prysm-pulse/beacon-chain/core/blocks/signature.go

package blocks

import (
	"context"
	"encoding/binary"

	"github.com/pkg/errors"
	ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"
	"github.com/prysmaticlabs/go-ssz"
	"github.com/prysmaticlabs/prysm/beacon-chain/core/helpers"
	stateTrie "github.com/prysmaticlabs/prysm/beacon-chain/state"
	pb "github.com/prysmaticlabs/prysm/proto/beacon/p2p/v1"
	"github.com/prysmaticlabs/prysm/shared/attestationutil"
	"github.com/prysmaticlabs/prysm/shared/bls"
	"github.com/prysmaticlabs/prysm/shared/params"
)

// retrieves the signature set from the raw data, public key,signature and domain provided.
func retrieveSignatureSet(signedData []byte, pub []byte, signature []byte, domain []byte) (*bls.SignatureSet, error) {
	publicKey, err := bls.PublicKeyFromBytes(pub)
	if err != nil {
		return nil, errors.Wrap(err, "could not convert bytes to public key")
	}
	sig, err := bls.SignatureFromBytes(signature)
	if err != nil {
		return nil, errors.Wrap(err, "could not convert bytes to signature")
	}
	signingData := &pb.SigningData{
		ObjectRoot: signedData,
		Domain:     domain,
	}
	root, err := ssz.HashTreeRoot(signingData)
	if err != nil {
		return nil, errors.Wrap(err, "could not hash container")
	}
	return &bls.SignatureSet{
		Signatures: []bls.Signature{sig},
		PublicKeys: []bls.PublicKey{publicKey},
		Messages:   [][32]byte{root},
	}, nil
}

// verifies the signature from the raw data, public key and domain provided.
func verifySignature(signedData []byte, pub []byte, signature []byte, domain []byte) error {
	set, err := retrieveSignatureSet(signedData, pub, signature, domain)
	if err != nil {
		return err
	}
	if len(set.Signatures) != 1 {
		return errors.Errorf("signature set contains %d signatures instead of 1", len(set.Signatures))
	}
	// We assume only one signature set is returned here.
	sig := set.Signatures[0]
	publicKey := set.PublicKeys[0]
	root := set.Messages[0]
	if !sig.Verify(publicKey, root[:]) {
		return helpers.ErrSigFailedToVerify
	}
	return nil
}

// VerifyBlockSignature verifies the proposer signature of a beacon block.
func VerifyBlockSignature(beaconState *stateTrie.BeaconState, block *ethpb.SignedBeaconBlock) error {
	currentEpoch := helpers.SlotToEpoch(beaconState.Slot())
	domain, err := helpers.Domain(beaconState.Fork(), currentEpoch, params.BeaconConfig().DomainBeaconProposer, beaconState.GenesisValidatorRoot())
	if err != nil {
		return err
	}
	proposer, err := beaconState.ValidatorAtIndex(block.Block.ProposerIndex)
	if err != nil {
		return err
	}
	proposerPubKey := proposer.PublicKey
	return helpers.VerifyBlockSigningRoot(block.Block, proposerPubKey[:], block.Signature, domain)
}

// BlockSignatureSet retrieves the block signature set from the provided block and its corresponding state.
func BlockSignatureSet(beaconState *stateTrie.BeaconState, block *ethpb.SignedBeaconBlock) (*bls.SignatureSet, error) {
	currentEpoch := helpers.SlotToEpoch(beaconState.Slot())
	domain, err := helpers.Domain(beaconState.Fork(), currentEpoch, params.BeaconConfig().DomainBeaconProposer, beaconState.GenesisValidatorRoot())
	if err != nil {
		return nil, err
	}
	proposer, err := beaconState.ValidatorAtIndex(block.Block.ProposerIndex)
	if err != nil {
		return nil, err
	}
	proposerPubKey := proposer.PublicKey
	return helpers.RetrieveBlockSignatureSet(block.Block, proposerPubKey, block.Signature, domain)
}

