[FVM] signature verification refactoring

[tarakby]

• remove the user-domain tag completely from the repo, as this is not a protocol constant anymore.
• remove not needed SignatureVerifier interface to verify signatures.
• separate the verification functions of runtime and transaction signatures that support different algorithms for a better clarity and to avoid future errors.
• add extra checks for transaction verification inputs (although they are supposed to be valid as they are read from the state).
• make the public function SignWithTag unable to sign other that the transaction tag for safety.
• adjust existing tests, add new tests
• avoid using fmt.Sprintf for key deduplication (performance)

[github-actions]

FVM Benchstat comparison

This branch with compared with the base branch onflow:master commit 99d9259

The command (for i in {1..N}; do go test ./fvm --bench . --tags relic -shuffle=on; done) was used.

Bench tests were run a total of 7 times on each branch.

Results

	old.txt	new.txt
	time/op		delta
RuntimeNFTBatchTransfer-2	173ms ± 7%	172ms ± 5%	~	(p=0.710 n=7+7)
RuntimeTransaction/reference_tx-2	46.6ms ± 6%	44.7ms ± 6%	~	(p=0.209 n=7+7)
RuntimeTransaction/convert_int_to_string-2	46.8ms ± 5%	48.9ms ± 6%	~	(p=0.053 n=7+7)
RuntimeTransaction/convert_int_to_string_and_concatenate_it-2	50.7ms ± 7%	50.2ms ± 7%	~	(p=0.805 n=7+7)
RuntimeTransaction/get_signer_address-2	48.2ms ±10%	47.8ms ± 5%	~	(p=0.805 n=7+7)
RuntimeTransaction/get_public_account-2	51.8ms ±12%	50.3ms ± 5%	~	(p=0.165 n=7+7)
RuntimeTransaction/get_account_and_get_balance-2	912ms ±13%	899ms ± 6%	~	(p=0.805 n=7+7)
RuntimeTransaction/get_account_and_get_available_balance-2	751ms ± 9%	710ms ± 4%	~	(p=0.053 n=7+7)
RuntimeTransaction/get_account_and_get_storage_used-2	67.8ms ± 7%	66.3ms ± 6%	~	(p=0.710 n=7+7)
RuntimeTransaction/get_account_and_get_storage_capacity-2	694ms ± 9%	663ms ±15%	~	(p=0.209 n=7+7)
RuntimeTransaction/get_signer_vault-2	58.1ms ± 4%	58.3ms ± 8%	~	(p=1.000 n=7+7)
RuntimeTransaction/get_signer_receiver-2	74.2ms ± 3%	72.9ms ± 4%	~	(p=0.485 n=6+6)
RuntimeTransaction/transfer_tokens-2	286ms ± 2%	298ms ± 6%	~	(p=0.051 n=6+7)
RuntimeTransaction/load_and_save_empty_string_on_signers_address-2	56.9ms ± 7%	57.6ms ± 8%	~	(p=0.902 n=7+7)
RuntimeTransaction/load_and_save_long_string_on_signers_address-2	116ms ± 3%	121ms ± 5%	~	(p=0.101 n=6+7)
RuntimeTransaction/create_new_account-2	1.74s ± 3%	1.76s ± 1%	~	(p=0.240 n=6+6)
RuntimeTransaction/call_empty_contract_function-2	53.5ms ± 8%	52.4ms ± 5%	~	(p=0.366 n=6+7)
RuntimeTransaction/emit_event-2	75.5ms ± 9%	73.9ms ± 5%	~	(p=0.534 n=7+6)
RuntimeTransaction/borrow_array_from_storage-2	186ms ±12%	178ms ± 6%	~	(p=0.259 n=7+7)
RuntimeTransaction/copy_array_from_storage-2	162ms ± 8%	170ms ± 9%	~	(p=0.165 n=7+7)
	computation		delta
RuntimeTransaction/reference_tx-2	202 ± 0%	202 ± 0%	~	(all equal)
RuntimeTransaction/convert_int_to_string-2	402 ± 0%	402 ± 0%	~	(all equal)
RuntimeTransaction/convert_int_to_string_and_concatenate_it-2	502 ± 0%	502 ± 0%	~	(all equal)
