From 187a499cca577fddc31d7c95127844e538a6bcae Mon Sep 17 00:00:00 2001 From: dignifiedquire Date: Tue, 19 Jan 2021 17:44:44 +0100 Subject: [PATCH 1/6] remove extern/blst --- .gitmodules | 3 --- extern/blst | 1 - 2 files changed, 4 deletions(-) delete mode 160000 extern/blst diff --git a/.gitmodules b/.gitmodules index 127386beb24..cdee35ce393 100644 --- a/.gitmodules +++ b/.gitmodules @@ -7,6 +7,3 @@ [submodule "extern/test-vectors"] path = extern/test-vectors url = /~https://github.com/filecoin-project/test-vectors.git -[submodule "extern/blst"] - path = extern/blst - url = /~https://github.com/supranational/blst.git diff --git a/extern/blst b/extern/blst deleted file mode 160000 index 1cbb16ed958..00000000000 --- a/extern/blst +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 1cbb16ed9580dcd3e9593b71221fcf2a048faaef From 3d9eb226faf87a626d8abc3af19a7cfe14011c3e Mon Sep 17 00:00:00 2001 From: dignifiedquire Date: Tue, 19 Jan 2021 17:45:39 +0100 Subject: [PATCH 2/6] refactor: switch to filecoin-ffi bls api for bls signatures --- chain/gen/mining.go | 22 +++++++----------- chain/sync.go | 14 +++++++----- extern/filecoin-ffi | 2 +- go.mod | 2 -- lib/sigs/bls/init.go | 53 ++++++++++++++++++++++++++++++++------------ 5 files changed, 57 insertions(+), 36 deletions(-) diff --git a/chain/gen/mining.go b/chain/gen/mining.go index cca4b61699a..cb1c02772c7 100644 --- a/chain/gen/mining.go +++ b/chain/gen/mining.go @@ -13,6 +13,8 @@ import ( "github.com/filecoin-project/lotus/chain/stmgr" "github.com/filecoin-project/lotus/chain/types" "github.com/filecoin-project/lotus/lib/sigs/bls" + + ffi "github.com/filecoin-project/filecoin-ffi" ) func MinerCreateBlock(ctx context.Context, sm *stmgr.StateManager, w api.WalletAPI, bt *api.BlockTemplate) (*types.FullBlock, error) { @@ -140,13 +142,13 @@ func MinerCreateBlock(ctx context.Context, sm *stmgr.StateManager, w api.WalletA } func aggregateSignatures(sigs []crypto.Signature) (*crypto.Signature, error) { - sigsS := make([][]byte, len(sigs)) + sigsS := make([]ffi.Signature, len(sigs)) for i := 0; i < len(sigs); i++ { - sigsS[i] = sigs[i].Data + copy(sigsS[i][:], sigs[i].Data[:ffi.SignatureBytes]) } - aggregator := new(bls.AggregateSignature).AggregateCompressed(sigsS) - if aggregator == nil { + aggSig := ffi.Aggregate(sigsS) + if aggSig == nil { if len(sigs) > 0 { return nil, xerrors.Errorf("bls.Aggregate returned nil with %d signatures", len(sigs)) } @@ -155,20 +157,12 @@ func aggregateSignatures(sigs []crypto.Signature) (*crypto.Signature, error) { // be returned return &crypto.Signature{ Type: crypto.SigTypeBLS, - Data: new(bls.Signature).Compress(), - }, nil - } - aggSigAff := aggregator.ToAffine() - if aggSigAff == nil { - return &crypto.Signature{ - Type: crypto.SigTypeBLS, - Data: new(bls.Signature).Compress(), + Data: ([]byte)(new(bls.Signature)[:]), // TODO: verify this is okay }, nil } - aggSig := aggSigAff.Compress() return &crypto.Signature{ Type: crypto.SigTypeBLS, - Data: aggSig, + Data: ([]byte)(aggSig[:]), }, nil } diff --git a/chain/sync.go b/chain/sync.go index e4a8bfb6b2c..d85a81c6f17 100644 --- a/chain/sync.go +++ b/chain/sync.go @@ -34,7 +34,8 @@ import ( "github.com/filecoin-project/go-state-types/crypto" "github.com/filecoin-project/go-state-types/network" "github.com/filecoin-project/lotus/extern/sector-storage/ffiwrapper" - blst "github.com/supranational/blst/bindings/go" + + ffi "github.com/filecoin-project/filecoin-ffi" // named msgarray here to make it clear that these are the types used by // messages, regardless of specs-actors version. @@ -55,7 +56,6 @@ import ( "github.com/filecoin-project/lotus/chain/vm" bstore "github.com/filecoin-project/lotus/lib/blockstore" "github.com/filecoin-project/lotus/lib/sigs" - "github.com/filecoin-project/lotus/lib/sigs/bls" "github.com/filecoin-project/lotus/metrics" ) @@ -1178,17 +1178,21 @@ func (syncer *Syncer) verifyBlsAggregate(ctx context.Context, sig *crypto.Signat trace.Int64Attribute("msgCount", int64(len(msgs))), ) - msgsS := make([]blst.Message, len(msgs)) + msgsS := make([]ffi.Message, len(msgs)) + pubksS := make([]ffi.PublicKey, len(msgs)) for i := 0; i < len(msgs); i++ { msgsS[i] = msgs[i].Bytes() + copy(pubksS[i][:], pubks[i][:ffi.PublicKeyBytes]) } + sigS := new(ffi.Signature) + copy(sigS[:], sig.Data[:ffi.SignatureBytes]) + if len(msgs) == 0 { return nil } - valid := new(bls.Signature).AggregateVerifyCompressed(sig.Data, pubks, - msgsS, []byte(bls.DST)) + valid := ffi.HashVerify(sigS, msgsS, pubksS) if !valid { return xerrors.New("bls aggregate signature failed to verify") } diff --git a/extern/filecoin-ffi b/extern/filecoin-ffi index 1d9cb3e8ff5..2b1bca4ede2 160000 --- a/extern/filecoin-ffi +++ b/extern/filecoin-ffi @@ -1 +1 @@ -Subproject commit 1d9cb3e8ff53f51f9318fc57e5d00bc79bdc0128 +Subproject commit 2b1bca4ede20d9f7616aed0481fb2cc5aa8637d4 diff --git a/go.mod b/go.mod index fb837b15666..7c556d253df 100644 --- a/go.mod +++ b/go.mod @@ -126,7 +126,6 @@ require ( github.com/raulk/clock v1.1.0 github.com/raulk/go-watchdog v0.0.1 github.com/stretchr/testify v1.6.1 - github.com/supranational/blst v0.1.1 github.com/syndtr/goleveldb v1.0.0 github.com/urfave/cli/v2 v2.2.0 github.com/whyrusleeping/bencher v0.0.0-20190829221104-bb6607aa8bba @@ -158,4 +157,3 @@ replace github.com/filecoin-project/filecoin-ffi => ./extern/filecoin-ffi replace github.com/filecoin-project/test-vectors => ./extern/test-vectors -replace github.com/supranational/blst => ./extern/blst diff --git a/lib/sigs/bls/init.go b/lib/sigs/bls/init.go index 42633eee88a..fdee9673feb 100644 --- a/lib/sigs/bls/init.go +++ b/lib/sigs/bls/init.go @@ -7,17 +7,17 @@ import ( "github.com/filecoin-project/go-address" "github.com/filecoin-project/go-state-types/crypto" - blst "github.com/supranational/blst/bindings/go" + ffi "github.com/filecoin-project/filecoin-ffi" "github.com/filecoin-project/lotus/lib/sigs" ) const DST = string("BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_") -type SecretKey = blst.SecretKey -type PublicKey = blst.P1Affine -type Signature = blst.P2Affine -type AggregateSignature = blst.P2Aggregate +type SecretKey = ffi.PrivateKey +type PublicKey = ffi.PublicKey +type Signature = ffi.Signature +type AggregateSignature = ffi.Signature type blsSigner struct{} @@ -29,30 +29,55 @@ func (blsSigner) GenPrivate() ([]byte, error) { return