From ea54481a6fffe4d732bd6e4560cc83215606e73f Mon Sep 17 00:00:00 2001 From: so-kkroy22 Date: Sat, 4 May 2024 18:29:56 +0530 Subject: [PATCH] github test --- .github/workflows/move.yml | 15 + .github/workflows/rust.yml | 22 + aptos-move/e2e-move-tests/src/stake.rs | 13 +- aptos-move/e2e-move-tests/src/tests/gas.rs | 13 +- .../framework/aptos-framework/doc/genesis.md | 7 - .../framework/aptos-framework/doc/stake.md | 391 +++++++++--------- .../sources/aptos_governance.move | 16 +- .../sources/delegation_pool.move | 16 +- .../aptos-framework/sources/genesis.move | 2 - .../aptos-framework/sources/stake.move | 67 ++- .../aptos-framework/sources/stake.spec.move | 12 +- .../aptos-framework/sources/vesting.move | 4 +- .../src/aptos_framework_sdk_builder.rs | 27 +- .../supra-framework/sources/genesis.move | 2 - .../supra-framework/sources/stake.move | 37 +- .../supra-framework/sources/stake.spec.move | 12 +- .../supra-framework/sources/vesting.move | 4 +- aptos-move/vm-genesis/src/lib.rs | 14 +- config/src/config/identity_config.rs | 4 +- config/src/config/safety_rules_config.rs | 10 +- consensus/consensus-types/src/block.rs | 12 +- .../consensus-types/src/block_test_utils.rs | 6 +- .../src/pipeline/commit_vote.rs | 8 +- .../consensus-types/src/proof_of_store.rs | 6 +- .../consensus-types/src/timeout_2chain.rs | 25 +- consensus/consensus-types/src/vote.rs | 14 +- consensus/safety-rules/src/fuzzing_utils.rs | 10 +- consensus/safety-rules/src/local_client.rs | 8 +- .../src/persistent_safety_storage.rs | 12 +- consensus/safety-rules/src/safety_rules.rs | 14 +- .../safety-rules/src/safety_rules_2chain.rs | 4 +- .../safety-rules/src/safety_rules_manager.rs | 2 +- consensus/safety-rules/src/serializer.rs | 8 +- consensus/safety-rules/src/t_safety_rules.rs | 8 +- consensus/src/consensusdb/consensusdb_test.rs | 2 +- consensus/src/dag/commit_signer.rs | 4 +- consensus/src/dag/types.rs | 2 +- .../src/liveness/leader_reputation_test.rs | 8 +- consensus/src/metrics_safety_rules.rs | 18 +- consensus/src/pipeline/buffer_item.rs | 4 +- consensus/src/pipeline/signing_phase.rs | 6 +- .../src/quorum_store/proof_coordinator.rs | 4 +- consensus/src/rand/rand_gen/types.rs | 2 +- crates/aptos-crypto/benches/hash.rs | 4 +- .../aptos-crypto/src/ed25519/ed25519_keys.rs | 5 + .../aptos-crypto/src/ed25519/ed25519_sigs.rs | 14 + crates/aptos-dkg/src/pvss/contribution.rs | 12 +- .../src/pvss/das/unweighted_protocol.rs | 12 +- .../src/pvss/das/weighted_protocol.rs | 12 +- .../src/pvss/insecure_field/transcript.rs | 6 +- crates/aptos-genesis/src/builder.rs | 4 - crates/aptos-genesis/src/config.rs | 19 +- crates/aptos-genesis/src/keys.rs | 12 +- .../aptos-jwk-consensus/src/epoch_manager.rs | 2 +- .../src/jwk_manager/mod.rs | 2 +- .../src/jwk_manager/tests.rs | 2 +- crates/aptos-jwk-consensus/src/lib.rs | 2 +- .../src/observation_aggregation/tests.rs | 10 +- crates/aptos-jwk-consensus/src/types.rs | 2 +- crates/aptos-keygen/src/lib.rs | 6 - .../src/validator_cache.rs | 2 +- crates/aptos/src/genesis/keys.rs | 12 - crates/aptos/src/genesis/mod.rs | 40 +- crates/aptos/src/genesis/tests.rs | 2 - crates/aptos/src/node/mod.rs | 40 +- crates/aptos/src/op/key.rs | 48 +-- crates/aptos/src/test/mod.rs | 10 +- dkg/src/dkg_manager/tests.rs | 2 +- dkg/src/transcript_aggregation/tests.rs | 10 +- network/discovery/src/validator_set.rs | 6 +- testsuite/generate-format/src/api.rs | 6 +- testsuite/generate-format/src/aptos.rs | 6 +- testsuite/generate-format/src/consensus.rs | 4 +- .../smoke-test/src/aptos_cli/validator.rs | 18 +- types/src/aggregate_signature.rs | 16 +- types/src/dkg/dummy_dkg/mod.rs | 8 +- types/src/dkg/dummy_dkg/tests.rs | 18 +- types/src/ledger_info.rs | 8 +- types/src/proptest_types.rs | 19 +- types/src/validator_config.rs | 6 +- types/src/validator_info.rs | 6 +- types/src/validator_signer.rs | 32 +- types/src/validator_verifier.rs | 13 +- 83 files changed, 558 insertions(+), 775 deletions(-) create mode 100644 .github/workflows/move.yml create mode 100644 .github/workflows/rust.yml diff --git a/.github/workflows/move.yml b/.github/workflows/move.yml new file mode 100644 index 00000000000000..62d4f8f67734e1 --- /dev/null +++ b/.github/workflows/move.yml @@ -0,0 +1,15 @@ +name: Move + +on: + push: + branches: [ ] + pull_request: + branches: [ ] + +env: + CARGO_TERM_COLOR: always + +jobs: + build: + + runs-on: ubuntu-latest diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml new file mode 100644 index 00000000000000..97f73f3d57d558 --- /dev/null +++ b/.github/workflows/rust.yml @@ -0,0 +1,22 @@ +name: Rust + +on: + push: + branches: [ ] + pull_request: + branches: [ ] + +env: + CARGO_TERM_COLOR: always + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Build + run: cargo build --verbose + - name: Run tests + run: cargo test --verbose diff --git a/aptos-move/e2e-move-tests/src/stake.rs b/aptos-move/e2e-move-tests/src/stake.rs index 566e94023ad49c..2f2af49f05d79c 100644 --- a/aptos-move/e2e-move-tests/src/stake.rs +++ b/aptos-move/e2e-move-tests/src/stake.rs @@ -3,7 +3,7 @@ use crate::harness::MoveHarness; use aptos_cached_packages::aptos_stdlib; -use aptos_crypto::{bls12381, PrivateKey, Uniform}; +use aptos_crypto::{ed25519, PrivateKey, Uniform}; use aptos_language_e2e_tests::account::Account; use aptos_types::{ account_address::AccountAddress, account_config::CORE_CODE_ADDRESS, @@ -76,18 +76,11 @@ pub fn rotate_consensus_key( account: &Account, pool_address: AccountAddress, ) -> TransactionStatus { - let consensus_key = bls12381::PrivateKey::generate_for_testing(); + let consensus_key = ed25519::PrivateKey::generate_for_testing(); let consensus_pubkey = consensus_key.public_key().to_bytes().to_vec(); - let proof_of_possession = bls12381::ProofOfPossession::create(&consensus_key) - .to_bytes() - .to_vec(); harness.run_transaction_payload( account, - aptos_stdlib::stake_rotate_consensus_key( - pool_address, - consensus_pubkey, - proof_of_possession, - ), + aptos_stdlib::stake_rotate_consensus_key(pool_address, consensus_pubkey), ) } diff --git a/aptos-move/e2e-move-tests/src/tests/gas.rs b/aptos-move/e2e-move-tests/src/tests/gas.rs index 3b542a2614c97a..627588d07d8f20 100644 --- a/aptos-move/e2e-move-tests/src/tests/gas.rs +++ b/aptos-move/e2e-move-tests/src/tests/gas.rs @@ -12,7 +12,7 @@ use crate::{ MoveHarness, }; use aptos_cached_packages::{aptos_stdlib, aptos_token_sdk_builder}; -use aptos_crypto::{bls12381, PrivateKey, Uniform}; +use aptos_crypto::{ed25519, PrivateKey, Uniform}; use aptos_gas_profiling::TransactionGasLog; use aptos_types::{ account_address::{default_stake_pool_address, AccountAddress}, @@ -145,20 +145,13 @@ fn test_gas() { ), ); let pool_address = default_stake_pool_address(account_1_address, account_2_address); - let consensus_key = bls12381::PrivateKey::generate_for_testing(); + let consensus_key = ed25519::PrivateKey::generate_for_testing(); let consensus_pubkey = consensus_key.public_key().to_bytes().to_vec(); - let proof_of_possession = bls12381::ProofOfPossession::create(&consensus_key) - .to_bytes() - .to_vec(); run( &mut harness, "RotateConsensusKey", account_2, - aptos_stdlib::stake_rotate_consensus_key( - pool_address, - consensus_pubkey, - proof_of_possession, - ), + aptos_stdlib::stake_rotate_consensus_key(pool_address, consensus_pubkey), ); run( &mut harness, diff --git a/aptos-move/framework/aptos-framework/doc/genesis.md b/aptos-move/framework/aptos-framework/doc/genesis.md index b942bf5f86e5fe..465d784df6ee78 100644 --- a/aptos-move/framework/aptos-framework/doc/genesis.md +++ b/aptos-move/framework/aptos-framework/doc/genesis.md @@ -196,12 +196,6 @@
-
-
-proof_of_possession: vector<u8> -
-
-
network_addresses: vector<u8> @@ -779,7 +773,6 @@ encoded in a single BCS byte array. operator, pool_address, validator.consensus_pubkey, - validator.proof_of_possession, ); stake::update_network_and_fullnode_addresses( operator, diff --git a/aptos-move/framework/aptos-framework/doc/stake.md b/aptos-move/framework/aptos-framework/doc/stake.md index 3474162b538baa..7fb384a60fffd9 100644 --- a/aptos-move/framework/aptos-framework/doc/stake.md +++ b/aptos-move/framework/aptos-framework/doc/stake.md @@ -149,8 +149,8 @@ or if their stake drops below the min required, they would get removed at the en
use 0x1::account;
 use 0x1::aptos_coin;
-use 0x1::bls12381;
 use 0x1::coin;
+use 0x1::ed25519;
 use 0x1::error;
 use 0x1::event;
 use 0x1::features;
@@ -1959,7 +1959,7 @@ to set later.
 Initialize the validator account and give ownership to the signing account.
 
 
-
public entry fun initialize_validator(account: &signer, consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>, network_addresses: vector<u8>, fullnode_addresses: vector<u8>)
+
public entry fun initialize_validator(account: &signer, consensus_pubkey: vector<u8>, network_addresses: vector<u8>, fullnode_addresses: vector<u8>)
 
@@ -1971,17 +1971,12 @@ Initialize the validator account and give ownership to the signing account.
public entry fun initialize_validator(
     account: &signer,
     consensus_pubkey: vector<u8>,
-    proof_of_possession: vector<u8>,
     network_addresses: vector<u8>,
     fullnode_addresses: vector<u8>,
 ) acquires AllowedValidators {
-    // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks.
-    let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop(
-        consensus_pubkey,
-        &proof_of_possession_from_bytes(proof_of_possession)
-    );
-    assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY));
-
+    // Checks the public key is valid to prevent rogue-key attacks.
+    let valid_public_key = ed25519::new_validated_public_key_from_bytes(consensus_pubkey);
+    assert!(option::is_some(&valid_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY));
     initialize_owner(account);
     move_to(account, ValidatorConfig {
         consensus_pubkey,
@@ -2417,7 +2412,7 @@ Move amount of coins from pending_inactive to active.
 
 
 
-
fun rotate_consensus_key_internal(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>, genesis: bool)
+
fun rotate_consensus_key_internal(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, genesis: bool)
 
@@ -2430,7 +2425,6 @@ Move amount of coins from pending_inactive to active. operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, - proof_of_possession: vector<u8>, genesis: bool, ) acquires StakePool, ValidatorConfig { assert_stake_pool_exists(pool_address); @@ -2440,16 +2434,13 @@ Move amount of coins from pending_inactive to active. assert!(exists<ValidatorConfig>(pool_address), error::not_found(EVALIDATOR_CONFIG)); let validator_info = borrow_global_mut<ValidatorConfig>(pool_address); let old_consensus_pubkey = validator_info.consensus_pubkey; - // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks. + // Checks the public key is valid to prevent rogue-key attacks. if (!genesis) { - let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop( - new_consensus_pubkey, - &proof_of_possession_from_bytes(proof_of_possession) - ); - assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY)); + let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey); + assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); } else { - let pubkey = &mut bls12381::public_key_from_bytes(new_consensus_pubkey); - assert!(option::is_some(pubkey), error::invalid_argument(EINVALID_PUBLIC_KEY)); + let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey); + assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); }; validator_info.consensus_pubkey = new_consensus_pubkey; @@ -2477,7 +2468,7 @@ does not verify proof of possession only for genesis -
public(friend) fun rotate_consensus_key_genesis(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_poseesion: vector<u8>)
+
public(friend) fun rotate_consensus_key_genesis(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>)
 
@@ -2490,9 +2481,8 @@ only for genesis operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, - proof_of_poseesion: vector<u8>, ) acquires StakePool, ValidatorConfig { - rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_poseesion, true); + rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, true); }
@@ -2507,7 +2497,7 @@ only for genesis Rotate the consensus key of the validator, it'll take effect in next epoch. -
public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>)
+
public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>)
 
@@ -2520,9 +2510,8 @@ Rotate the consensus key of the validator, it'll take effect in next epoch. operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, - proof_of_possession: vector<u8>, ) acquires StakePool, ValidatorConfig { - rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_possession, false); + rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, false); }
@@ -3732,6 +3721,174 @@ Returns validator's next epoch voting power, including pending_active, active, a + + + + +
fun spec_validators_are_initialized(validators: vector<ValidatorInfo>): bool {
+   forall i in 0..len(validators):
+       spec_has_stake_pool(validators[i].addr) &&
+           spec_has_validator_config(validators[i].addr)
+}
+
+ + + + + + + +
fun spec_validator_indices_are_valid(validators: vector<ValidatorInfo>): bool {
+   forall i in 0..len(validators):
+       global<ValidatorConfig>(validators[i].addr).validator_index < spec_validator_index_upper_bound()
+}
+
+ + + + + + + +
fun spec_validator_index_upper_bound(): u64 {
+   len(global<ValidatorPerformance>(@aptos_framework).validators)
+}
+
+ + + + + + + +
fun spec_has_stake_pool(a: address): bool {
+   exists<StakePool>(a)
+}
+
+ + + + + + + +
fun spec_has_validator_config(a: address): bool {
+   exists<ValidatorConfig>(a)
+}
+
+ + + + + + + +
fun spec_rewards_amount(
+   stake_amount: u64,
+   num_successful_proposals: u64,
+   num_total_proposals: u64,
+   rewards_rate: u64,
+   rewards_rate_denominator: u64,
+): u64;
+
+ + + + + + + +
fun spec_contains(validators: vector<ValidatorInfo>, addr: address): bool {
+   exists i in 0..len(validators): validators[i].addr == addr
+}
+
+ + + + + + + +
fun spec_is_current_epoch_validator(pool_address: address): bool {
+   let validator_set = global<ValidatorSet>(@aptos_framework);
+   !spec_contains(validator_set.pending_active, pool_address)
+       && (spec_contains(validator_set.active_validators, pool_address)
+       || spec_contains(validator_set.pending_inactive, pool_address))
+}
+
+ + + + + + + +
schema ResourceRequirement {
+    requires exists<AptosCoinCapabilities>(@aptos_framework);
+    requires exists<ValidatorPerformance>(@aptos_framework);
+    requires exists<ValidatorSet>(@aptos_framework);
+    requires exists<StakingConfig>(@aptos_framework);
+    requires exists<StakingRewardsConfig>(@aptos_framework) || !features::spec_periodical_reward_rate_decrease_enabled();
+    requires exists<timestamp::CurrentTimeMicroseconds>(@aptos_framework);
+    requires exists<ValidatorFees>(@aptos_framework);
+}
+
+ + + + + + + +
fun spec_get_reward_rate_1(config: StakingConfig): num {
+   if (features::spec_periodical_reward_rate_decrease_enabled()) {
+       let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
+       if (epoch_rewards_rate.value == 0) {
+           0
+       } else {
+           let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
+           let denominator = if (denominator_0 > MAX_U64) {
+               MAX_U64
+           } else {
+               denominator_0
+           };
+           let nominator = aptos_std::fixed_point64::spec_multiply_u128(denominator, epoch_rewards_rate);
+           nominator
+       }
+   } else {
+           config.rewards_rate
+   }
+}
+
+ + + + + + + +
fun spec_get_reward_rate_2(config: StakingConfig): num {
+   if (features::spec_periodical_reward_rate_decrease_enabled()) {
+       let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
+       if (epoch_rewards_rate.value == 0) {
+           1
+       } else {
+           let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
+           let denominator = if (denominator_0 > MAX_U64) {
+               MAX_U64
+           } else {
+               denominator_0
+           };
+           denominator
+       }
+   } else {
+           config.rewards_rate_denominator
+   }
+}
+
+ + + ### Resource `ValidatorSet` @@ -3982,17 +4139,16 @@ Returns validator's next epoch voting power, including pending_active, active, a ### Function `initialize_validator` -
public entry fun initialize_validator(account: &signer, consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>, network_addresses: vector<u8>, fullnode_addresses: vector<u8>)
+
public entry fun initialize_validator(account: &signer, consensus_pubkey: vector<u8>, network_addresses: vector<u8>, fullnode_addresses: vector<u8>)
 
-
let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop(
+
let is_public_key_validated = ed25519::spec_public_key_validate_internal(
     consensus_pubkey,
-    proof_of_possession_from_bytes(proof_of_possession)
 );
-aborts_if !option::spec_is_some(pubkey_from_pop);
+aborts_if !is_public_key_validated;
 let addr = signer::address_of(account);
 let post_addr = signer::address_of(account);
 let allowed = global<AllowedValidators>(@aptos_framework);
