Skip to content
This repository has been archived by the owner on Nov 15, 2023. It is now read-only.

BLS Core Crypto attempt #2 #13618

Merged
merged 49 commits into from
May 9, 2023
Merged

BLS Core Crypto attempt #2 #13618

Show file tree
Hide file tree
Changes from 27 commits
Commits
Show all changes
49 commits
Select commit Hold shift + click to select a range
b845210
Cherry pick all crypto related changes from pull-request #13311
drskalman Mar 15, 2023
081ced0
Merge branch 'master' into davxyn-skalman-core-bls-crypto
davxy Mar 20, 2023
f411d74
Merge branch 'master' into davxyn-skalman-core-bls-crypto
davxy Mar 20, 2023
ee61ddb
Import some stuff just if 'full_crypto' is on
davxy Mar 21, 2023
a1e0f13
Remove copyright year
davxy Mar 21, 2023
7023c14
Cleanup
davxy Mar 21, 2023
d92186d
First generic BLS draft
davxy Mar 21, 2023
409b2f4
Finalize generic implementation
davxy Mar 23, 2023
7177bb1
Restore tests
davxy Mar 23, 2023
9b320cd
Merge pull request #13 from davxy/davxyn-skalman-core-bls-crypto-generic
davxy Mar 23, 2023
58d4122
Fix rust docs
davxy Mar 23, 2023
1e331c0
Merge branch 'master' into davxyn-skalman-core-bls-crypto
davxy Mar 23, 2023
a630ead
Fix after master merge
davxy Mar 23, 2023
8a34867
Merge branch 'master' into davxyn-skalman-core-bls-crypto
davxy Mar 24, 2023
5c47d33
Fix after master merge
davxy Mar 24, 2023
fe65fce
Use double bls with G1 as signature group and verify individual signa…
drskalman Mar 28, 2023
b278ba7
Fix inclusions and types used within substrate
davxy Mar 29, 2023
3d50a72
Remove unused cruft
davxy Mar 29, 2023
994a805
Restore usage of upstream crates
davxy Mar 29, 2023
d728537
Fix test
davxy Mar 29, 2023
fbb2f47
Reduce the diff by aligning Cargo.lock to master
davxy Mar 29, 2023
bc52143
Application-crypto provides bls381
davxy Mar 29, 2023
eb8a7ab
Merge branch 'master' into davxyn-skalman-core-bls-crypto
davxy Mar 29, 2023
0acdf5c
Implement bls381 for local keystore
davxy Mar 29, 2023
26d9ce2
Merge branch 'master' into davxyn-skalman-core-bls-crypto
davxy Mar 30, 2023
9de1515
Use new generic keystore features
davxy Mar 30, 2023
267538f
import DoublePublickey[Scheme] from the bls-like root to be less conf…
drskalman Apr 4, 2023
e3c2af8
Merge branch 'master' into davxyn-skalman-core-bls-crypto
andresilva Apr 12, 2023
2a0a0ca
fix compilation
andresilva Apr 12, 2023
de48262
Apply suggestions from code review
davxy Apr 13, 2023
7d709da
Clean leftovers
davxy Apr 13, 2023
a2b7308
- update bls test vector after applying spec change recommendation.
drskalman Apr 13, 2023
478da9b
Merge branch 'davxyn-skalman-core-bls-crypto' of https://github.com/w…
drskalman Apr 13, 2023
426c5ae
Different hard junction ids for different bls12 types
davxy Apr 13, 2023
da36af4
update to new bls-like
drskalman Apr 13, 2023
856881a
Merge branch 'davxyn-skalman-core-bls-crypto' of https://github.com/w…
drskalman Apr 13, 2023
0c7a5f7
bls-like → w3f-bls
drskalman Apr 16, 2023
9218d9c
Make clippy happy
davxy Apr 16, 2023
58c2d94
update test vector after replacing hash and crop with hash to field.
drskalman Apr 19, 2023
6041fec
cargo fmt
drskalman Apr 19, 2023
f9b0da0
Merge branch 'master' into davxyn-skalman-core-bls-crypto
drskalman Apr 19, 2023
758a169
Merge remote-tracking branch 'upstream/master' into HEAD
Lederstrumpf Apr 25, 2023
b11659d
account for #13972
Lederstrumpf Apr 25, 2023
3a9c5ed
hide BLS behind "bls_non_production" feature flag
Lederstrumpf Apr 25, 2023
0bfbcfd
Merge remote-tracking branch 'upstream/master' into davxyn-skalman-co…
Lederstrumpf May 4, 2023
5a1a9cc
Remove Cargo.lock entries duplicated in merge
Lederstrumpf May 4, 2023
2e48a99
add bls377 to primitives/keystore and client/keystore
drskalman May 9, 2023
270b32e
rename feature `bls_non_production` to `bls-experimental`
drskalman May 9, 2023
35b9167
Merge branch 'master' into davxyn-skalman-core-bls-crypto
drskalman May 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1,279 changes: 818 additions & 461 deletions Cargo.lock
View file
Open in desktop

