diff --git a/app/app.go b/app/app.go index 11df096e3..0c1a96e62 100644 --- a/app/app.go +++ b/app/app.go @@ -55,8 +55,8 @@ import ( "github.com/obolnetwork/charon/core/validatorapi" "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil/beaconmock" ) @@ -98,7 +98,7 @@ type TestConfig struct { // LcastTransportFunc provides an in-memory leader cast transport. LcastTransportFunc func() leadercast.Transport // SimnetKeys provides private key shares for the simnet validatormock signer. - SimnetKeys []tblsv2.PrivateKey + SimnetKeys []tbls.PrivateKey // SimnetBMockOpts defines additional simnet beacon mock options. SimnetBMockOpts []beaconmock.Option // BroadcastCallback is called when a duty is completed and sent to the broadcast component. @@ -132,11 +132,11 @@ func Run(ctx context.Context, conf Config) (err error) { version.LogInfo(ctx, "Charon starting") - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) if !featureset.Enabled(featureset.HerumiBLS) { log.Info(ctx, "Enabling Kryptology BLS signature backend") - tblsv2.SetImplementation(tblsv2.Kryptology{}) + tbls.SetImplementation(tbls.Kryptology{}) } // Wire processes and their dependencies @@ -325,7 +325,7 @@ func wireCoreWorkflow(ctx context.Context, life *lifecycle.Manager, conf Config, corePubkeys []core.PubKey eth2Pubkeys []eth2p0.BLSPubKey pubshares []eth2p0.BLSPubKey - allPubSharesByKey = make(map[core.PubKey]map[int]tblsv2.PublicKey) // map[pubkey]map[shareIdx]pubshare + allPubSharesByKey = make(map[core.PubKey]map[int]tbls.PublicKey) // map[pubkey]map[shareIdx]pubshare feeRecipientAddrByCorePubkey = make(map[core.PubKey]string) ) for i, dv := range lock.Validators { @@ -339,9 +339,9 @@ func wireCoreWorkflow(ctx context.Context, life *lifecycle.Manager, conf Config, return err } - allPubShares := make(map[int]tblsv2.PublicKey) + allPubShares := make(map[int]tbls.PublicKey) for i, b := range dv.PubShares { - pubshare, err := tblsconv2.PubkeyFromBytes(b) + pubshare, err := tblsconv.PubkeyFromBytes(b) if err != nil { return err } diff --git a/cluster/distvalidator.go b/cluster/distvalidator.go index 848f7278d..703eae911 100644 --- a/cluster/distvalidator.go +++ b/cluster/distvalidator.go @@ -3,8 +3,8 @@ package cluster import ( - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) // DistValidator is a distributed validator (1x32ETH) managed by the cluster. @@ -21,8 +21,8 @@ type DistValidator struct { } // PublicKey returns the validator BLS group public key. -func (v DistValidator) PublicKey() (tblsv2.PublicKey, error) { - return tblsconv2.PubkeyFromBytes(v.PubKey) +func (v DistValidator) PublicKey() (tbls.PublicKey, error) { + return tblsconv.PubkeyFromBytes(v.PubKey) } // PublicKeyHex returns the validator hex group public key. @@ -31,8 +31,8 @@ func (v DistValidator) PublicKeyHex() string { } // PublicShare returns a peer's threshold BLS public share. -func (v DistValidator) PublicShare(peerIdx int) (tblsv2.PublicKey, error) { - return tblsconv2.PubkeyFromBytes(v.PubShares[peerIdx]) +func (v DistValidator) PublicShare(peerIdx int) (tbls.PublicKey, error) { + return tblsconv.PubkeyFromBytes(v.PubShares[peerIdx]) } // distValidatorJSONv1x1 is the json formatter of DistValidator for versions v1.0.0 and v1.1.0. diff --git a/cluster/helpers.go b/cluster/helpers.go index 155b40f02..2307389da 100644 --- a/cluster/helpers.go +++ b/cluster/helpers.go @@ -20,7 +20,7 @@ import ( "github.com/obolnetwork/charon/app/k1util" "github.com/obolnetwork/charon/app/z" "github.com/obolnetwork/charon/eth2util" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) // FetchDefinition fetches cluster definition file from a remote URI. @@ -107,11 +107,11 @@ func signOperator(secret *k1.PrivateKey, def Definition, operator Operator) (Ope } // aggSign returns a bls aggregate signatures of the message signed by all the shares. -func aggSign(secrets [][]tblsv2.PrivateKey, message []byte) ([]byte, error) { - var sigs []tblsv2.Signature +func aggSign(secrets [][]tbls.PrivateKey, message []byte) ([]byte, error) { + var sigs []tbls.Signature for _, shares := range secrets { for _, share := range shares { - sig, err := tblsv2.Sign(share, message) + sig, err := tbls.Sign(share, message) if err != nil { return nil, err } @@ -120,7 +120,7 @@ func aggSign(secrets [][]tblsv2.PrivateKey, message []byte) ([]byte, error) { } } - aggSig, err := tblsv2.Aggregate(sigs) + aggSig, err := tbls.Aggregate(sigs) if err != nil { return nil, errors.Wrap(err, "aggregate signatures") } diff --git a/cluster/helpers_internal_test.go b/cluster/helpers_internal_test.go index 0ba13f5c0..1cce61e38 100644 --- a/cluster/helpers_internal_test.go +++ b/cluster/helpers_internal_test.go @@ -16,12 +16,12 @@ import ( "github.com/obolnetwork/charon/app/k1util" "github.com/obolnetwork/charon/eth2util" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } diff --git a/cluster/lock.go b/cluster/lock.go index 3bb1543ce..8779b6f35 100644 --- a/cluster/lock.go +++ b/cluster/lock.go @@ -8,8 +8,8 @@ import ( "github.com/obolnetwork/charon/app/errors" "github.com/obolnetwork/charon/app/z" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) // Lock extends the cluster config Definition with bls threshold public keys and checksums. @@ -139,15 +139,15 @@ func (l Lock) VerifySignatures() error { return errors.New("empty lock aggregate signature") } - sig, err := tblsconv2.SignatureFromBytes(l.SignatureAggregate) + sig, err := tblsconv.SignatureFromBytes(l.SignatureAggregate) if err != nil { return err } - var pubkeys []tblsv2.PublicKey + var pubkeys []tbls.PublicKey for _, val := range l.Validators { for _, share := range val.PubShares { - pubkey, err := tblsconv2.PubkeyFromBytes(share) + pubkey, err := tblsconv.PubkeyFromBytes(share) if err != nil { return err } @@ -160,7 +160,7 @@ func (l Lock) VerifySignatures() error { return err } - err = tblsv2.VerifyAggregate(pubkeys, sig, hash[:]) + err = tbls.VerifyAggregate(pubkeys, sig, hash[:]) if err != nil { return errors.Wrap(err, "verify lock signature aggregate") } diff --git a/cluster/test_cluster.go b/cluster/test_cluster.go index b3c3174d7..934f1a986 100644 --- a/cluster/test_cluster.go +++ b/cluster/test_cluster.go @@ -13,7 +13,7 @@ import ( "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/enr" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" ) @@ -21,14 +21,14 @@ import ( // It also returns the peer p2p keys and BLS secret shares. If the seed is zero a random cluster on available loopback // ports is generated, else a deterministic cluster is generated. // Note this is not defined in testutil since it is tightly coupled with the cluster package. -func NewForT(t *testing.T, dv, k, n, seed int, opts ...func(*Definition)) (Lock, []*k1.PrivateKey, [][]tblsv2.PrivateKey) { +func NewForT(t *testing.T, dv, k, n, seed int, opts ...func(*Definition)) (Lock, []*k1.PrivateKey, [][]tbls.PrivateKey) { t.Helper() var ( vals []DistValidator p2pKeys []*k1.PrivateKey ops []Operator - dvShares [][]tblsv2.PrivateKey + dvShares [][]tbls.PrivateKey ) random := io.Reader(rand.New(rand.NewSource(int64(seed)))) //nolint:gosec // Explicit use of weak random generator for determinism. @@ -39,21 +39,21 @@ func NewForT(t *testing.T, dv, k, n, seed int, opts ...func(*Definition)) (Lock, } for i := 0; i < dv; i++ { - rootSecret, err := tblsv2.GenerateSecretKey() + rootSecret, err := tbls.GenerateSecretKey() require.NoError(t, err) - rootPublic, err := tblsv2.SecretToPublicKey(rootSecret) + rootPublic, err := tbls.SecretToPublicKey(rootSecret) require.NoError(t, err) - shares, err := tblsv2.ThresholdSplit(rootSecret, uint(n), uint(k)) + shares, err := tbls.ThresholdSplit(rootSecret, uint(n), uint(k)) require.NoError(t, err) var pubshares [][]byte - var privshares []tblsv2.PrivateKey + var privshares []tbls.PrivateKey for i := 0; i < n; i++ { sharePrivkey := shares[i+1] // Share indexes are 1-indexed. - sharePub, err := tblsv2.SecretToPublicKey(sharePrivkey) + sharePub, err := tbls.SecretToPublicKey(sharePrivkey) require.NoError(t, err) pubshares = append(pubshares, sharePub[:]) diff --git a/cmd/combine/combine.go b/cmd/combine/combine.go index 09af62158..3dad61a28 100644 --- a/cmd/combine/combine.go +++ b/cmd/combine/combine.go @@ -17,7 +17,7 @@ import ( "github.com/obolnetwork/charon/app/z" "github.com/obolnetwork/charon/cluster" "github.com/obolnetwork/charon/eth2util/keystore" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) // Combine combines validator keys contained in inputDir, and writes the original BLS12-381 private keys. @@ -63,7 +63,7 @@ func Combine(ctx context.Context, inputDir, outputDir string, force bool, opts . return errors.Wrap(err, "cannot open lock file") } - privkeys := make(map[int][]tblsv2.PrivateKey) + privkeys := make(map[int][]tbls.PrivateKey) for _, pkp := range possibleKeyPaths { secrets, err := keystore.LoadKeys(pkp) @@ -76,7 +76,7 @@ func Combine(ctx context.Context, inputDir, outputDir string, force bool, opts . } } - var combinedKeys []tblsv2.PrivateKey + var combinedKeys []tbls.PrivateKey for idx, pkSet := range privkeys { log.Info(ctx, "Recombining key share", z.Int("validator_number", idx)) @@ -89,7 +89,7 @@ func Combine(ctx context.Context, inputDir, outputDir string, force bool, opts . return errors.New("insufficient number of keys", z.Int("validator_number", idx)) } - secret, err := tblsv2.RecoverSecret(shares, uint(len(lock.Operators)), uint(lock.Threshold)) + secret, err := tbls.RecoverSecret(shares, uint(len(lock.Operators)), uint(lock.Threshold)) if err != nil { return errors.Wrap(err, "cannot recover shares", z.Int("validator_number", idx)) } @@ -102,7 +102,7 @@ func Combine(ctx context.Context, inputDir, outputDir string, force bool, opts . return errors.Wrap(err, "public key for validator from lockfile", z.Int("validator_number", idx)) } - genPubkey, err := tblsv2.SecretToPublicKey(secret) + genPubkey, err := tbls.SecretToPublicKey(secret) if err != nil { return errors.Wrap(err, "public key for validator from generated secret", z.Int("validator_number", idx)) } @@ -127,12 +127,12 @@ func Combine(ctx context.Context, inputDir, outputDir string, force bool, opts . return nil } -func secretsToShares(lock cluster.Lock, secrets []tblsv2.PrivateKey) (map[int]tblsv2.PrivateKey, error) { +func secretsToShares(lock cluster.Lock, secrets []tbls.PrivateKey) (map[int]tbls.PrivateKey, error) { n := len(lock.Operators) - resp := make(map[int]tblsv2.PrivateKey) + resp := make(map[int]tbls.PrivateKey) for idx, secret := range secrets { - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) if err != nil { return nil, errors.Wrap(err, "pubkey from share") } @@ -171,14 +171,14 @@ func secretsToShares(lock cluster.Lock, secrets []tblsv2.PrivateKey) (map[int]tb // WithInsecureKeysForT is a functional option for Combine that will use the insecure keystore.StoreKeysInsecure function. func WithInsecureKeysForT(*testing.T) func(*options) { return func(o *options) { - o.keyStoreFunc = func(secrets []tblsv2.PrivateKey, dir string) error { + o.keyStoreFunc = func(secrets []tbls.PrivateKey, dir string) error { return keystore.StoreKeysInsecure(secrets, dir, keystore.ConfirmInsecureKeys) } } } type options struct { - keyStoreFunc func(secrets []tblsv2.PrivateKey, dir string) error + keyStoreFunc func(secrets []tbls.PrivateKey, dir string) error } // loadLockfile loads a lockfile from one of the charon directories contained in dir. diff --git a/cmd/combine/combine_test.go b/cmd/combine/combine_test.go index 5e34e1d0e..c509e6b74 100644 --- a/cmd/combine/combine_test.go +++ b/cmd/combine/combine_test.go @@ -15,11 +15,11 @@ import ( "github.com/obolnetwork/charon/cluster" "github.com/obolnetwork/charon/cmd/combine" "github.com/obolnetwork/charon/eth2util/keystore" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } @@ -36,7 +36,7 @@ func TestCombineCannotLoadKeystore(t *testing.T) { for _, share := range shares { share := share - sm := make(map[int]tblsv2.PrivateKey) + sm := make(map[int]tbls.PrivateKey) for idx, shareObj := range share { shareObj := shareObj sm[idx+1] = shareObj @@ -47,14 +47,14 @@ func TestCombineCannotLoadKeystore(t *testing.T) { od := t.TempDir() // flatten secrets, each validator slice is unpacked in a flat structure - var rawSecrets []tblsv2.PrivateKey + var rawSecrets []tbls.PrivateKey for _, s := range shares { rawSecrets = append(rawSecrets, s...) } // for each ENR, create a slice of keys to hold // each set will be len(lock.Definition.Operators) - secrets := make([][]tblsv2.PrivateKey, len(lock.Definition.Operators)) + secrets := make([][]tbls.PrivateKey, len(lock.Definition.Operators)) // populate key sets for enrIdx := 0; enrIdx < len(lock.Definition.Operators); enrIdx++ { @@ -100,16 +100,16 @@ func TestCombine(t *testing.T) { for _, share := range shares { share := share - sm := make(map[int]tblsv2.PrivateKey) + sm := make(map[int]tbls.PrivateKey) for idx, shareObj := range share { shareObj := shareObj sm[idx+1] = shareObj } - complSecret, err := tblsv2.RecoverSecret(sm, 4, 3) + complSecret, err := tbls.RecoverSecret(sm, 4, 3) require.NoError(t, err) - complPubkey, err := tblsv2.SecretToPublicKey(complSecret) + complPubkey, err := tbls.SecretToPublicKey(complSecret) require.NoError(t, err) expectedData = append(expectedData, expected{ @@ -122,14 +122,14 @@ func TestCombine(t *testing.T) { od := t.TempDir() // flatten secrets, each validator slice is unpacked in a flat structure - var rawSecrets []tblsv2.PrivateKey + var rawSecrets []tbls.PrivateKey for _, s := range shares { rawSecrets = append(rawSecrets, s...) } // for each ENR, create a slice of keys to hold // each set will be len(lock.Definition.Operators) - secrets := make([][]tblsv2.PrivateKey, len(lock.Definition.Operators)) + secrets := make([][]tbls.PrivateKey, len(lock.Definition.Operators)) // populate key sets for enrIdx := 0; enrIdx < len(lock.Definition.Operators); enrIdx++ { @@ -163,7 +163,7 @@ func TestCombine(t *testing.T) { keysMap := make(map[string]string) for _, key := range keys { - pk, err := tblsv2.SecretToPublicKey(key) + pk, err := tbls.SecretToPublicKey(key) require.NoError(t, err) keysMap[fmt.Sprintf("%#x", pk)] = fmt.Sprintf("%#x", key) @@ -191,16 +191,16 @@ func TestCombineTwiceWithoutForceFails(t *testing.T) { for _, share := range shares { share := share - sm := make(map[int]tblsv2.PrivateKey) + sm := make(map[int]tbls.PrivateKey) for idx, shareObj := range share { shareObj := shareObj sm[idx+1] = shareObj } - complSecret, err := tblsv2.RecoverSecret(sm, 4, 3) + complSecret, err := tbls.RecoverSecret(sm, 4, 3) require.NoError(t, err) - complPubkey, err := tblsv2.SecretToPublicKey(complSecret) + complPubkey, err := tbls.SecretToPublicKey(complSecret) require.NoError(t, err) expectedData = append(expectedData, expected{ @@ -213,14 +213,14 @@ func TestCombineTwiceWithoutForceFails(t *testing.T) { od := t.TempDir() // flatten secrets, each validator slice is unpacked in a flat structure - var rawSecrets []tblsv2.PrivateKey + var rawSecrets []tbls.PrivateKey for _, s := range shares { rawSecrets = append(rawSecrets, s...) } // for each ENR, create a slice of keys to hold // each set will be len(lock.Definition.Operators) - secrets := make([][]tblsv2.PrivateKey, len(lock.Definition.Operators)) + secrets := make([][]tbls.PrivateKey, len(lock.Definition.Operators)) // populate key sets for enrIdx := 0; enrIdx < len(lock.Definition.Operators); enrIdx++ { @@ -257,7 +257,7 @@ func TestCombineTwiceWithoutForceFails(t *testing.T) { keysMap := make(map[string]string) for _, key := range keys { - pk, err := tblsv2.SecretToPublicKey(key) + pk, err := tbls.SecretToPublicKey(key) require.NoError(t, err) keysMap[fmt.Sprintf("%#x", pk)] = fmt.Sprintf("%#x", key) diff --git a/cmd/createcluster.go b/cmd/createcluster.go index 6f777c6e0..5f55ef673 100644 --- a/cmd/createcluster.go +++ b/cmd/createcluster.go @@ -31,8 +31,8 @@ import ( "github.com/obolnetwork/charon/eth2util/keymanager" "github.com/obolnetwork/charon/eth2util/keystore" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) const ( @@ -280,7 +280,7 @@ func runCreateCluster(ctx context.Context, w io.Writer, conf clusterConfig) erro } // signDepositDatas returns Distributed Validator pubkeys and deposit data signatures corresponding to each pubkey. -func signDepositDatas(secrets []tblsv2.PrivateKey, withdrawalAddresses []string, network string) ([]eth2p0.DepositData, error) { +func signDepositDatas(secrets []tbls.PrivateKey, withdrawalAddresses []string, network string) ([]eth2p0.DepositData, error) { if len(secrets) != len(withdrawalAddresses) { return nil, errors.New("insufficient withdrawal addresses") } @@ -292,7 +292,7 @@ func signDepositDatas(secrets []tblsv2.PrivateKey, withdrawalAddresses []string, return nil, err } - pk, err := tblsv2.SecretToPublicKey(secret) + pk, err := tbls.SecretToPublicKey(secret) if err != nil { return nil, errors.Wrap(err, "secret to pubkey") } @@ -307,7 +307,7 @@ func signDepositDatas(secrets []tblsv2.PrivateKey, withdrawalAddresses []string, return nil, err } - sig, err := tblsv2.Sign(secret, sigRoot[:]) + sig, err := tbls.Sign(secret, sigRoot[:]) if err != nil { return nil, err } @@ -316,7 +316,7 @@ func signDepositDatas(secrets []tblsv2.PrivateKey, withdrawalAddresses []string, PublicKey: msg.PublicKey, WithdrawalCredentials: msg.WithdrawalCredentials, Amount: msg.Amount, - Signature: tblsconv2.SigToETH2(sig), + Signature: tblsconv.SigToETH2(sig), }) } @@ -324,26 +324,26 @@ func signDepositDatas(secrets []tblsv2.PrivateKey, withdrawalAddresses []string, } // getTSSShares splits the secrets and returns the threshold key shares. -func getTSSShares(secrets []tblsv2.PrivateKey, threshold, numNodes int) ([]tblsv2.PublicKey, [][]tblsv2.PrivateKey, error) { +func getTSSShares(secrets []tbls.PrivateKey, threshold, numNodes int) ([]tbls.PublicKey, [][]tbls.PrivateKey, error) { var ( - dvs []tblsv2.PublicKey - splits [][]tblsv2.PrivateKey + dvs []tbls.PublicKey + splits [][]tbls.PrivateKey ) for _, secret := range secrets { - shares, err := tblsv2.ThresholdSplit(secret, uint(numNodes), uint(threshold)) + shares, err := tbls.ThresholdSplit(secret, uint(numNodes), uint(threshold)) if err != nil { return nil, nil, err } // preserve order when transforming from map of private shares to array of private keys - secretSet := make([]tblsv2.PrivateKey, len(shares)) + secretSet := make([]tbls.PrivateKey, len(shares)) for i := 1; i <= len(shares); i++ { secretSet[i-1] = shares[i] } splits = append(splits, secretSet) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) if err != nil { return nil, nil, err } @@ -368,7 +368,7 @@ func writeWarning(w io.Writer) { } // getKeys fetches secret keys for each distributed validator. -func getKeys(splitKeys bool, splitKeysDir string, numDVs int) ([]tblsv2.PrivateKey, error) { +func getKeys(splitKeys bool, splitKeysDir string, numDVs int) ([]tbls.PrivateKey, error) { if splitKeys { if splitKeysDir == "" { return nil, errors.New("--split-keys-dir required when splitting keys") @@ -377,9 +377,9 @@ func getKeys(splitKeys bool, splitKeysDir string, numDVs int) ([]tblsv2.PrivateK return keystore.LoadKeys(splitKeysDir) } - var secrets []tblsv2.PrivateKey + var secrets []tbls.PrivateKey for i := 0; i < numDVs; i++ { - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() if err != nil { return nil, err } @@ -391,7 +391,7 @@ func getKeys(splitKeys bool, splitKeysDir string, numDVs int) ([]tblsv2.PrivateK } // createDepositDatas creates a slice of deposit datas using the provided parameters and returns it. -func createDepositDatas(withdrawalAddresses []string, network string, secrets []tblsv2.PrivateKey) ([]eth2p0.DepositData, error) { +func createDepositDatas(withdrawalAddresses []string, network string, secrets []tbls.PrivateKey) ([]eth2p0.DepositData, error) { if len(secrets) != len(withdrawalAddresses) { return nil, errors.New("insufficient withdrawal addresses") } @@ -438,14 +438,14 @@ func writeLock(lock cluster.Lock, clusterDir string, numNodes int) error { // getValidators returns distributed validators from the provided dv public keys and keyshares. // It creates new peers from the provided config and saves validator keys to disk for each peer. -func getValidators(dvsPubkeys []tblsv2.PublicKey, dvPrivShares [][]tblsv2.PrivateKey, depositDatas []eth2p0.DepositData) ([]cluster.DistValidator, error) { +func getValidators(dvsPubkeys []tbls.PublicKey, dvPrivShares [][]tbls.PrivateKey, depositDatas []eth2p0.DepositData) ([]cluster.DistValidator, error) { var vals []cluster.DistValidator for idx, dv := range dvsPubkeys { dv := dv privShares := dvPrivShares[idx] var pubshares [][]byte for _, ps := range privShares { - pubk, err := tblsv2.SecretToPublicKey(ps) + pubk, err := tbls.SecretToPublicKey(ps) if err != nil { return nil, errors.Wrap(err, "public key generation") } @@ -482,7 +482,7 @@ func getValidators(dvsPubkeys []tblsv2.PublicKey, dvPrivShares [][]tblsv2.Privat } // writeKeysToKeymanager writes validator keys to the provided keymanager addresses. -func writeKeysToKeymanager(ctx context.Context, conf clusterConfig, numNodes int, shareSets [][]tblsv2.PrivateKey) error { +func writeKeysToKeymanager(ctx context.Context, conf clusterConfig, numNodes int, shareSets [][]tbls.PrivateKey) error { // Ping all keymanager addresses to check if they are accessible to avoid partial writes var clients []keymanager.Client for i := 0; i < numNodes; i++ { @@ -532,9 +532,9 @@ func writeKeysToKeymanager(ctx context.Context, conf clusterConfig, numNodes int } // writeKeysToDisk writes validator keyshares to disk. It assumes that the directory for each node already exists. -func writeKeysToDisk(numNodes int, clusterDir string, insecureKeys bool, shareSets [][]tblsv2.PrivateKey) error { +func writeKeysToDisk(numNodes int, clusterDir string, insecureKeys bool, shareSets [][]tbls.PrivateKey) error { for i := 0; i < numNodes; i++ { - var secrets []tblsv2.PrivateKey + var secrets []tbls.PrivateKey for _, shares := range shareSets { secrets = append(secrets, shares[i]) } @@ -682,11 +682,11 @@ func validateDef(ctx context.Context, insecureKeys bool, keymanagerAddrs []strin } // aggSign returns a bls aggregate signatures of the message signed by all the shares. -func aggSign(secrets [][]tblsv2.PrivateKey, message []byte) ([]byte, error) { - var sigs []tblsv2.Signature +func aggSign(secrets [][]tbls.PrivateKey, message []byte) ([]byte, error) { + var sigs []tbls.Signature for _, shares := range secrets { for _, share := range shares { - sig, err := tblsv2.Sign(share, message) + sig, err := tbls.Sign(share, message) if err != nil { return nil, err } @@ -694,7 +694,7 @@ func aggSign(secrets [][]tblsv2.PrivateKey, message []byte) ([]byte, error) { } } - aggSig, err := tblsv2.Aggregate(sigs) + aggSig, err := tbls.Aggregate(sigs) if err != nil { return nil, errors.Wrap(err, "aggregate signatures") } diff --git a/cmd/createcluster_internal_test.go b/cmd/createcluster_internal_test.go index 6530a0ae8..cf6a55358 100644 --- a/cmd/createcluster_internal_test.go +++ b/cmd/createcluster_internal_test.go @@ -23,15 +23,15 @@ import ( "github.com/obolnetwork/charon/cluster" "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/keystore" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil" ) //go:generate go test . -run=TestCreateCluster -update -clean func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } @@ -76,12 +76,12 @@ func TestCreateCluster(t *testing.T) { keyDir := t.TempDir() - secret1, err := tblsv2.GenerateSecretKey() + secret1, err := tbls.GenerateSecretKey() require.NoError(t, err) - secret2, err := tblsv2.GenerateSecretKey() + secret2, err := tbls.GenerateSecretKey() require.NoError(t, err) - err = keystore.StoreKeysInsecure([]tblsv2.PrivateKey{secret1, secret2}, keyDir, keystore.ConfirmInsecureKeys) + err = keystore.StoreKeysInsecure([]tbls.PrivateKey{secret1, secret2}, keyDir, keystore.ConfirmInsecureKeys) require.NoError(t, err) config.SplitKeysDir = keyDir @@ -341,9 +341,9 @@ func TestSplitKeys(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - var keys []tblsv2.PrivateKey + var keys []tbls.PrivateKey for i := 0; i < test.numSplitKeys; i++ { - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) keys = append(keys, secret) @@ -422,12 +422,12 @@ func TestKeymanager(t *testing.T) { const testAuthToken = "api-token-test" // Create secret - secret1, err := tblsv2.GenerateSecretKey() + secret1, err := tbls.GenerateSecretKey() require.NoError(t, err) // Store secret keyDir := t.TempDir() - err = keystore.StoreKeysInsecure([]tblsv2.PrivateKey{secret1}, keyDir, keystore.ConfirmInsecureKeys) + err = keystore.StoreKeysInsecure([]tbls.PrivateKey{secret1}, keyDir, keystore.ConfirmInsecureKeys) require.NoError(t, err) // Create minNodes test servers @@ -476,14 +476,14 @@ func TestKeymanager(t *testing.T) { require.NoError(t, err) // Receive secret shares from all keymanager servers - shares := make(map[int]tblsv2.PrivateKey) + shares := make(map[int]tbls.PrivateKey) for len(shares) < minNodes { res := <-results shares[res.id+1] = res.secret } // Combine the shares and test equality with original share - csb, err := tblsv2.RecoverSecret(shares, minNodes, 3) + csb, err := tbls.RecoverSecret(shares, minNodes, 3) require.NoError(t, err) require.EqualValues(t, secret1, csb) @@ -561,21 +561,21 @@ type mockKeymanagerReq struct { } // decrypt returns the secret from the encrypted keystore. -func decrypt(t *testing.T, store keystore.Keystore, password string) (tblsv2.PrivateKey, error) { +func decrypt(t *testing.T, store keystore.Keystore, password string) (tbls.PrivateKey, error) { t.Helper() decryptor := keystorev4.New() secretBytes, err := decryptor.Decrypt(store.Crypto, password) require.NoError(t, err) - return tblsconv2.PrivkeyFromBytes(secretBytes) + return tblsconv.PrivkeyFromBytes(secretBytes) } // result is a struct for receiving secrets along with their id. // This is needed as tbls.CombineShares needs shares in the correct (original) order. type result struct { id int - secret tblsv2.PrivateKey + secret tbls.PrivateKey } // newKeymanagerHandler returns http handler for a test keymanager API server. diff --git a/core/consensus/component_test.go b/core/consensus/component_test.go index 038aa1077..ca1bf9b8b 100644 --- a/core/consensus/component_test.go +++ b/core/consensus/component_test.go @@ -24,12 +24,12 @@ import ( pbv1 "github.com/obolnetwork/charon/core/corepb/v1" "github.com/obolnetwork/charon/eth2util/enr" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } diff --git a/core/eth2signeddata.go b/core/eth2signeddata.go index b5ba30862..5309ad777 100644 --- a/core/eth2signeddata.go +++ b/core/eth2signeddata.go @@ -10,7 +10,7 @@ import ( "github.com/obolnetwork/charon/app/eth2wrap" "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/signing" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) var ( @@ -28,7 +28,7 @@ var ( ) // VerifyEth2SignedData verifies signature associated with given Eth2SignedData. -func VerifyEth2SignedData(ctx context.Context, eth2Cl eth2wrap.Client, data Eth2SignedData, pubkey tblsv2.PublicKey) error { +func VerifyEth2SignedData(ctx context.Context, eth2Cl eth2wrap.Client, data Eth2SignedData, pubkey tbls.PublicKey) error { epoch, err := data.Epoch(ctx, eth2Cl) if err != nil { return err diff --git a/core/eth2signeddata_test.go b/core/eth2signeddata_test.go index fb8118779..324afcea0 100644 --- a/core/eth2signeddata_test.go +++ b/core/eth2signeddata_test.go @@ -12,14 +12,14 @@ import ( "github.com/obolnetwork/charon/core" "github.com/obolnetwork/charon/eth2util/signing" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil" "github.com/obolnetwork/charon/testutil/beaconmock" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } @@ -117,17 +117,17 @@ func TestVerifyEth2SignedData(t *testing.T) { } } -func sign(t *testing.T, data []byte) (core.Signature, tblsv2.PublicKey) { +func sign(t *testing.T, data []byte) (core.Signature, tbls.PublicKey) { t.Helper() - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pk, err := tblsv2.SecretToPublicKey(secret) + pk, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) - sig, err := tblsv2.Sign(secret, data) + sig, err := tbls.Sign(secret, data) require.NoError(t, err) - return tblsconv2.SigToCore(sig), pk + return tblsconv.SigToCore(sig), pk } diff --git a/core/parsigex/parsigex.go b/core/parsigex/parsigex.go index 528bde5ae..fceb4c4ca 100644 --- a/core/parsigex/parsigex.go +++ b/core/parsigex/parsigex.go @@ -17,7 +17,7 @@ import ( "github.com/obolnetwork/charon/core" pbv1 "github.com/obolnetwork/charon/core/corepb/v1" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) const ( @@ -126,7 +126,7 @@ func (m *ParSigEx) Subscribe(fn func(context.Context, core.Duty, core.ParSignedD } // NewEth2Verifier returns a partial signature verification function for core workflow eth2 signatures. -func NewEth2Verifier(eth2Cl eth2wrap.Client, pubSharesByKey map[core.PubKey]map[int]tblsv2.PublicKey) (func(context.Context, core.Duty, core.PubKey, core.ParSignedData) error, error) { +func NewEth2Verifier(eth2Cl eth2wrap.Client, pubSharesByKey map[core.PubKey]map[int]tbls.PublicKey) (func(context.Context, core.Duty, core.PubKey, core.ParSignedData) error, error) { return func(ctx context.Context, duty core.Duty, pubkey core.PubKey, data core.ParSignedData) error { pubshares, ok := pubSharesByKey[pubkey] if !ok { diff --git a/core/parsigex/parsigex_test.go b/core/parsigex/parsigex_test.go index d4b1d2ff5..a67daa2e5 100644 --- a/core/parsigex/parsigex_test.go +++ b/core/parsigex/parsigex_test.go @@ -20,13 +20,13 @@ import ( "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/signing" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" "github.com/obolnetwork/charon/testutil/beaconmock" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } @@ -122,14 +122,14 @@ func TestParSigExVerifier(t *testing.T) { epoch := eth2p0.Epoch(uint64(slot) / slotsPerEpoch) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pk, err := tblsv2.SecretToPublicKey(secret) + pk, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) sign := func(msg []byte) eth2p0.BLSSignature { - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) return eth2p0.BLSSignature(sig) @@ -138,7 +138,7 @@ func TestParSigExVerifier(t *testing.T) { pubkey, err := core.PubKeyFromBytes(pk[:]) require.NoError(t, err) - mp := map[core.PubKey]map[int]tblsv2.PublicKey{ + mp := map[core.PubKey]map[int]tbls.PublicKey{ pubkey: { shareIdx: pk, }, diff --git a/core/sigagg/sigagg.go b/core/sigagg/sigagg.go index 8f9d22d28..ac2ab8afc 100644 --- a/core/sigagg/sigagg.go +++ b/core/sigagg/sigagg.go @@ -14,8 +14,8 @@ import ( "github.com/obolnetwork/charon/app/tracer" "github.com/obolnetwork/charon/app/z" "github.com/obolnetwork/charon/core" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) // New returns a new aggregator instance. @@ -46,9 +46,9 @@ func (a *Aggregator) Aggregate(ctx context.Context, duty core.Duty, pubkey core. } // Get all partial signatures. - blsSigs := make(map[int]tblsv2.Signature) + blsSigs := make(map[int]tbls.Signature) for _, parSig := range parSigs { - sig, err := tblsconv2.SigFromCore(parSig.Signature()) + sig, err := tblsconv.SigFromCore(parSig.Signature()) if err != nil { return errors.Wrap(err, "signature from core") } @@ -61,14 +61,14 @@ func (a *Aggregator) Aggregate(ctx context.Context, duty core.Duty, pubkey core. // Aggregate signatures _, span := tracer.Start(ctx, "tbls.Aggregate") - sig, err := tblsv2.ThresholdAggregate(blsSigs) + sig, err := tbls.ThresholdAggregate(blsSigs) span.End() if err != nil { return err } // Inject signature into one of the parSigs resulting in aggregate signed data. - aggSig, err := parSigs[0].SetSignature(tblsconv2.SigToCore(sig)) + aggSig, err := parSigs[0].SetSignature(tblsconv.SigToCore(sig)) if err != nil { return err } diff --git a/core/sigagg/sigagg_test.go b/core/sigagg/sigagg_test.go index 657d39b7d..9f7c6896e 100644 --- a/core/sigagg/sigagg_test.go +++ b/core/sigagg/sigagg_test.go @@ -20,13 +20,13 @@ import ( "github.com/obolnetwork/charon/core" "github.com/obolnetwork/charon/core/sigagg" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) code := m.Run() os.Exit(code) } @@ -68,28 +68,28 @@ func TestSigAgg_DutyAttester(t *testing.T) { require.NoError(t, err) // Generate private shares - secretKey, err := tblsv2.GenerateSecretKey() + secretKey, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubKey, err := tblsv2.SecretToPublicKey(secretKey) + pubKey, err := tbls.SecretToPublicKey(secretKey) require.NoError(t, err) - secrets, err := tblsv2.ThresholdSplit(secretKey, peers, threshold) + secrets, err := tbls.ThresholdSplit(secretKey, peers, threshold) require.NoError(t, err) // Create partial signatures (in two formats) var ( parsigs []core.ParSignedData - psigs map[int]tblsv2.Signature + psigs map[int]tbls.Signature ) - psigs = make(map[int]tblsv2.Signature) + psigs = make(map[int]tbls.Signature) for idx, secret := range secrets { - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) - att.Signature = tblsconv2.SigToETH2(sig) + att.Signature = tblsconv.SigToETH2(sig) parsig := core.NewPartialAttestation(att, idx) psigs[idx] = sig @@ -97,19 +97,19 @@ func TestSigAgg_DutyAttester(t *testing.T) { } // Create expected aggregated signature - aggSig, err := tblsv2.ThresholdAggregate(psigs) + aggSig, err := tbls.ThresholdAggregate(psigs) require.NoError(t, err) - expect := tblsconv2.SigToCore(aggSig) + expect := tblsconv.SigToCore(aggSig) agg := sigagg.New(threshold) // Assert output agg.Subscribe(func(_ context.Context, _ core.Duty, _ core.PubKey, aggData core.SignedData) error { require.Equal(t, expect, aggData.Signature()) - sig, err := tblsconv2.SigFromCore(aggData.Signature()) + sig, err := tblsconv.SigFromCore(aggData.Signature()) require.NoError(t, err) - require.NoError(t, tblsv2.Verify(pubKey, msg, sig)) + require.NoError(t, tbls.Verify(pubKey, msg, sig)) require.NoError(t, err) return nil @@ -132,28 +132,28 @@ func TestSigAgg_DutyRandao(t *testing.T) { msg := []byte("RANDAO reveal") // Generate private shares - secretKey, err := tblsv2.GenerateSecretKey() + secretKey, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubKey, err := tblsv2.SecretToPublicKey(secretKey) + pubKey, err := tbls.SecretToPublicKey(secretKey) require.NoError(t, err) - secrets, err := tblsv2.ThresholdSplit(secretKey, peers, threshold) + secrets, err := tbls.ThresholdSplit(secretKey, peers, threshold) require.NoError(t, err) // Create partial signatures (in two formats) var ( parsigs []core.ParSignedData - psigs map[int]tblsv2.Signature + psigs map[int]tbls.Signature ) - psigs = make(map[int]tblsv2.Signature) + psigs = make(map[int]tbls.Signature) for idx, secret := range secrets { - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) - eth2Sig := tblsconv2.SigToETH2(sig) + eth2Sig := tblsconv.SigToETH2(sig) parsig := core.NewPartialSignedRandao(epoch, eth2Sig, idx) psigs[idx] = sig @@ -161,19 +161,19 @@ func TestSigAgg_DutyRandao(t *testing.T) { } // Create expected aggregated signature - aggSig, err := tblsv2.ThresholdAggregate(psigs) + aggSig, err := tbls.ThresholdAggregate(psigs) require.NoError(t, err) - expect := tblsconv2.SigToCore(aggSig) + expect := tblsconv.SigToCore(aggSig) agg := sigagg.New(threshold) // Assert output agg.Subscribe(func(_ context.Context, _ core.Duty, _ core.PubKey, aggData core.SignedData) error { require.Equal(t, expect, aggData.Signature()) - sig, err := tblsconv2.SigFromCore(aggData.Signature()) + sig, err := tblsconv.SigFromCore(aggData.Signature()) require.NoError(t, err) - require.NoError(t, tblsv2.Verify(pubKey, msg, sig)) + require.NoError(t, tbls.Verify(pubKey, msg, sig)) require.NoError(t, err) return nil @@ -193,13 +193,13 @@ func TestSigAgg_DutyExit(t *testing.T) { ) // Generate private shares - secretKey, err := tblsv2.GenerateSecretKey() + secretKey, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubKey, err := tblsv2.SecretToPublicKey(secretKey) + pubKey, err := tbls.SecretToPublicKey(secretKey) require.NoError(t, err) - secrets, err := tblsv2.ThresholdSplit(secretKey, peers, threshold) + secrets, err := tbls.ThresholdSplit(secretKey, peers, threshold) require.NoError(t, err) exit := testutil.RandomExit() @@ -209,17 +209,17 @@ func TestSigAgg_DutyExit(t *testing.T) { // Create partial signatures (in two formats) var ( parsigs []core.ParSignedData - psigs map[int]tblsv2.Signature + psigs map[int]tbls.Signature ) - psigs = make(map[int]tblsv2.Signature) + psigs = make(map[int]tbls.Signature) for idx, secret := range secrets { // Ignoring domain for this test - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) - eth2Sig := tblsconv2.SigToETH2(sig) + eth2Sig := tblsconv.SigToETH2(sig) parsig := core.NewPartialSignedVoluntaryExit(ð2p0.SignedVoluntaryExit{ Message: exit.Message, Signature: eth2Sig, @@ -229,19 +229,19 @@ func TestSigAgg_DutyExit(t *testing.T) { parsigs = append(parsigs, parsig) } - aggSig, err := tblsv2.ThresholdAggregate(psigs) + aggSig, err := tbls.ThresholdAggregate(psigs) require.NoError(t, err) - expect := tblsconv2.SigToCore(aggSig) + expect := tblsconv.SigToCore(aggSig) agg := sigagg.New(threshold) // Assert output agg.Subscribe(func(_ context.Context, _ core.Duty, _ core.PubKey, aggData core.SignedData) error { require.Equal(t, expect, aggData.Signature()) - sig, err := tblsconv2.SigFromCore(aggData.Signature()) + sig, err := tblsconv.SigFromCore(aggData.Signature()) require.NoError(t, err) - require.NoError(t, tblsv2.Verify(pubKey, msg, sig)) + require.NoError(t, tbls.Verify(pubKey, msg, sig)) require.NoError(t, err) return nil @@ -261,13 +261,13 @@ func TestSigAgg_DutyProposer(t *testing.T) { ) // Generate private shares - secretKey, err := tblsv2.GenerateSecretKey() + secretKey, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubKey, err := tblsv2.SecretToPublicKey(secretKey) + pubKey, err := tbls.SecretToPublicKey(secretKey) require.NoError(t, err) - secrets, err := tblsv2.ThresholdSplit(secretKey, peers, threshold) + secrets, err := tbls.ThresholdSplit(secretKey, peers, threshold) require.NoError(t, err) tests := []struct { @@ -325,23 +325,23 @@ func TestSigAgg_DutyProposer(t *testing.T) { // Create partial signatures (in two formats) var ( parsigs []core.ParSignedData - psigs map[int]tblsv2.Signature + psigs map[int]tbls.Signature ) - psigs = make(map[int]tblsv2.Signature) + psigs = make(map[int]tbls.Signature) for idx, secret := range secrets { - sig, err := tblsv2.Sign(secret, msg[:]) + sig, err := tbls.Sign(secret, msg[:]) require.NoError(t, err) block, err := core.NewVersionedSignedBeaconBlock(test.block) require.NoError(t, err) - sigCore := tblsconv2.SigToCore(sig) + sigCore := tblsconv.SigToCore(sig) signed, err := block.SetSignature(sigCore) require.NoError(t, err) - coreSig, err := tblsconv2.SigFromCore(signed.Signature()) + coreSig, err := tblsconv.SigFromCore(signed.Signature()) require.NoError(t, err) require.Equal(t, sig, coreSig) @@ -354,19 +354,19 @@ func TestSigAgg_DutyProposer(t *testing.T) { } // Create expected aggregated signature - aggSig, err := tblsv2.ThresholdAggregate(psigs) + aggSig, err := tbls.ThresholdAggregate(psigs) require.NoError(t, err) - expect := tblsconv2.SigToCore(aggSig) + expect := tblsconv.SigToCore(aggSig) agg := sigagg.New(threshold) // Assert output agg.Subscribe(func(_ context.Context, _ core.Duty, _ core.PubKey, aggData core.SignedData) error { require.Equal(t, expect, aggData.Signature()) - sig, err := tblsconv2.SigFromCore(aggData.Signature()) + sig, err := tblsconv.SigFromCore(aggData.Signature()) require.NoError(t, err) - require.NoError(t, tblsv2.Verify(pubKey, msg[:], sig)) + require.NoError(t, tbls.Verify(pubKey, msg[:], sig)) require.NoError(t, err) return nil @@ -388,13 +388,13 @@ func TestSigAgg_DutyBuilderProposer(t *testing.T) { ) // Generate private shares - secretKey, err := tblsv2.GenerateSecretKey() + secretKey, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubKey, err := tblsv2.SecretToPublicKey(secretKey) + pubKey, err := tbls.SecretToPublicKey(secretKey) require.NoError(t, err) - secrets, err := tblsv2.ThresholdSplit(secretKey, peers, threshold) + secrets, err := tbls.ThresholdSplit(secretKey, peers, threshold) require.NoError(t, err) tests := []struct { @@ -432,23 +432,23 @@ func TestSigAgg_DutyBuilderProposer(t *testing.T) { // Create partial signatures (in two formats) var ( parsigs []core.ParSignedData - psigs map[int]tblsv2.Signature + psigs map[int]tbls.Signature ) - psigs = make(map[int]tblsv2.Signature) + psigs = make(map[int]tbls.Signature) for idx, secret := range secrets { - sig, err := tblsv2.Sign(secret, msg[:]) + sig, err := tbls.Sign(secret, msg[:]) require.NoError(t, err) block, err := core.NewVersionedSignedBlindedBeaconBlock(test.block) require.NoError(t, err) - sigCore := tblsconv2.SigToCore(sig) + sigCore := tblsconv.SigToCore(sig) signed, err := block.SetSignature(sigCore) require.NoError(t, err) - coreSig, err := tblsconv2.SigFromCore(signed.Signature()) + coreSig, err := tblsconv.SigFromCore(signed.Signature()) require.NoError(t, err) require.Equal(t, sig, coreSig) @@ -461,19 +461,19 @@ func TestSigAgg_DutyBuilderProposer(t *testing.T) { } // Create expected aggregated signature - aggSig, err := tblsv2.ThresholdAggregate(psigs) + aggSig, err := tbls.ThresholdAggregate(psigs) require.NoError(t, err) - expect := tblsconv2.SigToCore(aggSig) + expect := tblsconv.SigToCore(aggSig) agg := sigagg.New(threshold) // Assert output agg.Subscribe(func(_ context.Context, _ core.Duty, _ core.PubKey, aggData core.SignedData) error { require.Equal(t, expect, aggData.Signature()) - sig, err := tblsconv2.SigFromCore(aggData.Signature()) + sig, err := tblsconv.SigFromCore(aggData.Signature()) require.NoError(t, err) - require.NoError(t, tblsv2.Verify(pubKey, msg[:], sig)) + require.NoError(t, tbls.Verify(pubKey, msg[:], sig)) require.NoError(t, err) return nil @@ -495,13 +495,13 @@ func TestSigAgg_DutyBuilderRegistration(t *testing.T) { ) // Generate private shares - secretKey, err := tblsv2.GenerateSecretKey() + secretKey, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubKey, err := tblsv2.SecretToPublicKey(secretKey) + pubKey, err := tbls.SecretToPublicKey(secretKey) require.NoError(t, err) - secrets, err := tblsv2.ThresholdSplit(secretKey, peers, threshold) + secrets, err := tbls.ThresholdSplit(secretKey, peers, threshold) require.NoError(t, err) tests := []struct { @@ -529,23 +529,23 @@ func TestSigAgg_DutyBuilderRegistration(t *testing.T) { // Create partial signatures (in two formats) var ( parsigs []core.ParSignedData - psigs map[int]tblsv2.Signature + psigs map[int]tbls.Signature ) - psigs = make(map[int]tblsv2.Signature) + psigs = make(map[int]tbls.Signature) for idx, secret := range secrets { - sig, err := tblsv2.Sign(secret, msg[:]) + sig, err := tbls.Sign(secret, msg[:]) require.NoError(t, err) block, err := core.NewVersionedSignedValidatorRegistration(test.registration) require.NoError(t, err) - sigCore := tblsconv2.SigToCore(sig) + sigCore := tblsconv.SigToCore(sig) signed, err := block.SetSignature(sigCore) require.NoError(t, err) - coreSig, err := tblsconv2.SigFromCore(signed.Signature()) + coreSig, err := tblsconv.SigFromCore(signed.Signature()) require.NoError(t, err) require.Equal(t, sig, coreSig) @@ -558,19 +558,19 @@ func TestSigAgg_DutyBuilderRegistration(t *testing.T) { } // Create expected aggregated signature - aggSig, err := tblsv2.ThresholdAggregate(psigs) + aggSig, err := tbls.ThresholdAggregate(psigs) require.NoError(t, err) - expect := tblsconv2.SigToCore(aggSig) + expect := tblsconv.SigToCore(aggSig) agg := sigagg.New(threshold) // Assert output agg.Subscribe(func(_ context.Context, _ core.Duty, _ core.PubKey, aggData core.SignedData) error { require.Equal(t, expect, aggData.Signature()) - sig, err := tblsconv2.SigFromCore(aggData.Signature()) + sig, err := tblsconv.SigFromCore(aggData.Signature()) require.NoError(t, err) - require.NoError(t, tblsv2.Verify(pubKey, msg[:], sig)) + require.NoError(t, tbls.Verify(pubKey, msg[:], sig)) require.NoError(t, err) return nil diff --git a/core/validatorapi/router.go b/core/validatorapi/router.go index c23789f59..091cc5e90 100644 --- a/core/validatorapi/router.go +++ b/core/validatorapi/router.go @@ -40,7 +40,7 @@ import ( "github.com/obolnetwork/charon/app/z" "github.com/obolnetwork/charon/core" "github.com/obolnetwork/charon/eth2util/eth2exp" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls/tblsconv" ) type contentType string @@ -1154,7 +1154,7 @@ func getValidatorsByID(ctx context.Context, p eth2client.ValidatorsProvider, sta if err != nil { return nil, errors.Wrap(err, "fetch public key bytes") } - pubkey, err := tblsconv2.PubkeyFromBytes(coreBytes) + pubkey, err := tblsconv.PubkeyFromBytes(coreBytes) if err != nil { return nil, errors.Wrap(err, "decode public key hex") } diff --git a/core/validatorapi/validatorapi.go b/core/validatorapi/validatorapi.go index f55327f24..8ba7310c1 100644 --- a/core/validatorapi/validatorapi.go +++ b/core/validatorapi/validatorapi.go @@ -25,8 +25,8 @@ import ( "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/eth2exp" "github.com/obolnetwork/charon/eth2util/signing" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) // NewComponentInsecure returns a new instance of the validator API core workflow component @@ -41,13 +41,13 @@ func NewComponentInsecure(_ *testing.T, eth2Cl eth2wrap.Client, shareIdx int) (* } // NewComponent returns a new instance of the validator API core workflow component. -func NewComponent(eth2Cl eth2wrap.Client, allPubSharesByKey map[core.PubKey]map[int]tblsv2.PublicKey, +func NewComponent(eth2Cl eth2wrap.Client, allPubSharesByKey map[core.PubKey]map[int]tbls.PublicKey, shareIdx int, feeRecipientFunc func(core.PubKey) string, builderEnabled core.BuilderEnabled, seenPubkeys func(core.PubKey), ) (*Component, error) { var ( sharesByKey = make(map[eth2p0.BLSPubKey]eth2p0.BLSPubKey) keysByShare = make(map[eth2p0.BLSPubKey]eth2p0.BLSPubKey) - sharesByCoreKey = make(map[core.PubKey]tblsv2.PublicKey) + sharesByCoreKey = make(map[core.PubKey]tbls.PublicKey) coreSharesByKey = make(map[core.PubKey]core.PubKey) ) for corePubkey, shares := range allPubSharesByKey { @@ -61,7 +61,7 @@ func NewComponent(eth2Cl eth2wrap.Client, allPubSharesByKey map[core.PubKey]map[ if err != nil { return nil, err } - pubkey, err := tblsconv2.PubkeyFromBytes(cpBytes) + pubkey, err := tblsconv.PubkeyFromBytes(cpBytes) if err != nil { return nil, err } @@ -74,10 +74,10 @@ func NewComponent(eth2Cl eth2wrap.Client, allPubSharesByKey map[core.PubKey]map[ keysByShare[eth2Share] = eth2Pubkey } - getVerifyShareFunc := func(pubkey core.PubKey) (tblsv2.PublicKey, error) { + getVerifyShareFunc := func(pubkey core.PubKey) (tbls.PublicKey, error) { pubshare, ok := sharesByCoreKey[pubkey] if !ok { - return tblsv2.PublicKey{}, errors.New("unknown public key") + return tbls.PublicKey{}, errors.New("unknown public key") } return pubshare, nil @@ -136,7 +136,7 @@ type Component struct { // getVerifyShareFunc maps public shares (what the VC thinks as its public key) // to public keys (the DV root public key) - getVerifyShareFunc func(core.PubKey) (tblsv2.PublicKey, error) + getVerifyShareFunc func(core.PubKey) (tbls.PublicKey, error) // getPubShareFunc returns the public share for a root public key. getPubShareFunc func(eth2p0.BLSPubKey) (eth2p0.BLSPubKey, bool) // getPubKeyFunc returns the root public key for a public share. @@ -703,7 +703,7 @@ func (c Component) SubmitAggregateAttestations(ctx context.Context, aggregateAnd // Verify inner selection proof (outcome of DutyPrepareAggregator). if !c.insecureTest { - err = signing.VerifyAggregateAndProofSelection(ctx, c.eth2Cl, tblsv2.PublicKey(eth2Pubkey), agg.Message) + err = signing.VerifyAggregateAndProofSelection(ctx, c.eth2Cl, tbls.PublicKey(eth2Pubkey), agg.Message) if err != nil { return err } @@ -828,7 +828,7 @@ func (c Component) SubmitSyncCommitteeContributions(ctx context.Context, contrib // Verify inner selection proof. if !c.insecureTest { msg := core.NewSyncContributionAndProof(contrib.Message) - err = core.VerifyEth2SignedData(ctx, c.eth2Cl, msg, tblsv2.PublicKey(eth2Pubkey)) + err = core.VerifyEth2SignedData(ctx, c.eth2Cl, msg, tbls.PublicKey(eth2Pubkey)) if err != nil { return err } diff --git a/core/validatorapi/validatorapi_internal_test.go b/core/validatorapi/validatorapi_internal_test.go index 6b790aa12..bd87dfc5d 100644 --- a/core/validatorapi/validatorapi_internal_test.go +++ b/core/validatorapi/validatorapi_internal_test.go @@ -9,8 +9,8 @@ import ( "github.com/stretchr/testify/require" "github.com/obolnetwork/charon/core" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil" ) @@ -18,10 +18,10 @@ func TestMismatchKeysFunc(t *testing.T) { const shareIdx = 1 // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) corePubKey, err := core.PubKeyFromBytes(pubkey[:]) @@ -29,7 +29,7 @@ func TestMismatchKeysFunc(t *testing.T) { eth2Pubkey := eth2p0.BLSPubKey(pubkey) t.Run("no mismatch", func(t *testing.T) { - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls vapi, err := NewComponent(nil, allPubSharesByKey, shareIdx, nil, testutil.BuilderFalse, nil) require.NoError(t, err) @@ -44,8 +44,8 @@ func TestMismatchKeysFunc(t *testing.T) { pkb, err := pkraw.Bytes() require.NoError(t, err) - pubshare := *(*tblsv2.PublicKey)(pkb) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey, shareIdx + 1: pubshare}} + pubshare := *(*tbls.PublicKey)(pkb) + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey, shareIdx + 1: pubshare}} vapi, err := NewComponent(nil, allPubSharesByKey, shareIdx, nil, testutil.BuilderFalse, nil) require.NoError(t, err) @@ -60,10 +60,10 @@ func TestMismatchKeysFunc(t *testing.T) { // Create a mismatching key pkb, err := testutil.RandomCorePubKey(t).Bytes() require.NoError(t, err) - pk, err := tblsconv2.PubkeyFromBytes(pkb) + pk, err := tblsconv.PubkeyFromBytes(pkb) require.NoError(t, err) pubshare := eth2p0.BLSPubKey(pk) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} vapi, err := NewComponent(nil, allPubSharesByKey, shareIdx, nil, testutil.BuilderFalse, nil) require.NoError(t, err) diff --git a/core/validatorapi/validatorapi_test.go b/core/validatorapi/validatorapi_test.go index 73cc1ca67..b82909f62 100644 --- a/core/validatorapi/validatorapi_test.go +++ b/core/validatorapi/validatorapi_test.go @@ -28,14 +28,14 @@ import ( "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/eth2exp" "github.com/obolnetwork/charon/eth2util/signing" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" "github.com/obolnetwork/charon/testutil/beaconmock" "github.com/obolnetwork/charon/testutil/validatormock" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } @@ -158,10 +158,10 @@ func TestSubmitAttestations_Verify(t *testing.T) { ctx := context.Background() // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) // Configure validator @@ -177,7 +177,7 @@ func TestSubmitAttestations_Verify(t *testing.T) { // Convert pubkey corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New( @@ -234,7 +234,7 @@ func TestSignAndVerify(t *testing.T) { ctx := context.Background() // Create key pair - secretKey := *(*tblsv2.PrivateKey)(padTo([]byte{1}, 32)) + secretKey := *(*tbls.PrivateKey)(padTo([]byte{1}, 32)) // Setup beaconmock forkSchedule := `{"data": [{ @@ -276,7 +276,7 @@ func TestSignAndVerify(t *testing.T) { require.Equal(t, "0x02bbdb88056d6cbafd6e94575540e74b8cf2c0f2c1b79b8e17e7b21ed1694305", fmt.Sprintf("%#x", sigDataBytes)) // Get pubkey - pubkey, err := tblsv2.SecretToPublicKey(secretKey) + pubkey, err := tbls.SecretToPublicKey(secretKey) require.NoError(t, err) eth2Pubkey := eth2p0.BLSPubKey(pubkey) @@ -295,7 +295,7 @@ func TestSignAndVerify(t *testing.T) { shareIdx := 1 corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Setup validatorapi component. vapi, err := validatorapi.NewComponent(bmock, allPubSharesByKey, shareIdx, nil, testutil.BuilderFalse, nil) @@ -356,14 +356,14 @@ func TestComponent_BeaconBlockProposal(t *testing.T) { component, err := validatorapi.NewComponentInsecure(t, eth2Cl, vIdx) require.NoError(t, err) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pk, err := tblsv2.SecretToPublicKey(secret) + pk, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) msg := []byte("randao reveal") - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) randao := eth2p0.BLSSignature(sig) @@ -404,10 +404,10 @@ func TestComponent_SubmitBeaconBlock(t *testing.T) { ctx := context.Background() // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) const ( @@ -420,7 +420,7 @@ func TestComponent_SubmitBeaconBlock(t *testing.T) { // Convert pubkey corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -432,7 +432,7 @@ func TestComponent_SubmitBeaconBlock(t *testing.T) { // Prepare unsigned beacon block msg := []byte("randao reveal") - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) randao := eth2p0.BLSSignature(sig) @@ -458,7 +458,7 @@ func TestComponent_SubmitBeaconBlock(t *testing.T) { sigData, err := (ð2p0.SigningData{ObjectRoot: sigRoot, Domain: domain}).HashTreeRoot() require.NoError(t, err) - s, err := tblsv2.Sign(secret, sigData[:]) + s, err := tbls.Sign(secret, sigData[:]) require.NoError(t, err) signedBlock := ð2spec.VersionedSignedBeaconBlock{ @@ -486,10 +486,10 @@ func TestComponent_SubmitBeaconBlockInvalidSignature(t *testing.T) { ctx := context.Background() // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) const ( @@ -501,7 +501,7 @@ func TestComponent_SubmitBeaconBlockInvalidSignature(t *testing.T) { // Convert pubkey corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -513,7 +513,7 @@ func TestComponent_SubmitBeaconBlockInvalidSignature(t *testing.T) { // Prepare unsigned beacon block msg := []byte("randao reveal") - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) vapi.RegisterGetDutyDefinition(func(ctx context.Context, duty core.Duty) (core.DutyDefinitionSet, error) { @@ -521,7 +521,7 @@ func TestComponent_SubmitBeaconBlockInvalidSignature(t *testing.T) { }) // Add invalid Signature to beacon block - s, err := tblsv2.Sign(secret, []byte("invalid msg")) + s, err := tbls.Sign(secret, []byte("invalid msg")) require.NoError(t, err) unsignedBlock := testutil.RandomPhase0BeaconBlock() @@ -559,9 +559,9 @@ func TestComponent_SubmitBeaconBlockInvalidBlock(t *testing.T) { pkb, err := pubkey.Bytes() require.NoError(t, err) - tblsPubkey := *(*tblsv2.PublicKey)(pkb) + tblsPubkey := *(*tbls.PublicKey)(pkb) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{pubkey: {shareIdx: tblsPubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{pubkey: {shareIdx: tblsPubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -667,14 +667,14 @@ func TestComponent_BlindedBeaconBlockProposal(t *testing.T) { component, err := validatorapi.NewComponentInsecure(t, eth2Cl, vIdx) require.NoError(t, err) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pk, err := tblsv2.SecretToPublicKey(secret) + pk, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) msg := []byte("randao reveal") - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) randao := eth2p0.BLSSignature(sig) @@ -715,10 +715,10 @@ func TestComponent_SubmitBlindedBeaconBlock(t *testing.T) { ctx := context.Background() // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) const ( @@ -731,7 +731,7 @@ func TestComponent_SubmitBlindedBeaconBlock(t *testing.T) { // Convert pubkey corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -743,7 +743,7 @@ func TestComponent_SubmitBlindedBeaconBlock(t *testing.T) { // Prepare unsigned beacon block msg := []byte("randao reveal") - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) unsignedBlindedBlock := testutil.RandomCapellaBlindedBeaconBlock() @@ -765,7 +765,7 @@ func TestComponent_SubmitBlindedBeaconBlock(t *testing.T) { sigData, err := (ð2p0.SigningData{ObjectRoot: sigRoot, Domain: domain}).HashTreeRoot() require.NoError(t, err) - s, err := tblsv2.Sign(secret, sigData[:]) + s, err := tbls.Sign(secret, sigData[:]) require.NoError(t, err) signedBlindedBlock := ð2api.VersionedSignedBlindedBeaconBlock{ @@ -793,10 +793,10 @@ func TestComponent_SubmitBlindedBeaconBlockInvalidSignature(t *testing.T) { ctx := context.Background() // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) const ( @@ -808,7 +808,7 @@ func TestComponent_SubmitBlindedBeaconBlockInvalidSignature(t *testing.T) { // Convert pubkey corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -820,7 +820,7 @@ func TestComponent_SubmitBlindedBeaconBlockInvalidSignature(t *testing.T) { // Prepare unsigned beacon block msg := []byte("randao reveal") - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) require.NoError(t, err) unsignedBlindedBlock := testutil.RandomCapellaBlindedBeaconBlock() @@ -834,7 +834,7 @@ func TestComponent_SubmitBlindedBeaconBlockInvalidSignature(t *testing.T) { // Add invalid Signature to blinded beacon block - s, err := tblsv2.Sign(secret, []byte("invalid msg")) + s, err := tbls.Sign(secret, []byte("invalid msg")) require.NoError(t, err) signedBlindedBlock := ð2api.VersionedSignedBlindedBeaconBlock{ @@ -868,7 +868,7 @@ func TestComponent_SubmitBlindedBeaconBlockInvalidBlock(t *testing.T) { pkb, err := pubkey.Bytes() require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{pubkey: {shareIdx: *(*tblsv2.PublicKey)(pkb)}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{pubkey: {shareIdx: *(*tbls.PublicKey)(pkb)}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -935,10 +935,10 @@ func TestComponent_SubmitVoluntaryExit(t *testing.T) { defer cancel() // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) const ( @@ -950,7 +950,7 @@ func TestComponent_SubmitVoluntaryExit(t *testing.T) { // Convert pubkey corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Prep beacon mock validators validator := beaconmock.ValidatorSetA[vIdx] @@ -981,7 +981,7 @@ func TestComponent_SubmitVoluntaryExit(t *testing.T) { sigData, err := (ð2p0.SigningData{ObjectRoot: sigRoot, Domain: domain}).HashTreeRoot() require.NoError(t, err) - sig, err := tblsv2.Sign(secret, sigData[:]) + sig, err := tbls.Sign(secret, sigData[:]) require.NoError(t, err) signedExit := ð2p0.SignedVoluntaryExit{ @@ -1013,15 +1013,15 @@ func TestComponent_SubmitVoluntaryExitInvalidSignature(t *testing.T) { ) // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls validator := beaconmock.ValidatorSetA[vIdx] validator.Validator.PublicKey = eth2p0.BLSPubKey(pubkey) @@ -1041,7 +1041,7 @@ func TestComponent_SubmitVoluntaryExitInvalidSignature(t *testing.T) { return ctx.Err() }) - sig, err := tblsv2.Sign(secret, []byte("invalid message")) + sig, err := tbls.Sign(secret, []byte("invalid message")) require.NoError(t, err) exit := testutil.RandomExit() @@ -1066,12 +1066,12 @@ func TestComponent_Duties(t *testing.T) { eth2Pubkey := testutil.RandomEth2PubKey(t) eth2Share := testutil.RandomEth2PubKey(t) - pubshare := tblsv2.PublicKey(eth2Share) - pubkey := tblsv2.PublicKey(eth2Pubkey) + pubshare := tbls.PublicKey(eth2Share) + pubkey := tbls.PublicKey(eth2Pubkey) corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubshare}} + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubshare}} // Configure beacon mock bmock, err := beaconmock.New() require.NoError(t, err) @@ -1141,17 +1141,17 @@ func TestComponent_SubmitValidatorRegistration(t *testing.T) { ctx := context.Background() shareIdx := 1 // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) // Convert pubkey eth2Pubkey := eth2p0.BLSPubKey(pubkey) corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -1173,7 +1173,7 @@ func TestComponent_SubmitValidatorRegistration(t *testing.T) { sigData, err := signing.GetDataRoot(ctx, bmock, signing.DomainApplicationBuilder, 0, sigRoot) require.NoError(t, err) - s, err := tblsv2.Sign(secret, sigData[:]) + s, err := tbls.Sign(secret, sigData[:]) require.NoError(t, err) signed := ð2api.VersionedSignedValidatorRegistration{ @@ -1215,17 +1215,17 @@ func TestComponent_SubmitValidatorRegistrationInvalidSignature(t *testing.T) { ctx := context.Background() shareIdx := 1 // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) // Convert pubkey eth2Pubkey := eth2p0.BLSPubKey(pubkey) corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -1246,7 +1246,7 @@ func TestComponent_SubmitValidatorRegistrationInvalidSignature(t *testing.T) { // Add invalid Signature to validator (builder) registration - s, err := tblsv2.Sign(secret, []byte("invalid msg")) + s, err := tbls.Sign(secret, []byte("invalid msg")) require.NoError(t, err) signed := ð2api.VersionedSignedValidatorRegistration{ @@ -1269,16 +1269,16 @@ func TestComponent_TekuProposerConfig(t *testing.T) { shareIdx = 1 ) // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) // Convert pubkey corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls // Configure beacon mock bmock, err := beaconmock.New() @@ -1422,16 +1422,16 @@ func TestComponent_SubmitAggregateAttestationVerify(t *testing.T) { ) // Create keys (just use normal keys, not split tbls) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls val.Validator.PublicKey = eth2p0.BLSPubKey(pubkey) @@ -1553,15 +1553,15 @@ func TestComponent_SubmitSyncCommitteeContributionsVerify(t *testing.T) { ) // Create keys (just use normal keys, not split tbls). - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) corePubKey, err := core.PubKeyFromBytes(pubkey[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{corePubKey: {shareIdx: pubkey}} // Maps self to self since not tbls val.Validator.PublicKey = eth2p0.BLSPubKey(pubkey) @@ -1620,10 +1620,10 @@ func TestComponent_AggregateSyncCommitteeSelectionsVerify(t *testing.T) { require.NoError(t, err) // Sync committee selection 1. - secret1, err := tblsv2.GenerateSecretKey() + secret1, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey1, err := tblsv2.SecretToPublicKey(secret1) + pubkey1, err := tbls.SecretToPublicKey(secret1) require.NoError(t, err) pk1, err := core.PubKeyFromBytes(pubkey1[:]) @@ -1637,10 +1637,10 @@ func TestComponent_AggregateSyncCommitteeSelectionsVerify(t *testing.T) { selection1.SelectionProof = syncCommSelectionProof(t, bmock, secret1, slot, selection1.SubcommitteeIndex) // Sync committee selection 2. - secret2, err := tblsv2.GenerateSecretKey() + secret2, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey2, err := tblsv2.SecretToPublicKey(secret2) + pubkey2, err := tbls.SecretToPublicKey(secret2) require.NoError(t, err) pk2, err := core.PubKeyFromBytes(pubkey2[:]) @@ -1661,7 +1661,7 @@ func TestComponent_AggregateSyncCommitteeSelectionsVerify(t *testing.T) { corePubKey2, err := core.PubKeyFromBytes(pubkey2[:]) require.NoError(t, err) - allPubSharesByKey := map[core.PubKey]map[int]tblsv2.PublicKey{ + allPubSharesByKey := map[core.PubKey]map[int]tbls.PublicKey{ corePubKey1: {shareIdx: pubkey1}, corePubKey2: {shareIdx: pubkey2}, } @@ -1715,7 +1715,7 @@ func TestComponent_AggregateSyncCommitteeSelectionsVerify(t *testing.T) { require.Equal(t, selections, got) } -func signAggregationAndProof(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2.PrivateKey, aggProof *eth2p0.AggregateAndProof) eth2p0.BLSSignature { +func signAggregationAndProof(t *testing.T, eth2Cl eth2wrap.Client, secret tbls.PrivateKey, aggProof *eth2p0.AggregateAndProof) eth2p0.BLSSignature { t.Helper() epoch, err := eth2util.EpochFromSlot(context.Background(), eth2Cl, aggProof.Aggregate.Data.Slot) @@ -1729,7 +1729,7 @@ func signAggregationAndProof(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2 // syncCommSelectionProof returns the selection_proof corresponding to the provided altair.ContributionAndProof. // Refer get_sync_committee_selection_proof from https://github.com/ethereum/consensus-specs/blob/dev/specs/altair/validator.md#aggregation-selection. -func syncCommSelectionProof(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2.PrivateKey, slot eth2p0.Slot, subcommIdx eth2p0.CommitteeIndex) eth2p0.BLSSignature { +func syncCommSelectionProof(t *testing.T, eth2Cl eth2wrap.Client, secret tbls.PrivateKey, slot eth2p0.Slot, subcommIdx eth2p0.CommitteeIndex) eth2p0.BLSSignature { t.Helper() epoch, err := eth2util.EpochFromSlot(context.Background(), eth2Cl, slot) @@ -1748,7 +1748,7 @@ func syncCommSelectionProof(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2. // signContributionAndProof signs the provided altair.SignedContributionAndProof and returns the signature. // Refer get_contribution_and_proof_signature from https://github.com/ethereum/consensus-specs/blob/dev/specs/altair/validator.md#broadcast-sync-committee-contribution -func signContributionAndProof(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2.PrivateKey, contrib *altair.ContributionAndProof) eth2p0.BLSSignature { +func signContributionAndProof(t *testing.T, eth2Cl eth2wrap.Client, secret tbls.PrivateKey, contrib *altair.ContributionAndProof) eth2p0.BLSSignature { t.Helper() epoch, err := eth2util.EpochFromSlot(context.Background(), eth2Cl, contrib.Contribution.Slot) @@ -1760,7 +1760,7 @@ func signContributionAndProof(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv return sign(t, eth2Cl, secret, signing.DomainContributionAndProof, epoch, sigRoot) } -func signBeaconSelection(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2.PrivateKey, slot eth2p0.Slot) eth2p0.BLSSignature { +func signBeaconSelection(t *testing.T, eth2Cl eth2wrap.Client, secret tbls.PrivateKey, slot eth2p0.Slot) eth2p0.BLSSignature { t.Helper() epoch, err := eth2util.EpochFromSlot(context.Background(), eth2Cl, slot) @@ -1772,14 +1772,14 @@ func signBeaconSelection(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2.Pri return sign(t, eth2Cl, secret, signing.DomainSelectionProof, epoch, dataRoot) } -func sign(t *testing.T, eth2Cl eth2wrap.Client, secret tblsv2.PrivateKey, domain signing.DomainName, epoch eth2p0.Epoch, dataRoot eth2p0.Root) eth2p0.BLSSignature { +func sign(t *testing.T, eth2Cl eth2wrap.Client, secret tbls.PrivateKey, domain signing.DomainName, epoch eth2p0.Epoch, dataRoot eth2p0.Root) eth2p0.BLSSignature { t.Helper() ctx := context.Background() signingRoot, err := signing.GetDataRoot(ctx, eth2Cl, domain, epoch, dataRoot) require.NoError(t, err) - sig, err := tblsv2.Sign(secret, signingRoot[:]) + sig, err := tbls.Sign(secret, signingRoot[:]) require.NoError(t, err) return eth2p0.BLSSignature(sig) diff --git a/dkg/disk.go b/dkg/disk.go index c206b8417..f5710a45e 100644 --- a/dkg/disk.go +++ b/dkg/disk.go @@ -23,7 +23,7 @@ import ( "github.com/obolnetwork/charon/eth2util/deposit" "github.com/obolnetwork/charon/eth2util/keymanager" "github.com/obolnetwork/charon/eth2util/keystore" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) // loadDefinition returns the cluster definition from disk or an HTTP URL. It returns the test definition if configured. @@ -117,7 +117,7 @@ func writeKeysToKeymanager(ctx context.Context, keymanagerURL, authToken string, // writeKeysToDisk writes validator private keyshares for the node to disk. func writeKeysToDisk(conf Config, shares []share) error { - var secrets []tblsv2.PrivateKey + var secrets []tbls.PrivateKey for _, s := range shares { secrets = append(secrets, s.SecretShare) } diff --git a/dkg/dkg.go b/dkg/dkg.go index 0e055d9b6..9a8ba4b10 100644 --- a/dkg/dkg.go +++ b/dkg/dkg.go @@ -28,8 +28,8 @@ import ( "github.com/obolnetwork/charon/eth2util/deposit" "github.com/obolnetwork/charon/eth2util/keymanager" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) type Config struct { @@ -48,7 +48,7 @@ type Config struct { TestDef *cluster.Definition TestSyncCallback func(connected int, id peer.ID) - TestStoreKeysFunc func(secrets []tblsv2.PrivateKey, dir string) error + TestStoreKeysFunc func(secrets []tbls.PrivateKey, dir string) error TestTCPNodeCallback func(host.Host) TestShutdownCallback func() } @@ -446,7 +446,7 @@ func signAndAggLockHash(ctx context.Context, shares []share, def cluster.Definit return cluster.Lock{}, err } - err = tblsv2.VerifyAggregate(aggPkLockHash, aggSigLockHash, lock.LockHash) + err = tbls.VerifyAggregate(aggPkLockHash, aggSigLockHash, lock.LockHash) if err != nil { return cluster.Lock{}, errors.Wrap(err, "verify multisignature") } @@ -475,36 +475,36 @@ func signAndAggDepositData(ctx context.Context, ex *exchanger, shares []share, w // aggLockHashSig returns the aggregated multi signature of the lock hash // signed by all the private key shares of all the distributed validators. -func aggLockHashSig(data map[core.PubKey][]core.ParSignedData, shares map[core.PubKey]share, hash []byte) (tblsv2.Signature, []tblsv2.PublicKey, error) { +func aggLockHashSig(data map[core.PubKey][]core.ParSignedData, shares map[core.PubKey]share, hash []byte) (tbls.Signature, []tbls.PublicKey, error) { var ( - sigs []tblsv2.Signature - pubkeys []tblsv2.PublicKey + sigs []tbls.Signature + pubkeys []tbls.PublicKey ) for pk, psigs := range data { pk := pk psigs := psigs for _, s := range psigs { - sig, err := tblsconv2.SignatureFromBytes(s.Signature()) + sig, err := tblsconv.SignatureFromBytes(s.Signature()) if err != nil { - return tblsv2.Signature{}, nil, errors.Wrap(err, "signature from bytes") + return tbls.Signature{}, nil, errors.Wrap(err, "signature from bytes") } sh, ok := shares[pk] if !ok { // peerIdx is 0-indexed while shareIdx is 1-indexed - return tblsv2.Signature{}, nil, errors.New("invalid pubkey in lock hash partial signature from peer", + return tbls.Signature{}, nil, errors.New("invalid pubkey in lock hash partial signature from peer", z.Int("peerIdx", s.ShareIdx-1), z.Str("pubkey", pk.String())) } pubshare, ok := sh.PublicShares[s.ShareIdx] if !ok { - return tblsv2.Signature{}, nil, errors.New("invalid pubshare") + return tbls.Signature{}, nil, errors.New("invalid pubshare") } - err = tblsv2.Verify(pubshare, hash, sig) + err = tbls.Verify(pubshare, hash, sig) if err != nil { - return tblsv2.Signature{}, nil, errors.Wrap(err, "invalid lock hash partial signature from peer", + return tbls.Signature{}, nil, errors.Wrap(err, "invalid lock hash partial signature from peer", z.Int("peerIdx", s.ShareIdx-1), z.Str("pubkey", pk.String())) } @@ -514,9 +514,9 @@ func aggLockHashSig(data map[core.PubKey][]core.ParSignedData, shares map[core.P } // Full BLS Signature Aggregation - aggSig, err := tblsv2.Aggregate(sigs) + aggSig, err := tbls.Aggregate(sigs) if err != nil { - return tblsv2.Signature{}, nil, errors.Wrap(err, "bls aggregate Signatures") + return tbls.Signature{}, nil, errors.Wrap(err, "bls aggregate Signatures") } return aggSig, pubkeys, nil @@ -531,12 +531,12 @@ func signLockHash(shareIdx int, shares []share, hash []byte) (core.ParSignedData return nil, err } - sig, err := tblsv2.Sign(share.SecretShare, hash) + sig, err := tbls.Sign(share.SecretShare, hash) if err != nil { return nil, err } - set[pk] = core.NewPartialSignature(tblsconv2.SigToCore(sig), shareIdx) + set[pk] = core.NewPartialSignature(tblsconv.SigToCore(sig), shareIdx) } return set, nil @@ -551,7 +551,7 @@ func signDepositMsgs(shares []share, shareIdx int, withdrawalAddresses []string, if err != nil { return nil, nil, err } - pubkey, err := tblsconv2.PubkeyToETH2(share.PubKey) + pubkey, err := tblsconv.PubkeyToETH2(share.PubKey) if err != nil { return nil, nil, err } @@ -571,12 +571,12 @@ func signDepositMsgs(shares []share, shareIdx int, withdrawalAddresses []string, return nil, nil, err } - sig, err := tblsv2.Sign(share.SecretShare, sigRoot[:]) + sig, err := tbls.Sign(share.SecretShare, sigRoot[:]) if err != nil { return nil, nil, err } - set[pk] = core.NewPartialSignature(tblsconv2.SigToCore(sig), shareIdx) + set[pk] = core.NewPartialSignature(tblsconv.SigToCore(sig), shareIdx) msgs[pk] = eth2p0.DepositMessage{ PublicKey: msg.PublicKey, WithdrawalCredentials: msg.WithdrawalCredentials, @@ -591,7 +591,7 @@ func signDepositMsgs(shares []share, shareIdx int, withdrawalAddresses []string, func aggDepositData(data map[core.PubKey][]core.ParSignedData, shares []share, msgs map[core.PubKey]eth2p0.DepositMessage, network string, ) ([]eth2p0.DepositData, error) { - pubkeyToPubShares := make(map[core.PubKey]map[int]tblsv2.PublicKey) + pubkeyToPubShares := make(map[core.PubKey]map[int]tbls.PublicKey) for _, sh := range shares { pk, err := core.PubKeyFromBytes(sh.PubKey[:]) if err != nil { @@ -616,9 +616,9 @@ func aggDepositData(data map[core.PubKey][]core.ParSignedData, shares []share, return nil, err } - psigs := make(map[int]tblsv2.Signature) + psigs := make(map[int]tbls.Signature) for _, s := range psigsData { - sig, err := tblsconv2.SignatureFromBytes(s.Signature()) + sig, err := tblsconv.SignatureFromBytes(s.Signature()) if err != nil { return nil, errors.Wrap(err, "signature from core") } @@ -635,7 +635,7 @@ func aggDepositData(data map[core.PubKey][]core.ParSignedData, shares []share, return nil, errors.New("invalid pubshare") } - err = tblsv2.Verify(pubshare, sigRoot[:], sig) + err = tbls.Verify(pubshare, sigRoot[:], sig) if err != nil { return nil, errors.New("invalid deposit data partial signature from peer", z.Int("peerIdx", s.ShareIdx-1), z.Str("pubkey", pk.String())) @@ -645,17 +645,17 @@ func aggDepositData(data map[core.PubKey][]core.ParSignedData, shares []share, } // Aggregate signatures per DV - asig, err := tblsv2.ThresholdAggregate(psigs) + asig, err := tbls.ThresholdAggregate(psigs) if err != nil { return nil, err } - pubkey, err := tblsconv2.PubkeyFromCore(pk) + pubkey, err := tblsconv.PubkeyFromCore(pk) if err != nil { return nil, err } - err = tblsv2.Verify(pubkey, sigRoot[:], asig) + err = tbls.Verify(pubkey, sigRoot[:], asig) if err != nil { return nil, errors.Wrap(err, "invalid deposit data aggregated signature") } @@ -664,7 +664,7 @@ func aggDepositData(data map[core.PubKey][]core.ParSignedData, shares []share, PublicKey: msg.PublicKey, WithdrawalCredentials: