consensus_config/
crypto.rs

1// Copyright (c) Mysten Labs, Inc.
2// Modifications Copyright (c) 2024 IOTA Stiftung
3// SPDX-License-Identifier: Apache-2.0
4
5//! Here we select the cryptographic types that are used by default in the code
6//! base. The whole code base should only:
7//! - refer to those aliases and not use the individual scheme implementations
8//! - not use the schemes in a way that break genericity (e.g. using their
9//!   Struct impl functions)
10//! - swap one of those aliases to point to another type if necessary
11//!
12//! Beware: if you change those aliases to point to another scheme
13//! implementation, you will have to change all four aliases to point to
14//! concrete types that work with each other. Failure to do so will result in a
15//! ton of compilation errors, and worse: it will not make sense!
16
17use fastcrypto::{
18    bls12381, ed25519,
19    error::FastCryptoError,
20    hash::{Blake2b256, HashFunction},
21    traits::{KeyPair as _, Signer as _, ToFromBytes as _, VerifyingKey as _},
22};
23use serde::{Deserialize, Serialize};
24use shared_crypto::intent::INTENT_PREFIX_LENGTH;
25
26/// Network key is used for TLS and as the network identity of the authority.
27#[derive(Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Serialize, Deserialize)]
28pub struct NetworkPublicKey(ed25519::Ed25519PublicKey);
29pub struct NetworkPrivateKey(ed25519::Ed25519PrivateKey);
30pub struct NetworkKeyPair(ed25519::Ed25519KeyPair);
31
32impl NetworkPublicKey {
33    pub fn new(key: ed25519::Ed25519PublicKey) -> Self {
34        Self(key)
35    }
36
37    pub fn into_inner(self) -> ed25519::Ed25519PublicKey {
38        self.0
39    }
40
41    pub fn to_bytes(&self) -> [u8; 32] {
42        self.0.0.to_bytes()
43    }
44}
45
46impl NetworkPrivateKey {
47    pub fn into_inner(self) -> ed25519::Ed25519PrivateKey {
48        self.0
49    }
50}
51
52impl NetworkKeyPair {
53    pub fn new(keypair: ed25519::Ed25519KeyPair) -> Self {
54        Self(keypair)
55    }
56
57    pub fn generate<R: rand::Rng + fastcrypto::traits::AllowedRng>(rng: &mut R) -> Self {
58        Self(ed25519::Ed25519KeyPair::generate(rng))
59    }
60
61    pub fn public(&self) -> NetworkPublicKey {
62        NetworkPublicKey(self.0.public().clone())
63    }
64
65    pub fn private_key(self) -> NetworkPrivateKey {
66        NetworkPrivateKey(self.0.copy().private())
67    }
68
69    pub fn private_key_bytes(self) -> [u8; 32] {
70        self.0.private().0.to_bytes()
71    }
72}
73
74impl Clone for NetworkKeyPair {
75    fn clone(&self) -> Self {
76        Self(self.0.copy())
77    }
78}
79
80/// Protocol key is used for signing blocks and verifying block signatures.
81#[derive(Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Serialize, Deserialize)]
82pub struct ProtocolPublicKey(ed25519::Ed25519PublicKey);
83pub struct ProtocolKeyPair(ed25519::Ed25519KeyPair);
84pub struct ProtocolKeySignature(ed25519::Ed25519Signature);
85
86impl ProtocolPublicKey {
87    pub fn new(key: ed25519::Ed25519PublicKey) -> Self {
88        Self(key)
89    }
90
91    pub fn verify(
92        &self,
93        message: &[u8],
94        signature: &ProtocolKeySignature,
95    ) -> Result<(), FastCryptoError> {
96        self.0.verify(message, &signature.0)
97    }
98
99    pub fn to_bytes(&self) -> &[u8] {
100        self.0.as_bytes()
101    }
102}
103
104impl ProtocolKeyPair {
105    pub fn new(keypair: ed25519::Ed25519KeyPair) -> Self {
106        Self(keypair)
107    }
108
109    pub fn generate<R: rand::Rng + fastcrypto::traits::AllowedRng>(rng: &mut R) -> Self {
110        Self(ed25519::Ed25519KeyPair::generate(rng))
111    }
112
113    pub fn public(&self) -> ProtocolPublicKey {
114        ProtocolPublicKey(self.0.public().clone())
115    }
116
117    pub fn sign(&self, message: &[u8]) -> ProtocolKeySignature {
118        ProtocolKeySignature(self.0.sign(message))
119    }
120}
121
122impl Clone for ProtocolKeyPair {
123    fn clone(&self) -> Self {
124        Self(self.0.copy())
125    }
126}
127
128impl ProtocolKeySignature {
129    pub fn from_bytes(bytes: &[u8]) -> Result<Self, FastCryptoError> {
130        Ok(Self(ed25519::Ed25519Signature::from_bytes(bytes)?))
131    }
132
133    pub fn to_bytes(&self) -> &[u8] {
134        self.0.as_bytes()
135    }
136}
137
138/// Authority key represents the identity of an authority. It is only used for
139/// identity sanity checks and not used for verification.
140#[derive(Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Serialize, Deserialize)]
141pub struct AuthorityPublicKey(bls12381::min_sig::BLS12381PublicKey);
142pub struct AuthorityKeyPair(bls12381::min_sig::BLS12381KeyPair);
143
144impl AuthorityPublicKey {
145    pub fn new(key: bls12381::min_sig::BLS12381PublicKey) -> Self {
146        Self(key)
147    }
148
149    pub fn inner(&self) -> &bls12381::min_sig::BLS12381PublicKey {
150        &self.0
151    }
152
153    pub fn to_bytes(&self) -> &[u8] {
154        self.0.as_bytes()
155    }
156}
157
158impl AuthorityKeyPair {
159    pub fn new(keypair: bls12381::min_sig::BLS12381KeyPair) -> Self {
160        Self(keypair)
161    }
162
163    pub fn generate<R: rand::Rng + fastcrypto::traits::AllowedRng>(rng: &mut R) -> Self {
164        Self(bls12381::min_sig::BLS12381KeyPair::generate(rng))
165    }
166
167    pub fn public(&self) -> AuthorityPublicKey {
168        AuthorityPublicKey(self.0.public().clone())
169    }
170}
171
172/// Defines algorithm and format of block and commit digests.
173pub type DefaultHashFunction = Blake2b256;
174pub const DIGEST_LENGTH: usize = DefaultHashFunction::OUTPUT_SIZE;
175pub const INTENT_MESSAGE_LENGTH: usize = INTENT_PREFIX_LENGTH + DIGEST_LENGTH;