This is the significant step to make BEEFY client able to handle both
ECDSA and (ECDSA, BLS) type signature. The idea is having BEEFY Client
generic on crypto types makes migration to new types smoother.
This makes the BEEFY Keystore generic over AuthorityId and extends its
tests to cover the case when the AuthorityId is of type (ECDSA,
BLS12-377)
---------
Co-authored-by: Davide Galassi <davxy@datawok.net>
Co-authored-by: Robert Hambrock <roberthambrock@gmail.com>
Next step in process of making BEEFY being able to generate both ECDSA
and BLS signature after #1705. It allows BEEFY to use a pair of ECDSA
and BLS key as a AuthorityId.
---------
Co-authored-by: Davide Galassi <davxy@datawok.net>
Co-authored-by: Robert Hambrock <roberthambrock@gmail.com>
* Introduce bandersnatch vrf
* Some documentation
* Fix tests
* Fix docs refs
* Some more docs
* Comments about key derivation
* Make clippy happy
* Fix ring context enc/dec test
* Fix docs
* Switch to upstream ring-vrf
* Use sub-domains to construct VrfInput
* Bandersnatch VRF experimental feature
* Restore upstream dep
* Fix feature flags
* Apply typo fix
Co-authored-by: Anton <anton.kalyaev@gmail.com>
* Bump bandersnatch-vrfs
* Weiestrass form has been selected
* Rename bandersnatch testing app crypto id
* Support for seed recovery
* Clarified domain size <-> key size relationship
* cargo fmt
* Trigger CI
* Some required tweaks to crypto types
* Remove leftovers from Cargo.toml
* Remove some TODO notes
* Simplification of structs construction
* Trigger CI
* Apply review suggestion
Co-authored-by: Koute <koute@users.noreply.github.com>
* Docs typo
* Fix keystore tests
* Consistence
* Add ref to git rependency
* Static check of MAX_VRF_IOS value
* Clarify behavior for out of ring keys signatures
* Add test for ring-vrf to the keystore
* Fix docs
---------
Co-authored-by: Anton <anton.kalyaev@gmail.com>
Co-authored-by: Koute <koute@users.noreply.github.com>
* Cherry pick all crypto related changes from pull-request #13311
applied to master's head
* Import some stuff just if 'full_crypto' is on
* Remove copyright year
* Cleanup
* First generic BLS draft
* Finalize generic implementation
* Restore tests
* Fix rust docs
* Fix after master merge
* Fix after master merge
* Use double bls with G1 as signature group and verify individual signatures using DLEQ proof.
* Fix inclusions and types used within substrate
* Remove unused cruft
* Restore usage of upstream crates
* Fix test
* Reduce the diff by aligning Cargo.lock to master
* Application-crypto provides bls381
* Implement bls381 for local keystore
* Use new generic keystore features
* import DoublePublickey[Scheme] from the bls-like root to be less confusing.
* fix compilation
* Apply suggestions from code review
Co-authored-by: Robert Hambrock <roberthambrock@gmail.com>
* Clean leftovers
* - update bls test vector after applying spec change recommendation.
- send message as ref.
* Different hard junction ids for different bls12 types
* update to new bls-like
* bls-like → w3f-bls
* Make clippy happy
* update test vector after replacing hash and crop with hash to field.