msg.WithdrawalCredentials, Amount: msg.Amount, - Signature: tblsconv2.SigToETH2(asig), + Signature: tblsconv.SigToETH2(asig), }) } diff --git a/dkg/dkg_internal_test.go b/dkg/dkg_internal_test.go index 82f51e51d..2fb68c639 100644 --- a/dkg/dkg_internal_test.go +++ b/dkg/dkg_internal_test.go @@ -11,8 +11,8 @@ import ( "github.com/obolnetwork/charon/core" "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/deposit" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil" ) @@ -22,19 +22,19 @@ func TestInvalidSignatures(t *testing.T) { th = 3 ) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) - secretShares, err := tblsv2.ThresholdSplit(secret, n, th) + secretShares, err := tbls.ThresholdSplit(secret, n, th) require.NoError(t, err) - pubshares := make(map[int]tblsv2.PublicKey) + pubshares := make(map[int]tbls.PublicKey) for idx, share := range secretShares { - pubkey, err := tblsv2.SecretToPublicKey(share) + pubkey, err := tbls.SecretToPublicKey(share) require.NoError(t, err) pubshares[idx] = pubkey @@ -49,16 +49,16 @@ func TestInvalidSignatures(t *testing.T) { getSigs := func(msg []byte) []core.ParSignedData { var sigs []core.ParSignedData for i := 0; i < n-1; i++ { - sig, err := tblsv2.Sign(secretShares[i+1], msg) + sig, err := tbls.Sign(secretShares[i+1], msg) require.NoError(t, err) - sigs = append(sigs, core.NewPartialSignature(tblsconv2.SigToCore(sig), i+1)) + sigs = append(sigs, core.NewPartialSignature(tblsconv.SigToCore(sig), i+1)) } - invalidSig, err := tblsv2.Sign(secretShares[n-1], []byte("invalid msg")) + invalidSig, err := tbls.Sign(secretShares[n-1], []byte("invalid msg")) require.NoError(t, err) - sigs = append(sigs, core.NewPartialSignature(tblsconv2.SigToCore(invalidSig), n)) + sigs = append(sigs, core.NewPartialSignature(tblsconv.SigToCore(invalidSig), n)) return sigs } @@ -90,19 +90,19 @@ func TestValidSignatures(t *testing.T) { th = 3 ) - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) - pubkey, err := tblsv2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(t, err) - secretShares, err := tblsv2.ThresholdSplit(secret, n, th) + secretShares, err := tbls.ThresholdSplit(secret, n, th) require.NoError(t, err) - pubshares := make(map[int]tblsv2.PublicKey) + pubshares := make(map[int]tbls.PublicKey) for idx, share := range secretShares { - pubkey, err := tblsv2.SecretToPublicKey(share) + pubkey, err := tbls.SecretToPublicKey(share) require.NoError(t, err) pubshares[idx] = pubkey @@ -118,10 +118,10 @@ func TestValidSignatures(t *testing.T) { var sigs []core.ParSignedData for i := 0; i < n-1; i++ { pk := secretShares[i+1] - sig, err := tblsv2.Sign(pk, msg) + sig, err := tbls.Sign(pk, msg) require.NoError(t, err) - coreSig := tblsconv2.SigToCore(sig) + coreSig := tblsconv.SigToCore(sig) sigs = append(sigs, core.NewPartialSignature(coreSig, i+1)) } diff --git a/dkg/dkg_test.go b/dkg/dkg_test.go index b41b22437..ea1a1646b 100644 --- a/dkg/dkg_test.go +++ b/dkg/dkg_test.go @@ -29,13 +29,13 @@ import ( dkgsync "github.com/obolnetwork/charon/dkg/sync" "github.com/obolnetwork/charon/eth2util/keystore" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } @@ -112,7 +112,7 @@ func testDKG(t *testing.T, def cluster.Definition, dir string, p2pKeys []*k1.Pri }, Log: log.DefaultConfig(), TestDef: &def, - TestStoreKeysFunc: func(secrets []tblsv2.PrivateKey, dir string) error { + TestStoreKeysFunc: func(secrets []tbls.PrivateKey, dir string) error { return keystore.StoreKeysInsecure(secrets, dir, keystore.ConfirmInsecureKeys) }, TestShutdownCallback: shutdownSync, @@ -282,7 +282,7 @@ func verifyDKGResults(t *testing.T, def cluster.Definition, dir string) { // Read generated lock and keystores from disk var ( - secretShares = make([][]tblsv2.PrivateKey, def.NumValidators) + secretShares = make([][]tbls.PrivateKey, def.NumValidators) locks []cluster.Lock ) for i := 0; i < len(def.Operators); i++ { @@ -321,10 +321,10 @@ func verifyDKGResults(t *testing.T, def cluster.Definition, dir string) { // Ensure keystores can generate valid tbls aggregate signature. for i := 0; i < def.NumValidators; i++ { - var sigs []tblsv2.Signature + var sigs []tbls.Signature for j := 0; j < len(def.Operators); j++ { msg := []byte("data") - sig, err := tblsv2.Sign(secretShares[i][j], msg) + sig, err := tbls.Sign(secretShares[i][j], msg) require.NoError(t, err) sigs = append(sigs, sig) @@ -333,13 +333,13 @@ func verifyDKGResults(t *testing.T, def cluster.Definition, dir string) { if len(lock.Validators[i].PubShares) == 0 { continue } - pk, err := tblsconv2.PubkeyFromBytes(lock.Validators[i].PubShares[j]) + pk, err := tblsconv.PubkeyFromBytes(lock.Validators[i].PubShares[j]) require.NoError(t, err) - err = tblsv2.Verify(pk, msg, sig) + err = tbls.Verify(pk, msg, sig) require.NoError(t, err) } } - _, err := tblsv2.Aggregate(sigs) + _, err := tbls.Aggregate(sigs) require.NoError(t, err) } } @@ -546,7 +546,7 @@ func getConfigs(t *testing.T, def cluster.Definition, keys []*k1.PrivateKey, dir }, Log: log.DefaultConfig(), TestDef: &def, - TestStoreKeysFunc: func(secrets []tblsv2.PrivateKey, dir string) error { + TestStoreKeysFunc: func(secrets []tbls.PrivateKey, dir string) error { return keystore.StoreKeysInsecure(secrets, dir, keystore.ConfirmInsecureKeys) }, TestTCPNodeCallback: tcpNodeCallback, diff --git a/dkg/frost.go b/dkg/frost.go index 6900ba1bb..439a25d12 100644 --- a/dkg/frost.go +++ b/dkg/frost.go @@ -12,8 +12,8 @@ import ( "github.com/obolnetwork/charon/app/errors" "github.com/obolnetwork/charon/app/log" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) var curve = curves.BLS12381G1() @@ -200,7 +200,7 @@ func makeShares( r2Result map[msgKey]frost.Round2Bcast, ) ([]share, error) { // Get set of public shares for each validator. - pubShares := make(map[uint32]map[int]tblsv2.PublicKey) // map[ValIdx]map[SourceID]tblsv2.PublicKey + pubShares := make(map[uint32]map[int]tbls.PublicKey) // map[ValIdx]map[SourceID]tbls.PublicKey for key, result := range r2Result { pubShare, err := pointToPubKey(result.VkShare) if err != nil { @@ -209,7 +209,7 @@ func makeShares( m, ok := pubShares[key.ValIdx] if !ok { - m = make(map[int]tblsv2.PublicKey) + m = make(map[int]tbls.PublicKey) pubShares[key.ValIdx] = m } m[int(key.SourceID)] = pubShare @@ -248,12 +248,12 @@ func makeShares( } // pointToPubKey returns the point as a public key. -func pointToPubKey(point curves.Point) (tblsv2.PublicKey, error) { - return tblsconv2.PubkeyFromBytes(point.ToAffineCompressed()) +func pointToPubKey(point curves.Point) (tbls.PublicKey, error) { + return tblsconv.PubkeyFromBytes(point.ToAffineCompressed()) } // scalarToSecretShare returns the scalar as a secret key share using the share index. // Copied from github.com/coinbase/kryptology/test/frost_dkg/bls/main.go. -func scalarToSecretShare(scalar curves.Scalar) (tblsv2.PrivateKey, error) { - return tblsconv2.PrivkeyFromBytes(scalar.Bytes()) +func scalarToSecretShare(scalar curves.Scalar) (tbls.PrivateKey, error) { + return tblsconv.PrivkeyFromBytes(scalar.Bytes()) } diff --git a/dkg/keycast.go b/dkg/keycast.go index 672e4bc62..e0d7f2ed4 100644 --- a/dkg/keycast.go +++ b/dkg/keycast.go @@ -12,8 +12,8 @@ import ( "github.com/obolnetwork/charon/app/log" "github.com/obolnetwork/charon/app/z" "github.com/obolnetwork/charon/cluster" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) // kcTransport provides secure transport abstraction to keycast. @@ -27,10 +27,10 @@ type kcTransport interface { // share is the co-validator public key, tbls public shares, and private key share. // Each node in the cluster will receive one for each distributed validator. type share struct { - PubKey tblsv2.PublicKey - SecretShare tblsv2.PrivateKey + PubKey tbls.PublicKey + SecretShare tbls.PrivateKey - PublicShares map[int]tblsv2.PublicKey // map[shareIdx]tblsv2.PublicKey + PublicShares map[int]tbls.PublicKey // map[shareIdx]tbls.PublicKey } // shareMsg is the share message wire format sent by the dealer. @@ -153,17 +153,17 @@ func leadKeyCast(ctx context.Context, tp kcTransport, def cluster.Definition) ([ func createShares(numValidators, numNodes, threshold int) ([][]share, error) { resp := make([][]share, numNodes) for i := 0; i < numValidators; i++ { - rootSecret, err := tblsv2.GenerateSecretKey() + rootSecret, err := tbls.GenerateSecretKey() if err != nil { return nil, err } - rootPubkey, err := tblsv2.SecretToPublicKey(rootSecret) + rootPubkey, err := tbls.SecretToPublicKey(rootSecret) if err != nil { return nil, err } - shares, err := tblsv2.ThresholdSplit(rootSecret, uint(numNodes), uint(threshold)) + shares, err := tbls.ThresholdSplit(rootSecret, uint(numNodes), uint(threshold)) if err != nil { return nil, err } @@ -172,11 +172,11 @@ func createShares(numValidators, numNodes, threshold int) ([][]share, error) { return nil, errors.New("bug: sanity check length of shares") } - pubShares := make(map[int]tblsv2.PublicKey) + pubShares := make(map[int]tbls.PublicKey) for idx, privShare := range shares { privShare := privShare idx := idx - pubShare, err := tblsv2.SecretToPublicKey(privShare) + pubShare, err := tbls.SecretToPublicKey(privShare) if err != nil { return nil, errors.Wrap(err, "can't obtain pubkey from secret", z.Int("index", idx)) } @@ -224,21 +224,21 @@ func msgFromShare(s share) shareMsg { // shareFromMsg returns the share by unmarshalling the wire message types. func shareFromMsg(msg shareMsg) (share, error) { - pubKey, err := tblsconv2.PubkeyFromBytes(msg.PubKey) + pubKey, err := tblsconv.PubkeyFromBytes(msg.PubKey) if err != nil { return share{}, errors.Wrap(err, "public key from bytes") } - pubShares := make(map[int]tblsv2.PublicKey) + pubShares := make(map[int]tbls.PublicKey) for id, bytes := range msg.PubShares { - pubKey, err := tblsconv2.PubkeyFromBytes(bytes) + pubKey, err := tblsconv.PubkeyFromBytes(bytes) if err != nil { return share{}, errors.Wrap(err, "public key from bytes") } pubShares[id+1] = pubKey // Public shares IDs are 1-indexed. } - secretShare, err := tblsconv2.PrivkeyFromBytes(msg.SecretShare) + secretShare, err := tblsconv.PrivkeyFromBytes(msg.SecretShare) if err != nil { return share{}, errors.Wrap(err, "private key from bytes") } diff --git a/eth2util/deposit/deposit.go b/eth2util/deposit/deposit.go index f635f5e89..20276b3a5 100644 --- a/eth2util/deposit/deposit.go +++ b/eth2util/deposit/deposit.go @@ -15,7 +15,7 @@ import ( "github.com/obolnetwork/charon/app/errors" "github.com/obolnetwork/charon/app/z" "github.com/obolnetwork/charon/eth2util" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) var ( @@ -70,10 +70,10 @@ func MarshalDepositData(depositDatas []eth2p0.DepositData, network string) ([]by return nil, err } - blsSig := tblsv2.Signature(depositData.Signature) - blsPubkey := tblsv2.PublicKey(depositData.PublicKey) + blsSig := tbls.Signature(depositData.Signature) + blsPubkey := tbls.PublicKey(depositData.PublicKey) - err = tblsv2.Verify(blsPubkey, sigData[:], blsSig) + err = tbls.Verify(blsPubkey, sigData[:], blsSig) if err != nil { return nil, errors.Wrap(err, "invalid deposit data signature") } diff --git a/eth2util/deposit/deposit_test.go b/eth2util/deposit/deposit_test.go index 1f4a56380..4089ab66d 100644 --- a/eth2util/deposit/deposit_test.go +++ b/eth2util/deposit/deposit_test.go @@ -11,8 +11,8 @@ import ( "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/deposit" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil" ) @@ -45,14 +45,14 @@ func TestMarshalDepositData(t *testing.T) { sigRoot, err := deposit.GetMessageSigningRoot(msg, network) require.NoError(t, err) - sig, err := tblsv2.Sign(sk, sigRoot[:]) + sig, err := tbls.Sign(sk, sigRoot[:]) require.NoError(t, err) datas = append(datas, eth2p0.DepositData{ PublicKey: msg.PublicKey, WithdrawalCredentials: msg.WithdrawalCredentials, Amount: msg.Amount, - Signature: tblsconv2.SigToETH2(sig), + Signature: tblsconv.SigToETH2(sig), }) } @@ -63,19 +63,19 @@ func TestMarshalDepositData(t *testing.T) { } // Get the private and public keys in appropriate format for the test. -func GetKeys(t *testing.T, privKey string) (tblsv2.PrivateKey, eth2p0.BLSPubKey) { +func GetKeys(t *testing.T, privKey string) (tbls.PrivateKey, eth2p0.BLSPubKey) { t.Helper() privKeyBytes, err := hex.DecodeString(privKey) require.NoError(t, err) - sk, err := tblsconv2.PrivkeyFromBytes(privKeyBytes) + sk, err := tblsconv.PrivkeyFromBytes(privKeyBytes) require.NoError(t, err) - pk, err := tblsv2.SecretToPublicKey(sk) + pk, err := tbls.SecretToPublicKey(sk) require.NoError(t, err) - pubkey, err := tblsconv2.PubkeyToETH2(pk) + pubkey, err := tblsconv.PubkeyToETH2(pk) require.NoError(t, err) return sk, pubkey diff --git a/eth2util/eth2exp/attagg_test.go b/eth2util/eth2exp/attagg_test.go index 676ae7ab1..d8bfc67f6 100644 --- a/eth2util/eth2exp/attagg_test.go +++ b/eth2util/eth2exp/attagg_test.go @@ -11,7 +11,7 @@ import ( "github.com/stretchr/testify/require" "github.com/obolnetwork/charon/eth2util/eth2exp" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil/beaconmock" ) @@ -24,7 +24,7 @@ func TestIsAttAggregator(t *testing.T) { // https://github.com/prysmaticlabs/prysm/blob/8627fe72e80009ae162430140bcfff6f209d7a32/beacon-chain/core/helpers/attestation_test.go#L28 sig, err := hex.DecodeString("8776a37d6802c4797d113169c5fcfda50e68a32058eb6356a6f00d06d7da64c841a00c7c38b9b94a204751eca53707bd03523ce4797827d9bacff116a6e776a20bbccff4b683bf5201b610797ed0502557a58a65c8395f8a1649b976c3112d15") require.NoError(t, err) - blsSig, err := tblsconv2.SignatureFromBytes(sig) + blsSig, err := tblsconv.SignatureFromBytes(sig) require.NoError(t, err) t.Run("aggregator", func(t *testing.T) { diff --git a/eth2util/keymanager/keymanager_test.go b/eth2util/keymanager/keymanager_test.go index a8a53ccf1..3da17ccee 100644 --- a/eth2util/keymanager/keymanager_test.go +++ b/eth2util/keymanager/keymanager_test.go @@ -18,8 +18,8 @@ import ( "github.com/obolnetwork/charon/eth2util/keymanager" "github.com/obolnetwork/charon/eth2util/keystore" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) const testAuthToken = "api-token-test" @@ -28,11 +28,11 @@ func TestImportKeystores(t *testing.T) { var ( ctx = context.Background() numSecrets = 4 - secrets []tblsv2.PrivateKey + secrets []tbls.PrivateKey ) for i := 0; i < numSecrets; i++ { - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) secrets = append(secrets, secret) } @@ -152,14 +152,14 @@ type noopKeystore struct { } // decrypt returns the secret from the encrypted keystore. -func decrypt(t *testing.T, store noopKeystore, password string) (tblsv2.PrivateKey, error) { +func decrypt(t *testing.T, store noopKeystore, password string) (tbls.PrivateKey, error) { t.Helper() decryptor := keystorev4.New() secretBytes, err := decryptor.Decrypt(store.Crypto, password) require.NoError(t, err) - return tblsconv2.PrivkeyFromBytes(secretBytes) + return tblsconv.PrivkeyFromBytes(secretBytes) } // randomHex32 returns a random 32 character hex string. diff --git a/eth2util/keystore/keystore.go b/eth2util/keystore/keystore.go index e0fee7717..e16a1dfea 100644 --- a/eth2util/keystore/keystore.go +++ b/eth2util/keystore/keystore.go @@ -20,8 +20,8 @@ import ( keystorev4 "github.com/wealdtech/go-eth2-wallet-encryptor-keystorev4" "github.com/obolnetwork/charon/app/errors" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) // insecureCost decreases the cipher key cost from the default 18 to 4 which speeds up @@ -38,18 +38,18 @@ var ConfirmInsecureKeys confirmInsecure // // 🚨 The keystores are insecure and should only be used for testing large validator sets // as it speeds up encryption and decryption at the cost of security. -func StoreKeysInsecure(secrets []tblsv2.PrivateKey, dir string, _ confirmInsecure) error { +func StoreKeysInsecure(secrets []tbls.PrivateKey, dir string, _ confirmInsecure) error { return storeKeysInternal(secrets, dir, "keystore-insecure-%d.json", keystorev4.WithCost(new(testing.T), insecureCost)) } // StoreKeys stores the secrets in dir/keystore-%d.json EIP 2335 Keystore files // with new random passwords stored in dir/Keystore-%d.txt. -func StoreKeys(secrets []tblsv2.PrivateKey, dir string) error { +func StoreKeys(secrets []tbls.PrivateKey, dir string) error { return storeKeysInternal(secrets, dir, "keystore-%d.json") } -func storeKeysInternal(secrets []tblsv2.PrivateKey, dir string, filenameFmt string, opts ...keystorev4.Option) error { +func storeKeysInternal(secrets []tbls.PrivateKey, dir string, filenameFmt string, opts ...keystorev4.Option) error { for i, secret := range secrets { password, err := randomHex32() if err != nil { @@ -83,7 +83,7 @@ func storeKeysInternal(secrets []tblsv2.PrivateKey, dir string, filenameFmt stri // LoadKeys returns all secrets stored in dir/keystore-*.json 2335 Keystore files // using password stored in dir/keystore-*.txt. -func LoadKeys(dir string) ([]tblsv2.PrivateKey, error) { +func LoadKeys(dir string) ([]tbls.PrivateKey, error) { files, err := filepath.Glob(path.Join(dir, "keystore-*.json")) if err != nil { return nil, errors.Wrap(err, "read files") @@ -93,7 +93,7 @@ func LoadKeys(dir string) ([]tblsv2.PrivateKey, error) { return nil, errors.New("no keys found") } - var resp []tblsv2.PrivateKey + var resp []tbls.PrivateKey for _, f := range files { b, err := os.ReadFile(f) if err != nil { @@ -132,10 +132,10 @@ type Keystore struct { } // Encrypt returns the secret as an encrypted Keystore using pbkdf2 cipher. -func Encrypt(secret tblsv2.PrivateKey, password string, random io.Reader, +func Encrypt(secret tbls.PrivateKey, password string, random io.Reader, opts ...keystorev4.Option, ) (Keystore, error) { - pubKey, err := tblsv2.SecretToPublicKey(secret) + pubKey, err := tbls.SecretToPublicKey(secret) if err != nil { return Keystore{}, errors.Wrap(err, "marshal pubkey") } @@ -157,14 +157,14 @@ func Encrypt(secret tblsv2.PrivateKey, password string, random io.Reader, } // decrypt returns the secret from the encrypted (empty password) Keystore. -func decrypt(store Keystore, password string) (tblsv2.PrivateKey, error) { +func decrypt(store Keystore, password string) (tbls.PrivateKey, error) { decryptor := keystorev4.New() secretBytes, err := decryptor.Decrypt(store.Crypto, password) if err != nil { - return tblsv2.PrivateKey{}, errors.Wrap(err, "decrypt keystore") + return tbls.PrivateKey{}, errors.Wrap(err, "decrypt keystore") } - return tblsconv2.PrivkeyFromBytes(secretBytes) + return tblsconv.PrivkeyFromBytes(secretBytes) } // uuid returns a random uuid. diff --git