fun rotate_consensus_key_internal(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>, genesis: bool)
+fun rotate_consensus_key_internal(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, genesis: bool)
@@ -2430,7 +2425,6 @@ Move amount of coins from pending_inactive to active.
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector<u8>,
- proof_of_possession: vector<u8>,
genesis: bool,
) acquires StakePool, ValidatorConfig {
assert_stake_pool_exists(pool_address);
@@ -2440,16 +2434,13 @@ Move amount of coins from pending_inactive to active.
assert!(exists<ValidatorConfig>(pool_address), error::not_found(EVALIDATOR_CONFIG));
let validator_info = borrow_global_mut<ValidatorConfig>(pool_address);
let old_consensus_pubkey = validator_info.consensus_pubkey;
- // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks.
+ // Checks the public key is valid to prevent rogue-key attacks.
if (!genesis) {
- let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop(
- new_consensus_pubkey,
- &proof_of_possession_from_bytes(proof_of_possession)
- );
- assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY));
+ let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey);
+ assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
} else {
- let pubkey = &mut bls12381::public_key_from_bytes(new_consensus_pubkey);
- assert!(option::is_some(pubkey), error::invalid_argument(EINVALID_PUBLIC_KEY));
+ let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey);
+ assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
};
validator_info.consensus_pubkey = new_consensus_pubkey;
@@ -2477,7 +2468,7 @@ does not verify proof of possession
only for genesis
-public(friend) fun rotate_consensus_key_genesis(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_poseesion: vector<u8>)
+public(friend) fun rotate_consensus_key_genesis(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>)
@@ -2490,9 +2481,8 @@ only for genesis
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector<u8>,
- proof_of_poseesion: vector<u8>,
) acquires StakePool, ValidatorConfig {
- rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_poseesion, true);
+ rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, true);
}
@@ -2507,7 +2497,7 @@ only for genesis
Rotate the consensus key of the validator, it'll take effect in next epoch.
-public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>)
+public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>)
@@ -2520,9 +2510,8 @@ Rotate the consensus key of the validator, it'll take effect in next epoch.
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector<u8>,
- proof_of_possession: vector<u8>,
) acquires StakePool, ValidatorConfig {
- rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_possession, false);
+ rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, false);
}
@@ -3732,6 +3721,174 @@ Returns validator's next epoch voting power, including pending_active, active, a
+
+
+
+
+fun spec_validators_are_initialized(validators: vector<ValidatorInfo>): bool {
+ forall i in 0..len(validators):
+ spec_has_stake_pool(validators[i].addr) &&
+ spec_has_validator_config(validators[i].addr)
+}
+
+
+
+
+
+
+
+
+fun spec_validator_indices_are_valid(validators: vector<ValidatorInfo>): bool {
+ forall i in 0..len(validators):
+ global<ValidatorConfig>(validators[i].addr).validator_index < spec_validator_index_upper_bound()
+}
+
+
+
+
+
+
+
+
+fun spec_validator_index_upper_bound(): u64 {
+ len(global<ValidatorPerformance>(@aptos_framework).validators)
+}
+
+
+
+
+
+
+
+
+fun spec_has_stake_pool(a: address): bool {
+ exists<StakePool>(a)
+}
+
+
+
+
+
+
+
+
+fun spec_has_validator_config(a: address): bool {
+ exists<ValidatorConfig>(a)
+}
+
+
+
+
+
+
+
+
+fun spec_rewards_amount(
+ stake_amount: u64,
+ num_successful_proposals: u64,
+ num_total_proposals: u64,
+ rewards_rate: u64,
+ rewards_rate_denominator: u64,
+): u64;
+
+
+
+
+
+
+
+
+fun spec_contains(validators: vector<ValidatorInfo>, addr: address): bool {
+ exists i in 0..len(validators): validators[i].addr == addr
+}
+
+
+
+
+
+
+
+
+fun spec_is_current_epoch_validator(pool_address: address): bool {
+ let validator_set = global<ValidatorSet>(@aptos_framework);
+ !spec_contains(validator_set.pending_active, pool_address)
+ && (spec_contains(validator_set.active_validators, pool_address)
+ || spec_contains(validator_set.pending_inactive, pool_address))
+}
+
+
+
+
+
+
+
+
+schema ResourceRequirement {
+ requires exists<AptosCoinCapabilities>(@aptos_framework);
+ requires exists<ValidatorPerformance>(@aptos_framework);
+ requires exists<ValidatorSet>(@aptos_framework);
+ requires exists<StakingConfig>(@aptos_framework);
+ requires exists<StakingRewardsConfig>(@aptos_framework) || !features::spec_periodical_reward_rate_decrease_enabled();
+ requires exists<timestamp::CurrentTimeMicroseconds>(@aptos_framework);
+ requires exists<ValidatorFees>(@aptos_framework);
+}
+
+
+
+
+
+
+
+
+fun spec_get_reward_rate_1(config: StakingConfig): num {
+ if (features::spec_periodical_reward_rate_decrease_enabled()) {
+ let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
+ if (epoch_rewards_rate.value == 0) {
+ 0
+ } else {
+ let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
+ let denominator = if (denominator_0 > MAX_U64) {
+ MAX_U64
+ } else {
+ denominator_0
+ };
+ let nominator = aptos_std::fixed_point64::spec_multiply_u128(denominator, epoch_rewards_rate);
+ nominator
+ }
+ } else {
+ config.rewards_rate
+ }
+}
+
+
+
+
+
+
+
+
+fun spec_get_reward_rate_2(config: StakingConfig): num {
+ if (features::spec_periodical_reward_rate_decrease_enabled()) {
+ let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
+ if (epoch_rewards_rate.value == 0) {
+ 1
+ } else {
+ let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
+ let denominator = if (denominator_0 > MAX_U64) {
+ MAX_U64
+ } else {
+ denominator_0
+ };
+ denominator
+ }
+ } else {
+ config.rewards_rate_denominator
+ }
+}
+
+
+
+
### Resource `ValidatorSet`
@@ -3982,17 +4139,16 @@ Returns validator's next epoch voting power, including pending_active, active, a
### Function `initialize_validator`
-public entry fun initialize_validator(account: &signer, consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>, network_addresses: vector<u8>, fullnode_addresses: vector<u8>)
+public entry fun initialize_validator(account: &signer, consensus_pubkey: vector<u8>, network_addresses: vector<u8>, fullnode_addresses: vector<u8>)
-let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop(
+let is_public_key_validated = ed25519::spec_public_key_validate_internal(
consensus_pubkey,
- proof_of_possession_from_bytes(proof_of_possession)
);
-aborts_if !option::spec_is_some(pubkey_from_pop);
+aborts_if !is_public_key_validated;
let addr = signer::address_of(account);
let post_addr = signer::address_of(account);
let allowed = global<AllowedValidators>(@aptos_framework);
@@ -4157,7 +4313,7 @@ Returns validator's next epoch voting power, including pending_active, active, a
### Function `rotate_consensus_key`
-public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>)
+public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>)
@@ -4168,11 +4324,10 @@ Returns validator's next epoch voting power, including pending_active, active, a
aborts_if !exists<StakePool>(pool_address);
aborts_if signer::address_of(operator) != pre_stake_pool.operator_address;
aborts_if !exists<ValidatorConfig>(pool_address);
-let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop(
+let is_public_key_validated = ed25519::spec_public_key_validate_internal(
new_consensus_pubkey,
- proof_of_possession_from_bytes(proof_of_possession)
);
-aborts_if !option::spec_is_some(pubkey_from_pop);
+aborts_if !is_public_key_validated;
modifies global<ValidatorConfig>(pool_address);
include StakedValueNochange;
ensures validator_info.consensus_pubkey == new_consensus_pubkey;
@@ -4824,172 +4979,4 @@ Returns validator's next epoch voting power, including pending_active, active, a
-
-
-
-
-
-fun spec_validators_are_initialized(validators: vector<ValidatorInfo>): bool {
- forall i in 0..len(validators):
- spec_has_stake_pool(validators[i].addr) &&
- spec_has_validator_config(validators[i].addr)
-}
-
-
-
-
-
-
-
-
-fun spec_validator_indices_are_valid(validators: vector<ValidatorInfo>): bool {
- forall i in 0..len(validators):
- global<ValidatorConfig>(validators[i].addr).validator_index < spec_validator_index_upper_bound()
-}
-
-
-
-
-
-
-
-
-fun spec_validator_index_upper_bound(): u64 {
- len(global<ValidatorPerformance>(@aptos_framework).validators)
-}
-
-
-
-
-
-
-
-
-fun spec_has_stake_pool(a: address): bool {
- exists<StakePool>(a)
-}
-
-
-
-
-
-
-
-
-fun spec_has_validator_config(a: address): bool {
- exists<ValidatorConfig>(a)
-}
-
-
-
-
-
-
-
-
-fun spec_rewards_amount(
- stake_amount: u64,
- num_successful_proposals: u64,
- num_total_proposals: u64,
- rewards_rate: u64,
- rewards_rate_denominator: u64,
-): u64;
-
-
-
-
-
-
-
-
-fun spec_contains(validators: vector<ValidatorInfo>, addr: address): bool {
- exists i in 0..len(validators): validators[i].addr == addr
-}
-
-
-
-
-
-
-
-
-fun spec_is_current_epoch_validator(pool_address: address): bool {
- let validator_set = global<ValidatorSet>(@aptos_framework);
- !spec_contains(validator_set.pending_active, pool_address)
- && (spec_contains(validator_set.active_validators, pool_address)
- || spec_contains(validator_set.pending_inactive, pool_address))
-}
-
-
-
-
-
-
-
-
-schema ResourceRequirement {
- requires exists<AptosCoinCapabilities>(@aptos_framework);
- requires exists<ValidatorPerformance>(@aptos_framework);
- requires exists<ValidatorSet>(@aptos_framework);
- requires exists<StakingConfig>(@aptos_framework);
- requires exists<StakingRewardsConfig>(@aptos_framework) || !features::spec_periodical_reward_rate_decrease_enabled();
- requires exists<timestamp::CurrentTimeMicroseconds>(@aptos_framework);
- requires exists<ValidatorFees>(@aptos_framework);
-}
-
-
-
-
-
-
-
-
-fun spec_get_reward_rate_1(config: StakingConfig): num {
- if (features::spec_periodical_reward_rate_decrease_enabled()) {
- let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
- if (epoch_rewards_rate.value == 0) {
- 0
- } else {
- let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
- let denominator = if (denominator_0 > MAX_U64) {
- MAX_U64
- } else {
- denominator_0
- };
- let nominator = aptos_std::fixed_point64::spec_multiply_u128(denominator, epoch_rewards_rate);
- nominator
- }
- } else {
- config.rewards_rate
- }
-}
-
-
-
-
-
-
-
-
-fun spec_get_reward_rate_2(config: StakingConfig): num {
- if (features::spec_periodical_reward_rate_decrease_enabled()) {
- let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
- if (epoch_rewards_rate.value == 0) {
- 1
- } else {
- let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
- let denominator = if (denominator_0 > MAX_U64) {
- MAX_U64
- } else {
- denominator_0
- };
- denominator
- }
- } else {
- config.rewards_rate_denominator
- }
-}
-
-
-
[move-book]: https://aptos.dev/move/book/SUMMARY
diff --git a/aptos-move/framework/aptos-framework/sources/aptos_governance.move b/aptos-move/framework/aptos-framework/sources/aptos_governance.move
index e2a649a7c4adbe..d49dca44186fc7 100644
--- a/aptos-move/framework/aptos-framework/sources/aptos_governance.move
+++ b/aptos-move/framework/aptos-framework/sources/aptos_governance.move
@@ -1023,9 +1023,9 @@ module aptos_framework::aptos_governance {
vector::push_back(&mut active_validators, signer::address_of(proposer));
vector::push_back(&mut active_validators, signer::address_of(yes_voter));
vector::push_back(&mut active_validators, signer::address_of(no_voter));
- let (_sk_1, pk_1, _pop_1) = stake::generate_identity();
- let (_sk_2, pk_2, _pop_2) = stake::generate_identity();
- let (_sk_3, pk_3, _pop_3) = stake::generate_identity();
+ let (_sk_1, pk_1) = stake::generate_identity();
+ let (_sk_2, pk_2) = stake::generate_identity();
+ let (_sk_3, pk_3) = stake::generate_identity();
let pks = vector[pk_1, pk_2, pk_3];
stake::create_validator_set(aptos_framework, active_validators, pks);
@@ -1081,14 +1081,14 @@ module aptos_framework::aptos_governance {
coin::register(no_voter);
coin::deposit(signer::address_of(no_voter), stake::mint_coins(10));
- let (_sk_1, pk_1, pop_1) = stake::generate_identity();
- let (_sk_2, pk_2, pop_2) = stake::generate_identity();
- let (_sk_3, pk_3, pop_3) = stake::generate_identity();
- stake::initialize_test_validator(&pk_2, &pop_2, yes_voter, 20, true, false);
- stake::initialize_test_validator(&pk_3, &pop_3, no_voter, 10, true, false);
+ let (_sk_1, pk_1) = stake::generate_identity();
+ let (_sk_2, pk_2) = stake::generate_identity();
+ let (_sk_3, pk_3) = stake::generate_identity();
+ stake::initialize_test_validator(&pk_2, yes_voter, 20, true, false);
+ stake::initialize_test_validator(&pk_3, no_voter, 10, true, false);
stake::end_epoch();
timestamp::fast_forward_seconds(1440);
- stake::initialize_test_validator(&pk_1, &pop_1, proposer, 100, true, false);
+ stake::initialize_test_validator(&pk_1, proposer, 100, true, false);
stake::end_epoch();
}
diff --git a/aptos-move/framework/aptos-framework/sources/delegation_pool.move b/aptos-move/framework/aptos-framework/sources/delegation_pool.move
index 77f1cb259898fc..6505fec86b99a4 100644
--- a/aptos-move/framework/aptos-framework/sources/delegation_pool.move
+++ b/aptos-move/framework/aptos-framework/sources/delegation_pool.move
@@ -1782,7 +1782,7 @@ module aptos_framework::delegation_pool {
use aptos_framework::timestamp::fast_forward_seconds;
#[test_only]
- const CONSENSUS_KEY_1: vector = x"8a54b92288d4ba5073d3a52e80cc00ae9fbbc1cc5b433b46089b7804c38a76f00fc64746c7685ee628fc2d0b929c2294";
+ const CONSENSUS_KEY_1: vector = x"1a";
#[test_only]
const CONSENSUS_POP_1: vector = x"a9d6c1f1270f2d1454c89a83a4099f813a56dc7db55591d46aa4e6ccae7898b234029ba7052f18755e6fa5e6b73e235f14efc4e2eb402ca2b8f56bad69f965fc11b7b25eb1c95a06f83ddfd023eac4559b6582696cfea97b227f4ce5bdfdfed0";
@@ -1899,7 +1899,7 @@ module aptos_framework::delegation_pool {
initialize_delegation_pool(validator, commission_percentage, vector::empty());
let pool_address = get_owned_pool_address(validator_address);
- stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1);
if (amount > 0) {
stake::mint(validator, amount);
@@ -2058,7 +2058,7 @@ module aptos_framework::delegation_pool {
initialize_delegation_pool(validator, 3735, vector::empty());
let pool_address = get_owned_pool_address(validator_address);
- stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1);
// zero `add_stake` fee as validator is not producing rewards this epoch
assert!(get_add_stake_fee(pool_address, 1000000 * ONE_APT) == 0, 0);
@@ -3226,7 +3226,7 @@ module aptos_framework::delegation_pool {
assert_delegation(validator_address, pool_address, 0, 0, 0);
// activate validator
- stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(validator, pool_address);
end_aptos_epoch();
@@ -3363,7 +3363,7 @@ module aptos_framework::delegation_pool {
unlock(delegator, pool_address, 100 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(old_operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(old_operator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(old_operator, pool_address);
end_aptos_epoch();
@@ -3430,7 +3430,7 @@ module aptos_framework::delegation_pool {
unlock(delegator, pool_address, 1000000 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(operator1, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(operator1, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(operator1, pool_address);
end_aptos_epoch();
@@ -3495,7 +3495,7 @@ module aptos_framework::delegation_pool {
unlock(delegator, pool_address, 100 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(operator, pool_address);
end_aptos_epoch();
@@ -3557,7 +3557,7 @@ module aptos_framework::delegation_pool {
unlock(delegator, pool_address, 100 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(operator, pool_address);
end_aptos_epoch();
diff --git a/aptos-move/framework/aptos-framework/sources/genesis.move b/aptos-move/framework/aptos-framework/sources/genesis.move
index 58c6e01c7d89e5..7fe7b6f1660ec3 100644
--- a/aptos-move/framework/aptos-framework/sources/genesis.move
+++ b/aptos-move/framework/aptos-framework/sources/genesis.move
@@ -52,7 +52,6 @@ module aptos_framework::genesis {
voter_address: address,
stake_amount: u64,
consensus_pubkey: vector,
- proof_of_possession: vector,
network_addresses: vector,
full_node_network_addresses: vector,
}
@@ -365,7 +364,6 @@ module aptos_framework::genesis {
operator,
pool_address,
validator.consensus_pubkey,
- validator.proof_of_possession,
);
stake::update_network_and_fullnode_addresses(
operator,
diff --git a/aptos-move/framework/aptos-framework/sources/stake.move b/aptos-move/framework/aptos-framework/sources/stake.move
index 1df14c8d29635a..474aac5a10316c 100644
--- a/aptos-move/framework/aptos-framework/sources/stake.move
+++ b/aptos-move/framework/aptos-framework/sources/stake.move
@@ -23,7 +23,7 @@ module aptos_framework::stake {
use std::option::{Self, Option};
use std::signer;
use std::vector;
- use aptos_std::bls12381;
+ use aptos_std::ed25519;
use aptos_std::math64::min;
use aptos_std::table::{Self, Table};
use aptos_framework::aptos_coin::AptosCoin;
@@ -494,17 +494,12 @@ module aptos_framework::stake {
public entry fun initialize_validator(
account: &signer,
consensus_pubkey: vector,
- proof_of_possession: vector,
network_addresses: vector,
fullnode_addresses: vector,
) acquires AllowedValidators {
- // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks.
