def OpBLS_Verify(arg):
op = json.loads(arg)
verified = False
g1_x = to_int(op['g1_x'])
g1_y = to_int(op['g1_y'])
g1 = [FQ(g1_x), FQ(g1_y), FQ.one()]
if is_on_curve(g1, b) == False:
r = json.dumps(verified)
return bytes(r, 'utf-8')
g1 = G1_to_pubkey(g1)
g2_v = to_int(op['g2_v'])
g2_w = to_int(op['g2_w'])
g2_x = to_int(op['g2_x'])
g2_y = to_int(op['g2_y'])
g2 = (FQ2((g2_v, g2_x)), FQ2((g2_w, g2_y)), FQ2.one())
try:
g2 = G2_to_signature(g2)
except:
r = json.dumps(verified)
return bytes(r, 'utf-8')
msg = bytes.fromhex(op['cleartext'])
verified = bls_pop.Verify(g1, msg, g2)
r = json.dumps(verified)
return bytes(r, 'utf-8')
def verify_deposit(deposit_data_dict: Dict[str, Any]) -> bool:
'''
Checks whether a deposit is valid based on the eth2 rules.
https://github.com/ethereum/eth2.0-specs/blob/dev/specs/phase0/beacon-chain.md#deposits
'''
pubkey = BLSPubkey(bytes.fromhex(deposit_data_dict['pubkey']))
withdrawal_credentials = bytes.fromhex(deposit_data_dict['withdrawal_credentials'])
amount = deposit_data_dict['amount']
signature = BLSSignature(bytes.fromhex(deposit_data_dict['signature']))
deposit_data_root = bytes.fromhex(deposit_data_dict['signed_deposit_data_root'])
# Verify deposit amount
if not MIN_DEPOSIT_AMOUNT < amount <= MAX_DEPOSIT_AMOUNT:
return False
# Verify deposit signature && pubkey
deposit_message = DepositMessage(pubkey=pubkey, withdrawal_credentials=withdrawal_credentials, amount=amount)
domain = compute_domain(domain_type=DOMAIN_DEPOSIT)
signing_root = compute_signing_root(deposit_message, domain)
if not bls.Verify(pubkey, signing_root, signature):
return False
# Verify Deposit Root
deposit = Deposit(pubkey=pubkey, withdrawal_credentials=withdrawal_credentials, amount=amount, signature=signature)
return deposit.hash_tree_root == deposit_data_root
def validate_deposit(deposit_data_dict: Dict[str, Any],
credential: Credential) -> bool:
'''
Checks whether a deposit is valid based on the eth2 rules.
https://github.com/ethereum/eth2.0-specs/blob/dev/specs/phase0/beacon-chain.md#deposits
'''
pubkey = BLSPubkey(bytes.fromhex(deposit_data_dict['pubkey']))
withdrawal_credentials = bytes.fromhex(
deposit_data_dict['withdrawal_credentials'])
amount = deposit_data_dict['amount']
signature = BLSSignature(bytes.fromhex(deposit_data_dict['signature']))
deposit_message_root = bytes.fromhex(
deposit_data_dict['deposit_data_root'])
fork_version = bytes.fromhex(deposit_data_dict['fork_version'])
# Verify pubkey
if len(pubkey) != 48:
return False
if pubkey != credential.signing_pk:
return False
# Verify withdrawal credential
if len(withdrawal_credentials) != 32:
return False
if withdrawal_credentials[:
1] == BLS_WITHDRAWAL_PREFIX == credential.withdrawal_prefix:
if withdrawal_credentials[1:] != SHA256(credential.withdrawal_pk)[1:]:
return False
elif withdrawal_credentials[:
1] == ETH1_ADDRESS_WITHDRAWAL_PREFIX == credential.withdrawal_prefix:
if withdrawal_credentials[1:12] != b'\x00' * 11:
return False
if credential.eth1_withdrawal_address is None:
return False
if withdrawal_credentials[12:] != credential.eth1_withdrawal_address:
return False
else:
return False
# Verify deposit amount
if not MIN_DEPOSIT_AMOUNT < amount <= MAX_DEPOSIT_AMOUNT:
return False
# Verify deposit signature && pubkey
deposit_message = DepositMessage(
pubkey=pubkey,
withdrawal_credentials=withdrawal_credentials,
amount=amount)
domain = compute_deposit_domain(fork_version)
signing_root = compute_signing_root(deposit_message, domain)
if not bls.Verify(pubkey, signing_root, signature):
return False
# Verify Deposit Root
signed_deposit = DepositData(
pubkey=pubkey,
withdrawal_credentials=withdrawal_credentials,
amount=amount,
signature=signature,
)
return signed_deposit.hash_tree_root == deposit_message_root
def Verify(PK: BLSPubkey, message: Hash32,
signature: BLSSignature) -> bool:
return G2ProofOfPossession.Verify(PK, message, signature)
def test_verify(PK, message, signature, result):
assert G2ProofOfPossession.Verify(PK, message, signature) == result
i - j, b.curve_order) % b.curve_order
r = b.add(r, b.multiply(sig_point, coef))
return G2_to_signature(r)
def get_aggregate_key(keys):
r = b.Z1
for i, key in keys.items():
key_point = pubkey_to_G1(key)
coef = 1
for j in keys:
if j != i:
coef = -coef * (j + 1) * prime_field_inv(
i - j, b.curve_order) % b.curve_order
r = b.add(r, b.multiply(key_point, coef))
return G1_to_pubkey(r)
def sign_all(keys, message):
r = []
for key in keys:
r.append(py_ecc_bls.Sign(key, message))
return r
if __name__ == "__main__":
aggregate_public, public, private = generate_keys(4, 2)
signatures = sign_all(private, b"123")
signature = reconstruct(dict(enumerate(signatures[:-1])))
assert py_ecc_bls.Verify(aggregate_public, b"123", signature)
assert aggregate_public == get_aggregate_key(dict(enumerate(public[:-1])))
def Verify(PK, message, signature):
return bls.Verify(PK, message, signature)
