> Self {
let secret_key = SecretKey::random_for_test(rng);
PublicKey::from_secret_key(&secret_key)
SecretKey::random_for_test(rng).public_key()
}
}

4
consensus/types/src/test_utils/test_random/public_key_bytes.rs
View File

@ -1,6 +1,6 @@
use std::convert::From;
use bls::{PublicKeyBytes, BLS_PUBLIC_KEY_BYTE_SIZE};
use bls::{PublicKeyBytes, PUBLIC_KEY_BYTES_LEN};
use super::*;
@ -12,7 +12,7 @@ impl TestRandom for PublicKeyBytes {
PublicKeyBytes::from(PublicKey::random_for_test(rng))
} else {
//invalid signature, just random bytes
PublicKeyBytes::from_bytes(&<[u8; BLS_PUBLIC_KEY_BYTE_SIZE]>::random_for_test(rng))
PublicKeyBytes::deserialize(&<[u8; PUBLIC_KEY_BYTES_LEN]>::random_for_test(rng))
.unwrap()
}
}

2
consensus/types/src/test_utils/test_random/signature.rs
View File

@ -7,6 +7,6 @@ impl TestRandom for Signature {
let mut message = vec![0; 32];
rng.fill_bytes(&mut message);
Signature::new(&message, &secret_key)
secret_key.sign(Hash256::from_slice(&message))
}
}

4
consensus/types/src/test_utils/test_random/signature_bytes.rs
View File

@ -1,4 +1,4 @@
use bls::{SignatureBytes, BLS_SIG_BYTE_SIZE};
use bls::{SignatureBytes, SIGNATURE_BYTES_LEN};
use super::*;
use std::convert::From;
@ -11,7 +11,7 @@ impl TestRandom for SignatureBytes {
SignatureBytes::from(Signature::random_for_test(rng))
} else {
//invalid signature, just random bytes
SignatureBytes::from_bytes(&<[u8; BLS_SIG_BYTE_SIZE]>::random_for_test(rng)).unwrap()
SignatureBytes::deserialize(&<[u8; SIGNATURE_BYTES_LEN]>::random_for_test(rng)).unwrap()
}
}
}

2
consensus/types/src/tree_hash_impls.rs
View File

@ -71,7 +71,7 @@ fn process_pubkey_bytes_field(
leaf: &mut Hash256,
force_update: bool,
) -> bool {
let new_tree_hash = merkle_root(val.as_slice(), 0);
let new_tree_hash = merkle_root(val.as_serialized(), 0);
process_slice_field(new_tree_hash.as_bytes(), leaf, force_update)
}

7
consensus/types/src/voluntary_exit.rs
View File

@ -1,6 +1,6 @@
use crate::{
test_utils::TestRandom, ChainSpec, Domain, Epoch, Fork, Hash256, SecretKey, Signature,
SignedRoot, SignedVoluntaryExit,
test_utils::TestRandom, ChainSpec, Domain, Epoch, Fork, Hash256, SecretKey, SignedRoot,
SignedVoluntaryExit,
};
use serde_derive::{Deserialize, Serialize};
@ -36,10 +36,9 @@ impl VoluntaryExit {
genesis_validators_root,
);
let message = self.signing_root(domain);
let signature = Signature::new(message.as_bytes(), &secret_key);
SignedVoluntaryExit {
message: self,
signature,
signature: secret_key.sign(message),
}
}
}

19
crypto/bls/Cargo.toml
View File

@ -5,17 +5,22 @@ authors = ["Paul Hauner <paul@paulhauner.com>"]
edition = "2018"
[dependencies]
milagro_bls = { git = "https://github.com/sigp/milagro_bls", tag = "v1.1.0" }
eth2_hashing = "0.1.0"
hex = "0.4.2"
rand = "0.7.3"
serde = "1.0.110"
serde_derive = "1.0.110"
serde_hex = { path = "../../consensus/serde_hex" }
eth2_ssz = "0.1.2"
tree_hash = "0.1.0"
milagro_bls = { git = "https://github.com/sigp/milagro_bls", branch = "paulh" }
rand = "0.7.2"
serde = "1.0.102"
serde_derive = "1.0.102"
serde_hex = { path = "../../consensus/serde_hex" }
hex = "0.3"
eth2_hashing = "0.1.0"
ethereum-types = "0.9.1"
arbitrary = { version = "0.4.4", features = ["derive"], optional = true }
zeroize = { version = "1.0.0", features = ["zeroize_derive"] }
blst = { git = "https://github.com/sigp/blst.git", rev = "968c846a2dc46e836e407bbdbac1a38a597ebc46" }
[features]
default = ["supranational"]
fake_crypto = []
milagro = []
supranational = []

99
crypto/bls/src/aggregate_public_key.rs
View File

@ -1,99 +0,0 @@
use super::{PublicKey, BLS_PUBLIC_KEY_BYTE_SIZE};
use milagro_bls::AggregatePublicKey as RawAggregatePublicKey;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, DecodeError, Encode};
/// A BLS aggregate public key.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Debug, Clone, Default)]
pub struct AggregatePublicKey(RawAggregatePublicKey);
impl AggregatePublicKey {
pub fn new() -> Self {
AggregatePublicKey(RawAggregatePublicKey::new())
}
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
let pubkey = RawAggregatePublicKey::from_bytes(&bytes).map_err(|_| {
DecodeError::BytesInvalid(format!("Invalid AggregatePublicKey bytes: {:?}", bytes))
})?;
Ok(AggregatePublicKey(pubkey))
}
pub fn add_without_affine(&mut self, public_key: &PublicKey) {
self.0.point.add(&public_key.as_raw().point)
}
pub fn affine(&mut self) {
self.0.point.affine()
}
pub fn add(&mut self, public_key: &PublicKey) {
self.0.add(public_key.as_raw())
}
/// Returns the underlying public key.
pub fn as_raw(&self) -> &RawAggregatePublicKey {
&self.0
}
/// Returns the underlying point as compressed bytes.
pub fn as_bytes(&self) -> [u8; BLS_PUBLIC_KEY_BYTE_SIZE] {
self.as_raw().as_bytes()
}
pub fn into_raw(self) -> RawAggregatePublicKey {
self.0
}
/// Return a hex string representation of this key's bytes.
#[cfg(test)]
pub fn as_hex_string(&self) -> String {
serde_hex::encode(self.as_ssz_bytes())
}
}
impl_ssz!(
AggregatePublicKey,
BLS_PUBLIC_KEY_BYTE_SIZE,
"AggregatePublicKey"
);
impl_tree_hash!(AggregatePublicKey, BLS_PUBLIC_KEY_BYTE_SIZE);
impl Serialize for AggregatePublicKey {
/// Serde serialization is compliant the Ethereum YAML test format.
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(self.as_ssz_bytes()))
}
}
impl<'de> Deserialize<'de> for AggregatePublicKey {
/// Serde serialization is compliant the Ethereum YAML test format.
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let agg_sig = AggregatePublicKey::from_ssz_bytes(&bytes)
.map_err(|e| serde::de::Error::custom(format!("invalid ssz ({:?})", e)))?;
Ok(agg_sig)
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for AggregatePublicKey {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_PUBLIC_KEY_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}

201
crypto/bls/src/aggregate_signature.rs
View File

@ -1,201 +0,0 @@
use super::*;
use milagro_bls::AggregateSignature as RawAggregateSignature;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, DecodeError, Encode};
/// A BLS aggregate signature.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Debug, PartialEq, Clone, Default, Eq)]
pub struct AggregateSignature {
aggregate_signature: RawAggregateSignature,
is_empty: bool,
}
impl AggregateSignature {
/// Instantiate a new AggregateSignature.
///
/// is_empty is false
/// AggregateSignature is point at infinity
pub fn new() -> Self {
Self {
aggregate_signature: RawAggregateSignature::new(),
is_empty: false,
}
}
/// Add (aggregate) a signature to the `AggregateSignature`.
pub fn add(&mut self, signature: &Signature) {
// Only empty if both are empty
self.is_empty = self.is_empty && signature.is_empty();
// Note: empty signatures will have point at infinity which is equivalent of adding 0.
self.aggregate_signature.add(signature.as_raw())
}
/// Add (aggregate) another `AggregateSignature`.
pub fn add_aggregate(&mut self, agg_signature: &AggregateSignature) {
// Only empty if both are empty
self.is_empty = self.is_empty && agg_signature.is_empty();
// Note: empty signatures will have point at infinity which is equivalent of adding 0.
self.aggregate_signature
.add_aggregate(&agg_signature.aggregate_signature)
}
/// Verify the `AggregateSignature` against an `AggregatePublicKey`.
///
/// Only returns `true` if the set of keys in the `AggregatePublicKey` match the set of keys
/// that signed the `AggregateSignature`.
pub fn verify(&self, msg: &[u8], aggregate_public_key: &AggregatePublicKey) -> bool {
if self.is_empty {
return false;
}
self.aggregate_signature
.fast_aggregate_verify_pre_aggregated(msg, aggregate_public_key.as_raw())
}
/// Verify the `AggregateSignature` against an `AggregatePublicKey`.
///
/// Only returns `true` if the set of keys in the `AggregatePublicKey` match the set of keys
/// that signed the `AggregateSignature`.
pub fn verify_unaggregated(&self, msg: &[u8], public_keys: &[&PublicKey]) -> bool {
if self.is_empty {
return false;
}
let public_key_refs: Vec<_> = public_keys.iter().map(|pk| pk.as_raw()).collect();
self.aggregate_signature
.fast_aggregate_verify(msg, &public_key_refs)
}
/// Verify this AggregateSignature against multiple AggregatePublickeys and Messages.
///
/// Each AggregatePublicKey has a 1:1 ratio with a 32 byte Message.
pub fn verify_multiple(&self, messages: &[&[u8]], public_keys: &[&PublicKey]) -> bool {
if self.is_empty {
return false;
}
let public_keys_refs: Vec<_> = public_keys.iter().map(|pk| pk.as_raw()).collect();
self.aggregate_signature
.aggregate_verify(&messages, &public_keys_refs)
}
/// Return AggregateSignature as bytes
pub fn as_bytes(&self) -> [u8; BLS_AGG_SIG_BYTE_SIZE] {
if self.is_empty {
return [0; BLS_AGG_SIG_BYTE_SIZE];
}
self.aggregate_signature.as_bytes()
}
/// Convert bytes to AggregateSignature
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
for byte in bytes {
if *byte != 0 {
let sig = RawAggregateSignature::from_bytes(&bytes).map_err(|_| {
DecodeError::BytesInvalid(format!(
"Invalid AggregateSignature bytes: {:?}",
bytes
))
})?;
return Ok(Self {
aggregate_signature: sig,
is_empty: false,
});
}
}
Ok(Self::empty_signature())
}
/// Returns the underlying signature.
pub fn as_raw(&self) -> &RawAggregateSignature {
&self.aggregate_signature
}
/// Returns if the AggregateSignature `is_empty`
pub fn is_empty(&self) -> bool {
self.is_empty
}
/// Creates a new AggregateSignature
///
/// aggregate_signature set to the point infinity
/// is_empty set to true
pub fn empty_signature() -> Self {
Self {
aggregate_signature: RawAggregateSignature::new(),
is_empty: true,
}
}
/// Return a hex string representation of the bytes of this signature.
#[cfg(test)]
pub fn as_hex_string(&self) -> String {
hex_encode(self.as_ssz_bytes())
}
}
impl_ssz!(
AggregateSignature,
BLS_AGG_SIG_BYTE_SIZE,
"AggregateSignature"
);
impl_tree_hash!(AggregateSignature, BLS_AGG_SIG_BYTE_SIZE);
impl Serialize for AggregateSignature {
/// Serde serialization is compliant the Ethereum YAML test format.
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(self.as_ssz_bytes()))
}
}
impl<'de> Deserialize<'de> for AggregateSignature {
/// Serde serialization is compliant the Ethereum YAML test format.
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let agg_sig = AggregateSignature::from_ssz_bytes(&bytes)
.map_err(|e| serde::de::Error::custom(format!("invalid ssz ({:?})", e)))?;
Ok(agg_sig)
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for AggregateSignature {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_AGG_SIG_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}
#[cfg(test)]
mod tests {
use super::super::{Keypair, Signature};
use super::*;
use ssz::Encode;
#[test]
pub fn test_ssz_round_trip() {
let keypair = Keypair::random();
let mut original = AggregateSignature::new();
original.add(&Signature::new(&[42, 42], &keypair.sk));
let bytes = original.as_ssz_bytes();
let decoded = AggregateSignature::from_ssz_bytes(&bytes).unwrap();
assert_eq!(original, decoded);
}
}

132
crypto/bls/src/fake_aggregate_public_key.rs
View File

@ -1,132 +0,0 @@
use super::{PublicKey, BLS_PUBLIC_KEY_BYTE_SIZE};
use hex::encode as hex_encode;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::PrefixedHexVisitor;
use ssz::{ssz_encode, Decode, DecodeError, Encode};
use std::fmt;
/// A BLS aggregate public key.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Clone)]
pub struct FakeAggregatePublicKey {
bytes: [u8; BLS_PUBLIC_KEY_BYTE_SIZE],
}
impl FakeAggregatePublicKey {
pub fn new() -> Self {
Self::zero()
}
pub fn empty_signature() -> Self {
Self {
bytes: [0; BLS_PUBLIC_KEY_BYTE_SIZE],
}
}
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
if bytes.len() != BLS_PUBLIC_KEY_BYTE_SIZE {
Err(DecodeError::InvalidByteLength {
len: bytes.len(),
expected: BLS_PUBLIC_KEY_BYTE_SIZE,
})
} else {
let mut array = [0; BLS_PUBLIC_KEY_BYTE_SIZE];
array.copy_from_slice(&bytes);
Ok(Self { bytes: array })
}
}
pub fn add_without_affine(&mut self, _public_key: &PublicKey) {
// No nothing.
}
pub fn affine(&mut self) {
// No nothing.
}
/// Creates a new all-zero's aggregate public key
pub fn zero() -> Self {
Self {
bytes: [0; BLS_PUBLIC_KEY_BYTE_SIZE],
}
}
pub fn add(&mut self, _public_key: &PublicKey) {
// No nothing.
}
pub fn aggregate(_pks: &[&PublicKey]) -> Self {
Self::new()
}
pub fn from_public_key(public_key: &PublicKey) -> Self {
Self {
bytes: public_key.as_bytes(),
}
}
pub fn as_raw(&self) -> &Self {
&self
}
pub fn into_raw(self) -> Self {
self
}
pub fn as_bytes(&self) -> [u8; BLS_PUBLIC_KEY_BYTE_SIZE] {
self.bytes.clone()
}
}
impl_ssz!(
FakeAggregatePublicKey,
BLS_PUBLIC_KEY_BYTE_SIZE,
"FakeAggregatePublicKey"
);
impl_tree_hash!(FakeAggregatePublicKey, BLS_PUBLIC_KEY_BYTE_SIZE);
impl Serialize for FakeAggregatePublicKey {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(ssz_encode(self)))
}
}
impl<'de> Deserialize<'de> for FakeAggregatePublicKey {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let pubkey = <_>::from_ssz_bytes(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid ssz ({:?})", e)))?;
Ok(pubkey)
}
}
impl Default for FakeAggregatePublicKey {
fn default() -> Self {
Self::new()
}
}
impl fmt::Debug for FakeAggregatePublicKey {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_fmt(format_args!("{:?}", self.bytes.to_vec()))
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for FakeAggregatePublicKey {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_PUBLIC_KEY_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}