Large diffs are not rendered by default.

1 change: 0 additions & 1 deletion client/keystore/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ targets = ["x86_64-unknown-linux-gnu"]

[dependencies]
array-bytes = "4.1"
async-trait = "0.1.57"
parking_lot = "0.12.1"
serde_json = "1.0.85"
thiserror = "1.0"
Expand Down
31 changes: 28 additions & 3 deletions client/keystore/src/local.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
use parking_lot::RwLock;
use sp_application_crypto::{AppCrypto, AppPair, IsWrappedBy};
use sp_core::{
bls381,
crypto::{ByteArray, ExposeSecret, KeyTypeId, Pair as CorePair, SecretString},
ecdsa, ed25519, sr25519,
};
Expand Down Expand Up @@ -109,7 +110,7 @@ impl Keystore for LocalKeystore {

/// Generate a new pair compatible with the 'ed25519' signature scheme.
///
/// If the `[seed]` is `Some` then the key will be ephemeral and stored in memory.
/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
fn sr25519_generate_new(
&self,
key_type: KeyTypeId,
Expand Down Expand Up @@ -147,7 +148,7 @@ impl Keystore for LocalKeystore {

/// Generate a new pair compatible with the 'sr25519' signature scheme.
///
/// If the `[seed]` is `Some` then the key will be ephemeral and stored in memory.
/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
fn ed25519_generate_new(
&self,
key_type: KeyTypeId,
Expand All @@ -171,7 +172,7 @@ impl Keystore for LocalKeystore {

/// Generate a new pair compatible with the 'ecdsa' signature scheme.
///
/// If the `[seed]` is `Some` then the key will be ephemeral and stored in memory.
/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
fn ecdsa_generate_new(
&self,
key_type: KeyTypeId,
Expand Down Expand Up @@ -203,6 +204,30 @@ impl Keystore for LocalKeystore {
Ok(sig)
}

fn bls381_public_keys(&self, key_type: KeyTypeId) -> Vec<bls381::Public> {
self.public_keys::<bls381::Pair>(key_type)
}

/// Generate a new pair compatible with the 'bls381' signature scheme.
///
/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
fn bls381_generate_new(
&self,
key_type: KeyTypeId,
seed: Option<&str>,
) -> std::result::Result<bls381::Public, TraitError> {
self.generate_new::<bls381::Pair>(key_type, seed)
}

fn bls381_sign(
&self,
key_type: KeyTypeId,
public: &bls381::Public,
msg: &[u8],
) -> std::result::Result<Option<bls381::Signature>, TraitError> {
self.sign::<bls381::Pair>(key_type, public, msg)
}

fn insert(
&self,
key_type: KeyTypeId,
Expand Down
28 changes: 28 additions & 0 deletions primitives/application-crypto/src/bls381.rs
View file
Open in desktop
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

at some point, we were discussing adding bls(381), but hiding it behind a feature flag (not full_crypto, but a dedicated one to avoid production use). I may have missed some decisions/discussions in-between - you're now intentionally achieving the same by not implementing RuntimePublic?

Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
// This file is part of Substrate.

// Copyright (C) Parity Technologies (UK) Ltd.
// SPDX-License-Identifier: Apache-2.0

// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

//! BLS12-381 crypto applications.

pub use sp_core::bls::bls381::*;

mod app {
crate::app_crypto!(super, sp_core::testing::BLS381);
}

#[cfg(feature = "full_crypto")]
pub use app::Pair as AppPair;
pub use app::{Public as AppPublic, Signature as AppSignature};
1 change: 1 addition & 0 deletions primitives/application-crypto/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ pub use serde;
#[doc(hidden)]
pub use sp_std::{ops::Deref, vec::Vec};

pub mod bls381;
pub mod ecdsa;
pub mod ed25519;
pub mod sr25519;
Expand Down
4 changes: 4 additions & 0 deletions primitives/core/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ array-bytes = { version = "4.1", optional = true }
ed25519-zebra = { version = "3.1.0", default-features = false, optional = true }
blake2 = { version = "0.10.4", default-features = false, optional = true }
schnorrkel = { version = "0.9.1", features = ["preaudit_deprecated", "u64_backend"], default-features = false, optional = true }
bls-like = {git = "https://github.com/w3f/bls", default-features = false}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Imho, we should not depend upon the EngineBLS trait here. It's completely useless. It'll also cause issues for portability and maintenance.

Copy link
Member

@davxy davxy Mar 29, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bls crypto type within substrate has been defined to be generic.
This allowed to easily have both bls12-381 and bls12-377 with the minimum effort and code duplication.
To have such kind of generic we bounded the generic type to be an EngineBLS trait.
AFAIK is the only bound that allow us to do provide a generic implementation.
What you suggest as an alternative bound?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not imho use the bls-like crate in production. I started it as an experiment, and much has been added, but it was never cleaned up, so much of what is there no longer serves any purpose, and is generally a confusing poorly structured mess. https://github.com/w3f/ring-vrf/tree/master/nugget_bls was written to do exactly what beefy requires.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made this repo https://github.com/w3f/BCLS-BLS I'll start isolating the bls logic from nugget and bls-like to here and eventually relpace the backend.

Nonetheless I don't want this to become a blocker on this pull requset as, given that the output of the BLS-like matches the reference in the paper, BEEFY's integration is blocked on this, production ready BLS BEEFY is also blocked on apk proof adoption of BW6 on BLS12-381 and we are exposing no host functio.

Therefore, I don't think blocking the pull request due to some opinion about an abstraction in the backend is justified.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or just use nugget_bls after changing whatever needs changing? At minimum it helps consolidate our code which should be hardened for non-constant-time elliptic curves.

I've found an unrelated annoyance with merlin, so I'll do some ark_transcript crate based on shake128 btw.

hex = { version = "0.4", default-features = false, optional = true}
libsecp256k1 = { version = "0.7", default-features = false, features = ["static-context"], optional = true }
merlin = { version = "2.0", default-features = false, optional = true }
secp256k1 = { version = "0.24.0", default-features = false, features = ["recovery", "alloc"], optional = true }
Expand All @@ -58,6 +60,7 @@ rand = "0.8.5"
criterion = "0.4.0"
serde_json = "1.0"
sp-core-hashing-proc-macro = { version = "5.0.0", path = "./hashing/proc-macro" }
hex-literal = "0.3.4"

[[bench]]
name = "bench"
Expand Down Expand Up @@ -110,6 +113,7 @@ std = [
"futures/thread-pool",
"libsecp256k1/std",
"dyn-clonable",
"hex",
]

# This feature enables all crypto primitives for `no_std` builds like microcontrollers
Expand Down
Loading