a/eth2util/keystore/keystore_test.go b/eth2util/keystore/keystore_test.go index c81f6d463..8b79f51c4 100644 --- a/eth2util/keystore/keystore_test.go +++ b/eth2util/keystore/keystore_test.go @@ -9,15 +9,15 @@ import ( "github.com/stretchr/testify/require" "github.com/obolnetwork/charon/eth2util/keystore" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) func TestStoreLoad(t *testing.T) { dir := t.TempDir() - var secrets []tblsv2.PrivateKey + var secrets []tbls.PrivateKey for i := 0; i < 2; i++ { - secret, err := tblsv2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(t, err) secrets = append(secrets, secret) diff --git a/eth2util/signing/signing.go b/eth2util/signing/signing.go index 18a09b9a7..a490562de 100644 --- a/eth2util/signing/signing.go +++ b/eth2util/signing/signing.go @@ -11,7 +11,7 @@ import ( "github.com/obolnetwork/charon/app/eth2wrap" "github.com/obolnetwork/charon/app/tracer" "github.com/obolnetwork/charon/eth2util" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) // DomainName as defined in eth2 spec. @@ -70,7 +70,7 @@ func GetDataRoot(ctx context.Context, eth2Cl eth2wrap.Client, name DomainName, e // VerifyAggregateAndProofSelection verifies the eth2p0.AggregateAndProof with the provided pubkey. // Refer get_slot_signature from https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/validator.md#aggregation-selection. -func VerifyAggregateAndProofSelection(ctx context.Context, eth2Cl eth2wrap.Client, pubkey tblsv2.PublicKey, agg *eth2p0.AggregateAndProof) error { +func VerifyAggregateAndProofSelection(ctx context.Context, eth2Cl eth2wrap.Client, pubkey tbls.PublicKey, agg *eth2p0.AggregateAndProof) error { epoch, err := eth2util.EpochFromSlot(ctx, eth2Cl, agg.Aggregate.Data.Slot) if err != nil { return err @@ -86,7 +86,7 @@ func VerifyAggregateAndProofSelection(ctx context.Context, eth2Cl eth2wrap.Clien // Verify returns an error if the signature doesn't match the eth2 domain signed root. func Verify(ctx context.Context, eth2Cl eth2wrap.Client, domain DomainName, epoch eth2p0.Epoch, sigRoot eth2p0.Root, - signature eth2p0.BLSSignature, pubkey tblsv2.PublicKey, + signature eth2p0.BLSSignature, pubkey tbls.PublicKey, ) error { ctx, span := tracer.Start(ctx, "eth2util.Verify") defer span.End() @@ -103,5 +103,5 @@ func Verify(ctx context.Context, eth2Cl eth2wrap.Client, domain DomainName, epoc span.AddEvent("tbls.Verify") - return tblsv2.Verify(pubkey, sigData[:], tblsv2.Signature(signature)) + return tbls.Verify(pubkey, sigData[:], tbls.Signature(signature)) } diff --git a/eth2util/signing/signing_test.go b/eth2util/signing/signing_test.go index 5d985edd7..9b10273f3 100644 --- a/eth2util/signing/signing_test.go +++ b/eth2util/signing/signing_test.go @@ -15,13 +15,13 @@ import ( "github.com/stretchr/testify/require" "github.com/obolnetwork/charon/eth2util/signing" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" "github.com/obolnetwork/charon/testutil/beaconmock" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } @@ -34,7 +34,7 @@ func TestVerifyRegistrationReference(t *testing.T) { secretShareBytes, err := hex.DecodeString("345768c0245f1dc702df9e50e811002f61ebb2680b3d5931527ef59f96cbaf9b") require.NoError(t, err) - secretShare, err := tblsconv2.PrivkeyFromBytes(secretShareBytes) + secretShare, err := tblsconv.PrivkeyFromBytes(secretShareBytes) require.NoError(t, err) registrationJSON := ` @@ -58,7 +58,7 @@ func TestVerifyRegistrationReference(t *testing.T) { sigData, err := signing.GetDataRoot(context.Background(), bmock, signing.DomainApplicationBuilder, 0, sigRoot) require.NoError(t, err) - sig, err := tblsv2.Sign(secretShare, sigData[:]) + sig, err := tbls.Sign(secretShare, sigData[:]) require.NoError(t, err) sigEth2 := eth2p0.BLSSignature(sig) @@ -67,7 +67,7 @@ func TestVerifyRegistrationReference(t *testing.T) { fmt.Sprintf("%x", sigEth2), ) - pubkey, err := tblsv2.SecretToPublicKey(secretShare) + pubkey, err := tbls.SecretToPublicKey(secretShare) require.NoError(t, err) err = signing.Verify(context.Background(), bmock, signing.DomainApplicationBuilder, 0, sigRoot, eth2p0.BLSSignature(sig), pubkey) diff --git a/p2p/peer_test.go b/p2p/peer_test.go index d39eff958..24c4681e9 100644 --- a/p2p/peer_test.go +++ b/p2p/peer_test.go @@ -13,12 +13,12 @@ import ( "github.com/obolnetwork/charon/cluster" "github.com/obolnetwork/charon/eth2util/enr" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" ) func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } diff --git a/tbls/v2/herumi.go b/tbls/herumi.go similarity index 99% rename from tbls/v2/herumi.go rename to tbls/herumi.go index 864a81808..d628e85c5 100644 --- a/tbls/v2/herumi.go +++ b/tbls/herumi.go @@ -1,6 +1,6 @@ // Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 -package v2 +package tbls import ( "fmt" diff --git a/tbls/v2/kryptology.go b/tbls/kryptology.go similarity index 99% rename from tbls/v2/kryptology.go rename to tbls/kryptology.go index e0cf09e33..786432528 100644 --- a/tbls/v2/kryptology.go +++ b/tbls/kryptology.go @@ -1,6 +1,6 @@ // Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 -package v2 +package tbls import ( "crypto/rand" diff --git a/tbls/v2/tbls.go b/tbls/tbls.go similarity index 99% rename from tbls/v2/tbls.go rename to tbls/tbls.go index f507e20ab..164b8962b 100644 --- a/tbls/v2/tbls.go +++ b/tbls/tbls.go @@ -1,6 +1,6 @@ // Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 -package v2 +package tbls import "sync" diff --git a/tbls/v2/tbls_test.go b/tbls/tbls_test.go similarity index 62% rename from tbls/v2/tbls_test.go rename to tbls/tbls_test.go index 115db18cd..fade1c8c5 100644 --- a/tbls/v2/tbls_test.go +++ b/tbls/tbls_test.go @@ -1,6 +1,6 @@ // Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 -package v2_test +package tbls_test import ( "crypto/rand" @@ -10,60 +10,60 @@ import ( "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" - v2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) type TestSuite struct { suite.Suite - impl v2.Implementation + impl tbls.Implementation } -func NewTestSuite(implementations v2.Implementation) TestSuite { +func NewTestSuite(implementations tbls.Implementation) TestSuite { return TestSuite{ impl: implementations, } } func (ts *TestSuite) SetupTest() { - v2.SetImplementation(ts.impl) + tbls.SetImplementation(ts.impl) } func (ts *TestSuite) Test_GenerateSecretKey() { - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) } func (ts *TestSuite) Test_SecretToPublicKey() { - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) - pubk, err := v2.SecretToPublicKey(secret) + pubk, err := tbls.SecretToPublicKey(secret) require.NoError(ts.T(), err) require.NotEmpty(ts.T(), pubk) } func (ts *TestSuite) Test_ThresholdSplit() { - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) - shares, err := v2.ThresholdSplit(secret, 5, 3) + shares, err := tbls.ThresholdSplit(secret, 5, 3) require.NoError(ts.T(), err) require.NotEmpty(ts.T(), shares) } func (ts *TestSuite) Test_RecoverSecret() { - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) - shares, err := v2.ThresholdSplit(secret, 5, 3) + shares, err := tbls.ThresholdSplit(secret, 5, 3) require.NoError(ts.T(), err) - recovered, err := v2.RecoverSecret(shares, 5, 3) + recovered, err := tbls.RecoverSecret(shares, 5, 3) require.NoError(ts.T(), err) require.ElementsMatch(ts.T(), secret, recovered) @@ -72,25 +72,25 @@ func (ts *TestSuite) Test_RecoverSecret() { func (ts *TestSuite) Test_ThresholdAggregate() { data := []byte("hello obol!") - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) - totalOGSig, err := v2.Sign(secret, data) + totalOGSig, err := tbls.Sign(secret, data) require.NoError(ts.T(), err) - shares, err := v2.ThresholdSplit(secret, 5, 3) + shares, err := tbls.ThresholdSplit(secret, 5, 3) require.NoError(ts.T(), err) - signatures := map[int]v2.Signature{} + signatures := map[int]tbls.Signature{} for idx, key := range shares { - signature, err := v2.Sign(key, data) + signature, err := tbls.Sign(key, data) require.NoError(ts.T(), err) signatures[idx] = signature } - totalSig, err := v2.ThresholdAggregate(signatures) + totalSig, err := tbls.ThresholdAggregate(signatures) require.NoError(ts.T(), err) require.Equal(ts.T(), totalOGSig, totalSig) @@ -99,29 +99,29 @@ func (ts *TestSuite) Test_ThresholdAggregate() { func (ts *TestSuite) Test_Verify() { data := []byte("hello obol!") - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) - signature, err := v2.Sign(secret, data) + signature, err := tbls.Sign(secret, data) require.NoError(ts.T(), err) require.NotEmpty(ts.T(), signature) - pubkey, err := v2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(ts.T(), err) require.NotEmpty(ts.T(), pubkey) - require.NoError(ts.T(), v2.Verify(pubkey, data, signature)) + require.NoError(ts.T(), tbls.Verify(pubkey, data, signature)) } func (ts *TestSuite) Test_Sign() { data := []byte("hello obol!") - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) - signature, err := v2.Sign(secret, data) + signature, err := tbls.Sign(secret, data) require.NoError(ts.T(), err) require.NotEmpty(ts.T(), signature) } @@ -130,18 +130,18 @@ func (ts *TestSuite) Test_VerifyAggregate() { data := []byte("hello obol!") type key struct { - pub v2.PublicKey - priv v2.PrivateKey + pub tbls.PublicKey + priv tbls.PrivateKey } var keys []key for i := 0; i < 10; i++ { - secret, err := v2.GenerateSecretKey() + secret, err := tbls.GenerateSecretKey() require.NoError(ts.T(), err) require.NotEmpty(ts.T(), secret) - pubkey, err := v2.SecretToPublicKey(secret) + pubkey, err := tbls.SecretToPublicKey(secret) require.NoError(ts.T(), err) keys = append(keys, key{ @@ -150,23 +150,23 @@ func (ts *TestSuite) Test_VerifyAggregate() { }) } - var signs []v2.Signature - var pshares []v2.PublicKey + var signs []tbls.Signature + var pshares []tbls.PublicKey for _, key := range keys { - s, err := v2.Sign(key.priv, data) + s, err := tbls.Sign(key.priv, data) require.NoError(ts.T(), err) signs = append(signs, s) pshares = append(pshares, key.pub) } - sig, err := v2.Aggregate(signs) + sig, err := tbls.Aggregate(signs) require.NoError(ts.T(), err) - require.NoError(ts.T(), v2.VerifyAggregate(pshares, sig, data)) + require.NoError(ts.T(), tbls.VerifyAggregate(pshares, sig, data)) } -func runSuite(t *testing.T, i v2.Implementation) { +func runSuite(t *testing.T, i tbls.Implementation) { t.Helper() ts := NewTestSuite(i) @@ -174,14 +174,14 @@ func runSuite(t *testing.T, i v2.Implementation) { } func TestHerumiImplementation(t *testing.T) { - runSuite(t, v2.Herumi{}) + runSuite(t, tbls.Herumi{}) } func TestKryptologyImplementation(t *testing.T) { - runSuite(t, v2.Kryptology{}) + runSuite(t, tbls.Kryptology{}) } -func runBenchmark(b *testing.B, impl v2.Implementation) { +func runBenchmark(b *testing.B, impl tbls.Implementation) { b.Helper() s := NewTestSuite(impl) t := &testing.T{} @@ -207,18 +207,18 @@ func runBenchmark(b *testing.B, impl v2.Implementation) { } func BenchmarkHerumiImplementation(b *testing.B) { - runBenchmark(b, v2.Herumi{}) + runBenchmark(b, tbls.Herumi{}) } func BenchmarkKryptologyImplementation(b *testing.B) { - runBenchmark(b, v2.Kryptology{}) + runBenchmark(b, tbls.Kryptology{}) } func TestRandomized(t *testing.T) { runSuite(t, randomizedImpl{ - implementations: []v2.Implementation{ - v2.Herumi{}, - v2.Kryptology{}, + implementations: []tbls.Implementation{ + tbls.Herumi{}, + tbls.Kryptology{}, }, }) } @@ -227,10 +227,10 @@ func TestRandomized(t *testing.T) { // the implementations slice. // Useful to test whether two implementations are compatible. type randomizedImpl struct { - implementations []v2.Implementation + implementations []tbls.Implementation } -func (r randomizedImpl) selectImpl() (v2.Implementation, error) { +func (r randomizedImpl) selectImpl() (tbls.Implementation, error) { blen := big.NewInt(int64(len(r.implementations))) // random number: [0, len(ts.impl)) @@ -245,25 +245,25 @@ func (r randomizedImpl) selectImpl() (v2.Implementation, error) { return r.implementations[nativeN], nil } -func (r randomizedImpl) GenerateSecretKey() (v2.PrivateKey, error) { +func (r randomizedImpl) GenerateSecretKey() (tbls.PrivateKey, error) { impl, err := r.selectImpl() if err != nil { - return v2.PrivateKey{}, err + return tbls.PrivateKey{}, err } return impl.GenerateSecretKey() } -func (r randomizedImpl) SecretToPublicKey(key v2.PrivateKey) (v2.PublicKey, error) { +func (r randomizedImpl) SecretToPublicKey(key tbls.PrivateKey) (tbls.PublicKey, error) { impl, err := r.selectImpl() if err != nil { - return v2.PublicKey{}, err + return tbls.PublicKey{}, err } return impl.SecretToPublicKey(key) } -func (r randomizedImpl) ThresholdSplit(secret v2.PrivateKey, total uint, threshold uint) (map[int]v2.PrivateKey, error) { +func (r randomizedImpl) ThresholdSplit(secret tbls.PrivateKey, total uint, threshold uint) (map[int]tbls.PrivateKey, error) { impl, err := r.selectImpl() if err != nil { return nil, err @@ -272,25 +272,25 @@ func (r randomizedImpl) ThresholdSplit(secret v2.PrivateKey, total uint, thresho return impl.ThresholdSplit(secret, total, threshold) } -func (r randomizedImpl) RecoverSecret(shares map[int]v2.PrivateKey, total uint, threshold uint) (v2.PrivateKey, error) { +func (r randomizedImpl) RecoverSecret(shares map[int]tbls.PrivateKey, total uint, threshold uint) (tbls.PrivateKey, error) { impl, err := r.selectImpl() if err != nil { - return v2.PrivateKey{}, err + return tbls.PrivateKey{}, err } return impl.RecoverSecret(shares, total, threshold) } -func (r randomizedImpl) ThresholdAggregate(partialSignaturesByIndex map[int]v2.Signature) (v2.Signature, error) { +func (r randomizedImpl) ThresholdAggregate(partialSignaturesByIndex map[int]tbls.Signature) (tbls.Signature, error) { impl, err := r.selectImpl() if err != nil { - return v2.Signature{}, err + return tbls.Signature{}, err } return impl.ThresholdAggregate(partialSignaturesByIndex) } -func (r randomizedImpl) Verify(compressedPublicKey v2.PublicKey, data []byte, signature v2.Signature) error { +func (r randomizedImpl) Verify(compressedPublicKey tbls.PublicKey, data []byte, signature tbls.Signature) error { impl, err := r.selectImpl() if err != nil { return err @@ -299,16 +299,16 @@ func (r randomizedImpl) Verify(compressedPublicKey v2.PublicKey, data []byte, si return impl.Verify(compressedPublicKey, data, signature) } -func (r randomizedImpl) Sign(privateKey v2.PrivateKey, data []byte) (v2.Signature, error) { +func (r randomizedImpl) Sign(privateKey tbls.PrivateKey, data []byte) (tbls.Signature, error) { impl, err := r.selectImpl() if err != nil { - return v2.Signature{}, err + return tbls.Signature{}, err } return impl.Sign(privateKey, data) } -func (r randomizedImpl) VerifyAggregate(shares []v2.PublicKey, signature v2.Signature, data []byte) error { +func (r randomizedImpl) VerifyAggregate(shares []tbls.PublicKey, signature tbls.Signature, data []byte) error { impl, err := r.selectImpl() if err != nil { return err @@ -317,10 +317,10 @@ func (r randomizedImpl) VerifyAggregate(shares []v2.PublicKey, signature v2.Sign return impl.VerifyAggregate(shares, signature, data) } -func (r randomizedImpl) Aggregate(signs []v2.Signature) (v2.Signature, error) { +func (r randomizedImpl) Aggregate(signs []tbls.Signature) (tbls.Signature, error) { impl, err := r.selectImpl() if err != nil { - return v2.Signature{}, err + return tbls.Signature{}, err } return impl.Aggregate(signs) diff --git a/tbls/tblsconv/tblsconv.go b/tbls/tblsconv/tblsconv.go index 18f7e9324..b76ccac37 100644 --- a/tbls/tblsconv/tblsconv.go +++ b/tbls/tblsconv/tblsconv.go @@ -1,160 +1,71 @@ // Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 -// Package tblsconv provides functions to convert into and from kryptology bls_sig types. -// This package is inspired by strconv. package tblsconv import ( eth2p0 "github.com/attestantio/go-eth2-client/spec/phase0" - "github.com/coinbase/kryptology/pkg/core/curves/native/bls12381" - "github.com/coinbase/kryptology/pkg/signatures/bls/bls_sig" "github.com/obolnetwork/charon/app/errors" "github.com/obolnetwork/charon/core" + v2 "github.com/obolnetwork/charon/tbls" ) -// KeyFromBytes unmarshals the bytes into a kryptology bls public key. -func KeyFromBytes(bytes []byte) (*bls_sig.PublicKey, error) { - resp := new(bls_sig.PublicKey) - if err := resp.UnmarshalBinary(bytes); err != nil { - return nil, errors.Wrap(err, "unmarshal pubkey") - } - - return resp, nil +// SigFromCore converts a core workflow Signature type into a tbls.Signature. +func SigFromCore(sig core.Signature) (v2.Signature, error) { + return SignatureFromBytes(sig) } -// KeyFromETH2 converts an eth2 phase0 public key into a kryptology bls public key. -func KeyFromETH2(key eth2p0.BLSPubKey) (*bls_sig.PublicKey, error) { - resp := new(bls_sig.PublicKey) - if err := resp.UnmarshalBinary(key[:]); err != nil { - return nil, errors.Wrap(err, "unmarshal pubkey") - } - - return resp, nil +// SigToCore converts a tbls.Signature into a core workflow Signature type. +func SigToCore(sig v2.Signature) core.Signature { + return sig[:] } -// KeyToETH2 converts a kryptology bls public key into an eth2 phase0 public key. -func KeyToETH2(key *bls_sig.PublicKey) (eth2p0.BLSPubKey, error) { - b, err := key.MarshalBinary() - if err != nil { - return eth2p0.BLSPubKey{}, errors.Wrap(err, "marshal pubkey") - } - - var resp eth2p0.BLSPubKey - if n := copy(resp[:], b); n != len(resp) { - return eth2p0.BLSPubKey{}, errors.Wrap(err, "invalid pubkey") - } - - return resp, nil +// SigToETH2 converts a tbls.Signature into an eth2 phase0 bls signature. +func SigToETH2(sig v2.Signature) eth2p0.BLSSignature { + return eth2p0.BLSSignature(sig) } -// KeyFromCore converts a core workflow public key into a kryptology bls public key. -func KeyFromCore(key core.PubKey) (*bls_sig.PublicKey, error) { - b, err := key.Bytes() - if err != nil { - return nil, err - } - - pubkey := new(bls_sig.PublicKey) - if err := pubkey.UnmarshalBinary(b); err != nil { - return nil, errors.Wrap(err, "unmarshal pubkey") - } - - return pubkey, nil +func PubkeyToETH2(pk v2.PublicKey) (eth2p0.BLSPubKey, error) { + return eth2p0.BLSPubKey(pk), nil } -// KeyToCore converts a kryptology bls public key into a core workflow public key. -func KeyToCore(key *bls_sig.PublicKey) (core.PubKey, error) { - b, err := key.MarshalBinary() - if err != nil { - return "", errors.Wrap(err, "marshal pubkey") +// PrivkeyFromBytes returns a v2.PrivateKey from the given compressed private key