Rename bls_utils to dvt_common and prepare the code for integration of secp256k1 identity

Author: NDobrev

Makefile

@@ -26,6 +26,6 @@ test:
 		echo "Error: run_tests.sh not found in repository root."; \
 		exit 1; \
 	fi
-	@cd "$(REPO_ROOT)/crates/bls_utils" && cargo test
+	@cd "$(REPO_ROOT)/crates/dvt_common" && cargo test
 	@cd "$(REPO_ROOT)" && $(TEST_SCRIPT) $(ARGS)
 

crates/bad_encrypted_share_prove/Cargo.toml

@@ -11,7 +11,7 @@ rand = "0.8.5"
 group = "0.13.0"
 serde = "1.0.216"
 dvt_abi = { path = "../dvt_abi" }
-bls_utils = { path = "../bls_utils" }
+dvt_common = { path = "../dvt_common" }
 bls12_381 = { git = "https://github.com/NDobrev/bls12_381", branch="fp-to-bytes", features = ["experimental"]}
 hex = "0.4"
 chacha20 = "0.9.1"

crates/bad_encrypted_share_prove/src/main.rs

@@ -4,17 +4,16 @@ sp1_zkvm::entrypoint!(main);
 
 use std::result;
 
-use bls_utils::{self, bls, VerificationErrors};
+use dvt_common::{self, VerificationErrors};
 
-use chacha20::cipher::{KeyIvInit, StreamCipher, StreamCipherSeek};
+use chacha20::cipher::{KeyIvInit, StreamCipher};
 use chacha20::{ChaCha20, Key, Nonce};
 
-use bls12_381::{self, G1Affine, G1Projective, G2Affine};
-use dvt_abi::{AbiInitialCommitment, BLS_ID_SIZE};
+use bls12_381::{self, G1Affine, G2Affine};
 use sha2::{Digest, Sha256};
 use std::fmt;
 
-fn new_chacha20_cipher(base: &[u8], key_salt: &str, nonce_salt: &str) -> ChaCha20 {
+fn new_chacha20_cipher(base: &[u8], _key_salt: &str, _nonce_salt: &str) -> ChaCha20 {
     let mut key_hasher = Sha256::new();
     key_hasher.update(base);
     //key_hasher.update(key_salt.as_bytes());
@@ -197,7 +196,7 @@ fn parse_message(
         hash: [0u8; dvt_abi::SHA256_SIZE],
     };
 
-    let initial_commitment_hash = bls_utils::compute_initial_commitment_hash(&initial_commitment);
+    let initial_commitment_hash = dvt_common::compute_initial_commitment_hash(&initial_commitment);
 
     initial_commitment.hash = initial_commitment_hash.clone();
     // println!("gen_id {}", hex::encode(&gen_id));
@@ -225,7 +224,7 @@ fn parse_message(
 }
 
 pub fn main() {
-    let data = bls_utils::read_bad_encrypted_share();
+    let data = dvt_common::read_bad_encrypted_share();
 
     let pk = G1Affine::from_compressed(&data.sender_pubkey)
         .into_option()
@@ -251,6 +250,7 @@ pub fn main() {
         Ok(data) => data,
         Err(e) => {
             println!("Error: {}", e);
+            sp1_zkvm::io::commit(&data.encrypted_message);
             return;
         }
     };
@@ -280,11 +280,11 @@ pub fn main() {
         );
     }
 
-    if !bls_utils::verify_initial_commitment_hash(&data.initial_commitment) {
+    if !dvt_common::verify_initial_commitment_hash(&data.initial_commitment) {
         panic!("Unsalshable error while verifying commitment hash\n");
     }
 
-    match bls_utils::verify_seed_exchange_commitment(
+    match dvt_common::verify_seed_exchange_commitment(
         &data.verification_hashes,
         &data.seeds_exchange_commitment,
         &data.initial_commitment,

crates/bad_parial_key_prove/Cargo.toml

@@ -11,6 +11,6 @@ rand = "0.8.5"
 group = "0.13.0"
 serde = "1.0.216"
 dvt_abi = { path = "../dvt_abi" }
-bls_utils = { path = "../bls_utils" }
+dvt_common = { path = "../dvt_common" }
 hex = "0.4"
 chacha20 = "0.9.1"

crates/bad_parial_key_prove/src/main.rs

@@ -4,11 +4,11 @@ sp1_zkvm::entrypoint!(main);
 
 use core::panic;
 
-use bls_utils::{self, VerificationErrors};
+use dvt_common::{self, VerificationErrors};
 
 pub fn main() {
-    let data = bls_utils::read_bad_partial_share_data();
-    match bls_utils::prove_wrong_final_key_generation(&data) {
+    let data = dvt_common::read_bad_partial_share_data();
+    match dvt_common::prove_wrong_final_key_generation(&data) {
         Ok(()) => {
             panic!("Can't prove wrong doing");
         }

crates/bad_share_exchange_prove/Cargo.toml

@@ -11,5 +11,5 @@ rand = "0.8.5"
 group = "0.13.0"
 serde = "1.0.216"
 dvt_abi = { path = "../dvt_abi" }
-bls_utils = { path = "../bls_utils" }
+dvt_common = { path = "../dvt_common" }
 hex = "0.4"

crates/bad_share_exchange_prove/src/main.rs

@@ -4,10 +4,10 @@ sp1_zkvm::entrypoint!(main);
 
 use core::panic;
 