* cargo fmt
* account for #13972
* hide BLS behind "bls_non_production" feature flag
* Remove Cargo.lock entries duplicated in merge
* add bls377 to primitives/keystore and client/keystore
add bls377 to primitives/application-crypto/
add bls_non_production to primitives/keystore and client/keystore
bump up w3f-bls version
* rename feature `bls_non_production` to `bls-experimental`
---------
Co-authored-by: Davide Galassi <davxy@datawok.net>
Co-authored-by: André Silva <andrerfosilva@gmail.com>
Co-authored-by: Robert Hambrock <roberthambrock@gmail.com>
* Allow extra signing data
* Fix tests after renaming
* Rename VrfSecret/VrfVerifier to VrfSecret/VrfPublic
* Further encrapsulation of 'transcript' type to the sr25519 implementation
* Keystore sr25519 pre-output
* Leave additional custom input field hidden in the associated VrfInput type
* Fix test
* More ergonomic output_bytes
* Trigger pipeline
* Define a separated type for vrf signature data
* Fix docs
* Fix doc
* Remove annotation
* Directly use dleq_proove and dleq_verify in sr25519
* Trigger CI
* Remove cruft before merge
* First iteration to encapsulate schnorrkel and merlin usage
* Remove schnorkel direct dependency from BABE pallet
* Remove schnorrkel direct dependency from BABE client
* Trivial renaming for VrfTranscript data and value
* Better errors
* Expose a function to get a schnorrkel friendly transcript
* Keep the vrf signature stuff together (preventing some clones around)
* Fix tests
* Remove vrf agnostic transcript and define it as an associated type for VrfSigner and VrfVerifier
* Fix babe pallet mock
* Inner types are required to be public for polkadot
* Update client/consensus/babe/src/verification.rs
Co-authored-by: Koute <koute@users.noreply.github.com>
* Nit
* Remove Deref implementations
* make_bytes as a method
* Trigger CI
---------
Co-authored-by: Koute <koute@users.noreply.github.com>
* Introduce keystore specialized sign methods
* Get rid of 'AppKey::UntypedGeneric' associated type.
Untyped generics are accessible using associated types 'Generic' associated type.
I.e. <T as AppKey>::Public::Generic
* Get rid of 'CryptoTypePublicPair'
* Trivial fix
* Small refactory of local keystore implementations
* Remove 'crypto_id' method from 'Public'
* Trivial rename of 'AppKey' to 'AppCrypto'
* Remove unused import
* Improve docs
* Better signature related errors for authority-discovery
* Apply review suggestion
* Apply review suggestions
Co-authored-by: Koute <koute@users.noreply.github.com>
* Authority discoverty signing error revisited
* Signing error revisited for babe and aura as well
* Further cleanup
---------
Co-authored-by: Koute <koute@users.noreply.github.com>
* Change copyright year to 2023 from 2022
* Fix incorrect update of copyright year
* Remove years from copy right header
* Fix remaining files
* Fix typo in a header and remove update-copyright.sh
* Use `array-bytes` for All Array/Bytes/Hex Operations
Signed-off-by: Xavier Lau <xavier@inv.cafe>
* Reorder
* Self Review
* Format
* Fix Tests
* Bump `array-bytes`
* Optimize large test res
Signed-off-by: Xavier Lau <xavier@inv.cafe>
Co-authored-by: parity-processbot <>
The keystore would print "Invalid password" when a key was stored using an incorrect public key.
This pr improves the error message to communicate better to the user on what is wrong.
* Consolidating test and production code
* Signing/verifying authority discovery records with PeerId
Unsigned records cannot be rejected yet, they just produce
a warning in the log.
* Upgrading to libp2p 0.40
* libp2p::identity and sp_core::crypto Ed25519 are compatible
* Rejecting authority records unsigned by peer id can be configured
* Fixes based on review comments
* No command-line argument needed
* info was still too much spam in the logs
* Added tests for both strict and loose validation
* Fixing based on review comments
* Pierre preferred a signing method
* Ooops, I need to slow down
* Update bin/node/cli/src/service.rs
* Reexport libp2p crypto used in sc-network
* Added proto3 compatibility tests. And import noise.
Co-authored-by: Bastian Köcher <bkchr@users.noreply.github.com>
* Run cargo fmt on the whole code base
* Second run
* Add CI check
* Fix compilation
* More unnecessary braces
* Handle weights
* Use --all
* Use correct attributes...
* Fix UI tests
* AHHHHHHHHH
* 🤦
* Docs
* Fix compilation
* 🤷
* Please stop
* 🤦 x 2
* More
* make rustfmt.toml consistent with polkadot
Co-authored-by: André Silva <andrerfosilva@gmail.com>
This fixes the handling of base-path when using `key insert`. Before
the base-path wasn't setup correctly, as done when starting a node. This
resulted in putting the keys into the wrong directory. This pr fixes
this by creating the correct base-path/config dir for the keystore.
Besides that it also removes the insert command from `subkey` as it
doesn't make that much sense. If requested, we could bring it back later.
