diff --git a/docs/protocols/alpha.rst b/docs/protocols/alpha.rst index 81cb07ba22084f5753c3c4520a1a797e06de4de9..44310210785b520121eab4c8c8ec9075a6896ccb 100644 --- a/docs/protocols/alpha.rst +++ b/docs/protocols/alpha.rst @@ -39,6 +39,9 @@ It requires protocol environment V7, compared to V6 for Kathmandu. - Adapt to Resto 0.10. (MR :gl:`!6085`) +- Introduce a ``Bls`` module to gather both high and low level functions + for BLS cryptography. (MR :gl:`!6295`) + Consensus key ------------- diff --git a/src/lib_crypto/bls.ml b/src/lib_crypto/bls.ml index c3414094b8a4f574bef0473f57ed315877ad8799..76bc0193f6bfa28bd5be766ca926288792dcf659 100644 --- a/src/lib_crypto/bls.ml +++ b/src/lib_crypto/bls.ml @@ -376,3 +376,9 @@ let aggregate_check pk_msg_list signature = Bls12_381.Signature.MinPk.Aug.aggregate_verify pk_msg_list signature let aggregate_signature_opt = Bls12_381.Signature.MinPk.aggregate_signature_opt + +module Primitive = struct + include Bls12_381 + + let pairing_check = Bls12_381.Pairing.pairing_check +end diff --git a/src/lib_crypto/bls.mli b/src/lib_crypto/bls.mli index 42bce61a3fa999cec9497388d0fb17e04305083e..1d77eef665027eb1cf46f9f8f90d7c2d9912a611 100644 --- a/src/lib_crypto/bls.mli +++ b/src/lib_crypto/bls.mli @@ -1,7 +1,7 @@ (*****************************************************************************) (* *) (* Open Source License *) -(* Copyright (c) 2021 Nomadic Labs *) +(* Copyright (c) 2022 Nomadic Labs *) (* *) (* Permission is hereby granted, free of charge, to any person obtaining a *) (* copy of this software and associated documentation files (the "Software"),*) @@ -33,3 +33,14 @@ include and type watermark = Bytes.t include S.RAW_DATA with type t := t + +(** Module to access/expose the primitives of BLS12-381 *) +module Primitive : sig + module Fr : S.PRIME_FIELD with type t = Bls12_381.Fr.t + + module G1 : S.CURVE with type Scalar.t = Fr.t + + module G2 : S.CURVE with type Scalar.t = Fr.t + + val pairing_check : (G1.t * G2.t) list -> bool +end diff --git a/src/lib_crypto/s.ml b/src/lib_crypto/s.ml index d7256993846ebabb9e5f968e8af75d3d275ada5b..37b85128ee9369d1cda8243a5f8a11dad3682a07 100644 --- a/src/lib_crypto/s.ml +++ b/src/lib_crypto/s.ml @@ -521,6 +521,9 @@ end module type PRIME_FIELD = sig include FIELD + (** Actual number of bytes allocated for a value of type t *) + val size_in_memory : int + (** [of_z x] builds an element t from the Zarith element [x]. [mod order] is applied if [x >= order] or [x < 0]. *) val of_z : Z.t -> t @@ -537,6 +540,9 @@ module type CURVE = sig (** The type of the element in the elliptic curve *) type t + (** Actual number of bytes allocated for a value of type t *) + val size_in_memory : int + (** The size of a point representation, in bytes *) val size_in_bytes : int diff --git a/src/lib_crypto/test/test_prop_signature.ml b/src/lib_crypto/test/test_prop_signature.ml index 9531322c8a92286efa1e79d1afcb122b3b2e57f6..dde66c8d81d164a0f941e1594c8ec8d51bb53165 100644 --- a/src/lib_crypto/test/test_prop_signature.ml +++ b/src/lib_crypto/test/test_prop_signature.ml @@ -28,7 +28,7 @@ Component: Crypto Invocation: dune build @src/lib_crypto/runtest Subject: Property-tests over the interface S.SIGNATURE and its - instantiations Ed25519 and Secp256k1. + instantiations. *) open Lib_test.Qcheck2_helpers @@ -49,8 +49,8 @@ module Signature_Properties (Desc : sig end) (X : SIGNATURE) = struct - (** Tests that a signature of [s] by a generated key and [X.sign] is - accepted by [X.check] with the same key. *) + (** Tests that a signature of [s], with optional [watermark], by a generated + key and [X.sign] is accepted by [X.check] with the same key. *) let test_prop_sign_check (s, watermark) = let _, pk, sk = X.generate_key () in let data = Bytes.of_string s in @@ -84,7 +84,8 @@ module Aggregate_Signature_Properties (Desc : sig end) (X : AGGREGATE_SIGNATURE) = struct - (** Tests that signatures of [s] obtained using [X.sign] are accepted by + (** Tests that signatures of [msg1], [msg2], [msg3], (with optional + corresponding watermarks) obtained using [X.sign] are accepted by [X.check] when using the corresponding key. It then tests that the aggregation of all these signatures obtained using [X.aggregate_signature_opt] is accepted by [X.aggregate_check]. *) diff --git a/src/lib_protocol_environment/environment_V6.ml b/src/lib_protocol_environment/environment_V6.ml index bdf17c67b6a47d9cf174c8d60fa9def8da83bd2c..15c8957bdc1814cf91ca0e1efa4a780ade7397db 100644 --- a/src/lib_protocol_environment/environment_V6.ml +++ b/src/lib_protocol_environment/environment_V6.ml @@ -94,10 +94,11 @@ module type T = sig and type Bls_signature.signature = Bls12_381.Signature.MinPk.signature and type ('a, 'b) Either.t = ('a, 'b) Stdlib.Either.t and type Bls12_381.Fr.t = Bls12_381.Fr.t - and type Plonk.transcript = Plonk.Main_protocol.transcript - and type Plonk.proof = Plonk.Main_protocol.proof + and type Plonk.transcript = + Tezos_protocol_environment_structs.V6.Plonk.transcript + and type Plonk.proof = Tezos_protocol_environment_structs.V6.Plonk.proof and type Plonk.verifier_public_parameters = - Plonk.Main_protocol.verifier_public_parameters + Tezos_protocol_environment_structs.V6.Plonk.verifier_public_parameters type error += Ecoproto_error of Error_monad.error diff --git a/src/lib_protocol_environment/environment_V6.mli b/src/lib_protocol_environment/environment_V6.mli index 8a5936075483b01bba05be78f2d6140373d8aa69..4127a8ae429327fc450f772375346e83ce2537e9 100644 --- a/src/lib_protocol_environment/environment_V6.mli +++ b/src/lib_protocol_environment/environment_V6.mli @@ -95,10 +95,11 @@ module type T = sig and type Bls_signature.signature = Bls12_381.Signature.MinPk.signature and type ('a, 'b) Either.t = ('a, 'b) Stdlib.Either.t and type Bls12_381.Fr.t = Bls12_381.Fr.t - and type Plonk.transcript = Plonk.Main_protocol.transcript - and type Plonk.proof = Plonk.Main_protocol.proof + and type Plonk.transcript = + Tezos_protocol_environment_structs.V6.Plonk.transcript + and type Plonk.proof = Tezos_protocol_environment_structs.V6.Plonk.proof and type Plonk.verifier_public_parameters = - Plonk.Main_protocol.verifier_public_parameters + Tezos_protocol_environment_structs.V6.Plonk.verifier_public_parameters (** An [Ecoproto_error e] is a shell error that carry a protocol error. diff --git a/src/lib_protocol_environment/environment_V7.ml b/src/lib_protocol_environment/environment_V7.ml index 7b203d9811dc4e21f6e3d44667b226d090f988fe..4fe2ccb8ed58a93ccf51dd8bda5b8ac4b1091c7d 100644 --- a/src/lib_protocol_environment/environment_V7.ml +++ b/src/lib_protocol_environment/environment_V7.ml @@ -71,6 +71,9 @@ module type T = sig and type P256.Public_key_hash.t = P256.Public_key_hash.t and type P256.Public_key.t = P256.Public_key.t and type P256.t = P256.t + and type Bls.Public_key_hash.t = Bls.Public_key_hash.t + and type Bls.Public_key.t = Bls.Public_key.t + and type Bls.t = Bls.t and type Signature.public_key_hash = Signature.public_key_hash and type Signature.public_key = Signature.public_key and type Signature.t = Signature.t @@ -91,14 +94,12 @@ module type T = sig and type Timelock.chest_key = Timelock.chest_key and type Timelock.opening_result = Timelock.opening_result and module Sapling = Tezos_sapling.Core.Validator - and type Bls_signature.pk = Bls12_381.Signature.MinPk.pk - and type Bls_signature.signature = Bls12_381.Signature.MinPk.signature