nil, fmt.Errorf("bls signature error generating random data") } // Note private keys seem to be serialized little-endian! - pk := blst.KeyGen(ikm[:]).ToLEndian() - return pk, nil + sk := ffi.PrivateKeyGenerateWithSeed(ikm) + return ([]byte)(sk[:]), nil } func (blsSigner) ToPublic(priv []byte) ([]byte, error) { - pk := new(SecretKey).FromLEndian(priv) - if pk == nil || !pk.Valid() { + if priv == nil || len(priv) != ffi.PrivateKeyBytes { return nil, fmt.Errorf("bls signature invalid private key") } - return new(PublicKey).From(pk).Compress(), nil + + sk := new(SecretKey) + copy(sk[:], priv[:ffi.PrivateKeyBytes]) + + pubkey := ffi.PrivateKeyPublicKey(*sk) + + return ([]byte)(pubkey[:]), nil } func (blsSigner) Sign(p []byte, msg []byte) ([]byte, error) { - pk := new(SecretKey).FromLEndian(p) - if pk == nil || !pk.Valid() { + if p == nil || len(p) != ffi.PrivateKeyBytes { return nil, fmt.Errorf("bls signature invalid private key") } - return new(Signature).Sign(pk, msg, []byte(DST)).Compress(), nil + + sk := new(SecretKey) + copy(sk[:], p[:ffi.PrivateKeyBytes]) + + sig := ffi.PrivateKeySign(*sk, msg) + + return ([]byte)(sig[:]), nil } func (blsSigner) Verify(sig []byte, a address.Address, msg []byte) error { - if !new(Signature).VerifyCompressed(sig, a.Payload()[:], msg, []byte(DST)) { + payload := a.Payload() + if sig == nil || len(sig) != ffi.SignatureBytes || len(payload) != ffi.PublicKeyBytes { return fmt.Errorf("bls signature failed to verify") } + + pk := new(PublicKey) + copy(pk[:], payload[:ffi.PublicKeyBytes]) + + sigS := new(Signature) + copy(sigS[:], sig[:ffi.SignatureBytes]) + + msgs := [1]ffi.Message{msg} + pks := [1]PublicKey{*pk} + + if !ffi.HashVerify(sigS, msgs[:], pks[:]) { + return fmt.Errorf("bls signature failed to verify") + } + return nil } From 9b62e224d58fa4b6a31cf256127fc1dba2b6ae8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Magiera?= Date: Mon, 25 Jan 2021 13:56:11 +0100 Subject: [PATCH 3/6] Use filecoin-ffi master --- extern/filecoin-ffi | 2 +- go.mod | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/extern/filecoin-ffi b/extern/filecoin-ffi index 2b1bca4ede2..e0f1cde8a8e 160000 --- a/extern/filecoin-ffi +++ b/extern/filecoin-ffi @@ -1 +1 @@ -Subproject commit 2b1bca4ede20d9f7616aed0481fb2cc5aa8637d4 +Subproject commit e0f1cde8a8e9cf3c32e56cb99d812c4837b387db diff --git a/go.mod b/go.mod index 7c556d253df..3d69575fcb2 100644 --- a/go.mod +++ b/go.mod @@ -156,4 +156,3 @@ replace github.com/golangci/golangci-lint => github.com/golangci/golangci-lint v replace github.com/filecoin-project/filecoin-ffi => ./extern/filecoin-ffi replace github.com/filecoin-project/test-vectors => ./extern/test-vectors - From 6d368179e1199ca39d9f4e698dcc17df5cae2ef1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Magiera?= Date: Mon, 25 Jan 2021 14:02:58 +0100 Subject: [PATCH 4/6] Fix lint --- lib/sigs/bls/init.