Merge pull request #2545 from input-output-hk/curiecrypt/module-single-signature

Organize STM - Module Single Signature

Author: curiecrypt

mithril-stm/CHANGELOG.md

@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.4.1 (04-06-2025)
+
+### Added
+
+- Added a `single_signature` module and `StmSig` and `StmSigRegParty` functionality covered by its submodules.
+
 ## 0.4.0 (15-05-2025)
 
 ### Added

mithril-stm/src/lib.rs

@@ -7,6 +7,7 @@ mod error;
 mod key_reg;
 mod merkle_tree;
 mod participant;
+mod single_signature;
 mod stm;
 
 pub use error::{
@@ -15,9 +16,9 @@ pub use error::{
 };
 pub use key_reg::{ClosedKeyReg, KeyReg};
 pub use participant::{StmInitializer, StmSigner, StmVerificationKey, StmVerificationKeyPoP};
+pub use single_signature::{StmSig, StmSigRegParty};
 pub use stm::{
     CoreVerifier, Index, Stake, StmAggrSig, StmAggrVerificationKey, StmClerk, StmParameters,
-    StmSig, StmSigRegParty,
 };
 
 #[cfg(feature = "benchmark-internals")]

mithril-stm/src/participant/signer.rs

@@ -1,8 +1,10 @@
+use blake2::digest::{Digest, FixedOutput};
+
 use crate::bls_multi_signature::{Signature, SigningKey, VerificationKey};
 use crate::eligibility_check::ev_lt_phi;
 use crate::key_reg::ClosedKeyReg;
-use crate::stm::{Stake, StmParameters, StmSig};
-use blake2::digest::{Digest, FixedOutput};
+use crate::single_signature::StmSig;
+use crate::stm::{Stake, StmParameters};
 
 /// Wrapper of the MultiSignature Verification key
 pub type StmVerificationKey = VerificationKey;

mithril-stm/src/single_signature/mod.rs

@@ -0,0 +1,5 @@
+mod signature;
+mod signature_registered_party;
+
+pub use signature::*;
+pub use signature_registered_party::*;

