Skip to content
This repository was archived by the owner on Nov 15, 2023. It is now read-only.

Babe VRF Signing in keystore #6225

Merged
rphmeier merged 36 commits into from
Jun 18, 2020
Merged

Babe VRF Signing in keystore #6225

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
6a6b33f
Introduce trait
Jun 2, 2020
363bb02
Implement VRFSigner in keystore
Jun 2, 2020
45c7582
Use vrf_sign from keystore
Jun 2, 2020
4fcf607
Convert output to VRFInOut
Jun 2, 2020
3c148b7
Simplify conversion
Jun 2, 2020
3ca49f6
vrf_sign secondary slot using keystore
Jun 2, 2020
f292623
Fix RPC call to claim_slot
Jun 2, 2020
df6063d
Use Public instead of Pair
Jun 2, 2020
76bcb2c
Check primary threshold in signer
Jun 4, 2020
81e31c5
Fix interface to return error
Jun 4, 2020
1d64e56
Move vrf_sign to BareCryptoStore
Jun 4, 2020
95a7b93
Merge remote-tracking branch 'upstream/master' into vrf-signing
Jun 4, 2020
f62b1d7
Fix authorship_works test
Jun 4, 2020
04ec073
Fix BABE logic leaks
Jun 7, 2020
6c6f380
Acquire a read lock once
Jun 7, 2020
c572d13
Also fix RPC acquiring the read lock once
Jun 7, 2020
b5415f6
Merge remote-tracking branch 'upstream/master' into vrf-signing
Jun 7, 2020
e4db9bf
Implement a generic way to construct VRF Transcript
Jun 8, 2020
b581c6c
Use make_transcript_data to call sr25519_vrf_sign
Jun 8, 2020
022b706
Make sure VRFTranscriptData is serializable
Jun 8, 2020
0c23a48
Cleanup
Jun 8, 2020
c3f17de
Move VRF to it's own module
Jun 8, 2020
a691f24
Implement & test VRF signing in testing module
Jun 8, 2020
a5821f0
Merge remote-tracking branch 'upstream/master' into vrf-signing
Jun 8, 2020
b5322c3
Remove leftover
Jun 8, 2020
53bed39
Fix feature requirements
Jun 8, 2020
43596d7
Revert removing vec macro
Jun 8, 2020
61e3b8d
Drop keystore pointer to prevent deadlock
Jun 8, 2020
383bf44
Nitpicks
Jun 8, 2020
2508594
Add test to make sure make_transcript works
Jun 8, 2020
1fd6936
Fix mismatch in VRF transcript
Jun 10, 2020
b45a1ca
Add a test to verify transcripts match in babe
Jun 10, 2020
df7dd65
Merge remote-tracking branch 'upstream/master' into vrf-signing
Jun 10, 2020
67b1c03
Return VRFOutput and VRFProof from keystore
Jun 10, 2020
e46467b
Merge remote-tracking branch 'upstream/master' into vrf-signing
Jun 10, 2020
ecd7cf1
Merge remote-tracking branch 'upstream/master' into vrf-signing
Jun 18, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix interface to return error
  • Loading branch information
Rakan Alhneiti committed Jun 4, 2020
commit 81e31c5587b42d2bfe81af68fedcd583baa69f18
8 changes: 4 additions & 4 deletions client/consensus/babe/src/authorship.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,8 +153,8 @@ fn claim_secondary_slot(
slot_number,
*epoch_index,
u128::MAX,
).ok();
if let Some((output, proof)) = result {
);
if let Ok(Some((output, proof))) = result {
let proof = schnorrkel::vrf::VRFProof::from_bytes(&proof).ok()?;
let output = schnorrkel::vrf::VRFOutput::from_bytes(&output).ok()?;

Expand Down Expand Up @@ -254,8 +254,8 @@ fn claim_primary_slot(
slot_number,
*epoch_index,
threshold,
).ok();
if let Some((output, proof)) = result {
);
if let Ok(Some((output, proof))) = result {
let proof = schnorrkel::vrf::VRFProof::from_bytes(&proof).ok()?;
let output = schnorrkel::vrf::VRFOutput::from_bytes(&output).ok()?;