@@ -4157,7 +4313,7 @@ Returns validator's next epoch voting power, including pending_active, active, a
 ### Function `rotate_consensus_key`
 
 
-
public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>, proof_of_possession: vector<u8>)
+
public entry fun rotate_consensus_key(operator: &signer, pool_address: address, new_consensus_pubkey: vector<u8>)
 
@@ -4168,11 +4324,10 @@ Returns validator's next epoch voting power, including pending_active, active, a aborts_if !exists<StakePool>(pool_address); aborts_if signer::address_of(operator) != pre_stake_pool.operator_address; aborts_if !exists<ValidatorConfig>(pool_address); -let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop( +let is_public_key_validated = ed25519::spec_public_key_validate_internal( new_consensus_pubkey, - proof_of_possession_from_bytes(proof_of_possession) ); -aborts_if !option::spec_is_some(pubkey_from_pop); +aborts_if !is_public_key_validated; modifies global<ValidatorConfig>(pool_address); include StakedValueNochange; ensures validator_info.consensus_pubkey == new_consensus_pubkey; @@ -4824,172 +4979,4 @@ Returns validator's next epoch voting power, including pending_active, active, a
- - - - - -
fun spec_validators_are_initialized(validators: vector<ValidatorInfo>): bool {
-   forall i in 0..len(validators):
-       spec_has_stake_pool(validators[i].addr) &&
-           spec_has_validator_config(validators[i].addr)
-}
-
- - - - - - - -
fun spec_validator_indices_are_valid(validators: vector<ValidatorInfo>): bool {
-   forall i in 0..len(validators):
-       global<ValidatorConfig>(validators[i].addr).validator_index < spec_validator_index_upper_bound()
-}
-
- - - - - - - -
fun spec_validator_index_upper_bound(): u64 {
-   len(global<ValidatorPerformance>(@aptos_framework).validators)
-}
-
- - - - - - - -
fun spec_has_stake_pool(a: address): bool {
-   exists<StakePool>(a)
-}
-
- - - - - - - -
fun spec_has_validator_config(a: address): bool {
-   exists<ValidatorConfig>(a)
-}
-
- - - - - - - -
fun spec_rewards_amount(
-   stake_amount: u64,
-   num_successful_proposals: u64,
-   num_total_proposals: u64,
-   rewards_rate: u64,
-   rewards_rate_denominator: u64,
-): u64;
-
- - - - - - - -
fun spec_contains(validators: vector<ValidatorInfo>, addr: address): bool {
-   exists i in 0..len(validators): validators[i].addr == addr
-}
-
- - - - - - - -
fun spec_is_current_epoch_validator(pool_address: address): bool {
-   let validator_set = global<ValidatorSet>(@aptos_framework);
-   !spec_contains(validator_set.pending_active, pool_address)
-       && (spec_contains(validator_set.active_validators, pool_address)
-       || spec_contains(validator_set.pending_inactive, pool_address))
-}
-
- - - - - - - -
schema ResourceRequirement {
-    requires exists<AptosCoinCapabilities>(@aptos_framework);
-    requires exists<ValidatorPerformance>(@aptos_framework);
-    requires exists<ValidatorSet>(@aptos_framework);
-    requires exists<StakingConfig>(@aptos_framework);
-    requires exists<StakingRewardsConfig>(@aptos_framework) || !features::spec_periodical_reward_rate_decrease_enabled();
-    requires exists<timestamp::CurrentTimeMicroseconds>(@aptos_framework);
-    requires exists<ValidatorFees>(@aptos_framework);
-}
-
- - - - - - - -
fun spec_get_reward_rate_1(config: StakingConfig): num {
-   if (features::spec_periodical_reward_rate_decrease_enabled()) {
-       let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
-       if (epoch_rewards_rate.value == 0) {
-           0
-       } else {
-           let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
-           let denominator = if (denominator_0 > MAX_U64) {
-               MAX_U64
-           } else {
-               denominator_0
-           };
-           let nominator = aptos_std::fixed_point64::spec_multiply_u128(denominator, epoch_rewards_rate);
-           nominator
-       }
-   } else {
-           config.rewards_rate
-   }
-}
-
- - - - - - - -
fun spec_get_reward_rate_2(config: StakingConfig): num {
-   if (features::spec_periodical_reward_rate_decrease_enabled()) {
-       let epoch_rewards_rate = global<staking_config::StakingRewardsConfig>(@aptos_framework).rewards_rate;
-       if (epoch_rewards_rate.value == 0) {
-           1
-       } else {
-           let denominator_0 = aptos_std::fixed_point64::spec_divide_u128(staking_config::MAX_REWARDS_RATE, epoch_rewards_rate);
-           let denominator = if (denominator_0 > MAX_U64) {
-               MAX_U64
-           } else {
-               denominator_0
-           };
-           denominator
-       }
-   } else {
-           config.rewards_rate_denominator
-   }
-}
-
- - [move-book]: https://aptos.dev/move/book/SUMMARY diff --git a/aptos-move/framework/aptos-framework/sources/aptos_governance.move b/aptos-move/framework/aptos-framework/sources/aptos_governance.move index e2a649a7c4adbe..63c67cc816b8f8 100644 --- a/aptos-move/framework/aptos-framework/sources/aptos_governance.move +++ b/aptos-move/framework/aptos-framework/sources/aptos_governance.move @@ -1023,9 +1023,9 @@ module aptos_framework::aptos_governance { vector::push_back(&mut active_validators, signer::address_of(proposer)); vector::push_back(&mut active_validators, signer::address_of(yes_voter)); vector::push_back(&mut active_validators, signer::address_of(no_voter)); - let (_sk_1, pk_1, _pop_1) = stake::generate_identity(); - let (_sk_2, pk_2, _pop_2) = stake::generate_identity(); - let (_sk_3, pk_3, _pop_3) = stake::generate_identity(); + let (_sk_1, pk_1) = stake::generate_identity(); + let (_sk_2, pk_2) = stake::generate_identity(); + let (_sk_3, pk_3) = stake::generate_identity(); let pks = vector[pk_1, pk_2, pk_3]; stake::create_validator_set(aptos_framework, active_validators, pks); @@ -1081,11 +1081,11 @@ module aptos_framework::aptos_governance { coin::register(no_voter); coin::deposit(signer::address_of(no_voter), stake::mint_coins(10)); - let (_sk_1, pk_1, pop_1) = stake::generate_identity(); - let (_sk_2, pk_2, pop_2) = stake::generate_identity(); - let (_sk_3, pk_3, pop_3) = stake::generate_identity(); - stake::initialize_test_validator(&pk_2, &pop_2, yes_voter, 20, true, false); - stake::initialize_test_validator(&pk_3, &pop_3, no_voter, 10, true, false); + let (_sk_1, pk_1) = stake::generate_identity(); + let (_sk_2, pk_2) = stake::generate_identity(); + let (_sk_3, pk_3) = stake::generate_identity(); + stake::initialize_test_validator(&pk_2, yes_voter, 20, true, false); + stake::initialize_test_validator(&pk_3, no_voter, 10, true, false); stake::end_epoch(); timestamp::fast_forward_seconds(1440); stake::initialize_test_validator(&pk_1, &pop_1, proposer, 100, true, false); diff --git a/aptos-move/framework/aptos-framework/sources/delegation_pool.move b/aptos-move/framework/aptos-framework/sources/delegation_pool.move index 77f1cb259898fc..6505fec86b99a4 100644 --- a/aptos-move/framework/aptos-framework/sources/delegation_pool.move +++ b/aptos-move/framework/aptos-framework/sources/delegation_pool.move @@ -1782,7 +1782,7 @@ module aptos_framework::delegation_pool { use aptos_framework::timestamp::fast_forward_seconds; #[test_only] - const CONSENSUS_KEY_1: vector = x"8a54b92288d4ba5073d3a52e80cc00ae9fbbc1cc5b433b46089b7804c38a76f00fc64746c7685ee628fc2d0b929c2294"; + const CONSENSUS_KEY_1: vector = x"1a"; #[test_only] const CONSENSUS_POP_1: vector = x"a9d6c1f1270f2d1454c89a83a4099f813a56dc7db55591d46aa4e6ccae7898b234029ba7052f18755e6fa5e6b73e235f14efc4e2eb402ca2b8f56bad69f965fc11b7b25eb1c95a06f83ddfd023eac4559b6582696cfea97b227f4ce5bdfdfed0"; @@ -1899,7 +1899,7 @@ module aptos_framework::delegation_pool { initialize_delegation_pool(validator, commission_percentage, vector::empty()); let pool_address = get_owned_pool_address(validator_address); - stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1); + stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1); if (amount > 0) { stake::mint(validator, amount); @@ -2058,7 +2058,7 @@ module aptos_framework::delegation_pool { initialize_delegation_pool(validator, 3735, vector::empty()); let pool_address = get_owned_pool_address(validator_address); - stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1); + stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1); // zero `add_stake` fee as validator is not producing rewards this epoch assert!(get_add_stake_fee(pool_address, 1000000 * ONE_APT) == 0, 0); @@ -3226,7 +3226,7 @@ module aptos_framework::delegation_pool { assert_delegation(validator_address, pool_address, 0, 0, 0); // activate validator - stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1); + stake::rotate_consensus_key(validator, pool_address, CONSENSUS_KEY_1); stake::join_validator_set(validator, pool_address); end_aptos_epoch(); @@ -3363,7 +3363,7 @@ module aptos_framework::delegation_pool { unlock(delegator, pool_address, 100 * ONE_APT); // activate validator - stake::rotate_consensus_key(old_operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1); + stake::rotate_consensus_key(old_operator, pool_address, CONSENSUS_KEY_1); stake::join_validator_set(old_operator, pool_address); end_aptos_epoch(); @@ -3430,7 +3430,7 @@ module aptos_framework::delegation_pool { unlock(delegator, pool_address, 1000000 * ONE_APT); // activate validator - stake::rotate_consensus_key(operator1, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1); + stake::rotate_consensus_key(operator1, pool_address, CONSENSUS_KEY_1); stake::join_validator_set(operator1, pool_address); end_aptos_epoch(); @@ -3495,7 +3495,7 @@ module aptos_framework::delegation_pool { unlock(delegator, pool_address, 100 * ONE_APT); // activate validator - stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1); + stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1); stake::join_validator_set(operator, pool_address); end_aptos_epoch(); @@ -3557,7 +3557,7 @@ module aptos_framework::delegation_pool { unlock(delegator, pool_address, 100 * ONE_APT); // activate validator - stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1, CONSENSUS_POP_1); + stake::rotate_consensus_key(operator, pool_address, CONSENSUS_KEY_1); stake::join_validator_set(operator, pool_address); end_aptos_epoch(); diff --git a/aptos-move/framework/aptos-framework/sources/genesis.move b/aptos-move/framework/aptos-framework/sources/genesis.move index 58c6e01c7d89e5..7fe7b6f1660ec3 100644 --- a/aptos-move/framework/aptos-framework/sources/genesis.move +++ b/aptos-move/framework/aptos-framework/sources/genesis.move @@ -52,7 +52,6 @@ module aptos_framework::genesis { voter_address: address, stake_amount: u64, consensus_pubkey: vector, - proof_of_possession: vector, network_addresses: vector, full_node_network_addresses: vector, } @@ -365,7 +364,6 @@ module aptos_framework::genesis { operator, pool_address, validator.consensus_pubkey, - validator.proof_of_possession, ); stake::update_network_and_fullnode_addresses( operator, diff --git a/aptos-move/framework/aptos-framework/sources/stake.move b/aptos-move/framework/aptos-framework/sources/stake.move index 1df14c8d29635a..cd7a7473573ca7 100644 --- a/aptos-move/framework/aptos-framework/sources/stake.move +++ b/aptos-move/framework/aptos-framework/sources/stake.move @@ -23,7 +23,7 @@ module aptos_framework::stake { use std::option::{Self, Option}; use std::signer; use std::vector; - use aptos_std::bls12381; + use aptos_std::ed25519; use aptos_std::math64::min; use aptos_std::table::{Self, Table}; use aptos_framework::aptos_coin::AptosCoin; @@ -494,17 +494,12 @@ module aptos_framework::stake { public entry fun initialize_validator( account: &signer, consensus_pubkey: vector, - proof_of_possession: vector, network_addresses: vector, fullnode_addresses: vector, ) acquires AllowedValidators { - // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks. - let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop( - consensus_pubkey, - &proof_of_possession_from_bytes(proof_of_possession) - ); - assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY)); - + // Checks the public key is valid to prevent rogue-key attacks. + let valid_public_key = ed25519::new_validated_public_key_from_bytes(consensus_pubkey); + assert!(option::is_some(&valid_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); initialize_owner(account); move_to(account, ValidatorConfig { consensus_pubkey, @@ -693,7 +688,6 @@ module aptos_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_possession: vector, genesis: bool, ) acquires StakePool, ValidatorConfig { assert_stake_pool_exists(pool_address); @@ -703,16 +697,13 @@ module aptos_framework::stake { assert!(exists(pool_address), error::not_found(EVALIDATOR_CONFIG)); let validator_info = borrow_global_mut(pool_address); let old_consensus_pubkey = validator_info.consensus_pubkey; - // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks. + // Checks the public key is valid to prevent rogue-key attacks. if (!genesis) { - let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop( - new_consensus_pubkey, - &proof_of_possession_from_bytes(proof_of_possession) - ); - assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY)); + let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey); + assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); } else { - let pubkey = &mut bls12381::public_key_from_bytes(new_consensus_pubkey); - assert!(option::is_some(pubkey), error::invalid_argument(EINVALID_PUBLIC_KEY)); + let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey); + assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); }; validator_info.consensus_pubkey = new_consensus_pubkey; @@ -733,9 +724,8 @@ module aptos_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_poseesion: vector, ) acquires StakePool, ValidatorConfig { - rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_poseesion, true); + rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, true); } /// Rotate the consensus key of the validator, it'll take effect in next epoch. @@ -743,9 +733,8 @@ module aptos_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_possession: vector, ) acquires StakePool, ValidatorConfig { - rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_possession, false); + rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, false); } /// Update the network and full node addresses of the validator. This only takes effect in the next epoch. @@ -1388,7 +1377,6 @@ module aptos_framework::stake { #[test_only] use aptos_framework::aptos_coin; - use aptos_std::bls12381::proof_of_possession_from_bytes; #[test_only] use aptos_std::fixed_point64; @@ -1405,15 +1393,13 @@ module aptos_framework::stake { #[test_only] public fun join_validator_set_for_test( - pk: &bls12381::PublicKey, - pop: &bls12381::ProofOfPossession, + pk: &ed25519::ValidatedPublicKey, operator: &signer, pool_address: address, should_end_epoch: bool, ) acquires AptosCoinCapabilities, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees { - let pk_bytes = bls12381::public_key_to_bytes(pk); - let pop_bytes = bls12381::proof_of_possession_to_bytes(pop); - rotate_consensus_key(operator, pool_address, pk_bytes, pop_bytes); + let pk_bytes = ed25519::validated_public_key_to_bytes(pk); + rotate_consensus_key(operator, pool_address, pk_bytes); join_validator_set(operator, pool_address); if (should_end_epoch) { end_epoch(); @@ -1484,8 +1470,7 @@ module aptos_framework::stake { #[test_only] public fun initialize_test_validator( - public_key: &bls12381::PublicKey, - proof_of_possession: &bls12381::ProofOfPossession, + public_key: &ed25519::UnvalidatedPublicKey, validator: &signer, amount: u64, should_join_validator_set: bool, @@ -1496,9 +1481,8 @@ module aptos_framework::stake { account::create_account_for_test(validator_address); }; - let pk_bytes = bls12381::public_key_to_bytes(public_key); - let pop_bytes = bls12381::proof_of_possession_to_bytes(proof_of_possession); - initialize_validator(validator, pk_bytes, pop_bytes, vector::empty(), vector::empty()); + let pk_bytes = ed25519::unvalidated_public_key_to_bytes(public_key); + initialize_validator(validator, pk_bytes, vector::empty(), vector::empty()); if (amount > 0) { mint_and_add_stake(validator, amount); @@ -1516,7 +1500,7 @@ module aptos_framework::stake { public fun create_validator_set( aptos_framework: &signer, active_validator_addresses: vector
