Bandersnatch VRF (#14412)

* Introduce bandersnatch vrf

* Some documentation

* Fix tests

* Fix docs refs

* Some more docs

* Comments about key derivation

* Make clippy happy

* Fix ring context enc/dec test

* Fix docs

* Switch to upstream ring-vrf

* Use sub-domains to construct VrfInput

* Bandersnatch VRF experimental feature

* Restore upstream dep

* Fix feature flags

* Apply typo fix

Co-authored-by: Anton <anton.kalyaev@gmail.com>

* Bump bandersnatch-vrfs

* Weiestrass form has been selected

* Rename bandersnatch testing app crypto id

* Support for seed recovery

* Clarified domain size <-> key size relationship

* cargo fmt

* Trigger CI

* Some required tweaks to crypto types

* Remove leftovers from Cargo.toml

* Remove some TODO notes

* Simplification of structs construction

* Trigger CI

* Apply review suggestion

Co-authored-by: Koute <koute@users.noreply.github.com>

* Docs typo

* Fix keystore tests

* Consistence

* Add ref to git rependency

* Static check of MAX_VRF_IOS value

* Clarify behavior for out of ring keys signatures

* Add test for ring-vrf to the keystore

* Fix docs

---------

Co-authored-by: Anton <anton.kalyaev@gmail.com>
Co-authored-by: Koute <koute@users.noreply.github.com>

substrate/primitives/application-crypto/src/bandersnatch.rs

@@ -0,0 +1,57 @@
+// This file is part of Substrate.
+
+// Copyright (C) Parity Technologies (UK) Ltd.
+// SPDX-License-Identifier: Apache-2.0
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// 	http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Bandersnatch VRF application crypto types.
+
+use crate::{KeyTypeId, RuntimePublic};
+pub use sp_core::bandersnatch::*;
+use sp_std::vec::Vec;
+
+mod app {
+	crate::app_crypto!(super, sp_core::testing::BANDERSNATCH);
+}
+
+#[cfg(feature = "full_crypto")]
+pub use app::Pair as AppPair;
+pub use app::{Public as AppPublic, Signature as AppSignature};
+
+impl RuntimePublic for Public {
+	type Signature = Signature;
+
+	/// Dummy implementation. Returns an empty vector.
+	fn all(_key_type: KeyTypeId) -> Vec<Self> {
+		Vec::new()
+	}
+
+	fn generate_pair(key_type: KeyTypeId, seed: Option<Vec<u8>>) -> Self {
+		sp_io::crypto::bandersnatch_generate(key_type, seed)
+	}
+
+	/// Dummy implementation. Returns `None`.
+	fn sign<M: AsRef<[u8]>>(&self, _key_type: KeyTypeId, _msg: &M) -> Option<Self::Signature> {
+		None
+	}
+
+	/// Dummy implementation. Returns `false`.
+	fn verify<M: AsRef<[u8]>>(&self, _msg: &M, _signature: &Self::Signature) -> bool {
+		false
+	}
+
+	fn to_raw_vec(&self) -> Vec<u8> {
+		sp_core::crypto::ByteArray::to_raw_vec(self)
+	}
+}

substrate/primitives/application-crypto/src/lib.rs

@@ -43,6 +43,8 @@ pub use serde;
 #[doc(hidden)]
 pub use sp_std::{ops::Deref, vec::Vec};
 
+#[cfg(feature = "bandersnatch-experimental")]
+pub mod bandersnatch;
 #[cfg(feature = "bls-experimental")]
 pub mod bls377;
 #[cfg(feature = "bls-experimental")]

substrate/primitives/application-crypto/src/traits.rs

@@ -23,7 +23,7 @@ use sp_core::crypto::Pair;
 use sp_core::crypto::{CryptoType, CryptoTypeId, IsWrappedBy, KeyTypeId, Public};
 use sp_std::{fmt::Debug, vec::Vec};
 
-/// An application-specific cryptographic object.
+/// Application-specific cryptographic object.
 ///
 /// Combines all the core types and constants that are defined by a particular
 /// cryptographic scheme when it is used in a specific application domain.
@@ -31,7 +31,7 @@ use sp_std::{fmt::Debug, vec::Vec};
 /// Typically, the implementers of this trait are its associated types themselves.
 /// This provides a convenient way to access generic information about the scheme
 /// given any of the associated types.
-pub trait AppCrypto: 'static + Send + Sync + Sized + CryptoType + Clone {
+pub trait AppCrypto: 'static + Sized + CryptoType {
 	/// Identifier for application-specific key type.
 	const ID: KeyTypeId;
 
@@ -61,38 +61,30 @@ pub trait MaybeHash {}
 #[cfg(all(not(feature = "std"), not(feature = "full_crypto")))]
 impl<T> MaybeHash for T {}
 
-/// A application's public key.
-pub trait AppPublic:
-	AppCrypto + Public + Ord + PartialOrd + Eq + PartialEq + Debug + MaybeHash + Codec
-{
-	/// The wrapped type which is just a plain instance of `Public`.
-	type Generic: IsWrappedBy<Self>
-		+ Public
-		+ Ord
-		+ PartialOrd
-		+ Eq
-		+ PartialEq
-		+ Debug
-		+ MaybeHash
-		+ Codec;
-}
-
-/// A application's key pair.
+/// Application-specific key pair.
 #[cfg(feature = "full_crypto")]
-pub trait AppPair: AppCrypto + Pair<Public = <Self as AppCrypto>::Public> {
+pub trait AppPair:
+	AppCrypto + Pair<Public = <Self as AppCrypto>::Public, Signature = <Self as AppCrypto>::Signature>
+{
 	/// The wrapped type which is just a plain instance of `Pair`.
 	type Generic: IsWrappedBy<Self>
 		+ Pair<Public = <<Self as AppCrypto>::Public as AppPublic>::Generic>
 		+ Pair<Signature = <<Self as AppCrypto>::Signature as AppSignature>::Generic>;
 }
 
-/// A application's signature.
-pub trait AppSignature: AppCrypto + Eq + PartialEq + Debug {
+/// Application-specific public key.
+pub trait AppPublic: AppCrypto + Public + Debug + MaybeHash + Codec {
+	/// The wrapped type which is just a plain instance of `Public`.
+	type Generic: IsWrappedBy<Self> + Public + Debug + MaybeHash + Codec;
+}
+
+/// Application-specific signature.
+pub trait AppSignature: AppCrypto + Eq + PartialEq + Debug + Clone {
 	/// The wrapped type which is just a plain instance of `Signature`.
 	type Generic: IsWrappedBy<Self> + Eq + PartialEq + Debug;
 }
 
-/// A runtime interface for a public key.
+/// Runtime interface for a public key.
 pub trait RuntimePublic: Sized {
 	/// The signature that will be generated when signing with the corresponding private key.
 	type Signature: Debug + Eq + PartialEq + Clone;
@@ -123,7 +115,7 @@ pub trait RuntimePublic: Sized {
 	fn to_raw_vec(&self) -> Vec<u8>;
 }
 
-/// A runtime interface for an application's public key.
+/// Runtime interface for an application's public key.
 pub trait RuntimeAppPublic: Sized {
 	/// An identifier for this application-specific key type.
 	const ID: KeyTypeId;