- let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop(
- consensus_pubkey,
- &proof_of_possession_from_bytes(proof_of_possession)
- );
- assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY));
-
+ // Checks the public key is valid to prevent rogue-key attacks.
+ let valid_public_key = ed25519::new_validated_public_key_from_bytes(consensus_pubkey);
+ assert!(option::is_some(&valid_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
initialize_owner(account);
move_to(account, ValidatorConfig {
consensus_pubkey,
@@ -693,7 +688,6 @@ module aptos_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_possession: vector,
genesis: bool,
) acquires StakePool, ValidatorConfig {
assert_stake_pool_exists(pool_address);
@@ -703,16 +697,13 @@ module aptos_framework::stake {
assert!(exists(pool_address), error::not_found(EVALIDATOR_CONFIG));
let validator_info = borrow_global_mut(pool_address);
let old_consensus_pubkey = validator_info.consensus_pubkey;
- // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks.
+ // Checks the public key is valid to prevent rogue-key attacks.
if (!genesis) {
- let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop(
- new_consensus_pubkey,
- &proof_of_possession_from_bytes(proof_of_possession)
- );
- assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY));
+ let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey);
+ assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
} else {
- let pubkey = &mut bls12381::public_key_from_bytes(new_consensus_pubkey);
- assert!(option::is_some(pubkey), error::invalid_argument(EINVALID_PUBLIC_KEY));
+ let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey);
+ assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
};
validator_info.consensus_pubkey = new_consensus_pubkey;
@@ -733,9 +724,8 @@ module aptos_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_poseesion: vector,
) acquires StakePool, ValidatorConfig {
- rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_poseesion, true);
+ rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, true);
}
/// Rotate the consensus key of the validator, it'll take effect in next epoch.
@@ -743,9 +733,8 @@ module aptos_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_possession: vector,
) acquires StakePool, ValidatorConfig {
- rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_possession, false);
+ rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, false);
}
/// Update the network and full node addresses of the validator. This only takes effect in the next epoch.
@@ -1388,7 +1377,6 @@ module aptos_framework::stake {
#[test_only]
use aptos_framework::aptos_coin;
- use aptos_std::bls12381::proof_of_possession_from_bytes;
#[test_only]
use aptos_std::fixed_point64;
@@ -1405,15 +1393,13 @@ module aptos_framework::stake {
#[test_only]
public fun join_validator_set_for_test(
- pk: &bls12381::PublicKey,
- pop: &bls12381::ProofOfPossession,
+ pk: &ed25519::UnvalidatedPublicKey,
operator: &signer,
pool_address: address,
should_end_epoch: bool,
) acquires AptosCoinCapabilities, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
- let pk_bytes = bls12381::public_key_to_bytes(pk);
- let pop_bytes = bls12381::proof_of_possession_to_bytes(pop);
- rotate_consensus_key(operator, pool_address, pk_bytes, pop_bytes);
+ let pk_bytes = ed25519::unvalidated_public_key_to_bytes(pk);
+ rotate_consensus_key(operator, pool_address, pk_bytes);
join_validator_set(operator, pool_address);
if (should_end_epoch) {
end_epoch();
@@ -1484,8 +1470,7 @@ module aptos_framework::stake {
#[test_only]
public fun initialize_test_validator(
- public_key: &bls12381::PublicKey,
- proof_of_possession: &bls12381::ProofOfPossession,
+ public_key: &ed25519::UnvalidatedPublicKey,
validator: &signer,
amount: u64,
should_join_validator_set: bool,
@@ -1496,9 +1481,8 @@ module aptos_framework::stake {
account::create_account_for_test(validator_address);
};
- let pk_bytes = bls12381::public_key_to_bytes(public_key);
- let pop_bytes = bls12381::proof_of_possession_to_bytes(proof_of_possession);
- initialize_validator(validator, pk_bytes, pop_bytes, vector::empty(), vector::empty());
+ let pk_bytes = ed25519::unvalidated_public_key_to_bytes(public_key);
+ initialize_validator(validator, pk_bytes, vector::empty(), vector::empty());
if (amount > 0) {
mint_and_add_stake(validator, amount);
@@ -1516,7 +1500,7 @@ module aptos_framework::stake {
public fun create_validator_set(
aptos_framework: &signer,
active_validator_addresses: vector,
- public_keys: vector,
+ public_keys: vector,
) {
let active_validators = vector::empty();
let i = 0;
@@ -1527,7 +1511,7 @@ module aptos_framework::stake {
addr: *validator_address,
voting_power: 0,
config: ValidatorConfig {
- consensus_pubkey: bls12381::public_key_to_bytes(pk),
+ consensus_pubkey: ed25519::unvalidated_public_key_to_bytes(pk),
network_addresses: b"",
fullnode_addresses: b"",
validator_index: 0,
@@ -1574,11 +1558,10 @@ module aptos_framework::stake {
}
#[test_only]
- public fun generate_identity(): (bls12381::SecretKey, bls12381::PublicKey, bls12381::ProofOfPossession) {
- let (sk, pkpop) = bls12381::generate_keys();
- let pop = bls12381::generate_proof_of_possession(&sk);
- let unvalidated_pk = bls12381::public_key_with_pop_to_normal(&pkpop);
- (sk, unvalidated_pk, pop)
+ public fun generate_identity(): (ed25519::SecretKey, ed25519::UnvalidatedPublicKey) {
+ let (sk, pkpop) = ed25519::generate_keys();
+ let unvalidated_pub_key = ed25519::public_key_to_unvalidated(&pkpop);
+ (sk, unvalidated_pub_key)
}
#[test(aptos_framework = @aptos_framework, validator = @0x123)]
@@ -1588,8 +1571,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, AptosCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Add more stake to exceed max. This should fail.
mint_and_add_stake(validator, 9901);
@@ -1604,12 +1587,12 @@ module aptos_framework::stake {
) acquires AllowedValidators, AptosCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 100000);
// Have one validator join the set to ensure the validator set is not empty when main validator joins.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, true);
// Validator 2 joins validator set but epoch has not ended so validator is in pending_active state.
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, false);
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_2, validator_2, 100, true, false);
// Add more stake to exceed max. This should fail.
mint_and_add_stake(validator_2, 9901);
@@ -1623,8 +1606,8 @@ module aptos_framework::stake {
) acquires AllowedValidators, AptosCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
// Validator joins validator set and waits for epoch end so it's in the validator set.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Add more stake to exceed max. This should fail.
mint_and_add_stake(validator, 9901);
@@ -1638,8 +1621,8 @@ module aptos_framework::stake {
) acquires AllowedValidators, AptosCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
// Validator joins validator set and waits for epoch end so it's in the validator set.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Request to unlock 50 coins, which go to pending_inactive. Validator has 50 remaining in active.
unlock(validator, 50);
@@ -1657,10 +1640,10 @@ module aptos_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, AptosCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Leave validator set so validator is in pending_inactive state.
leave_validator_set(validator_1, signer::address_of(validator_1));
@@ -1675,8 +1658,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Validator has a lockup now that they've joined the validator set.
let validator_address = signer::address_of(validator);
@@ -1732,8 +1715,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Validator sets lockup before even joining the set and lets half of lockup pass by.
increase_lockup(validator);
@@ -1758,8 +1741,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Increase lockup.
increase_lockup(validator);
@@ -1778,10 +1761,10 @@ module aptos_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, false, false);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
// Validator 1 needs to be in the set so validator 2's added stake counts against the limit.
join_validator_set(validator_1, signer::address_of(validator_1));
@@ -1800,10 +1783,10 @@ module aptos_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 10000);
// Need 1 validator to be in the active validator set so joining limit works.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, true);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, false, true);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
// Add more stake while still pending_active.
let validator_2_address = signer::address_of(validator_2);
@@ -1823,13 +1806,13 @@ module aptos_framework::stake {
// 100% voting power increase is allowed in each epoch.
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 100);
// Need 1 validator to be in the active validator set so joining limit works.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, true);
// Validator 2 joins the validator set but epoch has not ended so they're still pending_active.
// Current voting power increase is already 100%. This is not failing yet.
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, false);
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_2, validator_2, 100, true, false);
// Add more stake, which now exceeds the 100% limit. This should fail.
mint_and_add_stake(validator_2, 1);
@@ -1842,8 +1825,8 @@ module aptos_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
// Validator joins but epoch hasn't ended, so the validator is still pending_active.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, false);
let validator_address = signer::address_of(validator);
assert!(get_validator_state(validator_address) == VALIDATOR_STATUS_PENDING_ACTIVE, 0);
@@ -1867,8 +1850,8 @@ module aptos_framework::stake {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
// Add initial stake and join the validator set.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
let validator_address = signer::address_of(validator);
assert_validator_state(validator_address, 100, 0, 0, 0, 0);
@@ -1888,8 +1871,8 @@ module aptos_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Add more than 50% limit. This should fail.
mint_and_add_stake(validator, 51);
@@ -1902,8 +1885,8 @@ module aptos_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Reward rate = 10%.
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 100);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Unlock half of the coins.
let validator_address = signer::address_of(validator);
@@ -1927,8 +1910,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
let validator_address = signer::address_of(validator);
assert!(get_remaining_lockup_secs(validator_address) == LOCKUP_CYCLE_SECONDS, 0);
@@ -1964,8 +1947,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Validator unlocks more stake than they have active. This should limit the unlock to 100.
unlock(validator, 200);
@@ -1979,8 +1962,8 @@ module aptos_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
// Initial balance = 900 (idle) + 100 (staked) = 1000.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
mint(validator, 900);
// Validator unlocks stake.
@@ -2003,8 +1986,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Validator unlocks stake, which gets moved into pending_inactive.
unlock(validator, 50);
@@ -2022,8 +2005,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Validator tries to reactivate more than available pending_inactive stake, which should limit to 50.
unlock(validator, 50);
@@ -2039,8 +2022,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Unlock enough coins that the remaining is not enough to meet the min required.
let validator_address = signer::address_of(validator);
@@ -2067,11 +2050,11 @@ module aptos_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator, 100, true, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator, 100, true, false);
// We need a second validator here just so the first validator can leave.
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Leave the validator set while still having a lockup.
let validator_address = signer::address_of(validator);
@@ -2111,11 +2094,11 @@ module aptos_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator, 100, true, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator, 100, true, false);
// We need a second validator here just so the first validator can leave.
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Leave the validator set while still having a lockup.
let validator_address = signer::address_of(validator);
@@ -2143,11 +2126,11 @@ module aptos_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(aptos_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
// We need a second validator here just so the first validator can leave.
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Validator 1 leaves the validator set. Epoch has not ended so they're still pending_inactive.
leave_validator_set(validator_1, signer::address_of(validator_1));
@@ -2167,13 +2150,13 @@ module aptos_framework::stake {
let validator_3_address = signer::address_of(validator_3);
initialize_for_test_custom(aptos_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 100, 100);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let pk_1_bytes = bls12381::public_key_to_bytes(&pk_1);
- let (_sk_2, pk_2, pop_2) = generate_identity();
- let (_sk_3, pk_3, pop_3) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
- initialize_test_validator(&pk_3, &pop_3, validator_3, 100, false, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let pk_1_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_1);
+ let (_sk_2, pk_2) = generate_identity();
+ let (_sk_3, pk_3) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, false, false);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
+ initialize_test_validator(&pk_3, validator_3, 100, false, false);
// Validator 1 and 2 join the validator set.
join_validator_set(validator_2, validator_2_address);
@@ -2194,10 +2177,9 @@ module aptos_framework::stake {
assert!(validator_config_2.config.validator_index == 1, 5);
// Validator 1 rotates consensus key. Validator 2 leaves. Validator 3 joins.
- let (_sk_1b, pk_1b, pop_1b) = generate_identity();
- let pk_1b_bytes = bls12381::public_key_to_bytes(&pk_1b);
- let pop_1b_bytes = bls12381::proof_of_possession_to_bytes(&pop_1b);
- rotate_consensus_key(validator_1, validator_1_address, pk_1b_bytes, pop_1b_bytes);
+ let (_sk_1b, pk_1b) = generate_identity();
+ let pk_1b_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_1b);
+ rotate_consensus_key(validator_1, validator_1_address, pk_1b_bytes);
leave_validator_set(validator_2, validator_2_address);
join_validator_set(validator_3, validator_3_address);
// Validator 2 is not effectively removed until next epoch.
@@ -2233,8 +2215,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(aptos_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 100, 100);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 0, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 0, false, false);
let owner_cap = extract_owner_cap(validator);
// Add stake when the validator is not yet activated.
@@ -2260,10 +2242,9 @@ module aptos_framework::stake {
assert_validator_state(pool_address, 0, 0, 0, 0, 0);
// Operator can separately rotate consensus key.
- let (_sk_new, pk_new, pop_new) = generate_identity();
- let pk_new_bytes = bls12381::public_key_to_bytes(&pk_new);
- let pop_new_bytes = bls12381::proof_of_possession_to_bytes(&pop_new);
- rotate_consensus_key(validator, pool_address, pk_new_bytes, pop_new_bytes);
+ let (_sk_new, pk_new) = generate_identity();
+ let pk_new_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_new);
+ rotate_consensus_key(validator, pool_address, pk_new_bytes);
let validator_config = borrow_global(pool_address);
assert!(validator_config.consensus_pubkey == pk_new_bytes, 2);
@@ -2288,8 +2269,8 @@ module aptos_framework::stake {
initialize_for_test_custom(aptos_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, false, 1, 100, 100);
// Joining the validator set should fail as post genesis validator set change is not allowed.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
}
#[test(aptos_framework = @aptos_framework, validator = @0x123)]
@@ -2299,8 +2280,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, AptosCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
join_validator_set(validator, @0x234);
}
@@ -2311,8 +2292,8 @@ module aptos_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(aptos_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, false, 1, 100, 100);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Bypass the check to join. This is the same function called during Genesis.
let validator_address = signer::address_of(validator);
@@ -2347,17 +2328,17 @@ module aptos_framework::stake {
initialize_for_test(aptos_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- let (_sk_3, pk_3, pop_3) = generate_identity();
- let (_sk_4, pk_4, pop_4) = generate_identity();
- let (_sk_5, pk_5, pop_5) = generate_identity();
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ let (_sk_3, pk_3) = generate_identity();
+ let (_sk_4, pk_4) = generate_identity();
+ let (_sk_5, pk_5) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
- initialize_test_validator(&pk_3, &pop_3, validator_3, 100, false, false);
- initialize_test_validator(&pk_4, &pop_4, validator_4, 100, false, false);
- initialize_test_validator(&pk_5, &pop_5, validator_5, 100, false, false);
+ initialize_test_validator(&pk_1, validator_1, 100, false, false);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
+ initialize_test_validator(&pk_3, validator_3, 100, false, false);
+ initialize_test_validator(&pk_4, validator_4, 100, false, false);
+ initialize_test_validator(&pk_5, validator_5, 100, false, false);
join_validator_set(validator_3, v3_addr);
end_epoch();
@@ -2408,10 +2389,10 @@ module aptos_framework::stake {
let validator_2_address = signer::address_of(validator_2);
// Both validators join the set.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Validator 2 failed proposal.
let failed_proposer_indices = vector::empty();
@@ -2458,10 +2439,10 @@ module aptos_framework::stake {
let validator_2_address = signer::address_of(validator_2);
// Both validators join the set.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 1000, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 10000, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 1000, true, false);
+ initialize_test_validator(&pk_2, validator_2, 10000, true, true);
// One epoch passed. Validator 1 and validator 2 should receive rewards at rewards rate = 1% every epoch.
end_epoch();
@@ -2509,8 +2490,8 @@ module aptos_framework::stake {
initialize_for_test(aptos_framework);
let validator_address = signer::address_of(validator);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
let valid_validator_index = borrow_global(validator_address).validator_index;
let out_of_bounds_index = valid_validator_index + 100;
@@ -2565,10 +2546,9 @@ module aptos_framework::stake {
// Initialize validator config.
let validator_address = signer::address_of(validator);
- let (_sk_new, pk_new, pop_new) = generate_identity();
- let pk_new_bytes = bls12381::public_key_to_bytes(&pk_new);
- let pop_new_bytes = bls12381::proof_of_possession_to_bytes(&pop_new);
- rotate_consensus_key(validator, validator_address, pk_new_bytes, pop_new_bytes);
+ let (_sk_new, pk_new) = generate_identity();
+ let pk_new_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_new);
+ rotate_consensus_key(validator, validator_address, pk_new_bytes);
// Join the validator set with enough stake. This now wouldn't fail since the validator config already exists.
join_validator_set(validator, validator_address);
@@ -2630,10 +2610,10 @@ module aptos_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, AptosCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(aptos_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
assert!(vector::length(&borrow_global(@aptos_framework).active_validators) == 2, 0);
// Remove validator 1 from the active validator set. Only validator 2 remains.