* Export app-crypto specific keystore functions
* Also add back the insert function
* Switch KeystoreContainer to an enum
* Only export the bare minimal for LocalKeystore and fix service compile
* fix: should return Arc
* Add docs stating that functions only available in local keystore
* Remove insert and generate functions
* fix: generate function should be available in test
* Add keypair function to trait
* Revert "Add keypair function to trait"
This reverts commit ad921b09ca73d3c09298e3a51b562ef8e0067781.
* Add note for local_keystore function in service
* Asyncify sign_with
* Asyncify generate/get keys
* Complete BareCryptoStore asyncification
* Cleanup
* Rebase
* Add Proxy
* Inject keystore proxy into extensions
* Implement some methods
* Await on send
* Cleanup
* Send result over the oneshot channel sender
* Process one future at a time
* Fix cargo stuff
* Asyncify sr25519_vrf_sign
* Cherry-pick and fix changes
* Introduce SyncCryptoStore
* SQUASH ME WITH THE first commit
* Implement into SyncCryptoStore
* Implement BareCryptoStore for KeystoreProxyAdapter
* authority-discovery
* AURA
* BABE
* finality-grandpa
* offchain-workers
* benchmarking-cli
* sp_io
* test-utils
* application-crypto
* Extensions and RPC
* Client Service
* bin
* Update cargo.lock
* Implement BareCryptoStore on proxy directly
* Simplify proxy setup
* Fix authority-discover
* Pass async keystore to authority-discovery
* Fix tests
* Use async keystore in authority-discovery
* Rename BareCryptoStore to CryptoStore
* WIP
* Remote mutable borrow in CryptoStore trait
* Implement Keystore with backends
* Remove Proxy implementation
* Fix service builder and keystore user-crates
* Fix tests
* Rework authority-discovery after refactoring
* futures::select!
* Fix multiple mut borrows in authority-discovery
* Merge fixes
* Require sync
* Restore Cargo.lock
* PR feedback - round 1
* Remove Keystore and use LocalKeystore directly
Also renamed KeystoreParams to KeystoreContainer
* Join
* Remove sync requirement
* Fix keystore tests
* Fix tests
* client/authority-discovery: Remove event stream dynamic dispatching
With authority-discovery moving from a poll based future to an `async`
future Rust has difficulties propagating the `Sync` trade through the
generated state machine.
Instead of using dynamic dispatching, use a trait parameter to specify
the DHT event stream.
* Make it compile
* Fix submit_transaction
* Fix block_on issue
* Use await in async context
* Fix manual seal keystore
* Fix authoring_blocks test
* fix aura authoring_blocks
* Try to fix tests for auth-discovery
* client/authority-discovery: Fix lookup_throttling test
* client/authority-discovery: Fix triggers_dht_get_query test
* Fix epoch_authorship_works
* client/authority-discovery: Remove timing assumption in unit test
* client/authority-discovery: Revert changes to termination test
* PR feedback
* Remove deadcode and mark test code
* Fix test_sync
* Use the correct keyring type
* Return when from_service stream is closed
* Convert SyncCryptoStore to a trait
* Fix line width
* Fix line width - take 2
* Remove unused import
* Fix keystore instantiation
* PR feedback
* Remove KeystoreContainer
* Revert "Remove KeystoreContainer"
This reverts commit ea4a37c7d74f9772b93d974e05e4498af6192730.
* Take a ref of keystore
* Move keystore to dev-dependencies
* Address some PR feedback
* Missed one
* Pass keystore reference - take 2
* client/finality-grandpa: Use `Arc<dyn CryptoStore>` instead of SyncXXX
Instead of using `SyncCryptoStorePtr` within `client/finality-grandpa`,
which is a type alias for `Arc<dyn SyncCryptoStore>`, use `Arc<dyn
CryptoStore>`. Benefits are:
1. No additional mental overhead of a `SyncCryptoStorePtr`.
2. Ability for new code to use the asynchronous methods of `CryptoStore`
instead of the synchronous `SyncCryptoStore` methods within
`client/finality-granpa` without the need for larger refactorings.
Note: This commit uses `Arc<dyn CryptoStore>` instead of
`CryptoStorePtr`, as I find the type signature more descriptive. This is
subjective and in no way required.
