Support multiple BLS implementations (#1335)

## Issue Addressed NA ## Proposed Changes - Refactor the `bls` crate to support multiple BLS "backends" (e.g., milagro, blst, etc). - Removes some duplicate, unused code in `common/rest_types/src/validator.rs`. - Removes the old "upgrade legacy keypairs" functionality (these were unencrypted keys that haven't been supported for a few testnets, no one should be using them anymore). ## Additional Info Most of the files changed are just inconsequential changes to function names. ## TODO - [x] Optimization levels - [x] Infinity point: https://github.com/supranational/blst/issues/11 - [x] Ensure milagro *and* blst are tested via CI - [x] What to do with unsafe code? - [x] Test infinity point in signature sets
2026-03-03 00:31:50 +00:00 · 2020-07-25 02:03:18 +00:00
parent 21bcc8848d
commit b73c497be2
117 changed files with 3009 additions and 2463 deletions
--- a/testing/ef_tests/Cargo.toml
+++ b/testing/ef_tests/Cargo.toml
@@ -7,10 +7,11 @@ edition = "2018"
 [features]
 # `ef_tests` feature must be enabled to actually run the tests
 ef_tests = []
+milagro = ["bls/milagro"]
 fake_crypto = ["bls/fake_crypto"]

 [dependencies]
-bls = { path = "../../crypto/bls" }
+bls = { path = "../../crypto/bls", default-features = false }
 compare_fields = { path = "../../common/compare_fields" }
 ethereum-types = "0.9.1"
 hex = "0.4.2"
--- a/testing/ef_tests/src/cases/bls_aggregate_sigs.rs
+++ b/testing/ef_tests/src/cases/bls_aggregate_sigs.rs
@@ -14,27 +14,27 @@ impl BlsCase for BlsAggregateSigs {}

 impl Case for BlsAggregateSigs {
    fn result(&self, _case_index: usize) -> Result<(), Error> {
-        let mut aggregate_signature = AggregateSignature::new();
+        let mut aggregate_signature = AggregateSignature::infinity();

        for key_str in &self.input {
            let sig = hex::decode(&key_str[2..])
                .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;
-            let sig = Signature::from_bytes(&sig)
+            let sig = Signature::deserialize(&sig)
                .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;

-            aggregate_signature.add(&sig);
+            aggregate_signature.add_assign(&sig);
        }

        // Check for YAML null value, indicating invalid input. This is a bit of a hack,
        // as our mutating `aggregate_signature.add` API doesn't play nicely with aggregating 0
        // inputs.
        let output_bytes = if self.output == "~" {
-            AggregateSignature::new().as_bytes().to_vec()
+            AggregateSignature::infinity().serialize().to_vec()
        } else {
            hex::decode(&self.output[2..])
                .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?
        };
-        let aggregate_signature = Ok(aggregate_signature.as_bytes().to_vec());
+        let aggregate_signature = Ok(aggregate_signature.serialize().to_vec());

        compare_result::<Vec<u8>, Vec<u8>>(&aggregate_signature, &Some(output_bytes))
    }
--- a/testing/ef_tests/src/cases/bls_aggregate_verify.rs
+++ b/testing/ef_tests/src/cases/bls_aggregate_verify.rs
@@ -3,6 +3,7 @@ use crate::case_result::compare_result;
 use crate::cases::common::BlsCase;
 use bls::{AggregateSignature, PublicKey};
 use serde_derive::Deserialize;
+use types::Hash256;

 #[derive(Debug, Clone, Deserialize)]
 pub struct BlsAggregateVerifyInput {
@@ -26,23 +27,22 @@ impl Case for BlsAggregateVerify {
            .messages
            .iter()
            .map(|message| {
-                hex::decode(&message[2..]).map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))
+                let bytes = hex::decode(&message[2..])
+                    .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;
+                Ok(Hash256::from_slice(&bytes))
            })
-            .collect::<Result<Vec<Vec<_>>, _>>()?;
-
-        let message_refs = messages
-            .iter()
-            .map(|x| x.as_slice())
-            .collect::<Vec<&[u8]>>();
+            .collect::<Result<Vec<_>, _>>()?;

        let pubkey_refs = self.input.pubkeys.iter().collect::<Vec<_>>();

-        let signature_ok = hex::decode(&self.input.signature[2..])
+        let signature_bytes = hex::decode(&self.input.signature[2..])
+            .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;
+
+        let signature_valid = AggregateSignature::deserialize(&signature_bytes)
            .ok()
-            .and_then(|bytes: Vec<u8>| AggregateSignature::from_bytes(&bytes).ok())
-            .map(|signature| signature.verify_multiple(&message_refs, &pubkey_refs))
+            .map(|signature| signature.aggregate_verify(&messages, &pubkey_refs))
            .unwrap_or(false);

