def test_signature_aggregation(msg, privkeys):
domain = (0).to_bytes(8, "little")
sigs = [sign(msg, k, domain=domain) for k in privkeys]
pubs = [privtopub(k) for k in privkeys]
aggsig = aggregate_signatures(sigs)
aggpub = aggregate_pubkeys(pubs)
assert verify(msg, aggpub, aggsig, domain=domain)
def validate_proposer_signature(state: BeaconState,
block: BaseBeaconBlock,
beacon_chain_shard_number: Shard,
committee_config: CommitteeConfig) -> None:
# TODO: Replace this with real signed_root
message_hash = block.signed_root
# Get the public key of proposer
beacon_proposer_index = get_beacon_proposer_index(
state,
state.slot,
committee_config,
)
proposer_pubkey = state.validator_registry[beacon_proposer_index].pubkey
domain = get_domain(
state.fork,
state.current_epoch(committee_config.SLOTS_PER_EPOCH),
SignatureDomain.DOMAIN_BEACON_BLOCK
)
is_valid_signature = bls.verify(
pubkey=proposer_pubkey,
message_hash=message_hash,
signature=block.signature,
domain=domain,
)
if not is_valid_signature:
raise ValidationError(
f"Invalid Proposer Signature on block, beacon_proposer_index={beacon_proposer_index}, "
f"pubkey={proposer_pubkey}, message_hash={message_hash}, "
f"block.signature={block.signature}, domain={domain}"
)
def verify_votes(
message_hash: Hash32,
votes: Iterable[Tuple[CommitteeIndex, BLSSignature, BLSPubkey]],
domain: SignatureDomain
) -> Tuple[Tuple[BLSSignature, ...], Tuple[CommitteeIndex, ...]]:
"""
Verify the given votes.
"""
sigs_with_committee_info = tuple(
(sig, committee_index)
for (committee_index, sig, pubkey)
in votes
if bls.verify(
message_hash=message_hash,
pubkey=pubkey,
signature=sig,
domain=domain,
)
)
try:
sigs, committee_indices = zip(*sigs_with_committee_info)
except ValueError:
sigs = tuple()
committee_indices = tuple()
return sigs, committee_indices
def process_deposit(state: BeaconState, deposit: Deposit, slots_per_epoch: int,
deposit_contract_tree_depth: int) -> BeaconState:
"""
Process a deposit from Ethereum 1.0.
"""
validate_deposit(state, deposit, deposit_contract_tree_depth)
# Increment the next deposit index we are expecting. Note that this
# needs to be done here because while the deposit contract will never
# create an invalid Merkle branch, it may admit an invalid deposit
# object, and we need to be able to skip over it
state = state.copy(deposit_index=state.deposit_index + 1, )
validator_pubkeys = tuple(v.pubkey for v in state.validator_registry)
deposit_input = deposit.deposit_data.deposit_input
pubkey = deposit_input.pubkey
amount = deposit.deposit_data.amount
withdrawal_credentials = deposit_input.withdrawal_credentials
if pubkey not in validator_pubkeys:
# Verify the proof of possession
proof_is_valid = bls.verify(
pubkey=pubkey,
message_hash=deposit_input.signing_root,
signature=deposit_input.signature,
domain=get_domain(
state.fork,
state.current_epoch(slots_per_epoch),
SignatureDomain.DOMAIN_DEPOSIT,
),
)
if not proof_is_valid:
return state
validator = Validator.create_pending_validator(
pubkey=pubkey,
withdrawal_credentials=withdrawal_credentials,
)
# Note: In phase 2 registry indices that has been withdrawn for a long time
# will be recycled.
state = add_pending_validator(
state,
validator,
amount,
)
else:
# Top-up - increase balance by deposit
index = ValidatorIndex(validator_pubkeys.index(pubkey))
validator = state.validator_registry[index]
# Update validator's balance and state
state = state.update_validator_balance(
validator_index=index,
balance=state.validator_balances[index] + amount,
)
return state
def test_bls_core(privkey):
domain = (0).to_bytes(8, "little")
p1 = multiply(G1, privkey)
p2 = multiply(G2, privkey)
msg = str(privkey).encode('utf-8')
msghash = hash_to_G2(msg, domain=domain)
assert normalize(decompress_G1(compress_G1(p1))) == normalize(p1)
assert normalize(decompress_G2(compress_G2(p2))) == normalize(p2)
assert normalize(decompress_G2(compress_G2(msghash))) == normalize(msghash)
sig = sign(msg, privkey, domain=domain)
pub = privtopub(privkey)
assert verify(msg, pub, sig, domain=domain)
def validate_proposal_signature(proposal: Proposal, pubkey: BLSPubkey,
fork: Fork, slots_per_epoch: int) -> None:
proposal_signature_is_valid = bls.verify(
pubkey=pubkey,
message_hash=proposal.signed_root, # TODO: use signed_root
signature=proposal.signature,
domain=get_domain(
fork,
slot_to_epoch(proposal.slot, slots_per_epoch),
SignatureDomain.DOMAIN_BEACON_BLOCK,
))
if not proposal_signature_is_valid:
raise ValidationError(
"Proposal signature is invalid: "
f"proposer pubkey: {pubkey}, message_hash: {proposal.signed_root}, "
f"signature: {proposal.signature}")
def validate_voluntary_exit_signature(state: BeaconState,
voluntary_exit: VoluntaryExit,
validator: ValidatorRecord) -> None:
"""
Verify signature.