@@ -2753,12 +2733,12 @@ module aptos_framework::stake {
let validator_3_address = signer::address_of(validator_3);
// Validators join the set and epoch ends.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- let (_sk_3, pk_3, pop_3) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, false);
- initialize_test_validator(&pk_3, &pop_3, validator_3, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ let (_sk_3, pk_3) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, false);
+ initialize_test_validator(&pk_3, validator_3, 100, true, true);
// Next, simulate fees collection during three blocks, where proposers are
// validators 1, 2, and 1 again.
diff --git a/aptos-move/framework/aptos-framework/sources/stake.spec.move b/aptos-move/framework/aptos-framework/sources/stake.spec.move
index 64e229f81bd227..697e302fecad03 100644
--- a/aptos-move/framework/aptos-framework/sources/stake.spec.move
+++ b/aptos-move/framework/aptos-framework/sources/stake.spec.move
@@ -104,15 +104,13 @@ spec aptos_framework::stake {
spec initialize_validator(
account: &signer,
consensus_pubkey: vector,
- proof_of_possession: vector,
network_addresses: vector,
fullnode_addresses: vector,
){
- let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop(
+ let is_public_key_validated = ed25519::spec_public_key_validate_internal(
consensus_pubkey,
- proof_of_possession_from_bytes(proof_of_possession)
);
- aborts_if !option::spec_is_some(pubkey_from_pop);
+ aborts_if !is_public_key_validated;
let addr = signer::address_of(account);
let post_addr = signer::address_of(account);
let allowed = global(@aptos_framework);
@@ -357,18 +355,16 @@ spec aptos_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_possession: vector,
) {
let pre_stake_pool = global(pool_address);
let post validator_info = global(pool_address);
aborts_if !exists(pool_address);
aborts_if signer::address_of(operator) != pre_stake_pool.operator_address;
aborts_if !exists(pool_address);
- let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop(
+ let is_public_key_validated = ed25519::spec_public_key_validate_internal(
new_consensus_pubkey,
- proof_of_possession_from_bytes(proof_of_possession)
);
- aborts_if !option::spec_is_some(pubkey_from_pop);
+ aborts_if !is_public_key_validated;
modifies global(pool_address);
include StakedValueNochange;
diff --git a/aptos-move/framework/aptos-framework/sources/vesting.move b/aptos-move/framework/aptos-framework/sources/vesting.move
index 440f0650c67e12..32f12f8978fd10 100644
--- a/aptos-move/framework/aptos-framework/sources/vesting.move
+++ b/aptos-move/framework/aptos-framework/sources/vesting.move
@@ -1126,8 +1126,8 @@ module aptos_framework::vesting {
stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0);
// The stake pool is still in pending active stake, so unlock_rewards and vest shouldn't do anything.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, false);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, admin, stake_pool_address, false);
assert!(stake::get_validator_state(stake_pool_address) == VALIDATOR_STATUS_PENDING_ACTIVE, 1);
unlock_rewards(contract_address);
vest(contract_address);
@@ -1332,8 +1332,8 @@ module aptos_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, admin, stake_pool_address, true);
// Fast forward to the end of the first period. vest() should now unlock 3/48 of the tokens.
timestamp::update_global_time_for_test_secs(vesting_start_secs(contract_address) + VESTING_PERIOD);
@@ -1363,8 +1363,8 @@ module aptos_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, admin, stake_pool_address, true);
// Stake pool earns some rewards. unlock_rewards should unlock the right amount.
stake::end_epoch();
@@ -1399,8 +1399,8 @@ module aptos_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, stake_pool_address, true);
// Stake pool earns some rewards. unlock_rewards should unlock the right amount.
stake::end_epoch();
@@ -1445,8 +1445,8 @@ module aptos_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, stake_pool_address, true);
// Stake pool earns some rewards.
stake::end_epoch();
@@ -1511,8 +1511,8 @@ module aptos_framework::vesting {
update_operator(admin, contract_address, operator_address, 10);
// Operator needs to join the validator set for the stake pool to earn rewards.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, stake_pool_address, true);
stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0);
assert!(get_accumulated_rewards(contract_address) == 0, 0);
assert!(remaining_grant(contract_address) == GRANT_AMOUNT, 0);
@@ -1576,8 +1576,8 @@ module aptos_framework::vesting {
assert!(staking_contract::beneficiary_for_operator(operator_address1) == beneficiary_address, 0);
// Operator needs to join the validator set for the stake pool to earn rewards.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator1, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator1, stake_pool_address, true);
stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0);
assert!(get_accumulated_rewards(contract_address) == 0, 0);
assert!(remaining_grant(contract_address) == GRANT_AMOUNT, 0);
diff --git a/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs b/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs
index 045a27c1a664a2..e425ba72f45bdd 100644
--- a/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs
+++ b/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs
@@ -636,7 +636,6 @@ pub enum EntryFunctionCall {
/// Initialize the validator account and give ownership to the signing account.
StakeInitializeValidator {
consensus_pubkey: Vec,
- proof_of_possession: Vec,
network_addresses: Vec,
fullnode_addresses: Vec,
},
@@ -665,7 +664,6 @@ pub enum EntryFunctionCall {
StakeRotateConsensusKey {
pool_address: AccountAddress,
new_consensus_pubkey: Vec,
- proof_of_possession: Vec,
},
/// Allows an owner to change the delegated voter of the stake pool.
@@ -1291,25 +1289,18 @@ impl EntryFunctionCall {
} => stake_initialize_stake_owner(initial_stake_amount, operator, voter),
StakeInitializeValidator {
consensus_pubkey,
- proof_of_possession,
network_addresses,
fullnode_addresses,
- } => stake_initialize_validator(
- consensus_pubkey,
- proof_of_possession,
- network_addresses,
- fullnode_addresses,
- ),
+ } => {
+ stake_initialize_validator(consensus_pubkey, network_addresses, fullnode_addresses)
+ },
StakeJoinValidatorSet { pool_address } => stake_join_validator_set(pool_address),
StakeLeaveValidatorSet { pool_address } => stake_leave_validator_set(pool_address),
StakeReactivateStake { amount } => stake_reactivate_stake(amount),
StakeRotateConsensusKey {
pool_address,
new_consensus_pubkey,
- proof_of_possession,
- } => {
- stake_rotate_consensus_key(pool_address, new_consensus_pubkey, proof_of_possession)
- },
+ } => stake_rotate_consensus_key(pool_address, new_consensus_pubkey),
StakeSetDelegatedVoter { new_voter } => stake_set_delegated_voter(new_voter),
StakeSetOperator { new_operator } => stake_set_operator(new_operator),
StakeUnlock { amount } => stake_unlock(amount),
@@ -3146,7 +3137,6 @@ pub fn stake_initialize_stake_owner(
/// Initialize the validator account and give ownership to the signing account.
pub fn stake_initialize_validator(
consensus_pubkey: Vec,
- proof_of_possession: Vec,
network_addresses: Vec,
fullnode_addresses: Vec,
) -> TransactionPayload {
@@ -3162,7 +3152,6 @@ pub fn stake_initialize_validator(
vec![],
vec![
bcs::to_bytes(&consensus_pubkey).unwrap(),
- bcs::to_bytes(&proof_of_possession).unwrap(),
bcs::to_bytes(&network_addresses).unwrap(),
bcs::to_bytes(&fullnode_addresses).unwrap(),
],
@@ -3226,7 +3215,6 @@ pub fn stake_reactivate_stake(amount: u64) -> TransactionPayload {
pub fn stake_rotate_consensus_key(
pool_address: AccountAddress,
new_consensus_pubkey: Vec,
- proof_of_possession: Vec,
) -> TransactionPayload {
TransactionPayload::EntryFunction(EntryFunction::new(
ModuleId::new(
@@ -3241,7 +3229,6 @@ pub fn stake_rotate_consensus_key(
vec![
bcs::to_bytes(&pool_address).unwrap(),
bcs::to_bytes(&new_consensus_pubkey).unwrap(),
- bcs::to_bytes(&proof_of_possession).unwrap(),
],
))
}
@@ -5047,9 +5034,8 @@ mod decoder {
if let TransactionPayload::EntryFunction(script) = payload {
Some(EntryFunctionCall::StakeInitializeValidator {
consensus_pubkey: bcs::from_bytes(script.args().get(0)?).ok()?,
- proof_of_possession: bcs::from_bytes(script.args().get(1)?).ok()?,
- network_addresses: bcs::from_bytes(script.args().get(2)?).ok()?,
- fullnode_addresses: bcs::from_bytes(script.args().get(3)?).ok()?,
+ network_addresses: bcs::from_bytes(script.args().get(1)?).ok()?,
+ fullnode_addresses: bcs::from_bytes(script.args().get(2)?).ok()?,
})
} else {
None
@@ -5091,7 +5077,6 @@ mod decoder {
Some(EntryFunctionCall::StakeRotateConsensusKey {
pool_address: bcs::from_bytes(script.args().get(0)?).ok()?,
new_consensus_pubkey: bcs::from_bytes(script.args().get(1)?).ok()?,
- proof_of_possession: bcs::from_bytes(script.args().get(2)?).ok()?,
})
} else {
None
diff --git a/aptos-move/framework/supra-framework/sources/aptos_governance.move b/aptos-move/framework/supra-framework/sources/aptos_governance.move
index 49e0e914f1a813..b85ae860dbd03d 100644
--- a/aptos-move/framework/supra-framework/sources/aptos_governance.move
+++ b/aptos-move/framework/supra-framework/sources/aptos_governance.move
@@ -1023,9 +1023,9 @@ module supra_framework::aptos_governance {
vector::push_back(&mut active_validators, signer::address_of(proposer));
vector::push_back(&mut active_validators, signer::address_of(yes_voter));
vector::push_back(&mut active_validators, signer::address_of(no_voter));
- let (_sk_1, pk_1, _pop_1) = stake::generate_identity();
- let (_sk_2, pk_2, _pop_2) = stake::generate_identity();
- let (_sk_3, pk_3, _pop_3) = stake::generate_identity();
+ let (_sk_1, pk_1) = stake::generate_identity();
+ let (_sk_2, pk_2) = stake::generate_identity();
+ let (_sk_3, pk_3) = stake::generate_identity();
let pks = vector[pk_1, pk_2, pk_3];
stake::create_validator_set(supra_framework, active_validators, pks);
@@ -1081,14 +1081,14 @@ module supra_framework::aptos_governance {
coin::register(no_voter);
coin::deposit(signer::address_of(no_voter), stake::mint_coins(10));
- let (_sk_1, pk_1, pop_1) = stake::generate_identity();
- let (_sk_2, pk_2, pop_2) = stake::generate_identity();
- let (_sk_3, pk_3, pop_3) = stake::generate_identity();
- stake::initialize_test_validator(&pk_2, &pop_2, yes_voter, 20, true, false);
- stake::initialize_test_validator(&pk_3, &pop_3, no_voter, 10, true, false);
+ let (_sk_1, pk_1) = stake::generate_identity();
+ let (_sk_2, pk_2) = stake::generate_identity();
+ let (_sk_3, pk_3) = stake::generate_identity();
+ stake::initialize_test_validator(&pk_2, yes_voter, 20, true, false);
+ stake::initialize_test_validator(&pk_3, no_voter, 10, true, false);
stake::end_epoch();
timestamp::fast_forward_seconds(1440);
- stake::initialize_test_validator(&pk_1, &pop_1, proposer, 100, true, false);
+ stake::initialize_test_validator(&pk_1, proposer, 100, true, false);
stake::end_epoch();
}
diff --git a/aptos-move/framework/supra-framework/sources/delegation_pool.move b/aptos-move/framework/supra-framework/sources/delegation_pool.move
index ee51b18c8e5e28..47cbee8f7b8ee9 100644
--- a/aptos-move/framework/supra-framework/sources/delegation_pool.move
+++ b/aptos-move/framework/supra-framework/sources/delegation_pool.move
@@ -1899,7 +1899,7 @@ module supra_framework::delegation_pool {
initialize_delegation_pool(validator, commission_percentage, vector::empty());
let pool_address = get_owned_pool_address(validator_address);
- stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1);
if (amount > 0) {
stake::mint(validator, amount);
@@ -2058,7 +2058,7 @@ module supra_framework::delegation_pool {
initialize_delegation_pool(validator, 3735, vector::empty());
let pool_address = get_owned_pool_address(validator_address);
- stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1);
// zero `add_stake` fee as validator is not producing rewards this epoch
assert!(get_add_stake_fee(pool_address, 1000000 * ONE_APT) == 0, 0);
@@ -3226,7 +3226,7 @@ module supra_framework::delegation_pool {
assert_delegation(validator_address, pool_address, 0, 0, 0);
// activate validator
- stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(validator, pool_address);
end_aptos_epoch();
@@ -3363,7 +3363,7 @@ module supra_framework::delegation_pool {
unlock(delegator, pool_address, 100 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(old_operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(old_operator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(old_operator, pool_address);
end_aptos_epoch();
@@ -3430,7 +3430,7 @@ module supra_framework::delegation_pool {
unlock(delegator, pool_address, 1000000 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(operator1, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(operator1, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(operator1, pool_address);
end_aptos_epoch();
@@ -3495,7 +3495,7 @@ module supra_framework::delegation_pool {
unlock(delegator, pool_address, 100 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(operator, pool_address);
end_aptos_epoch();
@@ -3557,7 +3557,7 @@ module supra_framework::delegation_pool {
unlock(delegator, pool_address, 100 * ONE_APT);
// activate validator
- stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1);
+ stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1);
stake::join_validator_set(operator, pool_address);
end_aptos_epoch();
diff --git a/aptos-move/framework/supra-framework/sources/genesis.move b/aptos-move/framework/supra-framework/sources/genesis.move
index a37cef82a8fec9..0e4b2e3ed87b42 100644
--- a/aptos-move/framework/supra-framework/sources/genesis.move
+++ b/aptos-move/framework/supra-framework/sources/genesis.move
@@ -52,7 +52,6 @@ module supra_framework::genesis {
voter_address: address,
stake_amount: u64,
consensus_pubkey: vector,
- proof_of_possession: vector,
network_addresses: vector,
full_node_network_addresses: vector,
}
@@ -365,7 +364,6 @@ module supra_framework::genesis {
operator,
pool_address,
validator.consensus_pubkey,
- validator.proof_of_possession,
);
stake::update_network_and_fullnode_addresses(
operator,
diff --git a/aptos-move/framework/supra-framework/sources/stake.move b/aptos-move/framework/supra-framework/sources/stake.move
index 724da8dc353586..cee865e77dffc6 100644
--- a/aptos-move/framework/supra-framework/sources/stake.move
+++ b/aptos-move/framework/supra-framework/sources/stake.move
@@ -23,7 +23,7 @@ module supra_framework::stake {
use std::option::{Self, Option};
use std::signer;
use std::vector;
- use aptos_std::bls12381;
+ use aptos_std::ed25519;
use aptos_std::math64::min;
use aptos_std::table::{Self, Table};
use supra_framework::supra_coin::SupraCoin;
@@ -494,16 +494,12 @@ module supra_framework::stake {
public entry fun initialize_validator(
account: &signer,
consensus_pubkey: vector,
- proof_of_possession: vector,
network_addresses: vector,
fullnode_addresses: vector,
) acquires AllowedValidators {
- // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks.
- let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop(
- consensus_pubkey,
- &proof_of_possession_from_bytes(proof_of_possession)
- );
- assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY));
+ // Checks the public key is valid to prevent rogue-key attacks.
+ let valid_public_key = ed25519::new_validated_public_key_from_bytes(consensus_pubkey);
+ assert!(option::is_some(&valid_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
initialize_owner(account);
move_to(account, ValidatorConfig {
@@ -693,7 +689,6 @@ module supra_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_possession: vector,
genesis: bool,
) acquires StakePool, ValidatorConfig {
assert_stake_pool_exists(pool_address);
@@ -703,16 +698,13 @@ module supra_framework::stake {
assert!(exists(pool_address), error::not_found(EVALIDATOR_CONFIG));
let validator_info = borrow_global_mut(pool_address);
let old_consensus_pubkey = validator_info.consensus_pubkey;
- // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks.
+ // Checks the public key is valid to prevent rogue-key attacks.
if (!genesis) {
- let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop(
- new_consensus_pubkey,
- &proof_of_possession_from_bytes(proof_of_possession)
- );
- assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY));
+ let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey);
+ assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
} else {
- let pubkey = &mut bls12381::public_key_from_bytes(new_consensus_pubkey);
- assert!(option::is_some(pubkey), error::invalid_argument(EINVALID_PUBLIC_KEY));
+ let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey);
+ assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
};
validator_info.consensus_pubkey = new_consensus_pubkey;
@@ -733,9 +725,8 @@ module supra_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_poseesion: vector,
) acquires StakePool, ValidatorConfig {
- rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_poseesion, true);
+ rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, true);
}
/// Rotate the consensus key of the validator, it'll take effect in next epoch.
@@ -743,9 +734,8 @@ module supra_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_possession: vector,
) acquires StakePool, ValidatorConfig {
- rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_possession, false);
+ rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, false);
}
/// Update the network and full node addresses of the validator. This only takes effect in the next epoch.
@@ -1388,7 +1378,6 @@ module supra_framework::stake {
#[test_only]
use supra_framework::supra_coin;
- use aptos_std::bls12381::proof_of_possession_from_bytes;
#[test_only]
use aptos_std::fixed_point64;
@@ -1405,15 +1394,13 @@ module supra_framework::stake {
#[test_only]
public fun join_validator_set_for_test(
- pk: &bls12381::PublicKey,
- pop: &bls12381::ProofOfPossession,
+ pk: &ed25519::UnvalidatedPublicKey,
operator: &signer,
pool_address: address,
should_end_epoch: bool,
) acquires SupraCoinCapabilities, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
- let pk_bytes = bls12381::public_key_to_bytes(pk);
- let pop_bytes = bls12381::proof_of_possession_to_bytes(pop);
- rotate_consensus_key(operator, pool_address, pk_bytes, pop_bytes);
+ let pk_bytes = ed25519::unvalidated_public_key_to_bytes(pk);
+ rotate_consensus_key(operator, pool_address, pk_bytes);
join_validator_set(operator, pool_address);
if (should_end_epoch) {
end_epoch();
@@ -1484,8 +1471,7 @@ module supra_framework::stake {
#[test_only]
public fun initialize_test_validator(
- public_key: &bls12381::PublicKey,
- proof_of_possession: &bls12381::ProofOfPossession,
+ public_key: &ed25519::UnvalidatedPublicKey,
validator: &signer,
amount: u64,
should_join_validator_set: bool,
@@ -1496,9 +1482,8 @@ module supra_framework::stake {
account::create_account_for_test(validator_address);
};
- let pk_bytes = bls12381::public_key_to_bytes(public_key);
- let pop_bytes = bls12381::proof_of_possession_to_bytes(proof_of_possession);
- initialize_validator(validator, pk_bytes, pop_bytes, vector::empty(), vector::empty());
+ let pk_bytes = ed25519::unvalidated_public_key_to_bytes(public_key);
+ initialize_validator(validator, pk_bytes, vector::empty(), vector::empty());
if (amount > 0) {
mint_and_add_stake(validator, amount);
@@ -1516,7 +1501,7 @@ module supra_framework::stake {
public fun create_validator_set(
supra_framework: &signer,
active_validator_addresses: vector,
- public_keys: vector,
+ public_keys: vector,
) {
let active_validators = vector::empty();
let i = 0;
@@ -1527,7 +1512,7 @@ module supra_framework::stake {
addr: *validator_address,
voting_power: 0,
config: ValidatorConfig {
- consensus_pubkey: bls12381::public_key_to_bytes(pk),
+ consensus_pubkey: ed25519::unvalidated_public_key_to_bytes(pk),
network_addresses: b"",
fullnode_addresses: b"",
validator_index: 0,
@@ -1574,11 +1559,10 @@ module supra_framework::stake {
}
#[test_only]
- public fun generate_identity(): (bls12381::SecretKey, bls12381::PublicKey, bls12381::ProofOfPossession) {
- let (sk, pkpop) = bls12381::generate_keys();
- let pop = bls12381::generate_proof_of_possession(&sk);
- let unvalidated_pk = bls12381::public_key_with_pop_to_normal(&pkpop);
- (sk, unvalidated_pk, pop)
+ public fun generate_identity(): (ed25519::SecretKey, ed25519::UnvalidatedPublicKey) {
+ let (sk, validated_pub_key) = ed25519::generate_keys();
+ let unvalidated_pk = ed25519::public_key_to_unvalidated(&validated_pub_key);
+ (sk, unvalidated_pk)
}
#[test(supra_framework = @supra_framework, validator = @0x123)]
@@ -1588,8 +1572,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, SupraCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Add more stake to exceed max. This should fail.
mint_and_add_stake(validator, 9901);
@@ -1604,12 +1588,12 @@ module supra_framework::stake {
) acquires AllowedValidators, SupraCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 100000);
// Have one validator join the set to ensure the validator set is not empty when main validator joins.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, true);
// Validator 2 joins validator set but epoch has not ended so validator is in pending_active state.
