bls

package
v0.4.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 15, 2022 License: GPL-3.0, GPL-3.0 Imports: 20 Imported by: 4

Documentation

Index

Constants

View Source
const (
	BLSCryptoType     = 1
	BN256Curve        = 1
	BLS12377Curve     = 2
	BLS12381Curve     = 3
	PUBLICKEYBYTES    = 129
	G1PUBLICKEYBYTES  = 129
	SIGNATUREBYTES    = 64
	EPOCHENTROPYBYTES = 16
)
View Source
const (
	MODULUS256  = "21888242871839275222246405745257275088548364400416034343698204186575808495617"
	MODULUSBITS = 254
	MODULUSMASK = 63 // == 2**(254-(256-8)) - 1
)

Variables

This section is empty.

Functions

func GenKeyPair added in v0.4.3

func GenKeyPair(randReader io.Reader) (*PublicKey, *SecretKey, error)

GenKeyPair generates Public and Private Keys

func PerformHash added in v0.4.3

func PerformHash(msg []byte) ([]byte, error)

func PrivateToPublic

func PrivateToPublic(privateKeyBytes []byte) ([]byte, error)

func Verify added in v0.4.3

func Verify(apk *Apk, msg []byte, sigma *Signature) error

Verify is the verification step of an aggregated apk signature

func VerifyBatch added in v0.4.3

func VerifyBatch(apks []*Apk, msgs [][]byte, sigma *Signature) error

VerifyBatch is the verification step of a batch of aggregated apk signatures TODO: consider adding the possibility to handle non distinct messages (at batch level after aggregating APK)

func VerifyCompressed added in v0.4.3

func VerifyCompressed(pks []*bn256.G2, msgList [][]byte, compressedSig []byte, allowDistinct bool) error

VerifyCompressed verifies a Compressed marshalled signature

func VerifyUnsafe added in v0.4.3

func VerifyUnsafe(pkey *PublicKey, msg []byte, signature *UnsafeSignature) error

VerifyUnsafe checks the given BLS signature bls on the message m using the public key pkey by verifying that the equality e(H(m), X) == e(H(m), x*B2) == e(x*H(m), B2) == e(S, B2) holds where e is the pairing operation and B2 is the base point from curve G2.

func VerifyUnsafeBatch added in v0.4.3

func VerifyUnsafeBatch(pkeys []*PublicKey, msgList [][]byte, signature *UnsafeSignature) error

VerifyUnsafeBatch verifies a batch of messages signed with aggregated signature the rogue-key attack is prevented by making all messages distinct

Types

type Apk added in v0.4.3

type Apk struct {
	*PublicKey
}

Apk is the short aggregated public key struct

func AggregateApk added in v0.4.3

func AggregateApk(pks []*PublicKey) (*Apk, error)

AggregateApk aggregates the public key according to the following formula: apk ← ∏ⁿᵢ₌₁ pk^H₁(pkᵢ)

func NewApk added in v0.4.3

func NewApk(pk *PublicKey) *Apk

NewApk creates an Apk either from a public key or scratch

func UnmarshalApk added in v0.4.3

func UnmarshalApk(b []byte) (*Apk, error)

UnmarshalApk unmarshals a byte array into an aggregated PublicKey

func (*Apk) Aggregate added in v0.4.3

func (apk *Apk) Aggregate(pk *PublicKey) error

Aggregate a Public Key to the Apk struct according to the formula pk^H₁(pkᵢ)

func (*Apk) AggregateBytes added in v0.4.3

func (apk *Apk) AggregateBytes(b []byte) error

AggregateBytes is a convenient method to aggregate the unmarshalled form of PublicKey directly

func (*Apk) Copy added in v0.4.3

func (apk *Apk) Copy() *Apk

Copy the APK by marshalling and unmarshalling the internals. It is somewhat wasteful but does the job

type BLSCryptoSelector added in v0.4.1

type BLSCryptoSelector interface {
	ECDSAToBLS(privateKeyECDSA *ecdsa.PrivateKey) ([]byte, error)
	PrivateToPublic(privateKeyBytes []byte) (SerializedPublicKey, error)
	PrivateToG1Public(privateKeyBytes []byte) (SerializedG1PublicKey, error)
	VerifyAggregatedSignature(publicKeys []SerializedPublicKey, message []byte, extraData []byte, signature []byte, shouldUseCompositeHasher, cip22 bool) error
	AggregateSignatures(signatures [][]byte) ([]byte, error)
	VerifySignature(publicKey SerializedPublicKey, message []byte, extraData []byte, signature []byte, shouldUseCompositeHasher, cip22 bool) error
	EncodeEpochSnarkDataCIP22(newValSet []SerializedPublicKey, maximumNonSigners, maxValidators uint32, epochIndex uint16, round uint8, blockHash, parentHash EpochEntropy) ([]byte, []byte, error)
	UncompressKey(serialized SerializedPublicKey) ([]byte, error)
}

