feat(p2p/identity): signing

binier · binier · commit 60d28a93ae24 · 2025-01-22T15:21:52.000+04:00
diff --git a/node/common/src/service/p2p.rs b/node/common/src/service/p2p.rs
@@ -123,28 +123,23 @@ impl P2pCryptoService for NodeService {
     fn sign_key(&mut self, key: &[u8; 32]) -> Vec<u8> {
         // TODO: make deterministic
         let msg = [b"noise-libp2p-static-key:", key.as_slice()].concat();
-        let sig = self
-            .p2p
-            .mio
-            .keypair()
-            .sign(&msg)
-            .expect("unable to create signature");
+        let sig = self.p2p.sec_key.sign(&msg);
+        let libp2p_sec_key = libp2p_identity::Keypair::try_from(self.p2p.sec_key.clone()).unwrap();
 
         let mut payload = vec![];
         payload.extend_from_slice(b"\x0a\x24");
-        payload.extend_from_slice(&self.p2p.mio.keypair().public().encode_protobuf());
+        payload.extend_from_slice(&libp2p_sec_key.public().encode_protobuf());
         payload.extend_from_slice(b"\x12\x40");
-        payload.extend_from_slice(&sig);
+        payload.extend_from_slice(&sig.to_bytes());
         payload
     }
 
     fn sign_publication(&mut self, publication: &[u8]) -> Vec<u8> {
-        let msg = [b"libp2p-pubsub:", publication].concat();
         self.p2p
-            .mio
-            .keypair()
-            .sign(&msg)
-            .expect("unable to create signature")
+            .sec_key
+            .libp2p_pubsub_sign(publication)
+            .to_bytes()
+            .to_vec()
     }
 
     fn verify_publication(
diff --git a/p2p/src/identity/mod.rs b/p2p/src/identity/mod.rs
@@ -6,3 +6,6 @@ pub use public_key::PublicKey;
 
 mod secret_key;
 pub use secret_key::{EncryptableType, SecretKey};
+
+mod signature;
+pub use signature::Signature;
diff --git a/p2p/src/identity/secret_key.rs b/p2p/src/identity/secret_key.rs
@@ -1,12 +1,12 @@
 use std::{fmt, path::Path, str::FromStr};
 
 use base64::Engine;
-use ed25519_dalek::SigningKey as Ed25519SecretKey;
+use ed25519_dalek::{ed25519::signature::SignerMut, SigningKey as Ed25519SecretKey};
 use openmina_core::{EncryptedSecretKey, EncryptedSecretKeyFile, EncryptionError};
 use rand::{CryptoRng, Rng};
 use serde::{Deserialize, Serialize};
 
-use crate::identity::PublicKey;
+use super::{PublicKey, Signature};
 
 #[derive(Clone)]
 pub struct SecretKey(Ed25519SecretKey);
@@ -170,6 +170,14 @@ impl SecretKey {
         let data: Vec<u8> = self.decrypt_raw(other_pk, ciphertext.as_ref())?;
         serde_json::from_slice(&data).map_err(Box::<dyn std::error::Error>::from)
     }
+
+    pub fn sign(&mut self, data: &[u8]) -> Signature {
+        Signature(self.0.sign(data))
+    }
+
+    pub fn libp2p_pubsub_sign(&mut self, msg: &[u8]) -> Signature {
+        self.sign(&[b"libp2p-pubsub:", msg].concat())
+    }
 }
 
 pub trait EncryptableType: Serialize + for<'a> Deserialize<'a> {
diff --git a/p2p/src/identity/signature.rs b/p2p/src/identity/signature.rs
@@ -0,0 +1,128 @@
+use std::{
+    fmt,
+    io::{Read, Write},
+    str::FromStr,
+};
+
+use binprot::{BinProtRead, BinProtWrite};
+use ed25519_dalek::Signature as Ed25519Signature;
+use serde::{
+    de::{SeqAccess, Visitor},
+    Deserialize, Serialize,
+};
+
+#[derive(Eq, PartialEq, Clone)]
+pub struct Signature(pub(super) Ed25519Signature);
+
+impl Signature {
+    const BYTE_SIZE: usize = Ed25519Signature::BYTE_SIZE;
+
+    pub fn from_bytes(bytes: [u8; Self::BYTE_SIZE]) -> Self {
+        Self(Ed25519Signature::from_bytes(&bytes))
+    }
+
+    pub fn to_bytes(&self) -> [u8; Self::BYTE_SIZE] {
+        self.0.to_bytes()
+    }
+}
+
+impl FromStr for Signature {
+    type Err = hex::FromHexError;
+
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        hex::decode(s)?
+            .try_into()
+            .map(Self::from_bytes)
+            .or(Err(hex::FromHexError::InvalidStringLength))
+    }
+}
+
+impl fmt::Display for Signature {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(f, "{}", hex::encode(self.to_bytes()))
+    }
+}
+
+impl fmt::Debug for Signature {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(f, "Signature({self})")
+    }
+}
+
+impl From<Signature> for [u8; Signature::BYTE_SIZE] {
+    fn from(value: Signature) -> Self {
+        value.to_bytes()
+    }
+}
+
+impl Serialize for Signature {
+    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+    where
+        S: serde::Serializer,
+    {
+        if serializer.is_human_readable() {
+            serializer.serialize_str(&self.to_string())
+        } else {
+            self.to_bytes().serialize(serializer)
+        }
+    }
+}
+
+impl<'de> serde::Deserialize<'de> for Signature {
+    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+    where
+        D: serde::Deserializer<'de>,
+    {
+        if deserializer.is_human_readable() {
+            let s: String = Deserialize::deserialize(deserializer)?;
+            Ok(s.parse().map_err(serde::de::Error::custom)?)
+        } else {
+            struct ArrayVisitor;
+
+            impl<'de> Visitor<'de> for ArrayVisitor {
+                type Value = [u8; Signature::BYTE_SIZE];
+
+                fn expecting(&self, f: &mut fmt::Formatter) -> fmt::Result {
+                    write!(f, "signature bytes({})", Signature::BYTE_SIZE)
+                }
+
+                #[inline]
+                fn visit_seq<A>(self, mut a: A) -> Result<Self::Value, A::Error>
+                where
+                    A: SeqAccess<'de>,
+                {
+                    let mut bytes: Self::Value = [0; Signature::BYTE_SIZE];
+
+                    for (i, byte) in bytes.iter_mut().enumerate() {
+                        *byte = a
+                            .next_element()?
+                            .ok_or(serde::de::Error::invalid_length(i + 1, &self))?;
+                    }
+
+                    Ok(bytes)
+                }
+            }
+
+            deserializer
+                .deserialize_tuple(Self::BYTE_SIZE, ArrayVisitor)
+                .map(Self::from_bytes)
+        }
+    }
+}
+
+impl BinProtWrite for Signature {
+    fn binprot_write<W: Write>(&self, w: &mut W) -> std::io::Result<()> {
+        w.write_all(&self.to_bytes())
+    }
+}
+
+impl BinProtRead for Signature {
+    fn binprot_read<R: Read + ?Sized>(r: &mut R) -> Result<Self, binprot::Error>
+    where
+        Self: Sized,
+    {
+        let mut buf = [0; Ed25519Signature::BYTE_SIZE];
+        r.read_exact(&mut buf)?;
+        Ok(Self::from_bytes(buf))
+    }
+}