Expand Down
12 changes: 7 additions & 5 deletions client/keystore/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
use std::{collections::{HashMap, HashSet}, path::PathBuf, fs::{self, File}, io::{self, Write}, sync::Arc};
use sp_core::{
crypto::{IsWrappedBy, CryptoTypePublicPair, KeyTypeId, Pair as PairT, Protected, Public},
traits::{BareCryptoStore, BareCryptoStoreError as TraitError, VRFSigner},
traits::{BareCryptoStore, Error as TraitError, VRFSigner},
sr25519::{Public as Sr25519Public, Pair as Sr25519Pair},
Encode,
};
Expand Down Expand Up @@ -472,14 +472,16 @@ impl VRFSigner for Store {
slot_number: u64,
epoch: u64,
threshold: u128,
) -> std::result::Result<(Vec<u8>, Vec<u8>), ()> {
) -> std::result::Result<Option<(Vec<u8>, Vec<u8>)>, TraitError> {
let transcript = self.make_vrf_transcript(label, randomness, slot_number, epoch);
let pair = self.key_pair_by_type::<Sr25519Pair>(public, key_type).map_err(|_| ())?;
let pair = self.key_pair_by_type::<Sr25519Pair>(public, key_type)
.map_err(|e| TraitError::PairNotFound(e.to_string()))?;

let (inout, proof, _) = pair.as_ref().vrf_sign(transcript);
if self.check_primary_threshold(prefix, &inout, threshold) {
Ok((inout.to_output().to_bytes().to_vec(), proof.to_bytes().to_vec()))
Ok(Some((inout.to_output().to_bytes().to_vec(), proof.to_bytes().to_vec())))
} else {
Err(())
Ok(None)
}
}
}
Expand Down
28 changes: 14 additions & 14 deletions primitives/core/src/testing.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ use crate::crypto::KeyTypeId;
use crate::{
crypto::{Pair, Public, CryptoTypePublicPair},
ed25519, sr25519, ecdsa,
traits::BareCryptoStoreError
traits::Error
};
#[cfg(feature = "std")]
use std::collections::HashSet;
Expand Down Expand Up @@ -76,7 +76,7 @@ impl KeyStore {

#[cfg(feature = "std")]
impl crate::traits::BareCryptoStore for KeyStore {
fn keys(&self, id: KeyTypeId) -> Result<Vec<CryptoTypePublicPair>, BareCryptoStoreError> {
fn keys(&self, id: KeyTypeId) -> Result<Vec<CryptoTypePublicPair>, Error> {
self.keys
.get(&id)
.map(|map| {
Expand Down Expand Up @@ -106,11 +106,11 @@ impl crate::traits::BareCryptoStore for KeyStore {
&mut self,
id: KeyTypeId,
seed: Option<&str>,
) -> Result<sr25519::Public, BareCryptoStoreError> {
) -> Result<sr25519::Public, Error> {
match seed {
Some(seed) => {
let pair = sr25519::Pair::from_string(seed, None)
.map_err(|_| BareCryptoStoreError::ValidationError("Generates an `sr25519` pair.".to_owned()))?;
.map_err(|_| Error::ValidationError("Generates an `sr25519` pair.".to_owned()))?;
self.keys.entry(id).or_default().insert(pair.public().to_raw_vec(), seed.into());
Ok(pair.public())
},
Expand All @@ -137,11 +137,11 @@ impl crate::traits::BareCryptoStore for KeyStore {
&mut self,
id: KeyTypeId,
seed: Option<&str>,
) -> Result<ed25519::Public, BareCryptoStoreError> {
) -> Result<ed25519::Public, Error> {
match seed {
Some(seed) => {
let pair = ed25519::Pair::from_string(seed, None)
.map_err(|_| BareCryptoStoreError::ValidationError("Generates an `ed25519` pair.".to_owned()))?;
.map_err(|_| Error::ValidationError("Generates an `ed25519` pair.".to_owned()))?;
self.keys.entry(id).or_default().insert(pair.public().to_raw_vec(), seed.into());
Ok(pair.public())
},
Expand All @@ -168,11 +168,11 @@ impl crate::traits::BareCryptoStore for KeyStore {
&mut self,
id: KeyTypeId,
seed: Option<&str>,
) -> Result<ecdsa::Public, BareCryptoStoreError> {
) -> Result<ecdsa::Public, Error> {
match seed {
Some(seed) => {
let pair = ecdsa::Pair::from_string(seed, None)
.map_err(|_| BareCryptoStoreError::ValidationError("Generates an `ecdsa` pair.".to_owned()))?;
.map_err(|_| Error::ValidationError("Generates an `ecdsa` pair.".to_owned()))?;
self.keys.entry(id).or_default().insert(pair.public().to_raw_vec(), seed.into());
Ok(pair.public())
},
Expand Down Expand Up @@ -201,7 +201,7 @@ impl crate::traits::BareCryptoStore for KeyStore {
&self,
id: KeyTypeId,
keys: Vec<CryptoTypePublicPair>,
) -> std::result::Result<Vec<CryptoTypePublicPair>, BareCryptoStoreError> {
) -> std::result::Result<Vec<CryptoTypePublicPair>, Error> {
let provided_keys = keys.into_iter().collect::<HashSet<_>>();
let all_keys = self.keys(id)?.into_iter().collect::<HashSet<_>>();

