From 1dc4192013aad53289812c3304946e2141b0ae48 Mon Sep 17 00:00:00 2001 From: Richard Pringle Date: Mon, 9 Dec 2024 16:41:15 -0500 Subject: [PATCH] encapsulate signer (#3576) Signed-off-by: Richard Pringle --- chains/manager.go | 4 +- config/config.go | 8 +- go.mod | 2 +- go.sum | 4 +- network/config.go | 2 +- network/network_test.go | 2 +- network/p2p/acp118/handler_test.go | 4 +- network/peer/ip.go | 4 +- network/peer/ip_signer.go | 4 +- network/peer/ip_signer_test.go | 2 +- network/peer/ip_test.go | 4 +- network/peer/peer_test.go | 34 +-- network/peer/test_peer.go | 2 +- network/test_network.go | 2 +- node/config.go | 2 +- node/node.go | 3 +- snow/snowtest/context.go | 4 +- .../gvalidators/validator_state_test.go | 16 +- snow/validators/manager_test.go | 28 +-- snow/validators/set_test.go | 16 +- tests/e2e/p/workflow.go | 2 +- tests/fixture/tmpnet/node.go | 4 +- utils/crypto/bls/bls_benchmark_test.go | 34 +-- utils/crypto/bls/bls_test.go | 206 +++++++++--------- utils/crypto/bls/public_test.go | 8 +- utils/crypto/bls/secret.go | 48 ++-- utils/crypto/bls/secret_test.go | 10 +- utils/crypto/bls/signature_test.go | 8 +- vms/platformvm/block/builder/builder_test.go | 6 +- .../block/executor/proposal_block_test.go | 4 +- .../block/executor/verifier_test.go | 4 +- vms/platformvm/network/warp_test.go | 10 +- vms/platformvm/service_test.go | 8 +- vms/platformvm/signer/proof_of_possession.go | 6 +- .../signer/proof_of_possession_test.go | 4 +- vms/platformvm/state/staker_test.go | 2 +- vms/platformvm/state/state_test.go | 26 +-- .../add_permissionless_validator_tx_test.go | 2 +- .../txs/convert_subnet_to_l1_tx_test.go | 2 +- .../txs/executor/standard_tx_executor_test.go | 30 +-- .../txs/executor/state_changes_test.go | 4 +- .../txs/executor/warp_verifier_test.go | 10 +- vms/platformvm/validator_set_property_test.go | 10 +- .../validators/manager_benchmark_test.go | 4 +- vms/platformvm/validators/manager_test.go | 4 +- vms/platformvm/vm_regression_test.go | 12 +- vms/platformvm/vm_test.go | 8 +- vms/platformvm/warp/gwarp/signer_test.go | 4 +- .../message/register_l1_validator_test.go | 4 +- vms/platformvm/warp/signature_test.go | 42 ++-- vms/platformvm/warp/signer.go | 6 +- vms/platformvm/warp/signer_test.go | 2 +- vms/platformvm/warp/signertest/signertest.go | 10 +- vms/platformvm/warp/validator_test.go | 12 +- wallet/chain/p/builder_test.go | 17 +- .../examples/register-l1-validator/main.go | 2 +- .../examples/set-l1-validator-weight/main.go | 5 +- 57 files changed, 363 insertions(+), 364 deletions(-) diff --git a/chains/manager.go b/chains/manager.go index 8d1eb4feea76..fed7bbcc0d54 100644 --- a/chains/manager.go +++ b/chains/manager.go @@ -186,7 +186,7 @@ type ManagerConfig struct { SybilProtectionEnabled bool StakingTLSSigner crypto.Signer StakingTLSCert *staking.Certificate - StakingBLSKey *bls.SecretKey + StakingBLSKey bls.Signer TracingEnabled bool // Must not be used unless [TracingEnabled] is true as this may be nil. Tracer trace.Tracer @@ -497,7 +497,7 @@ func (m *manager) buildChain(chainParams ChainParameters, sb subnets.Subnet) (*c SubnetID: chainParams.SubnetID, ChainID: chainParams.ID, NodeID: m.NodeID, - PublicKey: bls.PublicFromSecretKey(m.StakingBLSKey), + PublicKey: m.StakingBLSKey.PublicKey(), NetworkUpgrades: m.Upgrades, XChainID: m.XChainID, diff --git a/config/config.go b/config/config.go index 8a95045b7f77..37e60da9fc1f 100644 --- a/config/config.go +++ b/config/config.go @@ -645,9 +645,9 @@ func getStakingTLSCert(v *viper.Viper) (tls.Certificate, error) { } } -func getStakingSigner(v *viper.Viper) (*bls.SecretKey, error) { +func getStakingSigner(v *viper.Viper) (bls.Signer, error) { if v.GetBool(StakingEphemeralSignerEnabledKey) { - key, err := bls.NewSecretKey() + key, err := bls.NewSigner() if err != nil { return nil, fmt.Errorf("couldn't generate ephemeral signing key: %w", err) } @@ -685,7 +685,7 @@ func getStakingSigner(v *viper.Viper) (*bls.SecretKey, error) { return nil, errMissingStakingSigningKeyFile } - key, err := bls.NewSecretKey() + key, err := bls.NewSigner() if err != nil { return nil, fmt.Errorf("couldn't generate new signing key: %w", err) } @@ -694,7 +694,7 @@ func getStakingSigner(v *viper.Viper) (*bls.SecretKey, error) { return nil, fmt.Errorf("couldn't create path for signing key at %s: %w", signingKeyPath, err) } - keyBytes := bls.SecretKeyToBytes(key) + keyBytes := key.ToBytes() if err := os.WriteFile(signingKeyPath, keyBytes, perms.ReadWrite); err != nil { return nil, fmt.Errorf("couldn't write new signing key to %s: %w", signingKeyPath, err) } diff --git a/go.mod b/go.mod index 85591473efc6..78fb8758d724 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/DataDog/zstd v1.5.2 github.com/NYTimes/gziphandler v1.1.1 github.com/antithesishq/antithesis-sdk-go v0.3.8 - github.com/ava-labs/coreth v0.13.9-rc.1 + github.com/ava-labs/coreth v0.13.9-rc.2-encapsulate-signer github.com/ava-labs/ledger-avalanche/go v0.0.0-20241009183145-e6f90a8a1a60 github.com/btcsuite/btcd/btcutil v1.1.3 github.com/cockroachdb/pebble v0.0.0-20230928194634-aa077af62593 diff --git a/go.sum b/go.sum index 50b7e212cc7a..d43867a56bde 100644 --- a/go.sum +++ b/go.sum @@ -64,8 +64,8 @@ github.com/antithesishq/antithesis-sdk-go v0.3.8/go.mod h1:IUpT2DPAKh6i/YhSbt6Gl github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/ava-labs/coreth v0.13.9-rc.1 h1:qIICpC/OZGYUP37QnLgIqqwGmxnLwLpZaUlqJNI85vU= -github.com/ava-labs/coreth