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, false);
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_2, validator_2, 100, true, false);
// Add more stake to exceed max. This should fail.
mint_and_add_stake(validator_2, 9901);
@@ -1623,8 +1607,8 @@ module supra_framework::stake {
) acquires AllowedValidators, SupraCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
// Validator joins validator set and waits for epoch end so it's in the validator set.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Add more stake to exceed max. This should fail.
mint_and_add_stake(validator, 9901);
@@ -1638,8 +1622,8 @@ module supra_framework::stake {
) acquires AllowedValidators, SupraCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
// Validator joins validator set and waits for epoch end so it's in the validator set.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Request to unlock 50 coins, which go to pending_inactive. Validator has 50 remaining in active.
unlock(validator, 50);
@@ -1657,10 +1641,10 @@ module supra_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, SupraCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Leave validator set so validator is in pending_inactive state.
leave_validator_set(validator_1, signer::address_of(validator_1));
@@ -1675,8 +1659,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Validator has a lockup now that they've joined the validator set.
let validator_address = signer::address_of(validator);
@@ -1732,8 +1716,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Validator sets lockup before even joining the set and lets half of lockup pass by.
increase_lockup(validator);
@@ -1758,8 +1742,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Increase lockup.
increase_lockup(validator);
@@ -1778,10 +1762,10 @@ module supra_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, false, false);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
// Validator 1 needs to be in the set so validator 2's added stake counts against the limit.
join_validator_set(validator_1, signer::address_of(validator_1));
@@ -1800,10 +1784,10 @@ module supra_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 10000);
// Need 1 validator to be in the active validator set so joining limit works.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, true);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, false, true);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
// Add more stake while still pending_active.
let validator_2_address = signer::address_of(validator_2);
@@ -1823,13 +1807,13 @@ module supra_framework::stake {
// 100% voting power increase is allowed in each epoch.
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 100);
// Need 1 validator to be in the active validator set so joining limit works.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, true);
// Validator 2 joins the validator set but epoch has not ended so they're still pending_active.
// Current voting power increase is already 100%. This is not failing yet.
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, false);
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_2, validator_2, 100, true, false);
// Add more stake, which now exceeds the 100% limit. This should fail.
mint_and_add_stake(validator_2, 1);
@@ -1842,8 +1826,8 @@ module supra_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
// Validator joins but epoch hasn't ended, so the validator is still pending_active.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, false);
let validator_address = signer::address_of(validator);
assert!(get_validator_state(validator_address) == VALIDATOR_STATUS_PENDING_ACTIVE, 0);
@@ -1867,8 +1851,8 @@ module supra_framework::stake {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
// Add initial stake and join the validator set.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
let validator_address = signer::address_of(validator);
assert_validator_state(validator_address, 100, 0, 0, 0, 0);
@@ -1888,8 +1872,8 @@ module supra_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Add more than 50% limit. This should fail.
mint_and_add_stake(validator, 51);
@@ -1902,8 +1886,8 @@ module supra_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Reward rate = 10%.
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 100);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Unlock half of the coins.
let validator_address = signer::address_of(validator);
@@ -1927,8 +1911,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
let validator_address = signer::address_of(validator);
assert!(get_remaining_lockup_secs(validator_address) == LOCKUP_CYCLE_SECONDS, 0);
@@ -1964,8 +1948,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Validator unlocks more stake than they have active. This should limit the unlock to 100.
unlock(validator, 200);
@@ -1979,8 +1963,8 @@ module supra_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
// Initial balance = 900 (idle) + 100 (staked) = 1000.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
mint(validator, 900);
// Validator unlocks stake.
@@ -2003,8 +1987,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Validator unlocks stake, which gets moved into pending_inactive.
unlock(validator, 50);
@@ -2022,8 +2006,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Validator tries to reactivate more than available pending_inactive stake, which should limit to 50.
unlock(validator, 50);
@@ -2039,8 +2023,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
// Unlock enough coins that the remaining is not enough to meet the min required.
let validator_address = signer::address_of(validator);
@@ -2067,11 +2051,11 @@ module supra_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator, 100, true, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator, 100, true, false);
// We need a second validator here just so the first validator can leave.
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Leave the validator set while still having a lockup.
let validator_address = signer::address_of(validator);
@@ -2111,11 +2095,11 @@ module supra_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator, 100, true, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator, 100, true, false);
// We need a second validator here just so the first validator can leave.
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Leave the validator set while still having a lockup.
let validator_address = signer::address_of(validator);
@@ -2143,11 +2127,11 @@ module supra_framework::stake {
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
// Only 50% voting power increase is allowed in each epoch.
initialize_for_test_custom(supra_framework, 50, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 10, 50);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
// We need a second validator here just so the first validator can leave.
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Validator 1 leaves the validator set. Epoch has not ended so they're still pending_inactive.
leave_validator_set(validator_1, signer::address_of(validator_1));
@@ -2167,13 +2151,13 @@ module supra_framework::stake {
let validator_3_address = signer::address_of(validator_3);
initialize_for_test_custom(supra_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 100, 100);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let pk_1_bytes = bls12381::public_key_to_bytes(&pk_1);
- let (_sk_2, pk_2, pop_2) = generate_identity();
- let (_sk_3, pk_3, pop_3) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
- initialize_test_validator(&pk_3, &pop_3, validator_3, 100, false, false);
+ let (_sk_1, pk_1) = generate_identity();
+ let pk_1_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_1);
+ let (_sk_2, pk_2) = generate_identity();
+ let (_sk_3, pk_3) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, false, false);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
+ initialize_test_validator(&pk_3, validator_3, 100, false, false);
// Validator 1 and 2 join the validator set.
join_validator_set(validator_2, validator_2_address);
@@ -2194,10 +2178,9 @@ module supra_framework::stake {
assert!(validator_config_2.config.validator_index == 1, 5);
// Validator 1 rotates consensus key. Validator 2 leaves. Validator 3 joins.
- let (_sk_1b, pk_1b, pop_1b) = generate_identity();
- let pk_1b_bytes = bls12381::public_key_to_bytes(&pk_1b);
- let pop_1b_bytes = bls12381::proof_of_possession_to_bytes(&pop_1b);
- rotate_consensus_key(validator_1, validator_1_address, pk_1b_bytes, pop_1b_bytes);
+ let (_sk_1b, pk_1b) = generate_identity();
+ let pk_1b_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_1b);
+ rotate_consensus_key(validator_1, validator_1_address, pk_1b_bytes);
leave_validator_set(validator_2, validator_2_address);
join_validator_set(validator_3, validator_3_address);
// Validator 2 is not effectively removed until next epoch.
@@ -2233,8 +2216,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(supra_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, true, 1, 100, 100);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 0, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 0, false, false);
let owner_cap = extract_owner_cap(validator);
// Add stake when the validator is not yet activated.
@@ -2260,10 +2243,9 @@ module supra_framework::stake {
assert_validator_state(pool_address, 0, 0, 0, 0, 0);
// Operator can separately rotate consensus key.
- let (_sk_new, pk_new, pop_new) = generate_identity();
- let pk_new_bytes = bls12381::public_key_to_bytes(&pk_new);
- let pop_new_bytes = bls12381::proof_of_possession_to_bytes(&pop_new);
- rotate_consensus_key(validator, pool_address, pk_new_bytes, pop_new_bytes);
+ let (_sk_new, pk_new) = generate_identity();
+ let pk_new_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_new);
+ rotate_consensus_key(validator, pool_address, pk_new_bytes);
let validator_config = borrow_global(pool_address);
assert!(validator_config.consensus_pubkey == pk_new_bytes, 2);
@@ -2288,8 +2270,8 @@ module supra_framework::stake {
initialize_for_test_custom(supra_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, false, 1, 100, 100);
// Joining the validator set should fail as post genesis validator set change is not allowed.
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
}
#[test(supra_framework = @supra_framework, validator = @0x123)]
@@ -2299,8 +2281,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, SupraCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
join_validator_set(validator, @0x234);
}
@@ -2311,8 +2293,8 @@ module supra_framework::stake {
validator: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test_custom(supra_framework, 100, 10000, LOCKUP_CYCLE_SECONDS, false, 1, 100, 100);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, false, false);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, false, false);
// Bypass the check to join. This is the same function called during Genesis.
let validator_address = signer::address_of(validator);
@@ -2347,17 +2329,17 @@ module supra_framework::stake {
initialize_for_test(supra_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- let (_sk_3, pk_3, pop_3) = generate_identity();
- let (_sk_4, pk_4, pop_4) = generate_identity();
- let (_sk_5, pk_5, pop_5) = generate_identity();
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ let (_sk_3, pk_3) = generate_identity();
+ let (_sk_4, pk_4) = generate_identity();
+ let (_sk_5, pk_5) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, false, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, false, false);
- initialize_test_validator(&pk_3, &pop_3, validator_3, 100, false, false);
- initialize_test_validator(&pk_4, &pop_4, validator_4, 100, false, false);
- initialize_test_validator(&pk_5, &pop_5, validator_5, 100, false, false);
+ initialize_test_validator(&pk_1, validator_1, 100, false, false);
+ initialize_test_validator(&pk_2, validator_2, 100, false, false);
+ initialize_test_validator(&pk_3, validator_3, 100, false, false);
+ initialize_test_validator(&pk_4, validator_4, 100, false, false);
+ initialize_test_validator(&pk_5, validator_5, 100, false, false);
join_validator_set(validator_3, v3_addr);
end_epoch();
@@ -2408,10 +2390,10 @@ module supra_framework::stake {
let validator_2_address = signer::address_of(validator_2);
// Both validators join the set.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
// Validator 2 failed proposal.
let failed_proposer_indices = vector::empty();
@@ -2458,10 +2440,10 @@ module supra_framework::stake {
let validator_2_address = signer::address_of(validator_2);
// Both validators join the set.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 1000, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 10000, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 1000, true, false);
+ initialize_test_validator(&pk_2, validator_2, 10000, true, true);
// One epoch passed. Validator 1 and validator 2 should receive rewards at rewards rate = 1% every epoch.
end_epoch();
@@ -2509,8 +2491,8 @@ module supra_framework::stake {
initialize_for_test(supra_framework);
let validator_address = signer::address_of(validator);
- let (_sk, pk, pop) = generate_identity();
- initialize_test_validator(&pk, &pop, validator, 100, true, true);
+ let (_sk, pk) = generate_identity();
+ initialize_test_validator(&pk, validator, 100, true, true);
let valid_validator_index = borrow_global(validator_address).validator_index;
let out_of_bounds_index = valid_validator_index + 100;
@@ -2565,10 +2547,9 @@ module supra_framework::stake {
// Initialize validator config.
let validator_address = signer::address_of(validator);
- let (_sk_new, pk_new, pop_new) = generate_identity();
- let pk_new_bytes = bls12381::public_key_to_bytes(&pk_new);
- let pop_new_bytes = bls12381::proof_of_possession_to_bytes(&pop_new);
- rotate_consensus_key(validator, validator_address, pk_new_bytes, pop_new_bytes);
+ let (_sk_new, pk_new) = generate_identity();
+ let pk_new_bytes = ed25519::unvalidated_public_key_to_bytes(&pk_new);
+ rotate_consensus_key(validator, validator_address, pk_new_bytes);
// Join the validator set with enough stake. This now wouldn't fail since the validator config already exists.
join_validator_set(validator, validator_address);
@@ -2630,10 +2611,10 @@ module supra_framework::stake {
validator_2: &signer,
) acquires AllowedValidators, OwnerCapability, StakePool, SupraCoinCapabilities, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees {
initialize_for_test(supra_framework);
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, true);
assert!(vector::length(&borrow_global(@supra_framework).active_validators) == 2, 0);
// Remove validator 1 from the active validator set. Only validator 2 remains.
@@ -2753,12 +2734,12 @@ module supra_framework::stake {
let validator_3_address = signer::address_of(validator_3);
// Validators join the set and epoch ends.
- let (_sk_1, pk_1, pop_1) = generate_identity();
- let (_sk_2, pk_2, pop_2) = generate_identity();
- let (_sk_3, pk_3, pop_3) = generate_identity();
- initialize_test_validator(&pk_1, &pop_1, validator_1, 100, true, false);
- initialize_test_validator(&pk_2, &pop_2, validator_2, 100, true, false);
- initialize_test_validator(&pk_3, &pop_3, validator_3, 100, true, true);
+ let (_sk_1, pk_1) = generate_identity();
+ let (_sk_2, pk_2) = generate_identity();
+ let (_sk_3, pk_3) = generate_identity();
+ initialize_test_validator(&pk_1, validator_1, 100, true, false);
+ initialize_test_validator(&pk_2, validator_2, 100, true, false);
+ initialize_test_validator(&pk_3, validator_3, 100, true, true);
// Next, simulate fees collection during three blocks, where proposers are
// validators 1, 2, and 1 again.
diff --git a/aptos-move/framework/supra-framework/sources/stake.spec.move b/aptos-move/framework/supra-framework/sources/stake.spec.move
index 378e5d5013e68e..1d16b10cdac148 100644
--- a/aptos-move/framework/supra-framework/sources/stake.spec.move
+++ b/aptos-move/framework/supra-framework/sources/stake.spec.move
@@ -104,15 +104,13 @@ spec supra_framework::stake {
spec initialize_validator(
account: &signer,
consensus_pubkey: vector,
- proof_of_possession: vector,
network_addresses: vector,
fullnode_addresses: vector,
){
- let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop(
+ let is_public_key_validated = ed25519::spec_public_key_validate_internal(
consensus_pubkey,
- proof_of_possession_from_bytes(proof_of_possession)
);
- aborts_if !option::spec_is_some(pubkey_from_pop);
+ aborts_if !is_public_key_validated;
let addr = signer::address_of(account);
let post_addr = signer::address_of(account);
let allowed = global(@supra_framework);
@@ -357,18 +355,16 @@ spec supra_framework::stake {
operator: &signer,
pool_address: address,
new_consensus_pubkey: vector,
- proof_of_possession: vector,
) {
let pre_stake_pool = global(pool_address);
let post validator_info = global(pool_address);
aborts_if !exists(pool_address);
aborts_if signer::address_of(operator) != pre_stake_pool.operator_address;
aborts_if !exists(pool_address);
- let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop(
+ let is_public_key_validated = ed25519::spec_public_key_validate_internal(
new_consensus_pubkey,
- proof_of_possession_from_bytes(proof_of_possession)
);
- aborts_if !option::spec_is_some(pubkey_from_pop);
+ aborts_if !is_public_key_validated;
modifies global(pool_address);
include StakedValueNochange;
diff --git a/aptos-move/framework/supra-framework/sources/staking_contract.move b/aptos-move/framework/supra-framework/sources/staking_contract.move
index a8ab7aad389c1f..9a6f52518cda77 100644
--- a/aptos-move/framework/supra-framework/sources/staking_contract.move
+++ b/aptos-move/framework/supra-framework/sources/staking_contract.move
@@ -884,8 +884,8 @@ module supra_framework::staking_contract {
assert!(last_recorded_principal(staker_address, operator_address) == INITIAL_BALANCE, 0);
// Operator joins the validator set.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, pool_address, true);
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 1);
// Fast forward to generate rewards.
@@ -981,8 +981,8 @@ module supra_framework::staking_contract {
let pool_address = stake_pool_address(staker_address, operator_address);
// Operator joins the validator set.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, pool_address, true);
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 1);
// Fast forward to generate rewards.
@@ -1009,8 +1009,8 @@ module supra_framework::staking_contract {
let pool_address = stake_pool_address(staker_address, operator_address);
// Operator joins the validator set.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, pool_address, true);
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 1);
// Fast forward to generate rewards.
@@ -1109,8 +1109,8 @@ module supra_framework::staking_contract {
// Join validator set and earn some rewards.
let pool_address = stake_pool_address(staker_address, operator_1_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator_1, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator_1, pool_address, true);
stake::end_epoch();
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 0);
@@ -1217,8 +1217,8 @@ module supra_framework::staking_contract {
assert!(beneficiary_for_operator(operator1_address) == operator1_address, 0);
// Operator joins the validator set.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator1, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator1, pool_address, true);
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 1);
// Set beneficiary.
@@ -1286,8 +1286,8 @@ module supra_framework::staking_contract {
let pool_address = stake_pool_address(staker_address, operator_address);
// Operator joins the validator set so rewards are generated.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, pool_address, true);
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 1);
// Fast forward to generate rewards.