184
crypto/bls/src/fake_aggregate_signature.rs
View File

@ -1,184 +0,0 @@
use super::{
fake_aggregate_public_key::FakeAggregatePublicKey, fake_public_key::FakePublicKey,
fake_signature::FakeSignature, BLS_AGG_SIG_BYTE_SIZE,
};
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{ssz_encode, Decode, DecodeError, Encode};
use std::fmt;
/// A BLS aggregate signature.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Clone)]
pub struct FakeAggregateSignature {
bytes: [u8; BLS_AGG_SIG_BYTE_SIZE],
}
impl FakeAggregateSignature {
/// Creates a new all-zero's signature
pub fn new() -> Self {
Self::zero()
}
/// Creates a new all-zero's signature
pub fn zero() -> Self {
Self {
bytes: [0; BLS_AGG_SIG_BYTE_SIZE],
}
}
pub fn as_raw(&self) -> &Self {
&self
}
/// Does glorious nothing.
pub fn add(&mut self, _signature: &FakeSignature) {
// Do nothing.
}
/// Does glorious nothing.
pub fn add_aggregate(&mut self, _agg_sig: &FakeAggregateSignature) {
// Do nothing.
}
/// Does glorious nothing.
pub fn aggregate(&mut self, _agg_sig: &FakeAggregateSignature) {
// Do nothing.
}
/// _Always_ returns `true`.
pub fn verify(&self, _msg: &[u8], _aggregate_public_key: &FakeAggregatePublicKey) -> bool {
true
}
/// _Always_ returns `true`.
pub fn verify_multiple(
&self,
_messages: &[&[u8]],
_aggregate_public_keys: &[&FakePublicKey],
) -> bool {
true
}
/// _Always_ returns `true`.
pub fn fast_aggregate_verify_pre_aggregated(
&self,
_messages: &[u8],
_aggregate_public_keys: &FakeAggregatePublicKey,
) -> bool {
true
}
/// _Always_ returns `true`.
pub fn from_signature(signature: &FakeSignature) -> Self {
Self {
bytes: signature.as_bytes(),
}
}
/// Creates a new empty FakeAggregateSignature
pub fn empty_signature() -> Self {
Self {
bytes: [0u8; BLS_AGG_SIG_BYTE_SIZE],
}
}
/// Convert bytes to fake BLS aggregate signature
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
if bytes.len() != BLS_AGG_SIG_BYTE_SIZE {
Err(DecodeError::InvalidByteLength {
len: bytes.len(),
expected: BLS_AGG_SIG_BYTE_SIZE,
})
} else {
let mut array = [0u8; BLS_AGG_SIG_BYTE_SIZE];
array.copy_from_slice(bytes);
Ok(Self { bytes: array })
}
}
pub fn as_bytes(&self) -> [u8; BLS_AGG_SIG_BYTE_SIZE] {
self.bytes.clone()
}
}
impl_ssz!(
FakeAggregateSignature,
BLS_AGG_SIG_BYTE_SIZE,
"FakeAggregateSignature"
);
impl_tree_hash!(FakeAggregateSignature, BLS_AGG_SIG_BYTE_SIZE);
impl Serialize for FakeAggregateSignature {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(ssz_encode(self)))
}
}
impl<'de> Deserialize<'de> for FakeAggregateSignature {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let obj = <_>::from_ssz_bytes(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid ssz ({:?})", e)))?;
Ok(obj)
}
}
impl fmt::Debug for FakeAggregateSignature {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_fmt(format_args!("{:?}", self.bytes.to_vec()))
}
}
impl PartialEq for FakeAggregateSignature {
fn eq(&self, other: &FakeAggregateSignature) -> bool {
ssz_encode(self) == ssz_encode(other)
}
}
impl Eq for FakeAggregateSignature {}
impl Default for FakeAggregateSignature {
fn default() -> Self {
Self::zero()
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for FakeAggregateSignature {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_AGG_SIG_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}
#[cfg(test)]
mod tests {
use super::super::{Keypair, Signature};
use super::*;
use ssz::ssz_encode;
#[test]
pub fn test_ssz_round_trip() {
let keypair = Keypair::random();
let mut original = FakeAggregateSignature::new();
original.add(&Signature::new(&[42, 42], &keypair.sk));
let bytes = ssz_encode(&original);
let decoded = FakeAggregateSignature::from_ssz_bytes(&bytes).unwrap();
assert_eq!(original, decoded);
}
}

186
crypto/bls/src/fake_public_key.rs
View File

@ -1,186 +0,0 @@
use super::{SecretKey, BLS_PUBLIC_KEY_BYTE_SIZE};
use milagro_bls::PublicKey as RawPublicKey;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{ssz_encode, Decode, DecodeError, Encode};
use std::default;
use std::fmt;
use std::hash::{Hash, Hasher};
/// A single BLS signature.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Clone)]
pub struct FakePublicKey {
bytes: [u8; BLS_PUBLIC_KEY_BYTE_SIZE],
}
impl FakePublicKey {
pub fn from_secret_key(_secret_key: &SecretKey) -> Self {
Self::zero()
}
pub fn from_raw(raw: RawPublicKey) -> Self {
Self {
bytes: raw.clone().as_bytes(),
}
}
/// Creates a new all-zero's public key
pub fn zero() -> Self {
Self {
bytes: [0; BLS_PUBLIC_KEY_BYTE_SIZE],
}
}
/// Returns the underlying point as compressed bytes.
pub fn as_bytes(&self) -> [u8; BLS_PUBLIC_KEY_BYTE_SIZE] {
self.bytes.clone()
}
/// Converts compressed bytes to FakePublicKey
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
if bytes.len() != BLS_PUBLIC_KEY_BYTE_SIZE {
Err(DecodeError::InvalidByteLength {
len: bytes.len(),
expected: BLS_PUBLIC_KEY_BYTE_SIZE,
})
} else {
let mut array = [0u8; BLS_PUBLIC_KEY_BYTE_SIZE];
array.copy_from_slice(bytes);
Ok(Self { bytes: array })
}
}
/// Returns the FakePublicKey as (x, y) bytes
pub fn as_uncompressed_bytes(&self) -> [u8; BLS_PUBLIC_KEY_BYTE_SIZE * 2] {
[0u8; BLS_PUBLIC_KEY_BYTE_SIZE * 2]
}
/// Converts (x, y) bytes to FakePublicKey
pub fn from_uncompressed_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
if bytes.len() != BLS_PUBLIC_KEY_BYTE_SIZE * 2 {
Err(DecodeError::InvalidByteLength {
len: bytes.len(),
expected: BLS_PUBLIC_KEY_BYTE_SIZE * 2,
})
} else {
let mut array = [0u8; BLS_PUBLIC_KEY_BYTE_SIZE];
array.copy_from_slice(bytes);
Ok(Self { bytes: array })
}
}
/// Returns the last 6 bytes of the SSZ encoding of the public key, as a hex string.
///
/// Useful for providing a short identifier to the user.
pub fn concatenated_hex_id(&self) -> String {
let bytes = ssz_encode(self);
let end_bytes = &bytes[bytes.len().saturating_sub(6)..bytes.len()];
hex_encode(end_bytes)
}
/// Returns the point as a hex string of the SSZ encoding.
///
/// Note: the string is prefixed with `0x`.
pub fn as_hex_string(&self) -> String {
hex_encode(self.as_ssz_bytes())
}
// Returns itself
pub fn as_raw(&self) -> &Self {
self
}
}
impl fmt::Display for FakePublicKey {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "{}", self.concatenated_hex_id())
}
}
impl fmt::Debug for FakePublicKey {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "0x{}", self.as_hex_string())
}
}
impl default::Default for FakePublicKey {
fn default() -> Self {
let secret_key = SecretKey::random();
FakePublicKey::from_secret_key(&secret_key)
}
}
impl_ssz!(FakePublicKey, BLS_PUBLIC_KEY_BYTE_SIZE, "FakePublicKey");
impl_tree_hash!(FakePublicKey, BLS_PUBLIC_KEY_BYTE_SIZE);
impl Serialize for FakePublicKey {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(self.as_ssz_bytes()))
}
}
impl<'de> Deserialize<'de> for FakePublicKey {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let pubkey = Self::from_ssz_bytes(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid pubkey ({:?})", e)))?;
Ok(pubkey)
}
}
impl PartialEq for FakePublicKey {
fn eq(&self, other: &FakePublicKey) -> bool {
ssz_encode(self) == ssz_encode(other)
}
}
impl Eq for FakePublicKey {}
impl Hash for FakePublicKey {
/// Note: this is distinct from consensus serialization, it will produce a different hash.
///
/// This method uses the uncompressed bytes, which are much faster to obtain than the
/// compressed bytes required for consensus serialization.
///
/// Use `ssz::Encode` to obtain the bytes required for consensus hashing.
fn hash<H: Hasher>(&self, state: &mut H) {
self.as_uncompressed_bytes().hash(state)
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for FakePublicKey {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_PUBLIC_KEY_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}
#[cfg(test)]
mod tests {
use super::*;
use ssz::ssz_encode;
#[test]
pub fn test_ssz_round_trip() {
let sk = SecretKey::random();
let original = FakePublicKey::from_secret_key(&sk);
let bytes = ssz_encode(&original);
let decoded = FakePublicKey::from_ssz_bytes(&bytes).unwrap();
assert_eq!(original, decoded);
}
}

159
crypto/bls/src/fake_signature.rs
View File

@ -1,159 +0,0 @@
use super::{PublicKey, SecretKey, BLS_SIG_BYTE_SIZE};
use hex::encode as hex_encode;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::PrefixedHexVisitor;
use ssz::{ssz_encode, Decode, DecodeError, Encode};
use std::fmt;
/// A single BLS signature.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Clone)]
pub struct FakeSignature {
bytes: [u8; BLS_SIG_BYTE_SIZE],
is_empty: bool,
}
impl FakeSignature {
/// Creates a new all-zero's signature
pub fn new(_msg: &[u8], _sk: &SecretKey) -> Self {
FakeSignature::zero()
}
/// Creates a new all-zero's signature
pub fn zero() -> Self {
Self {
bytes: [0; BLS_SIG_BYTE_SIZE],
is_empty: true,
}
}
/// Creates a new all-zero's signature
pub fn new_hashed(_x_real_hashed: &[u8], _x_imaginary_hashed: &[u8], _sk: &SecretKey) -> Self {
FakeSignature::zero()
}
/// _Always_ returns `true`.
pub fn verify(&self, _msg: &[u8], _pk: &PublicKey) -> bool {
true
}
pub fn as_raw(&self) -> &Self {
&self
}
/// _Always_ returns true.
pub fn verify_hashed(
&self,
_x_real_hashed: &[u8],
_x_imaginary_hashed: &[u8],
_pk: &PublicKey,
) -> bool {
true
}
/// Convert bytes to fake BLS Signature
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
if bytes.len() != BLS_SIG_BYTE_SIZE {
Err(DecodeError::InvalidByteLength {
len: bytes.len(),
expected: BLS_SIG_BYTE_SIZE,
})
} else {
let is_empty = bytes.iter().all(|x| *x == 0);
let mut array = [0u8; BLS_SIG_BYTE_SIZE];
array.copy_from_slice(bytes);
Ok(Self {
bytes: array,
is_empty,
})
}
}
pub fn as_bytes(&self) -> [u8; BLS_SIG_BYTE_SIZE] {
self.bytes.clone()
}
/// Returns a new empty signature.
pub fn empty_signature() -> Self {
FakeSignature::zero()
}
// Check for empty Signature
pub fn is_empty(&self) -> bool {
self.is_empty
}
}
impl_ssz!(FakeSignature, BLS_SIG_BYTE_SIZE, "FakeSignature");
impl_tree_hash!(FakeSignature, BLS_SIG_BYTE_SIZE);
impl fmt::Debug for FakeSignature {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_fmt(format_args!(
"{:?}, {:?}",
self.bytes.to_vec(),
self.is_empty()
))
}
}
impl PartialEq for FakeSignature {
fn eq(&self, other: &FakeSignature) -> bool {
self.bytes.to_vec() == other.bytes.to_vec()
}
}
impl Eq for FakeSignature {}
impl Serialize for FakeSignature {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(ssz_encode(self)))
}
}
impl<'de> Deserialize<'de> for FakeSignature {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let pubkey = <_>::from_ssz_bytes(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid ssz ({:?})", e)))?;
Ok(pubkey)
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for FakeSignature {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_SIG_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}
#[cfg(test)]
mod tests {
use super::super::Keypair;
use super::*;
use ssz::ssz_encode;
#[test]
pub fn test_ssz_round_trip() {
let keypair = Keypair::random();
let original = FakeSignature::new(&[42, 42], &keypair.sk);
let bytes = ssz_encode(&original);
let decoded = FakeSignature::from_ssz_bytes(&bytes).unwrap();
assert_eq!(original, decoded);
}
}

18
crypto/bls/src/generic_aggregate_public_key.rs Normal file
View File

@ -0,0 +1,18 @@
use crate::{Error, PUBLIC_KEY_BYTES_LEN};
/// Implemented on some struct from a BLS library so it may be used internally in this crate.
pub trait TAggregatePublicKey: Sized + Clone {
/// Initialize `Self` to the infinity value which can then have other public keys aggregated
/// upon it.
fn infinity() -> Self;
/// Serialize `self` as compressed bytes.
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN];
/// Deserialize `self` from compressed bytes.
fn deserialize(bytes: &[u8]) -> Result<Self, Error>;
}
/*
* Note: there is no immediate need for a `GenericAggregatePublicKey` struct.
*/

