Skip to content

[cryptography] Refactor Scheme #991

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 62 commits into from
Jun 3, 2025
Merged

[cryptography] Refactor Scheme #991

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
62 commits
Select commit Hold shift + click to select a range
4f2bf21
WIP refactor crypto; implemented for bls and ed
danlaine May 23, 2025
e8d31ed
implement new crypto types for secp
danlaine May 23, 2025
fb972bc
WIP implement new crypto types
danlaine May 23, 2025
8eb0b88
WIP implement new crypto types
danlaine May 23, 2025
2597285
WIP implement new crypto types
danlaine May 23, 2025
b6b962b
WIP implement new crypto types
danlaine May 23, 2025
e841859
WIP implement new crypto types
danlaine May 23, 2025
60e0faa
WIP implement new crypto types
danlaine May 23, 2025
9dec4f5
cleanup dead code
danlaine May 24, 2025
1ad5685
uncomment tests
danlaine May 24, 2025
969c6cf
uncomment tests; rename Ed25519Batch to Batch
danlaine May 24, 2025
8c79644
rename Batch implementations
danlaine May 24, 2025
0e527f6
remove dead Verifier trait code
danlaine May 24, 2025
26b5fe7
uncomment tests
danlaine May 24, 2025
4dda8a5
remove dead code
danlaine May 24, 2025
e12c4ad
Merge remote-tracking branch 'origin/main' into danlaine/crypto-refac…
danlaine May 28, 2025
5247bb4
fix cargo test --doc
danlaine May 28, 2025
3861357
cleanup; remove dead code
danlaine May 28, 2025
1ba538d
remove clone from PrivateKey, PublicKey
danlaine May 28, 2025
50bc260
separate from_seed and from_rng to PrivateKeyGen trait
danlaine May 28, 2025
eb04b51
remove Signature's PublicKey associated type
danlaine May 28, 2025
107e18f
re-add Signature bound on pub key associated type
danlaine May 28, 2025
383c394
add Signer type
danlaine May 29, 2025
5bd9a50
add Verifier type
danlaine May 29, 2025
68f531d
make Signer and Verifier associated types
danlaine May 29, 2025
c8b65c8
Merge remote-tracking branch 'origin/main' into danlaine/crypto-refac…
danlaine May 30, 2025
4340250
comment; add traits to PrivateKey
danlaine May 30, 2025
b91e2e4
add blanket impl for private key --> public key conversion
danlaine May 30, 2025
7e6e2a8
update trait bounds to use PublicKey instead of PrivateKey when possible
danlaine May 30, 2025
362eca8
update C from PrivateKey to PublicKey in Verify
danlaine May 30, 2025
f41131a
update trait bounds to use PublicKey instead of PrivateKey when possi…
danlaine May 31, 2025
623b4fa
Merge remote-tracking branch 'origin/main' into danlaine/crypto-refac…
danlaine Jun 2, 2025
5982b0d
C: PrivateKey --> C: PublicKey for Round
danlaine Jun 2, 2025
839f32e
C: PrivateKey --> C: PublicKey conversions
danlaine Jun 2, 2025
497fe05
remove unneeded ::<C>
danlaine Jun 2, 2025
34a23a7
appease cargo test --doc
danlaine Jun 2, 2025
a21c77a
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 2, 2025
f774ed2
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 2, 2025
4cbace0
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 2, 2025
ad23fc3
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 2, 2025
2267b2e
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 2, 2025
dffee1d
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 2, 2025
9c8cad9
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 3, 2025
7d062ad
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 3, 2025
961772d
C: PrivateKey --> C: PublicKey conversion
danlaine Jun 3, 2025
8b8e316
Merge remote-tracking branch 'origin/main' into danlaine/crypto-refac…
danlaine Jun 3, 2025
7b40060
nit align imports
danlaine Jun 3, 2025
316ca47
remove excessive ed25519:: import in tests
danlaine Jun 3, 2025
3ffd71d
PublicKey --> Verifier
danlaine Jun 3, 2025
602a589
PrivateKey --> Signer
danlaine Jun 3, 2025
21b642e
remove crate:: import
danlaine Jun 3, 2025
38ef86c
reduce diff
danlaine Jun 3, 2025
047250e
nit remove turbofins
danlaine Jun 3, 2025
58e821d
nit remove turbofins
danlaine Jun 3, 2025
89485b3
Merge remote-tracking branch 'origin/main' into danlaine/crypto-refac…
danlaine Jun 3, 2025
61a2428
add comments; rename PrivateKeyGen to PrivateKeyExt
danlaine Jun 3, 2025
828b193
rename BatchScheme to BatchVerifier; parameterize on PublicKey instea…
danlaine Jun 3, 2025
2fd0ef8
remove requirement that private key be readable/writeable
danlaine Jun 3, 2025
4956280
appease cargo test --doc
danlaine Jun 3, 2025
cddeed1
move public_key() and PublicKey associated type from PrivateKey to Si…
danlaine Jun 3, 2025
007ec31
remove unneeded associated PublicKey type on PrivateKey
danlaine Jun 3, 2025
c6da8b7
[cryptography] Nits (#1057)
patrick-ogrady Jun 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions broadcast/src/buffered/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,10 @@ mod tests {
use super::{mocks::TestMessage, *};
use crate::Broadcaster;
use commonware_codec::RangeCfg;
use commonware_cryptography::{ed25519::PublicKey, Committable, Digestible, Ed25519, Signer};
use commonware_cryptography::{
ed25519::{PrivateKey, PublicKey},
Committable, Digestible, PrivateKeyExt as _, Signer as _,
};
use commonware_macros::{select, test_traced};
use commonware_p2p::{
simulated::{Link, Network, Oracle, Receiver, Sender},
Expand Down Expand Up @@ -74,7 +77,7 @@ mod tests {
network.start();