* Remove SyncCryptoStorePtr
* Remove KeystoreContainer & SyncCryptoStorePtr
* PR feedback
* *: Use CryptoStorePtr whereever possible
* *: Define SyncCryptoStore as a pure extension trait of CryptoStore
* Follow up to SyncCryptoStore extension trait
* Adjust docs for SyncCryptoStore as Ben suggested
* Cleanup unnecessary requirements
* sp-keystore
* Use async_std::task::block_on in keystore
* Fix block_on std requirement
* Update primitives/keystore/src/lib.rs
Co-authored-by: Max Inden <mail@max-inden.de>
* Fix wasm build
* Remove unused var
* Fix wasm compilation - take 2
* Revert async-std in keystore
* Fix indent
* Fix version and copyright
* Cleanup feature = "std"
* Auth Discovery: Ignore if from_service is cloed
* Max's suggestion
* Revert async-std usage for block_on
* Address PR feedback
* Fix example offchain worker build
* Address PR feedback
* Update Cargo.lock
* Move unused methods to test helper functions
* Restore accidentally deleted cargo.lock files
* Fix unused imports
Co-authored-by: Max Inden <mail@max-inden.de>
Co-authored-by: Shawn Tabrizi <shawntabrizi@gmail.com>
* Restrict `Protected` to some heap types.
* Comment abut Protected usage.
* Remove Protected from crypto, use secrecy crate for existing uses.
* use a parse function
* fix error convert
* Rename and move secretY string function.
* std result
* Introduce trait
* Implement VRFSigner in keystore
* Use vrf_sign from keystore
* Convert output to VRFInOut
* Simplify conversion
* vrf_sign secondary slot using keystore
* Fix RPC call to claim_slot
* Use Public instead of Pair
* Check primary threshold in signer
* Fix interface to return error
* Move vrf_sign to BareCryptoStore
* Fix authorship_works test
* Fix BABE logic leaks
* Acquire a read lock once
* Also fix RPC acquiring the read lock once
* Implement a generic way to construct VRF Transcript
* Use make_transcript_data to call sr25519_vrf_sign
* Make sure VRFTranscriptData is serializable
* Cleanup
* Move VRF to it's own module
* Implement & test VRF signing in testing module
* Remove leftover
* Fix feature requirements
* Revert removing vec macro
* Drop keystore pointer to prevent deadlock
* Nitpicks
* Add test to make sure make_transcript works
* Fix mismatch in VRF transcript
* Add a test to verify transcripts match in babe
* Return VRFOutput and VRFProof from keystore
* Add KEY_KIND_ID to the public trait
This change is being introduced for the purpose of identifying a public
key with it's identifier and algorithm "kind".
* Use `sign_with` as implemented in BareCryptoStore
* Implement `sign_with` in sc_keystore
* Fix inconsistencies, use *_KIND_ID in sp_core testing
* Rename KeyKindId to CryptoTypeId
* Remove pair-returning functions from BareCryptoStore trait
* Define CryptoTypeId in app-crypto macros
* Add functions to get keys supported by keystore
* Fix sign_with signature to include CryptoTypePublicPair
* Add `sign_with_any` and `sign_with_all`
* Use keystore.sign_with in auth_discovery
* Rename get_supported_keys -> supported_keys
* Added headers to function docstrings
* Use chain instead of extending a temp vector
* Fixed some code formatting
* Restrict size of CryptoTypeId
This is to be able to use Encode/Decode derives and the overcome having
the size being unknown at compile-time.