283
crypto/bls/src/generic_aggregate_signature.rs Normal file
View File

@ -0,0 +1,283 @@
use crate::{
generic_aggregate_public_key::TAggregatePublicKey,
generic_public_key::{GenericPublicKey, TPublicKey},
generic_signature::{GenericSignature, TSignature},
Error, Hash256, INFINITY_SIGNATURE, SIGNATURE_BYTES_LEN,
};
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, Encode};
use std::fmt;
use std::marker::PhantomData;
use tree_hash::TreeHash;
/// The compressed bytes used to represent `GenericAggregateSignature::empty()`.
pub const EMPTY_SIGNATURE_SERIALIZATION: [u8; SIGNATURE_BYTES_LEN] = [0; SIGNATURE_BYTES_LEN];
/// Implemented on some struct from a BLS library so it may be used as the `point` in an
/// `GenericAggregateSignature`.
pub trait TAggregateSignature<Pub, AggPub, Sig>: Sized + Clone {
/// Initialize `Self` to the infinity value which can then have other signatures aggregated
/// upon it.
fn infinity() -> Self;
/// Aggregates a signature onto `self`.
fn add_assign(&mut self, other: &Sig);
/// Aggregates an aggregate signature onto `self`.
fn add_assign_aggregate(&mut self, other: &Self);
/// Serialize `self` as compressed bytes.
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN];
/// Deserialize `self` from compressed bytes.
fn deserialize(bytes: &[u8]) -> Result<Self, Error>;
/// Verify that `self` represents an aggregate signature where all `pubkeys` have signed `msg`.
fn fast_aggregate_verify(&self, msg: Hash256, pubkeys: &[&GenericPublicKey<Pub>]) -> bool;
/// Verify that `self` represents an aggregate signature where all `pubkeys` have signed their
/// corresponding message in `msgs`.
///
/// ## Notes
///
/// This function only exists for EF tests, it's presently not used in production.
fn aggregate_verify(&self, msgs: &[Hash256], pubkeys: &[&GenericPublicKey<Pub>]) -> bool;
}
/// A BLS aggregate signature that is generic across:
///
/// - `Pub`: A BLS public key.
/// - `AggPub`: A BLS aggregate public key.
/// - `Sig`: A BLS signature.
/// - `AggSig`: A BLS aggregate signature.
///
/// Provides generic functionality whilst deferring all serious cryptographic operations to the
/// generics.
#[derive(Clone, PartialEq)]
pub struct GenericAggregateSignature<Pub, AggPub, Sig, AggSig> {
/// The underlying point which performs *actual* cryptographic operations.
point: Option<AggSig>,
/// True if this point is equal to the `INFINITY_SIGNATURE`.
pub(crate) is_infinity: bool,
_phantom_pub: PhantomData<Pub>,
_phantom_agg_pub: PhantomData<AggPub>,
_phantom_sig: PhantomData<Sig>,
}
impl<Pub, AggPub, Sig, AggSig> GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
/// Initialize `Self` to the infinity value which can then have other signatures aggregated
/// upon it.
pub fn infinity() -> Self {
Self {
point: Some(AggSig::infinity()),
is_infinity: true,
_phantom_pub: PhantomData,
_phantom_agg_pub: PhantomData,
_phantom_sig: PhantomData,
}
}
/// Initialize self to the "empty" value. This value is serialized as all-zeros.
///
/// This value can have another signature aggregated atop of it. When this happens, `self` is
/// simply set to infinity before having the other signature aggregated onto it.
///
/// ## Notes
///
/// This function is not necessarily useful from a BLS cryptography perspective, it mostly
/// exists to satisfy the Eth2 specification which expects the all-zeros serialization to be
/// meaningful.
pub fn empty() -> Self {
Self {
point: None,
is_infinity: false,
_phantom_pub: PhantomData,
_phantom_agg_pub: PhantomData,
_phantom_sig: PhantomData,
}
}
/// Returns `true` if `self` is equal to the "empty" value.
///
/// E.g., `Self::empty().is_empty() == true`
pub fn is_empty(&self) -> bool {
self.point.is_none()
}
/// Returns a reference to the underlying BLS point.
pub(crate) fn point(&self) -> Option<&AggSig> {
self.point.as_ref()
}
/// Aggregates a signature onto `self`.
pub fn add_assign(&mut self, other: &GenericSignature<Pub, Sig>) {
if let Some(other_point) = other.point() {
self.is_infinity = self.is_infinity && other.is_infinity;
if let Some(self_point) = &mut self.point {
self_point.add_assign(other_point)
} else {
let mut self_point = AggSig::infinity();
self_point.add_assign(other_point);
self.point = Some(self_point)
}
}
}
/// Aggregates an aggregate signature onto `self`.
pub fn add_assign_aggregate(&mut self, other: &Self) {
if let Some(other_point) = other.point() {
self.is_infinity = self.is_infinity && other.is_infinity;
if let Some(self_point) = &mut self.point {
self_point.add_assign_aggregate(other_point)
} else {
let mut self_point = AggSig::infinity();
self_point.add_assign_aggregate(other_point);
self.point = Some(self_point)
}
}
}
/// Serialize `self` as compressed bytes.
pub fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
if let Some(point) = &self.point {
point.serialize()
} else {
EMPTY_SIGNATURE_SERIALIZATION
}
}
/// Deserialize `self` from compressed bytes.
pub fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
let point = if bytes == &EMPTY_SIGNATURE_SERIALIZATION[..] {
None
} else {
Some(AggSig::deserialize(bytes)?)
};
Ok(Self {
point,
is_infinity: bytes == &INFINITY_SIGNATURE[..],
_phantom_pub: PhantomData,
_phantom_agg_pub: PhantomData,
_phantom_sig: PhantomData,
})
}
}
impl<Pub, AggPub, Sig, AggSig> GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Pub: TPublicKey + Clone,
AggPub: TAggregatePublicKey + Clone,
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
/// Verify that `self` represents an aggregate signature where all `pubkeys` have signed `msg`.
pub fn fast_aggregate_verify(&self, msg: Hash256, pubkeys: &[&GenericPublicKey<Pub>]) -> bool {
if pubkeys.is_empty() {
return false;
}
if self.is_infinity
&& pubkeys.len() == 1
&& pubkeys.first().map_or(false, |pk| pk.is_infinity)
{
return true;
}
match self.point.as_ref() {
Some(point) => point.fast_aggregate_verify(msg, pubkeys),
None => false,
}
}
/// Verify that `self` represents an aggregate signature where all `pubkeys` have signed their
/// corresponding message in `msgs`.
///
/// ## Notes
///
/// This function only exists for EF tests, it's presently not used in production.
pub fn aggregate_verify(&self, msgs: &[Hash256], pubkeys: &[&GenericPublicKey<Pub>]) -> bool {
if msgs.is_empty() || msgs.len() != pubkeys.len() {
return false;
}
if self.is_infinity
&& pubkeys.len() == 1
&& pubkeys.first().map_or(false, |pk| pk.is_infinity)
{
return true;
}
match self.point.as_ref() {
Some(point) => point.aggregate_verify(msgs, pubkeys),
None => false,
}
}
}
impl<Pub, AggPub, Sig, AggSig> Encode for GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
impl_ssz_encode!(SIGNATURE_BYTES_LEN);
}
impl<Pub, AggPub, Sig, AggSig> Decode for GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
impl_ssz_decode!(SIGNATURE_BYTES_LEN);
}
impl<Pub, AggPub, Sig, AggSig> TreeHash for GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
impl_tree_hash!(SIGNATURE_BYTES_LEN);
}
impl<Pub, AggPub, Sig, AggSig> Serialize for GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
impl_serde_serialize!();
}
impl<'de, Pub, AggPub, Sig, AggSig> Deserialize<'de>
for GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
impl_serde_deserialize!();
}
impl<Pub, AggPub, Sig, AggSig> fmt::Debug for GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Sig: TSignature<Pub>,
AggSig: TAggregateSignature<Pub, AggPub, Sig>,
{
impl_debug!();
}
#[cfg(feature = "arbitrary")]
impl<Pub, AggPub, Sig, AggSig> arbitrary::Arbitrary
for GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Pub: 'static,
AggPub: 'static,
Sig: TSignature<Pub> + 'static,
AggSig: TAggregateSignature<Pub, AggPub, Sig> + 'static,
{
impl_arbitrary!(SIGNATURE_BYTES_LEN);
}

54
crypto/bls/src/generic_keypair.rs Normal file
View File

@ -0,0 +1,54 @@
use crate::{
generic_public_key::{GenericPublicKey, TPublicKey},
generic_secret_key::{GenericSecretKey, TSecretKey},
generic_signature::TSignature,
};
use std::fmt;
use std::marker::PhantomData;
/// A simple wrapper around `PublicKey` and `GenericSecretKey`.
#[derive(Clone)]
pub struct GenericKeypair<Pub, Sec, Sig> {
pub pk: GenericPublicKey<Pub>,
pub sk: GenericSecretKey<Sig, Pub, Sec>,
_phantom: PhantomData<Sig>,
}
impl<Pub, Sec, Sig> GenericKeypair<Pub, Sec, Sig>
where
Pub: TPublicKey,
Sec: TSecretKey<Sig, Pub>,
Sig: TSignature<Pub>,
{
/// Instantiate `Self` from a public and secret key.
///
/// This function does not check to ensure that `pk` is derived from `sk`. It would be a logic
/// error to supply such a `pk`.
pub fn from_components(pk: GenericPublicKey<Pub>, sk: GenericSecretKey<Sig, Pub, Sec>) -> Self {
Self {
pk,
sk,
_phantom: PhantomData,
}
}
/// Instantiates `Self` from a randomly generated secret key.
pub fn random() -> Self {
let sk = GenericSecretKey::random();
Self {
pk: sk.public_key(),
sk,
_phantom: PhantomData,
}
}
}
impl<Pub, Sec, Sig> fmt::Debug for GenericKeypair<Pub, Sec, Sig>
where
Pub: TPublicKey,
{
/// Defers to `self.pk` to avoid leaking the secret key.
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
self.pk.fmt(f)
}
}

115
crypto/bls/src/generic_public_key.rs Normal file
View File

@ -0,0 +1,115 @@
use crate::Error;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, Encode};
use std::fmt;
use std::hash::{Hash, Hasher};
use tree_hash::TreeHash;
/// The byte-length of a BLS public key when serialized in compressed form.
pub const PUBLIC_KEY_BYTES_LEN: usize = 48;
/// Represents the public key at infinity.
pub const INFINITY_PUBLIC_KEY: [u8; PUBLIC_KEY_BYTES_LEN] = [
0xc0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
];
/// Implemented on some struct from a BLS library so it may be used as the `point` in a
/// `GenericPublicKey`.
pub trait TPublicKey: Sized + Clone {
/// Serialize `self` as compressed bytes.
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN];
/// Deserialize `self` from compressed bytes.
fn deserialize(bytes: &[u8]) -> Result<Self, Error>;
}
/// A BLS aggregate public key that is generic across some BLS point (`Pub`).
///
/// Provides generic functionality whilst deferring all serious cryptographic operations to `Pub`.
#[derive(Clone)]
pub struct GenericPublicKey<Pub> {
/// The underlying point which performs *actual* cryptographic operations.
point: Pub,
/// True if this point is equal to the `INFINITY_PUBLIC_KEY`.
pub(crate) is_infinity: bool,
}
impl<Pub> GenericPublicKey<Pub>
where
Pub: TPublicKey,
{
/// Instantiates `Self` from a `point`.
pub(crate) fn from_point(point: Pub, is_infinity: bool) -> Self {
Self { point, is_infinity }
}
/// Returns a reference to the underlying BLS point.
pub(crate) fn point(&self) -> &Pub {
&self.point
}
/// Returns `self.serialize()` as a `0x`-prefixed hex string.
pub fn to_hex_string(&self) -> String {
format!("{:?}", self)
}
/// Serialize `self` as compressed bytes.
pub fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
self.point.serialize()
}
/// Deserialize `self` from compressed bytes.
pub fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
Ok(Self {
point: Pub::deserialize(bytes)?,
is_infinity: bytes == &INFINITY_PUBLIC_KEY[..],
})
}
}
impl<Pub: TPublicKey> Eq for GenericPublicKey<Pub> {}
impl<Pub: TPublicKey> PartialEq for GenericPublicKey<Pub> {
fn eq(&self, other: &Self) -> bool {
self.serialize()[..] == other.serialize()[..]
}
}
/// Hashes the `self.serialize()` bytes.
impl<Pub: TPublicKey> Hash for GenericPublicKey<Pub> {
fn hash<H: Hasher>(&self, state: &mut H) {
self.serialize()[..].hash(state);
}
}
impl<Pub: TPublicKey> Encode for GenericPublicKey<Pub> {
impl_ssz_encode!(PUBLIC_KEY_BYTES_LEN);
}
impl<Pub: TPublicKey> Decode for GenericPublicKey<Pub> {
impl_ssz_decode!(PUBLIC_KEY_BYTES_LEN);
}
impl<Pub: TPublicKey> TreeHash for GenericPublicKey<Pub> {
impl_tree_hash!(PUBLIC_KEY_BYTES_LEN);
}
impl<Pub: TPublicKey> Serialize for GenericPublicKey<Pub> {
impl_serde_serialize!();
}
impl<'de, Pub: TPublicKey> Deserialize<'de> for GenericPublicKey<Pub> {
impl_serde_deserialize!();
}
impl<Pub: TPublicKey> fmt::Debug for GenericPublicKey<Pub> {
impl_debug!();
}
#[cfg(feature = "arbitrary")]
impl<Pub: TPublicKey + 'static> arbitrary::Arbitrary for GenericPublicKey<Pub> {
impl_arbitrary!(PUBLIC_KEY_BYTES_LEN);
}

150
crypto/bls/src/generic_public_key_bytes.rs Normal file
View File

@ -0,0 +1,150 @@
use crate::{
generic_public_key::{GenericPublicKey, TPublicKey},
Error, INFINITY_PUBLIC_KEY, PUBLIC_KEY_BYTES_LEN,
};
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, Encode};
use std::convert::TryInto;
use std::fmt;
use std::hash::{Hash, Hasher};
use std::marker::PhantomData;
use tree_hash::TreeHash;
/// A wrapper around some bytes that may or may not be a `PublicKey` in compressed form.
///
/// This struct is useful for two things:
///
/// - Lazily verifying a serialized public key.
/// - Storing some bytes that are actually invalid (required in the case of a `Deposit` message).
#[derive(Clone)]
pub struct GenericPublicKeyBytes<Pub> {
bytes: [u8; PUBLIC_KEY_BYTES_LEN],
_phantom: PhantomData<Pub>,
}
impl<Pub> GenericPublicKeyBytes<Pub>
where
Pub: TPublicKey,
{
/// Decompress and deserialize the bytes in `self` into an actual public key.
///
/// May fail if the bytes are invalid.
pub fn decompress(&self) -> Result<GenericPublicKey<Pub>, Error> {
let is_infinity = self.bytes[..] == INFINITY_PUBLIC_KEY[..];
Pub::deserialize(&self.bytes).map(|point| GenericPublicKey::from_point(point, is_infinity))
}
}
impl<Pub> GenericPublicKeyBytes<Pub> {
/// Instantiates `Self` with all-zeros.
pub fn empty() -> Self {
Self {
bytes: [0; PUBLIC_KEY_BYTES_LEN],
_phantom: PhantomData,
}
}
/// Returns a slice of the bytes contained in `self`.
///
/// The bytes are not verified (i.e., they may not represent a valid BLS point).
pub fn as_serialized(&self) -> &[u8] {
&self.bytes
}
/// Clones the bytes in `self`.
///
/// The bytes are not verified (i.e., they may not represent a valid BLS point).
pub fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
self.bytes
}
/// Instantiates `Self` from bytes.
///
/// The bytes are not fully verified (i.e., they may not represent a valid BLS point). Only the
/// byte-length is checked.
pub fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
if bytes.len() == PUBLIC_KEY_BYTES_LEN {
let mut pk_bytes = [0; PUBLIC_KEY_BYTES_LEN];
pk_bytes[..].copy_from_slice(bytes);
Ok(Self {
bytes: pk_bytes,
_phantom: PhantomData,
})
} else {
Err(Error::InvalidByteLength {
got: bytes.len(),
expected: PUBLIC_KEY_BYTES_LEN,
})
}
}
}
impl<Pub> Eq for GenericPublicKeyBytes<Pub> {}
impl<Pub> PartialEq for GenericPublicKeyBytes<Pub> {
fn eq(&self, other: &Self) -> bool {
self.bytes[..] == other.bytes[..]
}
}
impl<Pub> Hash for GenericPublicKeyBytes<Pub> {
fn hash<H: Hasher>(&self, state: &mut H) {
self.bytes[..].hash(state);
}
}
/// Serializes the `PublicKey` in compressed form, storing the bytes in the newly created `Self`.
impl<Pub> From<GenericPublicKey<Pub>> for GenericPublicKeyBytes<Pub>
where
Pub: TPublicKey,
{
fn from(pk: GenericPublicKey<Pub>) -> Self {
Self {
bytes: pk.serialize(),
_phantom: PhantomData,
}
}
}
/// Alias to `self.decompress()`.
impl<Pub> TryInto<GenericPublicKey<Pub>> for &GenericPublicKeyBytes<Pub>
where
Pub: TPublicKey,
{
type Error = Error;
fn try_into(self) -> Result<GenericPublicKey<Pub>, Self::Error> {
self.decompress()
}
}
impl<Pub> Encode for GenericPublicKeyBytes<Pub> {
impl_ssz_encode!(PUBLIC_KEY_BYTES_LEN);
}
impl<Pub> Decode for GenericPublicKeyBytes<Pub> {
impl_ssz_decode!(PUBLIC_KEY_BYTES_LEN);
}
impl<Pub> TreeHash for GenericPublicKeyBytes<Pub> {
impl_tree_hash!(PUBLIC_KEY_BYTES_LEN);
}
impl<Pub> Serialize for GenericPublicKeyBytes<Pub> {
impl_serde_serialize!();
}
impl<'de, Pub> Deserialize<'de> for GenericPublicKeyBytes<Pub> {
impl_serde_deserialize!();
}
impl<Pub> fmt::Debug for GenericPublicKeyBytes<Pub> {
impl_debug!();
}
#[cfg(feature = "arbitrary")]
impl<Pub: 'static> arbitrary::Arbitrary for GenericPublicKeyBytes<Pub> {
impl_arbitrary!(PUBLIC_KEY_BYTES_LEN);
}

