Support multiple BLS implementations (#1335)

## Issue Addressed NA ## Proposed Changes - Refactor the `bls` crate to support multiple BLS "backends" (e.g., milagro, blst, etc). - Removes some duplicate, unused code in `common/rest_types/src/validator.rs`. - Removes the old "upgrade legacy keypairs" functionality (these were unencrypted keys that haven't been supported for a few testnets, no one should be using them anymore). ## Additional Info Most of the files changed are just inconsequential changes to function names. ## TODO - [x] Optimization levels - [x] Infinity point: https://github.com/supranational/blst/issues/11 - [x] Ensure milagro *and* blst are tested via CI - [x] What to do with unsafe code? - [x] Test infinity point in signature sets
2026-04-18 21:38:31 +00:00 · 2020-07-25 02:03:18 +00:00
parent 21bcc8848d
commit b73c497be2
117 changed files with 3009 additions and 2463 deletions
--- a/crypto/bls/src/impls/milagro.rs
+++ b/crypto/bls/src/impls/milagro.rs
@@ -0,0 +1,197 @@
+use crate::{
+    generic_aggregate_public_key::TAggregatePublicKey,
+    generic_aggregate_signature::TAggregateSignature,
+    generic_public_key::{GenericPublicKey, TPublicKey, PUBLIC_KEY_BYTES_LEN},
+    generic_secret_key::{TSecretKey, SECRET_KEY_BYTES_LEN},
+    generic_signature::{TSignature, SIGNATURE_BYTES_LEN},
+    Error, Hash256, ZeroizeHash, INFINITY_PUBLIC_KEY,
+};
+pub use milagro_bls as milagro;
+use rand::thread_rng;
+use std::iter::ExactSizeIterator;
+
+/// Provides the externally-facing, core BLS types.
+pub mod types {
+    pub use super::milagro::AggregatePublicKey;
+    pub use super::milagro::AggregateSignature;
+    pub use super::milagro::PublicKey;
+    pub use super::milagro::SecretKey;
+    pub use super::milagro::Signature;
+    pub use super::verify_signature_sets;
+    pub use super::SignatureSet;
+}
+
+pub type SignatureSet<'a> = crate::generic_signature_set::GenericSignatureSet<
+    'a,
+    milagro::PublicKey,
+    milagro::AggregatePublicKey,
+    milagro::Signature,
+    milagro::AggregateSignature,
+>;
+
+pub fn verify_signature_sets<'a>(
+    signature_sets: impl ExactSizeIterator<Item = &'a SignatureSet<'a>>,
+) -> bool {
+    if signature_sets.len() == 0 {
+        return false;
+    }
+
+    signature_sets
+        .map(|signature_set| {
+            let mut aggregate = milagro::AggregatePublicKey::from_public_key(
+                signature_set.signing_keys.first().ok_or(())?.point(),
+            );
+
+            for signing_key in signature_set.signing_keys.iter().skip(1) {
+                aggregate.add(signing_key.point())
+            }
+
+            if signature_set.signature.point().is_none() {
+                return Err(());
+            }
+
+            Ok((
+                signature_set.signature.as_ref(),
+                aggregate,
+                signature_set.message,
+            ))
+        })
+        .collect::<Result<Vec<_>, ()>>()
+        .map(|aggregates| {
+            milagro::AggregateSignature::verify_multiple_aggregate_signatures(
+                &mut rand::thread_rng(),
+                aggregates.iter().map(|(signature, aggregate, message)| {
+                    (
+                        signature
+                            .point()
+                            .expect("guarded against none by previous check"),
+                        aggregate,
+                        message.as_bytes(),
+                    )
+                }),
+            )
+        })
+        .unwrap_or(false)
+}
+
+impl TPublicKey for milagro::PublicKey {
+    fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