@@ -1369,8 +1369,8 @@ module supra_framework::staking_contract {
let pool_address = stake_pool_address(staker_address, operator_address);
// Operator joins the validator set so rewards are generated.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, pool_address, true);
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 1);
// Fast forward to generate rewards.
@@ -1414,8 +1414,8 @@ module supra_framework::staking_contract {
let pool_address = stake_pool_address(staker_address, operator_address);
// Operator joins the validator set so rewards are generated.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, pool_address, true);
assert!(stake::get_validator_state(pool_address) == VALIDATOR_STATUS_ACTIVE, 1);
// Fast forward to generate rewards.
diff --git a/aptos-move/framework/supra-framework/sources/staking_proxy.move b/aptos-move/framework/supra-framework/sources/staking_proxy.move
index f345455e181a7f..709915dd763071 100644
--- a/aptos-move/framework/supra-framework/sources/staking_proxy.move
+++ b/aptos-move/framework/supra-framework/sources/staking_proxy.move
@@ -100,8 +100,8 @@ module supra_framework::staking_proxy {
let vesting_contract_2 = vesting::setup_vesting_contract(owner, &vector[@12], &vector[INITIAL_BALANCE], owner_address, 0);
vesting::update_operator(owner, vesting_contract_2, operator_2_address, 0);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::initialize_test_validator(&pk, &pop, owner, INITIAL_BALANCE, false, false);
+ let (_sk, pk) = stake::generate_identity();
+ stake::initialize_test_validator(&pk, owner, INITIAL_BALANCE, false, false);
stake::set_operator(owner, operator_1_address);
set_operator(owner, operator_1_address, new_operator_address);
@@ -177,8 +177,8 @@ module supra_framework::staking_proxy {
let vesting_contract_2 = vesting::setup_vesting_contract(owner, &vector[@12], &vector[INITIAL_BALANCE], owner_address, 0);
vesting::update_operator(owner, vesting_contract_2, operator_2_address, 0);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::initialize_test_validator(&pk, &pop, owner, INITIAL_BALANCE, false, false);
+ let (_sk, pk) = stake::generate_identity();
+ stake::initialize_test_validator(&pk, owner, INITIAL_BALANCE, false, false);
set_voter(owner, operator_1_address, new_voter_address);
// Stake pool's voter has been updated.
diff --git a/aptos-move/framework/supra-framework/sources/vesting.move b/aptos-move/framework/supra-framework/sources/vesting.move
index 58b0cba4e16d13..494138af46ae69 100644
--- a/aptos-move/framework/supra-framework/sources/vesting.move
+++ b/aptos-move/framework/supra-framework/sources/vesting.move
@@ -1126,8 +1126,8 @@ module supra_framework::vesting {
stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0);
// The stake pool is still in pending active stake, so unlock_rewards and vest shouldn't do anything.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, false);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, admin, stake_pool_address, false);
assert!(stake::get_validator_state(stake_pool_address) == VALIDATOR_STATUS_PENDING_ACTIVE, 1);
unlock_rewards(contract_address);
vest(contract_address);
@@ -1332,8 +1332,8 @@ module supra_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, admin, stake_pool_address, true);
// Fast forward to the end of the first period. vest() should now unlock 3/48 of the tokens.
timestamp::update_global_time_for_test_secs(vesting_start_secs(contract_address) + VESTING_PERIOD);
@@ -1363,8 +1363,8 @@ module supra_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, admin, stake_pool_address, true);
// Stake pool earns some rewards. unlock_rewards should unlock the right amount.
stake::end_epoch();
@@ -1399,8 +1399,8 @@ module supra_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, stake_pool_address, true);
// Stake pool earns some rewards. unlock_rewards should unlock the right amount.
stake::end_epoch();
@@ -1445,8 +1445,8 @@ module supra_framework::vesting {
// Operator needs to join the validator set for the stake pool to earn rewards.
let stake_pool_address = stake_pool_address(contract_address);
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, stake_pool_address, true);
// Stake pool earns some rewards.
stake::end_epoch();
@@ -1511,8 +1511,8 @@ module supra_framework::vesting {
update_operator(admin, contract_address, operator_address, 10);
// Operator needs to join the validator set for the stake pool to earn rewards.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator, stake_pool_address, true);
stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0);
assert!(get_accumulated_rewards(contract_address) == 0, 0);
assert!(remaining_grant(contract_address) == GRANT_AMOUNT, 0);
@@ -1576,8 +1576,8 @@ module supra_framework::vesting {
assert!(staking_contract::beneficiary_for_operator(operator_address1) == beneficiary_address, 0);
// Operator needs to join the validator set for the stake pool to earn rewards.
- let (_sk, pk, pop) = stake::generate_identity();
- stake::join_validator_set_for_test(&pk, &pop, operator1, stake_pool_address, true);
+ let (_sk, pk) = stake::generate_identity();
+ stake::join_validator_set_for_test(&pk, operator1, stake_pool_address, true);
stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0);
assert!(get_accumulated_rewards(contract_address) == 0, 0);
assert!(remaining_grant(contract_address) == GRANT_AMOUNT, 0);
diff --git a/aptos-move/vm-genesis/src/lib.rs b/aptos-move/vm-genesis/src/lib.rs
index 31fa3486a4f22a..175fc6294763e4 100644
--- a/aptos-move/vm-genesis/src/lib.rs
+++ b/aptos-move/vm-genesis/src/lib.rs
@@ -8,7 +8,7 @@ mod genesis_context;
use crate::genesis_context::GenesisStateView;
use aptos_crypto::{
- bls12381,
+ ed25519,
ed25519::{Ed25519PrivateKey, Ed25519PublicKey},
HashValue, PrivateKey, Uniform,
};
@@ -798,10 +798,8 @@ pub struct Validator {
/// Amount to stake for consensus. Also the intial amount minted to the owner account.
pub stake_amount: u64,
- /// bls12381 public key used to sign consensus messages.
+ /// ed25519 public key used to sign consensus messages.
pub consensus_pubkey: Vec,
- /// Proof of Possession of the consensus pubkey.
- pub proof_of_possession: Vec,
/// `NetworkAddress` for the validator.
pub network_addresses: Vec,
/// `NetworkAddress` for the validator's full node.
@@ -810,7 +808,7 @@ pub struct Validator {
pub struct TestValidator {
pub key: Ed25519PrivateKey,
- pub consensus_key: bls12381::PrivateKey,
+ pub consensus_key: ed25519::PrivateKey,
pub data: Validator,
}
@@ -826,11 +824,8 @@ impl TestValidator {
let key = Ed25519PrivateKey::generate(rng);
let auth_key = AuthenticationKey::ed25519(&key.public_key());
let owner_address = auth_key.account_address();
- let consensus_key = bls12381::PrivateKey::generate(rng);
+ let consensus_key = ed25519::PrivateKey::generate(rng);
let consensus_pubkey = consensus_key.public_key().to_bytes().to_vec();
- let proof_of_possession = bls12381::ProofOfPossession::create(&consensus_key)
- .to_bytes()
- .to_vec();
let network_address = [0u8; 0].to_vec();
let full_node_network_address = [0u8; 0].to_vec();
@@ -842,7 +837,6 @@ impl TestValidator {
let data = Validator {
owner_address,
consensus_pubkey,
- proof_of_possession,
operator_address: owner_address,
voter_address: owner_address,
network_addresses: network_address,
diff --git a/config/src/config/identity_config.rs b/config/src/config/identity_config.rs
index 0d2142574d8340..01fe1297cbaf9a 100644
--- a/config/src/config/identity_config.rs
+++ b/config/src/config/identity_config.rs
@@ -3,7 +3,7 @@
use crate::{config::SecureBackend, keys::ConfigKey};
use aptos_crypto::{
- bls12381,
+ ed25519,
ed25519::Ed25519PrivateKey,
x25519::{self, PRIVATE_KEY_SIZE},
ValidCryptoMaterial,
@@ -29,7 +29,7 @@ pub struct IdentityBlob {
pub account_private_key: Option,
/// Optional consensus key. Only used for validators
#[serde(skip_serializing_if = "Option::is_none")]
- pub consensus_private_key: Option,
+ pub consensus_private_key: Option,
/// Network private key. Peer id is derived from this if account address is not present
pub network_private_key: x25519::PrivateKey,
}
diff --git a/config/src/config/safety_rules_config.rs b/config/src/config/safety_rules_config.rs
index e5e19db1c17e5d..ca675e3e15ee59 100644
--- a/config/src/config/safety_rules_config.rs
+++ b/config/src/config/safety_rules_config.rs
@@ -12,7 +12,7 @@ use crate::{
keys::ConfigKey,
};
use anyhow::bail;
-use aptos_crypto::{bls12381, Uniform};
+use aptos_crypto::{ed25519, Uniform};
use aptos_types::{chain_id::ChainId, network_address::NetworkAddress, waypoint::Waypoint, PeerId};
use rand::rngs::StdRng;
use serde::{Deserialize, Serialize};
@@ -203,7 +203,7 @@ impl RemoteService {
#[derive(Clone, Debug, Deserialize, PartialEq, Serialize)]
pub struct SafetyRulesTestConfig {
pub author: PeerId,
- pub consensus_key: Option>,
+ pub consensus_key: Option>,
pub waypoint: Option,
}
@@ -216,13 +216,13 @@ impl SafetyRulesTestConfig {
}
}
- pub fn consensus_key(&mut self, key: bls12381::PrivateKey) {
+ pub fn consensus_key(&mut self, key: ed25519::PrivateKey) {
self.consensus_key = Some(ConfigKey::new(key));
}
pub fn random_consensus_key(&mut self, rng: &mut StdRng) {
- let privkey = bls12381::PrivateKey::generate(rng);
- self.consensus_key = Some(ConfigKey::::new(privkey));
+ let privkey = ed25519::PrivateKey::generate(rng);
+ self.consensus_key = Some(ConfigKey::::new(privkey));
}
}
diff --git a/consensus/consensus-types/src/block.rs b/consensus/consensus-types/src/block.rs
index 392eb2b277f5a5..0ea1d38b023a10 100644
--- a/consensus/consensus-types/src/block.rs
+++ b/consensus/consensus-types/src/block.rs
@@ -9,7 +9,7 @@ use crate::{
};
use anyhow::{bail, ensure, format_err};
use aptos_bitvec::BitVec;
-use aptos_crypto::{bls12381, hash::CryptoHash, HashValue};
+use aptos_crypto::{ed25519, hash::CryptoHash, HashValue};
use aptos_infallible::duration_since_epoch;
use aptos_types::{
account_address::AccountAddress,
@@ -51,7 +51,7 @@ pub struct Block {
block_data: BlockData,
/// Signature that the hash of this block has been authored by the owner of the private key,
/// this is only set within Proposal blocks
- signature: Option,
+ signature: Option,
}
impl fmt::Debug for Block {
@@ -128,7 +128,7 @@ impl Block {
self.block_data.round()
}
- pub fn signature(&self) -> Option<&bls12381::Signature> {
+ pub fn signature(&self) -> Option<&ed25519::Signature> {
self.signature.as_ref()
}
@@ -186,7 +186,7 @@ impl Block {
pub fn new_for_testing(
id: HashValue,
block_data: BlockData,
- signature: Option,
+ signature: Option,
) -> Self {
Block {
id,
@@ -296,7 +296,7 @@ impl Block {
pub fn new_proposal_from_block_data_and_signature(
block_data: BlockData,
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
) -> Self {
Block {
id: block_data.hash(),
@@ -509,7 +509,7 @@ impl<'de> Deserialize<'de> for Block {
#[serde(rename = "Block")]
struct BlockWithoutId {
block_data: BlockData,
- signature: Option,
+ signature: Option,
}
let BlockWithoutId {
diff --git a/consensus/consensus-types/src/block_test_utils.rs b/consensus/consensus-types/src/block_test_utils.rs
index 402af52c48d623..facd0049aaa3e3 100644
--- a/consensus/consensus-types/src/block_test_utils.rs
+++ b/consensus/consensus-types/src/block_test_utils.rs
@@ -11,7 +11,7 @@ use crate::{
vote_data::VoteData,
};
use aptos_crypto::{
- bls12381,
+ ed25519,
ed25519::Ed25519PrivateKey,
hash::{CryptoHash, HashValue},
PrivateKey, Uniform,
@@ -155,7 +155,7 @@ prop_compose! {
/// vector
fn block_forest_from_keys(
depth: u32,
- key_pairs: Vec,
+ key_pairs: Vec,
) -> impl Strategy {
let leaf = leaf_strategy().prop_map(|block| vec![block]);
// Note that having `expected_branch_size` of 1 seems to generate significantly larger trees
@@ -170,7 +170,7 @@ fn block_forest_from_keys(
pub fn block_forest_and_its_keys(
quorum_size: usize,
depth: u32,
-) -> impl Strategy, LinearizedBlockForest)> {
+) -> impl Strategy, LinearizedBlockForest)> {
proptest::collection::vec(proptests::arb_signing_key(), quorum_size).prop_flat_map(
move |private_key| {
(
diff --git a/consensus/consensus-types/src/pipeline/commit_vote.rs b/consensus/consensus-types/src/pipeline/commit_vote.rs
index a7ab26d07b271a..593f9c6097b206 100644
--- a/consensus/consensus-types/src/pipeline/commit_vote.rs
+++ b/consensus/consensus-types/src/pipeline/commit_vote.rs
@@ -4,7 +4,7 @@
use crate::common::{Author, Round};
use anyhow::Context;
-use aptos_crypto::{bls12381, CryptoMaterialError};
+use aptos_crypto::{ed25519, CryptoMaterialError};
use aptos_short_hex_str::AsShortHexStr;
use aptos_types::{
block_info::BlockInfo, ledger_info::LedgerInfo, validator_signer::ValidatorSigner,
@@ -17,7 +17,7 @@ use std::fmt::{Debug, Display, Formatter};
pub struct CommitVote {
author: Author,
ledger_info: LedgerInfo,
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
}
// this is required by structured log
@@ -57,7 +57,7 @@ impl CommitVote {
pub fn new_with_signature(
author: Author,
ledger_info: LedgerInfo,
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
) -> Self {
Self {
author,
@@ -77,7 +77,7 @@ impl CommitVote {
}
/// Return the signature of the vote
- pub fn signature(&self) -> &bls12381::Signature {
+ pub fn signature(&self) -> &ed25519::Signature {
&self.signature
}
diff --git a/consensus/consensus-types/src/proof_of_store.rs b/consensus/consensus-types/src/proof_of_store.rs
index 08c5c53946d432..1e5a0cd8317e7d 100644
--- a/consensus/consensus-types/src/proof_of_store.rs
+++ b/consensus/consensus-types/src/proof_of_store.rs
@@ -2,7 +2,7 @@
// SPDX-License-Identifier: Apache-2.0
use anyhow::{bail, ensure, Context};
-use aptos_crypto::{bls12381, CryptoMaterialError, HashValue};
+use aptos_crypto::{ed25519, CryptoMaterialError, HashValue};
use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher};
use aptos_types::{
aggregate_signature::AggregateSignature, validator_signer::ValidatorSigner,
@@ -191,7 +191,7 @@ impl SignedBatchInfoMsg {
pub struct SignedBatchInfo {
info: BatchInfo,
signer: PeerId,
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
}
impl SignedBatchInfo {
@@ -237,7 +237,7 @@ impl SignedBatchInfo {
Ok(validator.verify(self.signer, &self.info, &self.signature)?)
}
- pub fn signature(self) -> bls12381::Signature {
+ pub fn signature(self) -> ed25519::Signature {
self.signature
}
diff --git a/consensus/consensus-types/src/timeout_2chain.rs b/consensus/consensus-types/src/timeout_2chain.rs
index 9fc0ced6f3c50f..e69c7cc8e9d0c5 100644
--- a/consensus/consensus-types/src/timeout_2chain.rs
+++ b/consensus/consensus-types/src/timeout_2chain.rs
@@ -4,7 +4,7 @@
use crate::{common::Author, quorum_cert::QuorumCert};
use anyhow::ensure;
-use aptos_crypto::{bls12381, CryptoMaterialError};
+use aptos_crypto::{ed25519, CryptoMaterialError};
use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher};
use aptos_types::{
account_address::AccountAddress,
@@ -60,7 +60,7 @@ impl TwoChainTimeout {
pub fn sign(
&self,
signer: &ValidatorSigner,
- ) -> Result {
+ ) -> Result {
signer.sign(&self.signing_format())
}
@@ -234,12 +234,7 @@ impl TwoChainTimeoutWithPartialSignatures {
}
/// Add a new timeout message from author, the timeout should already be verified in upper layer.
- pub fn add(
- &mut self,
- author: Author,
- timeout: TwoChainTimeout,
- signature: bls12381::Signature,
- ) {
+ pub fn add(&mut self, author: Author, timeout: TwoChainTimeout, signature: ed25519::Signature) {
debug_assert_eq!(
self.timeout.epoch(),
timeout.epoch(),
@@ -281,11 +276,11 @@ impl TwoChainTimeoutWithPartialSignatures {
/// timeout aggregation.