// RandaoSignatureSet retrieves the relevant randao specific signature set object
// from a block and its corresponding state.
func RandaoSignatureSet(beaconState *stateTrie.BeaconState,
	body *ethpb.BeaconBlockBody,
) (*bls.SignatureSet, *stateTrie.BeaconState, error) {
	buf, proposerPub, domain, err := randaoSigningData(beaconState)
	if err != nil {
		return nil, nil, err
	}
	set, err := retrieveSignatureSet(buf, proposerPub[:], body.RandaoReveal, domain)
	if err != nil {
		return nil, nil, err
	}
	return set, beaconState, nil
}

// retrieves the randao related signing data from the state.
func randaoSigningData(beaconState *stateTrie.BeaconState) ([]byte, []byte, []byte, error) {
	proposerIdx, err := helpers.BeaconProposerIndex(beaconState)
	if err != nil {
		return nil, nil, nil, errors.Wrap(err, "could not get beacon proposer index")
	}
	proposerPub := beaconState.PubkeyAtIndex(proposerIdx)

	currentEpoch := helpers.SlotToEpoch(beaconState.Slot())
	buf := make([]byte, 32)
	binary.LittleEndian.PutUint64(buf, currentEpoch)

	domain, err := helpers.Domain(beaconState.Fork(), currentEpoch, params.BeaconConfig().DomainRandao, beaconState.GenesisValidatorRoot())
	if err != nil {
		return nil, nil, nil, err
	}
	return buf, proposerPub[:], domain, nil
}

// Method to break down attestations of the same domain and collect them into a single signature set.
func createAttestationSignatureSet(ctx context.Context, beaconState *stateTrie.BeaconState, atts []*ethpb.Attestation, domain []byte) (*bls.SignatureSet, error) {
	if len(atts) == 0 {
		return nil, nil
	}

	sigs := make([]bls.Signature, len(atts))
	pks := make([]bls.PublicKey, len(atts))
	msgs := make([][32]byte, len(atts))
	for i, a := range atts {
		sig, err := bls.SignatureFromBytes(a.Signature)
		if err != nil {
			return nil, err
		}
		sigs[i] = sig
		c, err := helpers.BeaconCommitteeFromState(beaconState, a.Data.Slot, a.Data.CommitteeIndex)
		if err != nil {
			return nil, err
		}
		ia := attestationutil.ConvertToIndexed(ctx, a, c)
		if err := attestationutil.IsValidAttestationIndices(ctx, ia); err != nil {
			return nil, err
		}
		indices := ia.AttestingIndices
		var pk bls.PublicKey
		for i := 0; i < len(indices); i++ {
			pubkeyAtIdx := beaconState.PubkeyAtIndex(indices[i])
			p, err := bls.PublicKeyFromBytes(pubkeyAtIdx[:])
			if err != nil {
				return nil, errors.Wrap(err, "could not deserialize validator public key")
			}
			if pk == nil {
				pk = p
			} else {
				pk.Aggregate(p)
			}
		}
		pks[i] = pk

		root, err := helpers.ComputeSigningRoot(ia.Data, domain)
		if err != nil {
			return nil, errors.Wrap(err, "could not get signing root of object")
		}
		msgs[i] = root
	}
	return &bls.SignatureSet{
		Signatures: sigs,
		PublicKeys: pks,
		Messages:   msgs,
	}, nil
}

// AttestationSignatureSet retrieves all the related attestation signature data such as the relevant public keys,
// signatures and attestation signing data and collate it into a signature set object.
func AttestationSignatureSet(ctx context.Context, beaconState *stateTrie.BeaconState, atts []*ethpb.Attestation) (*bls.SignatureSet, error) {
	if len(atts) == 0 {
		return bls.NewSet(), nil
	}

	fork := beaconState.Fork()
	gvr := beaconState.GenesisValidatorRoot()
	dt := params.BeaconConfig().DomainBeaconAttester

	// Split attestations by fork. Note: the signature domain will differ based on the fork.
	var preForkAtts []*ethpb.Attestation
	var postForkAtts []*ethpb.Attestation
	for _, a := range atts {
		if helpers.SlotToEpoch(a.Data.Slot) < fork.Epoch {
			preForkAtts = append(preForkAtts, a)
		} else {
			postForkAtts = append(postForkAtts, a)
		}
	}
	set := bls.NewSet()

