New BLS in Phase 1

Zkx007 · Dec 17, 2019 · 995c895 · 995c895
1 parent c239ffb
commit 995c895
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 40 deletions.
diff --git a/scripts/build_spec.py b/scripts/build_spec.py
@@ -59,10 +59,9 @@
 )
 from eth2spec.utils.bls import (
     Verify,
-    Sign,
-    Aggregate,
+    AggregateVerify,
     FastAggregateVerify,
-    bls_aggregate_pubkeys,
+    bls_signature_to_G2,
 )
 
 from eth2spec.utils.hash_function import hash
@@ -86,7 +85,7 @@ def get_eth1_data(distance: uint64) -> Bytes32:
     return hash(distance)
 
 
-def hash(x: bytes) -> Bytes32:  # type: ignore
+def hash(x: bytes) -> Bytes32:
     if x not in hash_cache:
         hash_cache[x] = Bytes32(_hash(x))
     return hash_cache[x]

diff --git a/specs/core/1_custody-game.md b/specs/core/1_custody-game.md
@@ -429,16 +429,9 @@ def process_custody_key_reveal(state: BeaconState, reveal: CustodyKeyReveal) ->
     assert is_slashable_validator(revealer, get_current_epoch(state))
 
     # Verify signature
-    assert bls_verify(
-        pubkey=revealer.pubkey,
-        message_hash=hash_tree_root(epoch_to_sign),
-        signature=reveal.reveal,
-        domain=get_domain(
-            state=state,
-            domain_type=DOMAIN_RANDAO,
-            message_epoch=epoch_to_sign,
-        ),
-    )
+    domain = get_domain(state, DOMAIN_RANDAO, epoch_to_sign)
+    message = compute_domain_wrapper_root(epoch_to_sign, domain)
+    assert Verify(revealer.pubkey, message, reveal.reveal)
 
     # Decrement max reveal lateness if response is timely
     if epoch_to_sign + EPOCHS_PER_CUSTODY_PERIOD >= get_current_epoch(state):
@@ -487,21 +480,12 @@ def process_early_derived_secret_reveal(state: BeaconState, reveal: EarlyDerived
     # Verify signature correctness
     masker = state.validators[reveal.masker_index]
     pubkeys = [revealed_validator.pubkey, masker.pubkey]
-    message_hashes = [
-        hash_tree_root(reveal.epoch),
-        reveal.mask,
-    ]
-
-    assert bls_verify_multiple(
-        pubkeys=pubkeys,
-        message_hashes=message_hashes,
-        signature=reveal.reveal,
-        domain=get_domain(
-            state=state,
-            domain_type=DOMAIN_RANDAO,
-            message_epoch=reveal.epoch,
-        ),
-    )
+
+    domain = get_domain(state, DOMAIN_RANDAO, reveal.epoch)
+    messages = [compute_domain_wrapper_root(message, domain)
+                for message in [hash_tree_root(reveal.epoch), reveal.mask]]
+
+    assert AggregateVerify(pubkeys, messages, reveal.reveal)
 
     if reveal.epoch >= get_current_epoch(state) + CUSTODY_PERIOD_TO_RANDAO_PADDING:
         # Full slashing when the secret was revealed so early it may be a valid custody
@@ -598,7 +582,7 @@ def process_bit_challenge(state: BeaconState, challenge: CustodyBitChallenge) ->
     challenger = state.validators[challenge.challenger_index]
     domain = get_domain(state, DOMAIN_CUSTODY_BIT_CHALLENGE, get_current_epoch(state))
     # TODO incorrect hash-tree-root, but this changes with phase 1 PR #1483
-    assert bls_verify(challenger.pubkey, hash_tree_root(challenge), challenge.signature, domain)
+    assert Verify(challenger.pubkey, compute_domain_wrapper_root(challenge, domain), challenge.signature)
     # Verify challenger is slashable
     assert is_slashable_validator(challenger, get_current_epoch(state))
     # Verify attestation
@@ -622,7 +606,7 @@ def process_bit_challenge(state: BeaconState, challenge: CustodyBitChallenge) ->
         challenge.responder_index,
     )
     domain = get_domain(state, DOMAIN_RANDAO, epoch_to_sign)
-    assert bls_verify(responder.pubkey, hash_tree_root(epoch_to_sign), challenge.responder_key, domain)
+    assert Verify(responder.pubkey, compute_domain_wrapper_root(epoch_to_sign, domain), challenge.responder_key)
     # Verify the chunk count
     chunk_count = get_custody_chunk_count(attestation.data.crosslink)
     assert chunk_count == len(challenge.chunk_bits)

