From e6ca93bc04b9672ff9c38195ec82a42fb65a22a2 Mon Sep 17 00:00:00 2001 From: Albin Coquereau Date: Wed, 5 Feb 2025 16:29:23 +0100 Subject: [PATCH 1/6] Crypto/base58: add prefixes for tz5 Bls addresses --- src/lib_crypto/base58.ml | 15 +++++++++++++++ src/lib_crypto/base58.mli | 10 ++++++++++ 2 files changed, 25 insertions(+) diff --git a/src/lib_crypto/base58.ml b/src/lib_crypto/base58.ml index 0c8d96f57008..c6cb36f9c0fc 100644 --- a/src/lib_crypto/base58.ml +++ b/src/lib_crypto/base58.ml @@ -384,6 +384,8 @@ module Prefix = struct let bls12_381_public_key_hash = "\006\161\166" (* tz4(36) *) + let bls12_381_pop_public_key_hash = "\006\161\169" (* tz5(36) *) + let smart_rollup_address = "\006\124\117" (* sr1(36) *) (* 16 *) @@ -451,15 +453,28 @@ module Prefix = struct (* 96 *) let bls12_381_signature = "\040\171\064\207" (* BLsig(142) *) + (* 96 *) + let bls12_381_pop_signature = "\009\054\155\082\153" (* BLpsig(143) *) + (* 48 *) let bls12_381_public_key = "\006\149\135\204" (* BLpk(76) *) + (* 48 *) + let bls12_381_pop_public_key = "\001\125\224\254\251" (* BLppk(77) *) + (* 32 *) let bls12_381_secret_key = "\003\150\192\040" (* BLsk(54) *) + (* 32 *) + let bls12_381_pop_secret_key = "\208\035\037\024" (* BLpsk(55) *) + (* 56 *) let bls12_381_encrypted_secret_key = "\002\005\030\053\025" (* BLesk(88) *) + (* 56 *) + let bls12_381_pop_encrypted_secret_key = + "\117\049\070\179\236" (* BLpesk(89) *) + (* 48 *) let slot_header = "\002\116\180" (* sh(74) *) end diff --git a/src/lib_crypto/base58.mli b/src/lib_crypto/base58.mli index 7e9c3a12d8bf..c3c7f082184f 100644 --- a/src/lib_crypto/base58.mli +++ b/src/lib_crypto/base58.mli @@ -55,6 +55,8 @@ module Prefix : sig val bls12_381_public_key_hash : string + val bls12_381_pop_public_key_hash : string + val smart_rollup_address : string val smart_rollup_commitment : string @@ -95,6 +97,8 @@ module Prefix : sig val bls12_381_encrypted_secret_key : string + val bls12_381_pop_encrypted_secret_key : string + val secp256k1_encrypted_scalar : string val generic_signature : string @@ -117,6 +121,12 @@ module Prefix : sig val bls12_381_secret_key : string + val bls12_381_pop_signature : string + + val bls12_381_pop_public_key : string + + val bls12_381_pop_secret_key : string + val slot_header : string end -- GitLab From 0c41c2257f1eb1ac05dd2d242481cd959ce069f1 Mon Sep 17 00:00:00 2001 From: Albin Coquereau Date: Fri, 14 Feb 2025 09:36:42 +0100 Subject: [PATCH 2/6] Crypto: add bls pop module (copy of bls_aug) --- src/lib_crypto/bls_pop.ml | 384 +++++++++++++++++++++++++++++++++++++ src/lib_crypto/bls_pop.mli | 46 +++++ 2 files changed, 430 insertions(+) create mode 100644 src/lib_crypto/bls_pop.ml create mode 100644 src/lib_crypto/bls_pop.mli diff --git a/src/lib_crypto/bls_pop.ml b/src/lib_crypto/bls_pop.ml new file mode 100644 index 000000000000..8918679b47eb --- /dev/null +++ b/src/lib_crypto/bls_pop.ml @@ -0,0 +1,384 @@ +(*****************************************************************************) +(* *) +(* Open Source License *) +(* Copyright (c) 2021 Nomadic Labs *) +(* *) +(* Permission is hereby granted, free of charge, to any person obtaining a *) +(* copy of this software and associated documentation files (the "Software"),*) +(* to deal in the Software without restriction, including without limitation *) +(* the rights to use, copy, modify, merge, publish, distribute, sublicense, *) +(* and/or sell copies of the Software, and to permit persons to whom the *) +(* Software is furnished to do so, subject to the following conditions: *) +(* *) +(* The above copyright notice and this permission notice shall be included *) +(* in all copies or substantial portions of the Software. *) +(* *) +(* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR*) +(* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, *) +(* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL *) +(* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER*) +(* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING *) +(* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER *) +(* DEALINGS IN THE SOFTWARE. *) +(* *) +(*****************************************************************************) + +module Public_key_hash = struct + include + Blake2B.Make + (Base58) + (struct + let name = "Bls12_381.Public_key_hash" + + let title = "A Bls12_381 public key hash" + + let b58check_prefix = Base58.Prefix.bls12_381_public_key_hash + + let size = Some 20 + end) + + module Logging = struct + let tag = Tag.def ~doc:title name pp + end +end + +let () = Base58.check_encoded_prefix Public_key_hash.b58check_encoding "tz4" 36 + +module Public_key = struct + open Bls12_381_signature.MinPk + + type t = Bls12_381_signature.MinPk.pk + + let name = "Bls12_381.Public_key" + + let title = "A Bls12_381 public key" + + let to_bytes = pk_to_bytes + + let to_string s = Bytes.to_string (to_bytes s) + + let of_bytes_opt = pk_of_bytes_opt + + let of_string_opt s = of_bytes_opt (Bytes.of_string s) + + let of_bytes_without_validation = of_bytes_opt + + let size _pk = Bls12_381_signature.MinPk.pk_size_in_bytes + + type Base58.data += Data of t + + let b58check_encoding = + Base58.register_encoding + ~prefix:Base58.Prefix.bls12_381_public_key + ~length:(size ()) + ~to_raw:to_string + ~of_raw:of_string_opt + ~wrap:(fun x -> Data x) + + let () = Base58.check_encoded_prefix b58check_encoding "BLpk" 76 + + let hash v = Public_key_hash.hash_bytes [to_bytes v] + + include Compare.Make (struct + type nonrec t = t + + let compare a b = + Bytes.compare + (Bls12_381_signature.MinPk.pk_to_bytes a) + (Bls12_381_signature.MinPk.pk_to_bytes b) + end) + + include Helpers.MakeRaw (struct + type nonrec t = t + + let name = name + + let of_bytes_opt = of_bytes_opt + + let of_string_opt = of_string_opt + + let to_string = to_string + end) + + include Helpers.MakeB58 (struct + type nonrec t = t + + let name = name + + let b58check_encoding = b58check_encoding + end) + + include Helpers.MakeEncoder (struct + type nonrec t = t + + let name = name + + let title = title + + let raw_encoding = + let open Data_encoding in + conv to_bytes of_bytes_exn (Fixed.bytes (size ())) + + let of_b58check = of_b58check + + let of_b58check_opt = of_b58check_opt + + let of_b58check_exn = of_b58check_exn + + let to_b58check = to_b58check + + let to_short_b58check = to_short_b58check + end) + + let pp ppf t = Format.fprintf ppf "%s" (to_b58check t) +end + +module Secret_key = struct + type t = Bls12_381_signature.sk + + let name = "Bls12_381.Secret_key" + + let title = "A Bls12_381 secret key" + + include Compare.Make (struct + type nonrec t = t + + let compare a b = + let a = Bls12_381_signature.sk_to_bytes a + and b = Bls12_381_signature.sk_to_bytes b in + Bytes.compare a b + end) + + let size = Bls12_381_signature.sk_size_in_bytes + + let to_bytes = Bls12_381_signature.sk_to_bytes + + let to_string s = Bytes.to_string (to_bytes s) + + let of_bytes_opt = Bls12_381_signature.sk_of_bytes_opt + + let of_string_opt s = of_bytes_opt (Bytes.of_string s) + + let to_public_key = Bls12_381_signature.MinPk.derive_pk + + type Base58.data += Data of t + + let b58check_encoding = + Base58.register_encoding + ~prefix:Base58.Prefix.bls12_381_secret_key + ~length:size + ~to_raw:to_string + ~of_raw:of_string_opt + ~wrap:(fun sk -> Data sk) + + let of_b58check_opt s = + match Base58.simple_decode b58check_encoding s with + | Some x -> Some x + | None -> Format.kasprintf Stdlib.failwith "Unexpected data (%s)" name + + let of_b58check_exn s = + match of_b58check_opt s with + | Some x -> x + | None -> Format.kasprintf Stdlib.failwith "Unexpected data (%s)" name + + let of_b58check s = + match of_b58check_opt s with + | Some x -> Ok x + | None -> + Error_monad.error_with + "Failed to read a b58check_encoding data (%s): %S" + name + s + + let to_b58check s = Base58.simple_encode b58check_encoding s + + let to_short_b58check s = + String.sub + (to_b58check s) + 0 + (10 + String.length (Base58.prefix b58check_encoding)) + + let () = Base58.check_encoded_prefix b58check_encoding "BLsk" 54 + + include Helpers.MakeRaw (struct + type nonrec t = t + + let name = name + + let of_bytes_opt = of_bytes_opt + + let of_string_opt = of_string_opt + + let to_string = to_string + end) + + include Helpers.MakeEncoder (struct + type nonrec t = t + + let name = name + + let title = title + + let raw_encoding = + let open Data_encoding in + conv to_bytes of_bytes_exn (Fixed.bytes size) + + let of_b58check = of_b58check + + let of_b58check_opt = of_b58check_opt + + let of_b58check_exn = of_b58check_exn + + let to_b58check = to_b58check + + let to_short_b58check = to_short_b58check + end) + + let pp ppf t = Format.fprintf ppf "%s" (to_b58check t) +end + +type t = Bls12_381_signature.MinPk.signature + +type watermark = Bytes.t + +let name = "Bls12_381_signature" + +let title = "A Bls12_381 signature" + +let size = Bls12_381_signature.MinPk.signature_size_in_bytes + +let to_bytes = Bls12_381_signature.MinPk.signature_to_bytes + +let of_bytes_opt s = + if Bytes.length s = size then + Bls12_381_signature.MinPk.signature_of_bytes_opt s + else None + +let to_string s = Bytes.to_string (to_bytes s) + +let of_string_opt s = of_bytes_opt (Bytes.of_string s) + +type Base58.data += Data of t + +let b58check_encoding = + Base58.register_encoding + ~prefix:Base58.Prefix.bls12_381_signature + ~length:size + ~to_raw:to_string + ~of_raw:of_string_opt + ~wrap:(fun x -> Data x) + +let () = Base58.check_encoded_prefix b58check_encoding "BLsig" 142 + +include Helpers.MakeB58 (struct + type nonrec t = t + + let name = name + + let b58check_encoding = b58check_encoding +end) + +include Helpers.MakeRaw (struct + type nonrec t = t + + let name = name + + let of_bytes_opt = of_bytes_opt + + let of_string_opt = of_string_opt + + let to_string = to_string +end) + +include Compare.Make (struct + type nonrec t = t + + let compare a b = + let a = to_bytes a and b = to_bytes b in + Bytes.compare a b +end) + +include Helpers.MakeEncoder (struct + type nonrec t = t + + let name = name + + let title = title + + let raw_encoding = + Data_encoding.conv to_bytes of_bytes_exn (Data_encoding.Fixed.bytes size) + + let of_b58check = of_b58check + + let of_b58check_opt = of_b58check_opt + + let of_b58check_exn = of_b58check_exn + + let to_b58check = to_b58check + + let to_short_b58check = to_short_b58check +end) + +let pp ppf t = Format.fprintf ppf "%s" (to_b58check t) + +let zero = + Bls12_381_signature.MinPk.signature_of_bytes_exn + @@ Bytes.of_string + "\192\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + +let sign ?watermark sk msg = + let msg = + match watermark with None -> msg | Some prefix -> Bytes.cat prefix msg + in + Bls12_381_signature.MinPk.Aug.sign sk msg + +let check ?watermark pk signature msg = + let msg = + match watermark with None -> msg | Some prefix -> Bytes.cat prefix msg + in + Bls12_381_signature.MinPk.Aug.verify pk msg signature + +(* [seed] must be at least of 32 bytes or [Bls12_381_signature.generate_sk] will + throw an error. *) +let generate_key ?seed () = + let seed = + match seed with + | Some seed -> seed + | None -> + (* same source of random as other signature, should be safe. Bls needs + bytes of 32 *) + Hacl.Rand.gen 32 + in + let sk = Bls12_381_signature.generate_sk seed in + let pk = Bls12_381_signature.MinPk.derive_pk sk in + let pkh = Public_key.hash pk in + (pkh, pk, sk) + +let deterministic_nonce sk msg = + let key = Secret_key.to_bytes sk in + Hacl.Hash.SHA256.HMAC.digest ~key ~msg + +let deterministic_nonce_hash sk msg = + Blake2B.to_bytes (Blake2B.hash_bytes [deterministic_nonce sk msg]) + +let aggregate_check pk_msg_list signature = + let pk_msg_list = + List.map + (fun (pk, watermark, msg) -> + let msg = + match watermark with + | None -> msg + | Some prefix -> Bytes.cat prefix msg + in + (pk, msg)) + pk_msg_list + in + Bls12_381_signature.MinPk.Aug.aggregate_verify pk_msg_list signature + +let aggregate_signature_opt = Bls12_381_signature.MinPk.aggregate_signature_opt + +module Primitive = struct + include Bls12_381 + + let pairing_check = Bls12_381.Pairing.pairing_check +end diff --git a/src/lib_crypto/bls_pop.mli b/src/lib_crypto/bls_pop.mli new file mode 100644 index 000000000000..2827c7fd263c --- /dev/null +++ b/src/lib_crypto/bls_pop.mli @@ -0,0 +1,46 @@ +(*****************************************************************************) +(* *) +(* Open Source License *) +(* Copyright (c) 2022 Nomadic Labs *) +(* *) +(* Permission is hereby granted, free of charge, to any person obtaining a *) +(* copy of this software and associated documentation files (the "Software"),*) +(* to deal in the Software without restriction, including without limitation *) +(* the rights to use, copy, modify, merge, publish, distribute, sublicense, *) +(* and/or sell copies of the Software, and to permit persons to whom the *) +(* Software is furnished to do so, subject to the following conditions: *) +(* *) +(* The above copyright notice and this permission notice shall be included *) +(* in all copies or substantial portions of the Software. *) +(* *) +(* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR*) +(* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, *) +(* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL *) +(* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER*) +(* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING *) +(* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER *) +(* DEALINGS IN THE SOFTWARE. *) +(* *) +(*****************************************************************************) + +(** Tezos - BLS12-381 cryptography *) + +include + S.AGGREGATE_SIGNATURE + with type Public_key.t = Bls12_381_signature.MinPk.pk + and type Secret_key.t = Bls12_381_signature.sk + and type t = Bls12_381_signature.MinPk.signature + and type watermark = Bytes.t + +include S.RAW_DATA with type t := t + +(** Module to access/expose the primitives of BLS12-381 *) +module Primitive : sig + module Fr : S.PRIME_FIELD with type t = Bls12_381.Fr.t + + module G1 : S.CURVE with type Scalar.t = Fr.t + + module G2 : S.CURVE with type Scalar.t = Fr.t + + val pairing_check : (G1.t * G2.t) list -> bool +end -- GitLab From