, - public_keys: vector, + public_keys: vector, ) { let active_validators = vector::empty(); let i = 0; @@ -1527,7 +1511,7 @@ module aptos_framework::stake { addr: *validator_address, voting_power: 0, config: ValidatorConfig { - consensus_pubkey: bls12381::public_key_to_bytes(pk), + consensus_pubkey: ed25519::validated_public_key_to_bytes(pk), network_addresses: b"", fullnode_addresses: b"", validator_index: 0, @@ -1574,11 +1558,10 @@ module aptos_framework::stake { } #[test_only] - public fun generate_identity(): (bls12381::SecretKey, bls12381::PublicKey, bls12381::ProofOfPossession) { - let (sk, pkpop) = bls12381::generate_keys(); - let pop = bls12381::generate_proof_of_possession(&sk); - let unvalidated_pk = bls12381::public_key_with_pop_to_normal(&pkpop); - (sk, unvalidated_pk, pop) + public fun generate_identity(): (ed25519::SecretKey, ed25519::UnvalidatedPublicKey) { + let (sk, pkpop) = ed25519::generate_keys(); + let unvalidated_pub_key = ed25519::public_key_to_unvalidated(&pkpop); + (sk, unvalidated_pub_key) } #[test(aptos_framework = @aptos_framework, validator = @0x123)] @@ -1588,8 +1571,8 @@ module aptos_framework::stake { validator: &signer, ) acquires AllowedValidators, AptosCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees { initialize_for_test(aptos_framework); - let (_sk, pk, pop) = generate_identity(); - initialize_test_validator(&pk, &pop, validator, 100, false, false); + let (_sk, pk) = generate_identity(); + initialize_test_validator(&pk, validator, 100, false, false); // Add more stake to exceed max. This should fail. mint_and_add_stake(validator, 9901); diff --git a/aptos-move/framework/aptos-framework/sources/stake.spec.move b/aptos-move/framework/aptos-framework/sources/stake.spec.move index 64e229f81bd227..697e302fecad03 100644 --- a/aptos-move/framework/aptos-framework/sources/stake.spec.move +++ b/aptos-move/framework/aptos-framework/sources/stake.spec.move @@ -104,15 +104,13 @@ spec aptos_framework::stake { spec initialize_validator( account: &signer, consensus_pubkey: vector, - proof_of_possession: vector, network_addresses: vector, fullnode_addresses: vector, ){ - let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop( + let is_public_key_validated = ed25519::spec_public_key_validate_internal( consensus_pubkey, - proof_of_possession_from_bytes(proof_of_possession) ); - aborts_if !option::spec_is_some(pubkey_from_pop); + aborts_if !is_public_key_validated; let addr = signer::address_of(account); let post_addr = signer::address_of(account); let allowed = global(@aptos_framework); @@ -357,18 +355,16 @@ spec aptos_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_possession: vector, ) { let pre_stake_pool = global(pool_address); let post validator_info = global(pool_address); aborts_if !exists(pool_address); aborts_if signer::address_of(operator) != pre_stake_pool.operator_address; aborts_if !exists(pool_address); - let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop( + let is_public_key_validated = ed25519::spec_public_key_validate_internal( new_consensus_pubkey, - proof_of_possession_from_bytes(proof_of_possession) ); - aborts_if !option::spec_is_some(pubkey_from_pop); + aborts_if !is_public_key_validated; modifies global(pool_address); include StakedValueNochange; diff --git a/aptos-move/framework/aptos-framework/sources/vesting.move b/aptos-move/framework/aptos-framework/sources/vesting.move index 440f0650c67e12..3c076133eb3170 100644 --- a/aptos-move/framework/aptos-framework/sources/vesting.move +++ b/aptos-move/framework/aptos-framework/sources/vesting.move @@ -1126,8 +1126,8 @@ module aptos_framework::vesting { stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0); // The stake pool is still in pending active stake, so unlock_rewards and vest shouldn't do anything. - let (_sk, pk, pop) = stake::generate_identity(); - stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, false); + let (_sk, pk) = stake::generate_identity(); + stake::join_validator_set_for_test(&pk, admin, stake_pool_address, false); assert!(stake::get_validator_state(stake_pool_address) == VALIDATOR_STATUS_PENDING_ACTIVE, 1); unlock_rewards(contract_address); vest(contract_address); diff --git a/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs b/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs index 045a27c1a664a2..e425ba72f45bdd 100644 --- a/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs +++ b/aptos-move/framework/cached-packages/src/aptos_framework_sdk_builder.rs @@ -636,7 +636,6 @@ pub enum EntryFunctionCall { /// Initialize the validator account and give ownership to the signing account. StakeInitializeValidator { consensus_pubkey: Vec, - proof_of_possession: Vec, network_addresses: Vec, fullnode_addresses: Vec, }, @@ -665,7 +664,6 @@ pub enum EntryFunctionCall { StakeRotateConsensusKey { pool_address: AccountAddress, new_consensus_pubkey: Vec, - proof_of_possession: Vec, }, /// Allows an owner to change the delegated voter of the stake pool. @@ -1291,25 +1289,18 @@ impl EntryFunctionCall { } => stake_initialize_stake_owner(initial_stake_amount, operator, voter), StakeInitializeValidator { consensus_pubkey, - proof_of_possession, network_addresses, fullnode_addresses, - } => stake_initialize_validator( - consensus_pubkey, - proof_of_possession, - network_addresses, - fullnode_addresses, - ), + } => { + stake_initialize_validator(consensus_pubkey, network_addresses, fullnode_addresses) + }, StakeJoinValidatorSet { pool_address } => stake_join_validator_set(pool_address), StakeLeaveValidatorSet { pool_address } => stake_leave_validator_set(pool_address), StakeReactivateStake { amount } => stake_reactivate_stake(amount), StakeRotateConsensusKey { pool_address, new_consensus_pubkey, - proof_of_possession, - } => { - stake_rotate_consensus_key(pool_address, new_consensus_pubkey, proof_of_possession) - }, + } => stake_rotate_consensus_key(pool_address, new_consensus_pubkey), StakeSetDelegatedVoter { new_voter } => stake_set_delegated_voter(new_voter), StakeSetOperator { new_operator } => stake_set_operator(new_operator), StakeUnlock { amount } => stake_unlock(amount), @@ -3146,7 +3137,6 @@ pub fn stake_initialize_stake_owner( /// Initialize the validator account and give ownership to the signing account. pub fn stake_initialize_validator( consensus_pubkey: Vec, - proof_of_possession: Vec, network_addresses: Vec, fullnode_addresses: Vec, ) -> TransactionPayload { @@ -3162,7 +3152,6 @@ pub fn stake_initialize_validator( vec![], vec![ bcs::to_bytes(&consensus_pubkey).unwrap(), - bcs::to_bytes(&proof_of_possession).unwrap(), bcs::to_bytes(&network_addresses).unwrap(), bcs::to_bytes(&fullnode_addresses).unwrap(), ], @@ -3226,7 +3215,6 @@ pub fn stake_reactivate_stake(amount: u64) -> TransactionPayload { pub fn stake_rotate_consensus_key( pool_address: AccountAddress, new_consensus_pubkey: Vec, - proof_of_possession: Vec, ) -> TransactionPayload { TransactionPayload::EntryFunction(EntryFunction::new( ModuleId::new( @@ -3241,7 +3229,6 @@ pub fn stake_rotate_consensus_key( vec![ bcs::to_bytes(&pool_address).unwrap(), bcs::to_bytes(&new_consensus_pubkey).unwrap(), - bcs::to_bytes(&proof_of_possession).unwrap(), ], )) } @@ -5047,9 +5034,8 @@ mod decoder { if let TransactionPayload::EntryFunction(script) = payload { Some(EntryFunctionCall::StakeInitializeValidator { consensus_pubkey: bcs::from_bytes(script.args().get(0)?).ok()?, - proof_of_possession: bcs::from_bytes(script.args().get(1)?).ok()?, - network_addresses: bcs::from_bytes(script.args().get(2)?).ok()?, - fullnode_addresses: bcs::from_bytes(script.args().get(3)?).ok()?, + network_addresses: bcs::from_bytes(script.args().get(1)?).ok()?, + fullnode_addresses: bcs::from_bytes(script.args().get(2)?).ok()?, }) } else { None @@ -5091,7 +5077,6 @@ mod decoder { Some(EntryFunctionCall::StakeRotateConsensusKey { pool_address: bcs::from_bytes(script.args().get(0)?).ok()?, new_consensus_pubkey: bcs::from_bytes(script.args().get(1)?).ok()?, - proof_of_possession: bcs::from_bytes(script.args().get(2)?).ok()?, }) } else { None diff --git a/aptos-move/framework/supra-framework/sources/genesis.move b/aptos-move/framework/supra-framework/sources/genesis.move index a37cef82a8fec9..0e4b2e3ed87b42 100644 --- a/aptos-move/framework/supra-framework/sources/genesis.move +++ b/aptos-move/framework/supra-framework/sources/genesis.move @@ -52,7 +52,6 @@ module supra_framework::genesis { voter_address: address, stake_amount: u64, consensus_pubkey: vector, - proof_of_possession: vector, network_addresses: vector, full_node_network_addresses: vector, } @@ -365,7 +364,6 @@ module supra_framework::genesis { operator, pool_address, validator.consensus_pubkey, - validator.proof_of_possession, ); stake::update_network_and_fullnode_addresses( operator, diff --git a/aptos-move/framework/supra-framework/sources/stake.move b/aptos-move/framework/supra-framework/sources/stake.move index 724da8dc353586..1cbef3931069b1 100644 --- a/aptos-move/framework/supra-framework/sources/stake.move +++ b/aptos-move/framework/supra-framework/sources/stake.move @@ -23,7 +23,7 @@ module supra_framework::stake { use std::option::{Self, Option}; use std::signer; use std::vector; - use aptos_std::bls12381; + use aptos_std::ed25519; use aptos_std::math64::min; use aptos_std::table::{Self, Table}; use supra_framework::supra_coin::SupraCoin; @@ -494,16 +494,12 @@ module supra_framework::stake { public entry fun initialize_validator( account: &signer, consensus_pubkey: vector, - proof_of_possession: vector, network_addresses: vector, fullnode_addresses: vector, ) acquires AllowedValidators { - // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks. - let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop( - consensus_pubkey, - &proof_of_possession_from_bytes(proof_of_possession) - ); - assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY)); + // Checks the public key is valid to prevent rogue-key attacks. + let valid_public_key = ed25519::new_validated_public_key_from_bytes(consensus_pubkey); + assert!(option::is_some(&valid_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); initialize_owner(account); move_to(account, ValidatorConfig { @@ -693,7 +689,6 @@ module supra_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_possession: vector, genesis: bool, ) acquires StakePool, ValidatorConfig { assert_stake_pool_exists(pool_address); @@ -703,16 +698,13 @@ module supra_framework::stake { assert!(exists(pool_address), error::not_found(EVALIDATOR_CONFIG)); let validator_info = borrow_global_mut(pool_address); let old_consensus_pubkey = validator_info.consensus_pubkey; - // Checks the public key has a valid proof-of-possession to prevent rogue-key attacks. + // Checks the public key is valid to prevent rogue-key attacks. if (!genesis) { - let pubkey_from_pop = &mut bls12381::public_key_from_bytes_with_pop( - new_consensus_pubkey, - &proof_of_possession_from_bytes(proof_of_possession) - ); - assert!(option::is_some(pubkey_from_pop), error::invalid_argument(EINVALID_PUBLIC_KEY)); + let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey); + assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); } else { - let pubkey = &mut bls12381::public_key_from_bytes(new_consensus_pubkey); - assert!(option::is_some(pubkey), error::invalid_argument(EINVALID_PUBLIC_KEY)); + let validated_public_key = ed25519::new_validated_public_key_from_bytes(new_consensus_pubkey); + assert!(option::is_some(&validated_public_key), error::invalid_argument(EINVALID_PUBLIC_KEY)); }; validator_info.consensus_pubkey = new_consensus_pubkey; @@ -733,9 +725,8 @@ module supra_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_poseesion: vector, ) acquires StakePool, ValidatorConfig { - rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_poseesion, true); + rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, true); } /// Rotate the consensus key of the validator, it'll take effect in next epoch. @@ -743,9 +734,8 @@ module supra_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_possession: vector, ) acquires StakePool, ValidatorConfig { - rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, proof_of_possession, false); + rotate_consensus_key_internal(operator, pool_address, new_consensus_pubkey, false); } /// Update the network and full node addresses of the validator. This only takes effect in the next epoch. @@ -1388,7 +1378,6 @@ module supra_framework::stake { #[test_only] use supra_framework::supra_coin; - use aptos_std::bls12381::proof_of_possession_from_bytes; #[test_only] use aptos_std::fixed_point64; @@ -1588,8 +1577,8 @@ module supra_framework::stake { validator: &signer, ) acquires AllowedValidators, SupraCoinCapabilities, OwnerCapability, StakePool, ValidatorConfig, ValidatorPerformance, ValidatorSet, ValidatorFees { initialize_for_test(supra_framework); - let (_sk, pk, pop) = generate_identity(); - initialize_test_validator(&pk, &pop, validator, 100, false, false); + let (_sk, pk) = generate_identity(); + initialize_test_validator(&pk, validator, 100, false, false); // Add more stake to exceed max. This should fail. mint_and_add_stake(validator, 9901); diff --git a/aptos-move/framework/supra-framework/sources/stake.spec.move b/aptos-move/framework/supra-framework/sources/stake.spec.move index 378e5d5013e68e..1d16b10cdac148 100644 --- a/aptos-move/framework/supra-framework/sources/stake.spec.move +++ b/aptos-move/framework/supra-framework/sources/stake.spec.move @@ -104,15 +104,13 @@ spec supra_framework::stake { spec initialize_validator( account: &signer, consensus_pubkey: vector, - proof_of_possession: vector, network_addresses: vector, fullnode_addresses: vector, ){ - let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop( + let is_public_key_validated = ed25519::spec_public_key_validate_internal( consensus_pubkey, - proof_of_possession_from_bytes(proof_of_possession) ); - aborts_if !option::spec_is_some(pubkey_from_pop); + aborts_if !is_public_key_validated; let addr = signer::address_of(account); let post_addr = signer::address_of(account); let allowed = global(@supra_framework); @@ -357,18 +355,16 @@ spec supra_framework::stake { operator: &signer, pool_address: address, new_consensus_pubkey: vector, - proof_of_possession: vector, ) { let pre_stake_pool = global(pool_address); let post validator_info = global(pool_address); aborts_if !exists(pool_address); aborts_if signer::address_of(operator) != pre_stake_pool.operator_address; aborts_if !exists(pool_address); - let pubkey_from_pop = bls12381::spec_public_key_from_bytes_with_pop( + let is_public_key_validated = ed25519::spec_public_key_validate_internal( new_consensus_pubkey, - proof_of_possession_from_bytes(proof_of_possession) ); - aborts_if !option::spec_is_some(pubkey_from_pop); + aborts_if !is_public_key_validated; modifies global(pool_address); include StakedValueNochange; diff --git a/aptos-move/framework/supra-framework/sources/vesting.move b/aptos-move/framework/supra-framework/sources/vesting.move index 58b0cba4e16d13..4dad2db1be2f10 100644 --- a/aptos-move/framework/supra-framework/sources/vesting.move +++ b/aptos-move/framework/supra-framework/sources/vesting.move @@ -1126,8 +1126,8 @@ module supra_framework::vesting { stake::assert_stake_pool(stake_pool_address, GRANT_AMOUNT, 0, 0, 0); // The stake pool is still in pending active stake, so unlock_rewards and vest shouldn't do anything. - let (_sk, pk, pop) = stake::generate_identity(); - stake::join_validator_set_for_test(&pk, &pop, admin, stake_pool_address, false); + let (_sk, pk) = stake::generate_identity(); + stake::join_validator_set_for_test(&pk, admin, stake_pool_address, false); assert!