feat: wip adds bls signer

tools/bls-signature-creator/.goreleaser.yml

@@ -0,0 +1,64 @@
+version: 1
+
+project_name: bls-signature-creator
+dist: /tmp/dist/bls-signature-creator
+
+builds:
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+    goarch:
+      - amd64
+      - arm64
+    dir: ./tools/bls-signature-creator
+    binary: "{{ .ProjectName }}"
+    flags:
+      - -v
+      - -trimpath
+
+archives:
+  - format: tar.gz
+    name_template: >-
+      {{- .Binary }}_
+      {{- with index .Env "RELEASE_VERSION" -}}
+        {{ . }}
+      {{- else -}}
+        {{- if .IsSnapshot }}{{ .ShortCommit }}
+        {{- else }}{{ .Version }}
+        {{- end }}
+      {{- end -}}
+      {{- with index .Env "DIRTY_SUFFIX" -}}
+      {{ . }}
+      {{- end -}}_
+      {{- title .Os }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else if eq .Arch "386" }}i386
+      {{- else }}{{ .Arch }}
+      {{- end }}
+      {{- if .Arm }}v{{ .Arm }}{{ end }}
+    format_overrides:
+      - goos: windows
+        format: zip
+
+checksum:
+  name_template: >-
+    {{ .ProjectName }}_
+    {{- with index .Env "RELEASE_VERSION" -}}
+      {{ . }}
+    {{- else -}}
+      {{- if .IsSnapshot }}{{ .ShortCommit }}
+      {{- else }}{{ .Version }}
+      {{- end }}
+    {{- end -}}
+    {{- with index .Env "DIRTY_SUFFIX" -}}
+    {{ . }}
+    {{- end -}}
+    _checksums.txt
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"

tools/bls-signature-creator/main.go

@@ -0,0 +1,127 @@
+package main
+
+import (
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log/slog"
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/cloudflare/circl/sign/bls"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	"github.com/ethereum/go-ethereum/crypto"
+
+	"github.com/urfave/cli/v2"
+)
+
+type Topology struct {
+	Self struct {
+		EthereumAddress string `json:"Ethereum Address"`
+	} `json:"self"`
+}
+
+var (
+	optionPrivateKey = &cli.StringFlag{
+		Name:  "private-key",
+		Usage: "BLS private key as hex encoded string (with optional 0x prefix). Must be a valid hex string representing a BLS private key.",
+	}
+
+	optionServerAddr = &cli.StringFlag{
+		Name:  "server",
+		Usage: "Provider server address",
+		Value: "localhost:8545",
+	}
+)
+
+func main() {
+	app := &cli.App{
+		Name:  "bls-signature-creator",
+		Usage: "Create BLS signatures",
+		Flags: []cli.Flag{
+			optionPrivateKey,
+			optionServerAddr,
+		},
+		Action: run,
+	}
+
+	if err := app.Run(os.Args); err != nil {
+		fmt.Fprintln(os.Stderr, err)
+		os.Exit(1)
+	}
+}
+
+func run(c *cli.Context) error {
+	blsPrivKeyHex := c.String("private-key")
+	serverAddr := c.String("server")
+
+	if blsPrivKeyHex == "" {
+		return fmt.Errorf("--private-key flag is required")
+	}
+
+	// Strip 0x prefix if present
+	blsPrivKeyHex = strings.TrimPrefix(blsPrivKeyHex, "0x")
+
+	// Validate hex string
+	privKeyBytes, err := hexutil.Decode("0x" + blsPrivKeyHex)
+	if err != nil {
+		return fmt.Errorf("invalid private key hex string: %v", err)
+	}
+
+	logger := slog.New(slog.NewTextHandler(os.Stdout, nil))
+
+	// Get topology from debug endpoint
+	resp, err := http.Get(fmt.Sprintf("http://%s/v1/debug/topology", serverAddr))
+	if err != nil {
+		logger.Error("failed to get topology", "error", err)
+		return err
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		logger.Error("failed to read response body", "error", err)
+		return err
+	}
+
+	var topology Topology
+	if err := json.Unmarshal(body, &topology); err != nil {
+		logger.Error("failed to unmarshal topology", "error", err)
+		return err
+	}
+
+	ethAddress := topology.Self.EthereumAddress
+
+	// Create BLS signature
+	hashedMessage := crypto.Keccak256(common.HexToAddress(ethAddress).Bytes())
+	privateKey := new(bls.PrivateKey[bls.G1])
+	if err := privateKey.UnmarshalBinary(privKeyBytes); err != nil {
+		logger.Error("failed to unmarshal private key", "error", err)
+		return err
+	}
+
+	publicKey := privateKey.PublicKey()
+	signature := bls.Sign(privateKey, hashedMessage)
+
+	// Verify the signature
+	if !bls.Verify(publicKey, hashedMessage, signature) {
+		logger.Error("failed to verify generated BLS signature")
+		return fmt.Errorf("failed to verify generated BLS signature")
+	}
+
+	pubkeyb, err := publicKey.MarshalBinary()
+	if err != nil {
+		logger.Error("failed to marshal public key", "error", err)
+		return err
+	}
+
+	logger.Info("generated BLS signature",
+		"eth_address", ethAddress,
+		"public_key", hex.EncodeToString(pubkeyb),
+		"signature", hex.EncodeToString(signature))
+
+	return nil
+}

tools/go.mod

@@ -5,6 +5,7 @@ go 1.23
 toolchain go1.23.0
 
 require (
+	github.com/cloudflare/circl v1.5.0
 	github.com/ethereum/go-ethereum v1.14.11
 	github.com/hashicorp/golang-lru/v2 v2.0.7
 	github.com/primev/mev-commit/contracts-abi v0.0.1

tools/go.sum

@@ -20,6 +20,8 @@ github.com/cespare/cp v0.1.0 h1:SE+dxFebS7Iik5LK0tsi1k9ZCxEaFX4AjQmoyA+1dJk=
 github.com/cespare/cp v0.1.0/go.mod h1:SOGHArjBr4JWaSDEVpWpo/hNg6RoKrls6Oh40hiwW+s=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cloudflare/circl v1.5.0 h1:hxIWksrX6XN5a1L2TI/h53AGPhNHoUBo+TD1ms9+pys=
+github.com/cloudflare/circl v1.5.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
 github.com/cockroachdb/errors v1.11.3 h1:5bA+k2Y6r+oz/6Z/RFlNeVCesGARKuC6YymtcDrbC/I=
 github.com/cockroachdb/errors v1.11.3/go.mod h1:m4UIW4CDjx+R5cybPsNrRbreomiFqt8o1h1wUVazSd8=
 github.com/cockroachdb/fifo v0.0.0-20240616162244-4768e80dfb9a h1:f52TdbU4D5nozMAhO9TvTJ2ZMCXtN4VIAmfrrZ0JXQ4=