c0538b525c12caf6c12364a47753c8e91f830e75 Mon Sep 17 00:00:00 2001 From: Albin Coquereau Date: Wed, 5 Feb 2025 16:30:33 +0100 Subject: [PATCH 3/6] Crypto: implement bls_pop module --- src/lib_crypto/bls_pop.ml | 50 ++++++++++++++------------------------ src/lib_crypto/bls_pop.mli | 9 +++---- 2 files changed, 21 insertions(+), 38 deletions(-) diff --git a/src/lib_crypto/bls_pop.ml b/src/lib_crypto/bls_pop.ml index 8918679b47eb..b18f0edc6b0c 100644 --- a/src/lib_crypto/bls_pop.ml +++ b/src/lib_crypto/bls_pop.ml @@ -28,11 +28,11 @@ module Public_key_hash = struct Blake2B.Make (Base58) (struct - let name = "Bls12_381.Public_key_hash" + let name = "Bls12_381_pop.Public_key_hash" - let title = "A Bls12_381 public key hash" + let title = "A Bls12_381 proof of possession public key hash" - let b58check_prefix = Base58.Prefix.bls12_381_public_key_hash + let b58check_prefix = Base58.Prefix.bls12_381_pop_public_key_hash let size = Some 20 end) @@ -42,16 +42,16 @@ module Public_key_hash = struct end end -let () = Base58.check_encoded_prefix Public_key_hash.b58check_encoding "tz4" 36 +let () = Base58.check_encoded_prefix Public_key_hash.b58check_encoding "tz5" 36 module Public_key = struct open Bls12_381_signature.MinPk type t = Bls12_381_signature.MinPk.pk - let name = "Bls12_381.Public_key" + let name = "Bls12_381_pop.Public_key" - let title = "A Bls12_381 public key" + let title = "A Bls12_381 proof of possession public key" let to_bytes = pk_to_bytes @@ -69,13 +69,13 @@ module Public_key = struct let b58check_encoding = Base58.register_encoding - ~prefix:Base58.Prefix.bls12_381_public_key + ~prefix:Base58.Prefix.bls12_381_pop_public_key ~length:(size ()) ~to_raw:to_string ~of_raw:of_string_opt ~wrap:(fun x -> Data x) - let () = Base58.check_encoded_prefix b58check_encoding "BLpk" 76 + let () = Base58.check_encoded_prefix b58check_encoding "BLppk" 77 let hash v = Public_key_hash.hash_bytes [to_bytes v] @@ -136,9 +136,9 @@ end module Secret_key = struct type t = Bls12_381_signature.sk - let name = "Bls12_381.Secret_key" + let name = "Bls12_381_pop.Secret_key" - let title = "A Bls12_381 secret key" + let title = "A Bls12_381 proof of possession secret key" include Compare.Make (struct type nonrec t = t @@ -165,7 +165,7 @@ module Secret_key = struct let b58check_encoding = Base58.register_encoding - ~prefix:Base58.Prefix.bls12_381_secret_key + ~prefix:Base58.Prefix.bls12_381_pop_secret_key ~length:size ~to_raw:to_string ~of_raw:of_string_opt @@ -198,7 +198,7 @@ module Secret_key = struct 0 (10 + String.length (Base58.prefix b58check_encoding)) - let () = Base58.check_encoded_prefix b58check_encoding "BLsk" 54 + let () = Base58.check_encoded_prefix b58check_encoding "BLpsk" 55 include Helpers.MakeRaw (struct type nonrec t = t @@ -241,9 +241,9 @@ type t = Bls12_381_signature.MinPk.signature type watermark = Bytes.t -let name = "Bls12_381_signature" +let name = "Bls12_381_pop_signature" -let title = "A Bls12_381 signature" +let title = "A Bls12_381 proof of possession signature" let size = Bls12_381_signature.MinPk.signature_size_in_bytes @@ -262,13 +262,13 @@ type Base58.data += Data of t let b58check_encoding = Base58.register_encoding - ~prefix:Base58.Prefix.bls12_381_signature + ~prefix:Base58.Prefix.bls12_381_pop_signature ~length:size ~to_raw:to_string ~of_raw:of_string_opt ~wrap:(fun x -> Data x) -let () = Base58.check_encoded_prefix b58check_encoding "BLsig" 142 +let () = Base58.check_encoded_prefix b58check_encoding "BLpsig" 143 include Helpers.MakeB58 (struct type nonrec t = t @@ -330,13 +330,13 @@ let sign ?watermark sk msg = let msg = match watermark with None -> msg | Some prefix -> Bytes.cat prefix msg in - Bls12_381_signature.MinPk.Aug.sign sk msg + Bls12_381_signature.MinPk.Pop.sign sk msg let check ?watermark pk signature msg = let msg = match watermark with None -> msg | Some prefix -> Bytes.cat prefix msg in - Bls12_381_signature.MinPk.Aug.verify pk msg signature + Bls12_381_signature.MinPk.Pop.verify pk msg signature (* [seed] must be at least of 32 bytes or [Bls12_381_signature.generate_sk] will throw an error. *) @@ -361,20 +361,6 @@ let deterministic_nonce sk msg = let deterministic_nonce_hash sk msg = Blake2B.to_bytes (Blake2B.hash_bytes [deterministic_nonce sk msg]) -let aggregate_check pk_msg_list signature = - let pk_msg_list = - List.map - (fun (pk, watermark, msg) -> - let msg = - match watermark with - | None -> msg - | Some prefix -> Bytes.cat prefix msg - in - (pk, msg)) - pk_msg_list - in - Bls12_381_signature.MinPk.Aug.aggregate_verify pk_msg_list signature - let aggregate_signature_opt = Bls12_381_signature.MinPk.aggregate_signature_opt module Primitive = struct diff --git a/src/lib_crypto/bls_pop.mli b/src/lib_crypto/bls_pop.mli index 2827c7fd263c..2b652d9e0c98 100644 --- a/src/lib_crypto/bls_pop.mli +++ b/src/lib_crypto/bls_pop.mli @@ -25,12 +25,7 @@ (** Tezos - BLS12-381 cryptography *) -include - S.AGGREGATE_SIGNATURE - with type Public_key.t = Bls12_381_signature.MinPk.pk - and type Secret_key.t = Bls12_381_signature.sk - and type t = Bls12_381_signature.MinPk.signature - and type watermark = Bytes.t +include S.SIGNATURE with type watermark = Bytes.t include S.RAW_DATA with type t := t @@ -44,3 +39,5 @@ module Primitive : sig val pairing_check : (G1.t * G2.t) list -> bool end + +val aggregate_signature_opt : t list -> t option -- GitLab From 74faf6c90b73b156696482df516dd938bcfa64ae Mon Sep 17 00:00:00 2001 From: Albin Coquereau Date: Wed, 5 Feb 2025 16:32:23 +0100 Subject: [PATCH 4/6] Crypto: add bls_pop variant in signature module --- .../yes_wallet/test/bench_signature_perf.ml | 11 +- .../EVM node- list events regression.out | 14 +- src/lib_client_base/client_keys.ml | 12 ++ .../client_keys_commands.ml | 10 +- src/lib_crypto/signature.ml | 9 +- src/lib_crypto/signature_v2.ml | 153 +++++++++++++++--- src/lib_crypto/signature_v2.mli | 12 +- src/lib_crypto/tezos_crypto.ml | 1 + .../encoding_benchmarks.ml | 1 + src/lib_signer_backends/encrypted.ml | 19 ++- .../lib_client/injection.ml | 8 +- .../dal.ml/DAL Node- P2P message encoding.out | 12 ++ 12 files changed, 219 insertions(+), 43 deletions(-) diff --git a/devtools/yes_wallet/test/bench_signature_perf.ml b/devtools/yes_wallet/test/bench_signature_perf.ml index 1af12fa4ea5c..fcf57fb19502 100644 --- a/devtools/yes_wallet/test/bench_signature_perf.ml +++ b/devtools/yes_wallet/test/bench_signature_perf.ml @@ -33,22 +33,26 @@ let keys = let keys_e = Tezos_crypto.Signature.generate_key ~algo:Ed25519 () in let keys_s = Tezos_crypto.Signature.generate_key ~algo:Secp256k1 () in let keys_b = Tezos_crypto.Signature.generate_key ~algo:Bls_aug () in + let keys_bp = Tezos_crypto.Signature.generate_key ~algo:Bls_pop () in function | Tezos_crypto.Signature.P256 -> keys_p | Ed25519 -> keys_e | Secp256k1 -> keys_s | Bls_aug -> keys_b + | Bls_pop -> keys_bp let wrong_keys = let keys_p = Tezos_crypto.Signature.generate_key ~algo:P256 () in let keys_e = Tezos_crypto.Signature.generate_key ~algo:Ed25519 () in let keys_s = Tezos_crypto.Signature.generate_key ~algo:Secp256k1 () in - let keys_b = Tezos_crypto.Signature.generate_key ~algo:Bls_aug () in + let keys_bls_aug = Tezos_crypto.Signature.generate_key ~algo:Bls_aug () in + let keys_bls_pop = Tezos_crypto.Signature.generate_key ~algo:Bls_pop () in function | Tezos_crypto.Signature.P256 -> keys_p | Ed25519 -> keys_e | Secp256k1 -> keys_s - | Bls_aug -> keys_b + | Bls_aug -> keys_bls_aug + | Bls_pop -> keys_bls_pop let wrong_pk algo = let _, pk, _ = wrong_keys algo in @@ -106,7 +110,8 @@ let str_of_algo = function | Tezos_crypto.Signature.Ed25519 -> "Ed25519" | Tezos_crypto.Signature.Secp256k1 -> "Secp256k1" | Tezos_crypto.Signature.P256 -> "P256" - | Tezos_crypto.Signature.Bls_aug -> "Bls" + | Tezos_crypto.Signature.Bls_aug -> "Bls_aug" + | Tezos_crypto.Signature.Bls_pop -> "Bls_pop" let time ~yes_crypto ~algo size datas = Format.eprintf "generating signatures...