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/sigs/bls/init.go b/lib/sigs/bls/init.go index fdee9673feb..9bc69c3a460 100644 --- a/lib/sigs/bls/init.go +++ b/lib/sigs/bls/init.go @@ -30,7 +30,7 @@ func (blsSigner) GenPrivate() ([]byte, error) { } // Note private keys seem to be serialized little-endian! sk := ffi.PrivateKeyGenerateWithSeed(ikm) - return ([]byte)(sk[:]), nil + return sk[:], nil } func (blsSigner) ToPublic(priv []byte) ([]byte, error) { @@ -43,7 +43,7 @@ func (blsSigner) ToPublic(priv []byte) ([]byte, error) { pubkey := ffi.PrivateKeyPublicKey(*sk) - return ([]byte)(pubkey[:]), nil + return pubkey[:], nil } func (blsSigner) Sign(p []byte, msg []byte) ([]byte, error) { @@ -56,7 +56,7 @@ func (blsSigner) Sign(p []byte, msg []byte) ([]byte, error) { sig := ffi.PrivateKeySign(*sk, msg) - return ([]byte)(sig[:]), nil + return sig[:], nil } func (blsSigner) Verify(sig []byte, a address.Address, msg []byte) error { From bd6321d2c0aeb244815016fbf4723ee9720fe6cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Magiera?= Date: Mon, 25 Jan 2021 15:35:00 +0100 Subject: [PATCH 5/6] Fix lint --- chain/gen/mining.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chain/gen/mining.go b/chain/gen/mining.go index cb1c02772c7..99f9745acfa 100644 --- a/chain/gen/mining.go +++ b/chain/gen/mining.go @@ -157,12 +157,12 @@ func aggregateSignatures(sigs []crypto.Signature) (*crypto.Signature, error) { // be returned return &crypto.Signature{ Type: crypto.SigTypeBLS, - Data: ([]byte)(new(bls.Signature)[:]), // TODO: verify this is okay + Data: new(bls.Signature)[:], // TODO: verify this is okay }, nil } return &crypto.Signature{ Type: crypto.SigTypeBLS, - Data: ([]byte)(aggSig[:]), + Data: aggSig[:], }, nil } From e4f4fa2c7de808c1ce12800e1a97fcc53a3d41f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Magiera?= Date: Mon, 25 Jan 2021 19:49:54 +0100 Subject: [PATCH 6/6] Update FFI more, fix zero aggregate sigs --- chain/gen/mining.go | 8 ++++---- extern/filecoin-ffi | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/chain/gen/mining.go b/chain/gen/mining.go index 99f9745acfa..5de0fec0ed0 100644 --- a/chain/gen/mining.go +++ b/chain/gen/mining.go @@ -9,12 +9,10 @@ import ( cbg "github.com/whyrusleeping/cbor-gen" "golang.org/x/xerrors" + ffi "github.com/filecoin-project/filecoin-ffi" "github.com/filecoin-project/lotus/api" "github.com/filecoin-project/lotus/chain/stmgr" "github.com/filecoin-project/lotus/chain/types" - "github.com/filecoin-project/lotus/lib/sigs/bls" - - ffi "github.com/filecoin-project/filecoin-ffi" ) func MinerCreateBlock(ctx context.Context, sm *stmgr.StateManager, w api.WalletAPI, bt *api.BlockTemplate) (*types.FullBlock, error) { @@ -153,11 +151,13 @@ func aggregateSignatures(sigs []crypto.Signature) (*crypto.Signature, error) { return nil, xerrors.Errorf("bls.Aggregate returned nil with %d signatures", len(sigs)) } + zeroSig := ffi.CreateZeroSignature() + // Note: for blst this condition should not happen - nil should not // be returned return &crypto.Signature{ Type: crypto.SigTypeBLS, - Data: new(bls.Signature)[:], // TODO: verify this is okay + Data: zeroSig[:], }, nil } return &crypto.Signature{ diff --git a/extern/filecoin-ffi b/extern/filecoin-ffi index e0f1cde8a8e..0c50dfbaa64 160000 --- a/extern/filecoin-ffi +++ b/extern/filecoin-ffi @@ -1 +1 @@ -Subproject commit e0f1cde8a8e9cf3c32e56cb99d812c4837b387db +Subproject commit 0c50dfbaa64c6187d65e63e19aea751a981ac931