#[derive(Debug, Clone, Eq, PartialEq)]
pub struct PartialSignaturesWithRound {
- signatures: BTreeMap,
+ signatures: BTreeMap,
}
impl PartialSignaturesWithRound {
- pub fn new(signatures: BTreeMap) -> Self {
+ pub fn new(signatures: BTreeMap) -> Self {
Self { signatures }
}
@@ -293,7 +288,7 @@ impl PartialSignaturesWithRound {
Self::new(BTreeMap::new())
}
- pub fn signatures(&self) -> &BTreeMap {
+ pub fn signatures(&self) -> &BTreeMap {
&self.signatures
}
@@ -302,7 +297,7 @@ impl PartialSignaturesWithRound {
&mut self,
validator: AccountAddress,
round: Round,
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
) {
self.signatures.insert(validator, (round, signature));
}
@@ -316,7 +311,7 @@ impl PartialSignaturesWithRound {
&mut self,
validator: AccountAddress,
round: Round,
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
) {
self.signatures
.entry(validator)
@@ -397,7 +392,7 @@ mod tests {
quorum_cert::QuorumCert,
timeout_2chain::{TwoChainTimeout, TwoChainTimeoutWithPartialSignatures},
};
- use aptos_crypto::bls12381;
+ use aptos_crypto::ed25519;
#[test]
fn test_2chain_timeout_certificate() {
@@ -465,7 +460,7 @@ mod tests {
invalid_timeout_cert.signatures.replace_signature(
signers[0].author(),
0,
- bls12381::Signature::dummy_signature(),
+ ed25519::Signature::dummy_signature(),
);
let invalid_tc_with_sig = invalid_timeout_cert
diff --git a/consensus/consensus-types/src/vote.rs b/consensus/consensus-types/src/vote.rs
index 8d5868a06c3b16..f5f463fcc91889 100644
--- a/consensus/consensus-types/src/vote.rs
+++ b/consensus/consensus-types/src/vote.rs
@@ -6,7 +6,7 @@ use crate::{
common::Author, quorum_cert::QuorumCert, timeout_2chain::TwoChainTimeout, vote_data::VoteData,
};
use anyhow::{ensure, Context};
-use aptos_crypto::{bls12381, hash::CryptoHash, CryptoMaterialError};
+use aptos_crypto::{ed25519, hash::CryptoHash, CryptoMaterialError};
use aptos_short_hex_str::AsShortHexStr;
use aptos_types::{
ledger_info::LedgerInfo, validator_signer::ValidatorSigner,
@@ -28,9 +28,9 @@ pub struct Vote {
/// LedgerInfo of a block that is going to be committed in case this vote gathers QC.
ledger_info: LedgerInfo,
/// Signature of the LedgerInfo
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
/// The 2-chain timeout and corresponding signature.
- two_chain_timeout: Option<(TwoChainTimeout, bls12381::Signature)>,
+ two_chain_timeout: Option<(TwoChainTimeout, ed25519::Signature)>,
}
// this is required by structured log
@@ -77,7 +77,7 @@ impl Vote {
vote_data: VoteData,
author: Author,
ledger_info: LedgerInfo,
- signature: bls12381::Signature,
+ signature: ed25519::Signature,
) -> Self {
Self {
vote_data,
@@ -89,7 +89,7 @@ impl Vote {
}
/// Add the 2-chain timeout and signature in the vote.
- pub fn add_2chain_timeout(&mut self, timeout: TwoChainTimeout, signature: bls12381::Signature) {
+ pub fn add_2chain_timeout(&mut self, timeout: TwoChainTimeout, signature: ed25519::Signature) {
self.two_chain_timeout = Some((timeout, signature));
}
@@ -108,7 +108,7 @@ impl Vote {
}
/// Return the signature of the vote
- pub fn signature(&self) -> &bls12381::Signature {
+ pub fn signature(&self) -> &ed25519::Signature {
&self.signature
}
@@ -127,7 +127,7 @@ impl Vote {
}
/// Return the two chain timeout vote and signature.
- pub fn two_chain_timeout(&self) -> Option<&(TwoChainTimeout, bls12381::Signature)> {
+ pub fn two_chain_timeout(&self) -> Option<&(TwoChainTimeout, ed25519::Signature)> {
self.two_chain_timeout.as_ref()
}
diff --git a/consensus/safety-rules/src/fuzzing_utils.rs b/consensus/safety-rules/src/fuzzing_utils.rs
index c6e2b505571b8d..b3eec904e98bb9 100644
--- a/consensus/safety-rules/src/fuzzing_utils.rs
+++ b/consensus/safety-rules/src/fuzzing_utils.rs
@@ -16,7 +16,7 @@ use aptos_consensus_types::{
vote_proposal::VoteProposal,
};
use aptos_crypto::{
- bls12381,
+ ed25519,
hash::{HashValue, TransactionAccumulatorHasher},
test_utils::TEST_SEED,
traits::{SigningKey, Uniform},
@@ -68,7 +68,7 @@ prop_compose! {
) -> Block {
let signature = if include_signature {
let mut rng = StdRng::from_seed(TEST_SEED);
- let private_key = bls12381::PrivateKey::generate(&mut rng);
+ let private_key = ed25519::PrivateKey::generate(&mut rng);
let signature = private_key.sign(&block_data).unwrap();
Some(signature)
} else {
@@ -243,7 +243,7 @@ pub mod fuzzing {
block_data::BlockData, timeout_2chain::TwoChainTimeout, vote::Vote,
vote_proposal::VoteProposal,
};
- use aptos_crypto::bls12381;
+ use aptos_crypto::ed25519;
use aptos_types::epoch_change::EpochChangeProof;
pub fn fuzz_initialize(proof: EpochChangeProof) -> Result<(), Error> {
@@ -272,14 +272,14 @@ pub mod fuzzing {
}
}
- pub fn fuzz_sign_proposal(block_data: &BlockData) -> Result {
+ pub fn fuzz_sign_proposal(block_data: &BlockData) -> Result {
let mut safety_rules = test_utils::test_safety_rules();
safety_rules.sign_proposal(block_data)
}
pub fn fuzz_sign_timeout_with_qc(
timeout: TwoChainTimeout,
- ) -> Result {
+ ) -> Result {
let mut safety_rules = test_utils::test_safety_rules();
safety_rules.sign_timeout_with_qc(&timeout, None)
}
diff --git a/consensus/safety-rules/src/local_client.rs b/consensus/safety-rules/src/local_client.rs
index 7994ef7fbe8239..3bf7687dfa0d86 100644
--- a/consensus/safety-rules/src/local_client.rs
+++ b/consensus/safety-rules/src/local_client.rs
@@ -9,7 +9,7 @@ use aptos_consensus_types::{
vote::Vote,
vote_proposal::VoteProposal,
};
-use aptos_crypto::bls12381;
+use aptos_crypto::ed25519;
use aptos_infallible::RwLock;
use aptos_types::{
epoch_change::EpochChangeProof,
@@ -39,7 +39,7 @@ impl TSafetyRules for LocalClient {
self.internal.write().initialize(proof)
}
- fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
+ fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
self.internal.write().sign_proposal(block_data)
}
@@ -47,7 +47,7 @@ impl TSafetyRules for LocalClient {
&mut self,
timeout: &TwoChainTimeout,
timeout_cert: Option<&TwoChainTimeoutCertificate>,
- ) -> Result {
+ ) -> Result {
self.internal
.write()
.sign_timeout_with_qc(timeout, timeout_cert)
@@ -67,7 +67,7 @@ impl TSafetyRules for LocalClient {
&mut self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result {
+ ) -> Result {
self.internal
.write()
.sign_commit_vote(ledger_info, new_ledger_info)
diff --git a/consensus/safety-rules/src/persistent_safety_storage.rs b/consensus/safety-rules/src/persistent_safety_storage.rs
index b5823970402bf9..10ecb2725c84d4 100644
--- a/consensus/safety-rules/src/persistent_safety_storage.rs
+++ b/consensus/safety-rules/src/persistent_safety_storage.rs
@@ -8,7 +8,7 @@ use crate::{
Error,
};
use aptos_consensus_types::{common::Author, safety_data::SafetyData};
-use aptos_crypto::{bls12381, PrivateKey};
+use aptos_crypto::{ed25519, PrivateKey};
use aptos_global_constants::{CONSENSUS_KEY, OWNER_ACCOUNT, SAFETY_DATA, WAYPOINT};
use aptos_logger::prelude::*;
use aptos_secure_storage::{KVStorage, Storage};
@@ -34,7 +34,7 @@ impl PersistentSafetyStorage {
pub fn initialize(
mut internal_store: Storage,
author: Author,
- consensus_private_key: bls12381::PrivateKey,
+ consensus_private_key: ed25519::PrivateKey,
waypoint: Waypoint,
enable_cached_safety_data: bool,
) -> Self {
@@ -64,7 +64,7 @@ impl PersistentSafetyStorage {
fn initialize_keys_and_accounts(
internal_store: &mut Storage,
author: Author,
- consensus_private_key: bls12381::PrivateKey,
+ consensus_private_key: ed25519::PrivateKey,
) -> Result<(), Error> {
let result = internal_store.set(CONSENSUS_KEY, consensus_private_key);
// Attempting to re-initialize existing storage. This can happen in environments like
@@ -98,10 +98,10 @@ impl PersistentSafetyStorage {
pub fn consensus_key_for_version(
&self,
- version: bls12381::PublicKey,
- ) -> Result {
+ version: ed25519::PublicKey,
+ ) -> Result {
let _timer = counters::start_timer("get", CONSENSUS_KEY);
- let key: bls12381::PrivateKey = self.internal_store.get(CONSENSUS_KEY).map(|v| v.value)?;
+ let key: ed25519::PrivateKey = self.internal_store.get(CONSENSUS_KEY).map(|v| v.value)?;
if key.public_key() != version {
return Err(Error::SecureStorageMissingDataError(format!(
"PrivateKey for {:?} not found",
diff --git a/consensus/safety-rules/src/safety_rules.rs b/consensus/safety-rules/src/safety_rules.rs
index 60b0b8cc27a055..78bb4c15e742cc 100644
--- a/consensus/safety-rules/src/safety_rules.rs
+++ b/consensus/safety-rules/src/safety_rules.rs
@@ -20,7 +20,7 @@ use aptos_consensus_types::{
vote_data::VoteData,
vote_proposal::VoteProposal,
};
-use aptos_crypto::{bls12381, hash::CryptoHash};
+use aptos_crypto::{ed25519, hash::CryptoHash};
use aptos_logger::prelude::*;
use aptos_types::{
epoch_change::EpochChangeProof,
@@ -80,7 +80,7 @@ impl SafetyRules {
pub(crate) fn sign(
&self,
message: &T,
- ) -> Result {
+ ) -> Result {
let signer = self.signer()?;
signer
.sign(message)
@@ -302,7 +302,7 @@ impl SafetyRules {
fn guarded_sign_proposal(
&mut self,
block_data: &BlockData,
- ) -> Result {
+ ) -> Result {
self.signer()?;
self.verify_author(block_data.author())?;
@@ -329,7 +329,7 @@ impl SafetyRules {
&mut self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result {
+ ) -> Result {
self.signer()?;
let old_ledger_info = ledger_info.ledger_info();
@@ -373,7 +373,7 @@ impl TSafetyRules for SafetyRules {
run_and_log(cb, |log| log, LogEntry::Initialize)
}
- fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
+ fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
let round = block_data.round();
let cb = || self.guarded_sign_proposal(block_data);
run_and_log(cb, |log| log.round(round), LogEntry::SignProposal)
@@ -383,7 +383,7 @@ impl TSafetyRules for SafetyRules {
&mut self,
timeout: &TwoChainTimeout,
timeout_cert: Option<&TwoChainTimeoutCertificate>,
- ) -> Result {
+ ) -> Result {
let cb = || self.guarded_sign_timeout_with_qc(timeout, timeout_cert);
run_and_log(
cb,
@@ -410,7 +410,7 @@ impl TSafetyRules for SafetyRules {
&mut self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result {
+ ) -> Result {
let cb = || self.guarded_sign_commit_vote(ledger_info, new_ledger_info);
run_and_log(cb, |log| log, LogEntry::SignCommitVote)
}
diff --git a/consensus/safety-rules/src/safety_rules_2chain.rs b/consensus/safety-rules/src/safety_rules_2chain.rs
index b3ac49c1fde749..53397b02e0fadd 100644
--- a/consensus/safety-rules/src/safety_rules_2chain.rs
+++ b/consensus/safety-rules/src/safety_rules_2chain.rs
@@ -10,7 +10,7 @@ use aptos_consensus_types::{
vote::Vote,
vote_proposal::VoteProposal,
};
-use aptos_crypto::{bls12381, hash::CryptoHash, HashValue};
+use aptos_crypto::{ed25519, hash::CryptoHash, HashValue};
use aptos_types::{block_info::BlockInfo, ledger_info::LedgerInfo};
/// 2-chain safety rules implementation
@@ -19,7 +19,7 @@ impl SafetyRules {
&mut self,
timeout: &TwoChainTimeout,
timeout_cert: Option<&TwoChainTimeoutCertificate>,
- ) -> Result {
+ ) -> Result {
self.signer()?;
let mut safety_data = self.persistent_storage.safety_data()?;
self.verify_epoch(timeout.epoch(), &safety_data)?;
diff --git a/consensus/safety-rules/src/safety_rules_manager.rs b/consensus/safety-rules/src/safety_rules_manager.rs
index c73664be47344a..5652f40b159e3b 100644
--- a/consensus/safety-rules/src/safety_rules_manager.rs
+++ b/consensus/safety-rules/src/safety_rules_manager.rs
@@ -13,7 +13,7 @@ use crate::{
};
use anyhow::anyhow;
use aptos_config::config::{InitialSafetyRulesConfig, SafetyRulesConfig, SafetyRulesService};
-use aptos_crypto::bls12381::PrivateKey;
+use aptos_crypto::ed25519::PrivateKey;
use aptos_global_constants::CONSENSUS_KEY;
use aptos_infallible::RwLock;
use aptos_secure_storage::{KVStorage, Storage};
diff --git a/consensus/safety-rules/src/serializer.rs b/consensus/safety-rules/src/serializer.rs
index 2cef5bce865ec1..8c877088c4db22 100644
--- a/consensus/safety-rules/src/serializer.rs
+++ b/consensus/safety-rules/src/serializer.rs
@@ -9,7 +9,7 @@ use aptos_consensus_types::{
vote::Vote,
vote_proposal::VoteProposal,
};
-use aptos_crypto::bls12381;
+use aptos_crypto::ed25519;
use aptos_infallible::RwLock;
use aptos_types::{
epoch_change::EpochChangeProof,
@@ -107,7 +107,7 @@ impl TSafetyRules for SerializerClient {
serde_json::from_slice(&response)?
}
- fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
+ fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
let _timer = counters::start_timer("external", LogEntry::SignProposal.as_str());
let response =
self.request(SafetyRulesInput::SignProposal(Box::new(block_data.clone())))?;
@@ -118,7 +118,7 @@ impl TSafetyRules for SerializerClient {
&mut self,
timeout: &TwoChainTimeout,
timeout_cert: Option<&TwoChainTimeoutCertificate>,
- ) -> Result {
+ ) -> Result {
let _timer = counters::start_timer("external", LogEntry::SignTimeoutWithQC.as_str());
let response = self.request(SafetyRulesInput::SignTimeoutWithQC(
Box::new(timeout.clone()),
@@ -145,7 +145,7 @@ impl TSafetyRules for SerializerClient {
&mut self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result {
+ ) -> Result {
let _timer = counters::start_timer("external", LogEntry::SignCommitVote.as_str());
let response = self.request(SafetyRulesInput::SignCommitVote(
Box::new(ledger_info),
diff --git a/consensus/safety-rules/src/t_safety_rules.rs b/consensus/safety-rules/src/t_safety_rules.rs
index 33cc1d59b204cc..56691920c52bdb 100644
--- a/consensus/safety-rules/src/t_safety_rules.rs
+++ b/consensus/safety-rules/src/t_safety_rules.rs
@@ -9,7 +9,7 @@ use aptos_consensus_types::{
vote::Vote,
vote_proposal::VoteProposal,
};
-use aptos_crypto::bls12381;
+use aptos_crypto::ed25519;
use aptos_types::{
epoch_change::EpochChangeProof,
ledger_info::{LedgerInfo, LedgerInfoWithSignatures},
@@ -29,14 +29,14 @@ pub trait TSafetyRules {
/// As the holder of the private key, SafetyRules also signs proposals or blocks.
/// A Block is a signed BlockData along with some additional metadata.