v0.13.9-rc.1/go.mod h1:7aMsRIo/3GBE44qWZMjnfqdqfcfZ5yShTTm2LObLaYo= +github.com/ava-labs/coreth v0.13.9-rc.2-encapsulate-signer h1:mRB03tLPUvgNko4nP4VwWQdiHeHaLHtdwsnqwxrsGec= +github.com/ava-labs/coreth v0.13.9-rc.2-encapsulate-signer/go.mod h1:tqRAe+7bGLo2Rq/Ph4iYMSch72ag/Jn0DiDMDz1Xa9E= github.com/ava-labs/ledger-avalanche/go v0.0.0-20241009183145-e6f90a8a1a60 h1:EL66gtXOAwR/4KYBjOV03LTWgkEXvLePribLlJNu4g0= github.com/ava-labs/ledger-avalanche/go v0.0.0-20241009183145-e6f90a8a1a60/go.mod h1:/7qKobTfbzBu7eSTVaXMTr56yTYk4j2Px6/8G+idxHo= github.com/aymerick/raymond v2.0.3-0.20180322193309-b565731e1464+incompatible/go.mod h1:osfaiScAUVup+UC9Nfq76eWqDhXlp+4UYaA8uhTBO6g= diff --git a/network/config.go b/network/config.go index e0cdfd0a7432..a6e6d98a1471 100644 --- a/network/config.go +++ b/network/config.go @@ -128,7 +128,7 @@ type Config struct { // TLSKey is this node's TLS key that is used to sign IPs. TLSKey crypto.Signer `json:"-"` // BLSKey is this node's BLS key that is used to sign IPs. - BLSKey *bls.SecretKey `json:"-"` + BLSKey bls.Signer `json:"-"` // TrackedSubnets of the node. // It must not include the primary network ID. diff --git a/network/network_test.go b/network/network_test.go index e21617551560..1cae830e036e 100644 --- a/network/network_test.go +++ b/network/network_test.go @@ -175,7 +175,7 @@ func newTestNetwork(t *testing.T, count int) (*testDialer, []*testListener, []id require.NoError(t, err) nodeID := ids.NodeIDFromCert(cert) - blsKey, err := bls.NewSecretKey() + blsKey, err := bls.NewSigner() require.NoError(t, err) config := defaultConfig diff --git a/network/p2p/acp118/handler_test.go b/network/p2p/acp118/handler_test.go index e58d61a8f6a0..0ec5dc93064a 100644 --- a/network/p2p/acp118/handler_test.go +++ b/network/p2p/acp118/handler_test.go @@ -72,9 +72,9 @@ func TestHandler(t *testing.T) { require := require.New(t) ctx := context.Background() - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() networkID := uint32(123) chainID := ids.GenerateTestID() signer := warp.NewSigner(sk, networkID, chainID) diff --git a/network/peer/ip.go b/network/peer/ip.go index 443396d344d2..08152b9748a6 100644 --- a/network/peer/ip.go +++ b/network/peer/ip.go @@ -32,14 +32,14 @@ type UnsignedIP struct { } // Sign this IP with the provided signer and return the signed IP. -func (ip *UnsignedIP) Sign(tlsSigner crypto.Signer, blsSigner *bls.SecretKey) (*SignedIP, error) { +func (ip *UnsignedIP) Sign(tlsSigner crypto.Signer, blsSigner bls.Signer) (*SignedIP, error) { ipBytes := ip.bytes() tlsSignature, err := tlsSigner.Sign( rand.Reader, hashing.ComputeHash256(ipBytes), crypto.SHA256, ) - blsSignature := bls.SignProofOfPossession(blsSigner, ipBytes) + blsSignature := blsSigner.SignProofOfPossession(ipBytes) return &SignedIP{ UnsignedIP: *ip, TLSSignature: tlsSignature, diff --git a/network/peer/ip_signer.go b/network/peer/ip_signer.go index 1053cfce3e62..3d6ea1d70d6c 100644 --- a/network/peer/ip_signer.go +++ b/network/peer/ip_signer.go @@ -18,7 +18,7 @@ type IPSigner struct { ip *utils.Atomic[netip.AddrPort] clock mockable.Clock tlsSigner crypto.Signer - blsSigner *bls.SecretKey + blsSigner bls.Signer // Must be held while accessing [signedIP] signedIPLock sync.RWMutex @@ -30,7 +30,7 @@ type IPSigner struct { func NewIPSigner( ip *utils.Atomic[netip.AddrPort], tlsSigner crypto.Signer, - blsSigner *bls.SecretKey, + blsSigner bls.Signer, ) *IPSigner { return &IPSigner{ ip: ip, diff --git a/network/peer/ip_signer_test.go b/network/peer/ip_signer_test.go index cff9b2cbbda2..7c6a9a5e5fbd 100644 --- a/network/peer/ip_signer_test.go +++ b/network/peer/ip_signer_test.go @@ -28,7 +28,7 @@ func TestIPSigner(t *testing.T) { require.NoError(err) tlsKey := tlsCert.PrivateKey.(crypto.Signer) - blsKey, err := bls.NewSecretKey() + blsKey, err := bls.NewSigner() require.NoError(err) s := NewIPSigner(dynIP, tlsKey, blsKey) diff --git a/network/peer/ip_test.go b/network/peer/ip_test.go index 4c3f62d27694..385940983870 100644 --- a/network/peer/ip_test.go +++ b/network/peer/ip_test.go @@ -21,7 +21,7 @@ func TestSignedIpVerify(t *testing.T) { cert1, err := staking.ParseCertificate(tlsCert1.Leaf.Raw) require.NoError(t, err) tlsKey1 := tlsCert1.PrivateKey.(crypto.Signer) - blsKey1, err := bls.NewSecretKey() + blsKey1, err := bls.NewSigner() require.NoError(t, err) tlsCert2, err := staking.NewTLSCert() @@ -38,7 +38,7 @@ func TestSignedIpVerify(t *testing.T) { type test struct { name string tlsSigner crypto.Signer - blsSigner *bls.SecretKey + blsSigner bls.Signer expectedCert *staking.Certificate ip UnsignedIP maxTimestamp time.Time diff --git a/network/peer/peer_test.go b/network/peer/peer_test.go index f66b523ce1e7..0d617fecbc69 100644 --- a/network/peer/peer_test.go +++ b/network/peer/peer_test.go @@ -111,7 +111,7 @@ func newRawTestPeer(t *testing.T, config Config) *rawTestPeer { 1, )) tls := tlsCert.PrivateKey.