feat: port bls12381 from v0.52.rc2 (#24872)

Co-authored-by: Alex | Interchain Labs <[email protected]>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

Author: 3 people

CHANGELOG.md

@@ -38,6 +38,10 @@ Ref: https://keepachangelog.com/en/1.0.0/
 
 ## [Unreleased]
 
+### Features
+
+* [#24872](https://github.com/cosmos/cosmos-sdk/pull/24872) Support BLS 12-381 for cli `init`, `gentx`, `collect-gentx`
+
 ### Breaking Changes
 
 * [#24837](https://github.com/cosmos/cosmos-sdk/pull/24837) Update to using CometBFT v2.

crypto/codec/amino.go

@@ -1,7 +1,10 @@
 package codec
 
 import (
+	"github.com/cometbft/cometbft/v2/crypto/bls12381"
+
 	"github.com/cosmos/cosmos-sdk/codec"
+	bls12_381 "github.com/cosmos/cosmos-sdk/crypto/keys/bls12_381"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
 	kmultisig "github.com/cosmos/cosmos-sdk/crypto/keys/multisig"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
@@ -24,4 +27,6 @@ func RegisterCrypto(cdc *codec.LegacyAmino) {
 		ed25519.PrivKeyName, nil)
 	cdc.RegisterConcrete(&secp256k1.PrivKey{},
 		secp256k1.PrivKeyName, nil)
+	cdc.RegisterConcrete(&bls12_381.PubKey{}, bls12381.PubKeyName, nil)
+	cdc.RegisterConcrete(&bls12_381.PrivKey{}, bls12381.PrivKeyName, nil)
 }

crypto/codec/cmt.go

@@ -7,6 +7,7 @@ import (
 
 	"cosmossdk.io/errors"
 
+	bls12_381 "github.com/cosmos/cosmos-sdk/crypto/keys/bls12_381"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
 	cryptotypes "github.com/cosmos/cosmos-sdk/crypto/types"
@@ -24,6 +25,10 @@ func FromCmtProtoPublicKey(protoPk cmtprotocrypto.PublicKey) (cryptotypes.PubKey
 		return &secp256k1.PubKey{
 			Key: protoPk.Secp256K1,
 		}, nil
+	case *cmtprotocrypto.PublicKey_Bls12381:
+		return &bls12_381.PubKey{
+			Key: protoPk.Bls12381,
+		}, nil
 	default:
 		return nil, errors.Wrapf(sdkerrors.ErrInvalidType, "cannot convert %v from Tendermint public key", protoPk)
 	}
@@ -44,6 +49,12 @@ func ToCmtProtoPublicKey(pk cryptotypes.PubKey) (cmtprotocrypto.PublicKey, error
 				Secp256K1: pk.Key,
 			},
 		}, nil
+	case *bls12_381.PubKey:
+		return cmtprotocrypto.PublicKey{
+			Sum: &cmtprotocrypto.PublicKey_Bls12381{
+				Bls12381: pk.Key,
+			},
+		}, nil
 	default:
 		return cmtprotocrypto.PublicKey{}, errors.Wrapf(sdkerrors.ErrInvalidType, "cannot convert %v to Tendermint public key", pk)
 	}

crypto/codec/proto.go

@@ -2,6 +2,7 @@ package codec
 
 import (
 	codectypes "github.com/cosmos/cosmos-sdk/codec/types"
+	bls12_381 "github.com/cosmos/cosmos-sdk/crypto/keys/bls12_381"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/multisig"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
@@ -15,11 +16,13 @@ func RegisterInterfaces(registry codectypes.InterfaceRegistry) {
 	registry.RegisterInterface("cosmos.crypto.PubKey", pk)
 	registry.RegisterImplementations(pk, &ed25519.PubKey{})
 	registry.RegisterImplementations(pk, &secp256k1.PubKey{})
+	registry.RegisterImplementations(pk, &bls12_381.PubKey{})
 	registry.RegisterImplementations(pk, &multisig.LegacyAminoPubKey{})
 
 	var priv *cryptotypes.PrivKey
 	registry.RegisterInterface("cosmos.crypto.PrivKey", priv)
 	registry.RegisterImplementations(priv, &secp256k1.PrivKey{})
 	registry.RegisterImplementations(priv, &ed25519.PrivKey{})
+	registry.RegisterImplementations(priv, &bls12_381.PrivKey{})
 	secp256r1.RegisterInterfaces(registry)
 }

crypto/hd/algo.go

@@ -18,6 +18,9 @@ const (
 	// Ed25519Type represents the Ed25519Type signature system.
 	// It is currently not supported for end-user keys (wallets/ledgers).
 	Ed25519Type = PubKeyType("ed25519")
+	// Bls12_381Type represents the Bls12_381Type signature system.
+	// It is currently not supported for end-user keys (wallets/ledgers).
+	Bls12_381Type = PubKeyType("bls12_381")
 )
 
 // Secp256k1 uses the Bitcoin secp256k1 ECDSA parameters.