	// Check attestations from before the fork.
	if fork.Epoch > 0 { // Check to prevent underflow.
		prevDomain, err := helpers.Domain(fork, fork.Epoch-1, dt, gvr)
		if err != nil {
			return nil, err
		}
		aSet, err := createAttestationSignatureSet(ctx, beaconState, preForkAtts, prevDomain)
		if err != nil {
			return nil, err
		}
		set.Join(aSet)
	} else if len(preForkAtts) > 0 {
		// This is a sanity check that preForkAtts were not ignored when fork.Epoch == 0. This
		// condition is not possible, but it doesn't hurt to check anyway.
		return nil, errors.New("some attestations were not verified from previous fork before genesis")
	}

	// Then check attestations from after the fork.
	currDomain, err := helpers.Domain(fork, fork.Epoch, dt, gvr)
	if err != nil {
		return nil, err
	}

	aSet, err := createAttestationSignatureSet(ctx, beaconState, postForkAtts, currDomain)
	if err != nil {
		return nil, err
	}
	return set.Join(aSet), nil
}
Split `block_operations.go` into smaller files (#6495) 2020-07-06 22:27:42 +00:00			`package blocks`

			`import (`
			`"context"`
			`"encoding/binary"`

			`"github.com/pkg/errors"`
			`ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"`
Revert "Update fastssz" (#7100) * Revert "Update fastssz (#6760)" This reverts commit 78a25f99c3d04a19e18a2cb93701c6cf90ab46ac. * Merge refs/heads/master into revert-6760-update-fssz 2020-08-24 20:06:28 +00:00			`"github.com/prysmaticlabs/go-ssz"`
Split `block_operations.go` into smaller files (#6495) 2020-07-06 22:27:42 +00:00			`"github.com/prysmaticlabs/prysm/beacon-chain/core/helpers"`
			`stateTrie "github.com/prysmaticlabs/prysm/beacon-chain/state"`
			`pb "github.com/prysmaticlabs/prysm/proto/beacon/p2p/v1"`
			`"github.com/prysmaticlabs/prysm/shared/attestationutil"`
			`"github.com/prysmaticlabs/prysm/shared/bls"`
			`"github.com/prysmaticlabs/prysm/shared/params"`
			`)`

			`// retrieves the signature set from the raw data, public key,signature and domain provided.`
			`func retrieveSignatureSet(signedData []byte, pub []byte, signature []byte, domain []byte) (*bls.SignatureSet, error) {`
			`publicKey, err := bls.PublicKeyFromBytes(pub)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "could not convert bytes to public key")`
			`}`
			`sig, err := bls.SignatureFromBytes(signature)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "could not convert bytes to signature")`
			`}`
			`signingData := &pb.SigningData{`
			`ObjectRoot: signedData,`
			`Domain: domain,`
			`}`
Revert "Update fastssz" (#7100) * Revert "Update fastssz (#6760)" This reverts commit 78a25f99c3d04a19e18a2cb93701c6cf90ab46ac. * Merge refs/heads/master into revert-6760-update-fssz 2020-08-24 20:06:28 +00:00			`root, err := ssz.HashTreeRoot(signingData)`
Split `block_operations.go` into smaller files (#6495) 2020-07-06 22:27:42 +00:00			`if err != nil {`
			`return nil, errors.Wrap(err, "could not hash container")`
			`}`
			`return &bls.SignatureSet{`
			`Signatures: []bls.Signature{sig},`
			`PublicKeys: []bls.PublicKey{publicKey},`
			`Messages: [][32]byte{root},`
			`}, nil`
			`}`

			`// verifies the signature from the raw data, public key and domain provided.`
			`func verifySignature(signedData []byte, pub []byte, signature []byte, domain []byte) error {`
			`set, err := retrieveSignatureSet(signedData, pub, signature, domain)`
			`if err != nil {`
			`return err`
			`}`
			`if len(set.Signatures) != 1 {`
			`return errors.Errorf("signature set contains %d signatures instead of 1", len(set.Signatures))`
			`}`
			`// We assume only one signature set is returned here.`
			`sig := set.Signatures[0]`
			`publicKey := set.PublicKeys[0]`
			`root := set.Messages[0]`
			`if !sig.Verify(publicKey, root[:]) {`
			`return helpers.ErrSigFailedToVerify`
			`}`
			`return nil`
			`}`