@?" ; diff --git a/etherlink/tezt/tests/expected/evm_rollup.ml/EVM node- list events regression.out b/etherlink/tezt/tests/expected/evm_rollup.ml/EVM node- list events regression.out index 8513ce84954f..ba179885cae0 100644 --- a/etherlink/tezt/tests/expected/evm_rollup.ml/EVM node- list events regression.out +++ b/etherlink/tezt/tests/expected/evm_rollup.ml/EVM node- list events regression.out @@ -889,7 +889,7 @@ blueprints_publisher_request_failed: "number": $unistring, "nb_chunks": integer ∈ [-2^30, 2^30], "chunk_index": integer ∈ [-2^30, 2^30], - "signature": $Signature.V1 } ... ], + "signature": $Signature.V2 } ... ], "inbox_payload": [ $unistring ... ] } || [ $unistring ... ] /* Inbox */ } @@ -897,8 +897,9 @@ blueprints_publisher_request_failed: "request": "new_l2_head", "rollup_head": integer ∈ [-2^31-1, 2^31] }, "errors": any } } - $Signature.V1: - /* A Ed25519, Secp256k1, P256 or BLS signature (Base58Check-encoded) */ + $Signature.V2: + /* A Ed25519, Secp256k1, P256, BLS Aug or BLS POP signature + (Base58Check-encoded) */ $unistring $positive_bignum: /* Positive big number @@ -2135,7 +2136,7 @@ blueprints_publisher_request_failed: "number": $unistring, "nb_chunks": integer ∈ [-2^30, 2^30], "chunk_index": integer ∈ [-2^30, 2^30], - "signature": $Signature.V1 } ... ], + "signature": $Signature.V2 } ... ], "inbox_payload": [ $unistring ... ] } || [ $unistring ... ] /* Inbox */ } @@ -2143,8 +2144,9 @@ blueprints_publisher_request_failed: "request": "new_l2_head", "rollup_head": integer ∈ [-2^31-1, 2^31] }, "errors": any } } - $Signature.V1: - /* A Ed25519, Secp256k1, P256 or BLS signature (Base58Check-encoded) */ + $Signature.V2: + /* A Ed25519, Secp256k1, P256, BLS Aug or BLS POP signature + (Base58Check-encoded) */ $unistring $positive_bignum: /* Positive big number diff --git a/src/lib_client_base/client_keys.ml b/src/lib_client_base/client_keys.ml index fd4412e80c00..f6e246b69a36 100644 --- a/src/lib_client_base/client_keys.ml +++ b/src/lib_client_base/client_keys.ml @@ -879,6 +879,8 @@ module V0 = Make (struct function | Bls_aug _ -> tzfail (Exn (Failure "BLS public key hash not supported by V0")) + | Bls_pop _ -> + tzfail (Exn (Failure "BLS POP public key hash not supported by V0")) | Ed25519 k -> return (Ed25519 k : Public_key_hash.t) | Secp256k1 k -> return (Secp256k1 k : Public_key_hash.t) | P256 k -> return (P256 k : Public_key_hash.t) @@ -888,6 +890,8 @@ module V0 = Make (struct let open Result_syntax in function | Bls_aug _ -> tzfail (Exn (Failure "BLS public key not supported by V0")) + | Bls_pop _ -> + tzfail (Exn (Failure "BLS POP public key not supported by V0")) | Ed25519 k -> return (Ed25519 k : Public_key.t) | Secp256k1 k -> return (Secp256k1 k : Public_key.t) | P256 k -> return (P256 k : Public_key.t) @@ -896,6 +900,8 @@ module V0 = Make (struct let open Result_syntax in function | Bls_aug _ -> tzfail (Exn (Failure "BLS signature not supported by V0")) + | Bls_pop _ -> + tzfail (Exn (Failure "BLS POP signature not supported by V0")) | Ed25519 k -> return (Ed25519 k : t) | Secp256k1 k -> return (Secp256k1 k : t) | P256 k -> return (P256 k : t) @@ -913,6 +919,8 @@ module V1 = Make (struct Tezos_crypto.Signature.Public_key_hash.t -> Public_key_hash.t tzresult = let open Result_syntax in function + | Bls_pop _ -> + tzfail (Exn (Failure "BLS POP public key hash not supported by V1")) | Bls_aug k -> return (Bls k : Public_key_hash.t) | Ed25519 k -> return (Ed25519 k : Public_key_hash.t) | Secp256k1 k -> return (Secp256k1 k : Public_key_hash.t) @@ -923,6 +931,8 @@ module V1 = Make (struct let open Result_syntax in function | Bls_aug k -> return (Bls k : Public_key.t) + | Bls_pop _ -> + tzfail (Exn (Failure "BLS POP public key not supported by V1")) | Ed25519 k -> return (Ed25519 k : Public_key.t) | Secp256k1 k -> return (Secp256k1 k : Public_key.t) | P256 k -> return (P256 k : Public_key.t) @@ -931,6 +941,8 @@ module V1 = Make (struct let open Result_syntax in function | Bls_aug k -> return (Bls k : t) + | Bls_pop _ -> + tzfail (Exn (Failure "BLS POP signature not supported by V1")) | Ed25519 k -> return (Ed25519 k : t) | Secp256k1 k -> return (Secp256k1 k : t) | P256 k -> return (P256 k : t) diff --git a/src/lib_client_commands/client_keys_commands.ml b/src/lib_client_commands/client_keys_commands.ml index e40f59fac8ca..ffa80d97947c 100644 --- a/src/lib_client_commands/client_keys_commands.ml +++ b/src/lib_client_commands/client_keys_commands.ml @@ -34,17 +34,19 @@ let group = let algo_param () = let open Lwt_result_syntax in Tezos_clic.parameter - ~autocomplete:(fun _ -> return ["ed25519"; "secp256k1"; "p256"; "bls"]) + ~autocomplete:(fun _ -> + return ["ed25519"; "secp256k1"; "p256"; "bls"; "bls_aug"; "bls_pop"]) (fun _ name -> match name with | "ed25519" -> return Signature.Ed25519 | "secp256k1" -> return Signature.Secp256k1 | "p256" -> return Signature.P256 - | "bls" -> return Signature.Bls_aug + | "bls_aug" | "bls" -> return Signature.Bls_aug + | "bls_pop" -> return Signature.Bls_pop | name -> failwith "Unknown signature algorithm (%s). Available: 'ed25519', \ - 'secp256k1','p256' or 'bls'" + 'secp256k1','p256', 'bls', 'bls_aug' or 'bls_pop'" name) let sig_algo_arg = @@ -52,7 +54,7 @@ let sig_algo_arg = ~doc:"use custom signature algorithm" ~long:"sig" ~short:'s' - ~placeholder:"ed25519|secp256k1|p256|bls" + ~placeholder:"ed25519|secp256k1|p256|bls/bls_aug|bls_pop" ~default:"ed25519" (algo_param ()) diff --git a/src/lib_crypto/signature.ml b/src/lib_crypto/signature.ml index f6644977c3ca..2b4c0a286035 100644 --- a/src/lib_crypto/signature.ml +++ b/src/lib_crypto/signature.ml @@ -82,19 +82,21 @@ module V0 = struct | V_latest.Ed25519 k -> Some (Ed25519 k) | V_latest.Secp256k1 k -> Some (Secp256k1 k) | V_latest.P256 k -> Some (P256 k) - | V_latest.Bls_aug _ -> None + | V_latest.Bls_aug _ | V_latest.Bls_pop _ -> None let public_key : V_latest.Public_key.t -> Public_key.t option = function | V_latest.Ed25519 k -> Some (Ed25519 k) | V_latest.Secp256k1 k -> Some (Secp256k1 k) | V_latest.P256 k -> Some (P256 k) | V_latest.Bls_aug _ -> None + | V_latest.Bls_pop _ -> None let secret_key : V_latest.Secret_key.t -> Secret_key.t option = function | V_latest.Ed25519 k -> Some (Ed25519 k) | V_latest.Secp256k1 k -> Some (Secp256k1 k) | V_latest.P256 k -> Some (P256 k) | V_latest.Bls_aug _ -> None + | V_latest.Bls_pop _ -> None let signature : V_latest.t -> t option = function | V_latest.Ed25519 k -> Some (Ed25519 k) @@ -102,6 +104,7 @@ module V0 = struct | V_latest.P256 k -> Some (P256 k) | V_latest.Unknown k -> Some (Unknown k) | V_latest.Bls_aug _ -> None + | V_latest.Bls_pop _ -> None let get_public_key pk = match public_key pk with @@ -165,18 +168,21 @@ module V1 = struct | V_latest.Secp256k1 k -> Some (Secp256k1 k) | V_latest.P256 k -> Some (P256 k) | V_latest.Bls_aug k -> Some (Bls k) + | V_latest.Bls_pop _ -> None let public_key : V_latest.Public_key.t -> Public_key.t option = function | V_latest.Ed25519 k -> Some (Ed25519 k) | V_latest.Secp256k1 k -> Some (Secp256k1 k) | V_latest.P256 k -> Some (P256 k) | V_latest.Bls_aug k -> Some (Bls k) + | V_latest.Bls_pop _ -> None let secret_key : V_latest.Secret_key.t -> Secret_key.t option = function | V_latest.Ed25519 k -> Some (Ed25519 k) | V_latest.Secp256k1 k -> Some (Secp256k1 k) | V_latest.P256 k -> Some (P256 k) | V_latest.Bls_aug k -> Some (Bls k) + | V_latest.Bls_pop _ -> None let signature : V_latest.t -> t option = function | V_latest.Ed25519 k -> Some (Ed25519 k) @@ -184,6 +190,7 @@ module V1 = struct | V_latest.P256 k -> Some (P256 k) | V_latest.Unknown k -> Some (Unknown k) | V_latest.Bls_aug k -> Some (Bls k) + | V_latest.Bls_pop _ -> None let get_public_key pk = match public_key pk with diff --git a/src/lib_crypto/signature_v2.ml b/src/lib_crypto/signature_v2.ml index 4b7d8cda8101..a7eb75c7b01e 100644 --- a/src/lib_crypto/signature_v2.ml +++ b/src/lib_crypto/signature_v2.ml @@ -12,18 +12,21 @@ type public_key_hash = | Secp256k1 of Secp256k1.Public_key_hash.t | P256 of P256.Public_key_hash.t | Bls_aug of Bls_aug.Public_key_hash.t + | Bls_pop of Bls_pop.Public_key_hash.t type public_key = | Ed25519 of Ed25519.Public_key.t | Secp256k1 of Secp256k1.Public_key.t | P256 of P256.Public_key.t | Bls_aug of Bls_aug.Public_key.t + | Bls_pop of Bls_pop.Public_key.t type secret_key = | Ed25519 of Ed25519.Secret_key.t | Secp256k1 of Secp256k1.Secret_key.t | P256 of P256.Secret_key.t | Bls_aug of Bls_aug.Secret_key.t + | Bls_pop of Bls_pop.Secret_key.t type watermark = Signature_v0.watermark = | Block_header of Chain_id.t @@ -37,6 +40,7 @@ module Public_key_hash = struct | Secp256k1 of Secp256k1.Public_key_hash.t | P256 of P256.Public_key_hash.t | Bls_aug of Bls_aug.Public_key_hash.t + | Bls_pop of Bls_pop.Public_key_hash.t let name = "Signature.Public_key_hash" @@ -82,6 +86,12 @@ module Public_key_hash = struct Bls_aug.Public_key_hash.encoding (function Bls_aug x -> Some x | _ -> None) (function x -> Bls_aug x); + case + (Tag 4) + ~title:"Bls_pop" + Bls_pop.Public_key_hash.encoding + (function Bls_pop x -> Some x | _ -> None) + (function x -> Bls_pop x); ] let to_bytes s = Data_encoding.Binary.to_bytes_exn raw_encoding s @@ -114,6 +124,7 @@ module Public_key_hash = struct | Some (Secp256k1.Public_key_hash.Data pkh) -> Some (Secp256k1 pkh) | Some (P256.Public_key_hash.Data pkh) -> Some (P256 pkh) | Some (Bls_aug.Public_key_hash.Data pkh) -> Some (Bls_aug pkh) + | Some (Bls_pop.Public_key_hash.Data pkh) -> Some (Bls_pop pkh) | _ -> None let of_b58check_exn s = @@ -132,12 +143,14 @@ module Public_key_hash = struct | Secp256k1 pkh -> Secp256k1.Public_key_hash.to_b58check pkh | P256 pkh -> P256.Public_key_hash.to_b58check pkh | Bls_aug pkh -> Bls_aug.Public_key_hash.to_b58check pkh + | Bls_pop pkh -> Bls_pop.Public_key_hash.to_b58check pkh let to_short_b58check = function | Ed25519 pkh -> Ed25519.Public_key_hash.to_short_b58check pkh | Secp256k1 pkh -> Secp256k1.Public_key_hash.to_short_b58check pkh | P256 pkh -> P256.Public_key_hash.to_short_b58check pkh | Bls_aug pkh -> Bls_aug.Public_key_hash.to_short_b58check pkh + | Bls_pop pkh -> Bls_pop.Public_key_hash.to_short_b58check pkh let to_path key l = match key with @@ -145,6 +158,7 @@ module Public_key_hash = struct | Secp256k1 h -> "secp256k1" :: Secp256k1.Public_key_hash.to_path h l | P256 h -> "p256" :: P256.Public_key_hash.to_path h l | Bls_aug h -> "bls" :: Bls_aug.Public_key_hash.to_path h l + | Bls_pop h -> "bls_pop" :: Bls_pop.Public_key_hash.to_path h l let of_path = function | "ed25519" :: q -> ( @@ -163,6 +177,10 @@ module Public_key_hash = struct match Bls_aug.Public_key_hash.of_path q with | Some pkh -> Some (Bls_aug pkh) | None -> None) + | "bls_pop" :: q -> ( + match Bls_pop.Public_key_hash.of_path q with + | Some pkh -> Some (Bls_pop pkh) + | None -> None) | _ -> assert false (* FIXME classification des erreurs *) @@ -172,6 +190,7 @@ module Public_key_hash = struct | "secp256k1" :: q -> Secp256k1 (Secp256k1.Public_key_hash.of_path_exn q) | "p256" :: q -> P256 (P256.Public_key_hash.of_path_exn q) | "bls" :: q -> Bls_aug (Bls_aug.Public_key_hash.of_path_exn q) + | "bls_pop" :: q -> Bls_pop (Bls_pop.Public_key_hash.of_path_exn q) | _ -> assert false (* FIXME classification des erreurs *) @@ -180,10 +199,12 @@ module Public_key_hash = struct let l1 = Ed25519.Public_key_hash.path_length and l2 = Secp256k1.Public_key_hash.path_length and l3 = P256.Public_key_hash.path_length - and l4 = Bls_aug.Public_key_hash.path_length in + and l4 = Bls_aug.Public_key_hash.path_length + and l5 = Bls_pop.Public_key_hash.path_length in assert (Compare.Int.(l1 = l2)) ; assert (Compare.Int.(l1 = l3)) ; assert (Compare.Int.(l1 = l4)) ; + assert (Compare.Int.(l1 = l5)) ; 1 + l1 let prefix_path _ = assert false (* unused *) @@ -201,6 +222,7 @@ module Public_key_hash = struct | Secp256k1 x, Secp256k1 y -> Secp256k1.Public_key_hash.compare x y | P256 x, P256 y -> P256.Public_key_hash.compare x y | Bls_aug x, Bls_aug y -> Bls_aug.Public_key_hash.compare x y + | Bls_pop x, Bls_pop y -> Bls_pop.Public_key_hash.compare x y | _ -> Stdlib.compare a b end) @@ -255,6 +277,7 @@ module Public_key = struct | Secp256k1 of Secp256k1.Public_key.t | P256 of P256.Public_key.t | Bls_aug of Bls_aug.Public_key.t + | Bls_pop of Bls_pop.Public_key.t let name = "Signature.Public_key" @@ -266,6 +289,7 @@ module Public_key = struct | Secp256k1 pk -> Public_key_hash.Secp256k1 (Secp256k1.Public_key.hash pk) | P256 pk -> Public_key_hash.P256 (P256.Public_key.hash pk) | Bls_aug pk -> Public_key_hash.Bls_aug (Bls_aug.Public_key.hash pk) + | Bls_pop pk -> Public_key_hash.Bls_pop (Bls_pop.Public_key.hash pk) include Compare.Make (struct type nonrec t = t @@ -276,9 +300,12 @@ module Public_key = struct | Secp256k1 x, Secp256k1 y -> Secp256k1.Public_key.compare x y | P256 x, P256 y -> P256.Public_key.compare x y | Bls_aug x, Bls_aug y -> Bls_aug.Public_key.compare x y - | Ed25519 _, (Secp256k1 _ | P256 _ | Bls_aug _) -> -1 - | Secp256k1 _, (P256 _ | Bls_aug _) -> -1 - | P256 _, Bls_aug _ -> -1 + | Bls_pop x, Bls_pop y -> Bls_pop.Public_key.compare x y + | Ed25519 _, (Secp256k1 _ | P256 _ | Bls_aug _ | Bls_pop _) -> -1 + | Secp256k1 _, (P256 _ | Bls_aug _ | Bls_pop _) -> -1 + | P256 _, (Bls_aug _ | Bls_pop _) -> -1 + | Bls_aug _, Bls_pop _ -> -1 + | Bls_pop _, (Bls_aug _ | P256 _ | Secp256k1 _ | Ed25519 _) -> 1 | Bls_aug _, (P256 _ | Secp256k1 _ | Ed25519 _) -> 1 | P256 _, (Secp256k1 _ | Ed25519 _) -> 1 | Secp256k1 _, Ed25519 _ -> 1 @@ -301,6 +328,7 @@ module Public_key = struct | Some (Secp256k1.Public_key.Data public_key) -> Some (Secp256k1 public_key) | Some (P256.Public_key.Data public_key) -> Some (P256 public_key) | Some (Bls_aug.Public_key.Data public_key) -> Some (Bls_aug public_key) + | Some (Bls_pop.Public_key.Data public_key) -> Some (Bls_pop public_key) | _ -> None let of_b58check_exn s = @@ -319,12 +347,14 @@ module Public_key = struct | Secp256k1 pk -> Secp256k1.Public_key.to_b58check pk | P256 pk -> P256.Public_key.to_b58check pk | Bls_aug pk -> Bls_aug.Public_key.to_b58check pk + | Bls_pop pk -> Bls_pop.Public_key.to_b58check pk let to_short_b58check = function | Ed25519 pk -> Ed25519.Public_key.to_short_b58check pk | Secp256k1 pk -> Secp256k1.Public_key.to_short_b58check pk | P256 pk -> P256.Public_key.to_short_b58check pk | Bls_aug pk -> Bls_aug.Public_key.to_short_b58check pk + | Bls_pop pk -> Bls_pop.Public_key.to_short_b58check pk let of_bytes_without_validation b = let tag = Bytes.