Commit Graph

4 Commits

Author SHA1 Message Date
Dónal Murray d68868f64a Fix clippy lints behind feature gates and add new CI step all features (#2569)
Many clippy lints usually enforced by `-Dcomplexity` and `-Dcorrectness`
are not caught by CI as they are gated by `features`, like
`runtime-benchmarks`, while the clippy CI job runs with only the default
features for all targets.

This PR also adds a CI step to run clippy with `--all-features` to
ensure the code quality is maintained behind feature gates from now on.

To improve local development, clippy lints are downgraded to warnings,
but they still will result in an error at CI due to the `-Dwarnings`
rustflag.

---------

Co-authored-by: Liam Aharon <liam.aharon@hotmail.com>
2023-12-20 16:30:10 +00:00
drskalman b371c35741 Fix ecdsa_bls verify in BEEFY primitives (#2066)
BEEFY ECDSA signatures are on keccak has of the messages. As such we can
not simply call

`EcdsaBlsPair::verify(signature.as_inner_ref(), msg,
self.as_inner_ref())`

because that invokes ecdsa default verification which perfoms blake2
hash which we don't want.

This bring up the second issue makes: This makes `sign` and `verify`
function in `pair_crypto` useless, at least for BEEFY use case.
Moreover, there is no obvious clean way to generate the signature given
that pair_crypto does not exposes `sign_prehashed`. You could in theory
query the keystore for the pair (could you?), invoke `to_raw` and
re-generate each sub-pair and sign using each. But that sounds extremely
anticlimactic and will be frow upon by auditors . So I appreciate any
alternative suggestion.

---------

Co-authored-by: Davide Galassi <davxy@datawok.net>
Co-authored-by: Robert Hambrock <roberthambrock@gmail.com>
2023-11-14 10:39:44 +02:00
drskalman fbd5777118 Application Crypto and BEEFY Support for paired (ECDSA,BLS) crypto (#1815)
Next step in process of making BEEFY being able to generate both ECDSA
and BLS signature after #1705. It allows BEEFY to use a pair of ECDSA
and BLS key as a AuthorityId.

---------

Co-authored-by: Davide Galassi <davxy@datawok.net>
Co-authored-by: Robert Hambrock <roberthambrock@gmail.com>
2023-10-24 20:37:34 +02:00
drskalman 1b34571c0c Paired-key Crypto Scheme (#1705)
BEEFY needs two cryptographic keys at the same time. Validators should
sign BEEFY payload using both ECDSA and BLS key. The network will gossip
a payload which contains a valid ECDSA key. The prover nodes aggregate
the BLS keys if aggregation fails to verifies the validator which
provided a valid ECDSA signature but an invalid BLS signature is subject
to slashing.

As such BEEFY session should be initiated with both key. Currently there
is no straight forward way of doing so, beside having a session with
RuntimeApp corresponding to a crypto scheme contains both keys.

This pull request implement a generic paired_crypto scheme as well as
implementing it for (ECDSA, BLS) pair.

---------

Co-authored-by: Davide Galassi <davxy@datawok.net>
Co-authored-by: Robert Hambrock <roberthambrock@gmail.com>
2023-10-15 11:42:40 +02:00