90
crypto/bls/src/generic_secret_key.rs Normal file
View File

@ -0,0 +1,90 @@
use crate::{
generic_public_key::{GenericPublicKey, TPublicKey},
generic_signature::{GenericSignature, TSignature},
Error, Hash256, ZeroizeHash,
};
use std::marker::PhantomData;
/// The byte-length of a BLS secret key.
pub const SECRET_KEY_BYTES_LEN: usize = 32;
/// Implemented on some struct from a BLS library so it may be used as the `point` in a
/// `GenericSecretKey`.
pub trait TSecretKey<SignaturePoint, PublicKeyPoint>: Sized {
/// Instantiate `Self` from some secure source of entropy.
fn random() -> Self;
/// Signs `msg`.
fn sign(&self, msg: Hash256) -> SignaturePoint;
/// Returns the public key that corresponds to self.
fn public_key(&self) -> PublicKeyPoint;
/// Serialize `self` as compressed bytes.
fn serialize(&self) -> ZeroizeHash;
/// Deserialize `self` from compressed bytes.
fn deserialize(bytes: &[u8]) -> Result<Self, Error>;
}
#[derive(Clone)]
pub struct GenericSecretKey<Sig, Pub, Sec> {
/// The underlying point which performs *actual* cryptographic operations.
point: Sec,
_phantom_signature: PhantomData<Sig>,
_phantom_public_key: PhantomData<Pub>,
}
impl<Sig, Pub, Sec> GenericSecretKey<Sig, Pub, Sec>
where
Sig: TSignature<Pub>,
Pub: TPublicKey,
Sec: TSecretKey<Sig, Pub>,
{
/// Instantiate `Self` from some secure source of entropy.
pub fn random() -> Self {
Self {
point: Sec::random(),
_phantom_signature: PhantomData,
_phantom_public_key: PhantomData,
}
}
/// Signs `msg`.
pub fn sign(&self, msg: Hash256) -> GenericSignature<Pub, Sig> {
let is_infinity = false;
GenericSignature::from_point(self.point.sign(msg), is_infinity)
}
/// Returns the public key that corresponds to self.
pub fn public_key(&self) -> GenericPublicKey<Pub> {
let is_infinity = false;
GenericPublicKey::from_point(self.point.public_key(), is_infinity)
}
/// Serialize `self` as compressed bytes.
///
/// ## Note
///
/// The bytes that are returned are the unencrypted secret key. This is sensitive cryptographic
/// material.
pub fn serialize(&self) -> ZeroizeHash {
self.point.serialize()
}
/// Deserialize `self` from compressed bytes.
pub fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
if bytes.len() != SECRET_KEY_BYTES_LEN {
Err(Error::InvalidSecretKeyLength {
got: bytes.len(),
expected: SECRET_KEY_BYTES_LEN,
})
} else {
Ok(Self {
point: Sec::deserialize(bytes)?,
_phantom_signature: PhantomData,
_phantom_public_key: PhantomData,
})
}
}
}

169
crypto/bls/src/generic_signature.rs Normal file
View File

@ -0,0 +1,169 @@
use crate::{
generic_public_key::{GenericPublicKey, TPublicKey},
Error, Hash256,
};
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, Encode};
use std::fmt;
use std::marker::PhantomData;
use tree_hash::TreeHash;
/// The byte-length of a BLS signature when serialized in compressed form.
pub const SIGNATURE_BYTES_LEN: usize = 96;
/// Represents the signature at infinity.
pub const INFINITY_SIGNATURE: [u8; SIGNATURE_BYTES_LEN] = [
0xc0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0,
];
/// The compressed bytes used to represent `GenericSignature::empty()`.
pub const NONE_SIGNATURE: [u8; SIGNATURE_BYTES_LEN] = [0; SIGNATURE_BYTES_LEN];
/// Implemented on some struct from a BLS library so it may be used as the `point` in an
/// `GenericSignature`.
pub trait TSignature<GenericPublicKey>: Sized + Clone {
/// Serialize `self` as compressed bytes.
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN];
/// Deserialize `self` from compressed bytes.
fn deserialize(bytes: &[u8]) -> Result<Self, Error>;
/// Returns `true` if `self` is a signature across `msg` by `pubkey`.
fn verify(&self, pubkey: &GenericPublicKey, msg: Hash256) -> bool;
}
/// A BLS signature that is generic across:
///
/// - `Pub`: A BLS public key.
/// - `Sig`: A BLS signature.
///
/// Provides generic functionality whilst deferring all serious cryptographic operations to the
/// generics.
#[derive(Clone, PartialEq)]
pub struct GenericSignature<Pub, Sig> {
/// The underlying point which performs *actual* cryptographic operations.
point: Option<Sig>,
/// True if this point is equal to the `INFINITY_SIGNATURE`.
pub(crate) is_infinity: bool,
_phantom: PhantomData<Pub>,
}
impl<Pub, Sig> GenericSignature<Pub, Sig>
where
Sig: TSignature<Pub>,
{
/// Initialize self to the "empty" value. This value is serialized as all-zeros.
///
/// ## Notes
///
/// This function is not necessarily useful from a BLS cryptography perspective, it mostly
/// exists to satisfy the Eth2 specification which expects the all-zeros serialization to be
/// meaningful.
pub fn empty() -> Self {
Self {
point: None,
is_infinity: false,
_phantom: PhantomData,
}
}
/// Returns `true` if `self` is equal to the "empty" value.
///
/// E.g., `Self::empty().is_empty() == true`
pub fn is_empty(&self) -> bool {
self.point.is_none()
}
/// Returns a reference to the underlying BLS point.
pub(crate) fn point(&self) -> Option<&Sig> {
self.point.as_ref()
}
/// Instantiates `Self` from a `point`.
pub(crate) fn from_point(point: Sig, is_infinity: bool) -> Self {
Self {
point: Some(point),
is_infinity,
_phantom: PhantomData,
}
}
/// Serialize `self` as compressed bytes.
pub fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
if let Some(point) = &self.point {
point.serialize()
} else {
NONE_SIGNATURE
}
}
/// Deserialize `self` from compressed bytes.
pub fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
let point = if bytes == &NONE_SIGNATURE[..] {
None
} else {
Some(Sig::deserialize(bytes)?)
};
Ok(Self {
point,
is_infinity: bytes == &INFINITY_SIGNATURE[..],
_phantom: PhantomData,
})
}
}
impl<Pub, Sig> GenericSignature<Pub, Sig>
where
Sig: TSignature<Pub>,
Pub: TPublicKey + Clone,
{
/// Returns `true` if `self` is a signature across `msg` by `pubkey`.
pub fn verify(&self, pubkey: &GenericPublicKey<Pub>, msg: Hash256) -> bool {
if self.is_infinity && pubkey.is_infinity {
return true;
}
if let Some(point) = &self.point {
point.verify(pubkey.point(), msg)
} else {
false
}
}
}
impl<PublicKey, T: TSignature<PublicKey>> Encode for GenericSignature<PublicKey, T> {
impl_ssz_encode!(SIGNATURE_BYTES_LEN);
}
impl<PublicKey, T: TSignature<PublicKey>> Decode for GenericSignature<PublicKey, T> {
impl_ssz_decode!(SIGNATURE_BYTES_LEN);
}
impl<PublicKey, T: TSignature<PublicKey>> TreeHash for GenericSignature<PublicKey, T> {
impl_tree_hash!(SIGNATURE_BYTES_LEN);
}
impl<PublicKey, T: TSignature<PublicKey>> Serialize for GenericSignature<PublicKey, T> {
impl_serde_serialize!();
}
impl<'de, PublicKey, T: TSignature<PublicKey>> Deserialize<'de> for GenericSignature<PublicKey, T> {
impl_serde_deserialize!();
}
impl<PublicKey, T: TSignature<PublicKey>> fmt::Debug for GenericSignature<PublicKey, T> {
impl_debug!();
}
#[cfg(feature = "arbitrary")]
impl<PublicKey: 'static, T: TSignature<PublicKey> + 'static> arbitrary::Arbitrary
for GenericSignature<PublicKey, T>
{
impl_arbitrary!(SIGNATURE_BYTES_LEN);
}

142
crypto/bls/src/generic_signature_bytes.rs Normal file
View File

@ -0,0 +1,142 @@
use crate::{
generic_public_key::TPublicKey,
generic_signature::{GenericSignature, TSignature},
Error, INFINITY_SIGNATURE, SIGNATURE_BYTES_LEN,
};
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, Encode};
use std::convert::TryInto;
use std::fmt;
use std::marker::PhantomData;
use tree_hash::TreeHash;
/// A wrapper around some bytes that may or may not be a `GenericSignature` in compressed form.
///
/// This struct is useful for two things:
///
/// - Lazily verifying a serialized signature.
/// - Storing some bytes that are actually invalid (required in the case of a `Deposit` message).
#[derive(Clone)]
pub struct GenericSignatureBytes<Pub, Sig> {
bytes: [u8; SIGNATURE_BYTES_LEN],
_phantom_public_key: PhantomData<Pub>,
_phantom_signature: PhantomData<Sig>,
}
impl<Pub, Sig> GenericSignatureBytes<Pub, Sig>
where
Sig: TSignature<Pub>,
Pub: TPublicKey,
{
/// Decompress and deserialize the bytes in `self` into an actual signature.
///
/// May fail if the bytes are invalid.
pub fn decompress(&self) -> Result<GenericSignature<Pub, Sig>, Error> {
let is_infinity = self.bytes[..] == INFINITY_SIGNATURE[..];
Sig::deserialize(&self.bytes).map(|point| GenericSignature::from_point(point, is_infinity))
}
}
impl<Pub, Sig> GenericSignatureBytes<Pub, Sig> {
/// Instantiates `Self` with all-zeros.
pub fn empty() -> Self {
Self {
bytes: [0; SIGNATURE_BYTES_LEN],
_phantom_signature: PhantomData,
_phantom_public_key: PhantomData,
}
}
/// Clones the bytes in `self`.
///
/// The bytes are not verified (i.e., they may not represent a valid BLS point).
pub fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
self.bytes
}
/// Instantiates `Self` from bytes.
///
/// The bytes are not fully verified (i.e., they may not represent a valid BLS point). Only the
/// byte-length is checked.
pub fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
if bytes.len() == SIGNATURE_BYTES_LEN {
let mut pk_bytes = [0; SIGNATURE_BYTES_LEN];
pk_bytes[..].copy_from_slice(bytes);
Ok(Self {
bytes: pk_bytes,
_phantom_signature: PhantomData,
_phantom_public_key: PhantomData,
})
} else {
Err(Error::InvalidByteLength {
got: bytes.len(),
expected: SIGNATURE_BYTES_LEN,
})
}
}
}
impl<Pub, Sig> PartialEq for GenericSignatureBytes<Pub, Sig> {
fn eq(&self, other: &Self) -> bool {
self.bytes[..] == other.bytes[..]
}
}
/// Serializes the `GenericSignature` in compressed form, storing the bytes in the newly created `Self`.
impl<Pub, Sig> From<GenericSignature<Pub, Sig>> for GenericSignatureBytes<Pub, Sig>
where
Pub: TPublicKey,
Sig: TSignature<Pub>,
{
fn from(sig: GenericSignature<Pub, Sig>) -> Self {
Self {
bytes: sig.serialize(),
_phantom_signature: PhantomData,
_phantom_public_key: PhantomData,
}
}
}
/// Alias to `self.decompress()`.
impl<Pub, Sig> TryInto<GenericSignature<Pub, Sig>> for &GenericSignatureBytes<Pub, Sig>
where
Pub: TPublicKey,
Sig: TSignature<Pub>,
{
type Error = Error;
fn try_into(self) -> Result<GenericSignature<Pub, Sig>, Error> {
self.decompress()
}
}
impl<Pub, Sig> Encode for GenericSignatureBytes<Pub, Sig> {
impl_ssz_encode!(SIGNATURE_BYTES_LEN);
}
impl<Pub, Sig> Decode for GenericSignatureBytes<Pub, Sig> {
impl_ssz_decode!(SIGNATURE_BYTES_LEN);
}
impl<Pub, Sig> TreeHash for GenericSignatureBytes<Pub, Sig> {
impl_tree_hash!(SIGNATURE_BYTES_LEN);
}
impl<Pub, Sig> Serialize for GenericSignatureBytes<Pub, Sig> {
impl_serde_serialize!();
}
impl<'de, Pub, Sig> Deserialize<'de> for GenericSignatureBytes<Pub, Sig> {
impl_serde_deserialize!();
}
impl<Pub, Sig> fmt::Debug for GenericSignatureBytes<Pub, Sig> {
impl_debug!();
}
#[cfg(feature = "arbitrary")]
impl<Pub: 'static, Sig: 'static> arbitrary::Arbitrary for GenericSignatureBytes<Pub, Sig> {
impl_arbitrary!(SIGNATURE_BYTES_LEN);
}

