def from_public_keys(cls, policy_public_key, datasource_public_key, label):
umbral_public_key = UmbralPublicKey.from_bytes(datasource_public_key)
return cls(
policy_public_key,
signer=SignatureStamp(SigningKeypair(umbral_public_key)),
label=label,
)
def test_alice_can_learn_about_a_whole_bunch_of_ursulas(highperf_mocked_alice):
# During the fixture execution, Alice verified one node.
# TODO: Consider changing this - #1449
assert VerificationTracker.node_verifications == 1
_teacher = highperf_mocked_alice.current_teacher_node()
# Ursulas in the fleet have mocked keys,
# but we need the teacher to be able to sign the MetadataResponse.
signer = Signer(SecretKey.random())
_teacher._stamp = SignatureStamp(verifying_key=signer.verifying_key(),
signer=signer)
actual_ursula = MOCK_KNOWN_URSULAS_CACHE[_teacher.rest_interface.port]
# A quick setup so that the bytes casting of Ursulas (on what in the real world will be the remote node)
# doesn't take up all the time.
_teacher_known_nodes_bytestring = actual_ursula.bytestring_of_known_nodes()
actual_ursula.bytestring_of_known_nodes = lambda *args, **kwargs: _teacher_known_nodes_bytestring # TODO: Formalize this? #1537
with mock_cert_storage, mock_cert_loading, mock_verify_node, mock_message_verification, mock_metadata_validation:
started = time.time()
highperf_mocked_alice.block_until_number_of_known_nodes_is(
4000, learn_on_this_thread=True)
ended = time.time()
elapsed = ended - started
# TODO: probably can be brought down a lot when the core is moved to Rust
assert elapsed < 6 # 6 seconds is still a little long to discover 4000 out of 5000 nodes, but before starting the optimization that went with this test, this operation took about 18 minutes on jMyles' laptop.
assert VerificationTracker.node_verifications == 1 # We have only verified the first Ursula.
assert sum(
isinstance(u, Ursula) for u in highperf_mocked_alice.known_nodes
) < 20 # We haven't instantiated many Ursulas.
VerificationTracker.node_verifications = 0 # Cleanup
def __init__(self, treasure_map, signer: SignatureStamp):
# TODO: move to core and make a method of TreasureMap?
self.revocations = dict()
for ursula_address, encrypted_kfrag in treasure_map.destinations.items(
):
self.revocations[ursula_address] = RevocationOrder(
signer=signer.as_umbral_signer(),
ursula_address=ursula_address,
encrypted_kfrag=encrypted_kfrag)
def mock_ursula(testerchain, account):
ursula_privkey = UmbralPrivateKey.gen_key()
ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.pubkey,
signer=Signer(ursula_privkey))
signed_stamp = testerchain.client.sign_message(account=account,
message=bytes(ursula_stamp))
ursula = Mock(stamp=ursula_stamp, decentralized_identity_evidence=signed_stamp)
return ursula
def ursula(mocker):
identity_evidence = os.urandom(LENGTH_ECDSA_SIGNATURE_WITH_RECOVERY)
ursula_privkey = SecretKey.random()
ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.public_key(),
signer=Signer(ursula_privkey))
ursula = mocker.Mock(stamp=ursula_stamp,
decentralized_identity_evidence=identity_evidence)
ursula.mature = lambda: True
ursula._stamp_has_valid_signature_by_worker = lambda: True
return ursula
def mock_ursula(testerchain, account, mocker):
ursula_privkey = SecretKeyFactory.random()
ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.public_key(),
signer=Signer(ursula_privkey))
signed_stamp = testerchain.client.sign_message(account=account,
message=bytes(ursula_stamp))
ursula = mocker.Mock(stamp=ursula_stamp, decentralized_identity_evidence=signed_stamp)
return ursula
def mock_ursula(testerchain, account):
ursula_privkey = SecretKey.random()
ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.public_key(),
signer=Signer(ursula_privkey))
signed_stamp = testerchain.client.sign_message(account=account,
message=bytes(ursula_stamp))
ursula = Mock(stamp=ursula_stamp, operator_signature=signed_stamp)
return ursula
def test_coordinates_as_bytes():
pubkey = UmbralPrivateKey.gen_key().pubkey
point = pubkey.point_key
stamp = SignatureStamp(verifying_key=pubkey)
x, y = point.to_affine()
x = x.to_bytes(32, 'big')
y = y.to_bytes(32, 'big')
for p in (point, pubkey, stamp):
assert get_coordinates_as_bytes(p) == x + y
assert get_coordinates_as_bytes(p, x_coord=False) == y
assert get_coordinates_as_bytes(p, y_coord=False) == x
with pytest.raises(ValueError):
_ = get_coordinates_as_bytes(p, x_coord=False, y_coord=False)
def test_compute_proof_challenge_scalar(testerchain, reencryption_validator,
mock_ursula_reencrypts):
ursula_privkey = UmbralPrivateKey.gen_key()
ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.pubkey,
signer=Signer(ursula_privkey))
ursula = Mock(stamp=ursula_stamp)
# Bob prepares supporting Evidence
evidence = mock_ursula_reencrypts(ursula)
capsule = evidence.task.capsule
cfrag = evidence.task.cfrag
capsule_bytes = capsule.to_bytes()
cfrag_bytes = cfrag.to_bytes()
proof_challenge_scalar = int(evidence.get_proof_challenge_scalar())
computeProofChallengeScalar = reencryption_validator.functions.computeProofChallengeScalar
assert proof_challenge_scalar == computeProofChallengeScalar(
capsule_bytes, cfrag_bytes).call()
def get_signature_stamp(self):
if self._privkey == constants.PUBLIC_ONLY:
return StrangerStamp(verifying_key=self.pubkey)
else:
signer = Signer(self._privkey)
return SignatureStamp(verifying_key=self.pubkey, signer=signer)
def test_validate_cfrag(testerchain, reencryption_validator,
mock_ursula_reencrypts):
ursula_privkey = UmbralPrivateKey.gen_key()
ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.pubkey,
signer=Signer(ursula_privkey))
ursula = Mock(stamp=ursula_stamp)
###############################
# Test: Ursula produces correct proof:
###############################
# Bob prepares supporting Evidence
evidence = mock_ursula_reencrypts(ursula)
evidence_data = evidence.precompute_values()
assert len(evidence_data) == 20 * 32 + 32 + 20 + 5
# Challenge using good data
capsule = evidence.task.capsule
cfrag = evidence.task.cfrag
capsule_bytes = capsule.to_bytes()
cfrag_bytes = cfrag.to_bytes()
args = (capsule_bytes, cfrag_bytes, evidence_data)
assert reencryption_validator.functions.validateCFrag(*args).call()
###############################
# Test: Ursula produces incorrect proof:
###############################
evidence = mock_ursula_reencrypts(ursula, corrupt_cfrag=True)
capsule = evidence.task.capsule
cfrag = evidence.task.cfrag
capsule_bytes = capsule.to_bytes()
cfrag_bytes = cfrag.to_bytes()
assert not cfrag.verify_correctness(capsule)
evidence_data = evidence.precompute_values()
args = (capsule_bytes, cfrag_bytes, evidence_data)
assert not reencryption_validator.functions.validateCFrag(*args).call()
###############################
# Test: Bob produces wrong precomputed data
###############################
evidence = mock_ursula_reencrypts(ursula)
capsule = evidence.task.capsule
cfrag = evidence.task.cfrag
capsule_bytes = capsule.to_bytes()
cfrag_bytes = cfrag.to_bytes()
assert cfrag.verify_correctness(capsule)
evidence_data = evidence.precompute_values()
# Bob produces a random point and gets the bytes of coords x and y
random_point_bytes = Point.gen_rand().to_bytes(is_compressed=False)[1:]
# He uses this garbage instead of correct precomputation of z*E
evidence_data = bytearray(evidence_data)
evidence_data[32:32 + 64] = random_point_bytes
evidence_data = bytes(evidence_data)
args = (capsule_bytes, cfrag_bytes, evidence_data)
# Evaluation must fail since Bob precomputed wrong values
with pytest.raises(TransactionFailed):
_ = reencryption_validator.functions.validateCFrag(*args).call()
def get_signature_stamp(self):
signer = Signer(self._privkey)
return SignatureStamp(signing_key=self.pubkey, signer=signer)
def mock_ursula_with_stamp():
ursula_privkey = UmbralPrivateKey.gen_key()
ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.pubkey,
signer=Signer(ursula_privkey))
ursula = Mock(stamp=ursula_stamp)
return ursula
