chainsafe-bls/src/blst-native/signature.ts

import * as blst from "@chainsafe/blst";
import {bytesToHex, hexToBytes} from "../helpers/index.js";
import {PointFormat, Signature as ISignature} from "../types.js";
import {PublicKey} from "./publicKey.js";
import {EmptyAggregateError, ZeroSignatureError} from "../errors.js";

export class Signature extends blst.Signature implements ISignature {
  constructor(value: ConstructorParameters<typeof blst.Signature>[0]) {
    super(value);
  }

  /** @param type Defaults to `CoordType.affine` */
  static fromBytes(bytes: Uint8Array, type?: blst.CoordType, validate = true): Signature {
    const sig = blst.Signature.fromBytes(bytes, type);
    if (validate) sig.sigValidate();
    return new Signature(sig.value);
  }

  static fromHex(hex: string): Signature {
    return this.fromBytes(hexToBytes(hex));
  }

  static aggregate(signatures: Signature[]): Signature {
    if (signatures.length === 0) {
      throw new EmptyAggregateError();
    }

    const agg = blst.aggregateSignatures(signatures);
    return new Signature(agg.value);
  }

  static verifyMultipleSignatures(sets: {publicKey: PublicKey; message: Uint8Array; signature: Signature}[]): boolean {
    return blst.verifyMultipleAggregateSignatures(
      sets.map((s) => ({msg: s.message, pk: s.publicKey, sig: s.signature}))
    );
  }

  verify(publicKey: PublicKey, message: Uint8Array): boolean {
    // Individual infinity signatures are NOT okay. Aggregated signatures MAY be infinity
    if (this.value.is_inf()) {
      throw new ZeroSignatureError();
    }

    return blst.verify(message, publicKey, this);
  }

  verifyAggregate(publicKeys: PublicKey[], message: Uint8Array): boolean {
    return blst.fastAggregateVerify(message, publicKeys, this);
  }

  verifyMultiple(publicKeys: PublicKey[], messages: Uint8Array[]): boolean {
    return blst.aggregateVerify(messages, publicKeys, this);
  }

  toBytes(format?: PointFormat): Uint8Array {
    if (format === PointFormat.uncompressed) {
      return this.value.serialize();
    } else {
      return this.value.compress();
    }
  }

  toHex(format?: PointFormat): string {
    return bytesToHex(this.toBytes(format));
  }

  private aggregateVerify(msgs: Uint8Array[], pks: blst.PublicKey[]): boolean {
    // If this set is simply an infinity signature and infinity publicKey then skip verification.
    // This has the effect of always declaring that this sig/publicKey combination is valid.
    // for Eth2.0 specs tests
    if (this.value.is_inf() && pks.length === 1 && pks[0].value.is_inf()) {
      return true;
    }

    return blst.aggregateVerify(msgs, pks, this);
  }
}
Co-exist implementations 2020-11-19 13:22:41 +00:00			`import * as blst from "@chainsafe/blst";`
feat: use esm BREAKING CHANGE: Only esm is exported, no commonjs Named exports (excluding `bls`) are no longer exported from the root. `browser` and `node` exports are removed in favor of implementation-specific naming. 2022-04-11 15:08:15 +00:00			`import {bytesToHex, hexToBytes} from "../helpers/index.js";`
Tweaks and upgrade karma/webpack 2022-04-14 17:16:06 +00:00			`import {PointFormat, Signature as ISignature} from "../types.js";`
feat: use esm BREAKING CHANGE: Only esm is exported, no commonjs Named exports (excluding `bls`) are no longer exported from the root. `browser` and `node` exports are removed in favor of implementation-specific naming. 2022-04-11 15:08:15 +00:00			`import {PublicKey} from "./publicKey.js";`
			`import {EmptyAggregateError, ZeroSignatureError} from "../errors.js";`
Co-exist implementations 2020-11-19 13:22:41 +00:00
Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`export class Signature extends blst.Signature implements ISignature {`
			`constructor(value: ConstructorParameters<typeof blst.Signature>[0]) {`
			`super(value);`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`}`

Document default value of optional params 2021-04-05 17:47:25 +00:00			/** @param type Defaults to `CoordType.affine` */
bls-eth-wasm package update for invalidating signature not in g2, validation on by default 2021-09-22 05:35:53 +00:00			`static fromBytes(bytes: Uint8Array, type?: blst.CoordType, validate = true): Signature {`
Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`const sig = blst.Signature.fromBytes(bytes, type);`
			`if (validate) sig.sigValidate();`
			`return new Signature(sig.value);`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`}`

			`static fromHex(hex: string): Signature {`
			`return this.fromBytes(hexToBytes(hex));`
			`}`

			`static aggregate(signatures: Signature[]): Signature {`
Make errors consistent 2020-11-30 00:20:52 +00:00			`if (signatures.length === 0) {`
			`throw new EmptyAggregateError();`
			`}`

Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`const agg = blst.aggregateSignatures(signatures);`
			`return new Signature(agg.value);`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`}`

Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`static verifyMultipleSignatures(sets: {publicKey: PublicKey; message: Uint8Array; signature: Signature}[]): boolean {`
Add verifyMultipleSignatures method 2020-12-02 21:44:25 +00:00			`return blst.verifyMultipleAggregateSignatures(`
Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`sets.map((s) => ({msg: s.message, pk: s.publicKey, sig: s.signature}))`
Add verifyMultipleSignatures method 2020-12-02 21:44:25 +00:00			`);`
			`}`

Co-exist implementations 2020-11-19 13:22:41 +00:00			`verify(publicKey: PublicKey, message: Uint8Array): boolean {`
Make errors consistent 2020-11-30 00:20:52 +00:00			`// Individual infinity signatures are NOT okay. Aggregated signatures MAY be infinity`
Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`if (this.value.is_inf()) {`
Make errors consistent 2020-11-30 00:20:52 +00:00			`throw new ZeroSignatureError();`
			`}`

Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`return blst.verify(message, publicKey, this);`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`}`

			`verifyAggregate(publicKeys: PublicKey[], message: Uint8Array): boolean {`
Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`return blst.fastAggregateVerify(message, publicKeys, this);`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`}`

			`verifyMultiple(publicKeys: PublicKey[], messages: Uint8Array[]): boolean {`
Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`return blst.aggregateVerify(messages, publicKeys, this);`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`}`

Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`toBytes(format?: PointFormat): Uint8Array {`
			`if (format === PointFormat.uncompressed) {`
			`return this.value.serialize();`
			`} else {`
			`return this.value.compress();`
			`}`
Fix lint errors 2020-11-20 12:27:30 +00:00			`}`

Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`toHex(format?: PointFormat): string {`
			`return bytesToHex(this.toBytes(format));`
Fix lint errors 2020-11-20 12:27:30 +00:00			`}`

Co-exist implementations 2020-11-19 13:22:41 +00:00			`private aggregateVerify(msgs: Uint8Array[], pks: blst.PublicKey[]): boolean {`
Consistent naming 2020-11-30 18:01:13 +00:00			`// If this set is simply an infinity signature and infinity publicKey then skip verification.`
			`// This has the effect of always declaring that this sig/publicKey combination is valid.`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`// for Eth2.0 specs tests`
Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`if (this.value.is_inf() && pks.length === 1 && pks[0].value.is_inf()) {`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`return true;`
			`}`

Enable multi-threading for all implementations 2021-04-04 23:44:55 +00:00			`return blst.aggregateVerify(msgs, pks, this);`
Co-exist implementations 2020-11-19 13:22:41 +00:00			`}`
			`}`