and type ('a, 'b) Either.t = ('a, 'b) Stdlib.Either.t - and type Bls12_381.Fr.t = Bls12_381.Fr.t - and type Plonk.proof = Plonk.Main_protocol.proof + and type Bls.Primitive.Fr.t = Bls12_381.Fr.t + and type Plonk.proof = Tezos_protocol_environment_structs.V7.Plonk.proof and type Plonk.public_parameters = - Plonk.Main_protocol.verifier_public_parameters - * Plonk.Main_protocol.transcript + Tezos_protocol_environment_structs.V7.Plonk.verifier_public_parameters + * Tezos_protocol_environment_structs.V7.Plonk.transcript and type Dal.parameters = Tezos_crypto_dal.Cryptobox.Verifier.parameters and type Dal.commitment = Tezos_crypto_dal.Cryptobox.commitment @@ -259,24 +260,10 @@ struct end module Time = Time.Protocol - - module Bls12_381 = struct - include Bls12_381 - - let pairing_check = Bls12_381.Pairing.pairing_check - end - - module Bls_signature = struct - include Bls12_381.Signature.MinPk - - let verify = Aug.verify - - let aggregate_verify = Aug.aggregate_verify - end - module Ed25519 = Ed25519 module Secp256k1 = Secp256k1 module P256 = P256 + module Bls = Bls module Signature = Signature module Timelock = Timelock module Vdf = Class_group_vdf.Vdf_self_contained @@ -442,6 +429,15 @@ struct val check : ?watermark:watermark -> Public_key.t -> t -> Bytes.t -> bool end + module type AGGREGATE_SIGNATURE = sig + include SIGNATURE + + val aggregate_check : + (Public_key.t * watermark option * bytes) list -> t -> bool + + val aggregate_signature_opt : t list -> t option + end + module type FIELD = sig type t diff --git a/src/lib_protocol_environment/environment_V7.mli b/src/lib_protocol_environment/environment_V7.mli index cb2e600b44d186d81e971668a6d0dd8ac29ec287..10e1eb5f86ec3f252795e7d96b91c2d68a6294a3 100644 --- a/src/lib_protocol_environment/environment_V7.mli +++ b/src/lib_protocol_environment/environment_V7.mli @@ -71,6 +71,9 @@ module type T = sig and type P256.Public_key_hash.t = P256.Public_key_hash.t and type P256.Public_key.t = P256.Public_key.t and type P256.t = P256.t + and type Bls.Public_key_hash.t = Bls.Public_key_hash.t + and type Bls.Public_key.t = Bls.Public_key.t + and type Bls.t = Bls.t and type Signature.public_key_hash = Signature.public_key_hash and type Signature.public_key = Signature.public_key and type Signature.t = Signature.t @@ -91,14 +94,12 @@ module type T = sig and type Timelock.chest_key = Timelock.chest_key and type Timelock.opening_result = Timelock.opening_result and module Sapling = Tezos_sapling.Core.Validator - and type Bls_signature.pk = Bls12_381.Signature.MinPk.pk - and type Bls_signature.signature = Bls12_381.Signature.MinPk.signature and type ('a, 'b) Either.t = ('a, 'b) Stdlib.Either.t - and type Bls12_381.Fr.t = Bls12_381.Fr.t - and type Plonk.proof = Plonk.Main_protocol.proof + and type Bls.Primitive.Fr.t = Bls12_381.Fr.t + and type Plonk.proof = Tezos_protocol_environment_structs.V7.Plonk.proof and type Plonk.public_parameters = - Plonk.Main_protocol.verifier_public_parameters - * Plonk.Main_protocol.transcript + Tezos_protocol_environment_structs.V7.Plonk.verifier_public_parameters + * Tezos_protocol_environment_structs.V7.Plonk.transcript and type Dal.parameters = Tezos_crypto_dal.Cryptobox.Verifier.parameters and type Dal.commitment = Tezos_crypto_dal.Cryptobox.commitment diff --git a/src/lib_protocol_environment/sigs/v7.in.ml b/src/lib_protocol_environment/sigs/v7.in.ml index 1e080e8f75973b711985be5e1b3b37cfeedac2e5..571d23da0ccbc670b830cc7bbb83d03aedc77394 100644 --- a/src/lib_protocol_environment/sigs/v7.in.ml +++ b/src/lib_protocol_environment/sigs/v7.in.ml @@ -83,9 +83,7 @@ module type T = sig module Blake2B : [%sig "v7/blake2B.mli"] - module Bls12_381 : [%sig "v7/bls12_381.mli"] - - module Bls_signature : [%sig "v7/bls_signature.mli"] + module Bls : [%sig "v7/bls.mli"] module Ed25519 : [%sig "v7/ed25519.mli"] diff --git a/src/lib_protocol_environment/sigs/v7.ml b/src/lib_protocol_environment/sigs/v7.ml index 62a0b16a48753d2d7b9dd17bbbe27ae64db1526b..e130af9c23c0f1f4999d9f81207ad3f71916f4d1 100644 --- a/src/lib_protocol_environment/sigs/v7.ml +++ b/src/lib_protocol_environment/sigs/v7.ml @@ -9139,6 +9139,14 @@ module type SIGNATURE = sig val check : ?watermark:watermark -> Public_key.t -> t -> bytes -> bool end +module type AGGREGATE_SIGNATURE = sig + include SIGNATURE + + val aggregate_check : (Public_key.t * watermark option * bytes) list -> t -> bool + + val aggregate_signature_opt : t list -> t option +end + module type FIELD = sig type t @@ -9320,12 +9328,13 @@ end # 84 "v7.in.ml" - module Bls12_381 : sig -# 1 "v7/bls12_381.mli" + module Bls : sig +# 1 "v7/bls.mli" (*****************************************************************************) (* *) (* Open Source License *) -(* Copyright (c) 2020 Metastate AG *) +(* Copyright (c) 2018 Dynamic Ledger Solutions, Inc. *) +(* Copyright (c) 2022 Nomadic Labs. *) (* *) (* Permission is hereby granted, free of charge, to any person obtaining a *) (* copy of this software and associated documentation files (the "Software"),*) @@ -9347,111 +9356,22 @@ end (* *) (*****************************************************************************) -module Fr : S.PRIME_FIELD +(** Tezos - BLS12-381 cryptography *) -module G1 : S.CURVE with type Scalar.t = Fr.t +include S.AGGREGATE_SIGNATURE with type watermark := bytes -module G2 : S.CURVE with type Scalar.t = Fr.t +(** Module to access/expose the primitives of BLS12-381 *) +module Primitive : sig + module Fr : S.PRIME_FIELD -val pairing_check : (G1.t * G2.t) list -> bool -end -# 86 "v7.in.ml" + module G1 : S.CURVE with type Scalar.t = Fr.t + module G2 : S.CURVE with type Scalar.t = Fr.t - module Bls_signature : sig -# 1 "v7/bls_signature.mli" -(* MIT License -* -* Copyright (c) 2020 Danny Willems -* Copyright (c) 2020 Nomadic Labs -* -* Permission is hereby granted, free of charge, to any person obtaining a copy -* of this software and associated documentation files (the "Software"), to deal -* in the Software without restriction, including without limitation the rights -* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -* copies of the Software, and to permit persons to whom the Software is -* furnished to do so, subject to the following conditions: -* -* The above copyright notice and this permission notice shall be included in all -* copies or substantial portions of the Software. -* -* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -* SOFTWARE. *) - -(** Type of the public keys *) -type pk - -(** The size in bytes of a serialized value [pk] *) -val pk_size_in_bytes : int - -(** Build a value of type [pk] without performing any check on the input. - It is safe to use this function when verifying a signature as the - signature function verifies if the point is in the prime subgroup. Using - [unsafe_pk_of_bytes] removes a verification performed twice when used - [pk_of_bytes_exn] or [pk_of_bytes_opt]. - - The expected bytes format are the compressed form of a point on G1. *) - -val unsafe_pk_of_bytes : Bytes.t -> pk - -(** Build a value of type [pk] safely, i.e. the function checks the bytes - given in parameters represents a point on the curve and in the prime subgroup. - Return [None] if the bytes are not in the correct format or does - not represent a point in the prime subgroup. - - The expected bytes format are the compressed form of a point on G1. -*) -val pk_of_bytes_opt : Bytes.t -> pk option - -(** Returns a bytes representation of a value of type [pk]. The output is the - compressed form a the point G1.t the [pk] represents. -*) -val pk_to_bytes : pk -> Bytes.t - -(** Type of the signatures *) -type signature - -(** The size in bytes of a serialized value [signature] *) -val signature_size_in_bytes : int - -(** Build a value of type {!signature} without performing any check on the - input. It is safe to use this function when verifying a signature as the - signature function verifies if the point is in the prime subgroup. Using - {!unsafe_signature_of_bytes} removes a verification performed twice when - using {!signature_of_bytes_exn} or {!signature_of_bytes_opt}. - - The expected bytes format are the compressed form of a point on G2. *) -val unsafe_signature_of_bytes : Bytes.t -> signature - -(** Build a value of type {!signature} safely, i.e. the function checks the - bytes given as argument represents a point on the curve and in the - prime subgroup. Return [None] if the bytes are not in the correct format - or do not represent a point in the prime subgroup. - - The expected bytes format are the compressed form of a point on G2. *) -val signature_of_bytes_opt : Bytes.t -> signature option - -(** Returns a bytes representation of a value of type [signature]. The - output is the compressed form of the {!G2.t} point the [signature] - represents. *) -val signature_to_bytes : signature -> Bytes.t - -(** [aggregate_signature_opt signatures] aggregates the signatures [signatures], following - https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-bls-signature-04#section-2.8. - Return [None] if [INVALID] is expected in the specification -*) -val aggregate_signature_opt : signature list -> signature option - -val verify : pk -> Bytes.t -> signature -> bool - -val aggregate_verify : (pk * Bytes.t) list -> signature -> bool + val pairing_check : (G1.t * G2.t) list -> bool end -# 88 "v7.in.ml" +end +# 86 "v7.in.ml" module Ed25519 : sig @@ -9485,7 +9405,7 @@ end include S.SIGNATURE with type watermark := bytes end -# 90 "v7.in.ml" +# 88 "v7.in.ml" module Secp256k1 : sig @@ -9519,7 +9439,7 @@ end include S.SIGNATURE with type watermark := bytes end -# 92 "v7.in.ml" +# 90 "v7.in.ml" module P256 : sig @@ -9553,7 +9473,7 @@ end include S.SIGNATURE with type watermark := bytes end -# 94 "v7.in.ml" +# 92 "v7.in.ml" module Chain_id : sig @@ -9585,7 +9505,7 @@ end include S.HASH end -# 96 "v7.in.ml" +# 94 "v7.in.ml" module Signature : sig @@ -9637,7 +9557,7 @@ include and type Public_key.t = public_key and type watermark := watermark end -# 98 "v7.in.ml" +# 96 "v7.in.ml" module Block_hash : sig @@ -9670,7 +9590,7 @@ end (** Blocks hashes / IDs. *) include S.HASH end -# 100 "v7.in.ml" +# 98 "v7.in.ml" module Operation_hash : sig @@ -9703,7 +9623,7 @@ end (** Operations hashes / IDs. *) include S.HASH end -# 102 "v7.in.ml" +# 100 "v7.in.ml" module Operation_list_hash : sig @@ -9736,7 +9656,7 @@ end (** Blocks hashes / IDs. *) include S.MERKLE_TREE with type elt = Operation_hash.t end -# 104 "v7.in.ml" +# 102 "v7.in.ml" module Operation_list_list_hash : sig @@ -9769,7 +9689,7 @@ end (** Blocks hashes / IDs. *) include S.MERKLE_TREE with type elt = Operation_list_hash.t end -# 106 "v7.in.ml" +# 104 "v7.in.ml" module Protocol_hash : sig @@ -9802,7 +9722,7 @@ end (** Protocol hashes / IDs. *) include S.HASH end -# 108 "v7.in.ml" +# 106 "v7.in.ml" module Context_hash : sig @@ -9855,7 +9775,7 @@ end type version = Version.t end -# 110 "v7.in.ml" +# 108 "v7.in.ml" module Sapling : sig @@ -10003,7 +9923,7 @@ module Verification : sig val final_check : t -> UTXO.transaction -> string -> bool end end -# 112 "v7.in.ml" +# 110 "v7.in.ml" module Timelock : sig @@ -10062,7 +9982,7 @@ val open_chest : chest -> chest_key -> time:int -> opening_result Used for gas accounting*) val get_plaintext_size : chest -> int end -# 114 "v7.in.ml" +# 112 "v7.in.ml" module Vdf : sig @@ -10150,7 +10070,7 @@ val prove : discriminant -> challenge -> difficulty -> result * proof @raise Invalid_argument when inputs are invalid *) val verify : discriminant -> challenge -> difficulty -> result -> proof -> bool end -# 116 "v7.in.ml" +# 114 "v7.in.ml" module Micheline : sig @@ -10210,7 +10130,7 @@ val annotations : ('l, 'p) node -> string list val strip_locations : (_, 'p) node -> 'p canonical end -# 118 "v7.in.ml" +# 116 "v7.in.ml" module Block_header : sig @@ -10267,7 +10187,7 @@ type t = {shell : shell_header; protocol_data : bytes} include S.HASHABLE with type t := t and type hash := Block_hash.t end -# 120 "v7.in.ml" +# 118 "v7.in.ml" module Bounded : sig @@ -10416,7 +10336,7 @@ module Int8 (B : BOUNDS with type ocaml_type := int) : module Uint8 (B : BOUNDS with type ocaml_type := int) : S with type ocaml_type := int end -# 122 "v7.in.ml" +# 120 "v7.in.ml" module Fitness : sig @@ -10450,7 +10370,7 @@ end compared in a lexicographical order (longer list are greater). *) include S.T with type t = bytes list end -# 124 "v7.in.ml" +# 122 "v7.in.ml" module Operation : sig @@ -10494,7 +10414,7 @@ type t = {shell : shell_header; proto : bytes} include S.HASHABLE with type t := t and type hash := Operation_hash.t end -# 126 "v7.in.ml" +# 124 "v7.in.ml" module Context : sig @@ -11131,7 +11051,7 @@ module Cache : and type key = cache_key and type value = cache_value end -# 128 "v7.in.ml" +# 126 "v7.in.ml" module Updater : sig @@ -11443,7 +11363,7 @@ end not complete until [init] in invoked. *) val activate : Context.t -> Protocol_hash.t -> Context.t Lwt.t end -# 130 "v7.in.ml" +# 128 "v7.in.ml" module RPC_context : sig @@ -11598,7 +11518,7 @@ val make_opt_call3 : 'i -> 'o option shell_tzresult Lwt.t end -# 132 "v7.in.ml" +# 130 "v7.in.ml" module Wasm_2_0_0 : sig @@ -11651,7 +11571,7 @@ module Make val get_info : Tree.tree -> info Lwt.t end end -# 134 "v7.in.ml" +# 132 "v7.in.ml" module Plonk : sig @@ -11681,7 +11601,7 @@ end (* *) (*****************************************************************************) -type scalar := Bls12_381.Fr.t +type scalar := Bls.Primitive.Fr.t type public_parameters @@ -11719,7 +11639,7 @@ val verify_multi_circuits : proof -> bool end -# 136 "v7.in.ml" +# 134 "v7.in.ml" module Dal : sig @@ -11827,6 +11747,6 @@ val verify_page : [> `Degree_exceeds_srs_length of string | `Segment_index_out_of_range] ) Result.t end -# 138 "v7.in.ml" +# 136 "v7.in.ml" end diff --git a/src/lib_protocol_environment/sigs/v7/.ocamlformat-ignore b/src/lib_protocol_environment/sigs/v7/.ocamlformat-ignore index a74c80b875acfb807154360443349a4010645fe5..371bebd6a2a3c4d26a19ea0f69e6df1d901e7d81 100644 --- a/src/lib_protocol_environment/sigs/v7/.ocamlformat-ignore +++ b/src/lib_protocol_environment/sigs/v7/.ocamlformat-ignore @@ -1,4 +1,4 @@ -bls_signature.mli +bls.mli bytes.mli char.mli either.mli diff --git a/src/lib_protocol_environment/sigs/v7/bls12_381.mli b/src/lib_protocol_environment/sigs/v7/bls.mli similarity index 78% rename from src/lib_protocol_environment/sigs/v7/bls12_381.mli rename to src/lib_protocol_environment/sigs/v7/bls.mli index cfa9d40e45d8374bf32d46aefc5a37cca0566c69..a016a71904ee9f356f455fef5397ab5b6954cc27 100644 --- a/src/lib_protocol_environment/sigs/v7/bls12_381.mli +++ b/src/lib_protocol_environment/sigs/v7/bls.mli @@ -1,7 +1,8 @@ (*****************************************************************************) (* *) (* Open Source License *) -(* Copyright (c) 2020 