Skip to content

Commit

Permalink
feat(sidecar): verify roots with specific domain
Browse files Browse the repository at this point in the history
  • Loading branch information
merklefruit committed Oct 7, 2024
1 parent 72e06d0 commit d5a3b3f
Showing 1 changed file with 31 additions and 13 deletions.
44 changes: 31 additions & 13 deletions bolt-sidecar/src/crypto/bls.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,6 @@ pub type BLSSig = FixedBytes<96>;
pub trait SignableBLS {
/// Returns the digest of the object.
fn digest(&self) -> [u8; 32];

/// Verify the signature of the object with the given public key.
///
/// Note: The default implementation should be used where possible.
fn verify(&self, signature: &Signature, pubkey: &BlsPublicKey) -> bool {
signature.verify(false, &self.digest(), BLS_DST_PREFIX, &[], pubkey, true) ==
BLST_ERROR::BLST_SUCCESS
}
}

/// A generic signing trait to generate BLS signatures.
Expand Down Expand Up @@ -81,14 +73,40 @@ impl Signer {
Ok(BLSSig::from_slice(&sig.to_bytes()))
}

/// Verify the signature with the public key of the signer using the Application Builder domain.
pub fn verify_application_builder_root(
&self,
root: [u8; 32],
signature: &Signature,
) -> eyre::Result<()> {
self.verify_root(root, signature, &self.pubkey(), self.chain.builder_domain())
}

/// Verify the signature with the public key of the signer using the Commit Boost domain.
pub fn verify_commit_boost_root(
&self,
root: [u8; 32],
signature: &Signature,
) -> eyre::Result<()> {
self.verify_root(root, signature, &self.pubkey(), self.chain.commit_boost_domain())
}

/// Verify the signature of the object with the given public key.
pub fn verify<T: SignableBLS>(
pub fn verify_root(
&self,
obj: &T,
root: [u8; 32],
signature: &Signature,
pubkey: &BlsPublicKey,
) -> bool {
obj.verify(signature, pubkey)
domain: [u8; 32],
) -> eyre::Result<()> {
let signing_root = compute_signing_root(&root, domain)?;

let res = signature.verify(true, signing_root.as_ref(), BLS_DST_PREFIX, &[], pubkey, true);
if res == BLST_ERROR::BLST_SUCCESS {
Ok(())
} else {
eyre::bail!(format!("Invalid signature: {:?}", res))
}
}
}

Expand Down Expand Up @@ -133,6 +151,6 @@ mod tests {

let signature = signer.sign_commit_boost_root(msg.digest()).unwrap();
let sig = blst::min_pk::Signature::from_bytes(signature.as_ref()).unwrap();
assert!(signer.verify(&msg, &sig, &signer.pubkey()));
assert!(signer.verify_commit_boost_root(msg.digest(), &sig).is_ok());
}
}

0 comments on commit d5a3b3f

Please sign in to comment.