bls

package
v1.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2024 License: GPL-3.0, GPL-3.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	BLSCryptoType     = 1
	BN256Curve        = 1
	BLS12377Curve     = 2
	BLS12381Curve     = 3
	PUBLICKEYBYTES    = 128
	G1PUBLICKEYBYTES  = 64
	SIGNATUREBYTES    = 64
	EPOCHENTROPYBYTES = 16
)
View Source 
const (
	MODULUS256  = "21888242871839275222246405745257275088548364400416034343698204186575808495617"
	MODULUSBITS = 254
	MODULUSMASK = 63 // == 2**(254-(256-8)) - 1
)

Variables

This section is empty.

Functions

func GenKeyPair 

func GenKeyPair(randReader io.Reader) (*PublicKey, *SecretKey, error)

GenKeyPair generates Public and Private Keys

func PerformHash 

func PerformHash(msg []byte) ([]byte, error)

func PrivateToG1Public 

func PrivateToG1Public(privateKeyBytes []byte) ([]byte, error)

func PrivateToPublic 

func PrivateToPublic(privateKeyBytes []byte) ([]byte, error)

func UnmarshalG1Pk 

func UnmarshalG1Pk(g1pkmsg []byte) (*cfbn256.G1, error)

func Verify 

func Verify(apk *Apk, msg []byte, sigma *Signature) error

Verify is the verification step of an aggregated apk signature

func Verify2 

func Verify2(apk *Apk, msg []byte, sigma *Signature) error

func VerifyBatch 

func VerifyBatch(apks []*Apk, msgs [][]byte, sigma *Signature) error

VerifyBatch is the verification step of a batch of aggregated apk signatures TODO: consider adding the possibility to handle non distinct messages (at batch level after aggregating APK)

func VerifyCompressed 

func VerifyCompressed(pks []*cfbn256.G2, msgList [][]byte, compressedSig []byte, allowDistinct bool) error

VerifyCompressed verifies a Compressed marshalled signature

func VerifyG1Pk 

func VerifyG1Pk(g1pk []byte, g2pk []byte) error

func VerifyUnsafe 

func VerifyUnsafe(pkey *PublicKey, msg []byte, signature *UnsafeSignature) error

VerifyUnsafe checks the given BLS signature bls on the message m using the public key pkey by verifying that the equality e(H(m), X) == e(H(m), x*B2) == e(x*H(m), B2) == e(S, B2) holds where e is the pairing operation and B2 is the base point from curve G2.

func VerifyUnsafe2 

func VerifyUnsafe2(pkey *PublicKey, msg []byte, signature *UnsafeSignature) error

func VerifyUnsafeBatch 

func VerifyUnsafeBatch(pkeys []*PublicKey, msgList [][]byte, signature *UnsafeSignature) error

VerifyUnsafeBatch verifies a batch of messages signed with aggregated signature the rogue-key attack is prevented by making all messages distinct

Types

type Apk 

type Apk struct {
	*PublicKey
}

Apk is the short aggregated public key struct

func AggregateApk 

func AggregateApk(pks []*PublicKey) (*Apk, error)

AggregateApk aggregates the public key according to the following formula: apk ← ∏ⁿᵢ₌₁ pk^H₁(pkᵢ)

func NewApk 

func NewApk(pk *PublicKey) *Apk

NewApk creates an Apk either from a public key or scratch

func UnmarshalApk 

func UnmarshalApk(b []byte) (*Apk, error)

UnmarshalApk unmarshals a byte array into an aggregated PublicKey

func (*Apk) Aggregate 

func (apk *Apk) Aggregate(pk *PublicKey) error

Aggregate a Public Key to the Apk struct according to the formula pk^H₁(pkᵢ)

func (*Apk) AggregateBytes 

func (apk *Apk) AggregateBytes(b []byte) error

AggregateBytes is a convenient method to aggregate the unmarshalled form of PublicKey directly

func (*Apk) Copy 

func (apk *Apk) Copy() *Apk

Copy the APK by marshalling and unmarshalling the internals. It is somewhat wasteful but does the job

type BLSCryptoSelector 

type BLSCryptoSelector interface {
	ECDSAToBLS(privateKeyECDSA *ecdsa.PrivateKey) ([]byte, error)
	PrivateToPublic(privateKeyBytes []byte) (SerializedPublicKey, error)
	PrivateToG1Public(privateKeyBytes []byte) (SerializedG1PublicKey, error)
	VerifyAggregatedSignature(publicKeys []SerializedPublicKey, message []byte, extraData []byte, signature []byte, shouldUseCompositeHasher, cip22 bool, fork, cur *big.Int) error
	AggregateSignatures(signatures [][]byte) ([]byte, error)
	VerifySignature(publicKey SerializedPublicKey, message []byte, extraData []byte, signature []byte, shouldUseCompositeHasher, cip22 bool, fork, cur *big.Int) error
	EncodeEpochSnarkDataCIP22(newValSet []SerializedPublicKey, maximumNonSigners, maxValidators uint32, epochIndex uint16, round uint8, blockHash, parentHash EpochEntropy) ([]byte, []byte, error)
	UncompressKey(serialized SerializedPublicKey) ([]byte, error)
}