(crypto.Signer) - bls, err := bls.NewSecretKey() + bls, err := bls.NewSigner() require.NoError(err) config.IPSigner = NewIPSigner(ip, tls, bls) @@ -322,17 +322,17 @@ func TestInvalidBLSKeyDisconnects(t *testing.T) { require.NoError(rawPeer0.config.Validators.AddStaker( constants.PrimaryNetworkID, rawPeer1.config.MyNodeID, - bls.PublicFromSecretKey(rawPeer1.config.IPSigner.blsSigner), + rawPeer1.config.IPSigner.blsSigner.PublicKey(), ids.GenerateTestID(), 1, )) - bogusBLSKey, err := bls.NewSecretKey() + bogusBLSKey, err := bls.NewSigner() require.NoError(err) require.NoError(rawPeer1.config.Validators.AddStaker( constants.PrimaryNetworkID, rawPeer0.config.MyNodeID, - bls.PublicFromSecretKey(bogusBLSKey), // This is the wrong BLS key for this peer + bogusBLSKey.PublicKey(), // This is the wrong BLS key for this peer ids.GenerateTestID(), 1, )) @@ -348,7 +348,7 @@ func TestInvalidBLSKeyDisconnects(t *testing.T) { func TestShouldDisconnect(t *testing.T) { peerID := ids.GenerateTestNodeID() txID := ids.GenerateTestID() - blsKey, err := bls.NewSecretKey() + blsKey, err := bls.NewSigner() require.NoError(t, err) tests := []struct { @@ -458,7 +458,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -478,7 +478,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -502,7 +502,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -522,7 +522,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -546,7 +546,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -556,7 +556,7 @@ func TestShouldDisconnect(t *testing.T) { id: peerID, version: version.CurrentApp, ip: &SignedIP{ - BLSSignature: bls.SignProofOfPossession(blsKey, []byte("wrong message")), + BLSSignature: blsKey.SignProofOfPossession([]byte("wrong message")), }, }, expectedPeer: &peer{ @@ -568,7 +568,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -578,7 +578,7 @@ func TestShouldDisconnect(t *testing.T) { id: peerID, version: version.CurrentApp, ip: &SignedIP{ - BLSSignature: bls.SignProofOfPossession(blsKey, []byte("wrong message")), + BLSSignature: blsKey.SignProofOfPossession([]byte("wrong message")), }, }, expectedShouldDisconnect: true, @@ -594,7 +594,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -604,7 +604,7 @@ func TestShouldDisconnect(t *testing.T) { id: peerID, version: version.CurrentApp, ip: &SignedIP{ - BLSSignature: bls.SignProofOfPossession(blsKey, (&UnsignedIP{}).bytes()), + BLSSignature: blsKey.SignProofOfPossession((&UnsignedIP{}).bytes()), }, }, expectedPeer: &peer{ @@ -616,7 +616,7 @@ func TestShouldDisconnect(t *testing.T) { require.NoError(t, vdrs.AddStaker( constants.PrimaryNetworkID, peerID, - bls.PublicFromSecretKey(blsKey), + blsKey.PublicKey(), txID, 1, )) @@ -626,7 +626,7 @@ func TestShouldDisconnect(t *testing.T) { id: peerID, version: version.CurrentApp, ip: &SignedIP{ - BLSSignature: bls.SignProofOfPossession(blsKey, (&UnsignedIP{}).bytes()), + BLSSignature: blsKey.SignProofOfPossession((&UnsignedIP{}).bytes()), }, txIDOfVerifiedBLSKey: txID, }, diff --git a/network/peer/test_peer.go b/network/peer/test_peer.go index bb1022982635..bd40196ebfd5 100644 --- a/network/peer/test_peer.go +++ b/network/peer/test_peer.go @@ -101,7 +101,7 @@ func StartTestPeer( } tlsKey := tlsCert.PrivateKey.(crypto.Signer) - blsKey, err := bls.NewSecretKey() + blsKey, err := bls.NewSigner() if err != nil { return nil, err } diff --git a/network/test_network.go b/network/test_network.go index 306325d44fcb..2e00f4bb9449 100644 --- a/network/test_network.go +++ b/network/test_network.go @@ -84,7 +84,7 @@ func NewTestNetworkConfig( return nil, err } - blsKey, err := bls.NewSecretKey() + blsKey, err := bls.NewSigner() if err != nil { return nil, err } diff --git a/node/config.go b/node/config.go index 1c99b2de8a83..af8914236049 100644 --- a/node/config.go +++ b/node/config.go @@ -77,7 +77,7 @@ type StakingConfig struct { SybilProtectionEnabled bool `json:"sybilProtectionEnabled"` PartialSyncPrimaryNetwork bool `json:"partialSyncPrimaryNetwork"` StakingTLSCert tls.Certificate `json:"-"` - StakingSigningKey *bls.SecretKey `json:"-"` + StakingSigningKey bls.Signer `json:"-"` SybilProtectionDisabledWeight uint64 `json:"sybilProtectionDisabledWeight"` StakingKeyPath string `json:"stakingKeyPath"` StakingCertPath string `json:"stakingCertPath"` diff --git a/node/node.go b/node/node.go index 504dbdf7a6e1..19dfd899654d 100644 --- a/node/node.go +++ b/node/node.go @@ -60,7 +60,6 @@ import ( "github.com/ava-labs/avalanchego/trace" "github.com/ava-labs/avalanchego/utils" "github.com/ava-labs/avalanchego/utils/constants" - "github.com/ava-labs/avalanchego/utils/crypto/bls" "github.com/ava-labs/avalanchego/utils/dynamicip" "github.com/ava-labs/avalanchego/utils/filesystem" "github.com/ava-labs/avalanchego/utils/hashing" @@ -583,7 +582,7 @@ func (n *Node) initNetworking(reg prometheus.Registerer) error { err := n.vdrs.AddStaker( constants.PrimaryNetworkID, n.ID, - bls.PublicFromSecretKey(n.Config.StakingSigningKey), + n.Config.StakingSigningKey.PublicKey(), dummyTxID, n.Config.SybilProtectionDisabledWeight, ) diff --git a/snow/snowtest/context.go b/snow/snowtest/context.go index b1338cd4b635..2b857184235c 100644 --- a/snow/snowtest/context.go +++ b/snow/snowtest/context.go @@ -52,9 +52,9 @@ func ConsensusContext(ctx *snow.Context) *snow.ConsensusContext { func Context(tb testing.TB, chainID ids.ID) *snow.Context { require := require.New(tb) - secretKey, err := bls.NewSecretKey() + secretKey, err := bls.NewSigner() require.NoError(err) - publicKey := bls.PublicFromSecretKey(secretKey) + publicKey := secretKey.PublicKey() aliaser := ids.NewAliaser() require.NoError(aliaser.Alias(constants.PlatformChainID, "P")) diff --git a/snow/validators/gvalidators/validator_state_test.go b/snow/validators/gvalidators/validator_state_test.go index 21afa1cadfb8..f512e90a96b2 100644 --- a/snow/validators/gvalidators/validator_state_test.go +++ b/snow/validators/gvalidators/validator_state_test.go @@ -135,19 +135,19 @@ func TestGetValidatorSet(t *testing.T) { state := setupState(t, ctrl) // Happy path - sk0, err := bls.NewSecretKey() + sk0, err := bls.NewSigner() require.NoError(err) vdr0 := &validators.GetValidatorOutput{ NodeID: ids.GenerateTestNodeID(), - PublicKey: bls.PublicFromSecretKey(sk0), + PublicKey: sk0.PublicKey(), Weight: 1, } - sk1, err := bls.NewSecretKey() + sk1, err := bls.NewSigner() require.NoError(err) vdr1 := &validators.GetValidatorOutput{ NodeID: ids.GenerateTestNodeID(), - PublicKey: bls.PublicFromSecretKey(sk1), + PublicKey: sk1.PublicKey(), Weight: 2, } @@ -181,9 +181,9 @@ func TestGetValidatorSet(t *testing.T) { func TestPublicKeyDeserialize(t *testing.T) { require := require.New(t) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := bls.PublicKeyToUncompressedBytes(pk) pkDe := bls.PublicKeyFromValidUncompressedBytes(pkBytes) @@ -222,9 +222,9 @@ func setupValidatorSet(b *testing.B, size int) map[ids.NodeID]*validators.GetVal b.Helper() set := make(map[ids.NodeID]*validators.GetValidatorOutput, size) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(b, err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() for i := 0; i < size; i++ { id := ids.GenerateTestNodeID() set[id] = &validators.GetValidatorOutput{ diff --git a/snow/validators/manager_test.go b/snow/validators/manager_test.go index 4449a324a57d..2296b8c67328 100644 --- a/snow/validators/manager_test.go +++ b/snow/validators/manager_test.go @@ -214,10 +214,10 @@ func TestGet(t *testing.T) { _, ok := m.GetValidator(subnetID, nodeID) require.False(ok) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() require.NoError(m.AddStaker(subnetID, nodeID, pk, ids.Empty, 1)) vdr0, ok := m.GetValidator(subnetID, nodeID) @@ -304,10 +304,10 @@ func TestGetMap(t *testing.T) { mp := m.GetMap(subnetID) require.Empty(mp) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() nodeID0 := ids.GenerateTestNodeID() require.NoError(m.AddStaker(subnetID, nodeID0, pk, ids.Empty, 2)) @@ -404,11 +404,11 @@ func TestSample(t *testing.T) { require.NoError(err) require.Empty(sampled) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) nodeID0 := ids.GenerateTestNodeID() - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() require.NoError(m.AddStaker(subnetID, nodeID0, pk, ids.Empty, 1)) sampled, err = m.Sample(subnetID, 1) @@ -464,12 +464,12 @@ func TestString(t *testing.T) { func TestAddCallback(t *testing.T) { require := require.New(t) - expectedSK, err := bls.NewSecretKey() + expectedSK, err := bls.NewSigner() require.NoError(err) var ( expectedNodeID = ids.GenerateTestNodeID() - expectedPK = bls.PublicFromSecretKey(expectedSK) + expectedPK = expectedSK.PublicKey() expectedTxID = ids.GenerateTestID() expectedWeight uint64 = 1 expectedSubnetID0 = ids.GenerateTestID() @@ -512,12 +512,12 @@ func TestAddCallback(t *testing.T) { func TestAddWeightCallback(t *testing.T) { require := require.New(t) - expectedSK, err := bls.NewSecretKey() + expectedSK, err := bls.NewSigner() require.NoError(err) var ( expectedNodeID = ids.GenerateTestNodeID() - expectedPK = bls.PublicFromSecretKey(expectedSK) + expectedPK = expectedSK.PublicKey() expectedTxID = ids.GenerateTestID() expectedOldWeight uint64 = 1 expectedAddedWeight uint64 = 10 @@ -595,12 +595,12 @@ func TestAddWeightCallback(t *testing.T) { func TestRemoveWeightCallback(t *testing.T) { require := require.New(t) - expectedSK, err := bls.NewSecretKey() + expectedSK, err := bls.NewSigner() require.NoError(err) var ( expectedNodeID = ids.GenerateTestNodeID() - expectedPK = bls.PublicFromSecretKey(expectedSK) + expectedPK = expectedSK.PublicKey() expectedTxID = ids.GenerateTestID() expectedNewWeight uint64 = 1 expectedRemovedWeight uint64 = 10 @@ -678,12 +678,12 @@ func TestRemoveWeightCallback(t *testing.T) { func TestRemoveCallback(t *testing.T) { require := require.New(t) - expectedSK, err := bls.NewSecretKey() + expectedSK, err := bls.NewSigner() require.NoError(err) var ( expectedNodeID = ids.GenerateTestNodeID() - expectedPK = bls.PublicFromSecretKey(expectedSK) + expectedPK = expectedSK.PublicKey() expectedTxID = ids.GenerateTestID() expectedWeight uint64 = 1 expectedSubnetID0 = ids.GenerateTestID() diff --git a/snow/validators/set_test.go b/snow/validators/set_test.go index 086e5c0b654a..8fb2a6c6b56d 100644 --- a/snow/validators/set_test.go +++ b/snow/validators/set_test.go @@ -165,10 +165,10 @@ func TestSetGet(t *testing.T) { _, ok := s.Get(nodeID) require.False(ok) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() require.NoError(s.Add(nodeID, pk, ids.Empty, 1)) vdr0, ok := s.Get(nodeID) @@ -232,10 +232,10 @@ func TestSetMap(t *testing.T) { m := s.Map() require.Empty(m) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() nodeID0 := ids.GenerateTestNodeID() require.NoError(s.Add(nodeID0, pk, ids.Empty, 2)) @@ -330,11 +330,11 @@ func TestSetSample(t *testing.T) { require.NoError(err) require.Empty(sampled) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) nodeID0 := ids.GenerateTestNodeID() - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() require.NoError(s.Add(nodeID0, pk, ids.Empty, 1)) sampled, err = s.Sample(1) @@ -385,9 +385,9 @@ func TestSetAddCallback(t *testing.T) { require := require.New(t) nodeID0 := ids.BuildTestNodeID([]byte{1}) - sk0, err := bls.NewSecretKey() + sk0, err := bls.NewSigner() require.NoError(err) - pk0 := bls.PublicFromSecretKey(sk0) + pk0 := sk0.PublicKey() txID0 := ids.GenerateTestID() weight0 := uint64(1) diff --git