(stake::get_validator_state(stake_pool_address) == VALIDATOR_STATUS_PENDING_ACTIVE, 1); unlock_rewards(contract_address); vest(contract_address); diff --git a/aptos-move/vm-genesis/src/lib.rs b/aptos-move/vm-genesis/src/lib.rs index 31fa3486a4f22a..175fc6294763e4 100644 --- a/aptos-move/vm-genesis/src/lib.rs +++ b/aptos-move/vm-genesis/src/lib.rs @@ -8,7 +8,7 @@ mod genesis_context; use crate::genesis_context::GenesisStateView; use aptos_crypto::{ - bls12381, + ed25519, ed25519::{Ed25519PrivateKey, Ed25519PublicKey}, HashValue, PrivateKey, Uniform, }; @@ -798,10 +798,8 @@ pub struct Validator { /// Amount to stake for consensus. Also the intial amount minted to the owner account. pub stake_amount: u64, - /// bls12381 public key used to sign consensus messages. + /// ed25519 public key used to sign consensus messages. pub consensus_pubkey: Vec, - /// Proof of Possession of the consensus pubkey. - pub proof_of_possession: Vec, /// `NetworkAddress` for the validator. pub network_addresses: Vec, /// `NetworkAddress` for the validator's full node. @@ -810,7 +808,7 @@ pub struct Validator { pub struct TestValidator { pub key: Ed25519PrivateKey, - pub consensus_key: bls12381::PrivateKey, + pub consensus_key: ed25519::PrivateKey, pub data: Validator, } @@ -826,11 +824,8 @@ impl TestValidator { let key = Ed25519PrivateKey::generate(rng); let auth_key = AuthenticationKey::ed25519(&key.public_key()); let owner_address = auth_key.account_address(); - let consensus_key = bls12381::PrivateKey::generate(rng); + let consensus_key = ed25519::PrivateKey::generate(rng); let consensus_pubkey = consensus_key.public_key().to_bytes().to_vec(); - let proof_of_possession = bls12381::ProofOfPossession::create(&consensus_key) - .to_bytes() - .to_vec(); let network_address = [0u8; 0].to_vec(); let full_node_network_address = [0u8; 0].to_vec(); @@ -842,7 +837,6 @@ impl TestValidator { let data = Validator { owner_address, consensus_pubkey, - proof_of_possession, operator_address: owner_address, voter_address: owner_address, network_addresses: network_address, diff --git a/config/src/config/identity_config.rs b/config/src/config/identity_config.rs index 0d2142574d8340..01fe1297cbaf9a 100644 --- a/config/src/config/identity_config.rs +++ b/config/src/config/identity_config.rs @@ -3,7 +3,7 @@ use crate::{config::SecureBackend, keys::ConfigKey}; use aptos_crypto::{ - bls12381, + ed25519, ed25519::Ed25519PrivateKey, x25519::{self, PRIVATE_KEY_SIZE}, ValidCryptoMaterial, @@ -29,7 +29,7 @@ pub struct IdentityBlob { pub account_private_key: Option, /// Optional consensus key. Only used for validators #[serde(skip_serializing_if = "Option::is_none")] - pub consensus_private_key: Option, + pub consensus_private_key: Option, /// Network private key. Peer id is derived from this if account address is not present pub network_private_key: x25519::PrivateKey, } diff --git a/config/src/config/safety_rules_config.rs b/config/src/config/safety_rules_config.rs index e5e19db1c17e5d..ca675e3e15ee59 100644 --- a/config/src/config/safety_rules_config.rs +++ b/config/src/config/safety_rules_config.rs @@ -12,7 +12,7 @@ use crate::{ keys::ConfigKey, }; use anyhow::bail; -use aptos_crypto::{bls12381, Uniform}; +use aptos_crypto::{ed25519, Uniform}; use aptos_types::{chain_id::ChainId, network_address::NetworkAddress, waypoint::Waypoint, PeerId}; use rand::rngs::StdRng; use serde::{Deserialize, Serialize}; @@ -203,7 +203,7 @@ impl RemoteService { #[derive(Clone, Debug, Deserialize, PartialEq, Serialize)] pub struct SafetyRulesTestConfig { pub author: PeerId, - pub consensus_key: Option>, + pub consensus_key: Option>, pub waypoint: Option, } @@ -216,13 +216,13 @@ impl SafetyRulesTestConfig { } } - pub fn consensus_key(&mut self, key: bls12381::PrivateKey) { + pub fn consensus_key(&mut self, key: ed25519::PrivateKey) { self.consensus_key = Some(ConfigKey::new(key)); } pub fn random_consensus_key(&mut self, rng: &mut StdRng) { - let privkey = bls12381::PrivateKey::generate(rng); - self.consensus_key = Some(ConfigKey::::new(privkey)); + let privkey = ed25519::PrivateKey::generate(rng); + self.consensus_key = Some(ConfigKey::::new(privkey)); } } diff --git a/consensus/consensus-types/src/block.rs b/consensus/consensus-types/src/block.rs index 392eb2b277f5a5..0ea1d38b023a10 100644 --- a/consensus/consensus-types/src/block.rs +++ b/consensus/consensus-types/src/block.rs @@ -9,7 +9,7 @@ use crate::{ }; use anyhow::{bail, ensure, format_err}; use aptos_bitvec::BitVec; -use aptos_crypto::{bls12381, hash::CryptoHash, HashValue}; +use aptos_crypto::{ed25519, hash::CryptoHash, HashValue}; use aptos_infallible::duration_since_epoch; use aptos_types::{ account_address::AccountAddress, @@ -51,7 +51,7 @@ pub struct Block { block_data: BlockData, /// Signature that the hash of this block has been authored by the owner of the private key, /// this is only set within Proposal blocks - signature: Option, + signature: Option, } impl fmt::Debug for Block { @@ -128,7 +128,7 @@ impl Block { self.block_data.round() } - pub fn signature(&self) -> Option<&bls12381::Signature> { + pub fn signature(&self) -> Option<&ed25519::Signature> { self.signature.as_ref() } @@ -186,7 +186,7 @@ impl Block { pub fn new_for_testing( id: HashValue, block_data: BlockData, - signature: Option, + signature: Option, ) -> Self { Block { id, @@ -296,7 +296,7 @@ impl Block { pub fn new_proposal_from_block_data_and_signature( block_data: BlockData, - signature: bls12381::Signature, + signature: ed25519::Signature, ) -> Self { Block { id: block_data.hash(), @@ -509,7 +509,7 @@ impl<'de> Deserialize<'de> for Block { #[serde(rename = "Block")] struct BlockWithoutId { block_data: BlockData, - signature: Option, + signature: Option, } let BlockWithoutId { diff --git a/consensus/consensus-types/src/block_test_utils.rs b/consensus/consensus-types/src/block_test_utils.rs index 402af52c48d623..facd0049aaa3e3 100644 --- a/consensus/consensus-types/src/block_test_utils.rs +++ b/consensus/consensus-types/src/block_test_utils.rs @@ -11,7 +11,7 @@ use crate::{ vote_data::VoteData, }; use aptos_crypto::{ - bls12381, + ed25519, ed25519::Ed25519PrivateKey, hash::{CryptoHash, HashValue}, PrivateKey, Uniform, @@ -155,7 +155,7 @@ prop_compose! { /// vector fn block_forest_from_keys( depth: u32, - key_pairs: Vec, + key_pairs: Vec, ) -> impl Strategy { let leaf = leaf_strategy().prop_map(|block| vec![block]); // Note that having `expected_branch_size` of 1 seems to generate significantly larger trees @@ -170,7 +170,7 @@ fn block_forest_from_keys( pub fn block_forest_and_its_keys( quorum_size: usize, depth: u32, -) -> impl Strategy, LinearizedBlockForest)> { +) -> impl Strategy, LinearizedBlockForest)> { proptest::collection::vec(proptests::arb_signing_key(), quorum_size).prop_flat_map( move |private_key| { ( diff --git a/consensus/consensus-types/src/pipeline/commit_vote.rs b/consensus/consensus-types/src/pipeline/commit_vote.rs index a7ab26d07b271a..593f9c6097b206 100644 --- a/consensus/consensus-types/src/pipeline/commit_vote.rs +++ b/consensus/consensus-types/src/pipeline/commit_vote.rs @@ -4,7 +4,7 @@ use crate::common::{Author, Round}; use anyhow::Context; -use aptos_crypto::{bls12381, CryptoMaterialError}; +use aptos_crypto::{ed25519, CryptoMaterialError}; use aptos_short_hex_str::AsShortHexStr; use aptos_types::{ block_info::BlockInfo, ledger_info::LedgerInfo, validator_signer::ValidatorSigner, @@ -17,7 +17,7 @@ use std::fmt::{Debug, Display, Formatter}; pub struct CommitVote { author: Author, ledger_info: LedgerInfo, - signature: bls12381::Signature, + signature: ed25519::Signature, } // this is required by structured log @@ -57,7 +57,7 @@ impl CommitVote { pub fn new_with_signature( author: Author, ledger_info: LedgerInfo, - signature: bls12381::Signature, + signature: ed25519::Signature, ) -> Self { Self { author, @@ -77,7 +77,7 @@ impl CommitVote { } /// Return the signature of the vote - pub fn signature(&self) -> &bls12381::Signature { + pub fn signature(&self) -> &ed25519::Signature { &self.signature } diff --git a/consensus/consensus-types/src/proof_of_store.rs b/consensus/consensus-types/src/proof_of_store.rs index 08c5c53946d432..1e5a0cd8317e7d 100644 --- a/consensus/consensus-types/src/proof_of_store.rs +++ b/consensus/consensus-types/src/proof_of_store.rs @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 use anyhow::{bail, ensure, Context}; -use aptos_crypto::{bls12381, CryptoMaterialError, HashValue}; +use aptos_crypto::{ed25519, CryptoMaterialError, HashValue}; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use aptos_types::{ aggregate_signature::AggregateSignature, validator_signer::ValidatorSigner, @@ -191,7 +191,7 @@ impl SignedBatchInfoMsg { pub struct SignedBatchInfo { info: BatchInfo, signer: PeerId, - signature: bls12381::Signature, + signature: ed25519::Signature, } impl SignedBatchInfo { @@ -237,7 +237,7 @@ impl SignedBatchInfo { Ok(validator.verify(self.signer, &self.info, &self.signature)?) } - pub fn signature(self) -> bls12381::Signature { + pub fn signature(self) -> ed25519::Signature { self.signature } diff --git a/consensus/consensus-types/src/timeout_2chain.rs b/consensus/consensus-types/src/timeout_2chain.rs index 9fc0ced6f3c50f..e69c7cc8e9d0c5 100644 --- a/consensus/consensus-types/src/timeout_2chain.rs +++ b/consensus/consensus-types/src/timeout_2chain.rs @@ -4,7 +4,7 @@ use crate::{common::Author, quorum_cert::QuorumCert}; use anyhow::ensure; -use aptos_crypto::{bls12381, CryptoMaterialError}; +use aptos_crypto::{ed25519, CryptoMaterialError}; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use aptos_types::{ account_address::AccountAddress, @@ -60,7 +60,7 @@ impl TwoChainTimeout { pub fn sign( &self, signer: &ValidatorSigner, - ) -> Result { + ) -> Result { signer.sign(&self.signing_format()) } @@ -234,12 +234,7 @@ impl TwoChainTimeoutWithPartialSignatures { } /// Add a new timeout message from author, the timeout should already be verified in upper layer. - pub fn add( - &mut self, - author: Author, - timeout: TwoChainTimeout, - signature: bls12381::Signature, - ) { + pub fn add(&mut self, author: Author, timeout: TwoChainTimeout, signature: ed25519::Signature) { debug_assert_eq!( self.timeout.epoch(), timeout.epoch(), @@ -281,11 +276,11 @@ impl TwoChainTimeoutWithPartialSignatures { /// timeout aggregation. #[derive(Debug, Clone, Eq, PartialEq)] pub struct PartialSignaturesWithRound { - signatures: BTreeMap, + signatures: BTreeMap, } impl PartialSignaturesWithRound { - pub fn new(signatures: BTreeMap) -> Self { + pub fn new(signatures: BTreeMap) -> Self { Self { signatures } } @@ -293,7 +288,7 @@ impl PartialSignaturesWithRound { Self::new(BTreeMap::new()) } - pub fn signatures(&self) -> &BTreeMap { + pub fn signatures(&self) -> &BTreeMap { &self.signatures } @@ -302,7 +297,7 @@ impl PartialSignaturesWithRound { &mut self, validator: AccountAddress, round: Round, - signature: bls12381::Signature, + signature: ed25519::Signature, ) { self.signatures.insert(validator, (round, signature)); } @@ -316,7 +311,7 @@ impl PartialSignaturesWithRound { &mut self, validator: AccountAddress, round: Round, - signature: bls12381::Signature, + signature: ed25519::Signature, ) { self.signatures .entry(validator) @@ -397,7 +392,7 @@ mod tests { quorum_cert::QuorumCert, timeout_2chain::{TwoChainTimeout, TwoChainTimeoutWithPartialSignatures}, }; - use aptos_crypto::bls12381; + use aptos_crypto::ed25519; #[test] fn test_2chain_timeout_certificate() { @@ -465,7 +460,7 @@ mod tests { invalid_timeout_cert.signatures.replace_signature( signers[0].author(), 0, - bls12381::Signature::dummy_signature(), + ed25519::Signature::dummy_signature(), ); let invalid_tc_with_sig = invalid_timeout_cert diff --git a/consensus/consensus-types/src/vote.rs b/consensus/consensus-types/src/vote.rs index 8d5868a06c3b16..f5f463fcc91889 100644 --- a/consensus/consensus-types/src/vote.rs +++ b/consensus/consensus-types/src/vote.rs @@ -6,7 +6,7 @@ use crate::{ common::Author, quorum_cert::QuorumCert, timeout_2chain::TwoChainTimeout, vote_data::VoteData, }; use anyhow::{ensure, Context}; -use aptos_crypto::{bls12381, hash::CryptoHash, CryptoMaterialError}; +use aptos_crypto::{ed25519, hash::CryptoHash, CryptoMaterialError}; use aptos_short_hex_str::AsShortHexStr; use aptos_types::{ ledger_info::LedgerInfo, validator_signer::ValidatorSigner, @@ -28,9 +28,9 @@ pub struct Vote { /// LedgerInfo of a block that is going to be committed in case this vote gathers QC. ledger_info: LedgerInfo, /// Signature of the LedgerInfo - signature: bls12381::Signature, + signature: ed25519::Signature, /// The 2-chain timeout and corresponding signature. - two_chain_timeout: Option<(TwoChainTimeout, bls12381::Signature)>, + two_chain_timeout: Option<(TwoChainTimeout, ed25519::Signature)>, } // this is required by structured log @@ -77,7 +77,7 @@ impl Vote { vote_data: VoteData, author: Author, ledger_info: LedgerInfo, - signature: bls12381::Signature, + signature: ed25519::Signature, ) -> Self { Self { vote_data, @@ -89,7 +89,7 @@ impl Vote { } /// Add the 2-chain timeout and signature in the vote. - pub fn add_2chain_timeout(&mut self, timeout: TwoChainTimeout, signature: bls12381::Signature) { + pub fn add_2chain_timeout(&mut self, timeout: TwoChainTimeout, signature: ed25519::Signature) { self.two_chain_timeout = Some((timeout, signature)); } @@ -108,7 +108,7 @@ impl Vote { } /// Return the signature of the vote - pub fn signature(&self) -> &bls12381::Signature { + pub fn signature(&self) -> &ed25519::Signature { &self.signature } @@ -127,7 +127,7 @@ impl Vote { } /// Return the two chain timeout vote and signature. - pub fn two_chain_timeout(&self) -> Option<&(TwoChainTimeout, bls12381::Signature)> { + pub fn two_chain_timeout(&self) -> Option<&(TwoChainTimeout, ed25519::Signature)> { self.two_chain_timeout.as_ref() } diff --git a/consensus/safety-rules/src/fuzzing_utils.rs b/consensus/safety-rules/src/fuzzing_utils.rs index c6e2b505571b8d..b3eec904e98bb9 100644 --- a/consensus/safety-rules/src/fuzzing_utils.rs +++ b/consensus/safety-rules/src/fuzzing_utils.rs @@ -16,7 +16,7 @@ use aptos_consensus_types::{ vote_proposal::VoteProposal, }; use aptos_crypto::{ - bls12381, + ed25519, hash::{HashValue, TransactionAccumulatorHasher}, test_utils::TEST_SEED, traits::{SigningKey, Uniform}, @@ -68,7 +68,7 @@ prop_compose! { ) -> Block { let signature = if include_signature { let mut rng = StdRng::from_seed(TEST_SEED); - let private_key = bls12381::PrivateKey::generate(&mut rng); + let private_key = ed25519::PrivateKey::generate(&mut rng); let signature = private_key.sign(&block_data).unwrap(); Some(signature) } else { @@ -243,7 +243,7 @@ pub mod fuzzing { block_data::BlockData, timeout_2chain::TwoChainTimeout, vote::Vote, vote_proposal::VoteProposal, }; - use aptos_crypto::bls12381; + use aptos_crypto::ed25519; use aptos_types::epoch_change::EpochChangeProof; pub fn fuzz_initialize(proof: EpochChangeProof) -> Result<(), Error> { @@ -272,14 +272,14 @@ pub mod fuzzing { } } - pub fn fuzz_sign_proposal(block_data: &BlockData) -> Result { + pub fn fuzz_sign_proposal(block_data: &BlockData) -> Result { let mut safety_rules = test_utils::test_safety_rules(); safety_rules.sign_proposal(block_data) } pub fn fuzz_sign_timeout_with_qc( timeout: TwoChainTimeout, - ) -> Result { + ) -> Result { let mut safety_rules = test_utils::test_safety_rules(); safety_rules.sign_timeout_with_qc(&timeout, None) } diff --git a/consensus/safety-rules/src/local_client.rs b/consensus/safety-rules/src/local_client.rs index 7994ef7fbe8239..3bf7687dfa0d86 100644 --- a/consensus/safety-rules/src/local_client.rs +++ b/consensus/safety-rules/src/local_client.rs @@ -9,7 +9,7 @@ use aptos_consensus_types::{ vote::Vote, vote_proposal::VoteProposal, }; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_infallible::RwLock; use aptos_types::{ epoch_change::EpochChangeProof, @@ -39,7 +39,7 @@ impl TSafetyRules for LocalClient { self.internal.write().initialize(proof) } - fn sign_proposal(&mut self, block_data: &BlockData) -> Result { + fn sign_proposal(&mut self, block_data: &BlockData) -> Result { self.internal.write().sign_proposal(block_data) } @@ -47,7 +47,7 @@ impl TSafetyRules for LocalClient { &mut self, timeout: &TwoChainTimeout, timeout_cert: Option<&TwoChainTimeoutCertificate>, - ) -> Result { + ) -> Result { self.internal .write() .sign_timeout_with_qc(timeout, timeout_cert) @@ -67,7 +67,7 @@ impl TSafetyRules for LocalClient { &mut self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result { + ) -> Result { self.internal .write() .sign_commit_vote(ledger_info, new_ledger_info) diff --git a/consensus/safety-rules/src/persistent_safety_storage.rs b/consensus/safety-rules/src/persistent_safety_storage.rs index b5823970402bf9..10ecb2725c84d4 100644 --- a/consensus/safety-rules/src/persistent_safety_storage.rs +++ b/consensus/safety-rules/src/persistent_safety_storage.rs @@ -8,7 +8,7 @@ use crate::{ Error, }; use aptos_consensus_types::{common::Author, safety_data::SafetyData}; -use aptos_crypto::{bls12381, PrivateKey}; +use aptos_crypto::{ed25519, PrivateKey}; use aptos_global_constants::{CONSENSUS_KEY, OWNER_ACCOUNT, SAFETY_DATA, WAYPOINT}; use aptos_logger::prelude::*; use aptos_secure_storage::{KVStorage, Storage}; @@ -34,7 +34,7 @@ impl PersistentSafetyStorage { pub fn initialize( mut internal_store: Storage, author: Author, - consensus_private_key: bls12381::PrivateKey, + consensus_private_key: ed25519::PrivateKey, waypoint: Waypoint, enable_cached_safety_data: bool, ) -> Self { @@ -64,7 +64,7 @@ impl PersistentSafetyStorage { fn initialize_keys_and_accounts( internal_store: &mut Storage, author: Author, - consensus_private_key: bls12381::PrivateKey, + consensus_private_key: ed25519::PrivateKey, ) -> Result<(), Error> { let result = internal_store.set(CONSENSUS_KEY, consensus_private_key); // Attempting to re-initialize existing storage. This can happen in environments like @@ -98,10 +98,10 @@ impl PersistentSafetyStorage { pub fn consensus_key_for_version( &self, - version: bls12381::PublicKey, - ) -> Result { + version: ed25519::PublicKey, + ) -> Result { let _timer = counters::start_timer("get", CONSENSUS_KEY); - let key: bls12381::PrivateKey = self.internal_store.get(CONSENSUS_KEY).map(|v| v.value)?; + let key: ed25519::PrivateKey = self.internal_store.get(CONSENSUS_KEY).map(|v| v.value)?; if key.public_key() != version { return Err(Error::SecureStorageMissingDataError(format!( "PrivateKey for {:?