Expand All @@ -213,29 +213,29 @@ impl crate::traits::BareCryptoStore for KeyStore {
id: KeyTypeId,
key: &CryptoTypePublicPair,
msg: &[u8],
) -> Result<Vec<u8>, BareCryptoStoreError> {
) -> Result<Vec<u8>, Error> {
use codec::Encode;

match key.0 {
ed25519::CRYPTO_ID => {
let key_pair: ed25519::Pair = self
.ed25519_key_pair(id, &ed25519::Public::from_slice(key.1.as_slice()))
.ok_or(BareCryptoStoreError::PairNotFound("ed25519".to_owned()))?;
.ok_or(Error::PairNotFound("ed25519".to_owned()))?;
return Ok(key_pair.sign(msg).encode());
}
sr25519::CRYPTO_ID => {
let key_pair: sr25519::Pair = self
.sr25519_key_pair(id, &sr25519::Public::from_slice(key.1.as_slice()))
.ok_or(BareCryptoStoreError::PairNotFound("sr25519".to_owned()))?;
.ok_or(Error::PairNotFound("sr25519".to_owned()))?;
return Ok(key_pair.sign(msg).encode());
}
ecdsa::CRYPTO_ID => {
let key_pair: ecdsa::Pair = self
.ecdsa_key_pair(id, &ecdsa::Public::from_slice(key.1.as_slice()))
.ok_or(BareCryptoStoreError::PairNotFound("ecdsa".to_owned()))?;
.ok_or(Error::PairNotFound("ecdsa".to_owned()))?;
return Ok(key_pair.sign(msg).encode());
}
_ => Err(BareCryptoStoreError::KeyNotSupported(id))
_ => Err(Error::KeyNotSupported(id))
}
}
}
Expand Down
25 changes: 13 additions & 12 deletions primitives/core/src/traits.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ pub use sp_externalities::{Externalities, ExternalitiesExt};

/// BareCryptoStore error
#[derive(Debug, derive_more::Display)]
pub enum BareCryptoStoreError {
pub enum Error {
/// Public key type is not supported
#[display(fmt="Key not supported: {:?}", _0)]
KeyNotSupported(KeyTypeId),
Expand All @@ -51,6 +51,7 @@ pub enum BareCryptoStoreError {
Other(String)
}