121
crypto/bls/src/generic_signature_set.rs Normal file
View File

@ -0,0 +1,121 @@
use crate::{
generic_aggregate_public_key::TAggregatePublicKey,
generic_aggregate_signature::{GenericAggregateSignature, TAggregateSignature},
generic_public_key::{GenericPublicKey, TPublicKey},
generic_signature::{GenericSignature, TSignature},
Hash256,
};
use std::borrow::Cow;
use std::marker::PhantomData;
/// A generic way to represent a `GenericSignature` or `GenericAggregateSignature`.
pub struct WrappedSignature<'a, Pub, AggPub, Sig, AggSig>
where
Pub: TPublicKey + Clone,
AggPub: Clone,
Sig: Clone,
AggSig: Clone,
{
aggregate: Cow<'a, GenericAggregateSignature<Pub, AggPub, Sig, AggSig>>,
}
impl<'a, Pub, AggPub, Sig, AggSig> Into<WrappedSignature<'a, Pub, AggPub, Sig, AggSig>>
for &'a GenericSignature<Pub, Sig>
where
Pub: TPublicKey + Clone,
AggPub: Clone,
Sig: TSignature<Pub> + Clone,
AggSig: TAggregateSignature<Pub, AggPub, Sig> + Clone,
{
fn into(self) -> WrappedSignature<'a, Pub, AggPub, Sig, AggSig> {
let mut aggregate: GenericAggregateSignature<Pub, AggPub, Sig, AggSig> =
GenericAggregateSignature::infinity();
aggregate.add_assign(self);
WrappedSignature {
aggregate: Cow::Owned(aggregate),
}
}
}
impl<'a, Pub, AggPub, Sig, AggSig> Into<WrappedSignature<'a, Pub, AggPub, Sig, AggSig>>
for &'a GenericAggregateSignature<Pub, AggPub, Sig, AggSig>
where
Pub: TPublicKey + Clone,
AggPub: Clone,
Sig: Clone,
AggSig: Clone,
{
fn into(self) -> WrappedSignature<'a, Pub, AggPub, Sig, AggSig> {
WrappedSignature {
aggregate: Cow::Borrowed(self),
}
}
}
/// A generic way to represent a signature across a message by multiple public keys.
///
/// This struct is primarily useful in a collection (e.g., `Vec<GenericSignatureSet>`) so we can perform
/// multiple-signature verification which is much faster than verifying each signature
/// individually.
#[derive(Clone)]
pub struct GenericSignatureSet<'a, Pub, AggPub, Sig, AggSig>
where
Pub: TPublicKey + Clone,
AggPub: Clone,
Sig: Clone,
AggSig: Clone,
{
pub signature: Cow<'a, GenericAggregateSignature<Pub, AggPub, Sig, AggSig>>,
pub(crate) signing_keys: Vec<Cow<'a, GenericPublicKey<Pub>>>,
pub(crate) message: Hash256,
_phantom: PhantomData<Sig>,
}
impl<'a, Pub, AggPub, Sig, AggSig> GenericSignatureSet<'a, Pub, AggPub, Sig, AggSig>
where
Pub: TPublicKey + Clone,
AggPub: TAggregatePublicKey + Clone,
Sig: TSignature<Pub> + Clone,
AggSig: TAggregateSignature<Pub, AggPub, Sig> + Clone,
{
/// Instantiate self where `signature` is only signed by a single public key.
pub fn single_pubkey(
signature: impl Into<WrappedSignature<'a, Pub, AggPub, Sig, AggSig>>,
signing_key: Cow<'a, GenericPublicKey<Pub>>,
message: Hash256,
) -> Self {
Self {
signature: signature.into().aggregate,
signing_keys: vec![signing_key],
message,
_phantom: PhantomData,
}
}
/// Instantiate self where `signature` is signed by multiple public keys.
pub fn multiple_pubkeys(
signature: impl Into<WrappedSignature<'a, Pub, AggPub, Sig, AggSig>>,
signing_keys: Vec<Cow<'a, GenericPublicKey<Pub>>>,
message: Hash256,
) -> Self {
Self {
signature: signature.into().aggregate,
signing_keys,
message,
_phantom: PhantomData,
}
}
/// Returns `true` if `self.signature` is a signature across `self.message` by
/// `self.signing_keys`.
pub fn verify(self) -> bool {
let pubkeys = self
.signing_keys
.iter()
.map(|pk| pk.as_ref())
.collect::<Vec<_>>();
self.signature
.fast_aggregate_verify(self.message, &pubkeys[..])
}
}

14
crypto/bls/src/get_withdrawal_credentials.rs Normal file
View File

@ -0,0 +1,14 @@
use crate::PublicKey;
use eth2_hashing::hash;
use ssz::Encode;
/// Returns the withdrawal credentials for a given public key.
///
/// Used for submitting deposits to the Eth1 deposit contract.
pub fn get_withdrawal_credentials(pubkey: &PublicKey, prefix_byte: u8) -> Vec<u8> {
let hashed = hash(&pubkey.as_ssz_bytes());
let mut prefixed = vec![prefix_byte];
prefixed.extend_from_slice(&hashed[1..]);
prefixed
}

273
crypto/bls/src/impls/blst.rs Normal file
View File

@ -0,0 +1,273 @@
use crate::{
generic_aggregate_public_key::TAggregatePublicKey,
generic_aggregate_signature::TAggregateSignature,
generic_public_key::{GenericPublicKey, TPublicKey, PUBLIC_KEY_BYTES_LEN},
generic_secret_key::TSecretKey,
generic_signature::{TSignature, SIGNATURE_BYTES_LEN},
Error, Hash256, ZeroizeHash, INFINITY_PUBLIC_KEY, INFINITY_SIGNATURE,
};
pub use blst::min_pk as blst_core;
use blst::{blst_scalar, BLST_ERROR};
use rand::Rng;
use std::iter::ExactSizeIterator;
pub const DST: &[u8] = b"BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_";
pub const RAND_BITS: usize = 64;
/// Provides the externally-facing, core BLS types.
pub mod types {
pub use super::blst_core::PublicKey;
pub use super::blst_core::SecretKey;
pub use super::blst_core::Signature;
pub use super::verify_signature_sets;
pub use super::BlstAggregatePublicKey as AggregatePublicKey;
pub use super::BlstAggregateSignature as AggregateSignature;
pub use super::SignatureSet;
}
pub type SignatureSet<'a> = crate::generic_signature_set::GenericSignatureSet<
'a,
blst_core::PublicKey,
BlstAggregatePublicKey,
blst_core::Signature,
BlstAggregateSignature,
>;
pub fn verify_signature_sets<'a>(
signature_sets: impl ExactSizeIterator<Item = &'a SignatureSet<'a>>,
) -> bool {
let sets = signature_sets.collect::<Vec<_>>();
if sets.is_empty() {
return false;
}
let rng = &mut rand::thread_rng();
let mut rands: Vec<blst_scalar> = Vec::with_capacity(sets.len());
let mut msgs_refs = Vec::with_capacity(sets.len());
let mut sigs = Vec::with_capacity(sets.len());
let mut pks = Vec::with_capacity(sets.len());
for set in &sets {
// If this set is simply an infinity signature and infinity pubkey then skip verification.
// This has the effect of always declaring that this sig/pubkey combination is valid.
if set.signature.is_infinity
&& set.signing_keys.len() == 1
&& set.signing_keys.first().map_or(false, |pk| pk.is_infinity)
{
continue;
}
// Generate random scalars.
let mut vals = [0u64; 4];
vals[0] = rng.gen();
let mut rand_i = std::mem::MaybeUninit::<blst_scalar>::uninit();
// TODO: remove this `unsafe` code-block once we get a safe option from `blst`.
//
// See https://github.com/supranational/blst/issues/13
unsafe {
blst::blst_scalar_from_uint64(rand_i.as_mut_ptr(), vals.as_ptr());
rands.push(rand_i.assume_init());
}
// Grab a slice of the message, to satisfy the blst API.
msgs_refs.push(set.message.as_bytes());
// Convert the aggregate signature into a signature.
if let Some(point) = set.signature.point() {
sigs.push(point.0.to_signature())
} else {
// Any "empty" signature should cause a signature failure.
return false;
}
// Sanity check.
if set.signing_keys.is_empty() {
// A signature that has no signing keys is invalid.
return false;
}
// Collect all the public keys into a point, to satisfy the blst API.
//
// Note: we could potentially have the `SignatureSet` take a pubkey point instead of a
// `GenericPublicKey` and avoid this allocation.
let signing_keys = set
.signing_keys
.iter()
.map(|pk| pk.point())
.collect::<Vec<_>>();
// Aggregate all the public keys.
pks.push(blst_core::AggregatePublicKey::aggregate(&signing_keys).to_public_key());
}
// Due to an earlier check, the only case this can be empty is if all the sets consisted of
// infinity pubkeys/sigs. In such a case we wish to return `true`.
if msgs_refs.is_empty() {
return true;
}
let (sig_refs, pks_refs): (Vec<_>, Vec<_>) = sigs.iter().zip(pks.iter()).unzip();
let err = blst_core::Signature::verify_multiple_aggregate_signatures(
&msgs_refs, DST, &pks_refs, &sig_refs, &rands, RAND_BITS,
);
err == blst::BLST_ERROR::BLST_SUCCESS
}
impl TPublicKey for blst_core::PublicKey {
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
self.compress()
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
Self::uncompress(&bytes).map_err(Into::into)
}
}
/// A wrapper that allows for `PartialEq` and `Clone` impls.
pub struct BlstAggregatePublicKey(blst_core::AggregatePublicKey);
impl Clone for BlstAggregatePublicKey {
fn clone(&self) -> Self {
Self(blst_core::AggregatePublicKey::from_public_key(
&self.0.to_public_key(),
))
}
}
impl PartialEq for BlstAggregatePublicKey {
fn eq(&self, other: &Self) -> bool {
self.0.to_public_key() == other.0.to_public_key()
}
}
impl TAggregatePublicKey for BlstAggregatePublicKey {
fn infinity() -> Self {
blst_core::PublicKey::from_bytes(&INFINITY_PUBLIC_KEY)
.map(|pk| blst_core::AggregatePublicKey::from_public_key(&pk))
.map(Self)
.expect("should decode infinity public key")
}
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
self.0.to_public_key().compress()
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
blst_core::PublicKey::from_bytes(&bytes)
.map_err(Into::into)
.map(|pk| blst_core::AggregatePublicKey::from_public_key(&pk))
.map(Self)
}
}
impl TSignature<blst_core::PublicKey> for blst_core::Signature {
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
self.to_bytes()
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
Self::from_bytes(bytes).map_err(Into::into)
}
fn verify(&self, pubkey: &blst_core::PublicKey, msg: Hash256) -> bool {
self.verify(msg.as_bytes(), DST, &[], pubkey) == BLST_ERROR::BLST_SUCCESS
}
}
/// A wrapper that allows for `PartialEq` and `Clone` impls.
pub struct BlstAggregateSignature(blst_core::AggregateSignature);
impl Clone for BlstAggregateSignature {
fn clone(&self) -> Self {
Self(blst_core::AggregateSignature::from_signature(
&self.0.to_signature(),
))
}
}
impl PartialEq for BlstAggregateSignature {
fn eq(&self, other: &Self) -> bool {
self.0.to_signature() == other.0.to_signature()
}
}
impl TAggregateSignature<blst_core::PublicKey, BlstAggregatePublicKey, blst_core::Signature>
for BlstAggregateSignature
{
fn infinity() -> Self {
blst_core::Signature::from_bytes(&INFINITY_SIGNATURE)
.map(|sig| blst_core::AggregateSignature::from_signature(&sig))
.map(Self)
.expect("should decode infinity signature")
}
fn add_assign(&mut self, other: &blst_core::Signature) {
self.0.add_signature(other)
}
fn add_assign_aggregate(&mut self, other: &Self) {
self.0.add_aggregate(&other.0)
}
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
self.0.to_signature().to_bytes()
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
blst_core::Signature::from_bytes(bytes)
.map_err(Into::into)
.map(|sig| blst_core::AggregateSignature::from_signature(&sig))
.map(Self)
}
fn fast_aggregate_verify(
&self,
msg: Hash256,
pubkeys: &[&GenericPublicKey<blst_core::PublicKey>],
) -> bool {
let pubkeys = pubkeys.iter().map(|pk| pk.point()).collect::<Vec<_>>();
let signature = self.0.clone().to_signature();
signature.fast_aggregate_verify(msg.as_bytes(), DST, &pubkeys) == BLST_ERROR::BLST_SUCCESS
}
fn aggregate_verify(
&self,
msgs: &[Hash256],
pubkeys: &[&GenericPublicKey<blst_core::PublicKey>],
) -> bool {
let pubkeys = pubkeys.iter().map(|pk| pk.point()).collect::<Vec<_>>();
let msgs = msgs.iter().map(|hash| hash.as_bytes()).collect::<Vec<_>>();
let signature = self.0.clone().to_signature();
signature.aggregate_verify(&msgs, DST, &pubkeys) == BLST_ERROR::BLST_SUCCESS
}
}
impl TSecretKey<blst_core::Signature, blst_core::PublicKey> for blst_core::SecretKey {
fn random() -> Self {
let rng = &mut rand::thread_rng();
let ikm: [u8; 32] = rng.gen();
Self::key_gen(&ikm, &[]).unwrap()
}
fn public_key(&self) -> blst_core::PublicKey {
self.sk_to_pk()
}
fn sign(&self, msg: Hash256) -> blst_core::Signature {
self.sign(msg.as_bytes(), DST, &[])
}
fn serialize(&self) -> ZeroizeHash {
self.to_bytes().into()
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
Self::from_bytes(&bytes).map_err(Into::into)
}
}

215
crypto/bls/src/impls/fake_crypto.rs Normal file
View File

@ -0,0 +1,215 @@
use crate::{
generic_aggregate_public_key::TAggregatePublicKey,
generic_aggregate_signature::TAggregateSignature,
generic_public_key::{GenericPublicKey, TPublicKey, PUBLIC_KEY_BYTES_LEN},
generic_secret_key::{TSecretKey, SECRET_KEY_BYTES_LEN},
generic_signature::{TSignature, SIGNATURE_BYTES_LEN},
Error, Hash256, ZeroizeHash, INFINITY_PUBLIC_KEY, INFINITY_SIGNATURE,
};
/// Provides the externally-facing, core BLS types.
pub mod types {
pub use super::verify_signature_sets;
pub use super::AggregatePublicKey;
pub use super::AggregateSignature;
pub use super::PublicKey;
pub use super::SecretKey;
pub use super::Signature;
pub use super::SignatureSet;
}
pub type SignatureSet<'a> = crate::generic_signature_set::GenericSignatureSet<
'a,
PublicKey,
AggregatePublicKey,
Signature,
AggregateSignature,
>;
pub fn verify_signature_sets<'a>(
_signature_sets: impl ExactSizeIterator<Item = &'a SignatureSet<'a>>,
) -> bool {
true
}
#[derive(Clone)]
pub struct PublicKey([u8; PUBLIC_KEY_BYTES_LEN]);
impl PublicKey {
fn infinity() -> Self {
Self(INFINITY_PUBLIC_KEY)
}
}
impl TPublicKey for PublicKey {
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
self.0
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
let mut pubkey = Self::infinity();
pubkey.0[..].copy_from_slice(&bytes[0..PUBLIC_KEY_BYTES_LEN]);
Ok(pubkey)
}
}
impl Eq for PublicKey {}
impl PartialEq for PublicKey {
fn eq(&self, other: &Self) -> bool {
self.0[..] == other.0[..]
}
}
#[derive(Clone)]
pub struct AggregatePublicKey([u8; PUBLIC_KEY_BYTES_LEN]);
impl TAggregatePublicKey for AggregatePublicKey {
fn infinity() -> Self {
Self([0; PUBLIC_KEY_BYTES_LEN])
}
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
let mut bytes = [0; PUBLIC_KEY_BYTES_LEN];
bytes[..].copy_from_slice(&self.0);
bytes
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
let mut key = [0; PUBLIC_KEY_BYTES_LEN];
key[..].copy_from_slice(&bytes);
Ok(Self(key))
}
}
impl Eq for AggregatePublicKey {}
impl PartialEq for AggregatePublicKey {
fn eq(&self, other: &Self) -> bool {
self.0[..] == other.0[..]
}
}
#[derive(Clone)]
pub struct Signature([u8; SIGNATURE_BYTES_LEN]);
impl Signature {
fn infinity() -> Self {
Self([0; SIGNATURE_BYTES_LEN])
}
}
impl TSignature<PublicKey> for Signature {
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
self.0
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
let mut signature = Self::infinity();
signature.0[..].copy_from_slice(&bytes[0..SIGNATURE_BYTES_LEN]);
Ok(signature)
}
fn verify(&self, _pubkey: &PublicKey, _msg: Hash256) -> bool {
true
}
}
impl PartialEq for Signature {
fn eq(&self, other: &Self) -> bool {
self.0[..] == other.0[..]
}
}
#[derive(Clone)]
pub struct AggregateSignature([u8; SIGNATURE_BYTES_LEN]);
impl AggregateSignature {
fn infinity() -> Self {
Self(INFINITY_SIGNATURE)
}
}
impl TAggregateSignature<PublicKey, AggregatePublicKey, Signature> for AggregateSignature {
fn infinity() -> Self {
Self::infinity()
}
fn add_assign(&mut self, _other: &Signature) {
// Do nothing.
}
fn add_assign_aggregate(&mut self, _other: &Self) {
// Do nothing.
}
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
let mut bytes = [0; SIGNATURE_BYTES_LEN];
bytes[..].copy_from_slice(&self.0);
bytes
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
let mut key = [0; SIGNATURE_BYTES_LEN];
key[..].copy_from_slice(&bytes);
Ok(Self(key))
}
fn fast_aggregate_verify(
&self,
_msg: Hash256,
_pubkeys: &[&GenericPublicKey<PublicKey>],
) -> bool {
true
}
fn aggregate_verify(
&self,
_msgs: &[Hash256],
_pubkeys: &[&GenericPublicKey<PublicKey>],
) -> bool {
true
}
}
impl Eq for AggregateSignature {}
impl PartialEq for AggregateSignature {
fn eq(&self, other: &Self) -> bool {
self.0[..] == other.0[..]
}
}
#[derive(Clone)]
pub struct SecretKey([u8; SECRET_KEY_BYTES_LEN]);
impl TSecretKey<Signature, PublicKey> for SecretKey {
fn random() -> Self {
Self([0; SECRET_KEY_BYTES_LEN])
}
fn public_key(&self) -> PublicKey {
PublicKey::infinity()
}
fn sign(&self, _msg: Hash256) -> Signature {
Signature::infinity()
}
fn serialize(&self) -> ZeroizeHash {
let mut bytes = [0; SECRET_KEY_BYTES_LEN];
bytes[..].copy_from_slice(&self.0[..]);
bytes.into()
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
let mut sk = Self::random();
sk.0[..].copy_from_slice(&bytes[0..SECRET_KEY_BYTES_LEN]);
Ok(sk)
}
}