func CryptoType 

func CryptoType() BLSCryptoSelector

type BN256 

type BN256 struct{}

func (BN256) AggregateSignatures 

func (BN256) AggregateSignatures(signatures [][]byte) ([]byte, error)

func (BN256) ECDSAToBLS 

func (BN256) ECDSAToBLS(privateKeyECDSA *ecdsa.PrivateKey) ([]byte, error)
func (BN256) ECDSAToBLS(privateKeyECDSA *ecdsa.PrivateKey) ([]byte, error) {
	return crypto.FromECDSA(privateKeyECDSA), nil
}

func (BN256) EncodeEpochSnarkDataCIP22 

func (BN256) EncodeEpochSnarkDataCIP22(newValSet []SerializedPublicKey, maximumNonSigners, maxValidators uint32, epochIndex uint16, round uint8, blockHash, parentHash EpochEntropy) ([]byte, []byte, error)

func (BN256) PrivateToG1Public 

func (BN256) PrivateToG1Public(privateKeyBytes []byte) (SerializedG1PublicKey, error)

func (BN256) PrivateToPublic 

func (BN256) PrivateToPublic(privateKeyBytes []byte) (SerializedPublicKey, error)

func (BN256) UncompressKey 

func (BN256) UncompressKey(serialized SerializedPublicKey) ([]byte, error)

func (BN256) VerifyAggregatedSignature 

func (BN256) VerifyAggregatedSignature(publicKeys []SerializedPublicKey, message []byte, extraData []byte,
	signature []byte, shouldUseCompositeHasher, cip22 bool, fork, cur *big.Int) error

func (BN256) VerifySignature 

func (BN256) VerifySignature(publicKey SerializedPublicKey, message []byte, extraData []byte,
	signature []byte, shouldUseCompositeHasher, cip22 bool, fork, cur *big.Int) error

type EpochEntropy 

type EpochEntropy [EPOCHENTROPYBYTES]byte

EpochEntropy is a string of unprediactable bytes included in the epoch SNARK data to make prediction of future epoch message values infeasible.

func EpochEntropyFromHash 

func EpochEntropyFromHash(hash common.Hash) EpochEntropy

EpochEntropyFromHash truncates the given hash to the length of epoch SNARK entropy.

type PublicKey 

type PublicKey struct {
	// contains filtered or unexported fields
}

PublicKey is calculated as g^x

func AggregatePK 

func AggregatePK(pks []*PublicKey) *PublicKey

func UnmarshalPk 

func UnmarshalPk(b []byte) (*PublicKey, error)

UnmarshalPk unmarshals a byte array into a BLS PublicKey

func (*PublicKey) Aggregate 

func (pk *PublicKey) Aggregate(pp *PublicKey) *PublicKey

Aggregate is a shortcut for Public Key aggregation

func (*PublicKey) Marshal 

func (pk *PublicKey) Marshal() []byte

Marshal returns the binary representation of the G2 point being the public key

func (*PublicKey) MarshalText 

func (pk *PublicKey) MarshalText() ([]byte, error)

MarshalText encodes the string representation of the public key

func (*PublicKey) Unmarshal 

func (pk *PublicKey) Unmarshal(data []byte) error

Unmarshal a public key from a byte array

func (*PublicKey) UnmarshalText 

func (pk *PublicKey) UnmarshalText(data []byte) error

UnmarshalText decode the string/byte representation into the public key

type SecretKey 

type SecretKey struct {
	// contains filtered or unexported fields
}

SecretKey has "x" as secret for the BLS signature

func DeserializePrivateKey 

func DeserializePrivateKey(privateKeyBytes []byte) (*SecretKey, error)

func (*SecretKey) Serialize 

func (self *SecretKey) Serialize() ([]byte, error)

func (*SecretKey) ToG1Public 

func (self *SecretKey) ToG1Public() []byte

func (*SecretKey) ToPublic 

func (self *SecretKey) ToPublic() *PublicKey

type SerializedG1PublicKey 

type SerializedG1PublicKey [G1PUBLICKEYBYTES]byte

func (SerializedG1PublicKey) MarshalText 

func (pk SerializedG1PublicKey) MarshalText() ([]byte, error)

MarshalText returns the hex representation of pk.

func (*SerializedG1PublicKey) UnmarshalJSON 

func (pk *SerializedG1PublicKey) UnmarshalJSON(input []byte) error

UnmarshalJSON parses a BLS public key in hex syntax.

func (*SerializedG1PublicKey) UnmarshalText 

func (pk *SerializedG1PublicKey) UnmarshalText(input []byte) error

UnmarshalText parses a BLS public key in hex syntax.