} not found", diff --git a/consensus/safety-rules/src/safety_rules.rs b/consensus/safety-rules/src/safety_rules.rs index 60b0b8cc27a055..78bb4c15e742cc 100644 --- a/consensus/safety-rules/src/safety_rules.rs +++ b/consensus/safety-rules/src/safety_rules.rs @@ -20,7 +20,7 @@ use aptos_consensus_types::{ vote_data::VoteData, vote_proposal::VoteProposal, }; -use aptos_crypto::{bls12381, hash::CryptoHash}; +use aptos_crypto::{ed25519, hash::CryptoHash}; use aptos_logger::prelude::*; use aptos_types::{ epoch_change::EpochChangeProof, @@ -80,7 +80,7 @@ impl SafetyRules { pub(crate) fn sign( &self, message: &T, - ) -> Result { + ) -> Result { let signer = self.signer()?; signer .sign(message) @@ -302,7 +302,7 @@ impl SafetyRules { fn guarded_sign_proposal( &mut self, block_data: &BlockData, - ) -> Result { + ) -> Result { self.signer()?; self.verify_author(block_data.author())?; @@ -329,7 +329,7 @@ impl SafetyRules { &mut self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result { + ) -> Result { self.signer()?; let old_ledger_info = ledger_info.ledger_info(); @@ -373,7 +373,7 @@ impl TSafetyRules for SafetyRules { run_and_log(cb, |log| log, LogEntry::Initialize) } - fn sign_proposal(&mut self, block_data: &BlockData) -> Result { + fn sign_proposal(&mut self, block_data: &BlockData) -> Result { let round = block_data.round(); let cb = || self.guarded_sign_proposal(block_data); run_and_log(cb, |log| log.round(round), LogEntry::SignProposal) @@ -383,7 +383,7 @@ impl TSafetyRules for SafetyRules { &mut self, timeout: &TwoChainTimeout, timeout_cert: Option<&TwoChainTimeoutCertificate>, - ) -> Result { + ) -> Result { let cb = || self.guarded_sign_timeout_with_qc(timeout, timeout_cert); run_and_log( cb, @@ -410,7 +410,7 @@ impl TSafetyRules for SafetyRules { &mut self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result { + ) -> Result { let cb = || self.guarded_sign_commit_vote(ledger_info, new_ledger_info); run_and_log(cb, |log| log, LogEntry::SignCommitVote) } diff --git a/consensus/safety-rules/src/safety_rules_2chain.rs b/consensus/safety-rules/src/safety_rules_2chain.rs index b3ac49c1fde749..53397b02e0fadd 100644 --- a/consensus/safety-rules/src/safety_rules_2chain.rs +++ b/consensus/safety-rules/src/safety_rules_2chain.rs @@ -10,7 +10,7 @@ use aptos_consensus_types::{ vote::Vote, vote_proposal::VoteProposal, }; -use aptos_crypto::{bls12381, hash::CryptoHash, HashValue}; +use aptos_crypto::{ed25519, hash::CryptoHash, HashValue}; use aptos_types::{block_info::BlockInfo, ledger_info::LedgerInfo}; /// 2-chain safety rules implementation @@ -19,7 +19,7 @@ impl SafetyRules { &mut self, timeout: &TwoChainTimeout, timeout_cert: Option<&TwoChainTimeoutCertificate>, - ) -> Result { + ) -> Result { self.signer()?; let mut safety_data = self.persistent_storage.safety_data()?; self.verify_epoch(timeout.epoch(), &safety_data)?; diff --git a/consensus/safety-rules/src/safety_rules_manager.rs b/consensus/safety-rules/src/safety_rules_manager.rs index c73664be47344a..5652f40b159e3b 100644 --- a/consensus/safety-rules/src/safety_rules_manager.rs +++ b/consensus/safety-rules/src/safety_rules_manager.rs @@ -13,7 +13,7 @@ use crate::{ }; use anyhow::anyhow; use aptos_config::config::{InitialSafetyRulesConfig, SafetyRulesConfig, SafetyRulesService}; -use aptos_crypto::bls12381::PrivateKey; +use aptos_crypto::ed25519::PrivateKey; use aptos_global_constants::CONSENSUS_KEY; use aptos_infallible::RwLock; use aptos_secure_storage::{KVStorage, Storage}; diff --git a/consensus/safety-rules/src/serializer.rs b/consensus/safety-rules/src/serializer.rs index 2cef5bce865ec1..8c877088c4db22 100644 --- a/consensus/safety-rules/src/serializer.rs +++ b/consensus/safety-rules/src/serializer.rs @@ -9,7 +9,7 @@ use aptos_consensus_types::{ vote::Vote, vote_proposal::VoteProposal, }; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_infallible::RwLock; use aptos_types::{ epoch_change::EpochChangeProof, @@ -107,7 +107,7 @@ impl TSafetyRules for SerializerClient { serde_json::from_slice(&response)? } - fn sign_proposal(&mut self, block_data: &BlockData) -> Result { + fn sign_proposal(&mut self, block_data: &BlockData) -> Result { let _timer = counters::start_timer("external", LogEntry::SignProposal.as_str()); let response = self.request(SafetyRulesInput::SignProposal(Box::new(block_data.clone())))?; @@ -118,7 +118,7 @@ impl TSafetyRules for SerializerClient { &mut self, timeout: &TwoChainTimeout, timeout_cert: Option<&TwoChainTimeoutCertificate>, - ) -> Result { + ) -> Result { let _timer = counters::start_timer("external", LogEntry::SignTimeoutWithQC.as_str()); let response = self.request(SafetyRulesInput::SignTimeoutWithQC( Box::new(timeout.clone()), @@ -145,7 +145,7 @@ impl TSafetyRules for SerializerClient { &mut self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result { + ) -> Result { let _timer = counters::start_timer("external", LogEntry::SignCommitVote.as_str()); let response = self.request(SafetyRulesInput::SignCommitVote( Box::new(ledger_info), diff --git a/consensus/safety-rules/src/t_safety_rules.rs b/consensus/safety-rules/src/t_safety_rules.rs index 33cc1d59b204cc..56691920c52bdb 100644 --- a/consensus/safety-rules/src/t_safety_rules.rs +++ b/consensus/safety-rules/src/t_safety_rules.rs @@ -9,7 +9,7 @@ use aptos_consensus_types::{ vote::Vote, vote_proposal::VoteProposal, }; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_types::{ epoch_change::EpochChangeProof, ledger_info::{LedgerInfo, LedgerInfoWithSignatures}, @@ -29,14 +29,14 @@ pub trait TSafetyRules { /// As the holder of the private key, SafetyRules also signs proposals or blocks. /// A Block is a signed BlockData along with some additional metadata. - fn sign_proposal(&mut self, block_data: &BlockData) -> Result; + fn sign_proposal(&mut self, block_data: &BlockData) -> Result; /// Sign the timeout together with highest qc for 2-chain protocol. fn sign_timeout_with_qc( &mut self, timeout: &TwoChainTimeout, timeout_cert: Option<&TwoChainTimeoutCertificate>, - ) -> Result; + ) -> Result; /// Attempts to vote for a given proposal following the 2-chain protocol. fn construct_and_sign_vote_two_chain( @@ -51,5 +51,5 @@ pub trait TSafetyRules { &mut self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result; + ) -> Result; } diff --git a/consensus/src/consensusdb/consensusdb_test.rs b/consensus/src/consensusdb/consensusdb_test.rs index ee29113093421f..94bebba0ba6735 100644 --- a/consensus/src/consensusdb/consensusdb_test.rs +++ b/consensus/src/consensusdb/consensusdb_test.rs @@ -8,7 +8,7 @@ use aptos_consensus_types::{ block::block_test_utils::certificate_for_genesis, common::{Author, Payload}, }; -use aptos_crypto::bls12381::Signature; +use aptos_crypto::ed25519::Signature; use aptos_temppath::TempPath; use aptos_types::aggregate_signature::AggregateSignature; use std::{collections::HashMap, hash::Hash}; diff --git a/consensus/src/dag/commit_signer.rs b/consensus/src/dag/commit_signer.rs index 6aa06d19d7ae34..e80e382ffec59a 100644 --- a/consensus/src/dag/commit_signer.rs +++ b/consensus/src/dag/commit_signer.rs @@ -1,7 +1,7 @@ // Copyright © Aptos Foundation use crate::pipeline::signing_phase::CommitSignerProvider; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_types::validator_signer::ValidatorSigner; use std::sync::Arc; @@ -20,7 +20,7 @@ impl CommitSignerProvider for DagCommitSigner { &self, _ledger_info: aptos_types::ledger_info::LedgerInfoWithSignatures, new_ledger_info: aptos_types::ledger_info::LedgerInfo, - ) -> Result { + ) -> Result { let signature = self .signer .sign(&new_ledger_info) diff --git a/consensus/src/dag/types.rs b/consensus/src/dag/types.rs index 9963bdb89df238..11339884d2389d 100644 --- a/consensus/src/dag/types.rs +++ b/consensus/src/dag/types.rs @@ -13,7 +13,7 @@ use crate::{ use anyhow::{bail, ensure}; use aptos_consensus_types::common::{Author, Payload, Round}; use aptos_crypto::{ - bls12381::Signature, + ed25519::Signature, hash::{CryptoHash, CryptoHasher}, CryptoMaterialError, HashValue, }; diff --git a/consensus/src/liveness/leader_reputation_test.rs b/consensus/src/liveness/leader_reputation_test.rs index 89739eb208fa54..4fbaf5a56ace43 100644 --- a/consensus/src/liveness/leader_reputation_test.rs +++ b/consensus/src/liveness/leader_reputation_test.rs @@ -13,7 +13,7 @@ use crate::liveness::{ }; use aptos_bitvec::BitVec; use aptos_consensus_types::common::{Author, Round}; -use aptos_crypto::{bls12381, HashValue}; +use aptos_crypto::{ed25519, HashValue}; use aptos_infallible::Mutex; use aptos_keygen::KeyGen; use aptos_storage_interface::DbReader; @@ -646,7 +646,7 @@ fn test_extract_epoch_to_proposers_impl() { fn create_epoch_state( epoch: u64, authors: &[Author], - public_key: &bls12381::PublicKey, + public_key: &ed25519::PublicKey, ) -> EpochState { EpochState { epoch, @@ -659,8 +659,8 @@ fn test_extract_epoch_to_proposers_impl() { } } - let private_key = KeyGen::from_os_rng().generate_bls12381_private_key(); - let public_key = bls12381::PublicKey::from(&private_key); + let private_key = KeyGen::from_os_rng().generate_ed25519_private_key(); + let public_key = ed25519::PublicKey::from(&private_key); let authors: Vec = (0..7).map(|_| AccountAddress::random()).sorted().collect(); let epoch_states = (0..7) diff --git a/consensus/src/metrics_safety_rules.rs b/consensus/src/metrics_safety_rules.rs index d49d2dbf12465f..7a0f54b90e5408 100644 --- a/consensus/src/metrics_safety_rules.rs +++ b/consensus/src/metrics_safety_rules.rs @@ -12,7 +12,7 @@ use aptos_consensus_types::{ vote::Vote, vote_proposal::VoteProposal, }; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_infallible::Mutex; use aptos_logger::prelude::info; use aptos_safety_rules::{ConsensusState, Error, TSafetyRules}; @@ -93,7 +93,7 @@ impl TSafetyRules for MetricsSafetyRules { monitor!("safety_rules", self.inner.initialize(proof)) } - fn sign_proposal(&mut self, block_data: &BlockData) -> Result { + fn sign_proposal(&mut self, block_data: &BlockData) -> Result { self.retry(|inner| monitor!("safety_rules", inner.sign_proposal(block_data))) } @@ -101,7 +101,7 @@ impl TSafetyRules for MetricsSafetyRules { &mut self, timeout: &TwoChainTimeout, timeout_cert: Option<&TwoChainTimeoutCertificate>, - ) -> Result { + ) -> Result { self.retry(|inner| { monitor!( "safety_rules", @@ -127,7 +127,7 @@ impl TSafetyRules for MetricsSafetyRules { &mut self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result { + ) -> Result { self.retry(|inner| { monitor!( "safety_rules", @@ -142,7 +142,7 @@ impl CommitSignerProvider for Mutex { &self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result { + ) -> Result { self.lock().sign_commit_vote(ledger_info, new_ledger_info) } } @@ -156,7 +156,7 @@ mod tests { vote::Vote, vote_proposal::VoteProposal, }; - use aptos_crypto::bls12381; + use aptos_crypto::ed25519; use aptos_safety_rules::{ConsensusState, Error, TSafetyRules}; use aptos_types::{ epoch_change::EpochChangeProof, @@ -207,7 +207,7 @@ mod tests { self.last_init_result.clone() } - fn sign_proposal(&mut self, _: &BlockData) -> Result { + fn sign_proposal(&mut self, _: &BlockData) -> Result { unimplemented!() } @@ -215,7 +215,7 @@ mod tests { &mut self, _: &TwoChainTimeout, _: Option<&TwoChainTimeoutCertificate>, - ) -> Result { + ) -> Result { unimplemented!() } @@ -231,7 +231,7 @@ mod tests { &mut self, _: LedgerInfoWithSignatures, _: LedgerInfo, - ) -> Result { + ) -> Result { unimplemented!() } } diff --git a/consensus/src/pipeline/buffer_item.rs b/consensus/src/pipeline/buffer_item.rs index d92d62eb71f99d..8f78c5bbf28336 100644 --- a/consensus/src/pipeline/buffer_item.rs +++ b/consensus/src/pipeline/buffer_item.rs @@ -7,7 +7,7 @@ use anyhow::anyhow; use aptos_consensus_types::{ common::Author, executed_block::ExecutedBlock, pipeline::commit_vote::CommitVote, }; -use aptos_crypto::{bls12381, HashValue}; +use aptos_crypto::{ed25519, HashValue}; use aptos_executor_types::ExecutorResult; use aptos_logger::prelude::*; use aptos_reliable_broadcast::DropGuard; @@ -228,7 +228,7 @@ impl BufferItem { } } - pub fn advance_to_signed(self, author: Author, signature: bls12381::Signature) -> Self { + pub fn advance_to_signed(self, author: Author, signature: ed25519::Signature) -> Self { match self { Self::Executed(executed_item) => { let ExecutedItem { diff --git a/consensus/src/pipeline/signing_phase.rs b/consensus/src/pipeline/signing_phase.rs index 8482b2c37fa720..58d084bad0dd94 100644 --- a/consensus/src/pipeline/signing_phase.rs +++ b/consensus/src/pipeline/signing_phase.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 use crate::pipeline::pipeline_phase::StatelessPipeline; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_safety_rules::Error; use aptos_types::ledger_info::{LedgerInfo, LedgerInfoWithSignatures}; use async_trait::async_trait; @@ -43,11 +43,11 @@ pub trait CommitSignerProvider: Send + Sync { &self, ledger_info: LedgerInfoWithSignatures, new_ledger_info: LedgerInfo, - ) -> Result; + ) -> Result; } pub struct SigningResponse { - pub signature_result: Result, + pub signature_result: Result, pub commit_ledger_info: LedgerInfo, } diff --git a/consensus/src/quorum_store/proof_coordinator.rs b/consensus/src/quorum_store/proof_coordinator.rs index d0eab1129d3c6b..b0dad18db8176c 100644 --- a/consensus/src/quorum_store/proof_coordinator.rs +++ b/consensus/src/quorum_store/proof_coordinator.rs @@ -12,7 +12,7 @@ use crate::{ use aptos_consensus_types::proof_of_store::{ BatchInfo, ProofOfStore, SignedBatchInfo, SignedBatchInfoError, SignedBatchInfoMsg, }; -use aptos_crypto::{bls12381, HashValue}; +use aptos_crypto::{ed25519, HashValue}; use aptos_logger::prelude::*; use aptos_types::{ aggregate_signature::PartialSignatures, validator_verifier::ValidatorVerifier, PeerId, @@ -36,7 +36,7 @@ pub(crate) enum ProofCoordinatorCommand { struct IncrementalProofState { info: BatchInfo, - aggregated_signature: BTreeMap, + aggregated_signature: BTreeMap, aggregated_voting_power: u128, self_voted: bool, completed: bool, diff --git a/consensus/src/rand/rand_gen/types.rs b/consensus/src/rand/rand_gen/types.rs index f3d4009ce66f37..aafe6d97b1695a 100644 --- a/consensus/src/rand/rand_gen/types.rs +++ b/consensus/src/rand/rand_gen/types.rs @@ -3,7 +3,7 @@ use anyhow::ensure; use aptos_consensus_types::common::{Author, Round}; -use aptos_crypto::bls12381::Signature; +use aptos_crypto::ed25519::Signature; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use aptos_types::{ aggregate_signature::AggregateSignature, diff --git a/crates/aptos-crypto/benches/hash.rs b/crates/aptos-crypto/benches/hash.rs index e72ce1dd2716b3..c4d5b429cbe572 100644 --- a/crates/aptos-crypto/benches/hash.rs +++ b/crates/aptos-crypto/benches/hash.rs @@ -4,7 +4,7 @@ #[macro_use] extern crate criterion; -use aptos_crypto::{bls12381::DST_BLS_SIG_IN_G2_WITH_POP, test_utils::random_bytes}; +use aptos_crypto::test_utils::random_bytes; use blake2::{ digest::{Update, VariableOutput}, Blake2bVar, @@ -41,8 +41,6 @@ fn bench_group(c: &mut Criterion) { sha2_256(&mut group, n); sha2_512(&mut group, n); sha3_256(&mut group, n); - hash_to_g1(&mut group, n, DST_BLS_SIG_IN_G2_WITH_POP); - hash_to_g2(&mut group, n, DST_BLS_SIG_IN_G2_WITH_POP); keccak256(&mut group, n); blake2_blake2b_256(&mut group, n); blake2_rfc_blake2b_256(&mut group, n); diff --git a/crates/aptos-crypto/src/ed25519/ed25519_keys.rs b/crates/aptos-crypto/src/ed25519/ed25519_keys.rs index fc32132590f7e6..8b5f4c1c1818a7 100644 --- a/crates/aptos-crypto/src/ed25519/ed25519_keys.rs +++ b/crates/aptos-crypto/src/ed25519/ed25519_keys.rs @@ -125,6 +125,11 @@ impl Ed25519PublicKey { .ok_or(CryptoMaterialError::DeserializationError)?; Ed25519PublicKey::try_from(&ed_point.compress().as_bytes()[..]) } + + /// TODO + pub fn aggregate(_pub_keys: Vec<&Ed25519PublicKey>) -> anyhow::Result { + todo!() + } } /////////////////////// diff --git a/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs b/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs index 4c1d9438c83a09..fe563594daa586 100644 --- a/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs +++ b/crates/aptos-crypto/src/ed25519/ed25519_sigs.rs @@ -83,6 +83,20 @@ impl Ed25519Signature { // As this stage S == L which implies a non canonical S. false } + + /// TODO + pub fn aggregate(_sigs: Vec) -> anyhow::Result { + todo!() + } + + /// TODO + pub fn verify_aggregate( + &self, + _messages: &[&T], + _x: &[&Ed25519PublicKey], + ) -> anyhow::Result<()> { + todo!() + } } ////////////////////// diff --git a/crates/aptos-dkg/src/pvss/contribution.rs b/crates/aptos-dkg/src/pvss/contribution.rs index 66db50110c7e7e..6f003b182b3736 100644 --- a/crates/aptos-dkg/src/pvss/contribution.rs +++ b/crates/aptos-dkg/src/pvss/contribution.rs @@ -5,7 +5,7 @@ use crate::{ utils::HasMultiExp, }; use anyhow::bail; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use blstrs::Scalar; use group::Group; @@ -22,13 +22,13 @@ pub struct Contribution { pub aux: A, } -pub type SoK = (Player, Gr, bls12381::Signature, schnorr::PoK); +pub type SoK = (Player, Gr, ed25519::Signature, schnorr::PoK); pub fn batch_verify_soks( soks: &[SoK], pk_base: &Gr, pk: &Gr, - spks: &Vec, + spks: &Vec, aux: &Vec, tau: &Scalar, ) -> anyhow::Result<()> @@ -91,11 +91,11 @@ where let pks = spks .iter() .map(|pk| pk) - .collect::>(); - let sig = bls12381::Signature::aggregate( + .collect::>(); + let sig = ed25519::Signature::aggregate( soks.iter() .map(|(_, _, sig, _)| sig.clone()) - .collect::>(), + .collect::>(), )?; sig.verify_aggregate(&msgs_refs[..], &pks[..])