func CryptoType added in v0.4.1

func CryptoType() BLSCryptoSelector

type BN256 added in v0.4.1

type BN256 struct{}

func (BN256) AggregateSignatures added in v0.4.1

func (BN256) AggregateSignatures(signatures [][]byte) ([]byte, error)

func (BN256) ECDSAToBLS added in v0.4.1

func (BN256) ECDSAToBLS(privateKeyECDSA *ecdsa.PrivateKey) ([]byte, error)
func (BN256) ECDSAToBLS(privateKeyECDSA *ecdsa.PrivateKey) ([]byte, error) {
	return crypto.FromECDSA(privateKeyECDSA), nil
}

func (BN256) EncodeEpochSnarkDataCIP22 added in v0.4.1

func (BN256) EncodeEpochSnarkDataCIP22(newValSet []SerializedPublicKey, maximumNonSigners, maxValidators uint32, epochIndex uint16, round uint8, blockHash, parentHash EpochEntropy) ([]byte, []byte, error)

func (BN256) PrivateToG1Public added in v0.4.3

func (BN256) PrivateToG1Public(privateKeyBytes []byte) (SerializedG1PublicKey, error)

func (BN256) PrivateToPublic added in v0.4.1

func (BN256) PrivateToPublic(privateKeyBytes []byte) (SerializedPublicKey, error)

func (BN256) UncompressKey added in v0.4.1

func (BN256) UncompressKey(serialized SerializedPublicKey) ([]byte, error)

func (BN256) VerifyAggregatedSignature added in v0.4.1

func (BN256) VerifyAggregatedSignature(publicKeys []SerializedPublicKey, message []byte, extraData []byte, signature []byte, shouldUseCompositeHasher, cip22 bool) error

func (BN256) VerifySignature added in v0.4.1

func (BN256) VerifySignature(publicKey SerializedPublicKey, message []byte, extraData []byte, signature []byte, shouldUseCompositeHasher, cip22 bool) error

type EpochEntropy added in v0.4.1

type EpochEntropy [EPOCHENTROPYBYTES]byte

EpochEntropy is a string of unprediactable bytes included in the epoch SNARK data to make prediction of future epoch message values infeasible.

func EpochEntropyFromHash

func EpochEntropyFromHash(hash common.Hash) EpochEntropy

EpochEntropyFromHash truncates the given hash to the length of epoch SNARK entropy.

type PublicKey added in v0.4.3

type PublicKey struct {
	// contains filtered or unexported fields
}

PublicKey is calculated as g^x

func UnmarshalPk added in v0.4.3

func UnmarshalPk(b []byte) (*PublicKey, error)

UnmarshalPk unmarshals a byte array into a BLS PublicKey

func (*PublicKey) Aggregate added in v0.4.3

func (pk *PublicKey) Aggregate(pp *PublicKey) *PublicKey

Aggregate is a shortcut for Public Key aggregation

func (*PublicKey) Marshal added in v0.4.3

func (pk *PublicKey) Marshal() []byte

Marshal returns the binary representation of the G2 point being the public key

func (*PublicKey) MarshalText added in v0.4.3

func (pk *PublicKey) MarshalText() ([]byte, error)

MarshalText encodes the string representation of the public key

func (*PublicKey) Unmarshal added in v0.4.3

func (pk *PublicKey) Unmarshal(data []byte) error

Unmarshal a public key from a byte array

func (*PublicKey) UnmarshalText added in v0.4.3

func (pk *PublicKey) UnmarshalText(data []byte) error

UnmarshalText decode the string/byte representation into the public key

type SecretKey added in v0.4.3

type SecretKey struct {
	// contains filtered or unexported fields
}

SecretKey has "x" as secret for the BLS signature

func DeserializePrivateKey added in v0.4.3

func DeserializePrivateKey(privateKeyBytes []byte) (*SecretKey, error)

func (*SecretKey) Serialize added in v0.4.3

func (self *SecretKey) Serialize() ([]byte, error)

func (*SecretKey) ToPublic added in v0.4.3

func (self *SecretKey) ToPublic() *PublicKey

type SerializedG1PublicKey added in v0.4.3

type SerializedG1PublicKey [G1PUBLICKEYBYTES]byte

func (SerializedG1PublicKey) MarshalText added in v0.4.3

func (pk SerializedG1PublicKey) MarshalText() ([]byte, error)

MarshalText returns the hex representation of pk.

func (*SerializedG1PublicKey) UnmarshalJSON added in v0.4.3

func (pk *SerializedG1PublicKey) UnmarshalJSON(input []byte) error

UnmarshalJSON parses a BLS public key in hex syntax.

func (*SerializedG1PublicKey) UnmarshalText added in v0.4.3

func (pk *SerializedG1PublicKey) UnmarshalText(input []byte) error

UnmarshalText parses a BLS public key in hex syntax.