Metastate AG *) +(* Copyright (c) 2018 Dynamic Ledger Solutions, Inc. *) +(* Copyright (c) 2022 Nomadic Labs. *) (* *) (* Permission is hereby granted, free of charge, to any person obtaining a *) (* copy of this software and associated documentation files (the "Software"),*) @@ -23,10 +24,17 @@ (* *) (*****************************************************************************) -module Fr : S.PRIME_FIELD +(** Tezos - BLS12-381 cryptography *) -module G1 : S.CURVE with type Scalar.t = Fr.t +include S.AGGREGATE_SIGNATURE with type watermark := bytes -module G2 : S.CURVE with type Scalar.t = Fr.t +(** Module to access/expose the primitives of BLS12-381 *) +module Primitive : sig + module Fr : S.PRIME_FIELD -val pairing_check : (G1.t * G2.t) list -> bool + module G1 : S.CURVE with type Scalar.t = Fr.t + + module G2 : S.CURVE with type Scalar.t = Fr.t + + val pairing_check : (G1.t * G2.t) list -> bool +end diff --git a/src/lib_protocol_environment/sigs/v7/bls_signature.mli b/src/lib_protocol_environment/sigs/v7/bls_signature.mli deleted file mode 100644 index ab77dc1e0794fc4a20d6da7444db5a444a38ae24..0000000000000000000000000000000000000000 --- a/src/lib_protocol_environment/sigs/v7/bls_signature.mli +++ /dev/null @@ -1,90 +0,0 @@ -(* MIT License -* -* Copyright (c) 2020 Danny Willems -* Copyright (c) 2020 Nomadic Labs -* -* Permission is hereby granted, free of charge, to any person obtaining a copy -* of this software and associated documentation files (the "Software"), to deal -* in the Software without restriction, including without limitation the rights -* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -* copies of the Software, and to permit persons to whom the Software is -* furnished to do so, subject to the following conditions: -* -* The above copyright notice and this permission notice shall be included in all -* copies or substantial portions of the Software. -* -* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -* SOFTWARE. *) - -(** Type of the public keys *) -type pk - -(** The size in bytes of a serialized value [pk] *) -val pk_size_in_bytes : int - -(** Build a value of type [pk] without performing any check on the input. - It is safe to use this function when verifying a signature as the - signature function verifies if the point is in the prime subgroup. Using - [unsafe_pk_of_bytes] removes a verification performed twice when used - [pk_of_bytes_exn] or [pk_of_bytes_opt]. - - The expected bytes format are the compressed form of a point on G1. *) - -val unsafe_pk_of_bytes : Bytes.t -> pk - -(** Build a value of type [pk] safely, i.e. the function checks the bytes - given in parameters represents a point on the curve and in the prime subgroup. - Return [None] if the bytes are not in the correct format or does - not represent a point in the prime subgroup. - - The expected bytes format are the compressed form of a point on G1. -*) -val pk_of_bytes_opt : Bytes.t -> pk option - -(** Returns a bytes representation of a value of type [pk]. The output is the - compressed form a the point G1.t the [pk] represents. -*) -val pk_to_bytes : pk -> Bytes.t - -(** Type of the signatures *) -type signature - -(** The size in bytes of a serialized value [signature] *) -val signature_size_in_bytes : int - -(** Build a value of type {!signature} without performing any check on the - input. It is safe to use this function when verifying a signature as the - signature function verifies if the point is in the prime subgroup. Using - {!unsafe_signature_of_bytes} removes a verification performed twice when - using {!signature_of_bytes_exn} or {!signature_of_bytes_opt}. - - The expected bytes format are the compressed form of a point on G2. *) -val unsafe_signature_of_bytes : Bytes.t -> signature - -(** Build a value of type {!signature} safely, i.e. the function checks the - bytes given as argument represents a point on the curve and in the - prime subgroup. Return [None] if the bytes are not in the correct format - or do not represent a point in the prime subgroup. - - The expected bytes format are the compressed form of a point on G2. *) -val signature_of_bytes_opt : Bytes.t -> signature option - -(** Returns a bytes representation of a value of type [signature]. The - output is the compressed form of the {!G2.t} point the [signature] - represents. *) -val signature_to_bytes : signature -> Bytes.t - -(** [aggregate_signature_opt signatures] aggregates the signatures [signatures], following - https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-bls-signature-04#section-2.8. - Return [None] if [INVALID] is expected in the specification -*) -val aggregate_signature_opt : signature list -> signature option - -val verify : pk -> Bytes.t -> signature -> bool - -val aggregate_verify : (pk * Bytes.t) list -> signature -> bool diff --git a/src/lib_protocol_environment/sigs/v7/plonk.mli b/src/lib_protocol_environment/sigs/v7/plonk.mli index 0469e96027e6874b88024c026495b5eac9ba7ab2..233154989781ab655445a745e8cee745ff929dfb 100644 --- a/src/lib_protocol_environment/sigs/v7/plonk.mli +++ b/src/lib_protocol_environment/sigs/v7/plonk.mli @@ -23,7 +23,7 @@ (* *) (*****************************************************************************) -type scalar := Bls12_381.Fr.t +type scalar := Bls.Primitive.Fr.t type public_parameters diff --git a/src/lib_protocol_environment/sigs/v7/s.mli b/src/lib_protocol_environment/sigs/v7/s.mli index 9ebc0bc05202634bea446ac632474a99da2f0388..d00c6d4bdcfd9927cde172359f119b5db888875b 100644 --- a/src/lib_protocol_environment/sigs/v7/s.mli +++ b/src/lib_protocol_environment/sigs/v7/s.mli @@ -234,6 +234,14 @@ module type SIGNATURE = sig val check : ?watermark:watermark -> Public_key.t -> t -> bytes -> bool end +module type AGGREGATE_SIGNATURE = sig + include SIGNATURE + + val aggregate_check : (Public_key.t * watermark option * bytes) list -> t -> bool + + val aggregate_signature_opt : t list -> t option +end + module type FIELD = sig type t diff --git a/src/proto_alpha/bin_tx_rollup_client/commands.ml b/src/proto_alpha/bin_tx_rollup_client/commands.ml index ae52a798e9ba585e5a463801444b9d0afb79d9a8..2729cd6379eb7d08cc3e532c935c275071d87963 100644 --- a/src/proto_alpha/bin_tx_rollup_client/commands.ml +++ b/src/proto_alpha/bin_tx_rollup_client/commands.ml @@ -361,7 +361,7 @@ let conv_counter = parameter (fun _ counter -> return (Int64.of_string counter)) let signer_to_address : Tx_rollup_l2_batch.signer -> Tx_rollup_l2_address.t = function - | Bls_pk pk -> Tx_rollup_l2_address.of_bls_pk pk + | Bls_pk pk -> Bls.Public_key.hash pk | L2_addr addr -> addr let wait_for_synchronized ?(quiet = false) @@ -672,7 +672,7 @@ let prepare_operation_parameters cctxt signer counter = | Some pk -> ok pk | None -> error_with "missing signer public key in the wallet" in - let signer_addr = Tx_rollup_l2_address.of_bls_pk signer_pk in + let signer_addr = Bls.Public_key.hash signer_pk in let* () = wait_for_synchronized cctxt in let* counter = match counter with diff --git a/src/proto_alpha/lib_benchmark/michelson_samplers.ml b/src/proto_alpha/lib_benchmark/michelson_samplers.ml index f57dc510d4ee81a97ed4fbe2a72f568c03cf6786..cfbf55b03d527c914e78dc3370c0687a61949c16 100644 --- a/src/proto_alpha/lib_benchmark/michelson_samplers.ml +++ b/src/proto_alpha/lib_benchmark/michelson_samplers.ml @@ -608,9 +608,8 @@ end) let seed = Bytes.init 32 (fun _ -> char_of_int @@ Random.State.int rng_state 255) in - let _pkh, public_key, _secret_key = Bls.generate_key ~seed () in - Tx_rollup_l2_address.Indexable.value - (Tx_rollup_l2_address.of_bls_pk public_key) + let pkh, _pk, _sk = Bls.generate_key ~seed () in + Tx_rollup_l2_address.Indexable.value pkh let chain_id rng_state = let string = Base_samplers.uniform_string ~nbytes:4 rng_state in diff --git a/src/proto_alpha/lib_benchmarks_proto/tx_rollup_benchmarks.ml b/src/proto_alpha/lib_benchmarks_proto/tx_rollup_benchmarks.ml index b32c2bc9d0e1eb4827aaa586168271831a781eac..57ca5f14c4c411b03da434fa9ba539f5e54aae18 100644 --- a/src/proto_alpha/lib_benchmarks_proto/tx_rollup_benchmarks.ml +++ b/src/proto_alpha/lib_benchmarks_proto/tx_rollup_benchmarks.ml @@ -250,9 +250,7 @@ let unique_ticket_id = let gen_l2_account rng_state = let seed = Base_samplers.uniform_bytes ~nbytes:32 rng_state in - let secret_key = Bls12_381.Signature.generate_sk seed in - let public_key = Bls12_381.Signature.MinPk.derive_pk secret_key in - (secret_key, public_key) + Bls.generate_key ~seed () let hash_key_exn ctxt ~ticketer ~typ ~contents ~owner = let ticketer = Micheline.root @@ Expr.from_string ticketer in @@ -312,10 +310,8 @@ let input ~rng_state nb_of_couple_addr nb_of_ticket_per_couple = | 0 -> acc | n -> (* Generate random identities *) - let sk1, pk1 = gen_l2_account rng_state in - let sk2, pk2 = gen_l2_account rng_state in - let addr1 = Tx_rollup_l2_address.of_bls_pk pk1 in - let addr2 = Tx_rollup_l2_address.of_bls_pk pk2 in + let addr1, pk1, sk1 = gen_l2_account rng_state in + let addr2, pk2, sk2 = gen_l2_account rng_state in (* Pick indexes *) let aidx = Int32.of_int !idx_addr in let () = incr idx_addr in @@ -439,8 +435,8 @@ let create_operation ~rng_state input senders = index_or_value couple.addr2.index couple.addr2.addr else (* create new address *) - gen_l2_account rng_state |> snd |> Tx_rollup_l2_address.of_bls_pk - |> Indexable.from_value + let addr, _pk, _sk = gen_l2_account rng_state in + Indexable.from_value addr in let qty = let x = diff --git a/src/proto_alpha/lib_protocol/alpha_context.mli b/src/proto_alpha/lib_protocol/alpha_context.mli index 1a9113407e6d87011f1365188575aa87b9bc0a35..8311ffd31ec2c8f2e69836e578018ff0646a9997 100644 --- a/src/proto_alpha/lib_protocol/alpha_context.mli +++ b/src/proto_alpha/lib_protocol/alpha_context.mli @@ -2329,7 +2329,7 @@ module Zk_rollup : sig type t = Address.t - type scalar := Bls12_381.Fr.t + type scalar := Bls.Primitive.Fr.t val to_scalar : t -> scalar diff --git a/src/proto_alpha/lib_protocol/script_typed_ir.ml b/src/proto_alpha/lib_protocol/script_typed_ir.ml index 84ea1d401e25b20dd3fe2098ac39db5b138ddf18..8b69ca75bf42b52a1d19844d001089cfdde404cc 100644 --- a/src/proto_alpha/lib_protocol/script_typed_ir.ml +++ b/src/proto_alpha/lib_protocol/script_typed_ir.ml @@ -134,9 +134,9 @@ module Script_bls = struct end module Fr = struct - type t = Fr_tag of Bls12_381.Fr.t [@@ocaml.unboxed] + type t = Fr_tag of Bls.Primitive.Fr.t [@@ocaml.unboxed] - open Bls12_381.Fr + open Bls.Primitive.Fr let add (Fr_tag x) (Fr_tag y) = Fr_tag (add x y) @@ -154,9 +154,9 @@ module Script_bls = struct end module G1 = struct - type t = G1_tag of Bls12_381.G1.t [@@ocaml.unboxed] + type t = G1_tag of Bls.Primitive.G1.t [@@ocaml.unboxed] - open Bls12_381.G1 + open Bls.Primitive.G1 let add (G1_tag x) (G1_tag y) = G1_tag (add x y) @@ -170,9 +170,9 @@ module Script_bls = struct end module G2 = struct - type t = G2_tag of Bls12_381.G2.t [@@ocaml.unboxed] + type t = G2_tag of Bls.Primitive.G2.t [@@ocaml.unboxed] - open Bls12_381.G2 + open Bls.Primitive.G2 let add (G2_tag x) (G2_tag y) = G2_tag (add x y) @@ -187,7 +187,7 @@ module Script_bls = struct let pairing_check l = let l = List.map (fun (G1.G1_tag x, G2.G2_tag y) -> (x, y)) l in - Bls12_381.pairing_check l + Bls.Primitive.pairing_check l end module Script_timelock = struct diff --git a/src/proto_alpha/lib_protocol/script_typed_ir.mli b/src/proto_alpha/lib_protocol/script_typed_ir.mli index 8f37c9788e50710ecfa8d763e8f625f5a1db99b3..7aa4e2b66084c3652276f6467122a320123a886b 100644 --- a/src/proto_alpha/lib_protocol/script_typed_ir.mli +++ b/src/proto_alpha/lib_protocol/script_typed_ir.mli @@ -117,7 +117,7 @@ module Script_bls : sig module Fr : sig (** [t] is made algebraic in order to distinguish it from the other type parameters of [Script_typed_ir.ty]. *) - type t = Fr_tag of Bls12_381.Fr.t [@@ocaml.unboxed] + type t = Fr_tag of Bls.Primitive.Fr.t [@@ocaml.unboxed] include S with type t := t and type fr := t @@ -129,7 +129,7 @@ module Script_bls : sig module G1 : sig (** [t] is made algebraic in order to distinguish it from the other type parameters of [Script_typed_ir.ty]. *) - type t = G1_tag of Bls12_381.G1.t [@@ocaml.unboxed] + type t = G1_tag of Bls.Primitive.G1.t [@@ocaml.unboxed] include S with type t := t and type fr := Fr.t end @@ -137,7 +137,7 @@ module Script_bls : sig module G2 : sig (** [t] is made algebraic in order to distinguish it from the other type parameters of [Script_typed_ir.ty]. *) - type t = G2_tag of Bls12_381.G2.t [@@ocaml.unboxed] + type t = G2_tag of Bls.Primitive.G2.t [@@ocaml.unboxed] include S with type t := t and type fr := Fr.t end diff --git a/src/proto_alpha/lib_protocol/script_typed_ir_size.ml b/src/proto_alpha/lib_protocol/script_typed_ir_size.ml index 9f83611ff53bbbbbb36e005dac37445502af389b..7f9d0b7ad0d3146ab1e2b0986f9f1546afa564c2 100644 --- a/src/proto_alpha/lib_protocol/script_typed_ir_size.ml +++ b/src/proto_alpha/lib_protocol/script_typed_ir_size.ml @@ -304,9 +304,9 @@ let rec value_size : | Operation_t -> assert false | Chain_id_t -> ret_succ_adding accu chain_id_size | Never_t -> ( match x with _ -> .) - | Bls12_381_g1_t -> ret_succ_adding accu !!Bls12_381.G1.size_in_memory - | Bls12_381_g2_t -> ret_succ_adding accu !!Bls12_381.G2.size_in_memory - | Bls12_381_fr_t -> ret_succ_adding accu !!Bls12_381.Fr.size_in_memory + | Bls12_381_g1_t -> ret_succ_adding accu !!Bls.Primitive.G1.size_in_memory + | Bls12_381_g2_t -> ret_succ_adding accu !!Bls.Primitive.G2.size_in_memory + | Bls12_381_fr_t -> ret_succ_adding accu !!Bls.Primitive.Fr.size_in_memory | Ticket_t (_, _) -> ret_succ_adding accu (ticket_size x) | Chest_key_t -> ret_succ_adding accu (chest_key_size x) | Chest_t -> ret_succ_adding accu (chest_size x) diff --git a/src/proto_alpha/lib_protocol/test/helpers/tx_rollup_l2_helpers.ml b/src/proto_alpha/lib_protocol/test/helpers/tx_rollup_l2_helpers.ml index 33c9c482b6bb64ee3cdbdb661943837929be4b44..af75636ef346625eb720f227ba7c5f49fe7b960e 100644 --- a/src/proto_alpha/lib_protocol/test/helpers/tx_rollup_l2_helpers.ml +++ b/src/proto_alpha/lib_protocol/test/helpers/tx_rollup_l2_helpers.ml @@ -99,8 +99,8 @@ let rng_state = Random.State.make_self_init () let gen_l1_address ?seed () = Signature.generate_key ~algo:Ed25519 ?seed () let gen_l2_address () = - let _pkh, public_key, secret_key = Bls.generate_key () in - (secret_key, public_key, Tx_rollup_l2_address.of_bls_pk public_key) + let pkh, public_key, secret_key = Bls.generate_key () in + (secret_key, public_key, pkh) (** [make_unit_ticket_key ctxt ticketer l2_address] computes the key hash of the unit ticket crafted by [ticketer] and owned by [l2_address]. *) diff --git a/src/proto_alpha/lib_protocol/test/integration/operations/test_tx_rollup.ml b/src/proto_alpha/lib_protocol/test/integration/operations/test_tx_rollup.ml index e572e29800953a07c5b338ee3f908b306cbfde85..9222f47581481a586fe3073b0d1c5c384505a7d9 100644 --- a/src/proto_alpha/lib_protocol/test/integration/operations/test_tx_rollup.ml +++ b/src/proto_alpha/lib_protocol/test/integration/operations/test_tx_rollup.ml @@ -319,15 +319,14 @@ let inbox_testable = Alcotest.testable Tx_rollup_inbox.pp Tx_rollup_inbox.