Elliptic curve functions (#1927)

* feature: elliptic curves functions

Signed-off-by: Dmitriy Khaustov aka xDimon <[email protected]>

* hotfix

Signed-off-by: Dmitriy Khaustov aka xDimon <[email protected]>

---------

Signed-off-by: Dmitriy Khaustov aka xDimon <[email protected]>

cmake/Hunter/config.cmake

@@ -74,6 +74,13 @@ if ("${WASM_COMPILER}" STREQUAL "WAVM")
   )
 endif ()
 
+hunter_config(
+    arkworks_crust
+    URL  https://github.com/qdrvm/arkworks-crust/archive/843300a0ef85777761a4c1acc0acf158e986c6ca.tar.gz
+    SHA1 ec88913a9d2de264c5ce9f5bbe13d9ec7d135ce3
+    KEEP_PACKAGE_SOURCES
+)
+
 hunter_config(
     libsecp256k1
     VERSION 0.4.1-qdrvm1

cmake/dependencies.cmake

@@ -56,6 +56,9 @@ find_package(erasure_coding_crust CONFIG REQUIRED)
 hunter_add_package(schnorrkel_crust)
 find_package(schnorrkel_crust CONFIG REQUIRED)
 
+hunter_add_package(arkworks_crust)
+find_package(arkworks_crust CONFIG REQUIRED)
+
 hunter_add_package(jsonrpc-lean)
 find_package(jsonrpc-lean REQUIRED)
 

core/application/chain_spec.hpp

@@ -38,8 +38,8 @@ namespace kagome::application {
     virtual const std::vector<libp2p::multi::Multiaddress> &bootNodes()
         const = 0;
 
-    virtual const std::vector<std::pair<std::string, size_t>> &
-    telemetryEndpoints() const = 0;
+    virtual const std::vector<std::pair<std::string, size_t>>
+        &telemetryEndpoints() const = 0;
 
     virtual const std::string &protocolId() const = 0;
 

core/consensus/grandpa/impl/environment_impl.cpp

@@ -464,21 +464,21 @@ namespace kagome::consensus::grandpa {
     auto key_owner_proof_res = grandpa_api_->generate_key_ownership_proof(
         last_finalized.hash, authority_set_id, equivocation.offender());
     if (key_owner_proof_res.has_error()) {
-      SL_WARN(
-          logger_,
-          "Round #{}: can't generate key ownership proof for equivocation report: {}",
-          equivocation.round(),
-          key_owner_proof_res.error());
+      SL_WARN(logger_,
+              "Round #{}: "
+              "can't generate key ownership proof for equivocation report: {}",
+              equivocation.round(),
+              key_owner_proof_res.error());
       return key_owner_proof_res.as_failure();
     }
     const auto &key_owner_proof_opt = key_owner_proof_res.value();
 
     if (not key_owner_proof_opt.has_value()) {
-      SL_DEBUG(
-          logger_,
-          "Round #{}: can't generate key ownership proof for equivocation report: "
-          "Equivocation offender is not part of the authority set.",
-          equivocation.round());
+      SL_DEBUG(logger_,
+               "Round #{}: "
+               "can't generate key ownership proof for equivocation report: "
+               "Equivocation offender is not part of the authority set.",
+               equivocation.round());
       return outcome::success();  // ensure if an error type is right
     }
     const auto &key_owner_proof = key_owner_proof_opt.value();

core/crypto/CMakeLists.txt

@@ -13,108 +13,117 @@ kagome_install(kagome_crypto)
 
 add_library(hasher
     hasher/hasher_impl.cpp
-    )
+)
 target_link_libraries(hasher
     blake2
     twox
     sha
     keccak
-    )
+)
 kagome_install(hasher)
 
 add_library(sr25519_types
     sr25519_types.cpp
-    )
+)
 target_link_libraries(sr25519_types
     mp_utils
     blob
     schnorrkel_crust::schnorrkel_crust
     kagome_crypto
-    )
+)
 kagome_install(sr25519_types)
 
 add_library(ed25519_types
     ed25519_types.cpp
     ed25519_types.hpp
-    )
+)
 target_link_libraries(ed25519_types
     blob
     scale::scale
     schnorrkel_crust::schnorrkel_crust
     kagome_crypto
-    )
+)
 kagome_install(ed25519_types)
 
 add_library(vrf_provider
     vrf/vrf_provider_impl.cpp
-    )
+)
 target_link_libraries(vrf_provider
     mp_utils
     sr25519_types
     blob
     p2p::p2p_random_generator # generator from libp2p
     kagome_crypto
-    )
+)
 kagome_install(vrf_provider)
 