197
crypto/bls/src/impls/milagro.rs Normal file
View File

@ -0,0 +1,197 @@
use crate::{
generic_aggregate_public_key::TAggregatePublicKey,
generic_aggregate_signature::TAggregateSignature,
generic_public_key::{GenericPublicKey, TPublicKey, PUBLIC_KEY_BYTES_LEN},
generic_secret_key::{TSecretKey, SECRET_KEY_BYTES_LEN},
generic_signature::{TSignature, SIGNATURE_BYTES_LEN},
Error, Hash256, ZeroizeHash, INFINITY_PUBLIC_KEY,
};
pub use milagro_bls as milagro;
use rand::thread_rng;
use std::iter::ExactSizeIterator;
/// Provides the externally-facing, core BLS types.
pub mod types {
pub use super::milagro::AggregatePublicKey;
pub use super::milagro::AggregateSignature;
pub use super::milagro::PublicKey;
pub use super::milagro::SecretKey;
pub use super::milagro::Signature;
pub use super::verify_signature_sets;
pub use super::SignatureSet;
}
pub type SignatureSet<'a> = crate::generic_signature_set::GenericSignatureSet<
'a,
milagro::PublicKey,
milagro::AggregatePublicKey,
milagro::Signature,
milagro::AggregateSignature,
>;
pub fn verify_signature_sets<'a>(
signature_sets: impl ExactSizeIterator<Item = &'a SignatureSet<'a>>,
) -> bool {
if signature_sets.len() == 0 {
return false;
}
signature_sets
.map(|signature_set| {
let mut aggregate = milagro::AggregatePublicKey::from_public_key(
signature_set.signing_keys.first().ok_or(())?.point(),
);
for signing_key in signature_set.signing_keys.iter().skip(1) {
aggregate.add(signing_key.point())
}
if signature_set.signature.point().is_none() {
return Err(());
}
Ok((
signature_set.signature.as_ref(),
aggregate,
signature_set.message,
))
})
.collect::<Result<Vec<_>, ()>>()
.map(|aggregates| {
milagro::AggregateSignature::verify_multiple_aggregate_signatures(
&mut rand::thread_rng(),
aggregates.iter().map(|(signature, aggregate, message)| {
(
signature
.point()
.expect("guarded against none by previous check"),
aggregate,
message.as_bytes(),
)
}),
)
})
.unwrap_or(false)
}
impl TPublicKey for milagro::PublicKey {
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
let mut bytes = [0; PUBLIC_KEY_BYTES_LEN];
bytes[..].copy_from_slice(&self.as_bytes());
bytes
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
Self::from_bytes(&bytes).map_err(Into::into)
}
}
impl TAggregatePublicKey for milagro::AggregatePublicKey {
fn infinity() -> Self {
Self::from_bytes(&INFINITY_PUBLIC_KEY).expect("should decode infinity public key")
}
fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
let mut bytes = [0; PUBLIC_KEY_BYTES_LEN];
bytes[..].copy_from_slice(&self.as_bytes());
bytes
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
Self::from_bytes(&bytes).map_err(Into::into)
}
}
impl TSignature<milagro::PublicKey> for milagro::Signature {
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
let mut bytes = [0; SIGNATURE_BYTES_LEN];
bytes[..].copy_from_slice(&self.as_bytes());
bytes
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
milagro::Signature::from_bytes(&bytes).map_err(Error::MilagroError)
}
fn verify(&self, pubkey: &milagro::PublicKey, msg: Hash256) -> bool {
self.verify(msg.as_bytes(), pubkey)
}
}
impl TAggregateSignature<milagro::PublicKey, milagro::AggregatePublicKey, milagro::Signature>
for milagro::AggregateSignature
{
fn infinity() -> Self {
milagro::AggregateSignature::new()
}
fn add_assign(&mut self, other: &milagro::Signature) {
self.add(other)
}
fn add_assign_aggregate(&mut self, other: &Self) {
self.add_aggregate(other)
}
fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
let mut bytes = [0; SIGNATURE_BYTES_LEN];
bytes[..].copy_from_slice(&self.as_bytes());
bytes
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
milagro::AggregateSignature::from_bytes(&bytes).map_err(Error::MilagroError)
}
fn fast_aggregate_verify(
&self,
msg: Hash256,
pubkeys: &[&GenericPublicKey<milagro::PublicKey>],
) -> bool {
let pubkeys = pubkeys.iter().map(|pk| pk.point()).collect::<Vec<_>>();
self.fast_aggregate_verify(msg.as_bytes(), &pubkeys)
}
fn aggregate_verify(
&self,
msgs: &[Hash256],
pubkeys: &[&GenericPublicKey<milagro::PublicKey>],
) -> bool {
let pubkeys = pubkeys.iter().map(|pk| pk.point()).collect::<Vec<_>>();
let msgs = msgs.iter().map(|hash| hash.as_bytes()).collect::<Vec<_>>();
self.aggregate_verify(&msgs, &pubkeys)
}
}
impl TSecretKey<milagro::Signature, milagro::PublicKey> for milagro::SecretKey {
fn random() -> Self {
Self::random(&mut thread_rng())
}
fn public_key(&self) -> milagro::PublicKey {
let point = milagro::PublicKey::from_secret_key(self).point;
milagro::PublicKey { point }
}
fn sign(&self, msg: Hash256) -> milagro::Signature {
let point = milagro::Signature::new(msg.as_bytes(), self).point;
milagro::Signature { point }
}
fn serialize(&self) -> ZeroizeHash {
let mut bytes = [0; SECRET_KEY_BYTES_LEN];
// Takes the right-hand 32 bytes from the secret key.
bytes[..].copy_from_slice(&self.as_bytes());
bytes.into()
}
fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
Self::from_bytes(&bytes).map_err(Into::into)
}
}

3
crypto/bls/src/impls/mod.rs Normal file
View File

@ -0,0 +1,3 @@
pub mod blst;
pub mod fake_crypto;
pub mod milagro;

41
crypto/bls/src/keypair.rs
View File

@ -1,41 +0,0 @@
use super::{PublicKey, SecretKey};
use std::fmt;
use std::hash::{Hash, Hasher};
#[derive(Clone)]
pub struct Keypair {
pub sk: SecretKey,
pub pk: PublicKey,
}
impl Keypair {
/// Instantiate a Keypair using SecretKey::random().
pub fn random() -> Self {
let sk = SecretKey::random();
let pk = PublicKey::from_secret_key(&sk);
Keypair { sk, pk }
}
pub fn identifier(&self) -> String {
self.pk.concatenated_hex_id()
}
}
#[allow(clippy::derive_hash_xor_eq)]
impl Hash for Keypair {
/// Note: this is distinct from consensus serialization, it will produce a different hash.
///
/// This method uses the uncompressed bytes, which are much faster to obtain than the
/// compressed bytes required for consensus serialization.
///
/// Use `ssz::Encode` to obtain the bytes required for consensus hashing.
fn hash<H: Hasher>(&self, state: &mut H) {
self.pk.as_uncompressed_bytes().hash(state)
}
}
impl fmt::Display for Keypair {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "{}", self.pk)
}
}

194
crypto/bls/src/lib.rs
View File

@ -1,84 +1,140 @@
extern crate milagro_bls;
extern crate ssz;
//! This library provides a wrapper around several BLS implementations to provide
//! Lighthouse-specific functionality.
//!
//! This crate should not perform direct cryptographic operations, instead it should do these via
//! external libraries. However, seeing as it is an interface to a real cryptographic library, it
//! may contain logic that affects the outcomes of cryptographic operations.
//!
//! A source of complexity in this crate is that *multiple* BLS implementations (a.k.a. "backends")
//! are supported via compile-time flags. There are three backends supported via features:
//!
//! - `supranational`: the pure-assembly, highly optimized version from the `blst` crate.
//! - `milagro`: the classic pure-Rust `milagro_bls` crate.
//! - `fake_crypto`: an always-returns-valid implementation that is only useful for testing
//! scenarios which intend to *ignore* real cryptography.
//!
//! This crate uses traits to reduce code-duplication between the two implementations. For example,
//! the `GenericPublicKey` struct exported from this crate is generic across the `TPublicKey` trait
//! (i.e., `PublicKey<TPublicKey>`). `TPublicKey` is implemented by all three backends (see the
//! `impls.rs` module). When compiling with the `milagro` feature, we export
//! `type PublicKey = GenericPublicKey<milagro::PublicKey>`.
#[macro_use]
mod macros;
mod keypair;
mod public_key_bytes;
mod secret_hash;
mod secret_key;
mod signature_bytes;
mod signature_set;
mod generic_aggregate_public_key;
mod generic_aggregate_signature;
mod generic_keypair;
mod generic_public_key;
mod generic_public_key_bytes;
mod generic_secret_key;
mod generic_signature;
mod generic_signature_bytes;
mod generic_signature_set;
mod get_withdrawal_credentials;
mod zeroize_hash;
pub use crate::keypair::Keypair;
pub use crate::public_key_bytes::PublicKeyBytes;
pub use crate::secret_key::SecretKey;
pub use crate::signature_bytes::SignatureBytes;
pub use secret_hash::SecretHash;
pub use signature_set::{verify_signature_sets, SignatureSet};
pub mod impls;
#[cfg(feature = "arbitrary")]
pub use arbitrary;
pub use generic_public_key::{INFINITY_PUBLIC_KEY, PUBLIC_KEY_BYTES_LEN};
pub use generic_secret_key::SECRET_KEY_BYTES_LEN;
pub use generic_signature::{INFINITY_SIGNATURE, SIGNATURE_BYTES_LEN};
pub use get_withdrawal_credentials::get_withdrawal_credentials;
pub use zeroize_hash::ZeroizeHash;
#[cfg(feature = "fake_crypto")]
mod fake_aggregate_public_key;
#[cfg(feature = "fake_crypto")]
mod fake_aggregate_signature;
#[cfg(feature = "fake_crypto")]
mod fake_public_key;
#[cfg(feature = "fake_crypto")]
mod fake_signature;
use blst::BLST_ERROR as BlstError;
use milagro_bls::AmclError;
#[cfg(not(feature = "fake_crypto"))]
mod aggregate_public_key;
#[cfg(not(feature = "fake_crypto"))]
mod aggregate_signature;
#[cfg(not(feature = "fake_crypto"))]
mod public_key;
#[cfg(not(feature = "fake_crypto"))]
mod signature;
pub type Hash256 = ethereum_types::H256;
#[cfg(feature = "fake_crypto")]
pub use fakes::*;
#[cfg(feature = "fake_crypto")]
mod fakes {
pub use crate::fake_aggregate_public_key::FakeAggregatePublicKey as AggregatePublicKey;
pub use crate::fake_aggregate_signature::FakeAggregateSignature as AggregateSignature;
pub use crate::fake_public_key::FakePublicKey as PublicKey;
pub use crate::fake_signature::FakeSignature as Signature;
#[derive(Clone, Debug, PartialEq)]
pub enum Error {
/// An error was raised from the Milagro BLS library.
MilagroError(AmclError),
/// An error was raised from the Supranational BLST BLS library.
BlstError(BlstError),
/// The provided bytes were an incorrect length.
InvalidByteLength { got: usize, expected: usize },
/// The provided secret key bytes were an incorrect length.
InvalidSecretKeyLength { got: usize, expected: usize },
}
#[cfg(not(feature = "fake_crypto"))]
pub use reals::*;
#[cfg(not(feature = "fake_crypto"))]
mod reals {
pub use crate::aggregate_public_key::AggregatePublicKey;
pub use crate::aggregate_signature::AggregateSignature;
pub use crate::public_key::PublicKey;
pub use crate::signature::Signature;
impl From<AmclError> for Error {
fn from(e: AmclError) -> Error {
Error::MilagroError(e)
}
}
pub const BLS_AGG_SIG_BYTE_SIZE: usize = 96;
pub const BLS_SIG_BYTE_SIZE: usize = 96;
pub const BLS_SECRET_KEY_BYTE_SIZE: usize = 32;
pub const BLS_PUBLIC_KEY_BYTE_SIZE: usize = 48;
use eth2_hashing::hash;
use ssz::ssz_encode;
/// Returns the withdrawal credentials for a given public key.
pub fn get_withdrawal_credentials(pubkey: &PublicKey, prefix_byte: u8) -> Vec<u8> {
let hashed = hash(&ssz_encode(pubkey));
let mut prefixed = vec![prefix_byte];
prefixed.extend_from_slice(&hashed[1..]);
prefixed
impl From<BlstError> for Error {
fn from(e: BlstError) -> Error {
Error::BlstError(e)
}
}
pub fn bls_verify_aggregate(
pubkey: &AggregatePublicKey,
message: &[u8],
signature: &AggregateSignature,
) -> bool {
signature.verify(message, pubkey)
/// Generic implementations which are only generally useful for docs.
pub mod generics {
pub use crate::generic_aggregate_signature::GenericAggregateSignature;
pub use crate::generic_keypair::GenericKeypair;
pub use crate::generic_public_key::GenericPublicKey;
pub use crate::generic_public_key_bytes::GenericPublicKeyBytes;
pub use crate::generic_secret_key::GenericSecretKey;
pub use crate::generic_signature::GenericSignature;
pub use crate::generic_signature_bytes::GenericSignatureBytes;
}
/// Defines all the fundamental BLS points which should be exported by this crate by making
/// concrete the generic type parameters using the points from some external BLS library (e.g.,
/// Milagro, BLST).
macro_rules! define_mod {
($name: ident, $mod: path) => {
pub mod $name {
use $mod as bls_variant;
use crate::generics::*;
pub use bls_variant::{verify_signature_sets, SignatureSet};
pub type PublicKey = GenericPublicKey<bls_variant::PublicKey>;
pub type PublicKeyBytes = GenericPublicKeyBytes<bls_variant::PublicKey>;
pub type Signature = GenericSignature<bls_variant::PublicKey, bls_variant::Signature>;
pub type AggregateSignature = GenericAggregateSignature<
bls_variant::PublicKey,
bls_variant::AggregatePublicKey,
bls_variant::Signature,
bls_variant::AggregateSignature,
>;
pub type SignatureBytes =
GenericSignatureBytes<bls_variant::PublicKey, bls_variant::Signature>;
pub type SecretKey = GenericSecretKey<
bls_variant::Signature,
bls_variant::PublicKey,
bls_variant::SecretKey,
>;
pub type Keypair = GenericKeypair<
bls_variant::PublicKey,
bls_variant::SecretKey,
bls_variant::Signature,
>;
}
};
}
define_mod!(milagro_implementations, crate::impls::milagro::types);
define_mod!(blst_implementations, crate::impls::blst::types);
#[cfg(feature = "fake_crypto")]
define_mod!(
fake_crypto_implementations,
crate::impls::fake_crypto::types
);
#[cfg(all(feature = "milagro", not(feature = "fake_crypto"),))]
pub use milagro_implementations::*;
#[cfg(all(
feature = "supranational",
not(feature = "fake_crypto"),
not(feature = "milagro")
))]
pub use blst_implementations::*;
#[cfg(feature = "fake_crypto")]
pub use fake_crypto_implementations::*;