bytes contained in data. +// Returns an error if the data isn't of the expected length. +func PrivkeyFromBytes(data []byte) (v2.PrivateKey, error) { + if len(data) != len(v2.PrivateKey{}) { + return v2.PrivateKey{}, errors.New("data is not of the correct length") } - return core.PubKeyFromBytes(b) + return *(*v2.PrivateKey)(data), nil } -// SigFromBytes converts bytes into a kryptology bls signature. -func SigFromBytes(sig []byte) (*bls_sig.Signature, error) { - point, err := new(bls12381.G2).FromCompressed((*[96]byte)(sig)) - if err != nil { - return nil, errors.Wrap(err, "uncompress sig") +// PubkeyFromBytes returns a v2.PublicKey from the given compressed public key bytes contained in data. +// Returns an error if the data isn't of the expected length. +func PubkeyFromBytes(data []byte) (v2.PublicKey, error) { + if len(data) != len(v2.PublicKey{}) { + return v2.PublicKey{}, errors.New("data is not of the correct length") } - return &bls_sig.Signature{Value: *point}, nil + return *(*v2.PublicKey)(data), nil } -// SigFromETH2 converts an eth2 phase0 bls signature into a kryptology bls signature. -func SigFromETH2(sig eth2p0.BLSSignature) (*bls_sig.Signature, error) { - point, err := new(bls12381.G2).FromCompressed((*[96]byte)(sig[:])) +// PubkeyFromCore returns a v2.PublicKey from the given core public key. +// Returns an error if the data isn't of the expected length. +func PubkeyFromCore(pk core.PubKey) (v2.PublicKey, error) { + data, err := pk.Bytes() if err != nil { - return nil, errors.Wrap(err, "uncompress sig") + return v2.PublicKey{}, err } - return &bls_sig.Signature{Value: *point}, nil + return PubkeyFromBytes(data) } -func SigFromPartial(psig *bls_sig.PartialSignature) *bls_sig.Signature { - return &bls_sig.Signature{Value: psig.Signature} -} - -// SigToETH2 converts a kryptology bls signature into an eth2 phase0 bls signature. -func SigToETH2(sig *bls_sig.Signature) eth2p0.BLSSignature { - return sig.Value.ToCompressed() -} - -// SigToCore converts a kryptology bls signature into a core workflow Signature type. -func SigToCore(sig *bls_sig.Signature) core.Signature { - s := sig.Value.ToCompressed() - return core.SigFromETH2(s) -} - -// SigFromCore converts a core workflow Signature type into a kryptology bls signature. -func SigFromCore(sig core.Signature) (*bls_sig.Signature, error) { - point, err := new(bls12381.G2).FromCompressed((*[96]byte)(sig)) - if err != nil { - return nil, errors.Wrap(err, "uncompress sig") - } - - return &bls_sig.Signature{Value: *point}, nil -} - -// ShareToSecret converts a bls secret share into a normal bls secret. -func ShareToSecret(share *bls_sig.SecretKeyShare) (*bls_sig.SecretKey, error) { - b, err := share.MarshalBinary() - if err != nil { - return nil, errors.Wrap(err, "marshal share") - } - - // shamir.Share.Bytes() strips leading zeros... - const sksLen = 33 - if len(b) < sksLen { - b = append(make([]byte, sksLen-len(b)), b...) - } - - resp := new(bls_sig.SecretKey) - if err := resp.UnmarshalBinary(b[:len(b)-1]); err != nil { - return nil, errors.Wrap(err, "unmarshal secret") - } - - return resp, nil -} - -// SecretFromBytes returns a bls secret from bytes. -func SecretFromBytes(secret []byte) (*bls_sig.SecretKey, error) { - resp := new(bls_sig.SecretKey) - if err := resp.UnmarshalBinary(secret); err != nil { - return nil, errors.Wrap(err, "unmarshal secret") - } - - return resp, nil -} - -// SecretToBytes converts a bls secret into bytes. -func SecretToBytes(secret *bls_sig.SecretKey) ([]byte, error) { - resp, err := secret.MarshalBinary() - if err != nil { - return nil, errors.Wrap(err, "marshal secret") +// SignatureFromBytes returns a v2.Signature from the given compressed signature bytes contained in data. +// Returns an error if the data isn't of the expected length. +func SignatureFromBytes(data []byte) (v2.Signature, error) { + if len(data) != len(v2.Signature{}) { + return v2.Signature{}, errors.New("data is not of the correct length") } - return resp, nil + return *(*v2.Signature)(data), nil } diff --git a/tbls/tblsconv/tblsconv_test.go b/tbls/tblsconv/tblsconv_test.go index 6655cc84a..d520d60aa 100644 --- a/tbls/tblsconv/tblsconv_test.go +++ b/tbls/tblsconv/tblsconv_test.go @@ -3,131 +3,249 @@ package tblsconv_test import ( - "math/rand" + "bytes" + "encoding/hex" + "strings" "testing" - "time" - "github.com/coinbase/kryptology/pkg/signatures/bls/bls_sig" "github.com/stretchr/testify/require" - "github.com/obolnetwork/charon/tbls" + v2 "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/tbls/tblsconv" + "github.com/obolnetwork/charon/testutil" ) -func TestCoreKey(t *testing.T) { - tblsKey1, _, err := tbls.Keygen() - require.NoError(t, err) - - coreKey, err := tblsconv.KeyToCore(tblsKey1) - require.NoError(t, err) +func TestPrivkeyFromBytes(t *testing.T) { + tests := []struct { + name string + data []byte + want v2.PrivateKey + wantErr bool + }{ + { + "empty input", + []byte{}, + v2.PrivateKey{}, + true, + }, + { + "more data than expected", + bytes.Repeat([]byte{42}, len(v2.PrivateKey{})+1), + v2.PrivateKey{}, + true, + }, + { + "less data than expected", + bytes.Repeat([]byte{42}, len(v2.PrivateKey{})-1), + v2.PrivateKey{}, + true, + }, + { + "enough data", + bytes.Repeat([]byte{42}, len(v2.PrivateKey{})), + *(*v2.PrivateKey)(bytes.Repeat([]byte{42}, len(v2.PrivateKey{}))), + false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := tblsconv.PrivkeyFromBytes(tt.data) - tblsKey2, err := tblsconv.KeyFromCore(coreKey) - require.NoError(t, err) + if tt.wantErr { + require.Error(t, err) + require.Empty(t, got) - b1, err := tblsKey1.MarshalBinary() - require.NoError(t, err) - b2, err := tblsKey2.MarshalBinary() - require.NoError(t, err) + return + } - require.Equal(t, b1, b2) + require.NoError(t, err) + require.Equal(t, tt.want, got) + }) + } } -func TestETHKey(t *testing.T) { - tblsKey1, _, err := tbls.Keygen() - require.NoError(t, err) +func TestPubkeyFromBytes(t *testing.T) { + tests := []struct { + name string + data []byte + want v2.PublicKey + wantErr bool + }{ + { + "empty input", + []byte{}, + v2.PublicKey{}, + true, + }, + { + "more data than expected", + bytes.Repeat([]byte{42}, len(v2.PublicKey{})+1), + v2.PublicKey{}, + true, + }, + { + "less data than expected", + bytes.Repeat([]byte{42}, len(v2.PublicKey{})-1), + v2.PublicKey{}, + true, + }, + { + "enough data", + bytes.Repeat([]byte{42}, len(v2.PublicKey{})), + *(*v2.PublicKey)(bytes.Repeat([]byte{42}, len(v2.PublicKey{}))), + false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := tblsconv.PubkeyFromBytes(tt.data) - eth2Key, err := tblsconv.KeyToETH2(tblsKey1) - require.NoError(t, err) + if tt.wantErr { + require.Error(t, err) + require.Empty(t, got) - tblsKey2, err := tblsconv.KeyFromETH2(eth2Key) - require.NoError(t, err) - - b1, err := tblsKey1.MarshalBinary() - require.NoError(t, err) - b2, err := tblsKey2.MarshalBinary() - require.NoError(t, err) + return + } - require.Equal(t, b1, b2) + require.NoError(t, err) + require.Equal(t, tt.want, got) + }) + } } -func TestSig(t *testing.T) { - _, secret, err := tbls.Keygen() +func TestPubkeyToETH2(t *testing.T) { + pubkey, err := tblsconv.PubkeyFromBytes(bytes.Repeat([]byte{42}, len(v2.PublicKey{}))) require.NoError(t, err) - sig1, err := tbls.Sign(secret, []byte("msg")) + res, err := tblsconv.PubkeyToETH2(pubkey) require.NoError(t, err) - eth2Sig := tblsconv.SigToETH2(sig1) - require.NoError(t, err) + require.Equal(t, pubkey[:], res[:]) +} - sig2, err := tblsconv.SigFromETH2(eth2Sig) - require.NoError(t, err) +func TestPubkeyFromCore(t *testing.T) { + pubkey := testutil.RandomCorePubKey(t) - coreSig := tblsconv.SigToCore(sig2) - sig3, err := tblsconv.SigFromCore(coreSig) + res, err := tblsconv.PubkeyFromCore(pubkey) require.NoError(t, err) - require.Equal(t, sig2, sig3) -} -func TestShareToSecret(t *testing.T) { - _, shares, err := tbls.GenerateTSS(3, 4, rand.New(rand.NewSource(time.Now().UnixNano()))) + expect, err := hex.DecodeString(strings.TrimPrefix(string(pubkey), "0x")) require.NoError(t, err) + require.Equal(t, expect, res[:]) +} - msg := []byte("test data") - - for _, share := range shares { - secret, err := tblsconv.ShareToSecret(share) - require.NoError(t, err) - - psig, err := tbls.PartialSign(share, msg) - require.NoError(t, err) +func TestSignatureFromBytes(t *testing.T) { + tests := []struct { + name string + data []byte + want v2.Signature + wantErr bool + }{ + { + "empty input", + []byte{}, + v2.Signature{}, + true, + }, + { + "more data than expected", + bytes.Repeat([]byte{42}, len(v2.Signature{})+1), + v2.Signature{}, + true, + }, + { + "less data than expected", + bytes.Repeat([]byte{42}, len(v2.Signature{})-1), + v2.Signature{}, + true, + }, + { + "enough data", + bytes.Repeat([]byte{42}, len(v2.Signature{})), + *(*v2.Signature)(bytes.Repeat([]byte{42}, len(v2.Signature{}))), + false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := tblsconv.SignatureFromBytes(tt.data) - sig, err := tbls.Sign(secret, msg) - require.NoError(t, err) + if tt.wantErr { + require.Error(t, err) + require.Empty(t, got) - pdata := tblsconv.SigToCore(&bls_sig.Signature{Value: psig.Signature}) - data := tblsconv.SigToCore(sig) + return + } - require.Equal(t, pdata, data) + require.NoError(t, err) + require.Equal(t, tt.want, got) + }) } } -func TestSecretToBytes(t *testing.T) { - _, shares, err := tbls.GenerateTSS(3, 4, rand.New(rand.NewSource(time.Now().UnixNano()))) - require.NoError(t, err) +func TestSigFromCore(t *testing.T) { + tests := []struct { + name string + data []byte + want v2.Signature + wantErr bool + }{ + { + "empty input", + []byte{}, + v2.Signature{}, + true, + }, + { + "more data than expected", + bytes.Repeat([]byte{42}, len(v2.Signature{})+1), + v2.Signature{}, + true, + }, + { + "less data than expected", + bytes.Repeat([]byte{42}, len(v2.Signature{})-1), + v2.Signature{}, + true, + }, + { + "enough data", + bytes.Repeat([]byte{42}, len(v2.Signature{})), + *(*v2.Signature)(bytes.Repeat([]byte{42}, len(v2.Signature{}))), + false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := tblsconv.SigFromCore(tt.data) - for _, share := range shares { - secret, err := tblsconv.ShareToSecret(share) - require.NoError(t, err) + if tt.wantErr { + require.Error(t, err) + require.Empty(t, got) - b, err := tblsconv.SecretToBytes(secret) - require.NoError(t, err) + return + } - result, err := tblsconv.SecretFromBytes(b) - require.NoError(t, err) - require.Equal(t, secret, result) + require.NoError(t, err) + require.Equal(t, tt.want, got) + }) } } -func TestShareToSecret_ZeroPadding(t *testing.T) { - _, shares, err := tbls.GenerateTSS(3, 4, rand.New(rand.NewSource(96))) +func TestSigToCore(t *testing.T) { + sig, err := tblsconv.SignatureFromBytes(bytes.Repeat([]byte{42}, len(v2.Signature{}))) require.NoError(t, err) - msg := []byte("test data") - - for _, share := range shares { - secret, err := tblsconv.ShareToSecret(share) - require.NoError(t, err) + coresig := tblsconv.SigToCore(sig) - psig, err := tbls.PartialSign(share, msg) - require.NoError(t, err) + require.Equal(t, sig[:], []byte(coresig)) +} - sig, err := tbls.Sign(secret, msg) - require.NoError(t, err) +func TestSigToETH2(t *testing.T) { + sig, err := tblsconv.SignatureFromBytes(bytes.Repeat([]byte{42}, len(v2.Signature{}))) + require.NoError(t, err) - pdata := tblsconv.SigToCore(&bls_sig.Signature{Value: psig.Signature}) - data := tblsconv.SigToCore(sig) + coresig := tblsconv.SigToETH2(sig) - require.Equal(t, pdata, data) - } + require.Equal(t, sig[:], coresig[:]) } diff --git a/tbls/tss.go b/tbls/tss.go deleted file mode 100644 index 740535924..000000000 --- a/tbls/tss.go +++ /dev/null @@ -1,312 +0,0 @@ -// Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 - -package tbls - -import ( - "io" - - "github.com/coinbase/kryptology/pkg/core/curves" - share "github.com/coinbase/kryptology/pkg/sharing" - "github.com/coinbase/kryptology/pkg/signatures/bls/bls_sig" - - "github.com/obolnetwork/charon/app/errors" -) - -// blsScheme is the BLS12-381 ETH2 signature scheme with standard domain separation tag used for signatures. -// blsScheme uses proofs of possession to mitigate rogue-key attacks. -// see: https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-4.2.3 -var blsScheme = bls_sig.NewSigEth2() - -// Scheme returns the BLS12-381 ETH2 signature scheme. -func Scheme() *bls_sig.SigEth2 { - return blsScheme -} - -// Keygen returns a new BLS key pair. -func Keygen() (*bls_sig.PublicKey, *bls_sig.SecretKey, error) { - pubkey, secret, err := blsScheme.Keygen() - if err != nil { - return nil, nil, errors.Wrap(err, "generate key") - } - - return pubkey, secret, nil -} - -// KeygenWithSeed returns a new BLS key pair seeded from the reader. -func KeygenWithSeed(reader io.Reader) (*bls_sig.PublicKey, *bls_sig.SecretKey, error) { - ikm := make([]byte, 32) - _, _ = reader.Read(ikm) - pubkey, secret, err := blsScheme.KeygenWithSeed(ikm) - if err != nil { - return nil, nil, errors.Wrap(err, "generate key") - } - - return pubkey, secret, nil -} - -// TSS (threshold signing scheme) wraps PubKey (PublicKey), Pubshares (the public shares corresponding to each secret key share) -// and threshold (number of shares). -type TSS struct { - pubshares map[int]*bls_sig.PublicKey - numShares int - threshold int - - // publicKey inferred from verifier commitments in NewTSS. - publicKey *bls_sig.PublicKey -} - -// NumShares returns the number of shares in the threshold signature scheme. -func (t TSS) NumShares() int { - return t.numShares -} - -// PublicKey returns the threshold signature scheme's root public key. -func (t TSS) PublicKey() *bls_sig.PublicKey { - return t.publicKey -} - -// Threshold returns the minimum number of partial signatures required to aggregate the threshold signature. -func (t TSS) Threshold() int { - return t.threshold -} - -// PublicShare returns a share's public key by share index (identifier). -func (t TSS) PublicShare(shareIdx int) *bls_sig.PublicKey { - return t.pubshares[shareIdx] -} - -func (t TSS) PublicShares() map[int]*bls_sig.PublicKey { - return t.pubshares -} - -func NewTSS(verifier *share.FeldmanVerifier, numShares int) (TSS, error) { - pk := new(bls_sig.PublicKey) - err := pk.UnmarshalBinary(verifier.Commitments[0].ToAffineCompressed()) - if err != nil { - return TSS{}, errors.Wrap(err, "unmarshal pubkey") - } - - pubshares := make(map[int]*bls_sig.PublicKey) - for i := 1; i <= numShares; i++ { - pubshares[i], err = getPubShare(i, verifier) - if err != nil { - return TSS{}, err - } - } - - return TSS{ - pubshares: pubshares, - publicKey: pk, - numShares: numShares, - threshold: len(verifier.Commitments), - }, nil -} - -// GenerateTSS returns a new random instance of threshold signing scheme and associated SecretKeyShares. -// It generates n number of secret key shares where t of them can be combined to sign a message. -func GenerateTSS(t, n int, reader io.Reader) (TSS, []*bls_sig.SecretKeyShare, error) { - ikm := make([]byte, 32) - _, _ = reader.Read(ikm) - _, secret, err := blsScheme.KeygenWithSeed(ikm) - if err != nil { - return TSS{}, nil, errors.Wrap(err, "bls key generation") - } - - sks, verifier, err := SplitSecret(secret, t, n, reader) - if err != nil { - return TSS{}, nil, errors.Wrap(err, "generate secret shares") - } - - tss, err := NewTSS(verifier, n) - if err != nil { - return TSS{}, nil, err - } - - return tss, sks, nil -} - -// Aggregate returns an aggregated signature. -func Aggregate(partialSigs []*bls_sig.PartialSignature) (*bls_sig.Signature, error) { - aggSig, err := blsScheme.CombineSignatures(partialSigs...) - if err != nil { - return nil, errors.Wrap(err, "aggregate signatures") - } - - return aggSig, nil -} - -// VerifyAndAggregate verifies all partial signatures against a message and aggregates them. -// It returns the aggregated signature and slice of valid partial signature identifiers. -func VerifyAndAggregate(tss TSS, partialSigs []*bls_sig.PartialSignature, msg []byte) (*bls_sig.Signature, []byte, error) { - if len(partialSigs) < tss.Threshold() { - return nil, nil, errors.New("insufficient signatures") - } - - var ( - signers []byte - validSigs []*bls_sig.PartialSignature - ) - - for _, psig := range partialSigs { - // TODO(dhruv): add break condition if valid shares >= threshold - pubShare := tss.PublicShare(int(psig.Identifier)) - - sig := &bls_sig.Signature{Value: psig.Signature} - ok, err := blsScheme.Verify(pubShare, msg, sig) - if err != nil || !ok { - continue - } - - validSigs = append(validSigs, psig) - signers = append(signers, psig.Identifier) - } - - if len(validSigs) < tss.Threshold() { - return nil, nil, errors.New("insufficient valid signatures") - } - - aggSig, err := blsScheme.CombineSignatures(validSigs...) - if err != nil { - return nil, nil, errors.Wrap(err, "aggregate signatures") - } - - return aggSig, signers, nil -} - -// Verify verifies the given signature(sig) on message(msg) with given public key (pk). -func Verify(pk *bls_sig.PublicKey, msg []byte, sig *bls_sig.Signature) (bool, error) { - res, err := blsScheme.Verify(pk, msg, sig) - if err != nil { - return res, errors.Wrap(err, "verify signature") - } - - return res, nil -} - -// PartialSign signs given message(msg) using given Secret Key Share(sks) and returns a Partial Signature. -func PartialSign(sks *bls_sig.SecretKeyShare, msg []byte) (*bls_sig.PartialSignature, error) { - psig, err := blsScheme.PartialSign(sks, msg) - if err != nil { - return nil, errors.Wrap(err, "partial sign") - } - - return psig, nil -} - -// Sign signs given message(msg) using given Secret Key(sk) and returns a Signature. -func Sign(sk *bls_sig.SecretKey, msg []byte) (*bls_sig.Signature, error) { - sig, err := blsScheme.Sign(sk, msg) - if err != nil { - return nil, errors.Wrap(err, "sign") - } - - return sig, nil -} - -// CombineShares returns the root/group secret by combining threshold secret shares. -func CombineShares(shares []*bls_sig.SecretKeyShare, t, n int) (*bls_sig.SecretKey, error) { - var shamirShares []*share.ShamirShare - for _, s := range shares { - b, err := s.MarshalBinary() - if err != nil { - return nil, errors.Wrap(err, "marshal key share") - } - - lenMin1 := len(b) - 1 - shamirShare := share.ShamirShare{ - Id: uint32(b[lenMin1]), - Value: b[:lenMin1], - } - - shamirShares = append(shamirShares, &shamirShare) - } - - scheme, err := share.NewFeldman(uint32(t), uint32(n), curves.BLS12381G1()) - if err != nil { - return nil, errors.Wrap(err, "new Feldman VSS") - } - - secretScaler, err := scheme.Combine(shamirShares...) - if err != nil { - return nil, errors.Wrap(err, "combine shares") - } - - resp := new(bls_sig.SecretKey) - if err := resp.UnmarshalBinary(secretScaler.Bytes()); err != nil { - return nil, errors.Wrap(err, "unmarshal secret") - } - - return resp, nil -} - -// SplitSecret splits the secret and returns n secret shares and t verifiers. -func SplitSecret(secret *bls_sig.SecretKey, t, n int, reader io.Reader) ([]*bls_sig.SecretKeyShare, *share.FeldmanVerifier, error) { - scheme, err := share.NewFeldman(uint32(t), uint32(n), curves.BLS12381G1()) - if err != nil { - return nil, nil, errors.Wrap(err, "new Feldman VSS") - } - - secretBytes, err := secret.MarshalBinary() - if err != nil { - return nil, nil, errors.Wrap(err, "marshalling Secret Key") - } - - secretScaler, err := curves.BLS12381G1().NewScalar().SetBytes(secretBytes) - if err != nil { - return nil, nil, errors.Wrap(err, "convert to scaler") - } - - verifier, shares, err := scheme.Split(secretScaler, reader) - if err != nil { - return nil, nil, errors.Wrap(err, "split Secret Key") - } - - sks := make([]*bls_sig.SecretKeyShare, len(shares)) - - for i, s := range shares { - // ref: https://github.com/coinbase/kryptology/blob/71ffd4cbf01951cd0ee056fc7b45b13ffb178330/pkg/signatures/bls/bls_sig/lib.go#L26 - skbin := s.Value - skbin = append(skbin, byte(s.Id)) - sks[i] = &bls_sig.SecretKeyShare{} - if err := sks[i].UnmarshalBinary(skbin); err != nil { - return nil, nil, errors.Wrap(err, "unmarshalling shamir share") - } - } - - return sks, verifier, nil -} - -// getPubShare returns the public key share for the i'th/identifier/shareIdx share from the verifier commitments. -func getPubShare(identifier int, verifier *share.FeldmanVerifier) (*bls_sig.PublicKey, error) { - curve := curves.GetCurveByName(verifier.Commitments[0].CurveName()) - if curve != curves.BLS12381G1() { - return nil, errors.New("curve mismatch") - } - - x := curve.Scalar.New(identifier) - i := curve.Scalar.One() - - // c_0 - pubshare := verifier.Commitments[0] - - // Compute the sum of products - // c_0 + c_1 * i + c_2 * {i^2} + c_3 * {i^3} ... c_t * {i_t} - for j := 1; j < len(verifier.Commitments); j++ { - // i *= x - i = i.Mul(x) - - // c_i * i - c := verifier.Commitments[j].Mul(i) - - // ... + c_j^{i^j} - pubshare = pubshare.Add(c) - } - - pk := new(bls_sig.PublicKey) - err := pk.UnmarshalBinary(pubshare.ToAffineCompressed()) - if err != nil { - return nil, errors.Wrap(err, "unmarshal pubshare") - } - - return pk, nil -} diff --git a/tbls/tss_internal_test.go b/tbls/tss_internal_test.go deleted file mode 100644 index 493aa1175..000000000 --- a/tbls/tss_internal_test.