 add_library(sr25519_provider
     sr25519/sr25519_provider_impl.cpp
-    )
+)
 target_link_libraries(sr25519_provider
     p2p::p2p_random_generator # generator from libp2p
     sr25519_types
-    )
+)
 kagome_install(sr25519_provider)
 
 add_library(ecdsa_provider
     ecdsa/ecdsa_provider_impl.cpp
     ecdsa_types.cpp
-    )
+)
 target_link_libraries(ecdsa_provider
     hasher
     logger
     secp256k1_provider
     kagome_crypto
-    )
+)
 kagome_install(ecdsa_provider)
 
 add_library(ed25519_provider
     ed25519/ed25519_provider_impl.cpp
-    )
+)
 target_link_libraries(ed25519_provider
     ed25519_types
     hasher
     logger
     schnorrkel_crust::schnorrkel_crust
-    )
+)
 kagome_install(ed25519_provider)
 
 add_library(secp256k1_provider
     secp256k1/secp256k1_provider_impl.cpp
-    )
+)
 target_link_libraries(secp256k1_provider
     PUBLIC
     OpenSSL::Crypto
     OpenSSL::SSL
     blob
     libsecp256k1::secp256k1
     scale::scale
-    )
+)
 kagome_install(
     secp256k1_provider
 )
 
 add_library(pbkdf2_provider
     pbkdf2/impl/pbkdf2_provider_impl.cpp
-    )
+)
 target_link_libraries(pbkdf2_provider
     PUBLIC
     OpenSSL::SSL
     OpenSSL::Crypto
     blob
-    )
+)
 kagome_install(pbkdf2_provider)
 
+add_library(elliptic_curves
+    elliptic_curves/elliptic_curves_impl.cpp
+)
+target_link_libraries(elliptic_curves
+    logger
+    arkworks_crust::arkworks_crust
+)
+kagome_install(elliptic_curves)
+
 add_subdirectory(bip39)
 add_subdirectory(blake2)
 add_subdirectory(key_store)

core/crypto/elliptic_curves.hpp

@@ -0,0 +1,88 @@
+/**
+ * Copyright Quadrivium LLC
+ * All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#pragma once
+
+#include "common/blob.hpp"
+#include "common/buffer.hpp"
+#include "common/buffer_view.hpp"
+
+namespace kagome::crypto {
+
+  class EllipticCurves {
+   public:
+    virtual ~EllipticCurves() = default;
+
+    /**
+     * Pairing multi Miller loop for BLS12-381.
+     * @param a
+     *   ArkScale<Vec<ark_ec::bls12::G1Prepared::<ark_bls12_381::Config>>>
+     * @param b
+     *   ArkScale<Vec<ark_ec::bls12::G1Prepared::<ark_bls12_381::Config>>>
+     * @return ArkScale<MillerLoopOutput<Bls12<ark_bls12_381::Config>>>
+     */
+    virtual outcome::result<common::Buffer> bls12_381_multi_miller_loop(
+        common::BufferView a, common::BufferView b) const = 0;
+
+    /**
+     * Pairing final exponentiation for BLS12-381.
+     * @param f ArkScale<MillerLoopOutput<Bls12<ark_bls12_381::Config>>>
+     * @return ArkScale<PairingOutput<Bls12<ark_bls12_381::Config>>>
+     */
+    virtual outcome::result<common::Buffer> bls12_381_final_exponentiation(
+        common::BufferView f) const = 0;
+
+    /**
+     * Projective multiplication on G1 for BLS12-381.
+     * @param base ArkScaleProjective<ark_bls12_381::G1Projective>
+     * @param scalar ArkScale<&[u64]>
+     * @return ArkScaleProjective<ark_bls12_381::G1Projective>
+     */
+    virtual outcome::result<common::Buffer> bls12_381_mul_projective_g1(
+        common::BufferView base, common::BufferView scalar) const = 0;
+
+    /**
+     * Projective multiplication on G2 for BLS12-381.
+     * @param base ArkScaleProjective<ark_bls12_381::G2Projective>
+     * @param scalar ArkScale<&[u64]>
+     * @return ArkScaleProjective<ark_bls12_381::G2Projective>
+     */
+    virtual outcome::result<common::Buffer> bls12_381_mul_projective_g2(
+        common::BufferView base, common::BufferView scalar) const = 0;
+
+    /**
+     * Multi scalar multiplication on G1 for BLS12-381.
+     * @param bases ArkScale<&[ark_bls12_381::G1Affine]>
+     * @param scalars ArkScale<&[ark_bls12_381::Fr]>
+     * @return ArkScaleProjective<ark_bls12_381::G1Projective>
+     */
+    virtual outcome::result<common::Buffer> bls12_381_msm_g1(
+        common::BufferView bases, common::BufferView scalars) const = 0;
+
+    /**
+     * Multi scalar multiplication on G2 for BLS12-381.
+     * @param bases ArkScale<&[ark_bls12_381::G2Affine]>
+     * @param scalars ArkScale<&[ark_bls12_381::Fr]>
+     * @return ArkScaleProjective<ark_bls12_381::G2Projective>
+     */
+    virtual outcome::result<common::Buffer> bls12_381_msm_g2(
+        common::BufferView bases, common::BufferView scalars) const = 0;
+
+    /**
+     * Short Weierstrass projective multiplication for
+     * Ed-on-BLS12-381-Bandersnatch.
+     * @param base
+     *   ArkScaleProjective<ark_ed_on_bls12_381_bandersnatch::SWProjective>
+     * @param scalar ArkScale<&[u64]>
+     * @return
+     *   ArkScaleProjective<ark_ed_on_bls12_381_bandersnatch::SWProjective>
+     */
+    virtual outcome::result<common::Buffer>
+    ed_on_bls12_381_bandersnatch_sw_mul_projective(
+        common::BufferView base, common::BufferView scalar) const = 0;
+  };
+
+}  // namespace kagome::crypto