( = ) let rng_state = Random.State.make_self_init () let gen_l2_account ?rng_state () = - (* TODO: when add bls into env6 we could use directly the pkh *) let seed = Option.map (fun rng_state -> Bytes.init 32 (fun _ -> char_of_int @@ Random.State.int rng_state 255)) rng_state in - let _pkh, public_key, secret_key = Bls.generate_key ?seed () in - (secret_key, public_key, Tx_rollup_l2_address.of_bls_pk public_key) + let pkh, public_key, secret_key = Bls.generate_key ?seed () in + (secret_key, public_key, pkh) (** [make_ticket_key ty contents ticketer tx_rollup] computes the ticket hash of the ticket containing [contents] of type [ty], crafted by [ticketer] and @@ -2498,10 +2497,7 @@ module Rejection = struct let signatures = Tx_rollup_l2_helpers.sign_transaction signers transaction in - let signature = - assert_some - @@ Environment.Bls_signature.aggregate_signature_opt signatures - in + let signature = assert_some @@ Bls.aggregate_signature_opt signatures in let batch = Tx_rollup_l2_batch.V1. {contents = [transaction]; aggregated_signature = signature} diff --git a/src/proto_alpha/lib_protocol/test/pbt/test_tx_rollup_l2_encoding.ml b/src/proto_alpha/lib_protocol/test/pbt/test_tx_rollup_l2_encoding.ml index 19adadbc3a57f29a8660be9d66f35abacf0a1189..5618862c4c3aaafdbb3928cbb2c886da5f25babc 100644 --- a/src/proto_alpha/lib_protocol/test/pbt/test_tx_rollup_l2_encoding.ml +++ b/src/proto_alpha/lib_protocol/test/pbt/test_tx_rollup_l2_encoding.ml @@ -40,17 +40,15 @@ open Protocol.Tx_rollup_l2_apply let seed_gen = bytes_fixed_gen 32 -let bls_pk = +let l2_address, bls_pk = (* Generating byte sequences in Qcheck2 is slow. We hard code one 32byte IKMs: *) let ikm = `Hex "8fee216367c463821f82c942a1cee3a01469b1da782736ca269a2accea6e0cc4" |> Hex.to_bytes_exn in - let _pkh, public_key, _secret_key = Bls.generate_key ~seed:ikm () in - public_key - -let l2_address = Protocol.Tx_rollup_l2_address.of_bls_pk bls_pk + let pkh, public_key, _secret_key = Bls.generate_key ~seed:ikm () in + (pkh, public_key) let signer_gen : Signer_indexable.either QCheck2.Gen.t = let open QCheck2.Gen in @@ -146,7 +144,7 @@ let v1_batch = tests here as the bytes length stays the same. *) let bytes = Bls12_381.G2.(to_compressed_bytes (random ())) in let aggregated_signature = - Environment.Bls_signature.unsafe_signature_of_bytes bytes + Bls12_381.Signature.MinPk.unsafe_signature_of_bytes bytes in V1.{aggregated_signature; contents} diff --git a/src/proto_alpha/lib_protocol/test/unit/test_tx_rollup_l2_apply.ml b/src/proto_alpha/lib_protocol/test/unit/test_tx_rollup_l2_apply.ml index 94cccfe10ab929e7b1e2e476991fc5a5ecb29754..ab4b08d5ac9b09ebf7403ff623a07f1ee37228c4 100644 --- a/src/proto_alpha/lib_protocol/test/unit/test_tx_rollup_l2_apply.ml +++ b/src/proto_alpha/lib_protocol/test/unit/test_tx_rollup_l2_apply.ml @@ -132,9 +132,8 @@ let pp_metadata fmt Tx_rollup_l2_context_sig.{counter; public_key} = let eq_metadata = Alcotest.of_pp pp_metadata -let check_metadata ctxt name_account description counter pk = +let check_metadata ctxt name_account description counter addr pk = let open Syntax in - let addr = Tx_rollup_l2_address.of_bls_pk pk in (* We ignore the created [ctxt] because it should be a get only. *) let* _ctxt, _, aidx = Address_index.get_or_associate_index ctxt addr in let* metadata = Address_metadata.get ctxt aidx in @@ -1272,7 +1271,7 @@ let test_update_counter () = let open Context_l2.Syntax in let* ctxt, _, accounts = with_initial_setup [ticket1] [[]] in - let sk1, pk1, _addr1, _idx1, _ = nth_exn accounts 0 in + let sk1, pk1, addr1, _idx1, _ = nth_exn accounts 0 in let transactions = transfers @@ -1308,6 +1307,7 @@ let test_update_counter () = "addr1" "the counter should have been incremented" 5L + addr1 pk1 in return_unit @@ -1337,6 +1337,7 @@ let test_pre_apply_batch () = "pk1" "check_signature must have created a metadata" 0L + addr1 pk1 in let* () = @@ -1345,6 +1346,7 @@ let test_pre_apply_batch () = "pk1" "check_signature must have created a metadata" 0L + addr2 pk2 in diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_address.ml b/src/proto_alpha/lib_protocol/tx_rollup_l2_address.ml index c0c0a5710ce0587d7273a66b20ad7e435a3ee5cd..8959062241ae488504825b04bbe58c81b6787739 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_address.ml +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_address.ml @@ -25,40 +25,16 @@ (* *) (*****************************************************************************) -include - Blake2B.Make - (Base58) - (struct - let name = "Tx_rollup_l2_address" - - let title = - "The hash of a BLS public key used to identify a L2 ticket holders" - - let b58check_prefix = Tx_rollup_prefixes.l2_address.b58check_prefix - - let size = Some Tx_rollup_prefixes.l2_address.hash_size - end) - -include Compare.Make (struct - type nonrec t = t - - let compare = compare -end) +include Bls.Public_key_hash type address = t -let () = Tx_rollup_prefixes.(check_encoding l2_address b58check_encoding) - -let of_bls_pk : Bls_signature.pk -> t = - fun pk -> hash_bytes [Bls_signature.pk_to_bytes pk] - let in_memory_size : t -> Cache_memory_helpers.sint = fun _ -> let open Cache_memory_helpers in - header_size +! word_size - +! string_size_gen Tx_rollup_prefixes.l2_address.hash_size + header_size +! word_size +! string_size_gen Bls.Public_key_hash.size -let size _ = Tx_rollup_prefixes.l2_address.hash_size +let size _ = Bls.Public_key_hash.size module Indexable = struct include Indexable.Make (struct diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_address.mli b/src/proto_alpha/lib_protocol/tx_rollup_l2_address.mli index e1d25830968cf401793125c36c2613082409e48b..534551d427df64b47aab06a57279a87dcedb2ee4 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_address.mli +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_address.mli @@ -30,30 +30,10 @@ (** The hash of a BLS public key is used as the primary identifier of ticket holders within a transaction rollup. *) -type t +include module type of Bls.Public_key_hash with type t = Bls.Public_key_hash.t type address = t -val encoding : t Data_encoding.t - -val pp : Format.formatter -> t -> unit - -val to_b58check : t -> string - -val of_b58check_opt : string -> t option - -val of_b58check_exn : string -> t - -val of_bytes_exn : bytes -> t - -val of_bytes_opt : bytes -> t option - -include Compare.S with type t := t - -(** [of_bls_pk pk] computes the address of the L2 tickets holder - authentified by [pk]. *) -val of_bls_pk : Bls_signature.pk -> t - (** [in_memory_size a] returns the number of bytes allocated in RAM for [a]. *) val in_memory_size : t -> Cache_memory_helpers.sint diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.ml b/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.ml index cf2c1dd815a70e52af25a0632bd7ebf03fbe3ae5..f7b1a7d4edcfbaa47bdbbc7f6d1e9eabe0269481 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.ml +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.ml @@ -37,7 +37,7 @@ type error += } | Incorrect_aggregated_signature | Unallocated_metadata of