- fn sign_proposal(&mut self, block_data: &BlockData) -> Result;
+ fn sign_proposal(&mut self, block_data: &BlockData) -> Result;
/// Sign the timeout together with highest qc for 2-chain protocol.
fn sign_timeout_with_qc(
&mut self,
timeout: &TwoChainTimeout,
timeout_cert: Option<&TwoChainTimeoutCertificate>,
- ) -> Result;
+ ) -> Result;
/// Attempts to vote for a given proposal following the 2-chain protocol.
fn construct_and_sign_vote_two_chain(
@@ -51,5 +51,5 @@ pub trait TSafetyRules {
&mut self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result;
+ ) -> Result;
}
diff --git a/consensus/src/consensusdb/consensusdb_test.rs b/consensus/src/consensusdb/consensusdb_test.rs
index ee29113093421f..94bebba0ba6735 100644
--- a/consensus/src/consensusdb/consensusdb_test.rs
+++ b/consensus/src/consensusdb/consensusdb_test.rs
@@ -8,7 +8,7 @@ use aptos_consensus_types::{
block::block_test_utils::certificate_for_genesis,
common::{Author, Payload},
};
-use aptos_crypto::bls12381::Signature;
+use aptos_crypto::ed25519::Signature;
use aptos_temppath::TempPath;
use aptos_types::aggregate_signature::AggregateSignature;
use std::{collections::HashMap, hash::Hash};
diff --git a/consensus/src/dag/commit_signer.rs b/consensus/src/dag/commit_signer.rs
index 6aa06d19d7ae34..e80e382ffec59a 100644
--- a/consensus/src/dag/commit_signer.rs
+++ b/consensus/src/dag/commit_signer.rs
@@ -1,7 +1,7 @@
// Copyright © Aptos Foundation
use crate::pipeline::signing_phase::CommitSignerProvider;
-use aptos_crypto::bls12381;
+use aptos_crypto::ed25519;
use aptos_types::validator_signer::ValidatorSigner;
use std::sync::Arc;
@@ -20,7 +20,7 @@ impl CommitSignerProvider for DagCommitSigner {
&self,
_ledger_info: aptos_types::ledger_info::LedgerInfoWithSignatures,
new_ledger_info: aptos_types::ledger_info::LedgerInfo,
- ) -> Result {
+ ) -> Result {
let signature = self
.signer
.sign(&new_ledger_info)
diff --git a/consensus/src/dag/types.rs b/consensus/src/dag/types.rs
index 9963bdb89df238..11339884d2389d 100644
--- a/consensus/src/dag/types.rs
+++ b/consensus/src/dag/types.rs
@@ -13,7 +13,7 @@ use crate::{
use anyhow::{bail, ensure};
use aptos_consensus_types::common::{Author, Payload, Round};
use aptos_crypto::{
- bls12381::Signature,
+ ed25519::Signature,
hash::{CryptoHash, CryptoHasher},
CryptoMaterialError, HashValue,
};
diff --git a/consensus/src/liveness/leader_reputation_test.rs b/consensus/src/liveness/leader_reputation_test.rs
index 89739eb208fa54..4fbaf5a56ace43 100644
--- a/consensus/src/liveness/leader_reputation_test.rs
+++ b/consensus/src/liveness/leader_reputation_test.rs
@@ -13,7 +13,7 @@ use crate::liveness::{
};
use aptos_bitvec::BitVec;
use aptos_consensus_types::common::{Author, Round};
-use aptos_crypto::{bls12381, HashValue};
+use aptos_crypto::{ed25519, HashValue};
use aptos_infallible::Mutex;
use aptos_keygen::KeyGen;
use aptos_storage_interface::DbReader;
@@ -646,7 +646,7 @@ fn test_extract_epoch_to_proposers_impl() {
fn create_epoch_state(
epoch: u64,
authors: &[Author],
- public_key: &bls12381::PublicKey,
+ public_key: &ed25519::PublicKey,
) -> EpochState {
EpochState {
epoch,
@@ -659,8 +659,8 @@ fn test_extract_epoch_to_proposers_impl() {
}
}
- let private_key = KeyGen::from_os_rng().generate_bls12381_private_key();
- let public_key = bls12381::PublicKey::from(&private_key);
+ let private_key = KeyGen::from_os_rng().generate_ed25519_private_key();
+ let public_key = ed25519::PublicKey::from(&private_key);
let authors: Vec = (0..7).map(|_| AccountAddress::random()).sorted().collect();
let epoch_states = (0..7)
diff --git a/consensus/src/metrics_safety_rules.rs b/consensus/src/metrics_safety_rules.rs
index d49d2dbf12465f..7a0f54b90e5408 100644
--- a/consensus/src/metrics_safety_rules.rs
+++ b/consensus/src/metrics_safety_rules.rs
@@ -12,7 +12,7 @@ use aptos_consensus_types::{
vote::Vote,
vote_proposal::VoteProposal,
};
-use aptos_crypto::bls12381;
+use aptos_crypto::ed25519;
use aptos_infallible::Mutex;
use aptos_logger::prelude::info;
use aptos_safety_rules::{ConsensusState, Error, TSafetyRules};
@@ -93,7 +93,7 @@ impl TSafetyRules for MetricsSafetyRules {
monitor!("safety_rules", self.inner.initialize(proof))
}
- fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
+ fn sign_proposal(&mut self, block_data: &BlockData) -> Result {
self.retry(|inner| monitor!("safety_rules", inner.sign_proposal(block_data)))
}
@@ -101,7 +101,7 @@ impl TSafetyRules for MetricsSafetyRules {
&mut self,
timeout: &TwoChainTimeout,
timeout_cert: Option<&TwoChainTimeoutCertificate>,
- ) -> Result {
+ ) -> Result {
self.retry(|inner| {
monitor!(
"safety_rules",
@@ -127,7 +127,7 @@ impl TSafetyRules for MetricsSafetyRules {
&mut self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result {
+ ) -> Result {
self.retry(|inner| {
monitor!(
"safety_rules",
@@ -142,7 +142,7 @@ impl CommitSignerProvider for Mutex {
&self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result {
+ ) -> Result {
self.lock().sign_commit_vote(ledger_info, new_ledger_info)
}
}
@@ -156,7 +156,7 @@ mod tests {
vote::Vote,
vote_proposal::VoteProposal,
};
- use aptos_crypto::bls12381;
+ use aptos_crypto::ed25519;
use aptos_safety_rules::{ConsensusState, Error, TSafetyRules};
use aptos_types::{
epoch_change::EpochChangeProof,
@@ -207,7 +207,7 @@ mod tests {
self.last_init_result.clone()
}
- fn sign_proposal(&mut self, _: &BlockData) -> Result {
+ fn sign_proposal(&mut self, _: &BlockData) -> Result {
unimplemented!()
}
@@ -215,7 +215,7 @@ mod tests {
&mut self,
_: &TwoChainTimeout,
_: Option<&TwoChainTimeoutCertificate>,
- ) -> Result {
+ ) -> Result {
unimplemented!()
}
@@ -231,7 +231,7 @@ mod tests {
&mut self,
_: LedgerInfoWithSignatures,
_: LedgerInfo,
- ) -> Result {
+ ) -> Result {
unimplemented!()
}
}
diff --git a/consensus/src/pipeline/buffer_item.rs b/consensus/src/pipeline/buffer_item.rs
index d92d62eb71f99d..8f78c5bbf28336 100644
--- a/consensus/src/pipeline/buffer_item.rs
+++ b/consensus/src/pipeline/buffer_item.rs
@@ -7,7 +7,7 @@ use anyhow::anyhow;
use aptos_consensus_types::{
common::Author, executed_block::ExecutedBlock, pipeline::commit_vote::CommitVote,
};
-use aptos_crypto::{bls12381, HashValue};
+use aptos_crypto::{ed25519, HashValue};
use aptos_executor_types::ExecutorResult;
use aptos_logger::prelude::*;
use aptos_reliable_broadcast::DropGuard;
@@ -228,7 +228,7 @@ impl BufferItem {
}
}
- pub fn advance_to_signed(self, author: Author, signature: bls12381::Signature) -> Self {
+ pub fn advance_to_signed(self, author: Author, signature: ed25519::Signature) -> Self {
match self {
Self::Executed(executed_item) => {
let ExecutedItem {
diff --git a/consensus/src/pipeline/signing_phase.rs b/consensus/src/pipeline/signing_phase.rs
index 8482b2c37fa720..58d084bad0dd94 100644
--- a/consensus/src/pipeline/signing_phase.rs
+++ b/consensus/src/pipeline/signing_phase.rs
@@ -3,7 +3,7 @@
// SPDX-License-Identifier: Apache-2.0
use crate::pipeline::pipeline_phase::StatelessPipeline;
-use aptos_crypto::bls12381;
+use aptos_crypto::ed25519;
use aptos_safety_rules::Error;
use aptos_types::ledger_info::{LedgerInfo, LedgerInfoWithSignatures};
use async_trait::async_trait;
@@ -43,11 +43,11 @@ pub trait CommitSignerProvider: Send + Sync {
&self,
ledger_info: LedgerInfoWithSignatures,
new_ledger_info: LedgerInfo,
- ) -> Result;
+ ) -> Result;
}
pub struct SigningResponse {
- pub signature_result: Result,
+ pub signature_result: Result,
pub commit_ledger_info: LedgerInfo,
}
diff --git a/consensus/src/quorum_store/proof_coordinator.rs b/consensus/src/quorum_store/proof_coordinator.rs
index d0eab1129d3c6b..b0dad18db8176c 100644
--- a/consensus/src/quorum_store/proof_coordinator.rs
+++ b/consensus/src/quorum_store/proof_coordinator.rs
@@ -12,7 +12,7 @@ use crate::{
use aptos_consensus_types::proof_of_store::{
BatchInfo, ProofOfStore, SignedBatchInfo, SignedBatchInfoError, SignedBatchInfoMsg,
};
-use aptos_crypto::{bls12381, HashValue};
+use aptos_crypto::{ed25519, HashValue};
use aptos_logger::prelude::*;
use aptos_types::{
aggregate_signature::PartialSignatures, validator_verifier::ValidatorVerifier, PeerId,
@@ -36,7 +36,7 @@ pub(crate) enum ProofCoordinatorCommand {
struct IncrementalProofState {
info: BatchInfo,
- aggregated_signature: BTreeMap,
+ aggregated_signature: BTreeMap,
aggregated_voting_power: u128,
self_voted: bool,
completed: bool,
diff --git a/consensus/src/rand/rand_gen/types.rs b/consensus/src/rand/rand_gen/types.rs
index f3d4009ce66f37..aafe6d97b1695a 100644
--- a/consensus/src/rand/rand_gen/types.rs
+++ b/consensus/src/rand/rand_gen/types.rs
@@ -3,7 +3,7 @@
use anyhow::ensure;
use aptos_consensus_types::common::{Author, Round};
-use aptos_crypto::bls12381::Signature;
+use aptos_crypto::ed25519::Signature;
use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher};
use aptos_types::{
aggregate_signature::AggregateSignature,
diff --git a/crates/aptos-crypto/benches/hash.rs b/crates/aptos-crypto/benches/hash.rs
index e72ce1dd2716b3..c4d5b429cbe572 100644
--- a/crates/aptos-crypto/benches/hash.rs
+++ b/crates/aptos-crypto/benches/hash.rs
@@ -4,7 +4,7 @@
#[macro_use]
extern crate criterion;
-use aptos_crypto::{bls12381::DST_BLS_SIG_IN_G2_WITH_POP, test_utils::random_bytes};
+use aptos_crypto::test_utils::random_bytes;
use blake2::{
digest::{Update, VariableOutput},
Blake2bVar,
@@ -41,8 +41,6 @@ fn bench_group(c: &mut Criterion) {
sha2_256(&mut group, n);
sha2_512(&mut group, n);
sha3_256(&mut group, n);
- hash_to_g1(&mut group, n, DST_BLS_SIG_IN_G2_WITH_POP);
- hash_to_g2(&mut group, n, DST_BLS_SIG_IN_G2_WITH_POP);
keccak256(&mut group, n);
blake2_blake2b_256(&mut group, n);
blake2_rfc_blake2b_256(&mut group, n);
diff --git a/crates/aptos-crypto/src/ed25519/ed25519_keys.rs b/crates/aptos-crypto/src/ed25519/ed25519_keys.rs
index fc32132590f7e6..8b5f4c1c1818a7 100644
--- a/crates/aptos-crypto/src/ed25519/ed25519_keys.rs
+++ b/crates/aptos-crypto/src/ed25519/ed25519_keys.rs
@@ -125,6 +125,11 @@ impl Ed25519PublicKey {
.ok_or(CryptoMaterialError::DeserializationError)?;
Ed25519PublicKey::try_from(&ed_point.compress().as_bytes()[..])
}
+
+ /// TODO
+ pub fn aggregate(_pub_keys: Vec<&Ed25519PublicKey>) -> anyhow::Result {
+ todo!()
+ }
}
///////////////////////
diff --git a/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs b/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs
index 4c1d9438c83a09..fe563594daa586 100644
--- a/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs
+++ b/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs
@@ -83,6 +83,20 @@ impl Ed25519Signature {
// As this stage S == L which implies a non canonical S.
false
}
+
+ /// TODO
+ pub fn aggregate(_sigs: Vec) -> anyhow::Result {
+ todo!()
+ }
+
+ /// TODO
+ pub fn verify_aggregate(
+ &self,
+ _messages: &[&T],
+ _x: &[&Ed25519PublicKey],
+ ) -> anyhow::Result<()> {
+ todo!()
+ }
}
//////////////////////
diff --git a/crates/aptos-dkg/src/pvss/contribution.rs b/crates/aptos-dkg/src/pvss/contribution.rs
index 66db50110c7e7e..6f003b182b3736 100644
--- a/crates/aptos-dkg/src/pvss/contribution.rs
+++ b/crates/aptos-dkg/src/pvss/contribution.rs
@@ -5,7 +5,7 @@ use crate::{
utils::HasMultiExp,
};
use anyhow::bail;
-use aptos_crypto::bls12381;
+use aptos_crypto::ed25519;
use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher};
use blstrs::Scalar;
use group::Group;
@@ -22,13 +22,13 @@ pub struct Contribution {
pub aux: A,
}
-pub type SoK = (Player, Gr, bls12381::Signature, schnorr::PoK);
+pub type SoK = (Player, Gr, ed25519::Signature, schnorr::PoK);
pub fn batch_verify_soks(
soks: &[SoK],
pk_base: &Gr,
pk: &Gr,
- spks: &Vec,
+ spks: &Vec,
aux: &Vec,
tau: &Scalar,
) -> anyhow::Result<()>
@@ -91,11 +91,11 @@ where
let pks = spks
.iter()
.map(|pk| pk)
- .collect::>();
- let sig = bls12381::Signature::aggregate(
+ .collect::>();
+ let sig = ed25519::Signature::aggregate(
soks.iter()
.map(|(_, _, sig, _)| sig.clone())
- .collect::>(),
+ .collect::>(),
)?;
sig.verify_aggregate(&msgs_refs[..], &pks[..])?;
diff --git a/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs b/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs
index e83435a41e452e..4359a1f33aab4d 100644
--- a/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs
+++ b/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs
@@ -18,7 +18,7 @@ use crate::{
},
};
use anyhow::bail;
-use aptos_crypto::{bls12381, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial};
+use aptos_crypto::{ed25519, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial};
use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher};
use blstrs::{G1Projective, G2Projective, Gt};
use group::Group;
@@ -78,8 +78,8 @@ impl traits::Transcript for Transcript {
type InputSecret = pvss::input_secret::InputSecret;
type PublicParameters = das::PublicParameters;
type SecretSharingConfig = ThresholdConfig;
- type SigningPubKey = bls12381::PublicKey;
- type SigningSecretKey = bls12381::PrivateKey;
+ type SigningPubKey = ed25519::PublicKey;
+ type SigningSecretKey = ed25519::PrivateKey;
fn scheme_name() -> String {
DAS_SK_IN_G1.to_string()
@@ -282,7 +282,7 @@ impl traits::Transcript for Transcript {
where
R: rand_core::RngCore + rand_core::CryptoRng,
{
- let sk = bls12381::PrivateKey::genesis();
+ let sk = ed25519::PrivateKey::genesis();
Transcript {
soks: vec![(
sc.get_player(0),
@@ -320,11 +320,11 @@ impl MalleableTranscript for Transcript {
impl Transcript {
pub fn sign_contribution(
- sk: &bls12381::PrivateKey,
+ sk: &ed25519::PrivateKey,
player: &Player,
aux: &A,
comm: &G2Projective,
- ) -> bls12381::Signature {
+ ) -> ed25519::Signature {
sk.sign(&Contribution:: {
comm: *comm,
player: *player,
diff --git a/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs b/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs
index aa52b91584f171..95f3c19b7e5f9f 100644
--- a/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs
+++ b/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs
@@ -19,7 +19,7 @@ use crate::{
},
};
use anyhow::bail;
-use aptos_crypto::{bls12381, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial};
+use aptos_crypto::{ed25519, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial};
use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher};
use blstrs::{pairing, G1Affine, G1Projective, G2Affine, G2Projective, Gt};
use group::{Curve, Group};
@@ -92,8 +92,8 @@ impl traits::Transcript for Transcript {
type InputSecret = pvss::input_secret::InputSecret;
type PublicParameters = das::PublicParameters;
type SecretSharingConfig = WeightedConfig;
- type SigningPubKey = bls12381::PublicKey;
- type SigningSecretKey = bls12381::PrivateKey;
+ type SigningPubKey = ed25519::PublicKey;
+ type SigningSecretKey = ed25519::PrivateKey;
fn scheme_name() -> String {
WEIGHTED_DAS_SK_IN_G1.to_string()
@@ -365,7 +365,7 @@ impl traits::Transcript for Transcript {
R: rand_core::RngCore + rand_core::CryptoRng,
{
let W = sc.get_total_weight();
- let sk = bls12381::PrivateKey::genesis();
+ let sk = ed25519::PrivateKey::genesis();
Transcript {
soks: vec![(
sc.get_player(0),
@@ -513,11 +513,11 @@ impl MalleableTranscript for Transcript {
impl Transcript {
pub fn sign_contribution(
- sk: &bls12381::PrivateKey,
+ sk: &ed25519::PrivateKey,
player: &Player,
aux: &A,
comm: &G1Projective,
- ) -> bls12381::Signature {
+ ) -> ed25519::Signature {
sk.sign(&Contribution:: {
comm: *comm,
player: *player,
diff --git a/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs b/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs
index 28da3261b2da22..b241f5ac43098e 100644
--- a/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs
+++ b/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs
@@ -14,7 +14,7 @@ use crate::{
},
};
use anyhow::bail;
-use aptos_crypto::{bls12381, CryptoMaterialError, ValidCryptoMaterial};
+use aptos_crypto::{ed25519, CryptoMaterialError, ValidCryptoMaterial};
use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher};
use blstrs::{G2Projective, Scalar};
use rand::thread_rng;
@@ -61,8 +61,8 @@ impl traits::Transcript for Transcript {
type InputSecret = pvss::input_secret::InputSecret;
type PublicParameters = das::PublicParameters;
type SecretSharingConfig = ThresholdConfig;
- type SigningPubKey = bls12381::PublicKey;
- type SigningSecretKey = bls12381::PrivateKey;
+ type SigningPubKey = ed25519::PublicKey;
+ type SigningSecretKey = ed25519::PrivateKey;
fn scheme_name() -> String {
"insecure_field_pvss".to_string()
diff --git a/crates/aptos-genesis/src/builder.rs b/crates/aptos-genesis/src/builder.rs
index 2f9992df2358a6..88003866eb8700 100644
--- a/crates/aptos-genesis/src/builder.rs