?; diff --git a/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs b/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs index e83435a41e452e..4359a1f33aab4d 100644 --- a/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs +++ b/crates/aptos-dkg/src/pvss/das/unweighted_protocol.rs @@ -18,7 +18,7 @@ use crate::{ }, }; use anyhow::bail; -use aptos_crypto::{bls12381, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial}; +use aptos_crypto::{ed25519, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial}; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use blstrs::{G1Projective, G2Projective, Gt}; use group::Group; @@ -78,8 +78,8 @@ impl traits::Transcript for Transcript { type InputSecret = pvss::input_secret::InputSecret; type PublicParameters = das::PublicParameters; type SecretSharingConfig = ThresholdConfig; - type SigningPubKey = bls12381::PublicKey; - type SigningSecretKey = bls12381::PrivateKey; + type SigningPubKey = ed25519::PublicKey; + type SigningSecretKey = ed25519::PrivateKey; fn scheme_name() -> String { DAS_SK_IN_G1.to_string() @@ -282,7 +282,7 @@ impl traits::Transcript for Transcript { where R: rand_core::RngCore + rand_core::CryptoRng, { - let sk = bls12381::PrivateKey::genesis(); + let sk = ed25519::PrivateKey::genesis(); Transcript { soks: vec![( sc.get_player(0), @@ -320,11 +320,11 @@ impl MalleableTranscript for Transcript { impl Transcript { pub fn sign_contribution( - sk: &bls12381::PrivateKey, + sk: &ed25519::PrivateKey, player: &Player, aux: &A, comm: &G2Projective, - ) -> bls12381::Signature { + ) -> ed25519::Signature { sk.sign(&Contribution:: { comm: *comm, player: *player, diff --git a/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs b/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs index aa52b91584f171..95f3c19b7e5f9f 100644 --- a/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs +++ b/crates/aptos-dkg/src/pvss/das/weighted_protocol.rs @@ -19,7 +19,7 @@ use crate::{ }, }; use anyhow::bail; -use aptos_crypto::{bls12381, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial}; +use aptos_crypto::{ed25519, CryptoMaterialError, Genesis, SigningKey, ValidCryptoMaterial}; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use blstrs::{pairing, G1Affine, G1Projective, G2Affine, G2Projective, Gt}; use group::{Curve, Group}; @@ -92,8 +92,8 @@ impl traits::Transcript for Transcript { type InputSecret = pvss::input_secret::InputSecret; type PublicParameters = das::PublicParameters; type SecretSharingConfig = WeightedConfig; - type SigningPubKey = bls12381::PublicKey; - type SigningSecretKey = bls12381::PrivateKey; + type SigningPubKey = ed25519::PublicKey; + type SigningSecretKey = ed25519::PrivateKey; fn scheme_name() -> String { WEIGHTED_DAS_SK_IN_G1.to_string() @@ -365,7 +365,7 @@ impl traits::Transcript for Transcript { R: rand_core::RngCore + rand_core::CryptoRng, { let W = sc.get_total_weight(); - let sk = bls12381::PrivateKey::genesis(); + let sk = ed25519::PrivateKey::genesis(); Transcript { soks: vec![( sc.get_player(0), @@ -513,11 +513,11 @@ impl MalleableTranscript for Transcript { impl Transcript { pub fn sign_contribution( - sk: &bls12381::PrivateKey, + sk: &ed25519::PrivateKey, player: &Player, aux: &A, comm: &G1Projective, - ) -> bls12381::Signature { + ) -> ed25519::Signature { sk.sign(&Contribution:: { comm: *comm, player: *player, diff --git a/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs b/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs index 28da3261b2da22..b241f5ac43098e 100644 --- a/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs +++ b/crates/aptos-dkg/src/pvss/insecure_field/transcript.rs @@ -14,7 +14,7 @@ use crate::{ }, }; use anyhow::bail; -use aptos_crypto::{bls12381, CryptoMaterialError, ValidCryptoMaterial}; +use aptos_crypto::{ed25519, CryptoMaterialError, ValidCryptoMaterial}; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use blstrs::{G2Projective, Scalar}; use rand::thread_rng; @@ -61,8 +61,8 @@ impl traits::Transcript for Transcript { type InputSecret = pvss::input_secret::InputSecret; type PublicParameters = das::PublicParameters; type SecretSharingConfig = ThresholdConfig; - type SigningPubKey = bls12381::PublicKey; - type SigningSecretKey = bls12381::PrivateKey; + type SigningPubKey = ed25519::PublicKey; + type SigningSecretKey = ed25519::PrivateKey; fn scheme_name() -> String { "insecure_field_pvss".to_string() diff --git a/crates/aptos-genesis/src/builder.rs b/crates/aptos-genesis/src/builder.rs index 2f9992df2358a6..88003866eb8700 100644 --- a/crates/aptos-genesis/src/builder.rs +++ b/crates/aptos-genesis/src/builder.rs @@ -18,7 +18,6 @@ use aptos_config::{ network_id::NetworkId, }; use aptos_crypto::{ - bls12381, ed25519::{Ed25519PrivateKey, Ed25519PublicKey}, PrivateKey, }; @@ -212,9 +211,6 @@ impl TryFrom<&ValidatorNodeConfig> for ValidatorConfiguration { voter_account_address: private_identity.account_address.into(), voter_account_public_key: private_identity.account_private_key.public_key(), consensus_public_key: Some(private_identity.consensus_private_key.public_key()), - proof_of_possession: Some(bls12381::ProofOfPossession::create( - &private_identity.consensus_private_key, - )), validator_network_public_key: Some( private_identity.validator_network_private_key.public_key(), ), diff --git a/crates/aptos-genesis/src/config.rs b/crates/aptos-genesis/src/config.rs index 28fdc92e85957a..37b49c5bb9c2cb 100644 --- a/crates/aptos-genesis/src/config.rs +++ b/crates/aptos-genesis/src/config.rs @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 use aptos_config::config::HANDSHAKE_VERSION; -use aptos_crypto::{bls12381, ed25519::Ed25519PublicKey, x25519}; +use aptos_crypto::{ed25519, ed25519::Ed25519PublicKey, x25519}; use aptos_types::{ account_address::{AccountAddress, AccountAddressWithChecks}, chain_id::ChainId, @@ -130,10 +130,7 @@ pub struct ValidatorConfiguration { pub voter_account_public_key: Ed25519PublicKey, /// Key used for signing in consensus #[serde(skip_serializing_if = "Option::is_none")] - pub consensus_public_key: Option, - /// Corresponding proof of possession of consensus public key - #[serde(skip_serializing_if = "Option::is_none")] - pub proof_of_possession: Option, + pub consensus_public_key: Option, /// Public key used for validator network identity (same as account address) #[serde(skip_serializing_if = "Option::is_none")] pub validator_network_public_key: Option, @@ -237,18 +234,12 @@ impl TryFrom for Validator { } else { vec![] }; - let proof_of_possession = if let Some(pop) = config.proof_of_possession { - pop.to_bytes().to_vec() - } else { - vec![] - }; Ok(Validator { owner_address, operator_address, voter_address, consensus_pubkey, - proof_of_possession, network_addresses: bcs::to_bytes(&validator_addresses).unwrap(), full_node_network_addresses: bcs::to_bytes(&full_node_addresses).unwrap(), stake_amount: config.stake_amount, @@ -345,8 +336,7 @@ pub struct OwnerConfiguration { pub struct OperatorConfiguration { pub operator_account_address: AccountAddressWithChecks, pub operator_account_public_key: Ed25519PublicKey, - pub consensus_public_key: bls12381::PublicKey, - pub consensus_proof_of_possession: bls12381::ProofOfPossession, + pub consensus_public_key: ed25519::PublicKey, pub validator_network_public_key: x25519::PublicKey, pub validator_host: HostAndPort, pub full_node_network_public_key: Option, @@ -585,9 +575,6 @@ impl TryFrom for Vec { if pool.validator.consensus_public_key.is_none() { errors.push(anyhow::anyhow!("Employee pool #{} is setup to join during genesis but missing a consensus public key", i)); } - if pool.validator.proof_of_possession.is_none() { - errors.push(anyhow::anyhow!("Employee pool #{} is setup to join during genesis but missing a proof of possession", i)); - } if pool.validator.validator_host.is_none() { errors.push(anyhow::anyhow!( "Employee pool #{} is setup to join during genesis but missing a validator host", diff --git a/crates/aptos-genesis/src/keys.rs b/crates/aptos-genesis/src/keys.rs index 26df4ffd425e2a..194a429ddbb6b7 100644 --- a/crates/aptos-genesis/src/keys.rs +++ b/crates/aptos-genesis/src/keys.rs @@ -3,7 +3,7 @@ use aptos_config::{config::IdentityBlob, keys::ConfigKey}; use aptos_crypto::{ - bls12381, + ed25519, ed25519::{Ed25519PrivateKey, Ed25519PublicKey}, x25519, PrivateKey, }; @@ -16,7 +16,7 @@ use serde::{Deserialize, Serialize}; pub struct PrivateIdentity { pub account_address: AccountAddress, pub account_private_key: Ed25519PrivateKey, - pub consensus_private_key: bls12381::PrivateKey, + pub consensus_private_key: ed25519::PrivateKey, pub full_node_network_private_key: x25519::PrivateKey, pub validator_network_private_key: x25519::PrivateKey, } @@ -26,8 +26,7 @@ pub struct PrivateIdentity { pub struct PublicIdentity { pub account_address: AccountAddress, pub account_public_key: Ed25519PublicKey, - pub consensus_public_key: Option, - pub consensus_proof_of_possession: Option, + pub consensus_public_key: Option, pub full_node_network_public_key: Option, pub validator_network_public_key: Option, } @@ -37,7 +36,7 @@ pub fn generate_key_objects( keygen: &mut KeyGen, ) -> anyhow::Result<(IdentityBlob, IdentityBlob, PrivateIdentity, PublicIdentity)> { let account_key = ConfigKey::new(keygen.generate_ed25519_private_key()); - let consensus_key = ConfigKey::new(keygen.generate_bls12381_private_key()); + let consensus_key = ConfigKey::new(keygen.generate_ed25519_private_key()); let validator_network_key = ConfigKey::new(keygen.generate_x25519_private_key()?); let full_node_network_key = ConfigKey::new(keygen.generate_x25519_private_key()?); @@ -69,9 +68,6 @@ pub fn generate_key_objects( account_address, account_public_key: account_key.public_key(), consensus_public_key: Some(private_identity.consensus_private_key.public_key()), - consensus_proof_of_possession: Some(bls12381::ProofOfPossession::create( - &private_identity.consensus_private_key, - )), full_node_network_public_key: Some(full_node_network_key.public_key()), validator_network_public_key: Some(validator_network_key.public_key()), }; diff --git a/crates/aptos-jwk-consensus/src/epoch_manager.rs b/crates/aptos-jwk-consensus/src/epoch_manager.rs index d07ad2fd6b3e09..33d62221ae71c3 100644 --- a/crates/aptos-jwk-consensus/src/epoch_manager.rs +++ b/crates/aptos-jwk-consensus/src/epoch_manager.rs @@ -11,7 +11,7 @@ use anyhow::Result; use aptos_bounded_executor::BoundedExecutor; use aptos_channels::{aptos_channel, message_queues::QueueStyle}; use aptos_consensus_types::common::Author; -use aptos_crypto::bls12381::PrivateKey; +use aptos_crypto::ed25519::PrivateKey; use aptos_event_notifications::{ EventNotification, EventNotificationListener, ReconfigNotification, ReconfigNotificationListener, diff --git a/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs b/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs index 746508ce59a330..ac9856d35268bf 100644 --- a/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs +++ b/crates/aptos-jwk-consensus/src/jwk_manager/mod.rs @@ -8,7 +8,7 @@ use crate::{ }; use anyhow::{anyhow, bail, Result}; use aptos_channels::{aptos_channel, message_queues::QueueStyle}; -use aptos_crypto::{bls12381::PrivateKey, SigningKey}; +use aptos_crypto::{ed25519::PrivateKey, SigningKey}; use aptos_logger::{debug, error, info}; use aptos_types::{ account_address::AccountAddress, diff --git a/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs b/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs index d113a71622b66d..319f2ef75c7645 100644 --- a/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs +++ b/crates/aptos-jwk-consensus/src/jwk_manager/tests.rs @@ -9,7 +9,7 @@ use crate::{ use aptos_bitvec::BitVec; use aptos_channels::aptos_channel; use aptos_crypto::{ - bls12381::{PrivateKey, PublicKey, Signature}, + ed25519::{PrivateKey, PublicKey, Signature}, hash::CryptoHash, SigningKey, Uniform, }; diff --git a/crates/aptos-jwk-consensus/src/lib.rs b/crates/aptos-jwk-consensus/src/lib.rs index 2d23907e396dd6..f88e5a0b2f33a1 100644 --- a/crates/aptos-jwk-consensus/src/lib.rs +++ b/crates/aptos-jwk-consensus/src/lib.rs @@ -4,7 +4,7 @@ use crate::{ epoch_manager::EpochManager, network::NetworkTask, network_interface::JWKConsensusNetworkClient, types::JWKConsensusMsg, }; -use aptos_crypto::bls12381::PrivateKey; +use aptos_crypto::ed25519::PrivateKey; use aptos_event_notifications::{ DbBackedOnChainConfig, EventNotificationListener, ReconfigNotificationListener, }; diff --git a/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs b/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs index 07878fbc3a6547..5fc4d48b6b803b 100644 --- a/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs +++ b/crates/aptos-jwk-consensus/src/observation_aggregation/tests.rs @@ -4,7 +4,7 @@ use crate::{ observation_aggregation::ObservationAggregationState, types::{ObservedUpdate, ObservedUpdateResponse}, }; -use aptos_crypto::{bls12381, SigningKey, Uniform}; +use aptos_crypto::{ed25519, SigningKey, Uniform}; use aptos_reliable_broadcast::BroadcastStatus; use aptos_types::{ epoch_state::EpochState, @@ -25,11 +25,11 @@ fn test_observation_aggregation_state() { let addrs: Vec = (0..num_validators) .map(|_| AccountAddress::random()) .collect(); - let private_keys: Vec = (0..num_validators) - .map(|_| bls12381::PrivateKey::generate_for_testing()) + let private_keys: Vec = (0..num_validators) + .map(|_| ed25519::PrivateKey::generate_for_testing()) .collect(); - let public_keys: Vec = (0..num_validators) - .map(|i| bls12381::PublicKey::from(&private_keys[i])) + let public_keys: Vec = (0..num_validators) + .map(|i| ed25519::PublicKey::from(&private_keys[i])) .collect(); let voting_powers = [1, 1, 1, 6, 6]; // total voting power: 15, default threshold: 11 let validator_infos: Vec = (0..num_validators) diff --git a/crates/aptos-jwk-consensus/src/types.rs b/crates/aptos-jwk-consensus/src/types.rs index 31223ec4c746fd..74f4901875598f 100644 --- a/crates/aptos-jwk-consensus/src/types.rs +++ b/crates/aptos-jwk-consensus/src/types.rs @@ -1,6 +1,6 @@ // Copyright © Aptos Foundation -use aptos_crypto::bls12381::Signature; +use aptos_crypto::ed25519::Signature; use aptos_enum_conversion_derive::EnumConversion; use aptos_reliable_broadcast::RBMessage; use aptos_types::{ diff --git a/crates/aptos-keygen/src/lib.rs b/crates/aptos-keygen/src/lib.rs index d176b461c62e4f..4ad921f44e51d6 100644 --- a/crates/aptos-keygen/src/lib.rs +++ b/crates/aptos-keygen/src/lib.rs @@ -2,7 +2,6 @@ // SPDX-License-Identifier: Apache-2.0 use aptos_crypto::{ - bls12381, ed25519::{Ed25519PrivateKey, Ed25519PublicKey}, x25519, CryptoMaterialError, PrivateKey, Uniform, }; @@ -35,11 +34,6 @@ impl KeyGen { Ed25519PrivateKey::generate(&mut self.0) } - /// Generate a bls12381 private key. - pub fn generate_bls12381_private_key(&mut self) -> bls12381::PrivateKey { - bls12381::PrivateKey::generate(&mut self.0) - } - /// Generate an Ed25519 key pair. pub fn generate_ed25519_keypair(&mut self) -> (Ed25519PrivateKey, Ed25519PublicKey) { let private_key = self.generate_ed25519_private_key(); diff --git a/crates/aptos-telemetry-service/src/validator_cache.rs b/crates/aptos-telemetry-service/src/validator_cache.rs index 554e533d3b2d8c..53afae31d1a384 100644 --- a/crates/aptos-telemetry-service/src/validator_cache.rs +++ b/crates/aptos-telemetry-service/src/validator_cache.rs @@ -178,7 +178,7 @@ impl PeerSetCacheUpdater { mod tests { use super::PeerSetCacheUpdater; use aptos_crypto::{ - bls12381::{PrivateKey, PublicKey}, + ed25519::{PrivateKey, PublicKey}, test_utils::KeyPair, Uniform, }; diff --git a/crates/aptos/src/genesis/keys.rs b/crates/aptos/src/genesis/keys.rs index d4b619f6d04e5c..5bb0ebae7272a3 100644 --- a/crates/aptos/src/genesis/keys.rs +++ b/crates/aptos/src/genesis/keys.rs @@ -209,17 +209,6 @@ impl CliCommand<()> for SetValidatorConfiguration { ))); }; - let consensus_proof_of_possession = if let Some(consensus_proof_of_possession) = - operator_identity.consensus_proof_of_possession - { - consensus_proof_of_possession - } else { - return Err(CliError::CommandArgumentError(format!( - "Failed to read consensus proof of possession from public identity file {}", - operator_keys_file.display() - ))); - }; - // Only add the public key if there is a full node let full_node_network_public_key = if self.full_node_host.is_some() { operator_identity.full_node_network_public_key @@ -232,7 +221,6 @@ impl CliCommand<()> for SetValidatorConfiguration { operator_account_address: operator_identity.account_address.into(), operator_account_public_key: operator_identity.account_public_key.clone(), consensus_public_key, - consensus_proof_of_possession, validator_network_public_key, validator_host: self.validator_host, full_node_network_public_key, diff --git a/crates/aptos/src/genesis/mod.rs b/crates/aptos/src/genesis/mod.rs index 9c9155645175b1..0c19a7d43756c4 100644 --- a/crates/aptos/src/genesis/mod.rs +++ b/crates/aptos/src/genesis/mod.rs @@ -19,7 +19,7 @@ use crate::{ CliCommand, CliResult, }; use aptos_crypto::{ - bls12381, ed25519::ED25519_PUBLIC_KEY_LENGTH, x25519, ValidCryptoMaterial, + ed25519, ed25519::ED25519_PUBLIC_KEY_LENGTH, x25519, ValidCryptoMaterial, ValidCryptoMaterialStringExt, }; use aptos_genesis::{ @@ -198,7 +198,6 @@ pub fn fetch_mainnet_genesis_info(git_options: GitOptions) -> CliTypedResult CliTypedResult CliTypedResult, unique_accounts: &mut BTreeSet, unique_network_keys: &mut HashSet, - unique_consensus_keys: &mut HashSet, - unique_consensus_pops: &mut HashSet, + unique_consensus_keys: &mut HashSet, unique_hosts: &mut HashSet, seen_owners: &mut BTreeMap, is_pooled_validator: bool, @@ -747,22 +735,6 @@ fn validate_validators( ))); } - if validator.proof_of_possession.is_none() { - errors.push(CliError::UnexpectedError(format!