int32 - | Multiple_operations_for_signer of Bls_signature.pk + | Multiple_operations_for_signer of Bls.Public_key.t | Invalid_transaction_encoding | Invalid_batch_encoding | Unexpectedly_indexed_ticket @@ -95,7 +95,7 @@ let () = ~description: "The signer signed multiple operations in the same transaction. He must \ gather all the contents in a single operation" - (obj1 (req "pk" Tx_rollup_l2_context.pk_encoding)) + (obj1 (req "pk" Bls.Public_key.encoding)) (function Multiple_operations_for_signer idx -> Some idx | _ -> None) (function idx -> Multiple_operations_for_signer idx) ; (* Invalid transaction encoding *) @@ -425,7 +425,7 @@ module Make (Context : CONTEXT) = struct (ctxt * indexes * (Indexable.index_only, 'content) operation - * Bls_signature.pk) + * Bls.Public_key.t) m = fun ctxt indexes op -> let* ctxt, indexes, pk, idx = @@ -438,7 +438,7 @@ module Make (Context : CONTEXT) = struct return (ctxt, indexes, pk, address_index) | Right (Bls_pk signer_pk) -> ( (* Initialize the ctxt with public_key if it's necessary. *) - let addr = Tx_rollup_l2_address.of_bls_pk signer_pk in + let addr = Bls.Public_key.hash signer_pk in let* ctxt, created, idx = Address_index.get_or_associate_index ctxt addr in @@ -521,13 +521,7 @@ module Make (Context : CONTEXT) = struct let* ctxt, indexes, op, pk = operation_with_signer_index ctxt indexes op in - let compare x y = - Bytes.compare - (Bls_signature.pk_to_bytes x) - (Bls_signature.pk_to_bytes y) - in - let equal x y = Compare.Int.( = ) (compare x y) 0 in - if List.mem ~equal pk signers then + if List.mem ~equal:Bls.Public_key.equal pk signers then fail (Multiple_operations_for_signer pk) else return @@ -621,7 +615,7 @@ module Make (Context : CONTEXT) = struct Compare.Int64.(counter = Int64.succ metadata.counter) (Counter_mismatch { - account = Tx_rollup_l2_address.of_bls_pk metadata.public_key; + account = Bls.Public_key.hash metadata.public_key; expected = Int64.succ metadata.counter; provided = counter; }) diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.mli b/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.mli index 44619b09fe58b5fdd318c0d8d34d280a2ea1a215..1f71544e556f62284145bf9141025fcd76f15c62 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.mli +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_apply.mli @@ -56,7 +56,7 @@ type error += } | Incorrect_aggregated_signature | Unallocated_metadata of int32 - | Multiple_operations_for_signer of Bls_signature.pk + | Multiple_operations_for_signer of Bls.Public_key.t | Invalid_transaction_encoding | Invalid_batch_encoding | Unexpectedly_indexed_ticket diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.ml b/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.ml index 37379c6fd0e979191ac2a36a8badee501ec5e740..e37f41c55a34e7695a0479bc40bd8ae759c49d4f 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.ml +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.ml @@ -29,17 +29,7 @@ open Tx_rollup_l2_context_sig let tag_size = `Uint8 -let bls_pk_encoding = - let open Data_encoding in - conv_with_guard - Bls_signature.pk_to_bytes - (fun x -> - match Bls_signature.pk_of_bytes_opt x with - | Some x -> ok x - | None -> Error "not a BLS public key") - (Fixed.bytes Bls_signature.pk_size_in_bytes) - -type signer = Bls_pk of Bls_signature.pk | L2_addr of Tx_rollup_l2_address.t +type signer = Bls_pk of Bls.Public_key.t | L2_addr of Tx_rollup_l2_address.t module Signer_indexable = Indexable.Make (struct type t = signer @@ -50,10 +40,7 @@ module Signer_indexable = Indexable.Make (struct let compare x y = match (x, y) with - | Bls_pk pk1, Bls_pk pk2 -> - Bytes.compare - (Bls_signature.pk_to_bytes pk1) - (Bls_signature.pk_to_bytes pk2) + | Bls_pk pk1, Bls_pk pk2 -> Bls.Public_key.compare pk1 pk2 | L2_addr addr1, L2_addr addr2 -> Tx_rollup_l2_address.compare addr1 addr2 | L2_addr _, Bls_pk _ -> -1 | Bls_pk _, L2_addr _ -> 1 @@ -65,7 +52,7 @@ module Signer_indexable = Indexable.Make (struct case ~title:"bls_pk" (Tag 0) - bls_pk_encoding + Bls.Public_key.encoding (function Bls_pk pk -> Some pk | _ -> None) (fun pk -> Bls_pk pk); case @@ -98,7 +85,7 @@ module V1 = struct type ('signer, 'content) transaction = ('signer, 'content) operation list - type signature = Bls_signature.signature + type signature = Bls.t type ('signer, 'content) t = { contents : ('signer, 'content) transaction list; @@ -188,8 +175,7 @@ module V1 = struct (fun (aggregated_signature, contents) -> {aggregated_signature; contents}) @@ obj2 - (req "aggregated_signature" - @@ payload Tx_rollup_l2_context_sig.signature_encoding) + (req "aggregated_signature" @@ payload Bls.encoding) (req "contents" @@ list ~bits transaction_encoding)) end diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.mli b/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.mli index e59261c998aaddf8cb2a553120d074cde94c9fd9..de97740fb5c9d2323e2383846224277a61206e63 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.mli +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_batch.mli @@ -72,7 +72,7 @@ open Tx_rollup_l2_context_sig BLS public key or a layer-2 address index, whose metadata in turn contains a corresponding BLS public. key *) type signer = - | Bls_pk of Bls_signature.pk (** A signer identified by a BLS public key. *) + | Bls_pk of Bls.Public_key.t (** A signer identified by a BLS public key. *) | L2_addr of Tx_rollup_l2_address.t (** A signer identified by a layer-2 address. Each such adress is in turn identified with a BLS public key. *) @@ -126,7 +126,7 @@ module V1 : sig type ('signer, 'content) transaction = ('signer, 'content) operation list - type signature = Bls_signature.signature + type signature = Bls.t type ('signer, 'content) t = { contents : ('signer, 'content) transaction list; @@ -172,7 +172,7 @@ module V1 : sig {ul {li [00] means an index fitting on 1 byte.} {li [01] means an index fitting on 2 bytes.} {li [10] means an index fitting on 4 bytes.} - {li [11] means a value of type {!Bls_signature.pk}.}} + {li [11] means a value of type {!Bls.Public_key.t}.}} The [counter] field follows a similar logic, diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_context.ml b/src/proto_alpha/lib_protocol/tx_rollup_l2_context.ml index 453e1588df7779b402cced68c63c932b86a34278..5173ce5c768b8e375aac688a5241aca6fe0a1b9f 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_context.ml +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_context.ml @@ -28,22 +28,12 @@ open Tx_rollup_l2_storage_sig open Tx_rollup_l2_context_sig -let pk_encoding : Bls_signature.pk Data_encoding.t = - Data_encoding.( - conv_with_guard - Bls_signature.pk_to_bytes - (fun x -> - Option.to_result - ~none:"not a valid bls public key" - (Bls_signature.pk_of_bytes_opt x)) - bytes) - let metadata_encoding = Data_encoding.