type SerializedPublicKey 

type SerializedPublicKey [PUBLICKEYBYTES]byte

func (SerializedPublicKey) MarshalText 

func (pk SerializedPublicKey) MarshalText() ([]byte, error)

MarshalText returns the hex representation of pk.

func (*SerializedPublicKey) UnmarshalJSON 

func (pk *SerializedPublicKey) UnmarshalJSON(input []byte) error

UnmarshalJSON parses a BLS public key in hex syntax.

func (*SerializedPublicKey) UnmarshalText 

func (pk *SerializedPublicKey) UnmarshalText(input []byte) error

UnmarshalText parses a BLS public key in hex syntax.

type SerializedSignature 

type SerializedSignature [SIGNATUREBYTES]byte

func SerializedSignatureFromBytes 

func SerializedSignatureFromBytes(serializedSignature []byte) (SerializedSignature, error)

func (SerializedSignature) MarshalText 

func (sig SerializedSignature) MarshalText() ([]byte, error)

MarshalText returns the hex representation of sig.

func (*SerializedSignature) UnmarshalJSON 

func (sig *SerializedSignature) UnmarshalJSON(input []byte) error

UnmarshalJSON parses a BLS signature in hex syntax.

func (*SerializedSignature) UnmarshalText 

func (sig *SerializedSignature) UnmarshalText(input []byte) error

UnmarshalText parses a BLS signature in hex syntax.

type Signature 

type Signature struct {
	// contains filtered or unexported fields
}

Signature is the plain public key model of the BLS signature being resilient to rogue key attack

func Sign 

func Sign(sk *SecretKey, pk *PublicKey, msg []byte) (*Signature, error)

Sign creates a signature from the private key and the public key pk

func Sign2 

func Sign2(sk *SecretKey, pk *PublicKey, msg []byte) (*Signature, error)

func UnmarshalSignature 

func UnmarshalSignature(sig []byte) (*Signature, error)

UnmarshalSignature unmarshals a byte array into a BLS signature

func (*Signature) Add 

func (sigma *Signature) Add(pk *PublicKey, sig *UnsafeSignature) error

Add creates an aggregated signature from a normal BLS Signature and related public key

func (*Signature) Aggregate 

func (sigma *Signature) Aggregate(other *Signature) *Signature

Aggregate two Signature

func (*Signature) AggregateBytes 

func (sigma *Signature) AggregateBytes(other []byte) error

AggregateBytes is a shorthand for unmarshalling a byte array into a Signature and thus mutate Signature sigma by aggregating the unmarshalled signature

func (*Signature) Compress 

func (sigma *Signature) Compress() []byte

Compress the signature to the 32 byte form

func (*Signature) Copy 

func (sigma *Signature) Copy() *Signature

Copy (inefficiently) the Signature by unmarshaling and marshaling the embedded G1

func (*Signature) Decompress 

func (sigma *Signature) Decompress(x []byte) error

Decompress reconstructs the 64 byte signature from the compressed form

func (*Signature) Marshal 

func (sigma *Signature) Marshal() []byte

Marshal a Signature into a byte array

func (*Signature) Unmarshal 

func (sigma *Signature) Unmarshal(msg []byte) error

Unmarshal a byte array into a Signature

type UnsafeSignature 

type UnsafeSignature struct {
	// contains filtered or unexported fields
}

UnsafeSignature is the BLS Signature Struct not resilient to rogue-key attack

func UnsafeAggregate 

func UnsafeAggregate(one, other *UnsafeSignature) *UnsafeSignature

UnsafeAggregate combines signatures on distinct messages.

func UnsafeBatch 

func UnsafeBatch(sigs ...*UnsafeSignature) (*UnsafeSignature, error)

UnsafeBatch is a utility function to aggregate distinct messages (if not distinct the scheme is vulnerable to chosen-key attack)

func UnsafeSign 

func UnsafeSign(key *SecretKey, msg []byte) (*UnsafeSignature, error)

UnsafeSign generates an UnsafeSignature being vulnerable to the rogue-key attack and therefore can only be used if the messages are distinct

func UnsafeSign2 

func UnsafeSign2(key *SecretKey, msg []byte) (*UnsafeSignature, error)

func (*UnsafeSignature) Compress 

func (usig *UnsafeSignature) Compress() []byte

Compress the signature to the 32 byte form

func (*UnsafeSignature) Decompress 

func (usig *UnsafeSignature) Decompress(x []byte) error

Decompress reconstructs the 64 byte signature from the compressed form

func (*UnsafeSignature) Marshal 

func (usig *UnsafeSignature) Marshal() []byte

Marshal an UnsafeSignature into a byte array

func (*UnsafeSignature) Unmarshal 

func (usig *UnsafeSignature) Unmarshal(msg []byte) error

Unmarshal a byte array into an UnsafeSignature

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.