Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add BLS aggregation features to CryptoUtils module #1666

Merged
merged 37 commits into from
Jan 12, 2024
Merged

Add BLS aggregation features to CryptoUtils module #1666

merged 37 commits into from
Jan 12, 2024

Conversation

lrubasze
Copy link
Contributor

Summary

This PR adds following API methods to CryptoUtils:

  • bls12381_g2_signature_aggregate()
    Aggregate given BLS12-381 G2 signatures into single one
  • bls12381_v1_aggregate_verify()
    Perform BLS12-381 G2 aggregated signature verification of multiple messages, where each is signed with different key
  • bls12381_v1_fast_aggregate_verify()
    Performs BLS12-381 G2 aggregated signature verification of single message signed with different keys

Details

Proposed API was inspired by:

TODO: Costing

Testing

  • some tests added to bls12381 (in radix-engine-common) module implementation
  • Test CryptoUtils module using CryptoScrypto test blueprint

@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 21, 2023
edited
Loading

Benchmark for 44b06fe

Click to view benchmark
Test Base PR %
costing::bench_prepare_wasm 63.7±0.35ms 65.1±0.29ms +2.20%
costing::decode_sbor 13.2±0.01µs 13.1±0.15µs -0.76%
costing::decode_sbor_bytes 35.5±0.03µs 38.0±0.02µs +7.04%
costing::deserialize_wasm 1240.9±4.19µs 1233.0±2.01µs -0.64%
costing::instantiate_flash_loan 5.1±0.07ms 5.1±0.06ms 0.00%
costing::instantiate_radiswap 5.0±0.06ms 5.0±0.05ms 0.00%
costing::spin_loop 21.5±0.01ms 22.2±0.01ms +3.26%
costing::validate_sbor_payload 24.2±0.02µs 24.7±0.03µs +2.07%
costing::validate_sbor_payload_bytes 336.8±0.31ns 339.1±0.33ns +0.68%
costing::validate_secp256k1 80.1±0.08µs 80.3±0.33µs +0.25%
costing::validate_wasm 34.5±0.08ms 34.7±0.07ms +0.58%
decimal::add/0 7.2±0.00ns 7.2±0.00ns 0.00%
decimal::add/rust-native 9.5±0.00ns 9.5±0.00ns 0.00%
decimal::add/wasmer 134.1±0.07ns 138.0±0.06ns +2.91%
decimal::add/wasmer-call-native 517.8±1.21ns 518.4±0.76ns +0.12%
decimal::add/wasmi 441.4±0.08ns 448.5±0.09ns +1.61%
decimal::add/wasmi-call-native 3.5±0.02µs 3.4±0.02µs -2.86%
decimal::div/0 165.0±0.08ns 166.7±0.04ns +1.03%
decimal::from_string/0 153.1±0.27ns 152.2±0.41ns -0.59%
decimal::mul/0 128.2±0.09ns 129.0±0.07ns +0.62%
decimal::mul/rust-native 131.6±0.14ns 132.1±0.07ns +0.38%
decimal::mul/wasmer 1734.5±1.13ns 1733.8±0.56ns -0.04%
decimal::mul/wasmer-call-native 652.3±0.32ns 654.3±0.51ns +0.31%
decimal::mul/wasmi 26.6±0.03µs 27.3±0.04µs +2.63%
decimal::mul/wasmi-call-native 3.7±0.02µs 3.5±0.01µs -5.41%
decimal::pow/0 624.0±0.09ns 621.7±0.16ns -0.37%
decimal::pow/rust-native 607.5±0.35ns 606.6±0.74ns -0.15%
decimal::pow/wasmer 7.6±0.01µs 7.5±0.00µs -1.32%
