Use sign_with in consensus (#6008)

* Add derive_more to sp_core

* Convert Vec to Signature

* Use sign_with in AURA and BABE

* Signing errors

* Update slots to return consensus result

* Fix use

* Clone public key

* Match block_params

* WIP

* Use to_public_crypto_pair

* Pass public key only to block import params

* Address PR review

* Fix consensus RPC

* Fix babe tests

* adjust uses

* Fix line widths

substrate/client/consensus/babe/src/authorship.rs

@@ -126,7 +126,7 @@ fn claim_secondary_slot(
 	epoch: &Epoch,
 	key_pairs: &[(AuthorityPair, usize)],
 	author_secondary_vrf: bool,
-) -> Option<(PreDigest, AuthorityPair)> {
+) -> Option<(PreDigest, AuthorityId)> {
 	let Epoch { authorities, randomness, epoch_index, .. } = epoch;
 
 	if authorities.is_empty() {
@@ -163,7 +163,7 @@ fn claim_secondary_slot(
 				})
 			};
 
-			return Some((pre_digest, pair.clone()));
+			return Some((pre_digest, pair.public()));
 		}
 	}
 
@@ -178,7 +178,7 @@ pub fn claim_slot(
 	slot_number: SlotNumber,
 	epoch: &Epoch,
 	keystore: &KeyStorePtr,
-) -> Option<(PreDigest, AuthorityPair)> {
+) -> Option<(PreDigest, AuthorityId)> {
 	let key_pairs = {
 		let keystore = keystore.read();
 		epoch.authorities.iter()
@@ -197,7 +197,7 @@ pub fn claim_slot_using_key_pairs(
 	slot_number: SlotNumber,
 	epoch: &Epoch,
 	key_pairs: &[(AuthorityPair, usize)],
-) -> Option<(PreDigest, AuthorityPair)> {
+) -> Option<(PreDigest, AuthorityId)> {
 	claim_primary_slot(slot_number, epoch, epoch.config.c, &key_pairs)
 		.or_else(|| {
 			if epoch.config.allowed_slots.is_secondary_plain_slots_allowed() ||
@@ -229,7 +229,7 @@ fn claim_primary_slot(
 	epoch: &Epoch,
 	c: (u64, u64),
 	key_pairs: &[(AuthorityPair, usize)],
-) -> Option<(PreDigest, AuthorityPair)> {
+) -> Option<(PreDigest, AuthorityId)> {
 	let Epoch { authorities, randomness, epoch_index, .. } = epoch;
 
 	for (pair, authority_index) in key_pairs {
@@ -254,7 +254,7 @@ fn claim_primary_slot(
 
 		// early exit on first successful claim
 		if let Some(pre_digest) = pre_digest {
-			return Some((pre_digest, pair.clone()));
+			return Some((pre_digest, pair.public()));
 		}
 	}
 

substrate/client/consensus/babe/src/lib.rs

@@ -76,12 +76,14 @@ pub use sp_consensus_babe::{
 pub use sp_consensus::SyncOracle;
 use std::{
 	collections::HashMap, sync::Arc, u64, pin::Pin, time::{Instant, Duration},
-	any::Any, borrow::Cow
+	any::Any, borrow::Cow, convert::TryInto,
 };
 use sp_consensus::{ImportResult, CanAuthorWith};
 use sp_consensus::import_queue::{
 	BoxJustificationImport, BoxFinalityProofImport,
 };
+use sp_core::{crypto::Public, traits::BareCryptoStore};
+use sp_application_crypto::AppKey;
 use sp_runtime::{
 	generic::{BlockId, OpaqueDigestItemId}, Justification,
 	traits::{Block as BlockT, Header, DigestItemFor, Zero},
@@ -89,7 +91,6 @@ use sp_runtime::{
 use sp_api::{ProvideRuntimeApi, NumberFor};
 use sc_keystore::KeyStorePtr;
 use parking_lot::Mutex;
-use sp_core::Pair;
 use sp_inherents::{InherentDataProviders, InherentData};
 use sc_telemetry::{telemetry, CONSENSUS_TRACE, CONSENSUS_DEBUG};
 use sp_consensus::{
@@ -440,7 +441,7 @@ impl<B, C, E, I, Error, SO> sc_consensus_slots::SimpleSlotWorker<B> for BabeWork
 	Error: std::error::Error + Send + From<ConsensusError> + From<I::Error> + 'static,
 {
 	type EpochData = ViableEpochDescriptor<B::Hash, NumberFor<B>, Epoch>;
-	type Claim = (PreDigest, AuthorityPair);
+	type Claim = (PreDigest, AuthorityId);
 	type SyncOracle = SO;
 	type CreateProposer = Pin<Box<
 		dyn Future<Output = Result<E::Proposer, sp_consensus::Error>> + Send + 'static
@@ -517,12 +518,30 @@ impl<B, C, E, I, Error, SO> sc_consensus_slots::SimpleSlotWorker<B> for BabeWork
 		StorageChanges<I::Transaction, B>,
 		Self::Claim,
 		Self::EpochData,
-	) -> sp_consensus::BlockImportParams<B, I::Transaction> + Send> {
-		Box::new(|header, header_hash, body, storage_changes, (_, pair), epoch_descriptor| {
+	) -> Result<
+		sp_consensus::BlockImportParams<B, I::Transaction>,
+		sp_consensus::Error> + Send + 'static>
+	{
+		let keystore = self.keystore.clone();
+		Box::new(move |header, header_hash, body, storage_changes, (_, public), epoch_descriptor| {
 			// sign the pre-sealed hash of the block and then
 			// add it to a digest item.
-			let signature = pair.sign(header_hash.as_ref());
-			let digest_item = <DigestItemFor<B> as CompatibleDigestItem>::babe_seal(signature);
+			let public_type_pair = public.clone().into();
+			let public = public.to_raw_vec();
+			let signature = keystore.read()
+				.sign_with(
+					<AuthorityId as AppKey>::ID,
+					&public_type_pair,
+					header_hash.as_ref()
+				)
+				.map_err(|e| sp_consensus::Error::CannotSign(
+					public.clone(), e.to_string(),
+				))?;
+			let signature: AuthoritySignature = signature.clone().try_into()
+				.map_err(|_| sp_consensus::Error::InvalidSignature(
+					signature, public
+				))?;
+			let digest_item = <DigestItemFor<B> as CompatibleDigestItem>::babe_seal(signature.into());
 
 			let mut import_block = BlockImportParams::new(BlockOrigin::Own, header);
 			import_block.post_digests.push(digest_item);
@@ -533,7 +552,7 @@ impl<B, C, E, I, Error, SO> sc_consensus_slots::SimpleSlotWorker<B> for BabeWork
 				Box::new(BabeIntermediate::<B> { epoch_descriptor }) as Box<dyn Any>,
 			);
 
-			import_block
+			Ok(import_block)
 		})
 	}
 

substrate/client/consensus/babe/src/tests.rs

@@ -21,7 +21,7 @@
 #![allow(deprecated)]
 use super::*;
 use authorship::claim_slot;
-
+use sp_core::crypto::Pair;
 use sp_consensus_babe::{AuthorityPair, SlotNumber, AllowedSlots};
 use sc_block_builder::{BlockBuilder, BlockBuilderProvider};
 use sp_consensus::{