( - "Validator {} does not have a consensus proof of possession, though it's joining during genesis", - name - ))); - } - if !unique_consensus_pops - .insert(validator.proof_of_possession.as_ref().unwrap().clone()) - { - errors.push(CliError::UnexpectedError(format!( - "Validator {} has a repeated a consensus proof of possessions {}", - name, - validator.proof_of_possession.as_ref().unwrap() - ))); - } - match ( validator.full_node_host.as_ref(), validator.full_node_network_public_key.as_ref(), @@ -832,12 +804,6 @@ fn validate_validators( name ))); } - if validator.proof_of_possession.is_some() { - errors.push(CliError::UnexpectedError(format!( - "Validator {} has a consensus proof of possession, but it is *NOT* joining during genesis", - name - ))); - } if validator.full_node_network_public_key.is_some() { errors.push(CliError::UnexpectedError(format!( "Validator {} has a full node public key, but it is *NOT* joining during genesis", diff --git a/crates/aptos/src/genesis/tests.rs b/crates/aptos/src/genesis/tests.rs index bb270e6ef85274..e67c37cccf5acc 100644 --- a/crates/aptos/src/genesis/tests.rs +++ b/crates/aptos/src/genesis/tests.rs @@ -382,7 +382,6 @@ async fn create_employee_vesting_accounts_file( voter_account_address: admin_identity.account_address.into(), voter_account_public_key: admin_identity.account_public_key, consensus_public_key: operator_identity.consensus_public_key, - proof_of_possession: operator_identity.consensus_proof_of_possession, validator_network_public_key: operator_identity.validator_network_public_key, validator_host: Some(HostAndPort::from_str("localhost:8080").unwrap()), full_node_network_public_key: operator_identity.full_node_network_public_key, @@ -400,7 +399,6 @@ async fn create_employee_vesting_accounts_file( voter_account_address: admin_identity.account_address.into(), voter_account_public_key: admin_identity.account_public_key, consensus_public_key: None, - proof_of_possession: None, validator_network_public_key: None, validator_host: None, full_node_network_public_key: None, diff --git a/crates/aptos/src/node/mod.rs b/crates/aptos/src/node/mod.rs index 83d32e501d0102..a5511e088c9e8a 100644 --- a/crates/aptos/src/node/mod.rs +++ b/crates/aptos/src/node/mod.rs @@ -25,7 +25,7 @@ use aptos_backup_cli::{ utils::GlobalRestoreOpt, }; use aptos_cached_packages::aptos_stdlib; -use aptos_crypto::{bls12381, bls12381::PublicKey, x25519, ValidCryptoMaterialStringExt}; +use aptos_crypto::{ed25519, ed25519::PublicKey, x25519, ValidCryptoMaterialStringExt}; use aptos_genesis::config::{HostAndPort, OperatorConfiguration}; use aptos_logger::Level; use aptos_network_checker::args::{ @@ -135,22 +135,16 @@ impl OperatorConfigFileArgs { pub struct ValidatorConsensusKeyArgs { /// Hex encoded Consensus public key /// - /// The key should be a BLS12-381 public key - #[clap(long, value_parser = bls12381::PublicKey::from_encoded_string)] - pub(crate) consensus_public_key: Option, - - /// Hex encoded Consensus proof of possession - /// - /// The key should be a BLS12-381 proof of possession - #[clap(long, value_parser = bls12381::ProofOfPossession::from_encoded_string)] - pub(crate) proof_of_possession: Option, + /// The key should be an ed25519 public key + #[clap(long, value_parser = ed25519::PublicKey::from_encoded_string)] + pub(crate) consensus_public_key: Option, } impl ValidatorConsensusKeyArgs { fn get_consensus_public_key<'a>( &'a self, operator_config: &'a Option, - ) -> CliTypedResult<&'a bls12381::PublicKey> { + ) -> CliTypedResult<&'a ed25519::PublicKey> { let consensus_public_key = if let Some(ref consensus_public_key) = self.consensus_public_key { consensus_public_key @@ -163,22 +157,6 @@ impl ValidatorConsensusKeyArgs { }; Ok(consensus_public_key) } - - fn get_consensus_proof_of_possession<'a>( - &'a self, - operator_config: &'a Option, - ) -> CliTypedResult<&'a bls12381::ProofOfPossession> { - let proof_of_possession = if let Some(ref proof_of_possession) = self.proof_of_possession { - proof_of_possession - } else if let Some(ref operator_config) = operator_config { - &operator_config.consensus_proof_of_possession - } else { - return Err(CliError::CommandArgumentError( - "Must provide either --operator-config-file or --proof-of-possession".to_string(), - )); - }; - Ok(proof_of_possession) - } } #[derive(Parser)] @@ -612,9 +590,6 @@ impl CliCommand for InitializeValidator { let consensus_public_key = self .validator_consensus_key_args .get_consensus_public_key(&operator_config)?; - let consensus_proof_of_possession = self - .validator_consensus_key_args - .get_consensus_proof_of_possession(&operator_config)?; let ( validator_network_public_key, full_node_network_public_key, @@ -640,7 +615,6 @@ impl CliCommand for InitializeValidator { self.txn_options .submit_transaction(aptos_stdlib::stake_initialize_validator( consensus_public_key.to_bytes().to_vec(), - consensus_proof_of_possession.to_bytes().to_vec(), // BCS encode, so that we can hide the original type bcs::to_bytes(&validator_network_addresses)?, bcs::to_bytes(&full_node_network_addresses)?, @@ -1072,14 +1046,10 @@ impl CliCommand for UpdateConsensusKey { let consensus_public_key = self .validator_consensus_key_args .get_consensus_public_key(&operator_config)?; - let consensus_proof_of_possession = self - .validator_consensus_key_args - .get_consensus_proof_of_possession(&operator_config)?; self.txn_options .submit_transaction(aptos_stdlib::stake_rotate_consensus_key( address, consensus_public_key.to_bytes().to_vec(), - consensus_proof_of_possession.to_bytes().to_vec(), )) .await .map(|inner| inner.into()) diff --git a/crates/aptos/src/op/key.rs b/crates/aptos/src/op/key.rs index 07a65a21db2da7..a68ad6ef78f485 100644 --- a/crates/aptos/src/op/key.rs +++ b/crates/aptos/src/op/key.rs @@ -15,9 +15,7 @@ use crate::{ CliCommand, CliResult, }; use aptos_config::config::{Peer, PeerRole}; -use aptos_crypto::{ - bls12381, ed25519, encoding_type::EncodingType, x25519, PrivateKey, ValidCryptoMaterial, -}; +use aptos_crypto::{ed25519, encoding_type::EncodingType, x25519, PrivateKey, ValidCryptoMaterial}; use aptos_genesis::config::HostAndPort; use aptos_types::account_address::{ create_multisig_account_address, from_identity_public_key, AccountAddress, @@ -255,8 +253,8 @@ impl CliCommand> for GenerateKey { return Ok(result_map); }, KeyType::Bls12381 => { - let private_key = keygen.generate_bls12381_private_key(); - self.save_params.save_bls_key(&private_key, "bls12381") + let private_key = keygen.generate_ed25519_private_key(); + self.save_params.save_key(&private_key, "ed25519") }, } } @@ -325,11 +323,6 @@ impl SaveKey { ) } - /// Public key file name - fn proof_of_possession_file(&self) -> CliTypedResult { - append_file_extension(self.file_options.output_file.as_path(), "pop") - } - /// Check if the key file exists already pub fn check_key_file(&self) -> CliTypedResult<()> { // Check if file already exists @@ -360,39 +353,4 @@ impl SaveKey { map.insert("PublicKey Path", public_key_file); Ok(map) } - - /// Saves a key to a file encoded in a string - pub fn save_bls_key( - self, - key: &bls12381::PrivateKey, - key_name: &'static str, - ) -> CliTypedResult> { - let encoded_private_key = self.encoding_options.encoding.encode_key(key_name, key)?; - let encoded_public_key = self - .encoding_options - .encoding - .encode_key(key_name, &key.public_key())?; - let encoded_proof_of_posession = self - .encoding_options - .encoding - .encode_key(key_name, &bls12381::ProofOfPossession::create(key))?; - - // Write private and public keys to files - let public_key_file = self.public_key_file()?; - let proof_of_possession_file = self.proof_of_possession_file()?; - self.file_options - .save_to_file_confidential(key_name, &encoded_private_key)?; - write_to_file(&public_key_file, key_name, &encoded_public_key)?; - write_to_file( - &proof_of_possession_file, - key_name, - &encoded_proof_of_posession, - )?; - - let mut map = HashMap::new(); - map.insert("PrivateKey Path", self.file_options.output_file); - map.insert("PublicKey Path", public_key_file); - map.insert("Proof of possession Path", proof_of_possession_file); - Ok(map) - } } diff --git a/crates/aptos/src/test/mod.rs b/crates/aptos/src/test/mod.rs index b6353852db1f3a..c7008c7371989f 100644 --- a/crates/aptos/src/test/mod.rs +++ b/crates/aptos/src/test/mod.rs @@ -46,7 +46,7 @@ use crate::{ }; use aptos_config::config::Peer; use aptos_crypto::{ - bls12381, + ed25519, ed25519::{Ed25519PrivateKey, Ed25519PublicKey}, x25519, PrivateKey, }; @@ -372,8 +372,7 @@ impl CliTestFramework { pub async fn initialize_validator( &self, index: usize, - consensus_public_key: bls12381::PublicKey, - proof_of_possession: bls12381::ProofOfPossession, + consensus_public_key: ed25519::PublicKey, validator_host: HostAndPort, validator_network_public_key: x25519::PublicKey, ) -> CliTypedResult { @@ -384,7 +383,6 @@ impl CliTestFramework { }, validator_consensus_key_args: ValidatorConsensusKeyArgs { consensus_public_key: Some(consensus_public_key), - proof_of_possession: Some(proof_of_possession), }, validator_network_addresses_args: ValidatorNetworkAddressesArgs { validator_host: Some(validator_host), @@ -515,8 +513,7 @@ impl CliTestFramework { &self, operator_index: usize, pool_index: Option, - consensus_public_key: bls12381::PublicKey, - proof_of_possession: bls12381::ProofOfPossession, + consensus_public_key: ed25519::PublicKey, ) -> CliTypedResult { UpdateConsensusKey { txn_options: self.transaction_options(operator_index, None), @@ -526,7 +523,6 @@ impl CliTestFramework { }, validator_consensus_key_args: ValidatorConsensusKeyArgs { consensus_public_key: Some(consensus_public_key), - proof_of_possession: Some(proof_of_possession), }, } .execute() diff --git a/dkg/src/dkg_manager/tests.rs b/dkg/src/dkg_manager/tests.rs index 8e48a6227df41b..eca7d30194c60f 100644 --- a/dkg/src/dkg_manager/tests.rs +++ b/dkg/src/dkg_manager/tests.rs @@ -8,7 +8,7 @@ use crate::{ DKGMessage, }; use aptos_crypto::{ - bls12381::{PrivateKey, PublicKey}, + ed25519::{PrivateKey, PublicKey}, Uniform, }; use aptos_infallible::RwLock; diff --git a/dkg/src/transcript_aggregation/tests.rs b/dkg/src/transcript_aggregation/tests.rs index eeb2e34dcfb50a..163c55034ba382 100644 --- a/dkg/src/transcript_aggregation/tests.rs +++ b/dkg/src/transcript_aggregation/tests.rs @@ -1,7 +1,7 @@ // Copyright © Aptos Foundation use crate::transcript_aggregation::TranscriptAggregationState; -use aptos_crypto::{bls12381::bls12381_keys, Uniform}; +use aptos_crypto::{ed25519, Uniform}; use aptos_reliable_broadcast::BroadcastStatus; use aptos_types::{ dkg::{ @@ -23,11 +23,11 @@ fn test_transcript_aggregation_state() { let addrs: Vec = (0..num_validators) .map(|_| AccountAddress::random()) .collect(); - let private_keys: Vec = (0..num_validators) - .map(|_| bls12381_keys::PrivateKey::generate_for_testing()) + let private_keys: Vec = (0..num_validators) + .map(|_| ed25519::PrivateKey::generate_for_testing()) .collect(); - let public_keys: Vec = (0..num_validators) - .map(|i| bls12381_keys::PublicKey::from(&private_keys[i])) + let public_keys: Vec = (0..num_validators) + .map(|i| ed25519::PublicKey::from(&private_keys[i])) .collect(); let voting_powers = [1, 1, 1, 6, 6]; // total voting power: 15, default threshold: 11 let validator_infos: Vec = (0..num_validators) diff --git a/network/discovery/src/validator_set.rs b/network/discovery/src/validator_set.rs index f6953f34ac780e..6f8305950ae1b6 100644 --- a/network/discovery/src/validator_set.rs +++ b/network/discovery/src/validator_set.rs @@ -156,7 +156,7 @@ mod tests { use crate::DiscoveryChangeListener; use aptos_channels::{aptos_channel, message_queues::QueueStyle}; use aptos_config::config::HANDSHAKE_VERSION; - use aptos_crypto::{bls12381, x25519::PrivateKey, PrivateKey as PK, Uniform}; + use aptos_crypto::{ed25519, x25519::PrivateKey, PrivateKey as PK, Uniform}; use aptos_event_notifications::ReconfigNotification; use aptos_types::{ network_address::NetworkAddress, @@ -177,7 +177,7 @@ mod tests { fn metric_if_key_mismatch() { aptos_logger::Logger::init_for_testing(); let runtime = Runtime::new().unwrap(); - let consensus_private_key = bls12381::PrivateKey::generate_for_testing(); + let consensus_private_key = ed25519::PrivateKey::generate_for_testing(); let consensus_pubkey = consensus_private_key.public_key(); let pubkey = test_pubkey([0u8; 32]); let different_pubkey = test_pubkey([1u8; 32]); @@ -237,7 +237,7 @@ mod tests { fn send_pubkey_update( peer_id: PeerId, - consensus_pubkey: bls12381::PublicKey, + consensus_pubkey: ed25519::PublicKey, pubkey: x25519::PublicKey, reconfig_tx: &mut aptos_channels::aptos_channel::Sender< (), diff --git a/testsuite/generate-format/src/api.rs b/testsuite/generate-format/src/api.rs index 6d229913415732..9211b7500fe122 100644 --- a/testsuite/generate-format/src/api.rs +++ b/testsuite/generate-format/src/api.rs @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 use aptos_crypto::{ - bls12381, + ed25519, ed25519::{Ed25519PrivateKey, Ed25519PublicKey}, hash::{CryptoHasher as _, TestOnlyHasher}, multi_ed25519::{MultiEd25519PublicKey, MultiEd25519Signature}, @@ -73,8 +73,8 @@ fn trace_crypto_values(tracer: &mut Tracer, samples: &mut Samples) -> Result<()> tracer.trace_value(samples, &secp256r1_ecdsa_public_key)?; tracer.trace_value(samples, &secp256r1_ecdsa_signature)?; - let bls12381_private_key = bls12381::PrivateKey::generate(&mut rng); - let bls12381_public_key = bls12381::PublicKey::from(&bls12381_private_key); + let bls12381_private_key = ed25519::PrivateKey::generate(&mut rng); + let bls12381_public_key = ed25519::PublicKey::from(&bls12381_private_key); let bls12381_signature = bls12381_private_key.sign(&message).unwrap(); tracer.trace_value(samples, &bls12381_private_key)?; tracer.trace_value(samples, &bls12381_public_key)?; diff --git a/testsuite/generate-format/src/aptos.rs b/testsuite/generate-format/src/aptos.rs index 3d0d4800cca2ac..3559388acd799d 100644 --- a/testsuite/generate-format/src/aptos.rs +++ b/testsuite/generate-format/src/aptos.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 use aptos_crypto::{ - bls12381, + ed25519, ed25519::{Ed25519PrivateKey, Ed25519PublicKey}, hash::{CryptoHasher as _, TestOnlyHasher}, multi_ed25519::{MultiEd25519PublicKey, MultiEd25519Signature}, @@ -70,8 +70,8 @@ fn trace_crypto_values(tracer: &mut Tracer, samples: &mut Samples) -> Result<()> tracer.trace_value(samples, &secp256r1_ecdsa_public_key)?; tracer.trace_value(samples, &secp256r1_ecdsa_signature)?; - let bls12381_private_key = bls12381::PrivateKey::generate(&mut rng); - let bls12381_public_key = bls12381::PublicKey::from(&bls12381_private_key); + let bls12381_private_key = ed25519::PrivateKey::generate(&mut rng); + let bls12381_public_key = ed25519::PublicKey::from(&bls12381_private_key); let bls12381_signature = bls12381_private_key.sign(&message).unwrap(); tracer.trace_value(samples, &bls12381_private_key)?; tracer.trace_value(samples, &bls12381_public_key)?; diff --git a/testsuite/generate-format/src/consensus.rs b/testsuite/generate-format/src/consensus.rs index 0a36c8fc9f0994..9fd471accc219b 100644 --- a/testsuite/generate-format/src/consensus.rs +++ b/testsuite/generate-format/src/consensus.