let mut schemes = (0..num_peers)
.map(|i| Ed25519::from_seed(i as u64))
.map(|i| PrivateKey::from_seed(i as u64))
.collect::<Vec<_>>();
schemes.sort_by_key(|s| s.public_key());
let peers: Vec<PublicKey> = schemes.iter().map(|c| (c.public_key())).collect();
Expand Down
41 changes: 21 additions & 20 deletions consensus/src/ordered_broadcast/ack_manager.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,8 @@ mod tests {
dkg::ops::generate_shares,
primitives::variant::{MinPk, MinSig},
},
ed25519, sha256,
ed25519::PublicKey,
sha256,
};

/// Aggregated helper functions to reduce duplication in tests.
Expand All @@ -180,16 +181,16 @@ mod tests {
}

/// Generate a fixed public key for testing.
pub fn gen_public_key(val: u8) -> ed25519::PublicKey {
ed25519::PublicKey::decode([val; ed25519::PublicKey::SIZE].as_ref()).unwrap()
pub fn gen_public_key(val: u8) -> PublicKey {
PublicKey::decode([val; PublicKey::SIZE].as_ref()).unwrap()
}

/// Create an Ack by signing a partial with the provided share.
pub fn create_ack<V: Variant>(
share: &Share,
chunk: Chunk<ed25519::PublicKey, sha256::Digest>,
chunk: Chunk<PublicKey, sha256::Digest>,
epoch: Epoch,
) -> Ack<ed25519::PublicKey, V, sha256::Digest> {
) -> Ack<PublicKey, V, sha256::Digest> {
Ack::sign(NAMESPACE, share, chunk, epoch)
}

Expand All @@ -204,7 +205,7 @@ mod tests {
/// Generate a threshold signature directly from the shares specified by `indices`.
pub fn generate_threshold_from_indices<V: Variant>(
shares: &[Share],
chunk: &Chunk<ed25519::PublicKey, sha256::Digest>,
chunk: &Chunk<PublicKey, sha256::Digest>,
epoch: &Epoch,
quorum: u32,
indices: &[usize],
Expand All @@ -219,10 +220,10 @@ mod tests {
/// Create a vector of acks for the given share indices.
pub fn create_acks_for_indices<V: Variant>(
shares: &[Share],
chunk: Chunk<ed25519::PublicKey, sha256::Digest>,
chunk: Chunk<PublicKey, sha256::Digest>,
epoch: Epoch,
indices: &[usize],
) -> Vec<Ack<ed25519::PublicKey, V, sha256::Digest>> {
) -> Vec<Ack<PublicKey, V, sha256::Digest>> {
indices
.iter()
.map(|&i| create_ack(&shares[i], chunk.clone(), epoch))
Expand All @@ -232,9 +233,9 @@ mod tests {
/// Add acks (generated from the provided share indices) to the manager.
/// Returns the threshold signature if produced.
pub fn add_acks_for_indices<V: Variant>(
manager: &mut AckManager<ed25519::PublicKey, V, sha256::Digest>,
manager: &mut AckManager<PublicKey, V, sha256::Digest>,
shares: &[Share],
chunk: Chunk<ed25519::PublicKey, sha256::Digest>,
chunk: Chunk<PublicKey, sha256::Digest>,
epoch: Epoch,
quorum: u32,
indices: &[usize],
Expand All @@ -255,7 +256,7 @@ mod tests {
let num_validators = 6;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let height = 10;
let epoch = 5;
Expand Down Expand Up @@ -284,7 +285,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let epoch = 10;
let height1 = 10;
Expand Down Expand Up @@ -332,7 +333,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let epoch = 10;