crypto/keys/bls12_381/key.go

@@ -0,0 +1,134 @@
+//go:build !bls12381
+
+package bls12_381
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+
+	"github.com/cometbft/cometbft/v2/crypto"
+	bls "github.com/cometbft/cometbft/v2/crypto/bls12381"
+
+	"github.com/cosmos/cosmos-sdk/codec"
+	cryptotypes "github.com/cosmos/cosmos-sdk/crypto/types"
+)
+
+// ===============================================================================================
+// Private Key
+// ===============================================================================================
+
+// PrivKey is a wrapper around the Ethereum BLS12-381 private key type. This
+// wrapper conforms to crypto.Pubkey to allow for the use of the Ethereum
+// BLS12-381 private key type.
+
+var (
+	_ cryptotypes.PrivKey  = &PrivKey{}
+	_ codec.AminoMarshaler = &PrivKey{}
+)
+
+// NewPrivateKeyFromBytes build a new key from the given bytes.
+func NewPrivateKeyFromBytes(bz []byte) (PrivKey, error) {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// GenPrivKey generates a new key.
+func GenPrivKey() (PrivKey, error) {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// Bytes returns the byte representation of the Key.
+func (privKey PrivKey) Bytes() []byte {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// PubKey returns the private key's public key. If the privkey is not valid
+// it returns a nil value.
+func (privKey PrivKey) PubKey() cryptotypes.PubKey {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// Equals returns true if two keys are equal and false otherwise.
+func (privKey PrivKey) Equals(other cryptotypes.LedgerPrivKey) bool {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// Type returns the type.
+func (PrivKey) Type() string {
+	return bls.KeyType
+}
+
+// Sign signs the given byte array. If msg is larger than
+// MaxMsgLen, SHA256 sum will be signed instead of the raw bytes.
+func (privKey PrivKey) Sign(msg []byte) ([]byte, error) {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// MarshalAmino overrides Amino binary marshaling.
+func (privKey PrivKey) MarshalAmino() ([]byte, error) {
+	return privKey.Key, nil
+}
+
+// UnmarshalAmino overrides Amino binary marshaling.
+func (privKey *PrivKey) UnmarshalAmino(bz []byte) error {
+	if len(bz) != bls.PrivKeySize {
+		return errors.New("invalid privkey size")
+	}
+	privKey.Key = bz
+
+	return nil
+}
+
+// MarshalAminoJSON overrides Amino JSON marshaling.
+func (privKey PrivKey) MarshalAminoJSON() ([]byte, error) {
+	// When we marshal to Amino JSON, we don't marshal the "key" field itself,
+	// just its contents (i.e. the key bytes).
+	return privKey.MarshalAmino()
+}
+
+// UnmarshalAminoJSON overrides Amino JSON marshaling.
+func (privKey *PrivKey) UnmarshalAminoJSON(bz []byte) error {
+	return privKey.UnmarshalAmino(bz)
+}
+
+// ===============================================================================================
+// Public Key
+// ===============================================================================================
+
+// Pubkey is a wrapper around the Ethereum BLS12-381 public key type. This
+// wrapper conforms to crypto.Pubkey to allow for the use of the Ethereum
+// BLS12-381 public key type.
+
+var _ cryptotypes.PubKey = &PubKey{}
+
+// Address returns the address of the key.
+//
+// The function will panic if the public key is invalid.
+func (pubKey PubKey) Address() crypto.Address {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// VerifySignature verifies the given signature.
+func (pubKey PubKey) VerifySignature(msg, sig []byte) bool {
+	panic("not implemented, build flags are required to use bls12_381 keys")
+}
+
+// Bytes returns the byte format.
+func (pubKey PubKey) Bytes() []byte {
+	return pubKey.Key
+}
+
+// Type returns the key's type.
+func (PubKey) Type() string {
+	return bls.KeyType
+}
+
+// Equals returns true if the other's type is the same and their bytes are deeply equal.
+func (pubKey PubKey) Equals(other cryptotypes.PubKey) bool {
+	return pubKey.Type() == other.Type() && bytes.Equal(pubKey.Bytes(), other.Bytes())
+}
+
+// String returns Hex representation of a pubkey with it's type
+func (pubKey PubKey) String() string {
+	return fmt.Sprintf("PubKeyBLS12_381{%X}", pubKey.Key)
+}