diff --git a/specs/core/1_shard-data-chains.md b/specs/core/1_shard-data-chains.md
@@ -386,7 +386,7 @@ def process_shard_block_header(beacon_state: BeaconState, shard_state: ShardStat
     assert not proposer.slashed
     # Verify proposer signature
     domain = get_domain(beacon_state, DOMAIN_SHARD_PROPOSER, compute_epoch_of_shard_slot(block.slot))
-    assert bls_verify(proposer.pubkey, hash_tree_root(block), block.signature, domain)
+    assert Verify(proposer.pubkey, compute_domain_wrapper_root(block, domain), block.signature)
 ```
 
 #### Attestations
@@ -406,8 +406,9 @@ def process_shard_attestations(beacon_state: BeaconState, shard_state: ShardStat
         assert block.aggregation_bits[i] == 0b0
     # Verify attester aggregate signature
     domain = get_domain(beacon_state, DOMAIN_SHARD_ATTESTER, compute_epoch_of_shard_slot(block.slot))
-    message = hash_tree_root(ShardAttestationData(slot=shard_state.slot, parent_root=block.parent_root))
-    assert bls_verify(bls_aggregate_pubkeys(pubkeys), message, block.attestations, domain)
+    shard_attestation_data = ShardAttestationData(slot=shard_state.slot, parent_root=block.parent_root)
+    message = compute_domain_wrapper_root(shard_attestation_data, domain)
+    assert FastAggregateVerify(pubkeys, message, block.attestations)
     # Proposer micro-reward
     proposer_index = get_shard_proposer_index(beacon_state, shard_state.shard, block.slot)
     reward = attestation_count * get_base_reward(beacon_state, proposer_index) // PROPOSER_REWARD_QUOTIENT

diff --git a/test_libs/pyspec/eth2spec/utils/bls.py b/test_libs/pyspec/eth2spec/utils/bls.py
@@ -27,9 +27,9 @@ def Verify(PK, message, signature):
     return bls.verify(message_hash=message, pubkey=PK, signature=signature, domain=b'')
 
 
-# @only_with_bls(alt_return=True)
-# def AggregateVerify(PKs, messages, signature):
-#     return bls.verify_multiple(pubkeys=pubkeys, message_hashes=messages, signature=signature, domain=b'')
+@only_with_bls(alt_return=True)
+def AggregateVerify(PKs, messages, signature):
+    return bls.verify_multiple(pubkeys=PKs, message_hashes=messages, signature=signature, domain=b'')
 
 
 @only_with_bls(alt_return=True)
@@ -38,9 +38,9 @@ def FastAggregateVerify(PKs, message, signature):
     return bls.verify(pubkey=aggregate_pubkey, message_hash=message, signature=signature, domain=b'')
 
 
-@only_with_bls(alt_return=STUB_PUBKEY)
-def bls_aggregate_pubkeys(PKs):
-    return bls.aggregate_pubkeys(PKs)
+# @only_with_bls(alt_return=STUB_PUBKEY)
+# def bls_aggregate_pubkeys(PKs):
+#     return bls.aggregate_pubkeys(PKs)
 
 
 @only_with_bls(alt_return=STUB_SIGNATURE)