* Implement sign_with in the trait itself
* Remove whitespace
* Use key_type also as a CryptoTypeId in app_crypto macros
* Rename `get_keys` to `keys` in BareCryptoStore
* Remove usage of key_pair funcs in tests
* Adjust docstring for *_CYPTO_ID constants
* Fix failures
* Simplify mapping on keys
* Remove one let
* Fixed typo
* PR feedback
* remove whitespace
* Zip keys and signatures
* Use into_iter & remove cloned
* Pass index to MissingSignature
* Use typed errors instead of strings for BareCryptoStore
* Implement Debug for trait error
* Use hashsets for better performance for supported_keys
* Make sure keys are inserted into the keystore
* Make sign_with_all return type consistent with `sign_with`
* Rename Error to BareCryptoStoreError
* Rename CRYPT_TYPE_ID -> CRYPTO_ID
* Remove unnecessary CRYPTO_ID declaration in Public trait
* Convert pub key to CryptoTypePublicPair
* Fix use
* Fix code style
* Implement From on CryptoTypePublicPair in app_crypto macros
* Change CryptoTypePublicPair to a struct
* Implement Display on CryptoTypePublicPair
* Pass CryptoTypePublicPair to MissingSignature error
* Adjust docs according to function signature
* Unify keys implementation
* Fix RPC author tests
* Fix stackoverflow
* Tabify spaces
* Pass KeyTypeId to error for easier debugging
* Fix asserts
* Use ToHex to format public key
* Use constants from sp_core
* Rename testing KeyTypeId constants
* Please compiler
* Restore KeyTypeId names
apparently, they're not only used in tests
* Use BareCryptoStoreError instead of String
* Document return value
* Fix borrow check
* Convert to hashset internally
* WIP - iter_keys
* Return raw_public_keys
* Address PR feedback
* Address PR Feedback
* Fix hexdisplay import error
* Update primitives/core/src/traits.rs
Co-authored-by: Bastian Köcher <bkchr@users.noreply.github.com>
* babe_epochAuthorship
remove test-helpers from sp-keyring, bump spec_version, impl_version
* bump Cargo.lock
* add BabeRPC to node-rpc
* rename to BabeApi, remove err_derive
* pass &ServiceBuilder to with_rpc_extensions callback
* sc-consensus-babe-rpc
* Update client/consensus/babe/src/lib.rs
Co-Authored-By: Tomasz Drwięga <tomusdrw@users.noreply.github.com>
* Better docs, code style chanegs
Co-Authored-By: André Silva <andre.beat@gmail.com>
* new line at the end of Cargo.toml
Co-authored-by: Tomasz Drwięga <tomusdrw@users.noreply.github.com>
Co-authored-by: André Silva <andre.beat@gmail.com>
* Introduces `author_hasKey` and `author_hasSessionKeys` rpc endpoints
Both endpoints can be used to check if a key is present in the keystore.
- `hasKey` works on with an individual public key and key type. It
checks if a private key for the given combination exists in the
keystore.
- `hasSessionKeys` works with the full encoded session key blob stored
on-chain in `nextKeys`. This requires that the given blob can be decoded
by the runtime. It will return `true`, iff all public keys of the
session key exist in the storage.
Fixes: https://github.com/paritytech/substrate/issues/4696
* Update client/rpc-api/src/author/error.rs
Co-Authored-By: Nikolay Volf <nikvolf@gmail.com>
* Indentation
Co-authored-by: Nikolay Volf <nikvolf@gmail.com>
* Adding first rough ouline of the repository structure
* Remove old CI stuff
* add title
* formatting fixes
* move node-exits job's script to scripts dir
* Move docs into subdir
* move to bin
* move maintainence scripts, configs and helpers into its own dir
* add .local to ignore
* move core->client
* start up 'test' area
* move test client
* move test runtime
* make test move compile
* Add dependencies rule enforcement.
* Fix indexing.
* Update docs to reflect latest changes
* Moving /srml->/paint
* update docs
* move client/sr-* -> primitives/
* clean old readme
* remove old broken code in rhd
* update lock
* Step 1.
* starting to untangle client
* Fix after merge.
* start splitting out client interfaces
* move children and blockchain interfaces
* Move trie and state-machine to primitives.
* Fix WASM builds.
* fixing broken imports
* more interface moves
* move backend and light to interfaces
* move CallExecutor
* move cli off client
* moving around more interfaces
* re-add consensus crates into the mix
* fix subkey path
* relieve client from executor
* starting to pull out client from grandpa
* move is_decendent_of out of client
* grandpa still depends on client directly
* lemme tests pass
* rename srml->paint
* Make it compile.
* rename interfaces->client-api
* Move keyring to primitives.
* fixup libp2p dep
* fix broken use
* allow dependency enforcement to fail
* move fork-tree
* Moving wasm-builder
* make env
* move build-script-utils
* fixup broken crate depdencies and names
* fix imports for authority discovery
* fix typo
* update cargo.lock
* fixing imports
* Fix paths and add missing crates
* re-add missing crates
Davide Galassi