BLS Core Crypto attempt #2 (paritytech#13618)

* Cherry pick all crypto related changes from pull-request paritytech#13311
applied to master's head

* Import some stuff just if 'full_crypto' is on

* Remove copyright year

* Cleanup

* First generic BLS draft

* Finalize generic implementation

* Restore tests

* Fix rust docs

* Fix after master merge

* Fix after master merge

* Use double bls with G1 as signature group and verify individual signatures using DLEQ proof.

* Fix inclusions and types used within substrate

* Remove unused cruft

* Restore usage of upstream crates

* Fix test

* Reduce the diff by aligning Cargo.lock to master

* Application-crypto provides bls381

* Implement bls381 for local keystore

* Use new generic keystore features

* import DoublePublickey[Scheme] from the bls-like root to be less confusing.

* fix compilation

* Apply suggestions from code review

Co-authored-by: Robert Hambrock <[email protected]>

* Clean leftovers

* - update bls test vector after applying spec change recommendation.
- send message as ref.

* Different hard junction ids for different bls12 types

* update to new bls-like

* bls-like → w3f-bls

* Make clippy happy

* update test vector after replacing hash and crop with hash to field.

* cargo fmt

* account for paritytech#13972

* hide BLS behind "bls_non_production" feature flag

* Remove Cargo.lock entries duplicated in merge

* add bls377 to primitives/keystore and client/keystore
add bls377 to primitives/application-crypto/
add bls_non_production to primitives/keystore and client/keystore
bump up w3f-bls version

* rename feature `bls_non_production` to `bls-experimental`

---------

Co-authored-by: Davide Galassi <[email protected]>
Co-authored-by: André Silva <[email protected]>
Co-authored-by: Robert Hambrock <[email protected]>

Author: 4 people

Cargo.lock

@@ -15,7 +15,6 @@ targets = ["x86_64-unknown-linux-gnu"]
 
 [dependencies]
 array-bytes = "4.1"
-async-trait = "0.1.57"
 parking_lot = "0.12.1"
 serde_json = "1.0.85"
 thiserror = "1.0"
@@ -25,3 +24,11 @@ sp-keystore = { version = "0.13.0", path = "../../primitives/keystore" }
 
 [dev-dependencies]
 tempfile = "3.1.0"
+
+[features]
+# This feature adds BLS crypto primitives. It should not be used in production since
+# the BLS implementation and interface may still be subject to significant change.
+bls-experimental = [
+		     "sp-core/bls-experimental",
+		     "sp-keystore/bls-experimental",
+]

client/keystore/Cargo.toml

@@ -19,6 +19,8 @@
 
 use parking_lot::RwLock;
 use sp_application_crypto::{AppCrypto, AppPair, IsWrappedBy};
+#[cfg(feature = "bls-experimental")]
+use sp_core::{bls377, bls381};
 use sp_core::{
 	crypto::{ByteArray, ExposeSecret, KeyTypeId, Pair as CorePair, SecretString, VrfSecret},
 	ecdsa, ed25519, sr25519,
@@ -134,7 +136,7 @@ impl Keystore for LocalKeystore {
 
 	/// Generate a new pair compatible with the 'ed25519' signature scheme.
 	///
-	/// If the `[seed]` is `Some` then the key will be ephemeral and stored in memory.
+	/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
 	fn sr25519_generate_new(
 		&self,
 		key_type: KeyTypeId,
@@ -176,7 +178,7 @@ impl Keystore for LocalKeystore {
 
 	/// Generate a new pair compatible with the 'sr25519' signature scheme.
 	///
-	/// If the `[seed]` is `Some` then the key will be ephemeral and stored in memory.
+	/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
 	fn ed25519_generate_new(
 		&self,
 		key_type: KeyTypeId,
@@ -200,7 +202,7 @@ impl Keystore for LocalKeystore {
 
 	/// Generate a new pair compatible with the 'ecdsa' signature scheme.
 	///
-	/// If the `[seed]` is `Some` then the key will be ephemeral and stored in memory.
+	/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
 	fn ecdsa_generate_new(
 		&self,
 		key_type: KeyTypeId,
@@ -232,6 +234,60 @@ impl Keystore for LocalKeystore {
 		Ok(sig)
 	}
 
+	#[cfg(feature = "bls-experimental")]
+	fn bls381_public_keys(&self, key_type: KeyTypeId) -> Vec<bls381::Public> {
+		self.public_keys::<bls381::Pair>(key_type)
+	}
+
+	#[cfg(feature = "bls-experimental")]
+	/// Generate a new pair compatible with the 'bls381' signature scheme.
+	///
+	/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
+	fn bls381_generate_new(
+		&self,
+		key_type: KeyTypeId,
+		seed: Option<&str>,
+	) -> std::result::Result<bls381::Public, TraitError> {
+		self.generate_new::<bls381::Pair>(key_type, seed)
+	}
+
+	#[cfg(feature = "bls-experimental")]
+	fn bls381_sign(
+		&self,
+		key_type: KeyTypeId,
+		public: &bls381::Public,
+		msg: &[u8],
+	) -> std::result::Result<Option<bls381::Signature>, TraitError> {
+		self.sign::<bls381::Pair>(key_type, public, msg)
+	}
+
+	#[cfg(feature = "bls-experimental")]
+	fn bls377_public_keys(&self, key_type: KeyTypeId) -> Vec<bls377::Public> {
+		self.public_keys::<bls377::Pair>(key_type)
+	}
+
+	#[cfg(feature = "bls-experimental")]
+	/// Generate a new pair compatible with the 'bls377' signature scheme.
+	///
+	/// If `[seed]` is `Some` then the key will be ephemeral and stored in memory.
+	fn bls377_generate_new(
+		&self,
+		key_type: KeyTypeId,
+		seed: Option<&str>,
+	) -> std::result::Result<bls377::Public, TraitError> {
+		self.generate_new::<bls377::Pair>(key_type, seed)
+	}
+
+	#[cfg(feature = "bls-experimental")]
+	fn bls377_sign(
+		&self,
+		key_type: KeyTypeId,
+		public: &bls377::Public,
+		msg: &[u8],
+	) -> std::result::Result<Option<bls377::Signature>, TraitError> {
+		self.sign::<bls377::Pair>(key_type, public, msg)
+	}
+
 	fn insert(
 		&self,
 		key_type: KeyTypeId,

client/keystore/src/local.rs

@@ -0,0 +1,28 @@
+// This file is part of Substrate.
+
+// Copyright (C) Parity Technologies (UK) Ltd.
+// SPDX-License-Identifier: Apache-2.0
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// 	http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! BLS12-377 crypto applications.
+
+pub use sp_core::bls::bls377::*;
+
+mod app {
+	crate::app_crypto!(super, sp_core::testing::BLS377);
+}
+
+#[cfg(feature = "full_crypto")]
+pub use app::Pair as AppPair;
+pub use app::{Public as AppPublic, Signature as AppSignature};

primitives/application-crypto/src/bls377.rs

@@ -0,0 +1,28 @@
+// This file is part of Substrate.
+
+// Copyright (C) Parity Technologies (UK) Ltd.
+// SPDX-License-Identifier: Apache-2.0
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// 	http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! BLS12-381 crypto applications.
+
+pub use sp_core::bls::bls381::*;
+
+mod app {
+	crate::app_crypto!(super, sp_core::testing::BLS381);
+}
+
+#[cfg(feature = "full_crypto")]
+pub use app::Pair as AppPair;
+pub use app::{Public as AppPublic, Signature as AppSignature};

primitives/application-crypto/src/bls381.rs

@@ -41,6 +41,10 @@ pub use serde;
 #[doc(hidden)]
 pub use sp_std::{ops::Deref, vec::Vec};
 
+#[cfg(feature = "bls-experimental")]
+pub mod bls377;
+#[cfg(feature = "bls-experimental")]
+pub mod bls381;
 pub mod ecdsa;
 pub mod ed25519;
 pub mod sr25519;

primitives/application-crypto/src/lib.rs

@@ -52,13 +52,16 @@ secp256k1 = { version = "0.24.0", default-features = false, features = ["recover
 ss58-registry = { version = "1.34.0", default-features = false }
 sp-core-hashing = { version = "5.0.0", path = "./hashing", default-features = false, optional = true }
 sp-runtime-interface = { version = "7.0.0", default-features = false, path = "../runtime-interface" }
+# bls crypto
+w3f-bls = { version = "0.1.3", default-features = false, optional = true}
 
 [dev-dependencies]
 sp-serializer = { version = "4.0.0-dev", path = "../serializer" }
 rand = "0.8.5"
 criterion = "0.4.0"
 serde_json = "1.0"
 sp-core-hashing-proc-macro = { version = "5.0.0", path = "./hashing/proc-macro" }
+hex-literal = "0.3.4"
 
 [[bench]]
 name = "bench"
@@ -125,3 +128,7 @@ full_crypto = [
 	"sp-core-hashing",
 	"sp-runtime-interface/disable_target_static_assertions",
 ]
+
+# This feature adds BLS crypto primitives. It should not be used in production since
+# the BLS implementation and interface may still be subject to significant change.
+bls-experimental = ["w3f-bls"]