371
crypto/bls/src/macros.rs
View File

@ -1,265 +1,132 @@
macro_rules! impl_ssz {
($type: ident, $byte_size: expr, $item_str: expr) => {
impl ssz::Encode for $type {
fn is_ssz_fixed_len() -> bool {
true
}
fn ssz_fixed_len() -> usize {
$byte_size
}
fn ssz_bytes_len(&self) -> usize {
$byte_size
}
fn ssz_append(&self, buf: &mut Vec<u8>) {
buf.extend_from_slice(&self.as_bytes())
}
}
impl ssz::Decode for $type {
fn is_ssz_fixed_len() -> bool {
true
}
fn ssz_fixed_len() -> usize {
$byte_size
}
fn from_ssz_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
let len = bytes.len();
let expected = <Self as ssz::Decode>::ssz_fixed_len();
if len != expected {
Err(ssz::DecodeError::InvalidByteLength { len, expected })
} else {
$type::from_bytes(bytes)
}
}
}
};
}
/// Contains the functions required for a `TreeHash` implementation.
///
/// Does not include the `Impl` section since it gets very complicated when it comes to generics.
macro_rules! impl_tree_hash {
($type: ty, $byte_size: expr) => {
impl tree_hash::TreeHash for $type {
fn tree_hash_type() -> tree_hash::TreeHashType {
tree_hash::TreeHashType::Vector
}
($byte_size: expr) => {
fn tree_hash_type() -> tree_hash::TreeHashType {
tree_hash::TreeHashType::Vector
}
fn tree_hash_packed_encoding(&self) -> Vec<u8> {
unreachable!("Vector should never be packed.")
}
fn tree_hash_packed_encoding(&self) -> Vec<u8> {
unreachable!("Vector should never be packed.")
}
fn tree_hash_packing_factor() -> usize {
unreachable!("Vector should never be packed.")
}
fn tree_hash_packing_factor() -> usize {
unreachable!("Vector should never be packed.")
}
fn tree_hash_root(&self) -> tree_hash::Hash256 {
// We could use the tree hash implementation for `FixedVec<u8, $byte_size>`,
// but benchmarks have show that to be at least 15% slower because of the
// unnecessary copying and allocation (one Vec per byte)
let values_per_chunk = tree_hash::BYTES_PER_CHUNK;
let minimum_chunk_count = ($byte_size + values_per_chunk - 1) / values_per_chunk;
fn tree_hash_root(&self) -> tree_hash::Hash256 {
// We could use the tree hash implementation for `FixedVec<u8, $byte_size>`,
// but benchmarks have show that to be at least 15% slower because of the
// unnecessary copying and allocation (one Vec per byte)
let values_per_chunk = tree_hash::BYTES_PER_CHUNK;
let minimum_chunk_count = ($byte_size + values_per_chunk - 1) / values_per_chunk;
tree_hash::merkle_root(&self.serialize(), minimum_chunk_count)
}
};
}
let mut hasher = tree_hash::MerkleHasher::with_leaves(minimum_chunk_count);
hasher
.write(&self.as_ssz_bytes())
.expect("bls should not exceed leaf count");
hasher
.finish()
.expect("bls should not exceed leaf count from buffer")
/// Contains the functions required for a `ssz::Encode` implementation.
///
/// Does not include the `Impl` section since it gets very complicated when it comes to generics.
macro_rules! impl_ssz_encode {
($byte_size: expr) => {
fn is_ssz_fixed_len() -> bool {
true
}
fn ssz_fixed_len() -> usize {
$byte_size
}
fn ssz_bytes_len(&self) -> usize {
$byte_size
}
fn ssz_append(&self, buf: &mut Vec<u8>) {
buf.extend_from_slice(&self.serialize())
}
};
}
/// Contains the functions required for a `ssz::Decode` implementation.
///
/// Does not include the `Impl` section since it gets very complicated when it comes to generics.
macro_rules! impl_ssz_decode {
($byte_size: expr) => {
fn is_ssz_fixed_len() -> bool {
true
}
fn ssz_fixed_len() -> usize {
$byte_size
}
fn from_ssz_bytes(bytes: &[u8]) -> Result<Self, ssz::DecodeError> {
let len = bytes.len();
let expected = <Self as ssz::Decode>::ssz_fixed_len();
if len != expected {
Err(ssz::DecodeError::InvalidByteLength { len, expected })
} else {
Self::deserialize(bytes)
.map_err(|e| ssz::DecodeError::BytesInvalid(format!("{:?}", e)))
}
}
};
}
macro_rules! bytes_struct {
($name: ident, $type: ty, $byte_size: expr, $small_name: expr,
$type_str: expr, $byte_size_str: expr) => {
#[doc = "Stores `"]
#[doc = $byte_size_str]
#[doc = "` bytes which may or may not represent a valid BLS "]
#[doc = $small_name]
#[doc = ".\n\nThe `"]
#[doc = $type_str]
#[doc = "` struct performs validation when it is instantiated, where as this struct does \
not. This struct is suitable where we may wish to store bytes that are \
potentially not a valid "]
#[doc = $small_name]
#[doc = " (e.g., from the deposit contract)."]
#[derive(Clone)]
pub struct $name {
bytes: [u8; $byte_size],
/// Contains the functions required for a `serde::Serialize` implementation.
///
/// Does not include the `Impl` section since it gets very complicated when it comes to generics.
macro_rules! impl_serde_serialize {
() => {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(self.serialize().to_vec()))
}
};
}
/// Contains the functions required for a `serde::Deserialize` implementation.
///
/// Does not include the `Impl` section since it gets very complicated when it comes to generics.
macro_rules! impl_serde_deserialize {
() => {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
Self::deserialize(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid pubkey ({:?})", e)))
}
};
}
/// Contains the functions required for a `Debug` implementation.
///
/// Does not include the `Impl` section since it gets very complicated when it comes to generics.
macro_rules! impl_debug {
() => {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "{}", hex_encode(&self.serialize().to_vec()))
}
};
}
/// Contains the functions required for an `Arbitrary` implementation.
///
/// Does not include the `Impl` section since it gets very complicated when it comes to generics.
#[cfg(feature = "arbitrary")]
macro_rules! impl_arbitrary {
($byte_size: expr) => {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; $byte_size];
u.fill_buffer(&mut bytes)?;
Self::deserialize(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
};
($name: ident, $type: ty, $byte_size: expr, $small_name: expr) => {
bytes_struct!($name, $type, $byte_size, $small_name, stringify!($type),
stringify!($byte_size));
impl $name {
pub fn from_bytes(bytes: &[u8]) -> Result<Self, ssz::DecodeError> {
Ok(Self {
bytes: Self::get_bytes(bytes)?,
})
}
pub fn empty() -> Self {
Self {
bytes: [0; $byte_size],
}
}
pub fn as_bytes(&self) -> Vec<u8> {
self.bytes.to_vec()
}
pub fn as_slice(&self) -> &[u8] {
&self.bytes
}
fn get_bytes(bytes: &[u8]) -> Result<[u8; $byte_size], ssz::DecodeError> {
let mut result = [0; $byte_size];
if bytes.len() != $byte_size {
Err(ssz::DecodeError::InvalidByteLength {
len: bytes.len(),
expected: $byte_size,
})
} else {
result[..].copy_from_slice(bytes);
Ok(result)
}
}
}
impl std::fmt::Debug for $name {
fn fmt(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
self.bytes[..].fmt(formatter)
}
}
impl PartialEq for $name {
fn eq(&self, other: &Self) -> bool {
&self.bytes[..] == &other.bytes[..]
}
}
impl std::hash::Hash for $name {
fn hash<H: std::hash::Hasher>(&self, state: &mut H) {
self.bytes.hash(state)
}
}
impl Eq for $name {}
impl std::convert::TryInto<$type> for &$name {
type Error = ssz::DecodeError;
fn try_into(self) -> Result<$type, Self::Error> {
<$type>::from_bytes(&self.bytes[..])
}
}
impl std::convert::From<$type> for $name {
fn from(obj: $type) -> Self {
// We know that obj.as_bytes() always has exactly $byte_size many bytes.
Self::from_bytes(obj.as_ssz_bytes().as_slice()).unwrap()
}
}
impl ssz::Encode for $name {
fn is_ssz_fixed_len() -> bool {
true
}
fn ssz_fixed_len() -> usize {
$byte_size
}
fn ssz_bytes_len(&self) -> usize {
$byte_size
}
fn ssz_append(&self, buf: &mut Vec<u8>) {
buf.extend_from_slice(&self.bytes)
}
}
impl ssz::Decode for $name {
fn is_ssz_fixed_len() -> bool {
true
}
fn ssz_fixed_len() -> usize {
$byte_size
}
fn from_ssz_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
let len = bytes.len();
let expected = <Self as ssz::Decode>::ssz_fixed_len();
if len != expected {
Err(ssz::DecodeError::InvalidByteLength { len, expected })
} else {
Self::from_bytes(bytes)
}
}
}
impl tree_hash::TreeHash for $name {
fn tree_hash_type() -> tree_hash::TreeHashType {
tree_hash::TreeHashType::Vector
}
fn tree_hash_packed_encoding(&self) -> Vec<u8> {
unreachable!("Vector should never be packed.")
}
fn tree_hash_packing_factor() -> usize {
unreachable!("Vector should never be packed.")
}
fn tree_hash_root(&self) -> tree_hash::Hash256 {
let values_per_chunk = tree_hash::BYTES_PER_CHUNK;
let minimum_chunk_count = ($byte_size + values_per_chunk - 1) / values_per_chunk;
let mut hasher = tree_hash::MerkleHasher::with_leaves(minimum_chunk_count);
hasher.write(&self.bytes).expect("bls should not exceed leaf count");
hasher.finish().expect("bls should not exceed leaf count from buffer")
}
}
impl serde::ser::Serialize for $name {
/// Serde serialization is compliant the Ethereum YAML test format.
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: serde::ser::Serializer,
{
serializer.serialize_str(&serde_hex::encode(ssz::ssz_encode(self)))
}
}
impl<'de> serde::de::Deserialize<'de> for $name {
/// Serde serialization is compliant the Ethereum YAML test format.
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: serde::de::Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(serde_hex::PrefixedHexVisitor)?;
let signature = Self::from_ssz_bytes(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid ssz ({:?})", e)))?;
Ok(signature)
}
}
#[cfg(feature = "arbitrary")]
impl $crate::arbitrary::Arbitrary for $name {
fn arbitrary(u: &mut $crate::arbitrary::Unstructured<'_>) -> $crate::arbitrary::Result<Self> {
let mut bytes = [0u8; $byte_size];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| $crate::arbitrary::Error::IncorrectFormat)
}
}
};
}

169
crypto/bls/src/public_key.rs
View File

@ -1,169 +0,0 @@
use super::{SecretKey, BLS_PUBLIC_KEY_BYTE_SIZE};
use milagro_bls::PublicKey as RawPublicKey;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{Decode, DecodeError, Encode};
use std::default;
use std::fmt;
use std::hash::{Hash, Hasher};
/// A single BLS signature.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Clone, Eq)]
pub struct PublicKey(RawPublicKey);
impl PublicKey {
pub fn from_secret_key(secret_key: &SecretKey) -> Self {
PublicKey(RawPublicKey::from_secret_key(secret_key.as_raw()))
}
pub fn from_raw(raw: RawPublicKey) -> Self {
Self(raw)
}
/// Returns a reference to the underlying signature.
pub fn as_raw(&self) -> &RawPublicKey {
&self.0
}
/// Returns the underlying point as compressed bytes.
pub fn as_bytes(&self) -> [u8; BLS_PUBLIC_KEY_BYTE_SIZE] {
self.as_raw().as_bytes()
}
/// Converts compressed bytes to PublicKey
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
let pubkey = RawPublicKey::from_bytes(&bytes).map_err(|_| {
DecodeError::BytesInvalid(format!("Invalid PublicKey bytes: {:?}", bytes))
})?;
Ok(PublicKey(pubkey))
}
/// Returns the PublicKey as (x, y) bytes
pub fn as_uncompressed_bytes(&self) -> [u8; BLS_PUBLIC_KEY_BYTE_SIZE * 2] {
RawPublicKey::as_uncompressed_bytes(&mut self.0.clone())
}
/// Converts (x, y) bytes to PublicKey
pub fn from_uncompressed_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
let pubkey = RawPublicKey::from_uncompressed_bytes(&bytes).map_err(|_| {
DecodeError::BytesInvalid("Invalid PublicKey uncompressed bytes.".to_string())
})?;
Ok(PublicKey(pubkey))
}
/// Returns the last 6 bytes of the SSZ encoding of the public key, as a hex string.
///
/// Useful for providing a short identifier to the user.
pub fn concatenated_hex_id(&self) -> String {
self.as_hex_string()[0..6].to_string()
}
/// Returns the point as a hex string of the SSZ encoding.
///
/// Note: the string is prefixed with `0x`.
pub fn as_hex_string(&self) -> String {
hex_encode(self.as_ssz_bytes())
}
}
impl fmt::Display for PublicKey {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "{}", self.concatenated_hex_id())
}
}
impl fmt::Debug for PublicKey {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
write!(f, "{}", self.as_hex_string())
}
}
impl default::Default for PublicKey {
fn default() -> Self {
let secret_key = SecretKey::random();
PublicKey::from_secret_key(&secret_key)
}
}
impl_ssz!(PublicKey, BLS_PUBLIC_KEY_BYTE_SIZE, "PublicKey");
impl_tree_hash!(PublicKey, BLS_PUBLIC_KEY_BYTE_SIZE);
impl Serialize for PublicKey {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(self.as_ssz_bytes()))
}
}
impl<'de> Deserialize<'de> for PublicKey {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let pubkey = Self::from_ssz_bytes(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid pubkey ({:?})", e)))?;
Ok(pubkey)
}
}
impl PartialEq for PublicKey {
fn eq(&self, other: &PublicKey) -> bool {
self.as_ssz_bytes() == other.as_ssz_bytes()
}
}
impl Hash for PublicKey {
/// Note: this is distinct from consensus serialization, it will produce a different hash.
///
/// This method uses the uncompressed bytes, which are much faster to obtain than the
/// compressed bytes required for consensus serialization.
///
/// Use `ssz::Encode` to obtain the bytes required for consensus hashing.
fn hash<H: Hasher>(&self, state: &mut H) {
self.as_uncompressed_bytes().hash(state)
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for PublicKey {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_PUBLIC_KEY_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}
#[cfg(test)]
mod tests {
use super::*;
use ssz::ssz_encode;
#[test]
pub fn test_ssz_round_trip() {
let sk = SecretKey::random();
let original = PublicKey::from_secret_key(&sk);
let bytes = ssz_encode(&original);
let decoded = PublicKey::from_ssz_bytes(&bytes).unwrap();
assert_eq!(original, decoded);
}
#[test]
pub fn test_byte_size() {
let sk = SecretKey::random();
let original = PublicKey::from_secret_key(&sk);
let bytes = ssz_encode(&original);
assert_eq!(bytes.len(), BLS_PUBLIC_KEY_BYTE_SIZE);
}
}