(get_int8 b 0) in @@ -345,6 +375,10 @@ module Public_key = struct Option.bind (Bls_aug.Public_key.of_bytes_without_validation b) (fun pk -> Some (Bls_aug pk)) + | 4 -> + Option.bind + (Bls_pop.Public_key.of_bytes_without_validation b) + (fun pk -> Some (Bls_pop pk)) | _ -> None include Helpers.MakeEncoder (struct @@ -383,6 +417,12 @@ module Public_key = struct Bls_aug.Public_key.encoding (function Bls_aug x -> Some x | _ -> None) (function x -> Bls_aug x); + case + ~title:"Bls_pop" + (Tag 4) + Bls_pop.Public_key.encoding + (function Bls_pop x -> Some x | _ -> None) + (function x -> Bls_pop x); ] let of_b58check = of_b58check @@ -407,6 +447,7 @@ module Secret_key = struct | Secp256k1 of Secp256k1.Secret_key.t | P256 of P256.Secret_key.t | Bls_aug of Bls_aug.Secret_key.t + | Bls_pop of Bls_pop.Secret_key.t let name = "Signature.Secret_key" @@ -418,6 +459,7 @@ module Secret_key = struct Public_key.Secp256k1 (Secp256k1.Secret_key.to_public_key sk) | P256 sk -> Public_key.P256 (P256.Secret_key.to_public_key sk) | Bls_aug sk -> Public_key.Bls_aug (Bls_aug.Secret_key.to_public_key sk) + | Bls_pop sk -> Public_key.Bls_pop (Bls_pop.Secret_key.to_public_key sk) include Compare.Make (struct type nonrec t = t @@ -428,6 +470,7 @@ module Secret_key = struct | Secp256k1 x, Secp256k1 y -> Secp256k1.Secret_key.compare x y | P256 x, P256 y -> P256.Secret_key.compare x y | Bls_aug x, Bls_aug y -> Bls_aug.Secret_key.compare x y + | Bls_pop x, Bls_pop y -> Bls_pop.Secret_key.compare x y | _ -> Stdlib.compare a b end) @@ -448,6 +491,7 @@ module Secret_key = struct | Some (Secp256k1.Secret_key.Data sk) -> Some (Secp256k1 sk) | Some (P256.Secret_key.Data sk) -> Some (P256 sk) | Some (Bls_aug.Secret_key.Data sk) -> Some (Bls_aug sk) + | Some (Bls_pop.Secret_key.Data sk) -> Some (Bls_pop sk) | _ -> None let of_b58check_exn s = @@ -466,12 +510,14 @@ module Secret_key = struct | Secp256k1 sk -> Secp256k1.Secret_key.to_b58check sk | P256 sk -> P256.Secret_key.to_b58check sk | Bls_aug sk -> Bls_aug.Secret_key.to_b58check sk + | Bls_pop sk -> Bls_pop.Secret_key.to_b58check sk let to_short_b58check = function | Ed25519 sk -> Ed25519.Secret_key.to_short_b58check sk | Secp256k1 sk -> Secp256k1.Secret_key.to_short_b58check sk | P256 sk -> P256.Secret_key.to_short_b58check sk | Bls_aug sk -> Bls_aug.Secret_key.to_short_b58check sk + | Bls_pop sk -> Bls_pop.Secret_key.to_short_b58check sk include Helpers.MakeEncoder (struct type nonrec t = t @@ -509,6 +555,12 @@ module Secret_key = struct Bls_aug.Secret_key.encoding (function Bls_aug x -> Some x | _ -> None) (function x -> Bls_aug x); + case + (Tag 4) + ~title:"Bls_pop" + Bls_pop.Secret_key.encoding + (function Bls_pop x -> Some x | _ -> None) + (function x -> Bls_pop x); ] let of_b58check = of_b58check @@ -530,23 +582,25 @@ type signature = | Secp256k1 of Secp256k1.t | P256 of P256.t | Bls_aug of Bls_aug.t + | Bls_pop of Bls_pop.t | Unknown of Bytes.t -type prefix = Bls_prefix of Bytes.t +type prefix = Bls_aug_prefix of Bytes.t | Bls_pop_prefix of Bytes.t type splitted = {prefix : prefix option; suffix : Bytes.t} type t = signature -let name = "Signature.V1" +let name = "Signature.V2" -let title = "A Ed25519, Secp256k1, P256 or BLS signature" +let title = "A Ed25519, Secp256k1, P256, BLS Aug or BLS POP signature" let to_bytes = function | Ed25519 b -> Ed25519.to_bytes b | Secp256k1 b -> Secp256k1.to_bytes b | P256 b -> P256.to_bytes b | Bls_aug b -> Bls_aug.to_bytes b + | Bls_pop b -> Bls_pop.to_bytes b | Unknown b -> b let of_bytes_opt s = @@ -560,7 +614,8 @@ let () = assert (Ed25519.size = 64) ; assert (Secp256k1.size = 64) ; assert (P256.size = 64) ; - assert (Bls_aug.size = 96) + assert (Bls_aug.size = 96) ; + assert (Bls_pop.size = 96) type Base58.data += Data_unknown of Bytes.t @@ -603,6 +658,8 @@ let of_b58check_opt s = then Option.map (fun x -> P256 x) (P256.of_b58check_opt s) else if TzString.has_prefix ~prefix:Bls_aug.b58check_encoding.encoded_prefix s then Option.map (fun x -> Bls_aug x) (Bls_aug.of_b58check_opt s) + else if TzString.has_prefix ~prefix:Bls_pop.b58check_encoding.encoded_prefix s + then Option.map (fun x -> Bls_pop x) (Bls_pop.of_b58check_opt s) else Option.map (fun x -> Unknown x) @@ -623,6 +680,7 @@ let to_b58check = function | Secp256k1 b -> Secp256k1.to_b58check b | P256 b -> P256.to_b58check b | Bls_aug b -> Bls_aug.to_b58check b + | Bls_pop b -> Bls_pop.to_b58check b | Unknown b -> Base58.simple_encode unknown_b58check_encoding b let to_short_b58check = function @@ -630,6 +688,7 @@ let to_short_b58check = function | Secp256k1 b -> Secp256k1.to_short_b58check b | P256 b -> P256.to_short_b58check b | Bls_aug b -> Bls_aug.to_short_b58check b + | Bls_pop b -> Bls_pop.to_short_b58check b | Unknown b -> Base58.simple_encode unknown_b58check_encoding b let raw_encoding = @@ -698,6 +757,8 @@ let of_p256 s = P256 s let of_bls s = Bls_aug s +let of_bls_pop s = Bls_pop s + let zero = of_ed25519 Ed25519.zero (* NOTE: At the moment, only BLS signatures can be encoded with a tag. We impose @@ -715,10 +776,16 @@ let prefix_encoding = [ case (Tag 3) - ~title:"Bls_prefix" + ~title:"Bls_aug_prefix" (Fixed.bytes (Bls_aug.size - Ed25519.size)) - (function Bls_prefix x -> Some x) - (function x -> Bls_prefix x); + (function Bls_aug_prefix x -> Some x | Bls_pop_prefix _ -> None) + (function x -> Bls_aug_prefix x); + case + (Tag 4) + ~title:"Bls_pop_prefix" + (Fixed.bytes (Bls_pop.size - Ed25519.size)) + (function Bls_pop_prefix x -> Some x | Bls_aug_prefix _ -> None) + (function x -> Bls_pop_prefix x); ] let split_signature = function @@ -728,7 +795,12 @@ let split_signature = function let s = Bls_aug.to_bytes s in let prefix = Bytes.sub s 0 32 in let suffix = Bytes.sub s 32 64 in - {prefix = Some (Bls_prefix prefix); suffix} + {prefix = Some (Bls_aug_prefix prefix); suffix} + | Bls_pop s -> + let s = Bls_pop.to_bytes s in + let prefix = Bytes.sub s 0 32 in + let suffix = Bytes.sub s 32 64 in + {prefix = Some (Bls_pop_prefix prefix); suffix} | Unknown s -> assert (Compare.Int.