Expand Down Expand Up @@ -401,7 +402,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let height = 30;
let epoch1 = 1;
Expand Down Expand Up @@ -444,7 +445,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let epoch = 99;
let sequencer = helpers::gen_public_key(1);
let height = 42;
Expand Down Expand Up @@ -482,7 +483,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let epoch = 1;
let height = 10;
Expand All @@ -504,7 +505,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let epoch = 1;
let height = 10;
Expand Down Expand Up @@ -534,7 +535,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();

let sequencer1 = helpers::gen_public_key(1);
let sequencer2 = helpers::gen_public_key(3);
Expand Down Expand Up @@ -567,7 +568,7 @@ mod tests {
let num_validators = 4;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let epoch = 1;
let height = 10;
Expand All @@ -591,7 +592,7 @@ mod tests {
let num_validators = 6;
let quorum = 3;
let shares = helpers::setup_shares::<V>(num_validators, quorum);
let mut acks = AckManager::<ed25519::PublicKey, V, sha256::Digest>::new();
let mut acks = AckManager::<PublicKey, V, sha256::Digest>::new();
let sequencer = helpers::gen_public_key(1);
let epoch = 1;
let height = 10;
Expand Down
6 changes: 3 additions & 3 deletions consensus/src/ordered_broadcast/config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
use super::types::{Activity, Context, Epoch};
use crate::{Automaton, Monitor, Relay, Reporter, Supervisor, ThresholdSupervisor};
use commonware_cryptography::{bls12381::primitives::variant::Variant, Digest, Scheme};
use commonware_cryptography::{bls12381::primitives::variant::Variant, Digest, Signer};
use std::time::Duration;

/// Configuration for the [`Engine`](super::Engine).
pub struct Config<
C: Scheme,
C: Signer,
V: Variant,
D: Digest,
A: Automaton<Context = Context<C::PublicKey>, Digest = D>,
R: Relay<Digest = D>,
Z: Reporter<Activity = Activity<C, V, D>>,
Z: Reporter<Activity = Activity<C::PublicKey, V, D>>,
M: Monitor<Index = Epoch>,
Su: Supervisor<Index = Epoch, PublicKey = C::PublicKey>,
TSu: ThresholdSupervisor<Index = Epoch, PublicKey = C::PublicKey>,
Expand Down
45 changes: 23 additions & 22 deletions consensus/src/ordered_broadcast/engine.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ use super::{
use crate::{Automaton, Monitor, Relay, Reporter, Supervisor, ThresholdSupervisor};
use commonware_cryptography::{
bls12381::primitives::{group, poly, variant::Variant},
Digest, Scheme,
Digest, PublicKey, Signer,
};
use commonware_macros::select;
use commonware_p2p::{
Expand Down Expand Up @@ -44,22 +44,22 @@ use std::{
use tracing::{debug, error, info, warn};

/// Represents a pending verification request to the automaton.
struct Verify<C: Scheme, D: Digest, E: Clock> {
struct Verify<C: PublicKey, D: Digest, E: Clock> {
timer: histogram::Timer<E>,
context: Context<C::PublicKey>,
context: Context<C>,
payload: D,
result: Result<bool, Error>,
}

/// Instance of the engine.
pub struct Engine<
E: Clock + Spawner + Storage + Metrics,
C: Scheme,
C: Signer,
V: Variant,
D: Digest,
A: Automaton<Context = Context<C::PublicKey>, Digest = D> + Clone,
R: Relay<Digest = D>,
Z: Reporter<Activity = Activity<C, V, D>>,
Z: Reporter<Activity = Activity<C::PublicKey, V, D>>,
M: Monitor<Index = Epoch>,
Su: Supervisor<Index = Epoch, PublicKey = C::PublicKey>,
TSu: ThresholdSupervisor<
Expand Down Expand Up @@ -130,7 +130,7 @@ pub struct Engine<
//
// There is no limit to the number of futures in this pool, so the automaton
// can apply backpressure by dropping the verification requests if necessary.
pending_verifies: FuturesPool<Verify<C, D, E>>,
pending_verifies: FuturesPool<Verify<C::PublicKey, D, E>>,

////////////////////////////////////////
// Storage
Expand All @@ -157,7 +157,7 @@ pub struct Engine<

// A map of sequencer public keys to their journals.
#[allow(clippy::type_complexity)]
journals: BTreeMap<C::PublicKey, Journal<E, Node<C, V, D>>>,
journals: BTreeMap<C::PublicKey, Journal<E, Node<C::PublicKey, V, D>>>,

////////////////////////////////////////
// State
Expand All @@ -167,7 +167,7 @@ pub struct Engine<
// The tip is a `Node` which is comprised of a `Chunk` and,
// if not the genesis chunk for that sequencer,
// a threshold signature over the parent chunk.
tip_manager: TipManager<C, V, D>,
tip_manager: TipManager<C::PublicKey, V, D>,