-        compare_result::<bool, ()>(&Ok(signature_ok), &Some(self.output))
+        compare_result::<bool, ()>(&Ok(signature_valid), &Some(self.output))
    }
 }
--- a/testing/ef_tests/src/cases/bls_fast_aggregate_verify.rs
+++ b/testing/ef_tests/src/cases/bls_fast_aggregate_verify.rs
@@ -1,9 +1,10 @@
 use super::*;
 use crate::case_result::compare_result;
 use crate::cases::common::BlsCase;
-use bls::{AggregatePublicKey, AggregateSignature, PublicKey, PublicKeyBytes};
+use bls::{AggregateSignature, PublicKey, PublicKeyBytes};
 use serde_derive::Deserialize;
 use std::convert::TryInto;
+use types::Hash256;

 #[derive(Debug, Clone, Deserialize)]
 pub struct BlsFastAggregateVerifyInput {
@@ -22,27 +23,25 @@ impl BlsCase for BlsFastAggregateVerify {}

 impl Case for BlsFastAggregateVerify {
    fn result(&self, _case_index: usize) -> Result<(), Error> {
-        let message = hex::decode(&self.input.message[2..])
-            .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;
+        let message = Hash256::from_slice(
+            &hex::decode(&self.input.message[2..])
+                .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?,
+        );

-        let signature_ok = self
+        let pubkeys = self
            .input
            .pubkeys
            .iter()
-            .try_fold(
-                AggregatePublicKey::new(),
-                |mut agg, pkb| -> Option<AggregatePublicKey> {
-                    let pk: Result<PublicKey, ssz::DecodeError> = pkb.try_into();
-                    agg.add(&pk.ok()?);
-                    Some(agg)
-                },
-            )
-            .and_then(|aggregate_pubkey| {
-                hex::decode(&self.input.signature[2..])
-                    .ok()
-                    .and_then(|bytes: Vec<u8>| AggregateSignature::from_bytes(&bytes).ok())
-                    .map(|signature| signature.verify(&message, &aggregate_pubkey))
-            })
+            .map(|pkb| pkb.try_into())
+            .collect::<Result<Vec<PublicKey>, bls::Error>>()
+            .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;
+
+        let pubkey_refs = pubkeys.iter().collect::<Vec<_>>();
+
+        let signature_ok = hex::decode(&self.input.signature[2..])
+            .ok()
+            .and_then(|bytes: Vec<u8>| AggregateSignature::deserialize(&bytes).ok())
+            .map(|signature| signature.fast_aggregate_verify(message, &pubkey_refs))
            .unwrap_or(false);

        compare_result::<bool, ()>(&Ok(signature_ok), &Some(self.output))
--- a/testing/ef_tests/src/cases/bls_sign_msg.rs
+++ b/testing/ef_tests/src/cases/bls_sign_msg.rs
@@ -1,8 +1,9 @@
 use super::*;
 use crate::case_result::compare_result;
 use crate::cases::common::BlsCase;
-use bls::{SecretKey, Signature};
+use bls::SecretKey;
 use serde_derive::Deserialize;
+use types::Hash256;

 #[derive(Debug, Clone, Deserialize)]
 pub struct BlsSignInput {
@@ -23,16 +24,19 @@ impl Case for BlsSign {
        // Convert private_key and message to required types
        let sk = hex::decode(&self.input.privkey[2..])
            .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;
-        let sk = SecretKey::from_bytes(&sk).unwrap();
+
+        assert_eq!(sk.len(), 32);
+
+        let sk = SecretKey::deserialize(&sk).unwrap();
        let msg = hex::decode(&self.input.message[2..])
            .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;

-        let signature = Signature::new(&msg, &sk);
+        let signature = sk.sign(Hash256::from_slice(&msg));

        // Convert the output to one set of bytes
        let decoded = hex::decode(&self.output[2..])
            .map_err(|e| Error::FailedToParseTest(format!("{:?}", e)))?;

-        compare_result::<Vec<u8>, Vec<u8>>(&Ok(signature.as_bytes().to_vec()), &Some(decoded))
+        compare_result::<Vec<u8>, Vec<u8>>(&Ok(signature.serialize().to_vec()), &Some(decoded))
    }
 }
--- a/testing/ef_tests/src/cases/bls_verify_msg.rs
+++ b/testing/ef_tests/src/cases/bls_verify_msg.rs
@@ -4,6 +4,7 @@ use crate::cases::common::BlsCase;
 use bls::{PublicKey, Signature, SignatureBytes};
 use serde_derive::Deserialize;
 use std::convert::TryInto;
+use types::Hash256;

 #[derive(Debug, Clone, Deserialize)]
 pub struct BlsVerifyInput {
@@ -27,7 +28,9 @@ impl Case for BlsVerify {

        let signature_ok = (&self.input.signature)
            .try_into()
-            .map(|signature: Signature| signature.verify(&message, &self.input.pubkey))
+            .map(|signature: Signature| {
+                signature.verify(&self.input.pubkey, Hash256::from_slice(&message))
+            })
            .unwrap_or(false);

        compare_result::<bool, ()>(&Ok(signature_ok), &Some(self.output))