RuntimeTransaction/get_signer_address-2	302 ± 0%	302 ± 0%	~	(all equal)
RuntimeTransaction/get_public_account-2	402 ± 0%	402 ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_balance-2	802 ± 0%	802 ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_available_balance-2	2.40k ± 0%	2.40k ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_storage_used-2	402 ± 0%	402 ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_storage_capacity-2	1.10k ± 0%	1.10k ± 0%	~	(all equal)
RuntimeTransaction/get_signer_vault-2	402 ± 0%	402 ± 0%	~	(all equal)
RuntimeTransaction/get_signer_receiver-2	602 ± 0%	602 ± 0%	~	(all equal)
RuntimeTransaction/transfer_tokens-2	3.50k ± 0%	3.50k ± 0%	~	(all equal)
RuntimeTransaction/load_and_save_empty_string_on_signers_address-2	602 ± 0%	602 ± 0%	~	(all equal)
RuntimeTransaction/load_and_save_long_string_on_signers_address-2	602 ± 0%	602 ± 0%	~	(all equal)
RuntimeTransaction/create_new_account-2	202 ± 0%	202 ± 0%	~	(all equal)
RuntimeTransaction/call_empty_contract_function-2	402 ± 0%	402 ± 0%	~	(all equal)
RuntimeTransaction/emit_event-2	602 ± 0%	602 ± 0%	~	(all equal)
RuntimeTransaction/borrow_array_from_storage-2	2.60k ± 0%	2.60k ± 0%	~	(all equal)
RuntimeTransaction/copy_array_from_storage-2	2.60k ± 0%	2.60k ± 0%	~	(all equal)
	interactions		delta
RuntimeTransaction/reference_tx-2	45.6k ± 0%	45.6k ± 0%	~	(all equal)
RuntimeTransaction/convert_int_to_string-2	45.6k ± 0%	45.6k ± 0%	~	(all equal)
RuntimeTransaction/convert_int_to_string_and_concatenate_it-2	45.6k ± 0%	45.6k ± 0%	~	(all equal)
RuntimeTransaction/get_signer_address-2	45.6k ± 0%	45.6k ± 0%	~	(all equal)
RuntimeTransaction/get_public_account-2	45.6k ± 0%	45.6k ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_balance-2	16.7M ± 0%	16.7M ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_available_balance-2	5.32M ± 0%	5.32M ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_storage_used-2	48.4k ± 0%	48.4k ± 0%	~	(all equal)
RuntimeTransaction/get_account_and_get_storage_capacity-2	5.32M ± 0%	5.32M ± 0%	~	(all equal)
RuntimeTransaction/get_signer_vault-2	46.8k ± 0%	46.8k ± 0%	~	(all equal)
RuntimeTransaction/get_signer_receiver-2	47.2k ± 0%	47.2k ± 0%	~	(all equal)
RuntimeTransaction/transfer_tokens-2	48.0k ± 0%	48.0k ± 0%	~	(all equal)
RuntimeTransaction/load_and_save_empty_string_on_signers_address-2	49.0k ± 0%	49.0k ± 0%	~	(all equal)
RuntimeTransaction/load_and_save_long_string_on_signers_address-2	54.0k ± 0%	54.0k ± 0%	~	(all equal)
RuntimeTransaction/create_new_account-2	8.44M ± 0%	8.44M ± 0%	~	(all equal)
RuntimeTransaction/call_empty_contract_function-2	45.8k ± 0%	45.8k ± 0%	~	(all equal)
RuntimeTransaction/emit_event-2	45.8k ± 0%	45.8k ± 0%	~	(all equal)
RuntimeTransaction/borrow_array_from_storage-2	52.0k ± 0%	52.0k ± 0%	~	(all equal)
RuntimeTransaction/copy_array_from_storage-2	52.0k ± 0%	52.0k ± 0%	~	(all equal)

[codecov-commenter]

Codecov Report

Merging #2171 (88db7a1) into master (ba1f157) will decrease coverage by 1.32%.
The diff coverage is 23.81%.