(Bytes.length s = 64)) ; {prefix = None; suffix = s} @@ -737,9 +809,12 @@ let of_splitted {prefix; suffix} = let open Option_syntax in match prefix with | None -> of_bytes_opt suffix - | Some (Bls_prefix prefix) -> + | Some (Bls_aug_prefix prefix) -> let+ s = Bls_aug.of_bytes_opt (Bytes.cat prefix suffix) in Bls_aug s + | Some (Bls_pop_prefix prefix) -> + let+ s = Bls_pop.of_bytes_opt (Bytes.cat prefix suffix) in + Bls_pop s let bytes_of_watermark = function | Block_header chain_id -> @@ -769,6 +844,7 @@ let sign ?watermark secret_key message = | Secp256k1 sk -> of_secp256k1 (Secp256k1.sign ?watermark sk message) | P256 sk -> of_p256 (P256.sign ?watermark sk message) | Bls_aug sk -> of_bls (Bls_aug.sign ?watermark sk message) + | Bls_pop sk -> of_bls_pop (Bls_pop.sign ?watermark sk message) let check ?watermark public_key signature message = let watermark = Option.map bytes_of_watermark watermark in @@ -789,6 +865,10 @@ let check ?watermark public_key signature message = match Bls_aug.of_bytes_opt signature with | Some s -> Bls_aug.check ?watermark pk s message | None -> false) + | Public_key.Bls_pop pk, Unknown signature -> ( + match Bls_pop.of_bytes_opt signature with + | Some s -> Bls_pop.check ?watermark pk s message + | None -> false) | Public_key.Ed25519 pk, Ed25519 signature -> Ed25519.check ?watermark pk signature message | Public_key.Secp256k1 pk, Secp256k1 signature -> @@ -797,7 +877,14 @@ let check ?watermark public_key signature message = P256.check ?watermark pk signature message | Public_key.Bls_aug pk, Bls_aug signature -> Bls_aug.check ?watermark pk signature message - | _ -> false + | Public_key.Bls_pop pk, Bls_pop signature -> + Bls_pop.check ?watermark pk signature message + | Public_key.Ed25519 _, (Secp256k1 _ | P256 _ | Bls_aug _ | Bls_pop _) + | Public_key.Secp256k1 _, (Ed25519 _ | P256 _ | Bls_aug _ | Bls_pop _) + | Public_key.P256 _, (Ed25519 _ | Secp256k1 _ | Bls_aug _ | Bls_pop _) + | Public_key.Bls_aug _, (Ed25519 _ | Secp256k1 _ | P256 _ | Bls_pop _) + | Public_key.Bls_pop _, (Ed25519 _ | Secp256k1 _ | P256 _ | Bls_aug _) -> + false let fake_sign_from_pk pk msg = let pk_bytes = Data_encoding.Binary.to_bytes_exn Public_key.encoding pk in @@ -810,7 +897,7 @@ let fake_sign_from_pk pk msg = Bytes.blit msg 0 tmp half (all_or_half msg) ; of_bytes_exn tmp -type algo = Ed25519 | Secp256k1 | P256 | Bls_aug +type algo = Ed25519 | Secp256k1 | P256 | Bls_aug | Bls_pop let fake_sign ?watermark:_ secret_key msg = let pk = Secret_key.to_public_key secret_key in @@ -830,28 +917,43 @@ let hardcoded_sk algo : secret_key = | Bls_aug -> Secret_key.of_b58check_exn "BLsk1hfuv6V8JJRaLDBJgPTRGLKusTZnTmWGrvSKYzUaMuzvPLmeGG" + | Bls_pop -> + Secret_key.of_b58check_exn + "BLpsk4MvDCyuBXnHHTPn72yneLprM8xXSyJcyPt9nbWdLwnQUC5qbA8" let hardcoded_pk = (* precompute signatures *) - let ed, secp, p, bls = + let ed, secp, p, bls_aug, bls_pop = ( Secret_key.to_public_key (hardcoded_sk Ed25519), Secret_key.to_public_key (hardcoded_sk Secp256k1), Secret_key.to_public_key (hardcoded_sk P256), - Secret_key.to_public_key (hardcoded_sk Bls_aug) ) + Secret_key.to_public_key (hardcoded_sk Bls_aug), + Secret_key.to_public_key (hardcoded_sk Bls_pop) ) in - function Ed25519 -> ed | Secp256k1 -> secp | P256 -> p | Bls_aug -> bls + function + | Ed25519 -> ed + | Secp256k1 -> secp + | P256 -> p + | Bls_aug -> bls_aug + | Bls_pop -> bls_pop let hardcoded_msg = Bytes.of_string "Cheers" let hardcoded_sig = (* precompute signatures *) - let ed, secp, p, bls = + let ed, secp, p, bls_aug, bls_pop = ( sign (hardcoded_sk Ed25519) hardcoded_msg, sign (hardcoded_sk Secp256k1) hardcoded_msg, sign (hardcoded_sk P256) hardcoded_msg, - sign (hardcoded_sk Bls_aug) hardcoded_msg ) + sign (hardcoded_sk Bls_aug) hardcoded_msg, + sign (hardcoded_sk Bls_pop) hardcoded_msg ) in - function Ed25519 -> ed | Secp256k1 -> secp | P256 -> p | Bls_aug -> bls + function + | Ed25519 -> ed + | Secp256k1 -> secp + | P256 -> p + | Bls_aug -> bls_aug + | Bls_pop -> bls_pop let algo_of_pk (pk : Public_key.t) = match pk with @@ -859,6 +961,7 @@ let algo_of_pk (pk : Public_key.t) = | Secp256k1 _ -> Secp256k1 | P256 _ -> P256 | Bls_aug _ -> Bls_aug + | Bls_pop _ -> Bls_pop let fast_fake_sign ?watermark:_ sk _msg = let pk = Secret_key.to_public_key sk in @@ -908,7 +1011,8 @@ let check ?watermark public_key signature message = signature (public_key, message) ; res) - | _ -> check ?watermark public_key signature message + | None | Some Generic_operation | Some (Block_header _) | Some (Custom _) -> + check ?watermark public_key signature message let fake_check ?watermark:_ pk _signature msg = (* computing the fake signature do hash the message, @@ -965,6 +1069,9 @@ let generate_key ?(algo = Ed25519) ?seed () = | Bls_aug -> let pkh, pk, sk = Bls_aug.generate_key ?seed () in (Public_key_hash.Bls_aug pkh, Public_key.Bls_aug pk, Secret_key.Bls_aug sk) + | Bls_pop -> + let pkh, pk, sk = Bls_pop.generate_key ?seed () in + (Public_key_hash.Bls_pop pkh, Public_key.Bls_pop pk, Secret_key.Bls_pop sk) let fake_generate_key ?(algo = Ed25519) ?seed () = let true_keys = generate_key ~algo ?seed () in @@ -984,6 +1091,7 @@ let deterministic_nonce sk msg = | Secret_key.Secp256k1 sk -> Secp256k1.deterministic_nonce sk msg | Secret_key.P256 sk -> P256.deterministic_nonce sk msg | Secret_key.Bls_aug sk -> Bls_aug.deterministic_nonce sk msg + | Secret_key.Bls_pop sk -> Bls_pop.deterministic_nonce sk msg let deterministic_nonce_hash sk msg = match sk with @@ -991,6 +1099,7 @@ let deterministic_nonce_hash sk msg = | Secret_key.Secp256k1 sk -> Secp256k1.deterministic_nonce_hash sk msg | Secret_key.P256 sk -> P256.deterministic_nonce_hash sk msg | Secret_key.Bls_aug sk -> Bls_aug.deterministic_nonce_hash sk msg + | Secret_key.Bls_pop sk -> Bls_pop.deterministic_nonce_hash sk msg module Of_V0 = struct let public_key_hash : Signature_v0.Public_key_hash.t -> Public_key_hash.t = diff --git a/src/lib_crypto/signature_v2.mli b/src/lib_crypto/signature_v2.mli index e8d03eefe4b6..fdb74402492f 100644 --- a/src/lib_crypto/signature_v2.mli +++ b/src/lib_crypto/signature_v2.mli @@ -10,18 +10,21 @@ type public_key_hash = | Secp256k1 of Secp256k1.Public_key_hash.t | P256 of P256.Public_key_hash.t | Bls_aug of Bls_aug.Public_key_hash.t + | Bls_pop of Bls_pop.Public_key_hash.t type public_key = | Ed25519 of Ed25519.Public_key.t | Secp256k1 of Secp256k1.Public_key.t | P256 of P256.Public_key.t | Bls_aug of Bls_aug.Public_key.t + | Bls_pop of Bls_pop.Public_key.t type secret_key = | Ed25519 of Ed25519.Secret_key.t | Secp256k1 of Secp256k1.Secret_key.t | P256 of P256.Secret_key.t | Bls_aug of Bls_aug.Secret_key.t + | Bls_pop of Bls_pop.Secret_key.t type watermark = Signature_v0.watermark = | Block_header of Chain_id.t @@ -38,11 +41,12 @@ type signature = | Secp256k1 of Secp256k1.t | P256 of P256.t | Bls_aug of Bls_aug.t + | Bls_pop of Bls_pop.t | Unknown of Bytes.t (** A signature prefix holds data only for signature that are more than 64 bytes long. *) -type prefix = Bls_prefix of Bytes.t +type prefix = Bls_aug_prefix of Bytes.t | Bls_pop_prefix of Bytes.t include S.SPLIT_SIGNATURE @@ -81,8 +85,12 @@ val of_p256 : P256.t -> t (** [of_bls s] returns a wrapped version of the BLS