type SerializedPublicKey

type SerializedPublicKey [PUBLICKEYBYTES]byte

func (SerializedPublicKey) MarshalText

func (pk SerializedPublicKey) MarshalText() ([]byte, error)

MarshalText returns the hex representation of pk.

func (*SerializedPublicKey) UnmarshalJSON

func (pk *SerializedPublicKey) UnmarshalJSON(input []byte) error

UnmarshalJSON parses a BLS public key in hex syntax.

func (*SerializedPublicKey) UnmarshalText

func (pk *SerializedPublicKey) UnmarshalText(input []byte) error

UnmarshalText parses a BLS public key in hex syntax.

type SerializedSignature

type SerializedSignature [SIGNATUREBYTES]byte

func SerializedSignatureFromBytes

func SerializedSignatureFromBytes(serializedSignature []byte) (SerializedSignature, error)

func (SerializedSignature) MarshalText

func (sig SerializedSignature) MarshalText() ([]byte, error)

MarshalText returns the hex representation of sig.

func (*SerializedSignature) UnmarshalJSON

func (sig *SerializedSignature) UnmarshalJSON(input []byte) error

UnmarshalJSON parses a BLS signature in hex syntax.

func (*SerializedSignature) UnmarshalText

func (sig *SerializedSignature) UnmarshalText(input []byte) error

UnmarshalText parses a BLS signature in hex syntax.

type Signature added in v0.4.3

type Signature struct {
	// contains filtered or unexported fields
}

Signature is the plain public key model of the BLS signature being resilient to rogue key attack

func Sign added in v0.4.3

func Sign(sk *SecretKey, pk *PublicKey, msg []byte) (*Signature, error)

Sign creates a signature from the private key and the public key pk

func UnmarshalSignature added in v0.4.3

func UnmarshalSignature(sig []byte) (*Signature, error)

UnmarshalSignature unmarshals a byte array into a BLS signature

func (*Signature) Add added in v0.4.3

func (sigma *Signature) Add(pk *PublicKey, sig *UnsafeSignature) error

Add creates an aggregated signature from a normal BLS Signature and related public key

func (*Signature) Aggregate added in v0.4.3

func (sigma *Signature) Aggregate(other *Signature) *Signature

Aggregate two Signature

func (*Signature) AggregateBytes added in v0.4.3

func (sigma *Signature) AggregateBytes(other []byte) error

AggregateBytes is a shorthand for unmarshalling a byte array into a Signature and thus mutate Signature sigma by aggregating the unmarshalled signature

func (*Signature) Compress added in v0.4.3

func (sigma *Signature) Compress() []byte

Compress the signature to the 32 byte form

func (*Signature) Copy added in v0.4.3

func (sigma *Signature) Copy() *Signature

Copy (inefficiently) the Signature by unmarshaling and marshaling the embedded G1

func (*Signature) Decompress added in v0.4.3

func (sigma *Signature) Decompress(x []byte) error

Decompress reconstructs the 64 byte signature from the compressed form

func (*Signature) Marshal added in v0.4.3

func (sigma *Signature) Marshal() []byte

Marshal a Signature into a byte array

func (*Signature) Unmarshal added in v0.4.3

func (sigma *Signature) Unmarshal(msg []byte) error

Unmarshal a byte array into a Signature

type UnsafeSignature added in v0.4.3

type UnsafeSignature struct {
	// contains filtered or unexported fields
}

UnsafeSignature is the BLS Signature Struct not resilient to rogue-key attack

func UnsafeAggregate added in v0.4.3

func UnsafeAggregate(one, other *UnsafeSignature) *UnsafeSignature

UnsafeAggregate combines signatures on distinct messages.

func UnsafeBatch added in v0.4.3

func UnsafeBatch(sigs ...*UnsafeSignature) (*UnsafeSignature, error)

UnsafeBatch is a utility function to aggregate distinct messages (if not distinct the scheme is vulnerable to chosen-key attack)

func UnsafeSign added in v0.4.3

func UnsafeSign(key *SecretKey, msg []byte) (*UnsafeSignature, error)

UnsafeSign generates an UnsafeSignature being vulnerable to the rogue-key attack and therefore can only be used if the messages are distinct

func (*UnsafeSignature) Compress added in v0.4.3

func (usig *UnsafeSignature) Compress() []byte

Compress the signature to the 32 byte form

func (*UnsafeSignature) Decompress added in v0.4.3

func (usig *UnsafeSignature) Decompress(x []byte) error

Decompress reconstructs the 64 byte signature from the compressed form

func (*UnsafeSignature) Marshal added in v0.4.3

func (usig *UnsafeSignature) Marshal() []byte

Marshal an UnsafeSignature into a byte array

func (*UnsafeSignature) Unmarshal added in v0.4.3

func (usig *UnsafeSignature) Unmarshal(msg []byte) error

Unmarshal a byte array into an UnsafeSignature

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL