From 3d404ce17faa45bf152449ae9cffcb1fdb8ee751 Mon Sep 17 00:00:00 2001 From: Lukasz Rubaszewski Date: Fri, 12 Jan 2024 00:35:56 +0100 Subject: [PATCH] Temporarily disable BLS aggregate verify It does not work for WASM and no_std --- radix-engine-common/Cargo.toml | 7 ++++--- .../src/crypto/bls12381/private_key.rs | 1 + .../src/crypto/signature_validator.rs | 1 + .../src/api/system_modules/crypto_utils_api.rs | 1 + .../assets/blueprints/crypto_scrypto/src/lib.rs | 3 +++ radix-engine-tests/tests/system/crypto_utils.rs | 4 ++++ radix-engine/src/system/system.rs | 1 + .../system/system_modules/costing/costing_entry.rs | 2 ++ .../src/system/system_modules/costing/fee_table.rs | 1 + radix-engine/src/vm/wasm/constants.rs | 1 + radix-engine/src/vm/wasm/prepare.rs | 1 + radix-engine/src/vm/wasm/traits.rs | 1 + radix-engine/src/vm/wasm/wasmer.rs | 2 ++ radix-engine/src/vm/wasm/wasmi.rs | 3 +++ radix-engine/src/vm/wasm_runtime/no_op_runtime.rs | 1 + radix-engine/src/vm/wasm_runtime/scrypto_runtime.rs | 1 + scrypto-test/src/environment/client_api.rs | 13 +++++++++++++ scrypto/src/crypto_utils/crypto_utils.rs | 1 + scrypto/src/engine/wasm_api.rs | 1 + 19 files changed, 43 insertions(+), 3 deletions(-) diff --git a/radix-engine-common/Cargo.toml b/radix-engine-common/Cargo.toml index 82d1d62f992..27857146d9a 100644 --- a/radix-engine-common/Cargo.toml +++ b/radix-engine-common/Cargo.toml @@ -47,10 +47,11 @@ harness = false default = ["std"] serde = ["dep:serde", "utils/serde", "sbor/serde", "hex/serde"] std = ["hex/std", "sbor/std", "utils/std", "radix-engine-derive/std", "serde_json/std", "ed25519-dalek/std", "secp256k1/std", "blake2/std", "sha3/std" ] -alloc = ["hex/alloc", "sbor/alloc", "utils/alloc", "radix-engine-derive/alloc", "serde_json/alloc", "ed25519-dalek/alloc", "secp256k1/alloc", "lazy_static/spin_no_std"] +alloc = ["hex/alloc", "sbor/alloc", "utils/alloc", "radix-engine-derive/alloc", "serde_json/alloc", "ed25519-dalek/alloc", "secp256k1/alloc", "lazy_static/spin_no_std" ] -# Include crypto primitives -#crypto = ["dep:ed25519-dalek", "dep:secp256k1", "dep:blst", "dep:sha3"] +# Temporary switch to disable code related to BLS aggregate verify +# It does not work for WASM32 and no_std +enable_bls_aggregate_verify = [] # This flag is set by fuzz-tests framework and it is used to disable/enable some optional features # to let fuzzing work diff --git a/radix-engine-common/src/crypto/bls12381/private_key.rs b/radix-engine-common/src/crypto/bls12381/private_key.rs index f1c9cb07c48..2397dabd936 100644 --- a/radix-engine-common/src/crypto/bls12381/private_key.rs +++ b/radix-engine-common/src/crypto/bls12381/private_key.rs @@ -82,6 +82,7 @@ mod tests { } #[test] + #[cfg(feature = "enable_bls_aggregate_verify")] fn sign_and_verify_aggregated() { let sks: Vec = (1..11) .map(|i| Bls12381G1PrivateKey::from_u64(i).unwrap()) diff --git a/radix-engine-common/src/crypto/signature_validator.rs b/radix-engine-common/src/crypto/signature_validator.rs index cd679887113..9ba7183facc 100644 --- a/radix-engine-common/src/crypto/signature_validator.rs +++ b/radix-engine-common/src/crypto/signature_validator.rs @@ -78,6 +78,7 @@ pub fn verify_bls12381_v1( /// Performs BLS12-381 G2 aggregated signature verification of /// multiple messages each signed with different key. /// Domain specifier tag: BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_ +#[cfg(feature = "enable_bls_aggregate_verify")] pub fn aggregate_verify_bls12381_v1( pub_keys_and_msgs: &[(Bls12381G1PublicKey, Vec)], signature: &Bls12381G2Signature, diff --git a/radix-engine-interface/src/api/system_modules/crypto_utils_api.rs b/radix-engine-interface/src/api/system_modules/crypto_utils_api.rs index 74a195996f1..c02bd436c8d 100644 --- a/radix-engine-interface/src/api/system_modules/crypto_utils_api.rs +++ b/radix-engine-interface/src/api/system_modules/crypto_utils_api.rs @@ -8,6 +8,7 @@ pub trait ClientCryptoUtilsApi { signature: &Bls12381G2Signature, ) -> Result; + #[cfg(feature = "enable_bls_aggregate_verify")] fn bls12381_v1_aggregate_verify( &mut self, pub_keys_and_msgs: &[(Bls12381G1PublicKey, Vec)], diff --git a/radix-engine-tests/assets/blueprints/crypto_scrypto/src/lib.rs b/radix-engine-tests/assets/blueprints/crypto_scrypto/src/lib.rs index 8e873b5366a..cd5b250c079 100644 --- a/radix-engine-tests/assets/blueprints/crypto_scrypto/src/lib.rs +++ b/radix-engine-tests/assets/blueprints/crypto_scrypto/src/lib.rs @@ -13,12 +13,15 @@ mod component_module { CryptoUtils::bls12381_v1_verify(message, pub_key, signature) } + /* + * Uncomment once supported again: #[cfg(feature = "enable_bls_aggregate_verify")] pub fn bls12381_v1_aggregate_verify( pub_keys_msgs: Vec<(Bls12381G1PublicKey, Vec)>, signature: Bls12381G2Signature, ) -> bool { CryptoUtils::bls12381_v1_aggregate_verify(pub_keys_msgs, signature) } + */ pub fn bls12381_v1_fast_aggregate_verify( message: Vec, diff --git a/radix-engine-tests/tests/system/crypto_utils.rs b/radix-engine-tests/tests/system/crypto_utils.rs index eaabea7f937..b481863ca41 100644 --- a/radix-engine-tests/tests/system/crypto_utils.rs +++ b/radix-engine-tests/tests/system/crypto_utils.rs @@ -75,6 +75,7 @@ fn crypto_scrypto_bls12381_v1_verify( ) } +#[cfg(feature = "enable_bls_aggregate_verify")] fn crypto_scrypto_bls12381_v1_aggregate_verify( runner: &mut TestRunner, package_address: PackageAddress, @@ -236,6 +237,7 @@ fn test_crypto_scrypto_bls12381_g2_signature_aggregate() { } #[test] +#[cfg(feature = "enable_bls_aggregate_verify")] fn test_crypto_scrypto_bls12381_aggregate_verify() { // Arrange let mut test_runner = TestRunnerBuilder::new().build(); @@ -546,6 +548,7 @@ fn test_crypto_scrypto_bls12381_g2_signature_aggregate_costing() { } #[test] +#[cfg(feature = "enable_bls_aggregate_verify")] fn test_crypto_scrypto_bls12381_v1_aggregate_verify_costing() { let mut test_runner = TestRunnerBuilder::new().build(); @@ -569,6 +572,7 @@ fn test_crypto_scrypto_bls12381_v1_aggregate_verify_costing() { } #[test] +#[cfg(feature = "enable_bls_aggregate_verify")] fn test_crypto_scrypto_bls12381_v1_aggregate_verify_costing_2() { let mut test_runner = TestRunnerBuilder::new().build(); diff --git a/radix-engine/src/system/system.rs b/radix-engine/src/system/system.rs index e893815eb2e..95afb80ec50 100644 --- a/radix-engine/src/system/system.rs +++ b/radix-engine/src/system/system.rs @@ -2875,6 +2875,7 @@ where // Trace average message length and number of public_keys #[trace_resources(log={pub_keys_and_msgs.iter().flat_map(|(_, msg)| msg).count()/pub_keys_and_msgs.len()},log=pub_keys_and_msgs.len())] + #[cfg(feature = "enable_bls_aggregate_verify")] fn bls12381_v1_aggregate_verify( &mut self, pub_keys_and_msgs: &[(Bls12381G1PublicKey, Vec)], diff --git a/radix-engine/src/system/system_modules/costing/costing_entry.rs b/radix-engine/src/system/system_modules/costing/costing_entry.rs index 1730d1aad7e..045ff0a1997 100644 --- a/radix-engine/src/system/system_modules/costing/costing_entry.rs +++ b/radix-engine/src/system/system_modules/costing/costing_entry.rs @@ -115,6 +115,7 @@ pub enum ExecutionCostingEntry<'a> { Bls12381V1Verify { size: usize, }, + #[cfg(feature = "enable_bls_aggregate_verify")] Bls12381V1AggregateVerify { sizes: &'a [usize], }, @@ -191,6 +192,7 @@ impl<'a> ExecutionCostingEntry<'a> { ExecutionCostingEntry::EmitLog { size } => ft.emit_log_cost(*size), ExecutionCostingEntry::Panic { size } => ft.panic_cost(*size), ExecutionCostingEntry::Bls12381V1Verify { size } => ft.bls12381_v1_verify_cost(*size), + #[cfg(feature = "enable_bls_aggregate_verify")] ExecutionCostingEntry::Bls12381V1AggregateVerify { sizes } => { ft.bls12381_v1_aggregate_verify_cost(sizes) } diff --git a/radix-engine/src/system/system_modules/costing/fee_table.rs b/radix-engine/src/system/system_modules/costing/fee_table.rs index 94e3ae9625f..0768767709c 100644 --- a/radix-engine/src/system/system_modules/costing/fee_table.rs +++ b/radix-engine/src/system/system_modules/costing/fee_table.rs @@ -398,6 +398,7 @@ impl FeeTable { } #[inline] + #[cfg(feature = "enable_bls_aggregate_verify")] pub fn bls12381_v1_aggregate_verify_cost(&self, sizes: &[usize]) -> u32 { // Below approach does not take aggregation into account. // Summing costs pers size gives greater values. diff --git a/radix-engine/src/vm/wasm/constants.rs b/radix-engine/src/vm/wasm/constants.rs index 34ef2f84487..1ee2454ec0f 100644 --- a/radix-engine/src/vm/wasm/constants.rs +++ b/radix-engine/src/vm/wasm/constants.rs @@ -81,6 +81,7 @@ pub const SYS_PANIC_FUNCTION_NAME: &str = "sys_panic"; // Crypto Utils //================= pub const CRYPTO_UTILS_BLS12381_V1_VERIFY_FUNCTION_NAME: &str = "crypto_utils_bls12381_v1_verify"; +#[cfg(feature = "enable_bls_aggregate_verify")] pub const CRYPTO_UTILS_BLS12381_V1_AGGREGATE_VERIFY_FUNCTION_NAME: &str = "crypto_utils_bls12381_v1_aggregate_verify"; pub const CRYPTO_UTILS_BLS12381_V1_FAST_AGGREGATE_VERIFY_FUNCTION_NAME: &str = diff --git a/radix-engine/src/vm/wasm/prepare.rs b/radix-engine/src/vm/wasm/prepare.rs index 43d3014b363..10787ffa54c 100644 --- a/radix-engine/src/vm/wasm/prepare.rs +++ b/radix-engine/src/vm/wasm/prepare.rs @@ -755,6 +755,7 @@ impl WasmModule { )); } } + #[cfg(feature = "enable_bls_aggregate_verify")] CRYPTO_UTILS_BLS12381_V1_AGGREGATE_VERIFY_FUNCTION_NAME => { if let TypeRef::Func(type_index) = entry.ty { if Self::function_type_matches( diff --git a/radix-engine/src/vm/wasm/traits.rs b/radix-engine/src/vm/wasm/traits.rs index 9c887f90c18..92e204c1296 100644 --- a/radix-engine/src/vm/wasm/traits.rs +++ b/radix-engine/src/vm/wasm/traits.rs @@ -208,6 +208,7 @@ pub trait WasmRuntime { signature: Vec, ) -> Result>; + #[cfg(feature = "enable_bls_aggregate_verify")] fn crypto_utils_bls12381_v1_aggregate_verify( &mut self, pub_keys_and_msgs: Vec, diff --git a/radix-engine/src/vm/wasm/wasmer.rs b/radix-engine/src/vm/wasm/wasmer.rs index d83e6a9fe5d..a553bef6513 100644 --- a/radix-engine/src/vm/wasm/wasmer.rs +++ b/radix-engine/src/vm/wasm/wasmer.rs @@ -695,6 +695,7 @@ impl WasmerModule { runtime.crypto_utils_bls12381_v1_verify(message, public_key, signature) } + #[cfg(feature = "enable_bls_aggregate_verify")] pub fn bls12381_v1_aggregate_verify( env: &WasmerInstanceEnv, pub_keys_and_msgs_ptr: u32, @@ -862,6 +863,7 @@ impl WasmerModule { SYS_GENERATE_RUID_FUNCTION_NAME => Function::new_native_with_env(self.module.store(), env.clone(), sys_generate_ruid), BUFFER_CONSUME_FUNCTION_NAME => Function::new_native_with_env(self.module.store(), env.clone(), buffer_consume), CRYPTO_UTILS_BLS12381_V1_VERIFY_FUNCTION_NAME => Function::new_native_with_env(self.module.store(), env.clone(), bls12381_v1_verify), + #[cfg(feature = "enable_bls_aggregate_verify")] CRYPTO_UTILS_BLS12381_V1_AGGREGATE_VERIFY_FUNCTION_NAME => Function::new_native_with_env(self.module.store(), env.clone(), bls12381_v1_aggregate_verify), CRYPTO_UTILS_BLS12381_V1_FAST_AGGREGATE_VERIFY_FUNCTION_NAME => Function::new_native_with_env(self.module.store(), env.clone(), bls12381_v1_fast_aggregate_verify), CRYPTO_UTILS_BLS12381_G2_SIGNATURE_AGGREGATE_FUNCTION_NAME => Function::new_native_with_env(self.module.store(), env.clone(), bls12381_g2_signature_aggregate), diff --git a/radix-engine/src/vm/wasm/wasmi.rs b/radix-engine/src/vm/wasm/wasmi.rs index 4cfad067dba..a8bf3467949 100644 --- a/radix-engine/src/vm/wasm/wasmi.rs +++ b/radix-engine/src/vm/wasm/wasmi.rs @@ -691,6 +691,7 @@ fn bls12381_v1_verify( runtime.crypto_utils_bls12381_v1_verify(message, public_key, signature) } +#[cfg(feature = "enable_bls_aggregate_verify")] fn bls12381_v1_aggregate_verify( mut caller: Caller<'_, HostState>, pub_keys_and_msgs_ptr: u32, @@ -1363,6 +1364,7 @@ impl WasmiModule { }, ); + #[cfg(feature = "enable_bls_aggregate_verify")] let host_bls12381_v1_aggregate_verify = Func::wrap( store.as_context_mut(), |caller: Caller<'_, HostState>, @@ -1585,6 +1587,7 @@ impl WasmiModule { CRYPTO_UTILS_BLS12381_V1_VERIFY_FUNCTION_NAME, host_bls12381_v1_verify ); + #[cfg(feature = "enable_bls_aggregate_verify")] linker_define!( linker, CRYPTO_UTILS_BLS12381_V1_AGGREGATE_VERIFY_FUNCTION_NAME, diff --git a/radix-engine/src/vm/wasm_runtime/no_op_runtime.rs b/radix-engine/src/vm/wasm_runtime/no_op_runtime.rs index f26a28f8d1b..8bca0fe3c50 100644 --- a/radix-engine/src/vm/wasm_runtime/no_op_runtime.rs +++ b/radix-engine/src/vm/wasm_runtime/no_op_runtime.rs @@ -315,6 +315,7 @@ impl<'a> WasmRuntime for NoOpWasmRuntime<'a> { Err(InvokeError::SelfError(WasmRuntimeError::NotImplemented)) } + #[cfg(feature = "enable_bls_aggregate_verify")] fn crypto_utils_bls12381_v1_aggregate_verify( &mut self, pub_keys_and_msgs: Vec, diff --git a/radix-engine/src/vm/wasm_runtime/scrypto_runtime.rs b/radix-engine/src/vm/wasm_runtime/scrypto_runtime.rs index 45db7867a0a..1ca91600e82 100644 --- a/radix-engine/src/vm/wasm_runtime/scrypto_runtime.rs +++ b/radix-engine/src/vm/wasm_runtime/scrypto_runtime.rs @@ -577,6 +577,7 @@ where Ok(result) } + #[cfg(feature = "enable_bls_aggregate_verify")] fn crypto_utils_bls12381_v1_aggregate_verify( &mut self, pub_keys_and_msgs: Vec, diff --git a/scrypto-test/src/environment/client_api.rs b/scrypto-test/src/environment/client_api.rs index c760cff248f..33f4bf12086 100644 --- a/scrypto-test/src/environment/client_api.rs +++ b/scrypto-test/src/environment/client_api.rs @@ -275,6 +275,19 @@ implement_client_api! { tip_percentage: (&mut self) -> Result, fee_balance: (&mut self) -> Result, }, +} + +#[cfg(not(feature = "enable_bls_aggregate_verify"))] +implement_client_api! { + ClientCryptoUtilsApi: { + bls12381_v1_verify: (&mut self, message: &[u8], public_key: &Bls12381G1PublicKey, signature: &Bls12381G2Signature) -> Result, + bls12381_v1_fast_aggregate_verify: (&mut self, message: &[u8], public_keys: &[Bls12381G1PublicKey], signature: &Bls12381G2Signature) -> Result, + bls12381_g2_signature_aggregate: (&mut self, signatures: &[Bls12381G2Signature]) -> Result, + keccak256_hash: (&mut self, data: &[u8]) -> Result, + }, +} +#[cfg(feature = "enable_bls_aggregate_verify")] +implement_client_api! { ClientCryptoUtilsApi: { bls12381_v1_verify: (&mut self, message: &[u8], public_key: &Bls12381G1PublicKey, signature: &Bls12381G2Signature) -> Result, bls12381_v1_aggregate_verify: (&mut self, pub_keys_and_msgs: &[(Bls12381G1PublicKey, Vec)], signature: &Bls12381G2Signature) -> Result, diff --git a/scrypto/src/crypto_utils/crypto_utils.rs b/scrypto/src/crypto_utils/crypto_utils.rs index 2687f1dbe6e..5a33ff43fe4 100644 --- a/scrypto/src/crypto_utils/crypto_utils.rs +++ b/scrypto/src/crypto_utils/crypto_utils.rs @@ -33,6 +33,7 @@ impl CryptoUtils { /// Performs BLS12-381 G2 aggregated signature verification of /// multiple messages each signed with different key. /// Domain specifier tag: BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_ + #[cfg(feature = "enable_bls_aggregate_verify")] pub fn bls12381_v1_aggregate_verify( pub_keys_and_msgs: Vec<(Bls12381G1PublicKey, Vec)>, signature: Bls12381G2Signature, diff --git a/scrypto/src/engine/wasm_api.rs b/scrypto/src/engine/wasm_api.rs index fda3b0c7dd2..1ca72a429a0 100644 --- a/scrypto/src/engine/wasm_api.rs +++ b/scrypto/src/engine/wasm_api.rs @@ -297,6 +297,7 @@ pub mod crypto_utils { signature_ptr: *const u8, signature_len: usize) -> u32; + #[cfg(feature = "enable_bls_aggregate_verify")] pub fn crypto_utils_bls12381_v1_aggregate_verify( pub_keys_and_msgs_ptr: *const u8, pub_keys_and_msgs_len: usize,