crypto/keys/bls12_381/key_cgo.go

@@ -0,0 +1,169 @@
+//go:build ((linux && amd64) || (linux && arm64) || (darwin && amd64) || (darwin && arm64) || (windows && amd64)) && bls12381
+
+package bls12_381
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+
+	"github.com/cometbft/cometbft/v2/crypto"
+	"github.com/cometbft/cometbft/v2/crypto/bls12381"
+	"github.com/cometbft/cometbft/v2/crypto/tmhash"
+
+	"github.com/cosmos/cosmos-sdk/codec"
+	cryptotypes "github.com/cosmos/cosmos-sdk/crypto/types"
+)
+
+// ===============================================================================================
+// Private Key
+// ===============================================================================================
+
+// PrivKey is a wrapper around the Ethereum BLS12-381 private key type. This
+// wrapper conforms to crypto.Pubkey to allow for the use of the Ethereum
+// BLS12-381 private key type.
+
+var (
+	_ cryptotypes.PrivKey  = &PrivKey{}
+	_ codec.AminoMarshaler = &PrivKey{}
+)
+
+// NewPrivateKeyFromBytes build a new key from the given bytes.
+func NewPrivateKeyFromBytes(bz []byte) (PrivKey, error) {
+	secretKey, err := bls12381.NewPrivateKeyFromBytes(bz)
+	if err != nil {
+		return PrivKey{}, err
+	}
+	return PrivKey{
+		Key: secretKey.Bytes(),
+	}, nil
+}
+
+// GenPrivKey generates a new key.
+func GenPrivKey() (PrivKey, error) {
+	secretKey, err := bls12381.GenPrivKey()
+	return PrivKey{
+		Key: secretKey.Bytes(),
+	}, err
+}
+
+// Bytes returns the byte representation of the Key.
+func (privKey PrivKey) Bytes() []byte {
+	return privKey.Key
+}
+
+// PubKey returns the private key's public key. If the privkey is not valid
+// it returns a nil value.
+func (privKey PrivKey) PubKey() cryptotypes.PubKey {
+	secretKey, err := bls12381.NewPrivateKeyFromBytes(privKey.Key)
+	if err != nil {
+		return nil
+	}
+
+	return &PubKey{
+		Key: secretKey.PubKey().Bytes(),
+	}
+}
+
+// Equals returns true if two keys are equal and false otherwise.
+func (privKey PrivKey) Equals(other cryptotypes.LedgerPrivKey) bool {
+	return privKey.Type() == other.Type() && bytes.Equal(privKey.Bytes(), other.Bytes())
+}
+
+// Type returns the type.
+func (PrivKey) Type() string {
+	return bls12381.KeyType
+}
+
+// Sign signs the given byte array. If msg is larger than
+// MaxMsgLen, SHA256 sum will be signed instead of the raw bytes.
+func (privKey PrivKey) Sign(msg []byte) ([]byte, error) {
+	secretKey, err := bls12381.NewPrivateKeyFromBytes(privKey.Key)
+	if err != nil {
+		return nil, err
+	}
+
+	return secretKey.Sign(msg)
+}
+
+// MarshalAmino overrides Amino binary marshaling.
+func (privKey PrivKey) MarshalAmino() ([]byte, error) {
+	return privKey.Key, nil
+}
+
+// UnmarshalAmino overrides Amino binary marshaling.
+func (privKey *PrivKey) UnmarshalAmino(bz []byte) error {
+	if len(bz) != bls12381.PrivKeySize {
+		return errors.New("invalid privkey size")
+	}
+	privKey.Key = bz
+
+	return nil
+}
+
+// MarshalAminoJSON overrides Amino JSON marshaling.
+func (privKey PrivKey) MarshalAminoJSON() ([]byte, error) {
+	// When we marshal to Amino JSON, we don't marshal the "key" field itself,
+	// just its contents (i.e. the key bytes).
+	return privKey.MarshalAmino()
+}
+
+// UnmarshalAminoJSON overrides Amino JSON marshaling.
+func (privKey *PrivKey) UnmarshalAminoJSON(bz []byte) error {
+	return privKey.UnmarshalAmino(bz)
+}
+
+// ===============================================================================================
+// Public Key
+// ===============================================================================================
+
+// Pubkey is a wrapper around the Ethereum BLS12-381 public key type. This
+// wrapper conforms to crypto.Pubkey to allow for the use of the Ethereum
+// BLS12-381 public key type.
+
+var _ cryptotypes.PubKey = &PubKey{}
+
+// Address returns the address of the key.
+//
+// The function will panic if the public key is invalid.
+func (pubKey PubKey) Address() crypto.Address {
+	pk, _ := bls12381.NewPublicKeyFromBytes(pubKey.Key)
+	if len(pk.Bytes()) != bls12381.PubKeySize {
+		panic("pubkey is incorrect size")
+	}
+	return crypto.Address(tmhash.SumTruncated(pubKey.Key))
+}
+
+// VerifySignature verifies the given signature.
+func (pubKey PubKey) VerifySignature(msg, sig []byte) bool {
+	if len(sig) != bls12381.SignatureLength {
+		return false
+	}
+
+	pubK, err := bls12381.NewPublicKeyFromBytes(pubKey.Key)
+	if err != nil { // invalid pubkey
+		return false
+	}
+
+	return pubK.VerifySignature(msg, sig)
+}
+
+// Bytes returns the byte format.
+func (pubKey PubKey) Bytes() []byte {
+	return pubKey.Key
+}
+
+// Type returns the key's type.
+func (PubKey) Type() string {
+	return bls12381.KeyType
+}
+
+// Equals returns true if the other's type is the same and their bytes are deeply equal.
+func (pubKey PubKey) Equals(other cryptotypes.PubKey) bool {
+	return pubKey.Type() == other.Type() && bytes.Equal(pubKey.Bytes(), other.Bytes())
+}
+
+// String returns Hex representation of a pubkey with it's type
+func (pubKey PubKey) String() string {
+	return fmt.Sprintf("PubKeyBLS12_381{%X}", pubKey.Key)
+}