@@            Coverage Diff             @@
##           master    #2171      +/-   ##
==========================================
- Coverage   57.47%   56.14%   -1.33%     
==========================================
  Files         645      653       +8     
  Lines       38428    39911    +1483     
==========================================
+ Hits        22085    22409     +324     
- Misses      13530    14630    +1100     
- Partials     2813     2872      +59     

Flag	Coverage Δ
unittests	56.14% <23.81%> (-1.33%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
cmd/bootstrap/transit/cmd/version.go	14.28% <ø> (ø)
cmd/execution_builder.go	0.00% <0.00%> (ø)
cmd/util/ledger/reporters/export_reporter.go	0.00% <0.00%> (ø)
cmd/verification_builder.go	0.00% <0.00%> (ø)
engine/common/rpc/convert/convert.go	16.07% <0.00%> (+2.13%)	⬆️
engine/execution/state/state.go	22.12% <0.00%> (-0.53%)	⬇️
fvm/context.go	68.68% <ø> (-0.32%)	⬇️
fvm/scriptEnv.go	39.15% <ø> (-0.16%)	⬇️
fvm/transactionEnv.go	46.60% <ø> (+0.08%)	⬆️
model/flow/constants.go	60.00% <ø> (ø)
... and 48 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4bb600e...88db7a1. Read the comment docs.

[ramtinms]

I assume this change is mostly for performance reasons, could you please check we have tests for this?

[tarakby]

Yes, it is for performance. Here are the tests https://github.com/onflow/flow-go/blob/master/fvm/transactionVerifier_test.go#L43-L68

[ramtinms]

this might be in use by go-sdk or others ?

[janezpodhostnik]

It is in use, this is a breaking change for the flow-go-sdk/examples. We should keep that in mind.

[tarakby]

I'll update the sdk too after merging this PR: onflow/flow-go-sdk#273

[ramtinms]

not sure about this, you mean if there is some problematic old keys we would stop the network? I think we should just error and add a watch on the error type.

[tarakby]

I tagged you about this here. I suggested to panic, Janez suggested the Failure error. As mentioned in the comment, that case can only happen if there is a bug in the code. These keys are all account keys, they are supposed to be checked and added previously, and they are not supposed to be problematic.

What do you suggest to use here?

[ramtinms]

we should probably run some analysis on the mainnet data to verify all data are okey

[tarakby]

These are all keys already checked and added using AddAccountKey, so this check is only a sanity check, and if it fails then we have am internal bug somewhere.

This is the same as above. I suggested to panic and Janez suggest Failure error. What do you suggest?

[ramtinms]

Looks good to me. thanks for clearing things up.

[janezpodhostnik]

Some minor comments.

[janezpodhostnik]

It is in use, this is a breaking change for the flow-go-sdk/examples. We should keep that in mind.

[ramtinms]

Looks good to me

[tarakby]

bors merge

[bors]

Build succeeded:

• Generate Flaky Test Summary (integration-access)
• Generate Flaky Test Summary (integration-collection)
• Generate Flaky Test Summary (integration-consensus)
• Generate Flaky Test Summary (integration-epochs)
• Generate Flaky Test Summary (integration-execution)
• Generate Flaky Test Summary (integration-ghost)
• Generate Flaky Test Summary (integration-mvp)
• Generate Flaky Test Summary (integration-network)
• Generate Flaky Test Summary (integration-verification)
• Generate Flaky Test Summary (unit)
• Generate Flaky Test Summary (unit-crypto)
• Generate Flaky Test Summary (unit-integration)
• Generate Skipped Test Summary (integration-access)
• Generate Skipped Test Summary (integration-collection)
• Generate Skipped Test Summary (integration-consensus)
• Generate Skipped Test Summary (integration-epochs)
• Generate Skipped Test Summary (integration-execution)
• Generate Skipped Test Summary (integration-ghost)
• Generate Skipped Test Summary (integration-mvp)
• Generate Skipped Test Summary (integration-network)
• Generate Skipped Test Summary (integration-verification)
• Generate Skipped Test Summary (unit)
• Generate Skipped Test Summary (unit-crypto)
• Generate Skipped Test Summary (unit-integration)
• Integration Tests (integration-access)
• Integration Tests (integration-collection)
• Integration Tests (integration-consensus)
• Integration Tests (integration-epochs)
• Integration Tests (integration-execution)
• Integration Tests (integration-ghost)
• Integration Tests (integration-mvp)
• Integration Tests (integration-network)
• Integration Tests (integration-verification)
• Lint
• Unit Tests