43
crypto/bls/src/public_key_bytes.rs
View File

@ -1,43 +0,0 @@
use ssz::{Decode, DecodeError, Encode};
use super::{PublicKey, BLS_PUBLIC_KEY_BYTE_SIZE};
bytes_struct!(
PublicKeyBytes,
PublicKey,
BLS_PUBLIC_KEY_BYTE_SIZE,
"public key"
);
#[cfg(test)]
mod tests {
use std::convert::TryInto;
use ssz::ssz_encode;
use super::super::Keypair;
use super::*;
#[test]
pub fn test_valid_public_key() {
let keypair = Keypair::random();
let bytes = ssz_encode(&keypair.pk);
let public_key_bytes = PublicKeyBytes::from_bytes(&bytes).unwrap();
let public_key: Result<PublicKey, _> = (&public_key_bytes).try_into();
assert!(public_key.is_ok());
assert_eq!(keypair.pk, public_key.unwrap());
}
#[test]
#[cfg(not(feature = "fake_crypto"))]
pub fn test_invalid_public_key() {
let mut public_key_bytes = [0; BLS_PUBLIC_KEY_BYTE_SIZE];
public_key_bytes[0] = 255; //a_flag1 == b_flag1 == c_flag1 == 1 and x1 = 0 shouldn't be allowed
let public_key_bytes = PublicKeyBytes::from_bytes(&public_key_bytes[..]);
assert!(public_key_bytes.is_ok());
let public_key: Result<PublicKey, _> = public_key_bytes.as_ref().unwrap().try_into();
assert!(public_key.is_err());
}
}

68
crypto/bls/src/secret_key.rs
View File

@ -1,68 +0,0 @@
extern crate rand;
use crate::SecretHash;
use milagro_bls::SecretKey as RawSecretKey;
use ssz::DecodeError;
/// A single BLS signature.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Clone)]
pub struct SecretKey(RawSecretKey);
impl SecretKey {
/// Generate a new `Self` using `rand::thread_rng`.
pub fn random() -> Self {
SecretKey(RawSecretKey::random(&mut rand::thread_rng()))
}
pub fn from_raw(raw: RawSecretKey) -> Self {
Self(raw)
}
/// Returns the secret key as a byte array (wrapped in `SecretHash` wrapper so it is zeroized on
/// `Drop`).
///
/// Extreme care should be taken not to leak these bytes as they are the unencrypted secret
/// key.
pub fn as_bytes(&self) -> SecretHash {
self.as_raw().as_bytes().into()
}
/// Instantiate a SecretKey from existing bytes.
///
/// Note: this is _not_ SSZ decoding.
pub fn from_bytes(bytes: &[u8]) -> Result<SecretKey, DecodeError> {
Ok(SecretKey(RawSecretKey::from_bytes(bytes).map_err(|e| {
DecodeError::BytesInvalid(format!(
"Invalid SecretKey bytes: {:?} Error: {:?}",
bytes, e
))
})?))
}
/// Returns the underlying secret key.
pub(crate) fn as_raw(&self) -> &RawSecretKey {
&self.0
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
pub fn test_ssz_round_trip() {
let byte_key = [
3, 211, 210, 129, 231, 69, 162, 234, 16, 15, 244, 214, 126, 201, 0, 85, 28, 239, 82,
121, 208, 190, 223, 6, 169, 202, 86, 236, 197, 218, 3, 69,
];
let original = SecretKey::from_bytes(&byte_key).unwrap();
let bytes = original.as_bytes();
let decoded = SecretKey::from_bytes(bytes.as_ref()).unwrap();
assert!(original.as_bytes().as_ref().to_vec() == decoded.as_bytes().as_ref().to_vec());
}
}

174
crypto/bls/src/signature.rs
View File

@ -1,174 +0,0 @@
use super::{PublicKey, SecretKey, BLS_SIG_BYTE_SIZE};
use milagro_bls::Signature as RawSignature;
use serde::de::{Deserialize, Deserializer};
use serde::ser::{Serialize, Serializer};
use serde_hex::{encode as hex_encode, PrefixedHexVisitor};
use ssz::{ssz_encode, Decode, DecodeError, Encode};
/// A single BLS signature.
///
/// This struct is a wrapper upon a base type and provides helper functions (e.g., SSZ
/// serialization).
#[derive(Debug, PartialEq, Clone, Eq)]
pub struct Signature {
signature: RawSignature,
is_empty: bool,
}
impl Signature {
/// Instantiate a new Signature from a message and a SecretKey.
pub fn new(msg: &[u8], sk: &SecretKey) -> Self {
Signature {
signature: RawSignature::new(msg, sk.as_raw()),
is_empty: false,
}
}
/// Verify the Signature against a PublicKey.
pub fn verify(&self, msg: &[u8], pk: &PublicKey) -> bool {
if self.is_empty {
return false;
}
self.signature.verify(msg, pk.as_raw())
}
/// Returns the underlying signature.
pub fn as_raw(&self) -> &RawSignature {
&self.signature
}
/// Returns a new empty signature.
pub fn empty_signature() -> Self {
// Set RawSignature = infinity
let mut empty = [0u8; BLS_SIG_BYTE_SIZE];
empty[0] += u8::pow(2, 6) + u8::pow(2, 7);
Signature {
signature: RawSignature::from_bytes(&empty).unwrap(),
is_empty: true,
}
}
// Converts a BLS Signature to bytes
pub fn as_bytes(&self) -> [u8; BLS_SIG_BYTE_SIZE] {
if self.is_empty {
return [0u8; BLS_SIG_BYTE_SIZE];
}
self.signature.as_bytes()
}
// Convert bytes to BLS Signature
pub fn from_bytes(bytes: &[u8]) -> Result<Self, DecodeError> {
for byte in bytes {
if *byte != 0 {
let raw_signature = RawSignature::from_bytes(&bytes).map_err(|_| {
DecodeError::BytesInvalid(format!("Invalid Signature bytes: {:?}", bytes))
})?;
return Ok(Signature {
signature: raw_signature,
is_empty: false,
});
}
}
Ok(Signature::empty_signature())
}
// Check for empty Signature
pub fn is_empty(&self) -> bool {
self.is_empty
}
/// Display a signature as a hex string of its bytes.
#[cfg(test)]
pub fn as_hex_string(&self) -> String {
hex_encode(self.as_ssz_bytes())
}
}
impl_ssz!(Signature, BLS_SIG_BYTE_SIZE, "Signature");
impl_tree_hash!(Signature, BLS_SIG_BYTE_SIZE);
impl Serialize for Signature {
/// Serde serialization is compliant the Ethereum YAML test format.
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&hex_encode(ssz_encode(self)))
}
}
impl<'de> Deserialize<'de> for Signature {
/// Serde serialization is compliant the Ethereum YAML test format.
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let bytes = deserializer.deserialize_str(PrefixedHexVisitor)?;
let signature = Self::from_ssz_bytes(&bytes[..])
.map_err(|e| serde::de::Error::custom(format!("invalid ssz ({:?})", e)))?;
Ok(signature)
}
}
#[cfg(feature = "arbitrary")]
impl arbitrary::Arbitrary for Signature {
fn arbitrary(u: &mut arbitrary::Unstructured<'_>) -> arbitrary::Result<Self> {
let mut bytes = [0u8; BLS_SIG_BYTE_SIZE];
u.fill_buffer(&mut bytes)?;
Self::from_bytes(&bytes).map_err(|_| arbitrary::Error::IncorrectFormat)
}
}
#[cfg(test)]
mod tests {
use super::super::Keypair;
use super::*;
use ssz::ssz_encode;
#[test]
pub fn test_ssz_round_trip() {
let keypair = Keypair::random();
let original = Signature::new(&[42, 42], &keypair.sk);
let bytes = ssz_encode(&original);
let decoded = Signature::from_ssz_bytes(&bytes).unwrap();
assert_eq!(original, decoded);
}
#[test]
pub fn test_byte_size() {
let keypair = Keypair::random();
let signature = Signature::new(&[42, 42], &keypair.sk);
let bytes = ssz_encode(&signature);
assert_eq!(bytes.len(), BLS_SIG_BYTE_SIZE);
}
#[test]
pub fn test_infinity_signature() {
let sig = Signature::empty_signature();
let sig_as_bytes = sig.as_raw().as_bytes();
assert_eq!(sig_as_bytes.len(), BLS_SIG_BYTE_SIZE);
for (i, one_byte) in sig_as_bytes.iter().enumerate() {
if i == 0 {
assert_eq!(*one_byte, u8::pow(2, 6) + u8::pow(2, 7));
} else {
assert_eq!(*one_byte, 0);
}
}
}
#[test]
pub fn test_empty_signature() {
let sig = Signature::empty_signature();
let sig_as_bytes = sig.as_bytes().to_vec();
assert_eq!(sig_as_bytes, vec![0u8; BLS_SIG_BYTE_SIZE]);
}
}

39
crypto/bls/src/signature_bytes.rs
View File

@ -1,39 +0,0 @@
use ssz::{Decode, DecodeError, Encode};
use super::{Signature, BLS_SIG_BYTE_SIZE};
bytes_struct!(SignatureBytes, Signature, BLS_SIG_BYTE_SIZE, "signature");
#[cfg(test)]
mod tests {
use std::convert::TryInto;
use ssz::ssz_encode;
use super::super::Keypair;
use super::*;
#[test]
pub fn test_valid_signature() {
let keypair = Keypair::random();
let original = Signature::new(&[42, 42], &keypair.sk);
let bytes = ssz_encode(&original);
let signature_bytes = SignatureBytes::from_bytes(&bytes).unwrap();
let signature: Result<Signature, _> = (&signature_bytes).try_into();
assert!(signature.is_ok());
assert_eq!(original, signature.unwrap());
}
#[test]
#[cfg(not(feature = "fake_crypto"))]
pub fn test_invalid_signature() {
let mut signature_bytes = [0; BLS_SIG_BYTE_SIZE];
signature_bytes[0] = 255; //a_flag1 == b_flag1 == c_flag1 == 1 and x1 = 0 shouldn't be allowed
let signature_bytes = SignatureBytes::from_bytes(&signature_bytes[..]);
assert!(signature_bytes.is_ok());
let signature: Result<Signature, _> = signature_bytes.as_ref().unwrap().try_into();
assert!(signature.is_err());
}
}

75
crypto/bls/src/signature_set.rs
View File

@ -1,75 +0,0 @@
use crate::{AggregateSignature, PublicKey, Signature};
use std::borrow::Cow;
#[cfg(not(feature = "fake_crypto"))]
use milagro_bls::{
AggregatePublicKey as RawAggregatePublicKey, AggregateSignature as RawAggregateSignature,
PublicKey as RawPublicKey,
};
#[cfg(feature = "fake_crypto")]
use crate::fakes::{
AggregatePublicKey as RawAggregatePublicKey, AggregateSignature as RawAggregateSignature,
PublicKey as RawPublicKey,
};
type Message = Vec<u8>;
#[derive(Clone, Debug)]
pub struct SignatureSet {
pub signature: RawAggregateSignature,
signing_keys: RawAggregatePublicKey,
message: Message,
}
impl SignatureSet {
pub fn single(signature: &Signature, signing_key: Cow<PublicKey>, message: Message) -> Self {
Self {
signature: RawAggregateSignature::from_signature(signature.as_raw()),
signing_keys: RawAggregatePublicKey::from_public_key(signing_key.as_raw()),
message,
}
}
pub fn new(
signature: &AggregateSignature,
signing_keys: Vec<Cow<PublicKey>>,
message: Message,
) -> Self
where {
let signing_keys_refs: Vec<&RawPublicKey> =
signing_keys.iter().map(|pk| pk.as_raw()).collect();
Self {
signature: signature.as_raw().clone(),
signing_keys: RawAggregatePublicKey::aggregate(&signing_keys_refs),
message,
}
}
pub fn is_valid(&self) -> bool {
self.signature
.fast_aggregate_verify_pre_aggregated(&self.message, &self.signing_keys)
}
}
#[cfg(not(feature = "fake_crypto"))]
type VerifySet<'a> = (
&'a RawAggregateSignature,
&'a RawAggregatePublicKey,
&'a [u8],
);
#[cfg(not(feature = "fake_crypto"))]
pub fn verify_signature_sets(sets: Vec<SignatureSet>) -> bool {
let rng = &mut rand::thread_rng();
let verify_set: Vec<VerifySet> = sets
.iter()
.map(|ss| (&ss.signature, &ss.signing_keys, ss.message.as_slice()))
.collect();
RawAggregateSignature::verify_multiple_aggregate_signatures(rng, verify_set.into_iter())
}
#[cfg(feature = "fake_crypto")]
pub fn verify_signature_sets<'a>(_: Vec<SignatureSet>) -> bool {
true
}

16
crypto/bls/src/secret_hash.rs → crypto/bls/src/zeroize_hash.rs
View File

@ -1,15 +1,15 @@
use super::BLS_SECRET_KEY_BYTE_SIZE;
use super::SECRET_KEY_BYTES_LEN;
use zeroize::Zeroize;
/// Provides a wrapper around a `[u8; HASH_SIZE]` that implements `Zeroize` on `Drop`.
/// Provides a wrapper around a `[u8; SECRET_KEY_BYTES_LEN]` that implements `Zeroize` on `Drop`.
#[derive(Zeroize)]
#[zeroize(drop)]
pub struct SecretHash([u8; BLS_SECRET_KEY_BYTE_SIZE]);
pub struct ZeroizeHash([u8; SECRET_KEY_BYTES_LEN]);
impl SecretHash {
impl ZeroizeHash {
/// Instantiates `Self` with all zeros.
pub fn zero() -> Self {
Self([0; BLS_SECRET_KEY_BYTE_SIZE])
Self([0; SECRET_KEY_BYTES_LEN])
}
/// Returns a reference to the underlying bytes.
@ -23,13 +23,13 @@ impl SecretHash {
}
}
impl From<[u8; BLS_SECRET_KEY_BYTE_SIZE]> for SecretHash {
fn from(array: [u8; BLS_SECRET_KEY_BYTE_SIZE]) -> Self {
impl From<[u8; SECRET_KEY_BYTES_LEN]> for ZeroizeHash {
fn from(array: [u8; SECRET_KEY_BYTES_LEN]) -> Self {
Self(array)
}
}
impl AsRef<[u8]> for SecretHash {
impl AsRef<[u8]> for ZeroizeHash {
fn as_ref(&self) -> &[u8] {
&self.0
}

Some files were not shown because too many files have changed in this diff Show More