core/crypto/elliptic_curves/elliptic_curves_impl.cpp

@@ -0,0 +1,83 @@
+/**
+ * Copyright Quadrivium LLC
+ * All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include "crypto/elliptic_curves/elliptic_curves_impl.hpp"
+
+#include "common/buffer.hpp"
+#include "common/buffer_view.hpp"
+
+#include <arkworks_crust.h>
+
+OUTCOME_CPP_DEFINE_CATEGORY(kagome::crypto, EllipticCurvesError, e) {
+  using E = decltype(e);
+  switch (e) {
+    case E::ARKWORKS_RETURN_ERROR:
+      return "Arkworks function call returned error";
+  }
+  return "unknown error (kagome::crypto::EllipticCurvesError)";
+}
+
+namespace kagome::crypto {
+
+  namespace {
+    ::BytesVec convert(common::BufferView view) {
+      return {.data = const_cast<uint8_t *>(view.data()), .size = view.size()};
+    }
+    outcome::result<common::Buffer> convert(::Result res) {
+      if (res.tag == ::RESULT_OK) {
+        // TODO avoid coping to runtime
+        common::Buffer buf(res.ok.data, res.ok.data + res.ok.size);
+        ::AWCR_deallocate_bytesvec(&res.ok);
+        return buf;
+      }
+      return EllipticCurvesError::ARKWORKS_RETURN_ERROR;
+    }
+  }  // namespace
+
+  outcome::result<common::Buffer>
+  EllipticCurvesImpl::bls12_381_multi_miller_loop(common::BufferView a,
+                                                  common::BufferView b) const {
+    return convert(::bls12_381_multi_miller_loop(convert(a), convert(b)));
+  }
+
+  outcome::result<common::Buffer>
+  EllipticCurvesImpl::bls12_381_final_exponentiation(
+      common::BufferView f) const {
+    return convert(::bls12_381_final_exponentiation(convert(f)));
+  }
+
+  outcome::result<common::Buffer>
+  EllipticCurvesImpl::bls12_381_mul_projective_g1(
+      common::BufferView base, common::BufferView scalar) const {
+    return convert(
+        ::bls12_381_mul_projective_g1(convert(base), convert(scalar)));
+  }
+
+  outcome::result<common::Buffer>
+  EllipticCurvesImpl::bls12_381_mul_projective_g2(
+      common::BufferView base, common::BufferView scalar) const {
+    return convert(
+        ::bls12_381_mul_projective_g2(convert(base), convert(scalar)));
+  }
+
+  outcome::result<common::Buffer> EllipticCurvesImpl::bls12_381_msm_g1(
+      common::BufferView bases, common::BufferView scalars) const {
+    return convert(::bls12_381_msm_g1(convert(bases), convert(scalars)));
+  }
+
+  outcome::result<common::Buffer> EllipticCurvesImpl::bls12_381_msm_g2(
+      common::BufferView bases, common::BufferView scalars) const {
+    return convert(::bls12_381_msm_g2(convert(bases), convert(scalars)));
+  }
+
+  outcome::result<common::Buffer>
+  EllipticCurvesImpl::ed_on_bls12_381_bandersnatch_sw_mul_projective(
+      common::BufferView base, common::BufferView scalar) const {
+    return convert(::ed_on_bls12_381_bandersnatch_sw_mul_projective(
+        convert(base), convert(scalar)));
+  }
+
+}  // namespace kagome::crypto