"""
domain = get_domain(state.fork, voluntary_exit.epoch,
SignatureDomain.DOMAIN_VOLUNTARY_EXIT)
is_valid_signature = bls.verify(
pubkey=validator.pubkey,
message_hash=voluntary_exit.signed_root,
signature=voluntary_exit.signature,
domain=domain,
)
if not is_valid_signature:
raise ValidationError(
f"Invalid VoluntaryExit signature, validator_index={voluntary_exit.validator_index}, "
f"pubkey={validator.pubkey}, message_hash={voluntary_exit.signed_root},"
f"signature={voluntary_exit.signature}, domain={domain}")
def validate_randao_reveal(randao_reveal: BLSSignature,
proposer_index: ValidatorIndex,
proposer_pubkey: BLSPubkey, epoch: Epoch,
fork: Fork) -> None:
message_hash = Hash32(epoch.to_bytes(32, byteorder="little"))
domain = get_domain(fork, epoch, SignatureDomain.DOMAIN_RANDAO)
is_randao_reveal_valid = bls.verify(
pubkey=proposer_pubkey,
message_hash=message_hash,
signature=randao_reveal,
domain=domain,
)
if not is_randao_reveal_valid:
raise ValidationError(
f"RANDAO reveal is invalid. "
f"proposer_index={proposer_index}, proposer_pubkey={proposer_pubkey}, "
f"reveal={randao_reveal}, "
f"message_hash={message_hash}, domain={domain}, epoch={epoch}")
def validate_block_header_signature(header: BeaconBlockHeader,
pubkey: BLSPubkey,
fork: Fork,
slots_per_epoch: int) -> None:
header_signature_is_valid = bls.verify(
pubkey=pubkey,
message_hash=header.signed_root, # TODO: use signed_root
signature=header.signature,
domain=get_domain(
fork,
slot_to_epoch(header.slot, slots_per_epoch),
SignatureDomain.DOMAIN_BEACON_BLOCK,
)
)
if not header_signature_is_valid:
raise ValidationError(
"Header signature is invalid: "
f"proposer pubkey: {pubkey}, message_hash: {header.signed_root}, "
f"signature: {header.signature}"
)
def verify(path):
sigs = []
sig_path = path+'/signatures'
for sig_file in os.listdir(sig_path):
if not os.path.isdir(sig_file):
f = open(sig_path+"/"+sig_file, 'rb')
sig = f.read()
sigs.append(sig)
with open(path+'/main.py','rb') as f:
sha256obj = sha256()
sha256obj.update(f.read())
file_hash = sha256obj.digest()
for pub in pubs:
mark = 0
for sig in sigs:
if bls.verify(file_hash, pub, sig, bytes(ecc_domain)):
mark =1
if mark == 0:
return False
return True
def test_aggregate_votes(votes_count, random, privkeys, pubkeys):
bit_count = 10
pre_bitfield = get_empty_bitfield(bit_count)
pre_sigs = ()
domain = 0
random_votes = random.sample(range(bit_count), votes_count)
message_hash = b'\x12' * 32
# Get votes: (committee_index, sig, public_key)
votes = [(
committee_index,
bls.sign(message_hash, privkeys[committee_index], domain),
pubkeys[committee_index],
) for committee_index in random_votes]
# Verify
sigs, committee_indices = verify_votes(message_hash, votes, domain)
# Aggregate the votes
bitfield, sigs = aggregate_votes(
bitfield=pre_bitfield,
sigs=pre_sigs,
voting_sigs=sigs,
voting_committee_indices=committee_indices)
try:
_, _, pubs = zip(*votes)
except ValueError:
pubs = ()
voted_index = [
committee_index for committee_index in random_votes
if has_voted(bitfield, committee_index)
]
assert len(voted_index) == len(votes)
aggregated_pubs = bls.aggregate_pubkeys(pubs)
assert bls.verify(message_hash, aggregated_pubs, sigs, domain)
def validate_randao_reveal(randao_reveal: BLSSignature,
proposer_index: ValidatorIndex,
proposer_pubkey: BLSPubkey,
epoch: Epoch,
fork: Fork) -> None:
message_hash = ssz.hash_tree_root(epoch, sedes=ssz.sedes.uint64)
domain = get_domain(fork, epoch, SignatureDomain.DOMAIN_RANDAO)
is_randao_reveal_valid = bls.verify(
pubkey=proposer_pubkey,
message_hash=message_hash,
signature=randao_reveal,
domain=domain,
)
if not is_randao_reveal_valid:
raise ValidationError(
f"RANDAO reveal is invalid. "
f"proposer_index={proposer_index}, proposer_pubkey={proposer_pubkey}, "
f"reveal={randao_reveal}, "
f"message_hash={message_hash}, domain={domain}, epoch={epoch}"
)
def bls_verify(pubkey, message_hash, signature, domain):
return bls.verify(message_hash=message_hash,
pubkey=pubkey,
signature=signature,
domain=domain)
def bls_verify(pubkey, message_hash, signature, domain):
return bls.verify(message_hash=message_hash,
pubkey=pubkey,
signature=signature,
domain=int.from_bytes(domain, byteorder='little'))
def verify(message_hash: Hash32, pubkey: BLSPubkey,
signature: BLSSignature, domain: Domain) -> bool:
return verify(message_hash, pubkey, signature, domain)
def verify_signature(*, distkey, message_hash, signature, domain=DRAND_DOMAIN):
""" """
return bls.verify(message_hash, distkey, signature, domain)