decimal::pow/wasmer-call-native 1079.4±0.26ns 1073.1±2.42ns -0.58%
decimal::pow/wasmi 125.9±0.08µs 128.5±0.09µs +2.07%
decimal::pow/wasmi-call-native 3.5±0.02µs 3.4±0.01µs -2.86%
decimal::root/0 9.0±0.00µs 9.1±0.00µs +1.11%
decimal::sub/0 7.2±0.00ns 7.2±0.01ns 0.00%
decimal::to_string/0 486.1±0.20ns 485.3±0.12ns -0.16%
precise_decimal::add/0 8.0±0.00ns 8.6±0.00ns +7.50%
precise_decimal::add/rust-native 10.4±0.01ns 10.4±0.02ns 0.00%
precise_decimal::add/wasmer 138.8±0.22ns 141.0±0.06ns +1.59%
precise_decimal::add/wasmer-call-native 531.0±0.14ns 534.0±1.15ns +0.56%
precise_decimal::add/wasmi 533.4±0.06ns 532.1±0.09ns -0.24%
precise_decimal::add/wasmi-call-native 3.8±0.03µs 3.7±0.02µs -2.63%
precise_decimal::div/0 260.1±0.09ns 261.8±0.21ns +0.65%
precise_decimal::from_string/0 199.3±0.14ns 200.1±0.18ns +0.40%
precise_decimal::mul/0 279.6±0.08ns 281.1±0.15ns +0.54%
precise_decimal::mul/rust-native 263.4±0.12ns 259.9±0.12ns -1.33%
precise_decimal::mul/wasmer 4.0±0.00µs 4.0±0.00µs 0.00%
precise_decimal::mul/wasmer-call-native 821.4±0.33ns 821.2±0.13ns -0.02%
precise_decimal::mul/wasmi 74.8±0.05µs 76.1±0.07µs +1.74%
precise_decimal::mul/wasmi-call-native 4.1±0.03µs 4.0±0.03µs -2.44%
precise_decimal::pow/0 1566.9±1.58ns 1566.3±1.87ns -0.04%
precise_decimal::pow/rust-native 1284.3±0.64ns 1277.1±0.39ns -0.56%
precise_decimal::pow/wasmer 19.0±0.06µs 19.0±0.01µs 0.00%
precise_decimal::pow/wasmer-call-native 2.0±0.00µs 2.0±0.00µs 0.00%
precise_decimal::pow/wasmi 361.8±0.32µs 369.1±0.18µs +2.02%
precise_decimal::pow/wasmi-call-native 7.5±0.03µs 7.6±0.05µs +1.33%
precise_decimal::root/0 61.6±0.07µs 61.2±0.02µs -0.65%
precise_decimal::sub/0 8.3±0.00ns 8.9±0.00ns +7.23%
precise_decimal::to_string/0 741.6±0.29ns 744.3±0.17ns +0.36%
schema::validate_payload 324.6±0.27µs 332.2±0.47µs +2.34%
transaction::radiswap 5.2±0.04ms 5.3±0.06ms +1.92%
transaction::transfer 1686.6±3.07µs 1698.2±4.08µs +0.69%
transaction_processing::prepare 2.4±0.00ms 2.4±0.00ms 0.00%
transaction_processing::prepare_and_decompile 6.2±0.02ms 6.1±0.01ms -1.61%
transaction_processing::prepare_and_decompile_and_recompile 22.8±0.13ms 23.7±0.15ms +3.95%
transaction_validation::validate_manifest 43.8±0.59µs 43.7±0.16µs -0.23%
transaction_validation::verify_bls_2KB 1027.1±11.62µs 1013.6±10.01µs -1.31%
transaction_validation::verify_bls_32B 999.8±1.02µs 1004.5±3.05µs +0.47%
transaction_validation::verify_ecdsa 77.9±0.05µs 77.9±0.06µs 0.00%
transaction_validation::verify_ed25519 51.8±0.03µs 51.6±0.74µs -0.39%

0xOmarA
0xOmarA reviewed Jan 8, 2024
View reviewed changes
radix-engine-tests/tests/system/crypto_utils.rs Outdated Show resolved Hide resolved
radix-engine/src/system/system.rs
}