( conv (fun {counter; public_key} -> (counter, public_key)) (fun (counter, public_key) -> {counter; public_key}) - (obj2 (req "counter" int64) (req "public_key" pk_encoding))) + (obj2 (req "counter" int64) (req "public_key" Bls.Public_key.encoding))) (** {1 Type-Safe Storage Access and Gas Accounting} *) @@ -190,10 +180,11 @@ struct if cond then fail error else return () end - let bls_verify : (Bls_signature.pk * bytes) list -> signature -> bool m = + let bls_verify : (Bls.Public_key.t * bytes) list -> signature -> bool m = fun accounts aggregated_signature -> let open Syntax in - return (Bls_signature.aggregate_verify accounts aggregated_signature) + let msgs = List.map (fun (pk, msg) -> (pk, None, msg)) accounts in + return (Bls.aggregate_check msgs aggregated_signature) let unwrap_or : type a. a option -> error -> a S.m = fun opt err -> diff --git a/src/proto_alpha/lib_protocol/tx_rollup_l2_context_sig.ml b/src/proto_alpha/lib_protocol/tx_rollup_l2_context_sig.ml index ba8d16138f3258f89e0d3c7f12bf1e3011db69f5..26de4e453ae093a31299d98d217e383dd6d015e6 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_l2_context_sig.ml +++ b/src/proto_alpha/lib_protocol/tx_rollup_l2_context_sig.ml @@ -24,17 +24,7 @@ (* *) (*****************************************************************************) -type signature = Bls_signature.signature - -let signature_encoding = - let open Data_encoding in - conv_with_guard - (fun signature -> Bls_signature.signature_to_bytes signature) - (fun bytes -> - match Bls_signature.signature_of_bytes_opt bytes with - | Some x -> Ok x - | None -> Error "Not a valid bls_signature") - (Fixed.bytes Bls_signature.signature_size_in_bytes) +type signature = Bls.t module Ticket_indexable = Indexable.Make (Alpha_context.Ticket_hash) @@ -61,7 +51,7 @@ type ticket_index = Ticket_indexable.index The [public_key] allows to authenticate the owner of the address, by verifying BLS signatures. *) -type metadata = {counter : int64; public_key : Bls_signature.pk} +type metadata = {counter : int64; public_key : Bls.Public_key.t} type error += | Balance_too_low @@ -218,7 +208,7 @@ module type CONTEXT = sig (** [bls_aggregate_verify] allows to verify the aggregated signature of a batch. *) - val bls_verify : (Bls_signature.pk * bytes) list -> signature -> bool m + val bls_verify : (Bls.Public_key.t * bytes) list -> signature -> bool m (** The metadata associated to an address. *) module Address_metadata : sig @@ -241,7 +231,7 @@ module type CONTEXT = sig This can fails with [Metadata_already_initialized] if this function has already been called with [idx]. *) - val init_with_public_key : t -> address_index -> Bls_signature.pk -> t m + val init_with_public_key : t -> address_index -> Bls.Public_key.t -> t m (**/**) diff --git a/src/proto_alpha/lib_protocol/tx_rollup_prefixes.ml b/src/proto_alpha/lib_protocol/tx_rollup_prefixes.ml index 2d4fa2061a6083552affba78118f92bda2e8d5de..dfaad858befbe19653b3fe6b91770b843ee1f263 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_prefixes.ml +++ b/src/proto_alpha/lib_protocol/tx_rollup_prefixes.ml @@ -38,14 +38,6 @@ let rollup_address = b58check_size = 37; } -let l2_address = - { - b58check_prefix = "\006\161\166"; - prefix = "tz4"; - hash_size = 20; - b58check_size = 36; - } - let inbox_hash = { b58check_prefix = "\079\148\196"; diff --git a/src/proto_alpha/lib_protocol/tx_rollup_prefixes.mli b/src/proto_alpha/lib_protocol/tx_rollup_prefixes.mli index 34efcbac8ab4d89f46b53fd8afa1ededad71f9df..caef924406122de7ea0ea26d09cb8721f9745512 100644 --- a/src/proto_alpha/lib_protocol/tx_rollup_prefixes.mli +++ b/src/proto_alpha/lib_protocol/tx_rollup_prefixes.mli @@ -33,9 +33,6 @@ type t = { (** See {!Tx_rollup_repr}. *) val rollup_address : t -(** See {!Tx_rollup_l2_address}. *) -val l2_address : t - (** See {!Tx_rollup_inbox_repr}. *) val inbox_hash : t diff --git a/src/proto_alpha/lib_protocol/zk_rollup_scalar.ml b/src/proto_alpha/lib_protocol/zk_rollup_scalar.ml index 8db6c7b68c1c333fc2c688a98fd35cd1fdac0292..77ac1b1d72996af9a969a90c1dc7a6a1aa19be54 100644 --- a/src/proto_alpha/lib_protocol/zk_rollup_scalar.ml +++ b/src/proto_alpha/lib_protocol/zk_rollup_scalar.ml @@ -23,13 +23,13 @@ (* *) (*****************************************************************************) -type t = Bls12_381.Fr.t +type t = Bls.Primitive.Fr.t let of_z z = (* In case [z] is outside of the field, i.e. Z >= Fr.order, - [Bls12_381.Fr.of_z] will apply a modulo reduction to ge + [Bls.Primitive.Fr.of_z] will apply a modulo reduction to ge t a field element *) - Bls12_381.Fr.of_z z + Bls.Primitive.Fr.of_z z let of_bits bs = (* The bits are interpreted as a Z integer *) diff --git a/src/proto_alpha/lib_protocol/zk_rollup_scalar.mli b/src/proto_alpha/lib_protocol/zk_rollup_scalar.mli index 0b9307cefe3ff708cda473503f1bb6ca33d992e5..cdd18d5b38bd18145e4b9bedadd0e8dc2d7f080e 100644 --- a/src/proto_alpha/lib_protocol/zk_rollup_scalar.mli +++ b/src/proto_alpha/lib_protocol/zk_rollup_scalar.mli @@ -27,7 +27,7 @@ manipulation functions *) (** Scalars are transparently BLS12-381 scalars *) -type t = Bls12_381.Fr.t +type t = Bls.Primitive.Fr.t (** Safe conversion from Z.t. If the numerical value is not in the field, modulo reduction diff --git a/src/proto_alpha/lib_tx_rollup/RPC.ml b/src/proto_alpha/lib_tx_rollup/RPC.ml index 6ea41409203cf5ccc5f12af38fb16ca0a1204ca0..20ec77e6b1b1040b08b2166be6820675c6cc764e 100644 --- a/src/proto_alpha/lib_tx_rollup/RPC.ml +++ b/src/proto_alpha/lib_tx_rollup/RPC.ml @@ -408,19 +408,9 @@ module Context_RPC = struct type address_metadata = { index : Tx_rollup_l2_context_sig.address_index; counter : int64; - public_key : Environment.Bls_signature.pk; + public_key : Bls.Public_key.t; } - let bls_pk_encoding = - Data_encoding.( - conv_with_guard - Environment.Bls_signature.pk_to_bytes - (fun x -> - Option.to_result - ~none:"not a valid bls public key" - (Environment.Bls_signature.pk_of_bytes_opt x)) - bytes) - let address_metadata_encoding = Data_encoding.( conv @@ -429,7 +419,7 @@ module Context_RPC = struct @@ obj3 (req "index" Tx_rollup_l2_address.Indexable.index_encoding) (req "counter" int64) - (req "public_key" bls_pk_encoding)) + (req "public_key" Bls.Public_key.encoding)) let balance = RPC_service.get_service @@ -501,7 +491,7 @@ module Context_RPC = struct "Get the BLS public key associated to the given address, or null if \ the address has not performed any transfer or withdraw on the rollup." ~query:RPC_query.empty - ~output:(Data_encoding.option bls_pk_encoding) + ~output:(Data_encoding.option Bls.Public_key.encoding) RPC_path.(path / "addresses" /: Arg.address_indexable / "public_key") let ticket = diff --git a/src/proto_alpha/lib_tx_rollup/fancy_l2block.ml b/src/proto_alpha/lib_tx_rollup/fancy_l2block.ml index 20588b557dc0f2cf1a8240f99d830e41c2261c11..caf3d41391aa030f6e03f7d4a2a38c90e13ad584 100644 --- a/src/proto_alpha/lib_tx_rollup/fancy_l2block.ml +++ b/src/proto_alpha/lib_tx_rollup/fancy_l2block.ml @@ -102,7 +102,7 @@ let signer_value ctxt signer = | Left _ -> assert false) | Right Tx_rollup_l2_batch.(L2_addr _) -> return signer | Right Tx_rollup_l2_batch.(Bls_pk pk) -> - let addr = Tx_rollup_l2_address.of_bls_pk pk in + let addr = Bls.Public_key.hash pk in return (value (Tx_rollup_l2_batch.L2_addr addr) |> forget) let transaction_replace_indexes ctxt transaction = diff --git a/src/proto_alpha/lib_tx_rollup/l2_transaction.ml b/src/proto_alpha/lib_tx_rollup/l2_transaction.ml index 7aa2a405931adfb185e1e6534ea70af20b06c087..e772948c92652e67c7a5c262618856c499c8b42d 100644 --- a/src/proto_alpha/lib_tx_rollup/l2_transaction.ml +++ b/src/proto_alpha/lib_tx_rollup/l2_transaction.ml @@ -44,7 +44,7 @@ let batch l = let contents = List.map (fun {transaction; _} -> transaction) l in let aggregated_signature = List.concat_map (fun {signatures; _} -> signatures) l - |> Environment.Bls_signature.aggregate_signature_opt + |> Bls.aggregate_signature_opt in match aggregated_signature with | None -> error_with "Cannot aggregate signatures"