def test_signature_aggregation(msg, privkeys): domain = (0).to_bytes(8, "little") sigs = [sign(msg, k, domain=domain) for k in privkeys] pubs = [privtopub(k) for k in privkeys] aggsig = aggregate_signatures(sigs) aggpub = aggregate_pubkeys(pubs) assert verify(msg, aggpub, aggsig, domain=domain)
def validate_proposer_signature(state: BeaconState, block: BaseBeaconBlock, beacon_chain_shard_number: Shard, committee_config: CommitteeConfig) -> None: # TODO: Replace this with real signed_root message_hash = block.signed_root # Get the public key of proposer beacon_proposer_index = get_beacon_proposer_index( state, state.slot, committee_config, ) proposer_pubkey = state.validator_registry[beacon_proposer_index].pubkey domain = get_domain( state.fork, state.current_epoch(committee_config.SLOTS_PER_EPOCH), SignatureDomain.DOMAIN_BEACON_BLOCK ) is_valid_signature = bls.verify( pubkey=proposer_pubkey, message_hash=message_hash, signature=block.signature, domain=domain, ) if not is_valid_signature: raise ValidationError( f"Invalid Proposer Signature on block, beacon_proposer_index={beacon_proposer_index}, " f"pubkey={proposer_pubkey}, message_hash={message_hash}, " f"block.signature={block.signature}, domain={domain}" )
def verify_votes( message_hash: Hash32, votes: Iterable[Tuple[CommitteeIndex, BLSSignature, BLSPubkey]], domain: SignatureDomain ) -> Tuple[Tuple[BLSSignature, ...], Tuple[CommitteeIndex, ...]]: """ Verify the given votes. """ sigs_with_committee_info = tuple( (sig, committee_index) for (committee_index, sig, pubkey) in votes if bls.verify( message_hash=message_hash, pubkey=pubkey, signature=sig, domain=domain, ) ) try: sigs, committee_indices = zip(*sigs_with_committee_info) except ValueError: sigs = tuple() committee_indices = tuple() return sigs, committee_indices
def process_deposit(state: BeaconState, deposit: Deposit, slots_per_epoch: int, deposit_contract_tree_depth: int) -> BeaconState: """ Process a deposit from Ethereum 1.0. """ validate_deposit(state, deposit, deposit_contract_tree_depth) # Increment the next deposit index we are expecting. Note that this # needs to be done here because while the deposit contract will never # create an invalid Merkle branch, it may admit an invalid deposit # object, and we need to be able to skip over it state = state.copy(deposit_index=state.deposit_index + 1, ) validator_pubkeys = tuple(v.pubkey for v in state.validator_registry) deposit_input = deposit.deposit_data.deposit_input pubkey = deposit_input.pubkey amount = deposit.deposit_data.amount withdrawal_credentials = deposit_input.withdrawal_credentials if pubkey not in validator_pubkeys: # Verify the proof of possession proof_is_valid = bls.verify( pubkey=pubkey, message_hash=deposit_input.signing_root, signature=deposit_input.signature, domain=get_domain( state.fork, state.current_epoch(slots_per_epoch), SignatureDomain.DOMAIN_DEPOSIT, ), ) if not proof_is_valid: return state validator = Validator.create_pending_validator( pubkey=pubkey, withdrawal_credentials=withdrawal_credentials, ) # Note: In phase 2 registry indices that has been withdrawn for a long time # will be recycled. state = add_pending_validator( state, validator, amount, ) else: # Top-up - increase balance by deposit index = ValidatorIndex(validator_pubkeys.index(pubkey)) validator = state.validator_registry[index] # Update validator's balance and state state = state.update_validator_balance( validator_index=index, balance=state.validator_balances[index] + amount, ) return state
def test_bls_core(privkey): domain = (0).to_bytes(8, "little") p1 = multiply(G1, privkey) p2 = multiply(G2, privkey) msg = str(privkey).encode('utf-8') msghash = hash_to_G2(msg, domain=domain) assert normalize(decompress_G1(compress_G1(p1))) == normalize(p1) assert normalize(decompress_G2(compress_G2(p2))) == normalize(p2) assert normalize(decompress_G2(compress_G2(msghash))) == normalize(msghash) sig = sign(msg, privkey, domain=domain) pub = privtopub(privkey) assert verify(msg, pub, sig, domain=domain)
def validate_proposal_signature(proposal: Proposal, pubkey: BLSPubkey, fork: Fork, slots_per_epoch: int) -> None: proposal_signature_is_valid = bls.verify( pubkey=pubkey, message_hash=proposal.signed_root, # TODO: use signed_root signature=proposal.signature, domain=get_domain( fork, slot_to_epoch(proposal.slot, slots_per_epoch), SignatureDomain.DOMAIN_BEACON_BLOCK, )) if not proposal_signature_is_valid: raise ValidationError( "Proposal signature is invalid: " f"proposer pubkey: {pubkey}, message_hash: {proposal.signed_root}, " f"signature: {proposal.signature}")