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 use aptos_crypto::{ - bls12381, + ed25519, ed25519::Ed25519PrivateKey, multi_ed25519::{MultiEd25519PublicKey, MultiEd25519Signature}, secp256k1_ecdsa, secp256r1_ecdsa, @@ -46,7 +46,7 @@ fn trace_crypto_values(tracer: &mut Tracer, samples: &mut Samples) -> Result<()> let public_key = private_key.public_key(); let signature = private_key.sign(&message).unwrap(); - let bls_private_key = bls12381::PrivateKey::generate(&mut rng); + let bls_private_key = ed25519::PrivateKey::generate(&mut rng); let bls_public_key = bls_private_key.public_key(); let bls_signature = bls_private_key.sign(&message).unwrap(); diff --git a/testsuite/smoke-test/src/aptos_cli/validator.rs b/testsuite/smoke-test/src/aptos_cli/validator.rs index 31e030e99b1c0f..2bd73acb712e2b 100644 --- a/testsuite/smoke-test/src/aptos_cli/validator.rs +++ b/testsuite/smoke-test/src/aptos_cli/validator.rs @@ -16,7 +16,7 @@ use aptos::{ }; use aptos_bitvec::BitVec; use aptos_cached_packages::aptos_stdlib; -use aptos_crypto::{bls12381, ed25519::Ed25519PrivateKey, x25519, ValidCryptoMaterialStringExt}; +use aptos_crypto::{ed25519, ed25519::Ed25519PrivateKey, x25519, ValidCryptoMaterialStringExt}; use aptos_forge::{reconfig, wait_for_all_nodes_to_catchup, LocalSwarm, NodeExt, Swarm, SwarmExt}; use aptos_genesis::config::HostAndPort; use aptos_keygen::KeyGen; @@ -574,7 +574,6 @@ async fn test_large_total_stake() { cli.initialize_validator( validator_cli_index, keys.consensus_public_key(), - keys.consensus_proof_of_possession(), HostAndPort { host: dns_name("0.0.0.0"), port: 1234, @@ -969,7 +968,6 @@ async fn test_register_and_update_validator() { cli.initialize_validator( validator_cli_index, keys.consensus_public_key(), - keys.consensus_proof_of_possession(), HostAndPort { host: dns_name("0.0.0.0"), port, @@ -1079,7 +1077,6 @@ async fn test_join_and_leave_validator() { cli.initialize_validator( validator_cli_index, keys.consensus_public_key(), - keys.consensus_proof_of_possession(), HostAndPort { host: dns_name("0.0.0.0"), port, @@ -1335,7 +1332,6 @@ async fn test_owner_create_and_delegate_flow() { operator_cli_index, Some(owner_cli_index), operator_keys.consensus_public_key(), - operator_keys.consensus_proof_of_possession(), ) .await .unwrap(), @@ -1444,7 +1440,7 @@ fn dns_name(addr: &str) -> DnsName { pub struct ValidatorNodeKeys { account_private_key: Ed25519PrivateKey, network_private_key: x25519::PrivateKey, - consensus_private_key: bls12381::PrivateKey, + consensus_private_key: ed25519::PrivateKey, } impl ValidatorNodeKeys { @@ -1452,7 +1448,7 @@ impl ValidatorNodeKeys { Self { account_private_key: keygen.generate_ed25519_private_key(), network_private_key: keygen.generate_x25519_private_key().unwrap(), - consensus_private_key: keygen.generate_bls12381_private_key(), + consensus_private_key: keygen.generate_ed25519_private_key(), } } @@ -1460,12 +1456,8 @@ impl ValidatorNodeKeys { self.network_private_key.public_key() } - pub fn consensus_public_key(&self) -> bls12381::PublicKey { - bls12381::PublicKey::from(&self.consensus_private_key) - } - - pub fn consensus_proof_of_possession(&self) -> bls12381::ProofOfPossession { - bls12381::ProofOfPossession::create(&self.consensus_private_key) + pub fn consensus_public_key(&self) -> ed25519::PublicKey { + ed25519::PublicKey::from(&self.consensus_private_key) } } diff --git a/types/src/aggregate_signature.rs b/types/src/aggregate_signature.rs index 3202583b6252d0..c5d9c38a01399f 100644 --- a/types/src/aggregate_signature.rs +++ b/types/src/aggregate_signature.rs @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 use aptos_bitvec::BitVec; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; use move_core_types::account_address::AccountAddress; use serde::{Deserialize, Serialize}; @@ -15,13 +15,13 @@ use std::collections::BTreeMap; #[derive(Clone, Debug, Eq, PartialEq, Serialize, Deserialize, CryptoHasher, BCSCryptoHash)] pub struct AggregateSignature { validator_bitmask: BitVec, - sig: Option, + sig: Option, } impl AggregateSignature { pub fn new( validator_bitmask: BitVec, - aggregated_signature: Option, + aggregated_signature: Option, ) -> Self { Self { validator_bitmask, @@ -61,7 +61,7 @@ impl AggregateSignature { self.validator_bitmask.count_ones() as usize } - pub fn sig(&self) -> &Option { + pub fn sig(&self) -> &Option { &self.sig } } @@ -70,11 +70,11 @@ impl AggregateSignature { /// from different validators. It is only kept in memory and never sent through the network. #[derive(Clone, Debug, Deserialize, Eq, PartialEq)] pub struct PartialSignatures { - signatures: BTreeMap, + signatures: BTreeMap, } impl PartialSignatures { - pub fn new(signatures: BTreeMap) -> Self { + pub fn new(signatures: BTreeMap) -> Self { Self { signatures } } @@ -90,11 +90,11 @@ impl PartialSignatures { self.signatures.remove(&validator); } - pub fn add_signature(&mut self, validator: AccountAddress, signature: bls12381::Signature) { + pub fn add_signature(&mut self, validator: AccountAddress, signature: ed25519::Signature) { self.signatures.entry(validator).or_insert(signature); } - pub fn signatures(&self) -> &BTreeMap { + pub fn signatures(&self) -> &BTreeMap { &self.signatures } diff --git a/types/src/dkg/dummy_dkg/mod.rs b/types/src/dkg/dummy_dkg/mod.rs index eed07088221acf..8664685b89208a 100644 --- a/types/src/dkg/dummy_dkg/mod.rs +++ b/types/src/dkg/dummy_dkg/mod.rs @@ -2,7 +2,7 @@ use crate::dkg::{DKGSessionMetadata, DKGTrait}; use anyhow::{anyhow, ensure}; -use aptos_crypto::{bls12381, Uniform}; +use aptos_crypto::{ed25519, Uniform}; use rand::{CryptoRng, Rng, RngCore}; use serde::{Deserialize, Serialize}; use std::collections::{BTreeMap, BTreeSet}; @@ -13,11 +13,11 @@ use std::collections::{BTreeMap, BTreeSet}; pub struct DummyDKG {} impl DKGTrait for DummyDKG { - type DealerPrivateKey = bls12381::PrivateKey; + type DealerPrivateKey = ed25519::PrivateKey; type DealtSecret = DummySecret; type DealtSecretShare = DummySecret; type InputSecret = DummySecret; - type NewValidatorDecryptKey = bls12381::PrivateKey; + type NewValidatorDecryptKey = ed25519::PrivateKey; type PublicParams = DKGSessionMetadata; type Transcript = DummyDKGTranscript; @@ -110,7 +110,7 @@ impl DKGTrait for DummyDKG { } fn generate_predictable_input_secret_for_testing( - dealer_sk: &bls12381::PrivateKey, + dealer_sk: &ed25519::PrivateKey, ) -> DummySecret { let bytes_8: [u8; 8] = dealer_sk.to_bytes()[0..8].try_into().unwrap(); DummySecret { diff --git a/types/src/dkg/dummy_dkg/tests.rs b/types/src/dkg/dummy_dkg/tests.rs index e1a91ea14e039e..b16047f510a565 100644 --- a/types/src/dkg/dummy_dkg/tests.rs +++ b/types/src/dkg/dummy_dkg/tests.rs @@ -7,15 +7,15 @@ use crate::{ }, validator_verifier::{ValidatorConsensusInfo, ValidatorConsensusInfoMoveStruct}, }; -use aptos_crypto::{bls12381, Uniform}; +use aptos_crypto::{ed25519, Uniform}; use move_core_types::account_address::AccountAddress; use rand::thread_rng; struct DealerState { addr: AccountAddress, voting_power: u64, - sk: bls12381::PrivateKey, - pk: bls12381::PublicKey, + sk: ed25519::PrivateKey, + pk: ed25519::PublicKey, input_secret: DummySecret, transcript: Option, } @@ -33,8 +33,8 @@ impl DealerState { struct NewValidatorState { addr: AccountAddress, voting_power: u64, - sk: bls12381::PrivateKey, - pk: bls12381::PublicKey, + sk: ed25519::PrivateKey, + pk: ed25519::PublicKey, secret_share: Option, } @@ -55,8 +55,8 @@ fn test_dummy_dkg_correctness() { // Initialize the current validator states. Also prepare their DKG input secrets. let mut dealer_states: Vec = (0..3) .map(|_| { - let sk = bls12381::PrivateKey::generate_for_testing(); - let pk = bls12381::PublicKey::from(&sk); + let sk = ed25519::PrivateKey::generate_for_testing(); + let pk = ed25519::PublicKey::from(&sk); let input_secret = DummySecret::generate_for_testing(); DealerState { addr: AccountAddress::random(), @@ -76,8 +76,8 @@ fn test_dummy_dkg_correctness() { // Initialize the next validator states. let mut new_validator_states: Vec = (0..4) .map(|_| { - let sk = bls12381::PrivateKey::generate_for_testing(); - let pk = bls12381::PublicKey::from(&sk); + let sk = ed25519::PrivateKey::generate_for_testing(); + let pk = ed25519::PublicKey::from(&sk); NewValidatorState { addr: AccountAddress::random(), voting_power: 2, diff --git a/types/src/ledger_info.rs b/types/src/ledger_info.rs index 47ce8c620b1d3c..855af8d52cdb43 100644 --- a/types/src/ledger_info.rs +++ b/types/src/ledger_info.rs @@ -12,7 +12,7 @@ use crate::{ transaction::Version, validator_verifier::{ValidatorVerifier, VerifyError}, }; -use aptos_crypto::{bls12381, hash::HashValue}; +use aptos_crypto::{ed25519, hash::HashValue}; use aptos_crypto_derive::{BCSCryptoHash, CryptoHasher}; #[cfg(any(test, feature = "fuzzing"))] use proptest_derive::Arbitrary; @@ -336,11 +336,11 @@ impl LedgerInfoWithPartialSignatures { self.partial_sigs.remove_signature(validator); } - pub fn add_signature(&mut self, validator: AccountAddress, signature: bls12381::Signature) { + pub fn add_signature(&mut self, validator: AccountAddress, signature: ed25519::Signature) { self.partial_sigs.add_signature(validator, signature); } - pub fn signatures(&self) -> &BTreeMap { + pub fn signatures(&self) -> &BTreeMap { self.partial_sigs.signatures() } @@ -384,7 +384,7 @@ impl Arbitrary for LedgerInfoWithV0 { type Strategy = BoxedStrategy; fn arbitrary_with(_args: Self::Parameters) -> Self::Strategy { - let dummy_signature = bls12381::Signature::dummy_signature(); + let dummy_signature = ed25519::Signature::dummy_signature(); (any::(), (1usize..100)) .prop_map(move |(ledger_info, num_validators)| { let (signers, verifier) = random_validator_verifier(num_validators, None, true); diff --git a/types/src/proptest_types.rs b/types/src/proptest_types.rs index ddc0ae23a9446a..34eedab0fd5273 100644 --- a/types/src/proptest_types.rs +++ b/types/src/proptest_types.rs @@ -36,7 +36,6 @@ use crate::{ write_set::{WriteOp, WriteSet, WriteSetMut}, }; use aptos_crypto::{ - bls12381::{self, bls12381_keys}, ed25519::{self, Ed25519PrivateKey, Ed25519PublicKey}, test_utils::KeyPair, traits::*, @@ -143,17 +142,14 @@ struct AccountInfo { address: AccountAddress, private_key: Ed25519PrivateKey, public_key: Ed25519PublicKey, - consensus_private_key: bls12381::PrivateKey, + consensus_private_key: ed25519::PrivateKey, sequence_number: u64, sent_event_handle: EventHandle, received_event_handle: EventHandle, } impl AccountInfo { - pub fn new( - private_key: Ed25519PrivateKey, - consensus_private_key: bls12381::PrivateKey, - ) -> Self { + pub fn new(private_key: Ed25519PrivateKey, consensus_private_key: ed25519::PrivateKey) -> Self { let public_key = private_key.public_key(); let address = account_address::from_public_key(&public_key); Self { @@ -180,7 +176,7 @@ pub struct AccountInfoUniverse { impl AccountInfoUniverse { fn new( account_private_keys: Vec, - consensus_private_keys: Vec, + consensus_private_keys: Vec, epoch: u64, round: Round, next_version: Version, @@ -262,10 +258,7 @@ impl Arbitrary for AccountInfoUniverse { fn arbitrary_with(num_accounts: Self::Parameters) -> Self::Strategy { vec( - ( - ed25519::keypair_strategy(), - bls12381_keys::keypair_strategy(), - ), + (ed25519::keypair_strategy(), ed25519::keypair_strategy()), num_accounts, ) .prop_map(|kps| { @@ -560,8 +553,8 @@ prop_compose! { fn arb_validator_for_ledger_info(ledger_info: LedgerInfo)( ledger_info in Just(ledger_info), account_keypair in ed25519::keypair_strategy(), - consensus_keypair in bls12381_keys::keypair_strategy(), - ) -> (AccountAddress, ValidatorConsensusInfo, bls12381::Signature) { + consensus_keypair in ed25519::keypair_strategy(), + ) -> (AccountAddress, ValidatorConsensusInfo, ed25519::Signature) { let signature = consensus_keypair.private_key.sign(&ledger_info).unwrap(); let address = account_address::from_public_key(&account_keypair.public_key); (address, ValidatorConsensusInfo::new(address, consensus_keypair.public_key, 1), signature) diff --git a/types/src/validator_config.rs b/types/src/validator_config.rs index d43f4bea237633..3e2354ee998dc6 100644 --- a/types/src/validator_config.rs +++ b/types/src/validator_config.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 use crate::network_address::NetworkAddress; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; use move_core_types::{ ident_str, identifier::IdentStr, @@ -35,7 +35,7 @@ impl MoveResource for ValidatorOperatorConfigResource {} #[derive(Clone, Debug, Eq, PartialEq, Deserialize, Serialize)] #[cfg_attr(any(test, feature = "fuzzing"), derive(Arbitrary))] pub struct ValidatorConfig { - pub consensus_public_key: bls12381::PublicKey, + pub consensus_public_key: ed25519::PublicKey, /// This is an bcs serialized `Vec` pub validator_network_addresses: Vec, /// This is an bcs serialized `Vec` @@ -45,7 +45,7 @@ pub struct ValidatorConfig { impl ValidatorConfig { pub fn new( - consensus_public_key: bls12381::PublicKey, + consensus_public_key: ed25519::PublicKey, validator_network_addresses: Vec, fullnode_network_addresses: Vec, validator_index: u64, diff --git a/types/src/validator_info.rs b/types/src/validator_info.rs index 2f56486273edf4..01f5c7f3fd09d5 100644 --- a/types/src/validator_info.rs +++ b/types/src/validator_info.rs @@ -5,7 +5,7 @@ #[cfg(any(test, feature = "fuzzing"))] use crate::network_address::NetworkAddress; use crate::{account_address::AccountAddress, validator_config::ValidatorConfig}; -use aptos_crypto::bls12381; +use aptos_crypto::ed25519; #[cfg(any(test, feature = "fuzzing"))] use proptest_derive::Arbitrary; use serde::{Deserialize, Serialize}; @@ -55,7 +55,7 @@ impl ValidatorInfo { #[cfg(any(test, feature = "fuzzing"))] pub fn new_with_test_network_keys( account_address: AccountAddress, - consensus_public_key: bls12381::PublicKey, + consensus_public_key: ed25519::PublicKey, consensus_voting_power: u64, validator_index: u64, ) -> Self { @@ -81,7 +81,7 @@ impl ValidatorInfo { } /// Returns the key for validating signed messages from this validator - pub fn consensus_public_key(&self) -> &bls12381::PublicKey { + pub fn consensus_public_key(&self) -> &ed25519::PublicKey { &self.config.consensus_public_key } diff --git a/types/src/validator_signer.rs b/types/src/validator_signer.rs index 84140126547056..60c59a997d62ea 100644 --- a/types/src/validator_signer.rs +++ b/types/src/validator_signer.rs @@ -4,7 +4,7 @@ use crate::account_address::AccountAddress; use aptos_crypto::{ - bls12381, hash::CryptoHash, test_utils::TEST_SEED, CryptoMaterialError, PrivateKey, SigningKey, + ed25519, hash::CryptoHash, test_utils::TEST_SEED, CryptoMaterialError, PrivateKey, SigningKey, Uniform, }; use rand::{rngs::StdRng, SeedableRng}; @@ -18,11 +18,11 @@ use std::convert::TryFrom; #[cfg_attr(any(test, feature = "fuzzing"), derive(Clone))] pub struct ValidatorSigner { author: AccountAddress, - private_key: bls12381::PrivateKey, + private_key: ed25519::PrivateKey, } impl ValidatorSigner { - pub fn new(author: AccountAddress, private_key: bls12381::PrivateKey) -> Self { + pub fn new(author: AccountAddress, private_key: ed25519::PrivateKey) -> Self { ValidatorSigner { author, private_key, @@ -33,7 +33,7 @@ impl ValidatorSigner { pub fn sign( &self, message: &T, - ) -> Result { + ) -> Result { self.private_key.sign(message) } @@ -43,13 +43,13 @@ impl ValidatorSigner { } /// Returns the public key associated with this signer. - pub fn public_key(&self) -> bls12381::PublicKey { + pub fn public_key(&self) -> ed25519::PublicKey { self.private_key.public_key() } /// Returns the private key associated with this signer. Only available for testing purposes. #[cfg(any(test, feature = "fuzzing"))] - pub fn private_key(&self) -> &bls12381::PrivateKey { + pub fn private_key(&self) -> &ed25519::PrivateKey { &self.private_key } } @@ -63,7 +63,7 @@ impl ValidatorSigner { let mut rng = StdRng::from_seed(opt_rng_seed.into().unwrap_or(TEST_SEED)); Self::new( AccountAddress::random(), - bls12381::PrivateKey::generate(&mut rng), + ed25519::PrivateKey::generate(&mut rng), ) } @@ -72,7 +72,7 @@ impl ValidatorSigner { pub fn from_int(num: u8) -> Self { let mut address = [0; AccountAddress::LENGTH]; address[0] = num; - let private_key = bls12381::PrivateKey::generate_for_testing(); + let private_key = ed25519::PrivateKey::generate_for_testing(); Self::new(AccountAddress::try_from(&address[..]).unwrap(), private_key) } } @@ -84,17 +84,17 @@ pub mod proptests { use proptest::{prelude::*, sample, strategy::LazyJust}; #[allow(clippy::redundant_closure)] - pub fn arb_signing_key() -> impl Strategy { + pub fn arb_signing_key() -> impl Strategy { prop_oneof![ // The no_shrink here reflects that particular keypair choices out // of random options are irrelevant. - LazyJust::new(|| bls12381::PrivateKey::generate_for_testing()), - LazyJust::new(|| bls12381::PrivateKey::genesis()), + LazyJust::new(|| ed25519::PrivateKey::generate_for_testing()), + LazyJust::new(|| ed25519::PrivateKey::genesis()), ] } pub fn signer_strategy( - signing_key_strategy: impl Strategy, + signing_key_strategy: impl Strategy, ) -> impl Strategy { signing_key_strategy.prop_map(|signing_key| { ValidatorSigner::new( @@ -114,20 +114,20 @@ pub mod proptests { prop_oneof![ rand_signer(), LazyJust::new(|| { - let genesis_key = bls12381::PrivateKey::genesis(); + let genesis_key = ed25519::PrivateKey::genesis(); ValidatorSigner::new(AccountAddress::random(), genesis_key) }) ] } fn select_keypair( - keys: Vec, - ) -> impl Strategy { + keys: Vec, + ) -> impl Strategy { sample::select(keys) } pub fn mostly_in_keypair_pool( - keys: Vec, + keys: Vec, ) -> impl Strategy { prop::strategy::Union::new_weighted(vec![ (9, signer_strategy(select_keypair(keys)).boxed()), diff --git a/types/src/validator_verifier.rs b/types/src/validator_verifier.rs index f035e3bb0bf023..a13f7b695754b3 100644 --- a/types/src/validator_verifier.rs +++ b/types/src/validator_verifier.rs @@ -11,12 +11,7 @@ use crate::{ }; use anyhow::{ensure, Result}; use aptos_bitvec::BitVec; -use aptos_crypto::{ - bls12381, - bls12381::{bls12381_keys, PublicKey}, - hash::CryptoHash, - Signature, VerifyingKey, -}; +use aptos_crypto::{ed25519, ed25519::PublicKey, hash::CryptoHash, Signature, VerifyingKey}; use itertools::Itertools; #[cfg(any(test, feature = "fuzzing"))] use proptest_derive::Arbitrary; @@ -120,7 +115,7 @@ impl TryFrom for ValidatorConsensusInfo { pk_bytes, voting_power, } = value; - let public_key = bls12381_keys::PublicKey::try_from(pk_bytes.as_slice())?; + let public_key = PublicKey::try_from(pk_bytes.as_slice())?; Ok(Self::new(addr, public_key, voting_power)) } } @@ -225,7 +220,7 @@ impl ValidatorVerifier { &self, author: AccountAddress, message: &T, - signature: &bls12381::Signature, + signature: &ed25519::Signature, ) -> std::result::Result<(), VerifyError> { match self.get_public_key(&author) { Some(public_key) => public_key @@ -253,7 +248,7 @@ impl ValidatorVerifier { sigs.push(sig.clone()); } // Perform an optimistic aggregation of the signatures without verification. - let aggregated_sig = bls12381::Signature::aggregate(sigs) + let aggregated_sig = ed25519::Signature::aggregate(sigs) .map_err(|_| VerifyError::FailedToAggregateSignature)?; Ok(AggregateSignature::new(masks, Some(aggregated_sig)))