#[trace_resources(log=signatures.len())]
fn bls12381_g2_signature_aggregate(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that we can also aggregate public keys, is this something that we should add? Would any of the integrators we know of have a use for it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to Supra, they will need only the basic BLS functionality introduced here: #1661

When researching the BLS I found that signature aggregation is more of a use in terms of Oracles.
eg.
https://www.researchgate.net/publication/350462947_Trusted_Blockchain_Oracle_Scheme_Based_on_Aggregate_Signature

radix-engine/src/vm/wasm_runtime/scrypto_runtime.rs Outdated Show resolved Hide resolved
scrypto/src/crypto_utils/crypto_utils.rs Outdated Show resolved Hide resolved
radix-engine-tests/tests/system/crypto_utils.rs Outdated Show resolved Hide resolved
0xOmarA
0xOmarA reviewed Jan 8, 2024
View reviewed changes
Copy link
Member

@0xOmarA 0xOmarA left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just a few minor comments.

@lrubasze lrubasze force-pushed the feature/bls_signatures branch from e5650ff to 69d1642 Compare January 11, 2024 12:48
lrubasze and others added 24 commits January 11, 2024 19:31
@lrubasze
Add support for BLS aggregated signatures and public keys
0a7b51b
@lrubasze
Fixes for WASM and cleanup
f3fad9f
@lrubasze
Improve resource tracing for CryptoUtils API
6d982d0
@lrubasze
Add bls12381_g2_signature_aggregate() to CryptoUtils API
453131e
@lrubasze
Implement Display for ParseBlsSignatureError
7001c43
@lrubasze
Finish adding bls12381_g2_signature_aggregate() to CryptoUtils API
dc740bd
@lrubasze
Test bls12381_g2_signature_aggregate()
3eb85d6
@lrubasze
Add TODO costing note
7c89f75
@lrubasze
Use references in ClientCryptoUtilsApi
f79fadf
@lrubasze
Add bls12381_v1_aggregate_verify() to CryptoUtils API
9c2728a
@lrubasze
Cleanup in crypto_utils tests
01ac0ca
@lrubasze
Add bls12381_v1_aggregate_verify() to CryptoUtils API
088307e
@lrubasze
Test bls12381_v1_aggregate_verify()
6f88c1b
@lrubasze
Fix resources tracing
65621f5
@lrubasze
Add bls12381_v1_fast_aggregate_verify() to CryptoUtils API
e49d3a2
@lrubasze
Test bls12381_v1_fast_aggregate_verify()
101cc14
@lrubasze
Temporarily set dummy resources tracing for bls12381_v1_aggregate_verify
d3bda78
@lrubasze
Comment fixed
1dc2b4d
@lrubasze
Fix resources tracing for bls12381_v1_aggregate_verify
fc27033
@lrubasze
Add more Keccak256 and BLS12381 tests for costing
385ea47
@mstrug-rdx @lrubasze
Disabled cpu parameter in qemu call due to some incompatibility issues.
d5e469a
@lrubasze
Add Keccak256 and Bls12381 costing basing on benches
46407f6
@lrubasze
Rework Keccak256 and Bls12381 costing to rely on instruction count
b18f6d8
@lrubasze
Add costing for remaining Bls12381 methods
35a4762
@lrubasze lrubasze force-pushed the feature/crypto_utils_aggregate branch from 34ee3d8 to 3d404ce Compare January 11, 2024 23:45
@lrubasze
Temporarily disable BLS aggregate verify
eca021b 
It does not work for WASM and no_std
@lrubasze lrubasze force-pushed the feature/crypto_utils_aggregate branch from 3d404ce to eca021b Compare January 12, 2024 00:11
@lrubasze lrubasze merged commit 7b9cd04 into feature/bls_signatures Jan 12, 2024
23 of 25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xOmarA 0xOmarA 0xOmarA approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lrubasze @0xOmarA @mstrug-rdx