This repository has been archived on 2023-04-09. You can view files and clone it, but cannot push or open issues or pull requests.
chainsafe-bls/src/index.ts

166 lines
4.6 KiB
TypeScript
Raw Normal View History

2019-08-05 15:48:26 +00:00
import {Keypair} from "./keypair";
import {PrivateKey} from "./privateKey";
import {G2point} from "./helpers/g2point";
import {G1point} from "./helpers/g1point";
import {PublicKey} from "./publicKey";
import {Signature} from "./signature";
import {ElipticCurvePairing} from "./helpers/ec-pairing";
import ctx from "./ctx";
2019-09-03 18:17:55 +00:00
import {BLSPubkey, BLSSecretKey, BLSSignature, Domain, Hash} from "@chainsafe/eth2.0-types";
2019-08-12 07:51:18 +00:00
export {Keypair, PrivateKey, PublicKey, Signature};
2019-08-05 15:48:26 +00:00
/**
* Generates new secret and public key
*/
2019-08-12 07:51:18 +00:00
export function generateKeyPair(): Keypair {
2019-08-05 15:48:26 +00:00
return Keypair.generate();
}
/**
* Generates public key from given secret.
* @param {BLSSecretKey} secretKey
*/
2019-08-12 07:51:18 +00:00
export function generatePublicKey(secretKey: BLSSecretKey): BLSPubkey {
2019-08-05 15:48:26 +00:00
const keypair = new Keypair(PrivateKey.fromBytes(secretKey));
return keypair.publicKey.toBytesCompressed();
}
/**
* Signs given message using secret key.
* @param secretKey
* @param messageHash
* @param domain
*/
2019-09-03 18:17:55 +00:00
export function sign(secretKey: BLSSecretKey, messageHash: Hash, domain: Domain): BLSSignature {
2019-08-05 15:48:26 +00:00
const privateKey = PrivateKey.fromBytes(secretKey);
const hash = G2point.hashToG2(messageHash, domain);
return privateKey.sign(hash).toBytesCompressed();
}
/**
* Compines all given signature into one.
* @param signatures
*/
2019-08-12 07:51:18 +00:00
export function aggregateSignatures(signatures: BLSSignature[]): BLSSignature {
2019-08-05 15:48:26 +00:00
return signatures.map((signature): Signature => {
2019-08-12 07:51:18 +00:00
return Signature.fromCompressedBytes(signature);
2019-08-05 15:48:26 +00:00
}).reduce((previousValue, currentValue): Signature => {
return previousValue.add(currentValue);
}).toBytesCompressed();
}
/**
* Combines all given public keys into single one
* @param publicKeys
*/
2019-08-12 07:51:18 +00:00
export function aggregatePubkeys(publicKeys: BLSPubkey[]): BLSPubkey {
2019-08-05 15:48:26 +00:00
if(publicKeys.length === 0) {
return new G1point(new ctx.ECP()).toBytesCompressed();
}
2019-08-28 13:57:26 +00:00
return G1point.aggregate(publicKeys).toBytesCompressed();
2019-08-05 15:48:26 +00:00
}
/**
* Verifies if signature is message signed with given public key.
* @param publicKey
* @param messageHash
* @param signature
* @param domain
*/
2019-09-03 18:17:55 +00:00
export function verify(publicKey: BLSPubkey, messageHash: Hash, signature: BLSSignature, domain: Domain): boolean {
2019-08-05 15:48:26 +00:00
try {
const key = PublicKey.fromBytes(publicKey);
const sig = Signature.fromCompressedBytes(signature);
2019-08-28 13:57:26 +00:00
key.getPoint().getPoint().affine();
sig.getPoint().getPoint().affine();
2019-08-05 15:48:26 +00:00
const g1Generated = G1point.generator();
const e1 = ElipticCurvePairing.pair(key.getPoint(), G2point.hashToG2(messageHash, domain));
const e2 = ElipticCurvePairing.pair(g1Generated, sig.getPoint());
return e1.equals(e2);
} catch (e) {
return false;
}
}
/**
* Verifies if signature is list of message signed with corresponding public key.
* @param publicKeys
* @param messageHashes
* @param signature
* @param domain
*/
2019-09-17 19:05:13 +00:00
export function verifyMultiple(
publicKeys: BLSPubkey[],
messageHashes: Hash[],
signature: BLSSignature,
domain: Domain
): boolean {
2019-08-05 15:48:26 +00:00
if(publicKeys.length === 0 || publicKeys.length != messageHashes.length) {
return false;
}
try {
2019-08-28 13:57:26 +00:00
const sig = Signature.fromCompressedBytes(signature).getPoint();
sig.getPoint().affine();
2019-08-05 15:48:26 +00:00
const eCombined = new ctx.FP12(1);
2019-08-28 13:57:26 +00:00
2019-09-17 19:02:32 +00:00
// @ts-ignore
2019-08-28 13:57:26 +00:00
const reduction = messageHashes.reduce((previous, current, index) => {
2019-09-17 19:02:32 +00:00
// @ts-ignore
2019-08-28 13:57:26 +00:00
if(previous.hash && current.equals(previous.hash)) {
return {
hash: previous.hash,
2019-09-17 19:02:32 +00:00
// @ts-ignore
2019-08-28 13:57:26 +00:00
publicKey: previous.publicKey ?
2019-09-17 19:02:32 +00:00
// @ts-ignore
2019-08-29 12:14:46 +00:00
previous.publicKey.addRaw(publicKeys[index])
2019-08-28 13:57:26 +00:00
:
G1point.fromBytesCompressed(publicKeys[index]),
};
2019-09-17 19:02:32 +00:00
} else if(previous.hash) {
// @ts-ignore
2019-08-28 13:57:26 +00:00
const g2 = G2point.hashToG2(previous.hash, domain);
eCombined.mul(
ElipticCurvePairing.pair(
2019-09-17 19:02:32 +00:00
// @ts-ignore
2019-08-28 13:57:26 +00:00
previous.publicKey,
g2
)
);
return {hash: current, publicKey: G1point.fromBytesCompressed(publicKeys[index])};
} else {
return {
hash: current,
publicKey: G1point.fromBytesCompressed(publicKeys[index])
};
}
}, {hash: null, publicKey: null});
const g2Final = G2point.hashToG2(reduction.hash, domain);
const keyFinal = reduction.publicKey;
eCombined.mul(
ElipticCurvePairing.pair(
keyFinal,
g2Final
)
);
const e2 = ElipticCurvePairing.pair(G1point.generator(), sig);
2019-08-05 15:48:26 +00:00
return e2.equals(eCombined);
} catch (e) {
return false;
}
}
export default {
generateKeyPair,
generatePublicKey,
sign,
aggregateSignatures,
aggregatePubkeys,
verify,
verifyMultiple
2019-08-12 07:51:18 +00:00
};