mithril-stm/src/single_signature/signature.rs

@@ -0,0 +1,160 @@
+use std::cmp::Ordering;
+use std::hash::{Hash, Hasher};
+
+use blake2::digest::{Digest, FixedOutput};
+use serde::{Deserialize, Serialize};
+
+use crate::bls_multi_signature::Signature;
+use crate::eligibility_check::ev_lt_phi;
+use crate::{
+    Index, Stake, StmAggrVerificationKey, StmParameters, StmSignatureError, StmVerificationKey,
+};
+
+/// Signature created by a single party who has won the lottery.
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct StmSig {
+    /// The signature from the underlying MSP scheme.
+    pub sigma: Signature,
+    /// The index(es) for which the signature is valid
+    pub indexes: Vec<Index>,
+    /// Merkle tree index of the signer.
+    pub signer_index: Index,
+}
+
+impl StmSig {
+    /// Verify an stm signature by checking that the lottery was won, the merkle path is correct,
+    /// the indexes are in the desired range and the underlying multi signature validates.
+    pub fn verify<D: Clone + Digest + FixedOutput>(
+        &self,
+        params: &StmParameters,
+        pk: &StmVerificationKey,
+        stake: &Stake,
+        avk: &StmAggrVerificationKey<D>,
+        msg: &[u8],
+    ) -> Result<(), StmSignatureError> {
+        let msgp = avk.get_mt_commitment().concat_with_msg(msg);
+        self.verify_core(params, pk, stake, &msgp, &avk.get_total_stake())?;
+        Ok(())
+    }
+
+    /// Verify that all indices of a signature are valid.
+    pub(crate) fn check_indices(
+        &self,
+        params: &StmParameters,
+        stake: &Stake,
+        msg: &[u8],
+        total_stake: &Stake,
+    ) -> Result<(), StmSignatureError> {
+        for &index in &self.indexes {
+            if index > params.m {
+                return Err(StmSignatureError::IndexBoundFailed(index, params.m));
+            }
+
+            let ev = self.sigma.eval(msg, index);
+
+            if !ev_lt_phi(params.phi_f, ev, *stake, *total_stake) {
+                return Err(StmSignatureError::LotteryLost);
+            }
+        }
+
+        Ok(())
+    }
+
+    /// Convert an `StmSig` into bytes
+    ///
+    /// # Layout
+    /// * Stake
+    /// * Number of valid indexes (as u64)
+    /// * Indexes of the signature
+    /// * Public Key
+    /// * Signature
+    /// * Merkle index of the signer.
+    pub fn to_bytes(&self) -> Vec<u8> {
+        let mut output = Vec::new();
+        output.extend_from_slice(&(self.indexes.len() as u64).to_be_bytes());
+
+        for index in &self.indexes {
+            output.extend_from_slice(&index.to_be_bytes());
+        }
+
+        output.extend_from_slice(&self.sigma.to_bytes());
+
+        output.extend_from_slice(&self.signer_index.to_be_bytes());
+        output
+    }
+
+    /// Extract a batch compatible `StmSig` from a byte slice.
+    pub fn from_bytes<D: Clone + Digest + FixedOutput>(
+        bytes: &[u8],
+    ) -> Result<StmSig, StmSignatureError> {
+        let mut u64_bytes = [0u8; 8];
+
+        u64_bytes.copy_from_slice(&bytes[0..8]);
+        let nr_indexes = u64::from_be_bytes(u64_bytes) as usize;
+
+        let mut indexes = Vec::new();
+        for i in 0..nr_indexes {
+            u64_bytes.copy_from_slice(&bytes[8 + i * 8..16 + i * 8]);
+            indexes.push(u64::from_be_bytes(u64_bytes));
+        }
+
+        let offset = 8 + nr_indexes * 8;
+        let sigma = Signature::from_bytes(&bytes[offset..offset + 48])?;
+
+        u64_bytes.copy_from_slice(&bytes[offset + 48..offset + 56]);
+        let signer_index = u64::from_be_bytes(u64_bytes);
+
+        Ok(StmSig {
+            sigma,
+            indexes,
+            signer_index,
+        })
+    }
+
+    /// Compare two `StmSig` by their signers' merkle tree indexes.
+    pub fn cmp_stm_sig(&self, other: &Self) -> Ordering {
+        self.signer_index.cmp(&other.signer_index)
+    }
+
+    /// Verify a core signature by checking that the lottery was won,
+    /// the indexes are in the desired range and the underlying multi signature validates.
+    pub fn verify_core(
+        &self,
+        params: &StmParameters,
+        pk: &StmVerificationKey,
+        stake: &Stake,
+        msg: &[u8],
+        total_stake: &Stake,
+    ) -> Result<(), StmSignatureError> {
+        self.sigma.verify(msg, pk)?;
+        self.check_indices(params, stake, msg, total_stake)?;
+
+        Ok(())
+    }
+}
+
+impl Hash for StmSig {
+    fn hash<H: Hasher>(&self, state: &mut H) {
+        Hash::hash_slice(&self.sigma.to_bytes(), state)
+    }
+}
+
+impl PartialEq for StmSig {
+    fn eq(&self, other: &Self) -> bool {
+        self.sigma == other.sigma
+    }
+}
+
+impl Eq for StmSig {}
+
+impl PartialOrd for StmSig {
+    fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
+        Some(std::cmp::Ord::cmp(self, other))
+    }
+}
+
+impl Ord for StmSig {
+    fn cmp(&self, other: &Self) -> Ordering {
+        self.cmp_stm_sig(other)
+    }
+}

mithril-stm/src/single_signature/signature_registered_party.rs

@@ -0,0 +1,50 @@
+use blake2::digest::{Digest, FixedOutput};
+use serde::ser::SerializeTuple;
+use serde::{Deserialize, Serialize, Serializer};
+
+use crate::key_reg::RegParty;
+use crate::{StmSig, StmSignatureError};
+
+/// Signature with its registered party.
+#[derive(Debug, Clone, Hash, Deserialize, Eq, PartialEq, Ord, PartialOrd)]
+pub struct StmSigRegParty {
+    /// Stm signature
+    pub sig: StmSig,
+    /// Registered party
+    pub reg_party: RegParty,
+}
+
+impl StmSigRegParty {
+    /// Convert StmSigRegParty to bytes
+    /// # Layout
+    /// * RegParty
+    /// * Signature
+    pub fn to_bytes(&self) -> Vec<u8> {
+        let mut out = Vec::new();
+        out.extend_from_slice(&self.reg_party.to_bytes());
+        out.extend_from_slice(&self.sig.to_bytes());
+
+        out
+    }
+    ///Extract a `StmSigRegParty` from a byte slice.
+    pub fn from_bytes<D: Digest + Clone + FixedOutput>(
+        bytes: &[u8],
+    ) -> Result<StmSigRegParty, StmSignatureError> {
+        let reg_party = RegParty::from_bytes(&bytes[0..104])?;
+        let sig = StmSig::from_bytes::<D>(&bytes[104..])?;
+
+        Ok(StmSigRegParty { sig, reg_party })
+    }
+}
+
+impl Serialize for StmSigRegParty {
+    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+    where
+        S: Serializer,
+    {
+        let mut tuple = serializer.serialize_tuple(2)?;
+        tuple.serialize_element(&self.sig)?;
+        tuple.serialize_element(&self.reg_party)?;
+        tuple.end()
+    }
+}