+        let mut bytes = [0; PUBLIC_KEY_BYTES_LEN];
+        bytes[..].copy_from_slice(&self.as_bytes());
+        bytes
+    }
+
+    fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
+        Self::from_bytes(&bytes).map_err(Into::into)
+    }
+}
+
+impl TAggregatePublicKey for milagro::AggregatePublicKey {
+    fn infinity() -> Self {
+        Self::from_bytes(&INFINITY_PUBLIC_KEY).expect("should decode infinity public key")
+    }
+
+    fn serialize(&self) -> [u8; PUBLIC_KEY_BYTES_LEN] {
+        let mut bytes = [0; PUBLIC_KEY_BYTES_LEN];
+        bytes[..].copy_from_slice(&self.as_bytes());
+        bytes
+    }
+
+    fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
+        Self::from_bytes(&bytes).map_err(Into::into)
+    }
+}
+
+impl TSignature<milagro::PublicKey> for milagro::Signature {
+    fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
+        let mut bytes = [0; SIGNATURE_BYTES_LEN];
+
+        bytes[..].copy_from_slice(&self.as_bytes());
+
+        bytes
+    }
+
+    fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
+        milagro::Signature::from_bytes(&bytes).map_err(Error::MilagroError)
+    }
+
+    fn verify(&self, pubkey: &milagro::PublicKey, msg: Hash256) -> bool {
+        self.verify(msg.as_bytes(), pubkey)
+    }
+}
+
+impl TAggregateSignature<milagro::PublicKey, milagro::AggregatePublicKey, milagro::Signature>
+    for milagro::AggregateSignature
+{
+    fn infinity() -> Self {
+        milagro::AggregateSignature::new()
+    }
+
+    fn add_assign(&mut self, other: &milagro::Signature) {
+        self.add(other)
+    }
+
+    fn add_assign_aggregate(&mut self, other: &Self) {
+        self.add_aggregate(other)
+    }
+
+    fn serialize(&self) -> [u8; SIGNATURE_BYTES_LEN] {
+        let mut bytes = [0; SIGNATURE_BYTES_LEN];
+
+        bytes[..].copy_from_slice(&self.as_bytes());
+
+        bytes
+    }
+
+    fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
+        milagro::AggregateSignature::from_bytes(&bytes).map_err(Error::MilagroError)
+    }
+
+    fn fast_aggregate_verify(
+        &self,
+        msg: Hash256,
+        pubkeys: &[&GenericPublicKey<milagro::PublicKey>],
+    ) -> bool {
+        let pubkeys = pubkeys.iter().map(|pk| pk.point()).collect::<Vec<_>>();
+        self.fast_aggregate_verify(msg.as_bytes(), &pubkeys)
+    }
+
+    fn aggregate_verify(
+        &self,
+        msgs: &[Hash256],
+        pubkeys: &[&GenericPublicKey<milagro::PublicKey>],
+    ) -> bool {
+        let pubkeys = pubkeys.iter().map(|pk| pk.point()).collect::<Vec<_>>();
+        let msgs = msgs.iter().map(|hash| hash.as_bytes()).collect::<Vec<_>>();
+        self.aggregate_verify(&msgs, &pubkeys)
+    }
+}
+
+impl TSecretKey<milagro::Signature, milagro::PublicKey> for milagro::SecretKey {
+    fn random() -> Self {
+        Self::random(&mut thread_rng())
+    }
+
+    fn public_key(&self) -> milagro::PublicKey {
+        let point = milagro::PublicKey::from_secret_key(self).point;
+        milagro::PublicKey { point }
+    }
+
+    fn sign(&self, msg: Hash256) -> milagro::Signature {
+        let point = milagro::Signature::new(msg.as_bytes(), self).point;
+        milagro::Signature { point }
+    }
+
+    fn serialize(&self) -> ZeroizeHash {
+        let mut bytes = [0; SECRET_KEY_BYTES_LEN];
+
+        // Takes the right-hand 32 bytes from the secret key.
+        bytes[..].copy_from_slice(&self.as_bytes());
+
+        bytes.into()
+    }
+
+    fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
+        Self::from_bytes(&bytes).map_err(Into::into)
+    }
+}