-use bls_utils::{self, VerificationErrors};
+use dvt_common::{self, VerificationErrors};
 
 pub fn main() {
-    let data = bls_utils::read_bls_shared_data_from_host();
+    let data = dvt_common::read_bls_shared_data_from_host();
 
     if data.verification_hashes.len() != data.initial_commitment.settings.n as usize {
         panic!("The number of verification hashes does not match the number of keys\n");
@@ -26,11 +26,11 @@ pub fn main() {
         panic!("The seed exchange commitment is not part of the verification hashes\n");
     }
 
-    if !bls_utils::verify_initial_commitment_hash(&data.initial_commitment) {
+    if !dvt_common::verify_initial_commitment_hash(&data.initial_commitment) {
         panic!("Unsalshable error while verifying commitment hash\n");
     }
 
-    match bls_utils::verify_seed_exchange_commitment(
+    match dvt_common::verify_seed_exchange_commitment(
         &data.verification_hashes,
         &data.seeds_exchange_commitment,
         &data.initial_commitment,

crates/bls_utils/Cargo.toml renamed to crates/dvt_common/Cargo.toml

@@ -1,5 +1,5 @@
 [package]
-name = "bls_utils"
+name = "dvt_common"
 version = { workspace = true }
 authors = { workspace = true }
 edition = { workspace = true }

crates/dvt_common/src/bls_common.rs

@@ -0,0 +1,107 @@
+use bls12_381::{
+    hash_to_curve::{ExpandMsgXmd, HashToCurve},
+    pairing, G1Affine, G1Projective, G2Affine, G2Projective, Scalar,
+};
+
+use bls_org;
+use dvt_abi::{self};
+use sha2::Sha256;
+
+pub fn hash_message_to_g2(msg: &[u8]) -> G2Projective {
+    let domain = b"BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_";
+    <G2Projective as HashToCurve<ExpandMsgXmd<Sha256>>>::hash_to_curve(msg, domain)
+}
+
+pub fn bls_verify_precomputed_hash(
+    pubkey: &G1Affine,
+    signature: &G2Affine,
+    hashed_msg: &G2Affine,
+) -> bool {
+    let left = pairing(&pubkey, &hashed_msg);
+    let right = pairing(&G1Affine::generator(), &signature);
+
+    left == right
+}
+pub fn bls_verify(pubkey: &G1Affine, signature: &G2Affine, message: &[u8]) -> bool {
+    let hashed_msg = hash_message_to_g2(message);
+    let msg_affine = G2Affine::from(hashed_msg);
+    bls_verify_precomputed_hash(pubkey, signature, &msg_affine)
+}
+
+pub fn bls_id_from_u32(id: u32) -> Scalar {
+    let unwrapped_le: [u8; 4] = (id as u32).to_le_bytes();
+    let mut bytes = [0u8; 32];
+    bytes[..4].copy_from_slice(&unwrapped_le);
+    Scalar::from_bytes(&bytes).expect("Invalid id")
+}
+
+fn uncompress_bls_pubkey_slow(
+    pubkey: &dvt_abi::BLSPubkey,
+) -> Result<[u8; 96], Box<dyn std::error::Error>> {
+    // We use the original bls library to verify the key
+    // Becaus the sp1 library will crash if the key is invalid
+    let key = bls_org::G1Affine::from_compressed(&pubkey);
+
+    return match key.into_option() {
+        Some(key) => Ok(key.to_uncompressed()),
+        None => Err(Box::new(std::io::Error::new(
+            std::io::ErrorKind::InvalidData,
+            format!("Invalid public key {}", hex::encode(&pubkey)),
+        ))),
+    };
+}
+
+pub fn to_g1_affine_slow(
+    pubkey: &dvt_abi::BLSPubkey,
+) -> Result<G1Affine, Box<dyn std::error::Error>> {
+    let bytes = uncompress_bls_pubkey_slow(&pubkey)?;
+
+    let key = G1Affine::from_uncompressed(&bytes);
+    match key.into_option() {
+        Some(key) => Ok(key),
+        None => Err(Box::new(std::io::Error::new(
+            std::io::ErrorKind::InvalidData,
+            format!("Invalid public key {}", hex::encode(&pubkey)),
+        ))),
+    }
+}
+
+fn uncompress_bls_signature_slow(
+    signature: &dvt_abi::BLSSignature,
+) -> Result<[u8; 192], Box<dyn std::error::Error>> {
+    // We use the original bls library to verify the key
+    // Becaus the sp1 library will crash if the key is invalid
+    let key = bls_org::G2Affine::from_compressed(&signature);
+
+    return match key.into_option() {
+        Some(key) => Ok(key.to_uncompressed()),
+        None => Err(Box::new(std::io::Error::new(
+            std::io::ErrorKind::InvalidData,
+            "Invalid signature",
+        ))),
+    };
+}
+pub fn to_g2_affine_slow(
+    signature: &dvt_abi::BLSSignature,
+) -> Result<G2Affine, Box<dyn std::error::Error>> {
+    let bytes = uncompress_bls_signature_slow(&signature)?;
+
+    let key = G2Affine::from_uncompressed(&bytes);
+    match key.into_option() {
+        Some(key) => Ok(key),
+        None => Err(Box::new(std::io::Error::new(
+            std::io::ErrorKind::InvalidData,
+            "Invalid signature",
+        ))),
+    }
+}
+
+pub fn to_g1_affine(pubkey: &dvt_abi::BLSPubkey) -> G1Affine {
+    G1Affine::from_compressed(&pubkey)
+        .into_option()
+        .expect("G1 point is not torsion free.")
+}
+
+pub fn to_g1_projection(pubkey: &dvt_abi::BLSPubkey) -> G1Projective {
+    G1Projective::from(to_g1_affine(pubkey))
+}