/// Something that generates, stores and provides access to keys.
pub trait BareCryptoStore: Send + Sync {
/// Returns all sr25519 public keys for the given key type.
Expand All @@ -64,7 +65,7 @@ pub trait BareCryptoStore: Send + Sync {
&mut self,
id: KeyTypeId,
seed: Option<&str>,
) -> Result<sr25519::Public, BareCryptoStoreError>;
) -> Result<sr25519::Public, Error>;
/// Returns all ed25519 public keys for the given key type.
fn ed25519_public_keys(&self, id: KeyTypeId) -> Vec<ed25519::Public>;
/// Generate a new ed25519 key pair for the given key type and an optional seed.
Expand All @@ -76,7 +77,7 @@ pub trait BareCryptoStore: Send + Sync {
&mut self,
id: KeyTypeId,
seed: Option<&str>,
) -> Result<ed25519::Public, BareCryptoStoreError>;
) -> Result<ed25519::Public, Error>;
/// Returns all ecdsa public keys for the given key type.
fn ecdsa_public_keys(&self, id: KeyTypeId) -> Vec<ecdsa::Public>;
/// Generate a new ecdsa key pair for the given key type and an optional seed.
Expand All @@ -88,7 +89,7 @@ pub trait BareCryptoStore: Send + Sync {
&mut self,
id: KeyTypeId,
seed: Option<&str>,
) -> Result<ecdsa::Public, BareCryptoStoreError>;
) -> Result<ecdsa::Public, Error>;

/// Insert a new key. This doesn't require any known of the crypto; but a public key must be
/// manually provided.
Expand All @@ -108,11 +109,11 @@ pub trait BareCryptoStore: Send + Sync {
&self,
id: KeyTypeId,
keys: Vec<CryptoTypePublicPair>
) -> Result<Vec<CryptoTypePublicPair>, BareCryptoStoreError>;
) -> Result<Vec<CryptoTypePublicPair>, Error>;
/// List all supported keys
///
/// Returns a set of public keys the signer supports.
fn keys(&self, id: KeyTypeId) -> Result<Vec<CryptoTypePublicPair>, BareCryptoStoreError>;
fn keys(&self, id: KeyTypeId) -> Result<Vec<CryptoTypePublicPair>, Error>;

/// Checks if the private keys for the given public key and key type combinations exist.
///
Expand All @@ -131,7 +132,7 @@ pub trait BareCryptoStore: Send + Sync {
id: KeyTypeId,
key: &CryptoTypePublicPair,
msg: &[u8],
) -> Result<Vec<u8>, BareCryptoStoreError>;
) -> Result<Vec<u8>, Error>;

/// Sign with any key
///
Expand All @@ -144,7 +145,7 @@ pub trait BareCryptoStore: Send + Sync {
id: KeyTypeId,
keys: Vec<CryptoTypePublicPair>,
msg: &[u8]
) -> Result<(CryptoTypePublicPair, Vec<u8>), BareCryptoStoreError> {
) -> Result<(CryptoTypePublicPair, Vec<u8>), Error> {
if keys.len() == 1 {
return self.sign_with(id, &keys[0], msg).map(|s| (keys[0].clone(), s));
} else {
Expand All @@ -154,7 +155,7 @@ pub trait BareCryptoStore: Send + Sync {
}
}
}
Err(BareCryptoStoreError::KeyNotSupported(id))
Err(Error::KeyNotSupported(id))
}

/// Sign with all keys
Expand All @@ -163,13 +164,13 @@ pub trait BareCryptoStore: Send + Sync {
/// each key given that the key is supported.
///
/// Returns a list of `Result`s each representing the SCALE encoded
/// signature of each key or a BareCryptoStoreError for non-supported keys.
/// signature of each key or a Error for non-supported keys.
fn sign_with_all(
&self,
id: KeyTypeId,
keys: Vec<CryptoTypePublicPair>,
msg: &[u8],
) -> Result<Vec<Result<Vec<u8>, BareCryptoStoreError>>, ()>{
) -> Result<Vec<Result<Vec<u8>, Error>>, ()>{
Ok(keys.iter().map(|k| self.sign_with(id, k, msg)).collect())
}
}
Expand All @@ -187,7 +188,7 @@ pub trait VRFSigner {
slot_number: u64,
epoch: u64,
threshold: u128,
) -> Result<(Vec<u8>, Vec<u8>), ()>;
) -> Result<Option<(Vec<u8>, Vec<u8>)>, Error>;
}

/// A pointer to the key store.
Expand Down