// Tracks the acknowledgements for chunks.
// This is comprised of partial signatures or threshold signatures.
Expand Down Expand Up @@ -202,12 +202,12 @@ pub struct Engine<

impl<
E: Clock + Spawner + Storage + Metrics,
C: Scheme,
C: Signer,
V: Variant,
D: Digest,
A: Automaton<Context = Context<C::PublicKey>, Digest = D> + Clone,
R: Relay<Digest = D>,
Z: Reporter<Activity = Activity<C, V, D>>,
Z: Reporter<Activity = Activity<C::PublicKey, V, D>>,
M: Monitor<Index = Epoch>,
Su: Supervisor<Index = Epoch, PublicKey = C::PublicKey>,
TSu: ThresholdSupervisor<
Expand Down Expand Up @@ -247,7 +247,7 @@ impl<
journal_name_prefix: cfg.journal_name_prefix,
journal_compression: cfg.journal_compression,
journals: BTreeMap::new(),
tip_manager: TipManager::<C, V, D>::new(),
tip_manager: TipManager::<C::PublicKey, V, D>::new(),
ack_manager: AckManager::<C::PublicKey, V, D>::new(),
epoch: 0,
priority_proposals: cfg.priority_proposals,
Expand Down Expand Up @@ -603,7 +603,7 @@ impl<
/// Handles a valid `Node` message, storing it as the tip.
/// Alerts the automaton of the new node.
/// Also appends the `Node` to the journal if it's new.
async fn handle_node(&mut self, node: &Node<C, V, D>) {
async fn handle_node(&mut self, node: &Node<C::PublicKey, V, D>) {
// Store the tip
let is_new = self.tip_manager.put(node);

Expand Down Expand Up @@ -680,7 +680,7 @@ impl<
&mut self,
context: Context<C::PublicKey>,
payload: D,
node_sender: &mut WrappedSender<NetS, Node<C, V, D>>,
node_sender: &mut WrappedSender<NetS, Node<C::PublicKey, V, D>>,
) -> Result<(), Error> {
let mut guard = self.metrics.propose.guard(Status::Dropped);
let me = self.crypto.public_key();
Expand Down Expand Up @@ -747,7 +747,7 @@ impl<
/// - this instance has not yet collected the threshold signature for the chunk.
async fn rebroadcast(
&mut self,
node_sender: &mut WrappedSender<NetS, Node<C, V, D>>,
node_sender: &mut WrappedSender<NetS, Node<C::PublicKey, V, D>>,
) -> Result<(), Error> {
let mut guard = self.metrics.rebroadcast.guard(Status::Dropped);

Expand Down Expand Up @@ -784,8 +784,8 @@ impl<
/// Send a `Node` message to all validators in the given epoch.
async fn broadcast(
&mut self,
node: Node<C, V, D>,
node_sender: &mut WrappedSender<NetS, Node<C, V, D>>,
node: Node<C::PublicKey, V, D>,
node_sender: &mut WrappedSender<NetS, Node<C::PublicKey, V, D>>,
epoch: Epoch,
) -> Result<(), Error> {
// Get the validators for the epoch
Expand Down Expand Up @@ -823,7 +823,7 @@ impl<
/// Else returns an error if the `Node` is invalid.
fn validate_node(
&mut self,
node: &Node<C, V, D>,
node: &Node<C::PublicKey, V, D>,
sender: &C::PublicKey,
) -> Result<Option<Chunk<C::PublicKey, D>>, Error> {
// Verify the sender
Expand Down Expand Up @@ -968,9 +968,10 @@ impl<
codec_config: (),
write_buffer: self.journal_write_buffer,
};
let journal = Journal::<_, Node<C, V, D>>::init(self.context.with_label("journal"), cfg)
.await
.expect("unable to init journal");
let journal =
Journal::<_, Node<C::PublicKey, V, D>>::init(self.context.with_label("journal"), cfg)
.await
.expect("unable to init journal");

// Replay journal
{
Expand All @@ -985,7 +986,7 @@ impl<

// Read from the stream, which may be in arbitrary order.
// Remember the highest node height
let mut tip: Option<Node<C, V, D>> = None;
let mut tip: Option<Node<C::PublicKey, V, D>> = None;
let mut num_items = 0;
while let Some(msg) = stream.next().await {
let (_, _, _, node) = msg.expect("unable to read from journal");
Expand Down Expand Up @@ -1021,7 +1022,7 @@ impl<
///
/// To prevent ever writing two conflicting `Chunk`s at the same height,
/// the journal must already be open and replayed.
async fn journal_append(&mut self, node: Node<C, V, D>) {
async fn journal_append(&mut self, node: Node<C::PublicKey, V, D>) {
let section = self.get_journal_section(node.chunk.height);
self.journals
.get_mut(&node.chunk.sequencer)
Expand Down
Loading
Loading