			`// VerifyBlockSignature verifies the proposer signature of a beacon block.`
			`func VerifyBlockSignature(beaconState stateTrie.BeaconState, block ethpb.SignedBeaconBlock) error {`
			`currentEpoch := helpers.SlotToEpoch(beaconState.Slot())`
			`domain, err := helpers.Domain(beaconState.Fork(), currentEpoch, params.BeaconConfig().DomainBeaconProposer, beaconState.GenesisValidatorRoot())`
			`if err != nil {`
			`return err`
			`}`
			`proposer, err := beaconState.ValidatorAtIndex(block.Block.ProposerIndex)`
			`if err != nil {`
			`return err`
			`}`
			`proposerPubKey := proposer.PublicKey`
			`return helpers.VerifyBlockSigningRoot(block.Block, proposerPubKey[:], block.Signature, domain)`
			`}`

			`// BlockSignatureSet retrieves the block signature set from the provided block and its corresponding state.`
			`func BlockSignatureSet(beaconState stateTrie.BeaconState, block ethpb.SignedBeaconBlock) (*bls.SignatureSet, error) {`
			`currentEpoch := helpers.SlotToEpoch(beaconState.Slot())`
			`domain, err := helpers.Domain(beaconState.Fork(), currentEpoch, params.BeaconConfig().DomainBeaconProposer, beaconState.GenesisValidatorRoot())`
			`if err != nil {`
			`return nil, err`
			`}`
			`proposer, err := beaconState.ValidatorAtIndex(block.Block.ProposerIndex)`
			`if err != nil {`
			`return nil, err`
			`}`
			`proposerPubKey := proposer.PublicKey`
			`return helpers.RetrieveBlockSignatureSet(block.Block, proposerPubKey, block.Signature, domain)`
			`}`

			`// RandaoSignatureSet retrieves the relevant randao specific signature set object`
			`// from a block and its corresponding state.`
			`func RandaoSignatureSet(beaconState *stateTrie.BeaconState,`
			`body *ethpb.BeaconBlockBody,`
			`) (bls.SignatureSet, stateTrie.BeaconState, error) {`
			`buf, proposerPub, domain, err := randaoSigningData(beaconState)`
			`if err != nil {`
			`return nil, nil, err`
			`}`
			`set, err := retrieveSignatureSet(buf, proposerPub[:], body.RandaoReveal, domain)`
			`if err != nil {`
			`return nil, nil, err`
			`}`
			`return set, beaconState, nil`
			`}`

			`// retrieves the randao related signing data from the state.`
			`func randaoSigningData(beaconState *stateTrie.BeaconState) ([]byte, []byte, []byte, error) {`
			`proposerIdx, err := helpers.BeaconProposerIndex(beaconState)`
			`if err != nil {`
			`return nil, nil, nil, errors.Wrap(err, "could not get beacon proposer index")`
			`}`
			`proposerPub := beaconState.PubkeyAtIndex(proposerIdx)`

			`currentEpoch := helpers.SlotToEpoch(beaconState.Slot())`
			`buf := make([]byte, 32)`
			`binary.LittleEndian.PutUint64(buf, currentEpoch)`

			`domain, err := helpers.Domain(beaconState.Fork(), currentEpoch, params.BeaconConfig().DomainRandao, beaconState.GenesisValidatorRoot())`
			`if err != nil {`
			`return nil, nil, nil, err`
			`}`
			`return buf, proposerPub[:], domain, nil`
			`}`

			`// Method to break down attestations of the same domain and collect them into a single signature set.`
			`func createAttestationSignatureSet(ctx context.Context, beaconState stateTrie.BeaconState, atts []ethpb.Attestation, domain []byte) (*bls.SignatureSet, error) {`
			`if len(atts) == 0 {`
			`return nil, nil`
			`}`