signature [s] in {!t}. *) val of_bls : Bls_aug.t -> t +(** [of_bls_pop s] returns a wrapped version of the BLS POP signature [s] in + {!t}. *) +val of_bls_pop : Bls_pop.t -> t + (** The type of signing algorithms. *) -type algo = Ed25519 | Secp256k1 | P256 | Bls_aug +type algo = Ed25519 | Secp256k1 | P256 | Bls_aug | Bls_pop (** The list of signing algorithm supported, i.e. all constructors of type {!algo}. *) diff --git a/src/lib_crypto/tezos_crypto.ml b/src/lib_crypto/tezos_crypto.ml index d02b83e8d467..227b31085fcb 100644 --- a/src/lib_crypto/tezos_crypto.ml +++ b/src/lib_crypto/tezos_crypto.ml @@ -48,6 +48,7 @@ end module Signature = struct module Bls_aug = Bls_aug + module Bls_pop = Bls_pop module Ed25519 = Ed25519 module P256 = P256 module Secp256k1 = Secp256k1 diff --git a/src/lib_shell_benchmarks/encoding_benchmarks.ml b/src/lib_shell_benchmarks/encoding_benchmarks.ml index 560064490c32..6d6da5ae5e6c 100644 --- a/src/lib_shell_benchmarks/encoding_benchmarks.ml +++ b/src/lib_shell_benchmarks/encoding_benchmarks.ml @@ -48,6 +48,7 @@ struct | Tezos_crypto.Signature.Secp256k1 -> "secp256k1" | Tezos_crypto.Signature.P256 -> "p256" | Tezos_crypto.Signature.Bls_aug -> "bls" + | Tezos_crypto.Signature.Bls_pop -> "bls_pop" module Sampler = Crypto_samplers.Make_finite_key_pool (struct let size = 256 diff --git a/src/lib_signer_backends/encrypted.ml b/src/lib_signer_backends/encrypted.ml index 9c137f51a4b7..6dc4c920cf27 100644 --- a/src/lib_signer_backends/encrypted.ml +++ b/src/lib_signer_backends/encrypted.ml @@ -87,6 +87,10 @@ module Raw = struct Data_encoding.Binary.to_bytes_exn Signature.Bls_aug.Secret_key.encoding sk + | Decrypted_sk (Bls_pop sk) -> + Data_encoding.Binary.to_bytes_exn + Signature.Bls_pop.Secret_key.encoding + sk in Bytes.cat salt (Tezos_crypto.Crypto_box.Secretbox.secretbox key msg nonce) @@ -150,6 +154,19 @@ module Raw = struct failwith "Corrupted wallet, deciphered key is not a valid BLS12_381 \ secret key") + | Some bytes, Encrypted_sk Signature.Bls_pop -> ( + match + Data_encoding.Binary.of_bytes_opt + Signature.Bls_pop.Secret_key.encoding + bytes + with + | Some sk -> + return_some + (Decrypted_sk (Bls_pop sk : Tezos_crypto.Signature.Secret_key.t)) + | None -> + failwith + "Corrupted wallet, deciphered key is not a valid BLS12_381 POP \ + secret key") end module Encodings = struct @@ -371,7 +388,7 @@ let common_encrypt sk password = | Decrypted_sk (Ed25519 _) -> Encodings.ed25519 | Decrypted_sk (Secp256k1 _) -> Encodings.secp256k1 | Decrypted_sk (P256 _) -> Encodings.p256 - | Decrypted_sk (Bls_aug _) -> Encodings.bls12_381 + | Decrypted_sk (Bls_aug _) | Decrypted_sk (Bls_pop _) -> Encodings.bls12_381 in Tezos_crypto.Base58.simple_encode encoding payload diff --git a/src/proto_016_PtMumbai/lib_client/injection.ml b/src/proto_016_PtMumbai/lib_client/injection.ml index b0e5b7284796..b11a357dd276 100644 --- a/src/proto_016_PtMumbai/lib_client/injection.ml +++ b/src/proto_016_PtMumbai/lib_client/injection.ml @@ -631,11 +631,11 @@ let detect_script_failure : type kind. kind operation_metadata -> _ = in fun {contents} -> detect_script_failure contents -let signature_size_of_algo : Tezos_crypto.Signature.algo -> int = function +let signature_size_of_algo : Signature.algo -> int = function | Ed25519 -> Tezos_crypto.Signature.Ed25519.size | Secp256k1 -> Tezos_crypto.Signature.Secp256k1.size | P256 -> Tezos_crypto.Signature.P256.size - | Bls_aug -> + | Bls -> (* BLS signatures in operations are encoded with 2 extra bytes: a [ff] prefix and a tag [03]. *) Tezos_crypto.Signature.Bls_aug.size + 2 @@ -1407,10 +1407,10 @@ let inject_manager_operation cctxt ~chain ~block ?successor_level ?branch in let signature_algo = match src_pk with - | Ed25519 _ -> Tezos_crypto.Signature.Ed25519 + | Ed25519 _ -> Signature.Ed25519 | Secp256k1 _ -> Secp256k1 | P256 _ -> P256 - | Bls _ -> Bls_aug + | Bls _ -> Bls in let apply_specified_options counter op = Annotated_manager_operation.set_source source op >>? fun op -> diff --git a/tezt/tests/expected/dal.ml/DAL Node- P2P message encoding.out b/tezt/tests/expected/dal.ml/DAL Node- P2P message encoding.out index b3441110b14c..c463b953b6f3 100644 --- a/tezt/tests/expected/dal.ml/DAL Node- P2P message encoding.out +++ b/tezt/tests/expected/dal.ml/DAL Node- P2P message encoding.out @@ -70,6 +70,18 @@ Bls (tag 3) +---------------------------+----------+------------------------+ +Bls_pop (tag 4) +=============== + ++-------------------------------+----------+------------------------+ +| Name | Size | Contents | ++===============================+==========+========================+ +| Tag | 1 byte | unsigned 8-bit integer | ++-------------------------------+----------+------------------------+ +| Bls12_381_pop.Public_key_hash | 20 bytes | bytes | ++-------------------------------+----------+------------------------+ + + X_1 *** -- GitLab From 381712e23c69a29edb7bb9cebe88fc773c2588f2 Mon Sep 17 00:00:00 2001 From: Albin Coquereau Date: Fri, 7 Feb 2025 16:12:29 +0100 Subject: [PATCH 5/6] Kaitai: update struct files --- .../files/signer_messages__public_key__response.ksy | 4 ++++ .../kaitai-struct-files/files/signer_messages__request.ksy | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/client-libs/kaitai-struct-files/files/signer_messages__public_key__response.ksy b/client-libs/kaitai-struct-files/files/signer_messages__public_key__response.ksy index 42848f5f894f..4cdf5d84e8b6 100644 --- a/client-libs/kaitai-struct-files/files/signer_messages__public_key__response.ksy +++ b/client-libs/kaitai-struct-files/files/signer_messages__public_key__response.ksy @@ -20,12 +20,16 @@ types: - id: bls size: 48 if: (public_key_tag == public_key_tag::bls) + - id: bls_pop + size: 48 + if: (public_key_tag == public_key_tag::bls_pop) enums: public_key_tag: 0: ed25519 1: secp256k1 2: p256 3: bls + 4: bls_pop seq: - id: pubkey type: public_key diff --git a/client-libs/kaitai-struct-files/files/signer_messages__request.ksy b/client-libs/kaitai-struct-files/files/signer_messages__request.ksy index 33ab87f6034b..3823ae73037d 100644 --- a/client-libs/kaitai-struct-files/files/signer_messages__request.ksy +++ b/client-libs/kaitai-struct-files/files/signer_messages__request.ksy @@ -54,6 +54,9 @@ types: - id: bls size: 20 if: (public_key_hash_tag == public_key_hash_tag::bls) + - id: bls_pop + size: 20 + if: (public_key_hash_tag == public_key_hash_tag::bls_pop) sign: seq: - id: pkh @@ -86,6 +89,7 @@ enums: 1: secp256k1 2: p256 3: bls + 4: bls_pop signer_messages__request_tag: 0: sign 1: public_key -- GitLab From 724774994801278480d9561fc0281de671337507 Mon Sep 17 00:00:00 2001 From: Albin Coquereau Date: Tue, 18 Feb 2025 14:21:07 +0100 Subject: [PATCH 6/6] Changes: add entry for tz5 addresses addition --- CHANGES.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGES.rst b/CHANGES.rst index 6a6e4d3e99b2..bec309273c36 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -36,6 +36,9 @@ General - Removed binaries for ParisC. (MR :gl:`!16427`) +- Add new BLS addresses ``Tz5`` that uses Proof of Possession cryptographic + scheme. (MR :gl:`!16589`) + Node ---- -- GitLab