def validate_voluntary_exit_signature(state: BeaconState, voluntary_exit: VoluntaryExit, validator: ValidatorRecord) -> None: """ Verify signature. """ domain = get_domain(state.fork, voluntary_exit.epoch, SignatureDomain.DOMAIN_VOLUNTARY_EXIT) is_valid_signature = bls.verify( pubkey=validator.pubkey, message_hash=voluntary_exit.signed_root, signature=voluntary_exit.signature, domain=domain, ) if not is_valid_signature: raise ValidationError( f"Invalid VoluntaryExit signature, validator_index={voluntary_exit.validator_index}, " f"pubkey={validator.pubkey}, message_hash={voluntary_exit.signed_root}," f"signature={voluntary_exit.signature}, domain={domain}")
def validate_randao_reveal(randao_reveal: BLSSignature, proposer_index: ValidatorIndex, proposer_pubkey: BLSPubkey, epoch: Epoch, fork: Fork) -> None: message_hash = Hash32(epoch.to_bytes(32, byteorder="little")) domain = get_domain(fork, epoch, SignatureDomain.DOMAIN_RANDAO) is_randao_reveal_valid = bls.verify( pubkey=proposer_pubkey, message_hash=message_hash, signature=randao_reveal, domain=domain, ) if not is_randao_reveal_valid: raise ValidationError( f"RANDAO reveal is invalid. " f"proposer_index={proposer_index}, proposer_pubkey={proposer_pubkey}, " f"reveal={randao_reveal}, " f"message_hash={message_hash}, domain={domain}, epoch={epoch}")
def validate_block_header_signature(header: BeaconBlockHeader, pubkey: BLSPubkey, fork: Fork, slots_per_epoch: int) -> None: header_signature_is_valid = bls.verify( pubkey=pubkey, message_hash=header.signed_root, # TODO: use signed_root signature=header.signature, domain=get_domain( fork, slot_to_epoch(header.slot, slots_per_epoch), SignatureDomain.DOMAIN_BEACON_BLOCK, ) ) if not header_signature_is_valid: raise ValidationError( "Header signature is invalid: " f"proposer pubkey: {pubkey}, message_hash: {header.signed_root}, " f"signature: {header.signature}" )
def verify(path): sigs = [] sig_path = path+'/signatures' for sig_file in os.listdir(sig_path): if not os.path.isdir(sig_file): f = open(sig_path+"/"+sig_file, 'rb') sig = f.read() sigs.append(sig) with open(path+'/main.py','rb') as f: sha256obj = sha256() sha256obj.update(f.read()) file_hash = sha256obj.digest() for pub in pubs: mark = 0 for sig in sigs: if bls.verify(file_hash, pub, sig, bytes(ecc_domain)): mark =1 if mark == 0: return False return True
def test_aggregate_votes(votes_count, random, privkeys, pubkeys): bit_count = 10 pre_bitfield = get_empty_bitfield(bit_count) pre_sigs = () domain = 0 random_votes = random.sample(range(bit_count), votes_count) message_hash = b'\x12' * 32 # Get votes: (committee_index, sig, public_key) votes = [( committee_index, bls.sign(message_hash, privkeys[committee_index], domain), pubkeys[committee_index], ) for committee_index in random_votes] # Verify sigs, committee_indices = verify_votes(message_hash, votes, domain) # Aggregate the votes bitfield, sigs = aggregate_votes( bitfield=pre_bitfield, sigs=pre_sigs, voting_sigs=sigs, voting_committee_indices=committee_indices) try: _, _, pubs = zip(*votes) except ValueError: pubs = () voted_index = [ committee_index for committee_index in random_votes if has_voted(bitfield, committee_index) ] assert len(voted_index) == len(votes) aggregated_pubs = bls.aggregate_pubkeys(pubs) assert bls.verify(message_hash, aggregated_pubs, sigs, domain)
def validate_randao_reveal(randao_reveal: BLSSignature, proposer_index: ValidatorIndex, proposer_pubkey: BLSPubkey, epoch: Epoch, fork: Fork) -> None: message_hash = ssz.hash_tree_root(epoch, sedes=ssz.sedes.uint64) domain = get_domain(fork, epoch, SignatureDomain.DOMAIN_RANDAO) is_randao_reveal_valid = bls.verify( pubkey=proposer_pubkey, message_hash=message_hash, signature=randao_reveal, domain=domain, ) if not is_randao_reveal_valid: raise ValidationError( f"RANDAO reveal is invalid. " f"proposer_index={proposer_index}, proposer_pubkey={proposer_pubkey}, " f"reveal={randao_reveal}, " f"message_hash={message_hash}, domain={domain}, epoch={epoch}" )
def bls_verify(pubkey, message_hash, signature, domain): return bls.verify(message_hash=message_hash, pubkey=pubkey, signature=signature, domain=domain)
def bls_verify(pubkey, message_hash, signature, domain): return bls.verify(message_hash=message_hash, pubkey=pubkey, signature=signature, domain=int.from_bytes(domain, byteorder='little'))
def verify(message_hash: Hash32, pubkey: BLSPubkey, signature: BLSSignature, domain: Domain) -> bool: return verify(message_hash, pubkey, signature, domain)
def verify_signature(*, distkey, message_hash, signature, domain=DRAND_DOMAIN): """ """ return bls.verify(message_hash, distkey, signature, domain)