			`sigs := make([]bls.Signature, len(atts))`
			`pks := make([]bls.PublicKey, len(atts))`
			`msgs := make([][32]byte, len(atts))`
			`for i, a := range atts {`
			`sig, err := bls.SignatureFromBytes(a.Signature)`
			`if err != nil {`
			`return nil, err`
			`}`
			`sigs[i] = sig`
			`c, err := helpers.BeaconCommitteeFromState(beaconState, a.Data.Slot, a.Data.CommitteeIndex)`
			`if err != nil {`
			`return nil, err`
			`}`
			`ia := attestationutil.ConvertToIndexed(ctx, a, c)`
Add in Attestation Validity Check (#6983) * fix bad bug * add test * Merge refs/heads/master into fixAttestationNoVerify * Merge refs/heads/master into fixAttestationNoVerify * target * Merge branch 'fixAttestationNoVerify' of https://github.com/prysmaticlabs/geth-sharding into fixAttestationNoVerify * add cheap check * Merge refs/heads/master into fixAttestationNoVerify * Merge refs/heads/master into fixAttestationNoVerify * Merge refs/heads/master into fixAttestationNoVerify * Merge refs/heads/master into fixAttestationNoVerify * Merge refs/heads/master into fixAttestationNoVerify 2020-08-13 16:58:28 +00:00			`if err := attestationutil.IsValidAttestationIndices(ctx, ia); err != nil {`
			`return nil, err`
			`}`
Split `block_operations.go` into smaller files (#6495) 2020-07-06 22:27:42 +00:00			`indices := ia.AttestingIndices`
			`var pk bls.PublicKey`
			`for i := 0; i < len(indices); i++ {`
			`pubkeyAtIdx := beaconState.PubkeyAtIndex(indices[i])`
			`p, err := bls.PublicKeyFromBytes(pubkeyAtIdx[:])`
			`if err != nil {`
			`return nil, errors.Wrap(err, "could not deserialize validator public key")`
			`}`
			`if pk == nil {`
			`pk = p`
			`} else {`
			`pk.Aggregate(p)`
			`}`
			`}`
			`pks[i] = pk`

			`root, err := helpers.ComputeSigningRoot(ia.Data, domain)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "could not get signing root of object")`
			`}`
			`msgs[i] = root`
			`}`
			`return &bls.SignatureSet{`
			`Signatures: sigs,`
			`PublicKeys: pks,`
			`Messages: msgs,`
			`}, nil`
			`}`

			`// AttestationSignatureSet retrieves all the related attestation signature data such as the relevant public keys,`
			`// signatures and attestation signing data and collate it into a signature set object.`
			`func AttestationSignatureSet(ctx context.Context, beaconState stateTrie.BeaconState, atts []ethpb.Attestation) (*bls.SignatureSet, error) {`
			`if len(atts) == 0 {`
			`return bls.NewSet(), nil`
			`}`

			`fork := beaconState.Fork()`
			`gvr := beaconState.GenesisValidatorRoot()`
			`dt := params.BeaconConfig().DomainBeaconAttester`

			`// Split attestations by fork. Note: the signature domain will differ based on the fork.`
			`var preForkAtts []*ethpb.Attestation`
			`var postForkAtts []*ethpb.Attestation`
			`for _, a := range atts {`
			`if helpers.SlotToEpoch(a.Data.Slot) < fork.Epoch {`
			`preForkAtts = append(preForkAtts, a)`
			`} else {`
			`postForkAtts = append(postForkAtts, a)`
			`}`
			`}`
			`set := bls.NewSet()`

			`// Check attestations from before the fork.`
			`if fork.Epoch > 0 { // Check to prevent underflow.`
			`prevDomain, err := helpers.Domain(fork, fork.Epoch-1, dt, gvr)`
			`if err != nil {`
			`return nil, err`
			`}`
			`aSet, err := createAttestationSignatureSet(ctx, beaconState, preForkAtts, prevDomain)`
			`if err != nil {`
			`return nil, err`
			`}`
			`set.Join(aSet)`
			`} else if len(preForkAtts) > 0 {`
			`// This is a sanity check that preForkAtts were not ignored when fork.Epoch == 0. This`
			`// condition is not possible, but it doesn't hurt to check anyway.`
			`return nil, errors.New("some attestations were not verified from previous fork before genesis")`
			`}`

			`// Then check attestations from after the fork.`
			`currDomain, err := helpers.Domain(fork, fork.Epoch, dt, gvr)`
			`if err != nil {`
			`return nil, err`
			`}`

			`aSet, err := createAttestationSignatureSet(ctx, beaconState, postForkAtts, currDomain)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return set.Join(aSet), nil`
			`}`