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 - -package tbls - -import ( - "crypto/rand" - "testing" - - "github.com/coinbase/kryptology/pkg/signatures/bls/bls_sig" - "github.com/stretchr/testify/require" -) - -func TestGenerateSecretShares(t *testing.T) { - for i := 0; i < 10; i++ { - t.Run("GenerateSecretShares", func(t *testing.T) { - ikm := make([]byte, 32) - cnt, err := rand.Read(ikm) - require.NoError(t, err) - require.Equal(t, 32, cnt) - - secret, err := new(bls_sig.SecretKey).Generate(ikm) - require.NoError(t, err) - require.NotNil(t, secret) - - shares, verifiers, err := SplitSecret(secret, 3, 5, rand.Reader) - require.NoError(t, err) - require.NotNil(t, shares) - require.NotNil(t, verifiers) - }) - } -} diff --git a/tbls/tss_test.go b/tbls/tss_test.go deleted file mode 100644 index ecea499ec..000000000 --- a/tbls/tss_test.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 - -package tbls_test - -import ( - "crypto/rand" - "testing" - - "github.com/coinbase/kryptology/pkg/signatures/bls/bls_sig" - "github.com/stretchr/testify/require" - - "github.com/obolnetwork/charon/tbls" - "github.com/obolnetwork/charon/testutil" -) - -func TestGenerateTSS(t *testing.T) { - threshold := 3 - shares := 5 - - tss, secrets, err := tbls.GenerateTSS(threshold, shares, rand.Reader) - require.NoError(t, err) - require.NotNil(t, tss) - require.NotNil(t, secrets) - - require.Equal(t, threshold, tss.Threshold()) - require.Equal(t, shares, tss.NumShares()) -} - -func TestCombineShares(t *testing.T) { - const ( - threshold = 3 - total = 5 - ) - - _, secret, err := tbls.Keygen() - require.NoError(t, err) - - shares, _, err := tbls.SplitSecret(secret, threshold, total, rand.Reader) - require.NoError(t, err) - - result, err := tbls.CombineShares(shares, threshold, total) - require.NoError(t, err) - - expect, err := secret.MarshalBinary() - require.NoError(t, err) - actual, err := result.MarshalBinary() - require.NoError(t, err) - - require.Equal(t, expect, actual) -} - -func TestAggregateSignatures(t *testing.T) { - threshold := 3 - shares := 5 - - tss, secrets, err := tbls.GenerateTSS(threshold, shares, rand.Reader) - require.NoError(t, err) - - msg := []byte("Hello Obol") - partialSigs := make([]*bls_sig.PartialSignature, len(secrets)) - for i, secret := range secrets { - psig, err := tbls.PartialSign(secret, msg) - require.NoError(t, err) - - partialSigs[i] = psig - - pubshare := tss.PublicShare(int(psig.Identifier)) - - ok, err := tbls.Verify(pubshare, msg, &bls_sig.Signature{Value: psig.Signature}) - require.NoError(t, err) - require.True(t, ok) - } - - sig, _, err := tbls.VerifyAndAggregate(tss, partialSigs, msg) - require.NoError(t, err) - - result, err := tbls.Verify(tss.PublicKey(), msg, sig) - require.NoError(t, err) - require.Equal(t, true, result) -} - -func BenchmarkVerify(b *testing.B) { - b.StopTimer() - - // Create b.N unique signatures to verify. - - type tuple struct { - PubKey *bls_sig.PublicKey - Secret *bls_sig.SecretKey - Sig *bls_sig.Signature - Msg []byte - } - - var tuples []tuple - for i := 0; i < b.N; i++ { - pubkey, secret, err := tbls.Keygen() - require.NoError(b, err) - - msg := testutil.RandomBytes32() - - sig, err := tbls.Sign(secret, msg) - require.NoError(b, err) - - tuples = append(tuples, tuple{ - PubKey: pubkey, - Secret: secret, - Sig: sig, - Msg: msg, - }) - } - - b.StartTimer() - - for i := 0; i < b.N; i++ { - tuple := tuples[i] - result, err := tbls.Verify(tuple.PubKey, tuple.Msg, tuple.Sig) - require.NoError(b, err) - require.Equal(b, true, result) - } -} diff --git a/tbls/v2/tblsconv/tblsconv.go b/tbls/v2/tblsconv/tblsconv.go deleted file mode 100644 index 4bd9b4ca0..000000000 --- a/tbls/v2/tblsconv/tblsconv.go +++ /dev/null @@ -1,71 +0,0 @@ -// Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 - -package tblsconv - -import ( - eth2p0 "github.com/attestantio/go-eth2-client/spec/phase0" - - "github.com/obolnetwork/charon/app/errors" - "github.com/obolnetwork/charon/core" - v2 "github.com/obolnetwork/charon/tbls/v2" -) - -// SigFromCore converts a core workflow Signature type into a tbls.Signature. -func SigFromCore(sig core.Signature) (v2.Signature, error) { - return SignatureFromBytes(sig) -} - -// SigToCore converts a tbls.Signature into a core workflow Signature type. -func SigToCore(sig v2.Signature) core.Signature { - return sig[:] -} - -// SigToETH2 converts a tbls.Signature into an eth2 phase0 bls signature. -func SigToETH2(sig v2.Signature) eth2p0.BLSSignature { - return eth2p0.BLSSignature(sig) -} - -func PubkeyToETH2(pk v2.PublicKey) (eth2p0.BLSPubKey, error) { - return eth2p0.BLSPubKey(pk), nil -} - -// PrivkeyFromBytes returns a v2.PrivateKey from the given compressed private key bytes contained in data. -// Returns an error if the data isn't of the expected length. -func PrivkeyFromBytes(data []byte) (v2.PrivateKey, error) { - if len(data) != len(v2.PrivateKey{}) { - return v2.PrivateKey{}, errors.New("data is not of the correct length") - } - - return *(*v2.PrivateKey)(data), nil -} - -// PubkeyFromBytes returns a v2.PublicKey from the given compressed public key bytes contained in data. -// Returns an error if the data isn't of the expected length. -func PubkeyFromBytes(data []byte) (v2.PublicKey, error) { - if len(data) != len(v2.PublicKey{}) { - return v2.PublicKey{}, errors.New("data is not of the correct length") - } - - return *(*v2.PublicKey)(data), nil -} - -// PubkeyFromCore returns a v2.PublicKey from the given core public key. -// Returns an error if the data isn't of the expected length. -func PubkeyFromCore(pk core.PubKey) (v2.PublicKey, error) { - data, err := pk.Bytes() - if err != nil { - return v2.PublicKey{}, err - } - - return PubkeyFromBytes(data) -} - -// SignatureFromBytes returns a v2.Signature from the given compressed signature bytes contained in data. -// Returns an error if the data isn't of the expected length. -func SignatureFromBytes(data []byte) (v2.Signature, error) { - if len(data) != len(v2.Signature{}) { - return v2.Signature{}, errors.New("data is not of the correct length") - } - - return *(*v2.Signature)(data), nil -} diff --git a/tbls/v2/tblsconv/tblsconv_test.go b/tbls/v2/tblsconv/tblsconv_test.go deleted file mode 100644 index 57686f09c..000000000 --- a/tbls/v2/tblsconv/tblsconv_test.go +++ /dev/null @@ -1,251 +0,0 @@ -// Copyright © 2022-2023 Obol Labs Inc. Licensed under the terms of a Business Source License 1.1 - -package tblsconv_test - -import ( - "bytes" - "encoding/hex" - "strings" - "testing" - - "github.com/stretchr/testify/require" - - v2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" - "github.com/obolnetwork/charon/testutil" -) - -func TestPrivkeyFromBytes(t *testing.T) { - tests := []struct { - name string - data []byte - want v2.PrivateKey - wantErr bool - }{ - { - "empty input", - []byte{}, - v2.PrivateKey{}, - true, - }, - { - "more data than expected", - bytes.Repeat([]byte{42}, len(v2.PrivateKey{})+1), - v2.PrivateKey{}, - true, - }, - { - "less data than expected", - bytes.Repeat([]byte{42}, len(v2.PrivateKey{})-1), - v2.PrivateKey{}, - true, - }, - { - "enough data", - bytes.Repeat([]byte{42}, len(v2.PrivateKey{})), - *(*v2.PrivateKey)(bytes.Repeat([]byte{42}, len(v2.PrivateKey{}))), - false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got, err := tblsconv2.PrivkeyFromBytes(tt.data) - - if tt.wantErr { - require.Error(t, err) - require.Empty(t, got) - - return - } - - require.NoError(t, err) - require.Equal(t, tt.want, got) - }) - } -} - -func TestPubkeyFromBytes(t *testing.T) { - tests := []struct { - name string - data []byte - want v2.PublicKey - wantErr bool - }{ - { - "empty input", - []byte{}, - v2.PublicKey{}, - true, - }, - { - "more data than expected", - bytes.Repeat([]byte{42}, len(v2.PublicKey{})+1), - v2.PublicKey{}, - true, - }, - { - "less data than expected", - bytes.Repeat([]byte{42}, len(v2.PublicKey{})-1), - v2.PublicKey{}, - true, - }, - { - "enough data", - bytes.Repeat([]byte{42}, len(v2.PublicKey{})), - *(*v2.PublicKey)(bytes.Repeat([]byte{42}, len(v2.PublicKey{}))), - false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got, err := tblsconv2.PubkeyFromBytes(tt.data) - - if tt.wantErr { - require.Error(t, err) - require.Empty(t, got) - - return - } - - require.NoError(t, err) - require.Equal(t, tt.want, got) - }) - } -} - -func TestPubkeyToETH2(t *testing.T) { - pubkey, err := tblsconv2.PubkeyFromBytes(bytes.Repeat([]byte{42}, len(v2.PublicKey{}))) - require.NoError(t, err) - - res, err := tblsconv2.PubkeyToETH2(pubkey) - require.NoError(t, err) - - require.Equal(t, pubkey[:], res[:]) -} - -func TestPubkeyFromCore(t *testing.T) { - pubkey := testutil.RandomCorePubKey(t) - - res, err := tblsconv2.PubkeyFromCore(pubkey) - require.NoError(t, err) - - expect, err := hex.DecodeString(strings.TrimPrefix(string(pubkey), "0x")) - require.NoError(t, err) - require.Equal(t, expect, res[:]) -} - -func TestSignatureFromBytes(t *testing.T) { - tests := []struct { - name string - data []byte - want v2.Signature - wantErr bool - }{ - { - "empty input", - []byte{}, - v2.Signature{}, - true, - }, - { - "more data than expected", - bytes.Repeat([]byte{42}, len(v2.Signature{})+1), - v2.Signature{}, - true, - }, - { - "less data than expected", - bytes.Repeat([]byte{42}, len(v2.Signature{})-1), - v2.Signature{}, - true, - }, - { - "enough data", - bytes.Repeat([]byte{42}, len(v2.Signature{})), - *(*v2.Signature)(bytes.Repeat([]byte{42}, len(v2.Signature{}))), - false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got, err := tblsconv2.SignatureFromBytes(tt.data) - - if tt.wantErr { - require.Error(t, err) - require.Empty(t, got) - - return - } - - require.NoError(t, err) - require.Equal(t, tt.want, got) - }) - } -} - -func TestSigFromCore(t *testing.T) { - tests := []struct { - name string - data []byte - want v2.Signature - wantErr bool - }{ - { - "empty input", - []byte{}, - v2.Signature{}, - true, - }, - { - "more data than expected", - bytes.Repeat([]byte{42}, len(v2.Signature{})+1), - v2.Signature{}, - true, - }, - { - "less data than expected", - bytes.Repeat([]byte{42}, len(v2.Signature{})-1), - v2.Signature{}, - true, - }, - { - "enough data", - bytes.Repeat([]byte{42}, len(v2.Signature{})), - *(*v2.Signature)(bytes.Repeat([]byte{42}, len(v2.Signature{}))), - false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got, err := tblsconv2.SigFromCore(tt.data) - - if tt.wantErr { - require.Error(t, err) - require.Empty(t, got) - - return - } - - require.NoError(t, err) - require.Equal(t, tt.want, got) - }) - } -} - -func TestSigToCore(t *testing.T) { - sig, err := tblsconv2.SignatureFromBytes(bytes.Repeat([]byte{42}, len(v2.Signature{}))) - require.NoError(t, err) - - coresig := tblsconv2.SigToCore(sig) - - require.Equal(t, sig[:], []byte(coresig)) -} - -func TestSigToETH2(t *testing.T) { - sig, err := tblsconv2.SignatureFromBytes(bytes.Repeat([]byte{42}, len(v2.Signature{}))) - require.NoError(t, err) - - coresig := tblsconv2.SigToETH2(sig) - - require.Equal(t, sig[:], coresig[:]) -} diff --git a/testutil/integration/helpers_test.go b/testutil/integration/helpers_test.go index cc26283ed..ca50cc296 100644 --- a/testutil/integration/helpers_test.go +++ b/testutil/integration/helpers_test.go @@ -21,7 +21,7 @@ import ( "github.com/obolnetwork/charon/app/z" "github.com/obolnetwork/charon/cmd/relay" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" ) @@ -35,7 +35,7 @@ func skipIfDisabled(t *testing.T) { } func TestMain(m *testing.M) { - tblsv2.SetImplementation(tblsv2.Herumi{}) + tbls.SetImplementation(tbls.Herumi{}) os.Exit(m.Run()) } diff --git a/testutil/integration/simnet_test.go b/testutil/integration/simnet_test.go index dc4bad8d1..5d3a11d58 100644 --- a/testutil/integration/simnet_test.go +++ b/testutil/integration/simnet_test.go @@ -32,7 +32,7 @@ import ( "github.com/obolnetwork/charon/core/parsigex" "github.com/obolnetwork/charon/eth2util/keystore" "github.com/obolnetwork/charon/p2p" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" "github.com/obolnetwork/charon/testutil" "github.com/obolnetwork/charon/testutil/beaconmock" ) @@ -166,7 +166,7 @@ type simnetArgs struct { VMocks []bool VAPIAddrs []string P2PKeys []*k1.PrivateKey - SimnetKeys []tblsv2.PrivateKey + SimnetKeys []tbls.PrivateKey BMockOpts []beaconmock.Option Lock cluster.Lock ErrChan chan error @@ -292,7 +292,7 @@ func testSimnet(t *testing.T, args simnetArgs, expect *simnetExpect) { Lock: &args.Lock, P2PKey: args.P2PKeys[i], TestPingConfig: p2p.TestPingConfig{Disable: true}, - SimnetKeys: []tblsv2.PrivateKey{args.SimnetKeys[i]}, + SimnetKeys: []tbls.PrivateKey{args.SimnetKeys[i]}, LcastTransportFunc: lcastTransportFunc, ParSigExFunc: parSigExFunc, BroadcastCallback: func(_ context.Context, duty core.Duty, key core.PubKey, data core.SignedData) error { @@ -439,7 +439,7 @@ func startTeku(t *testing.T, args simnetArgs, node int) simnetArgs { } // Write private share keystore and password - err := keystore.StoreKeysInsecure([]tblsv2.PrivateKey{args.SimnetKeys[node]}, tempDir, keystore.ConfirmInsecureKeys) + err := keystore.StoreKeysInsecure([]tbls.PrivateKey{args.SimnetKeys[node]}, tempDir, keystore.ConfirmInsecureKeys) require.NoError(t, err) err = os.WriteFile(path.Join(tempDir, "keystore-simnet-0.txt"), []byte("simnet"), 0o644) require.NoError(t, err) diff --git a/testutil/random.go b/testutil/random.go index 5427f4a3b..e13714604 100644 --- a/testutil/random.go +++ b/testutil/random.go @@ -33,14 +33,14 @@ import ( "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/enr" "github.com/obolnetwork/charon/eth2util/eth2exp" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" + "github.com/obolnetwork/charon/tbls" ) -func deterministicPubkey(t *testing.T) tblsv2.PublicKey { +func deterministicPubkey(t *testing.T) tbls.PublicKey { t.Helper() random := rand.New(rand.NewSource(rand.Int63())) - var key tblsv2.PublicKey + var key tbls.PublicKey _, err := random.Read(key[:]) require.NoError(t, err) diff --git a/testutil/validatormock/validatormock.go b/testutil/validatormock/validatormock.go index fec07441d..1a774eab9 100644 --- a/testutil/validatormock/validatormock.go +++ b/testutil/validatormock/validatormock.go @@ -20,8 +20,8 @@ import ( "github.com/obolnetwork/charon/app/eth2wrap" "github.com/obolnetwork/charon/eth2util" "github.com/obolnetwork/charon/eth2util/signing" - tblsv2 "github.com/obolnetwork/charon/tbls/v2" - tblsconv2 "github.com/obolnetwork/charon/tbls/v2/tblsconv" + "github.com/obolnetwork/charon/tbls" + "github.com/obolnetwork/charon/tbls/tblsconv" ) // SignFunc abstract signing done by the validator client. @@ -284,15 +284,15 @@ func Register(ctx context.Context, eth2Cl eth2wrap.Client, signFunc SignFunc, } // NewSigner returns a signing function supporting the provided private keys. -func NewSigner(secrets ...tblsv2.PrivateKey) (SignFunc, error) { - secretByPubkey := make(map[eth2p0.BLSPubKey]tblsv2.PrivateKey) +func NewSigner(secrets ...tbls.PrivateKey) (SignFunc, error) { + secretByPubkey := make(map[eth2p0.BLSPubKey]tbls.PrivateKey) for _, secret := range secrets { - pk, err := tblsv2.SecretToPublicKey(secret) + pk, err := tbls.SecretToPublicKey(secret) if err != nil { return nil, errors.Wrap(err, "get pubkey") } - eth2Pubkey, err := tblsconv2.PubkeyToETH2(pk) + eth2Pubkey, err := tblsconv.PubkeyToETH2(pk) if err != nil { return nil, err } @@ -306,11 +306,11 @@ func NewSigner(secrets ...tblsv2.PrivateKey) (SignFunc, error) { return eth2p0.BLSSignature{}, errors.New("secret not found") } - sig, err := tblsv2.Sign(secret, msg) + sig, err := tbls.Sign(secret, msg) if err != nil { return eth2p0.BLSSignature{}, err } - return tblsconv2.SigToETH2(sig), nil + return tblsconv.SigToETH2(sig), nil }, nil }