+++ b/crates/aptos-genesis/src/builder.rs
@@ -18,7 +18,6 @@ use aptos_config::{
network_id::NetworkId,
};
use aptos_crypto::{
- bls12381,
ed25519::{Ed25519PrivateKey, Ed25519PublicKey},
PrivateKey,
};
@@ -212,9 +211,6 @@ impl TryFrom<&ValidatorNodeConfig> for ValidatorConfiguration {
voter_account_address: private_identity.account_address.into(),
voter_account_public_key: private_identity.account_private_key.public_key(),
consensus_public_key: Some(private_identity.consensus_private_key.public_key()),
- proof_of_possession: Some(bls12381::ProofOfPossession::create(
- &private_identity.consensus_private_key,
- )),
validator_network_public_key: Some(
private_identity.validator_network_private_key.public_key(),
),
diff --git a/crates/aptos-genesis/src/config.rs b/crates/aptos-genesis/src/config.rs
index 28fdc92e85957a..37b49c5bb9c2cb 100644
--- a/crates/aptos-genesis/src/config.rs
+++ b/crates/aptos-genesis/src/config.rs
@@ -2,7 +2,7 @@
// SPDX-License-Identifier: Apache-2.0
use aptos_config::config::HANDSHAKE_VERSION;
-use aptos_crypto::{bls12381, ed25519::Ed25519PublicKey, x25519};
+use aptos_crypto::{ed25519, ed25519::Ed25519PublicKey, x25519};
use aptos_types::{
account_address::{AccountAddress, AccountAddressWithChecks},
chain_id::ChainId,
@@ -130,10 +130,7 @@ pub struct ValidatorConfiguration {
pub voter_account_public_key: Ed25519PublicKey,
/// Key used for signing in consensus
#[serde(skip_serializing_if = "Option::is_none")]
- pub consensus_public_key: Option,
- /// Corresponding proof of possession of consensus public key
- #[serde(skip_serializing_if = "Option::is_none")]
- pub proof_of_possession: Option,
+ pub consensus_public_key: Option,
/// Public key used for validator network identity (same as account address)
#[serde(skip_serializing_if = "Option::is_none")]
pub validator_network_public_key: Option,
@@ -237,18 +234,12 @@ impl TryFrom for Validator {
} else {
vec![]
};
- let proof_of_possession = if let Some(pop) = config.proof_of_possession {
- pop.to_bytes().to_vec()
- } else {
- vec![]
- };
Ok(Validator {
owner_address,
operator_address,
voter_address,
consensus_pubkey,
- proof_of_possession,
network_addresses: bcs::to_bytes(&validator_addresses).unwrap(),
full_node_network_addresses: bcs::to_bytes(&full_node_addresses).unwrap(),
stake_amount: config.stake_amount,
@@ -345,8 +336,7 @@ pub struct OwnerConfiguration {
pub struct OperatorConfiguration {
pub operator_account_address: AccountAddressWithChecks,
pub operator_account_public_key: Ed25519PublicKey,
- pub consensus_public_key: bls12381::PublicKey,
- pub consensus_proof_of_possession: bls12381::ProofOfPossession,
+ pub consensus_public_key: ed25519::PublicKey,
pub validator_network_public_key: x25519::PublicKey,
pub validator_host: HostAndPort,
pub full_node_network_public_key: Option,
@@ -585,9 +575,6 @@ impl TryFrom for Vec {
if pool.validator.consensus_public_key.is_none() {
errors.push(anyhow::anyhow!("Employee pool #{} is setup to join during genesis but missing a consensus public key", i));
}
- if pool.validator.proof_of_possession.is_none() {
- errors.push(anyhow::anyhow!("Employee pool #{} is setup to join during genesis but missing a proof of possession", i));
- }
if pool.validator.validator_host.is_none() {
errors.push(anyhow::anyhow!(
"Employee pool #{} is setup to join during genesis but missing a validator host",
diff --git a/crates/aptos-genesis/src/keys.rs b/crates/aptos-genesis/src/keys.rs
index 26df4ffd425e2a..194a429ddbb6b7 100644
--- a/crates/aptos-genesis/src/keys.rs
+++ b/crates/aptos-genesis/src/keys.rs
@@ -3,7 +3,7 @@
use aptos_config::{config::IdentityBlob, keys::ConfigKey};
use aptos_crypto::{
- bls12381,
+ ed25519,
ed25519::{Ed25519PrivateKey, Ed25519PublicKey},
x25519, PrivateKey,
};
@@ -16,7 +16,7 @@ use serde::{Deserialize, Serialize};
pub struct PrivateIdentity {
pub account_address: AccountAddress,
pub account_private_key: Ed25519PrivateKey,
- pub consensus_private_key: bls12381::PrivateKey,
+ pub consensus_private_key: ed25519::PrivateKey,
pub full_node_network_private_key: x25519::PrivateKey,
pub validator_network_private_key: x25519::PrivateKey,
}
@@ -26,8 +26,7 @@ pub struct PrivateIdentity {
pub struct PublicIdentity {
pub account_address: AccountAddress,
pub account_public_key: Ed25519PublicKey,
- pub consensus_public_key: Option,
- pub consensus_proof_of_possession: Option,
+ pub consensus_public_key: Option,
pub full_node_network_public_key: Option,
pub validator_network_public_key: Option,
}
@@ -37,7 +36,7 @@ pub fn generate_key_objects(
keygen: &mut KeyGen,
) -> anyhow::Result<(IdentityBlob, IdentityBlob, PrivateIdentity, PublicIdentity)> {
let account_key = ConfigKey::new(keygen.generate_ed25519_private_key());
- let consensus_key = ConfigKey::new(keygen.generate_bls12381_private_key());
+ let consensus_key = ConfigKey::new(keygen.generate_ed25519_private_key());
let validator_network_key = ConfigKey::new(keygen.generate_x25519_private_key()?);
let full_node_network_key = ConfigKey::new(keygen.generate_x25519_private_key()?);
@@ -69,9 +68,6 @@ pub fn generate_key_objects(
account_address,
account_public_key: account_key.public_key(),
consensus_public_key: Some(private_identity.consensus_private_key.public_key()),
- consensus_proof_of_possession: Some(bls12381::ProofOfPossession::create(
- &private_identity.consensus_private_key,
- )),
full_node_network_public_key: Some(full_node_network_key.public_key()),
validator_network_public_key: Some(validator_network_key.public_key()),
};
diff --git a/crates/aptos-jwk-consensus/src/epoch_manager.rs b/crates/aptos-jwk-consensus/src/epoch_manager.rs
index d07ad2fd6b3e09..33d62221ae71c3 100644
--- a/crates/aptos-jwk-consensus/src/epoch_manager.rs
+++ b/crates/aptos-jwk-consensus/src/epoch_manager.rs
@@ -11,7 +11,7 @@ use anyhow::Result;
use aptos_bounded_executor::BoundedExecutor;
use aptos_channels::{aptos_channel, message_queues::QueueStyle};
use aptos_consensus_types::common::Author;
-use aptos_crypto::bls12381::PrivateKey;
+use aptos_crypto::ed25519::PrivateKey;
use aptos_event_notifications::{
EventNotification, EventNotificationListener, ReconfigNotification,
ReconfigNotificationListener,
diff --git a/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs b/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs
index 746508ce59a330..ac9856d35268bf 100644
--- a/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs
+++ b/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs
@@ -8,7 +8,7 @@ use crate::{
};
use anyhow::{anyhow, bail, Result};
use aptos_channels::{aptos_channel, message_queues::QueueStyle};
-use aptos_crypto::{bls12381::PrivateKey, SigningKey};
+use aptos_crypto::{ed25519::PrivateKey, SigningKey};
use aptos_logger::{debug, error, info};
use aptos_types::{
account_address::AccountAddress,
diff --git a/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs b/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs
index d113a71622b66d..319f2ef75c7645 100644
--- a/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs
+++ b/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs
@@ -9,7 +9,7 @@ use crate::{
use aptos_bitvec::BitVec;
use aptos_channels::aptos_channel;
use aptos_crypto::{
- bls12381::{PrivateKey, PublicKey, Signature},
+ ed25519::{PrivateKey, PublicKey, Signature},
hash::CryptoHash,
SigningKey, Uniform,
};
diff --git a/crates/aptos-jwk-consensus/src/lib.rs b/crates/aptos-jwk-consensus/src/lib.rs
index 2d23907e396dd6..f88e5a0b2f33a1 100644
--- a/crates/aptos-jwk-consensus/src/lib.rs
+++ b/crates/aptos-jwk-consensus/src/lib.rs
@@ -4,7 +4,7 @@ use crate::{
epoch_manager::EpochManager, network::NetworkTask,
network_interface::JWKConsensusNetworkClient, types::JWKConsensusMsg,
};
-use aptos_crypto::bls12381::PrivateKey;
+use aptos_crypto::ed25519::PrivateKey;
use aptos_event_notifications::{
DbBackedOnChainConfig, EventNotificationListener, ReconfigNotificationListener,
};
diff --git a/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs b/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs
index 07878fbc3a6547..5fc4d48b6b803b 100644
--- a/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs
+++ b/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs
@@ -4,7 +4,7 @@ use crate::{
observation_aggregation::ObservationAggregationState,
types::{ObservedUpdate, ObservedUpdateResponse},
};
-use aptos_crypto::{bls12381, SigningKey, Uniform};
+use aptos_crypto::{ed25519, SigningKey, Uniform};
use aptos_reliable_broadcast::BroadcastStatus;
use aptos_types::{
epoch_state::EpochState,
@@ -25,11 +25,11 @@ fn test_observation_aggregation_state() {
let addrs: Vec = (0..num_validators)
.map(|_| AccountAddress::random())
.collect();
- let private_keys: Vec = (0..num_validators)
- .map(|_| bls12381::PrivateKey::generate_for_testing())
+ let private_keys: Vec = (0..num_validators)
+ .map(|_| ed25519::PrivateKey::generate_for_testing())
.collect();
- let public_keys: Vec = (0..num_validators)
- .map(|i| bls12381::PublicKey::from(&private_keys[i]))
+ let public_keys: Vec = (0..num_validators)
+ .map(|i| ed25519::PublicKey::from(&private_keys[i]))
.collect();
let voting_powers = [1, 1, 1, 6, 6]; // total voting power: 15, default threshold: 11
let validator_infos: Vec = (0..num_validators)
diff --git a/crates/aptos-jwk-consensus/src/types.rs b/crates/aptos-jwk-consensus/src/types.rs
index 31223ec4c746fd..74f4901875598f 100644
--- a/crates/aptos-jwk-consensus/src/types.rs
+++ b/crates/aptos-jwk-consensus/src/types.rs
@@ -1,6 +1,6 @@
// Copyright © Aptos Foundation
-use aptos_crypto::bls12381::Signature;
+use aptos_crypto::ed25519::Signature;
use aptos_enum_conversion_derive::EnumConversion;
use aptos_reliable_broadcast::RBMessage;
use aptos_types::{
diff --git a/crates/aptos-keygen/src/lib.rs b/crates/aptos-keygen/src/lib.rs
index d176b461c62e4f..4ad921f44e51d6 100644
--- a/crates/aptos-keygen/src/lib.rs
+++ b/crates/aptos-keygen/src/lib.rs
@@ -2,7 +2,6 @@
// SPDX-License-Identifier: Apache-2.0
use aptos_crypto::{
- bls12381,
ed25519::{Ed25519PrivateKey, Ed25519PublicKey},
x25519, CryptoMaterialError, PrivateKey, Uniform,
};
@@ -35,11 +34,6 @@ impl KeyGen {
Ed25519PrivateKey::generate(&mut self.0)
}
- /// Generate a bls12381 private key.
- pub fn generate_bls12381_private_key(&mut self) -> bls12381::PrivateKey {
- bls12381::PrivateKey::generate(&mut self.0)
- }
-
/// Generate an Ed25519 key pair.
pub fn generate_ed25519_keypair(&mut self) -> (Ed25519PrivateKey, Ed25519PublicKey) {
let private_key = self.generate_ed25519_private_key();
diff --git a/crates/aptos-telemetry-service/src/validator_cache.rs b/crates/aptos-telemetry-service/src/validator_cache.rs
index 554e533d3b2d8c..53afae31d1a384 100644
--- a/crates/aptos-telemetry-service/src/validator_cache.rs
+++ b/crates/aptos-telemetry-service/src/validator_cache.rs
@@ -178,7 +178,7 @@ impl PeerSetCacheUpdater {
mod tests {
use super::PeerSetCacheUpdater;
use aptos_crypto::{
- bls12381::{PrivateKey, PublicKey},
+ ed25519::{PrivateKey, PublicKey},
test_utils::KeyPair,
Uniform,
};
diff --git a/crates/aptos/src/genesis/keys.rs b/crates/aptos/src/genesis/keys.rs
index d4b619f6d04e5c..5bb0ebae7272a3 100644
--- a/crates/aptos/src/genesis/keys.rs
+++ b/crates/aptos/src/genesis/keys.rs
@@ -209,17 +209,6 @@ impl CliCommand<()> for SetValidatorConfiguration {
)));
};
- let consensus_proof_of_possession = if let Some(consensus_proof_of_possession) =
- operator_identity.consensus_proof_of_possession
- {
- consensus_proof_of_possession
- } else {
- return Err(CliError::CommandArgumentError(format!(
- "Failed to read consensus proof of possession from public identity file {}",
- operator_keys_file.display()
- )));
- };
-
// Only add the public key if there is a full node
let full_node_network_public_key = if self.full_node_host.is_some() {
operator_identity.full_node_network_public_key
@@ -232,7 +221,6 @@ impl CliCommand<()> for SetValidatorConfiguration {
operator_account_address: operator_identity.account_address.into(),
operator_account_public_key: operator_identity.account_public_key.clone(),
consensus_public_key,
- consensus_proof_of_possession,
validator_network_public_key,
validator_host: self.validator_host,
full_node_network_public_key,
diff --git a/crates/aptos/src/genesis/mod.rs b/crates/aptos/src/genesis/mod.rs
index 9c9155645175b1..0c19a7d43756c4 100644
--- a/crates/aptos/src/genesis/mod.rs
+++ b/crates/aptos/src/genesis/mod.rs
@@ -19,7 +19,7 @@ use crate::{
CliCommand, CliResult,
};
use aptos_crypto::{
- bls12381, ed25519::ED25519_PUBLIC_KEY_LENGTH, x25519, ValidCryptoMaterial,
+ ed25519, ed25519::ED25519_PUBLIC_KEY_LENGTH, x25519, ValidCryptoMaterial,
ValidCryptoMaterialStringExt,
};
use aptos_genesis::{
@@ -198,7 +198,6 @@ pub fn fetch_mainnet_genesis_info(git_options: GitOptions) -> CliTypedResult CliTypedResult CliTypedResult,
unique_accounts: &mut BTreeSet,
unique_network_keys: &mut HashSet,
- unique_consensus_keys: &mut HashSet,
- unique_consensus_pops: &mut HashSet,
+ unique_consensus_keys: &mut HashSet,
unique_hosts: &mut HashSet,
seen_owners: &mut BTreeMap,
is_pooled_validator: bool,
@@ -747,22 +735,6 @@ fn validate_validators(
)));
}
- if validator.proof_of_possession.is_none() {
- errors.push(CliError::UnexpectedError(format!(
- "Validator {} does not have a consensus proof of possession, though it's joining during genesis",
- name
- )));
- }
- if !unique_consensus_pops
- .insert(validator.proof_of_possession.as_ref().unwrap().clone())
- {
- errors.push(CliError::UnexpectedError(format!(
- "Validator {} has a repeated a consensus proof of possessions {}",
- name,
- validator.proof_of_possession.as_ref().unwrap()
- )));
- }
-
match (
validator.full_node_host.as_ref(),
validator.full_node_network_public_key.as_ref(),
@@ -832,12 +804,6 @@ fn validate_validators(
name
)));
}
- if validator.proof_of_possession.is_some() {
- errors.push(CliError::UnexpectedError(format!(
- "Validator {} has a consensus proof of possession, but it is *NOT* joining during genesis",
- name
- )));
- }
if validator.full_node_network_public_key.is_some() {
errors.push(CliError::UnexpectedError(format!(
"Validator {} has a full node public key, but it is *NOT* joining during genesis",
diff --git a/crates/aptos/src/genesis/tests.rs b/crates/aptos/src/genesis/tests.rs
index bb270e6ef85274..e67c37cccf5acc 100644
--- a/crates/aptos/src/genesis/tests.rs
+++ b/crates/aptos/src/genesis/tests.rs
@@ -382,7 +382,6 @@ async fn create_employee_vesting_accounts_file(
voter_account_address: admin_identity.account_address.into(),
voter_account_public_key: admin_identity.account_public_key,
consensus_public_key: operator_identity.consensus_public_key,
- proof_of_possession: operator_identity.consensus_proof_of_possession,
validator_network_public_key: operator_identity.validator_network_public_key,
validator_host: Some(HostAndPort::from_str("localhost:8080").unwrap()),
full_node_network_public_key: operator_identity.full_node_network_public_key,
@@ -400,7 +399,6 @@ async fn create_employee_vesting_accounts_file(
voter_account_address: admin_identity.account_address.into(),
voter_account_public_key: admin_identity.account_public_key,
consensus_public_key: None,
- proof_of_possession: None,
validator_network_public_key: None,
validator_host: None,
full_node_network_public_key: None,
diff --git a/crates/aptos/src/node/mod.rs b/crates/aptos/src/node/mod.rs
index 83d32e501d0102..a5511e088c9e8a 100644
--- a/crates/aptos/src/node/mod.rs
+++ b/crates/aptos/src/node/mod.rs
@@ -25,7 +25,7 @@ use aptos_backup_cli::{
utils::GlobalRestoreOpt,
};
use aptos_cached_packages::aptos_stdlib;
-use aptos_crypto::{bls12381, bls12381::PublicKey, x25519, ValidCryptoMaterialStringExt};
+use aptos_crypto::{ed25519, ed25519::PublicKey, x25519, ValidCryptoMaterialStringExt};
use aptos_genesis::config::{HostAndPort, OperatorConfiguration};
use aptos_logger::Level;
use aptos_network_checker::args::{
@@ -135,22 +135,16 @@ impl OperatorConfigFileArgs {
pub struct ValidatorConsensusKeyArgs {
/// Hex encoded Consensus public key
///
- /// The key should be a BLS12-381 public key
- #[clap(long, value_parser = bls12381::PublicKey::from_encoded_string)]
- pub(crate) consensus_public_key: Option,
-
- /// Hex encoded Consensus proof of possession
- ///
- /// The key should be a BLS12-381 proof of possession
- #[clap(long, value_parser = bls12381::ProofOfPossession::from_encoded_string)]
- pub(crate) proof_of_possession: Option,
+ /// The key should be an ed25519 public key
+ #[clap(long, value_parser = ed25519::PublicKey::from_encoded_string)]
+ pub(crate) consensus_public_key: Option