a/tests/e2e/p/workflow.go b/tests/e2e/p/workflow.go index 38f109e1fa98..e55b187819f7 100644 --- a/tests/e2e/p/workflow.go +++ b/tests/e2e/p/workflow.go @@ -115,7 +115,7 @@ var _ = e2e.DescribePChain("[Workflow]", func() { } tc.By("issuing an AddPermissionlessValidatorTx", func() { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) pop := signer.NewProofOfPossession(sk) diff --git a/tests/fixture/tmpnet/node.go b/tests/fixture/tmpnet/node.go index 9cff10ca7f3a..570d1d616d5d 100644 --- a/tests/fixture/tmpnet/node.go +++ b/tests/fixture/tmpnet/node.go @@ -267,11 +267,11 @@ func (n *Node) EnsureBLSSigningKey() error { } // Generate a new signing key - newKey, err := bls.NewSecretKey() + newKey, err := bls.NewSigner() if err != nil { return fmt.Errorf("failed to generate staking signer key: %w", err) } - n.Flags[config.StakingSignerKeyContentKey] = base64.StdEncoding.EncodeToString(bls.SecretKeyToBytes(newKey)) + n.Flags[config.StakingSignerKeyContentKey] = base64.StdEncoding.EncodeToString(newKey.ToBytes()) return nil } diff --git a/utils/crypto/bls/bls_benchmark_test.go b/utils/crypto/bls/bls_benchmark_test.go index 65684c6e9b8c..71a80044154f 100644 --- a/utils/crypto/bls/bls_benchmark_test.go +++ b/utils/crypto/bls/bls_benchmark_test.go @@ -35,7 +35,7 @@ var ( ) func BenchmarkSign(b *testing.B) { - privateKey, err := NewSecretKey() + privateKey, err := NewSigner() require.NoError(b, err) for _, messageSize := range sizes { b.Run(strconv.Itoa(messageSize), func(b *testing.B) { @@ -44,21 +44,21 @@ func BenchmarkSign(b *testing.B) { b.ResetTimer() for n := 0; n < b.N; n++ { - _ = Sign(privateKey, message) + _ = privateKey.Sign(message) } }) } } func BenchmarkVerify(b *testing.B) { - privateKey, err := NewSecretKey() + privateKey, err := NewSigner() require.NoError(b, err) - publicKey := PublicFromSecretKey(privateKey) + publicKey := privateKey.PublicKey() for _, messageSize := range sizes { b.Run(strconv.Itoa(messageSize), func(b *testing.B) { message := utils.RandomBytes(messageSize) - signature := Sign(privateKey, message) + signature := privateKey.Sign(message) b.ResetTimer() @@ -72,10 +72,10 @@ func BenchmarkVerify(b *testing.B) { func BenchmarkAggregatePublicKeys(b *testing.B) { keys := make([]*PublicKey, biggestSize) for i := range keys { - privateKey, err := NewSecretKey() + privateKey, err := NewSigner() require.NoError(b, err) - keys[i] = PublicFromSecretKey(privateKey) + keys[i] = privateKey.PublicKey() } for _, size := range sizes { @@ -89,10 +89,10 @@ func BenchmarkAggregatePublicKeys(b *testing.B) { } func BenchmarkPublicKeyToCompressedBytes(b *testing.B) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(b, err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() b.ResetTimer() for range b.N { @@ -101,10 +101,10 @@ func BenchmarkPublicKeyToCompressedBytes(b *testing.B) { } func BenchmarkPublicKeyFromCompressedBytes(b *testing.B) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(b, err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := PublicKeyToCompressedBytes(pk) b.ResetTimer() @@ -114,10 +114,10 @@ func BenchmarkPublicKeyFromCompressedBytes(b *testing.B) { } func BenchmarkPublicKeyToUncompressedBytes(b *testing.B) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(b, err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() b.ResetTimer() for range b.N { @@ -126,10 +126,10 @@ func BenchmarkPublicKeyToUncompressedBytes(b *testing.B) { } func BenchmarkPublicKeyFromValidUncompressedBytes(b *testing.B) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(b, err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := PublicKeyToUncompressedBytes(pk) b.ResetTimer() @@ -139,11 +139,11 @@ func BenchmarkPublicKeyFromValidUncompressedBytes(b *testing.B) { } func BenchmarkSignatureFromBytes(b *testing.B) { - privateKey, err := NewSecretKey() + privateKey, err := NewSigner() require.NoError(b, err) message := utils.RandomBytes(32) - signature := Sign(privateKey, message) + signature := privateKey.Sign(message) signatureBytes := SignatureToBytes(signature) b.ResetTimer() diff --git a/utils/crypto/bls/bls_test.go b/utils/crypto/bls/bls_test.go index e8a4a45bb97d..9d09d6aebfae 100644 --- a/utils/crypto/bls/bls_test.go +++ b/utils/crypto/bls/bls_test.go @@ -24,25 +24,25 @@ func TestAggregation(t *testing.T) { { name: "valid", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), - PublicFromSecretKey(sk2), + sk0.PublicKey(), + sk1.PublicKey(), + sk2.PublicKey(), } msg := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), - Sign(sk2, msg), + sk0.Sign(msg), + sk1.Sign(msg), + sk2.Sign(msg), } return pks, sigs, msg @@ -52,17 +52,17 @@ func TestAggregation(t *testing.T) { { name: "valid single key", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk), + sk.PublicKey(), } msg := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk, msg), + sk.Sign(msg), } return pks, sigs, msg @@ -72,25 +72,25 @@ func TestAggregation(t *testing.T) { { name: "wrong message", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), - PublicFromSecretKey(sk2), + sk0.PublicKey(), + sk1.PublicKey(), + sk2.PublicKey(), } msg := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), - Sign(sk2, msg), + sk0.Sign(msg), + sk1.Sign(msg), + sk2.Sign(msg), } msg[0]++ @@ -102,26 +102,26 @@ func TestAggregation(t *testing.T) { { name: "one sig over different message", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), - PublicFromSecretKey(sk2), + sk0.PublicKey(), + sk1.PublicKey(), + sk2.PublicKey(), } msg := utils.RandomBytes(1234) msg2 := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), - Sign(sk2, msg2), + sk0.Sign(msg), + sk1.Sign(msg), + sk2.Sign(msg2), } return pks, sigs, msg @@ -131,27 +131,27 @@ func TestAggregation(t *testing.T) { { name: "one incorrect pubkey", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) - sk3, err := NewSecretKey() + sk3, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), - PublicFromSecretKey(sk3), + sk0.PublicKey(), + sk1.PublicKey(), + sk3.PublicKey(), } msg := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), - Sign(sk2, msg), + sk0.Sign(msg), + sk1.Sign(msg), + sk2.Sign(msg), } return pks, sigs, msg @@ -161,24 +161,24 @@ func TestAggregation(t *testing.T) { { name: "num pubkeys > num sigs", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), - PublicFromSecretKey(sk2), + sk0.PublicKey(), + sk1.PublicKey(), + sk2.PublicKey(), } msg := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), + sk0.Sign(msg), + sk1.Sign(msg), } return pks, sigs, msg @@ -188,24 +188,24 @@ func TestAggregation(t *testing.T) { { name: "num pubkeys < num sigs", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), + sk0.PublicKey(), + sk1.PublicKey(), } msg := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), - Sign(sk2, msg), + sk0.Sign(msg), + sk1.Sign(msg), + sk2.Sign(msg), } return pks, sigs, msg @@ -215,19 +215,19 @@ func TestAggregation(t *testing.T) { { name: "no pub keys", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) msg := utils.RandomBytes(1234) sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), - Sign(sk2, msg), + sk0.Sign(msg), + sk1.Sign(msg), + sk2.Sign(msg), } return nil, sigs, msg @@ -238,17 +238,17 @@ func TestAggregation(t *testing.T) { { name: "no sigs", setup: func(require *require.Assertions) ([]*PublicKey, []*Signature, []byte) { - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), - PublicFromSecretKey(sk2), + sk0.PublicKey(), + sk1.PublicKey(), + sk2.PublicKey(), } msg := utils.RandomBytes(1234) @@ -281,18 +281,18 @@ func TestAggregationThreshold(t *testing.T) { require := require.New(t) // People in the network would privately generate their secret keys - sk0, err := NewSecretKey() + sk0, err := NewSigner() require.NoError(err) - sk1, err := NewSecretKey() + sk1, err := NewSigner() require.NoError(err) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) // All the public keys would be registered on chain pks := []*PublicKey{ - PublicFromSecretKey(sk0), - PublicFromSecretKey(sk1), - PublicFromSecretKey(sk2), + sk0.PublicKey(), + sk1.PublicKey(), + sk2.PublicKey(), } // The transaction's unsigned bytes are publicly known. @@ -300,9 +300,9 @@ func TestAggregationThreshold(t *testing.T) { // People may attempt time sign the transaction. sigs := []*Signature{ - Sign(sk0, msg), - Sign(sk1, msg), - Sign(sk2, msg), + sk0.Sign(msg), + sk1.Sign(msg), + sk2.Sign(msg), } // The signed transaction would specify which of the public keys have been @@ -348,11 +348,11 @@ func TestVerify(t *testing.T) { { name: "valid", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() msg := utils.RandomBytes(1234) - sig := Sign(sk, msg) + sig := sk.Sign(msg) return pk, sig, msg }, expectedValid: true, @@ -360,11 +360,11 @@ func TestVerify(t *testing.T) { { name: "wrong message", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() msg := utils.RandomBytes(1234) - sig := Sign(sk, msg) + sig := sk.Sign(msg) msg[0]++ return pk, sig, msg }, @@ -373,14 +373,14 @@ func TestVerify(t *testing.T) { { name: "wrong pub key", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) msg := utils.RandomBytes(1234) - sig := Sign(sk, msg) + sig := sk.Sign(msg) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk2) + pk := sk2.PublicKey() return pk, sig, msg }, expectedValid: false, @@ -388,13 +388,13 @@ func TestVerify(t *testing.T) { { name: "wrong sig", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() msg := utils.RandomBytes(1234) msg2 := utils.RandomBytes(1234) - sig2 := Sign(sk, msg2) + sig2 := sk.Sign(msg2) return pk, sig2, msg }, expectedValid: false, @@ -424,11 +424,11 @@ func TestVerifyProofOfPossession(t *testing.T) { { name: "valid", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() msg := utils.RandomBytes(1234) - sig := SignProofOfPossession(sk, msg) + sig := sk.SignProofOfPossession(msg) return pk, sig, msg }, expectedValid: true, @@ -436,11 +436,11 @@ func TestVerifyProofOfPossession(t *testing.T) { { name: "wrong message", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() msg := utils.RandomBytes(1234) - sig := SignProofOfPossession(sk, msg) + sig := sk.SignProofOfPossession(msg) msg[0]++ return pk, sig, msg }, @@ -449,14 +449,14 @@ func TestVerifyProofOfPossession(t *testing.T) { { name: "wrong pub key", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) msg := utils.RandomBytes(1234) - sig := SignProofOfPossession(sk, msg) + sig := sk.SignProofOfPossession(msg) - sk2, err := NewSecretKey() + sk2, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk2) + pk := sk2.PublicKey() return pk, sig, msg }, expectedValid: false, @@ -464,13 +464,13 @@ func TestVerifyProofOfPossession(t *testing.T) { { name: "wrong sig", setup: func(require *require.Assertions) (*PublicKey, *Signature, []byte) { - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() msg := utils.RandomBytes(1234) msg2 := utils.RandomBytes(1234) - sig2 := SignProofOfPossession(sk, msg2) + sig2 := sk.SignProofOfPossession(msg2) return pk, sig2, msg }, expectedValid: false, diff --git a/utils/crypto/bls/public_test.go b/utils/crypto/bls/public_test.go index 5ad5137b0d63..087905f8c534 100644 --- a/utils/crypto/bls/public_test.go +++ b/utils/crypto/bls/public_test.go @@ -22,10 +22,10 @@ func TestPublicKeyFromCompressedBytesWrongSize(t *testing.T) { func TestPublicKeyBytes(t *testing.T) { require := require.New(t) - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := PublicKeyToCompressedBytes(pk) pk2, err := PublicKeyFromCompressedBytes(pkBytes) @@ -39,10 +39,10 @@ func TestPublicKeyBytes(t *testing.T) { func TestAggregatePublicKeysNoop(t *testing.T) { require := require.New(t) - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - pk := PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := PublicKeyToCompressedBytes(pk) aggPK, err := AggregatePublicKeys([]*PublicKey{pk}) diff --git a/utils/crypto/bls/secret.go b/utils/crypto/bls/secret.go index 02d2750956a6..540126cae23d 100644 --- a/utils/crypto/bls/secret.go +++ b/utils/crypto/bls/secret.go @@ -19,15 +19,26 @@ var ( // The ciphersuite is more commonly known as G2ProofOfPossession. // There are two digests to ensure that message space for normal // signatures and the proof of possession are distinct. - ciphersuiteSignature = []byte("BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_") - ciphersuiteProofOfPossession = []byte("BLS_POP_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_") + ciphersuiteSignature = []byte("BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_") + ciphersuiteProofOfPossession = []byte("BLS_POP_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_") + _ Signer = (*LocalSigner)(nil) ) type SecretKey = blst.SecretKey +type Signer interface { + PublicKey() *PublicKey + Sign(msg []byte) *Signature + SignProofOfPossession(msg []byte) *Signature +} + +type LocalSigner struct { + sk *SecretKey +} + // NewSecretKey generates a new secret key from the local source of // cryptographically secure randomness. -func NewSecretKey() (*SecretKey, error) { +func NewSigner() (*LocalSigner, error) { var ikm [32]byte _, err := rand.Read(ikm[:]) if err != nil { @@ -35,17 +46,18 @@ func NewSecretKey() (*SecretKey, error) { } sk := blst.KeyGen(ikm[:]) ikm = [32]byte{} // zero out the ikm - return sk, nil + + return &LocalSigner{sk: sk}, nil } -// SecretKeyToBytes returns the big-endian format of the secret key. -func SecretKeyToBytes(sk *SecretKey) []byte { - return sk.Serialize() +// ToBytes returns the big-endian format of the secret key. +func (s *LocalSigner) ToBytes() []byte { + return s.sk.Serialize() } // SecretKeyFromBytes parses the big-endian format of the secret key into a // secret key. -func SecretKeyFromBytes(skBytes []byte) (*SecretKey, error) { +func SecretKeyFromBytes(skBytes []byte) (*LocalSigner, error) { sk := new(SecretKey).Deserialize(skBytes) if sk == nil { return nil, errFailedSecretKeyDeserialize @@ -53,21 +65,21 @@ func SecretKeyFromBytes(skBytes []byte) (*SecretKey, error) { runtime.SetFinalizer(sk, func(sk *SecretKey) { sk.Zeroize() }) - return sk, nil + return &LocalSigner{sk: sk}, nil } -// PublicFromSecretKey returns the public key that corresponds to this secret +// PublicKey returns the public key that corresponds to this secret // key. -func PublicFromSecretKey(sk *SecretKey) *PublicKey { - return new(PublicKey).From(sk) +func (s *LocalSigner) PublicKey() *PublicKey { + return new(PublicKey).From(s.sk) } -// Sign [msg] to authorize this message from this [sk]. -func Sign(sk *SecretKey, msg []byte) *Signature { - return new(Signature).Sign(sk, msg, ciphersuiteSignature) +// Sign [msg] to authorize this message +func (s *LocalSigner) Sign(msg []byte) *Signature { + return new(Signature).Sign(s.sk, msg, ciphersuiteSignature) } -// Sign [msg] to prove the ownership of this [sk]. -func SignProofOfPossession(sk *SecretKey, msg []byte) *Signature { - return new(Signature).Sign(sk, msg, ciphersuiteProofOfPossession) +// Sign [msg] to prove the ownership +func (s *LocalSigner) SignProofOfPossession(msg []byte) *Signature { + return new(Signature).Sign(s.sk, msg, ciphersuiteProofOfPossession) } diff --git a/utils/crypto/bls/secret_test.go b/utils/crypto/bls/secret_test.go index d3d46e1aa737..c2f5662abad2 100644 --- a/utils/crypto/bls/secret_test.go +++ b/utils/crypto/bls/secret_test.go @@ -33,15 +33,15 @@ func TestSecretKeyBytes(t *testing.T) { msg := utils.RandomBytes(1234) - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - sig := Sign(sk, msg) - skBytes := SecretKeyToBytes(sk) + sig := sk.Sign(msg) + skBytes := sk.ToBytes() sk2, err := SecretKeyFromBytes(skBytes) require.NoError(err) - sig2 := Sign(sk2, msg) - sk2Bytes := SecretKeyToBytes(sk2) + sig2 := sk2.Sign(msg) + sk2Bytes := sk2.ToBytes() require.Equal(sk, sk2) require.Equal(skBytes, sk2Bytes) diff --git a/utils/crypto/bls/signature_test.go b/utils/crypto/bls/signature_test.go index 3d43282c487a..3fcfa28b71e8 100644 --- a/utils/crypto/bls/signature_test.go +++ b/utils/crypto/bls/signature_test.go @@ -16,9 +16,9 @@ func TestSignatureBytes(t *testing.T) { msg := utils.RandomBytes(1234) - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - sig := Sign(sk, msg) + sig := sk.Sign(msg) sigBytes := SignatureToBytes(sig) sig2, err := SignatureFromBytes(sigBytes) @@ -34,10 +34,10 @@ func TestAggregateSignaturesNoop(t *testing.T) { msg := utils.RandomBytes(1234) - sk, err := NewSecretKey() + sk, err := NewSigner() require.NoError(err) - sig := Sign(sk, msg) + sig := sk.Sign(msg) sigBytes := SignatureToBytes(sig) aggSig, err := AggregateSignatures([]*Signature{sig}) diff --git a/vms/platformvm/block/builder/builder_test.go b/vms/platformvm/block/builder/builder_test.go index b43438a5e5f9..dabcf5813cc4 100644 --- a/vms/platformvm/block/builder/builder_test.go +++ b/vms/platformvm/block/builder/builder_test.go @@ -112,7 +112,7 @@ func TestBuildBlockShouldReward(t *testing.T) { validatorEndTime = validatorStartTime.Add(360 * 24 * time.Hour) ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) rewardOwners := &secp256k1fx.OutputOwners{ @@ -320,7 +320,7 @@ func TestBuildBlockInvalidStakingDurations(t *testing.T) { validatorEndTime = now.Add(env.config.MaxStakeDuration) ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) rewardsOwner := &secp256k1fx.OutputOwners{ @@ -353,7 +353,7 @@ func TestBuildBlockInvalidStakingDurations(t *testing.T) { // Add a validator ending past [MaxStakeDuration] validator2EndTime := now.Add(env.config.MaxStakeDuration + time.Second) - sk, err = bls.NewSecretKey() + sk, err = bls.NewSigner() require.NoError(err) tx2, err := wallet.IssueAddPermissionlessValidatorTx( diff --git a/vms/platformvm/block/executor/proposal_block_test.go b/vms/platformvm/block/executor/proposal_block_test.go index c47b4e6f8e40..c44d3569b5df 100644 --- a/vms/platformvm/block/executor/proposal_block_test.go +++ b/vms/platformvm/block/executor/proposal_block_test.go @@ -1329,7 +1329,7 @@ func TestAddValidatorProposalBlock(t *testing.T) { nodeID = ids.GenerateTestNodeID() ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) rewardsOwner := &secp256k1fx.OutputOwners{ @@ -1414,7 +1414,7 @@ func TestAddValidatorProposalBlock(t *testing.T) { validatorEndTime = validatorStartTime.Add(env.config.MinStakeDuration) nodeID = ids.GenerateTestNodeID() - sk, err = bls.NewSecretKey() + sk, err = bls.NewSigner() require.NoError(err) addValidatorTx2, err := wallet.IssueAddPermissionlessValidatorTx( diff --git a/vms/platformvm/block/executor/verifier_test.go b/vms/platformvm/block/executor/verifier_test.go index 3eba354457cc..74b932d67e7f 100644 --- a/vms/platformvm/block/executor/verifier_test.go +++ b/vms/platformvm/block/executor/verifier_test.go @@ -1218,11 +1218,11 @@ func TestBlockExecutionWithComplexity(t *testing.T) { } func TestDeactivateLowBalanceL1Validators(t *testing.T) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) var ( - pk = bls.PublicFromSecretKey(sk) + pk = sk.PublicKey() pkBytes = bls.PublicKeyToUncompressedBytes(pk) newL1Validator = func(endAccumulatedFee uint64) state.L1Validator { diff --git a/vms/platformvm/network/warp_test.go b/vms/platformvm/network/warp_test.go index d3027c5ff61d..a9763df45d71 100644 --- a/vms/platformvm/network/warp_test.go +++ b/vms/platformvm/network/warp_test.go @@ -177,7 +177,7 @@ func TestSignatureRequestVerifySubnetToL1Conversion(t *testing.T) { } func TestSignatureRequestVerifyL1ValidatorRegistrationRegistered(t *testing.T) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) var ( @@ -185,7 +185,7 @@ func TestSignatureRequestVerifyL1ValidatorRegistrationRegistered(t *testing.T) { ValidationID: ids.GenerateTestID(), SubnetID: ids.GenerateTestID(), NodeID: ids.GenerateTestNodeID(), - PublicKey: bls.PublicKeyToUncompressedBytes(bls.PublicFromSecretKey(sk)), + PublicKey: bls.PublicKeyToUncompressedBytes(sk.PublicKey()), Weight: 1, } state = statetest.New(t, statetest.Config{}) @@ -250,7 +250,7 @@ func TestSignatureRequestVerifyL1ValidatorRegistrationNotRegistered(t *testing.T nodeID1 = ids.NodeID{5} nodeID2 = ids.NodeID{6} nodeID3 = ids.NodeID{6} - pk = bls.PublicFromSecretKey(sk) + pk = sk.PublicKey() expiry = genesistest.DefaultValidatorStartTimeUnix + 1 weight uint64 = 1 ) @@ -544,7 +544,7 @@ func TestSignatureRequestVerifyL1ValidatorRegistrationNotRegistered(t *testing.T } func TestSignatureRequestVerifyL1ValidatorWeight(t *testing.T) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) const ( @@ -556,7 +556,7 @@ func TestSignatureRequestVerifyL1ValidatorWeight(t *testing.T) { ValidationID: ids.GenerateTestID(), SubnetID: ids.GenerateTestID(), NodeID: ids.GenerateTestNodeID(), - PublicKey: bls.PublicKeyToUncompressedBytes(bls.PublicFromSecretKey(sk)), + PublicKey: bls.PublicKeyToUncompressedBytes(sk.PublicKey()), Weight: weight, MinNonce: nonce + 1, } diff --git a/vms/platformvm/service_test.go b/vms/platformvm/service_test.go index 361623e27e78..9e05dada0c7b 100644 --- a/vms/platformvm/service_test.go +++ b/vms/platformvm/service_test.go @@ -312,7 +312,7 @@ func TestGetTx(t *testing.T) { func(t testing.TB, s *Service) *txs.Tx { wallet := newWallet(t, s.vm, walletConfig{}) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) rewardsOwner := &secp256k1fx.OutputOwners{ @@ -848,7 +848,7 @@ func TestGetValidatorsAt(t *testing.T) { Addrs: []ids.ShortID{ids.GenerateTestShortID()}, } - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) tx, err := wallet.IssueAddPermissionlessValidatorTx( @@ -1073,11 +1073,11 @@ func TestGetValidatorsAtReplyMarshalling(t *testing.T) { } { nodeID := ids.GenerateTestNodeID() - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) reply.Validators[nodeID] = &validators.GetValidatorOutput{ NodeID: nodeID, - PublicKey: bls.PublicFromSecretKey(sk), + PublicKey: sk.PublicKey(), Weight: math.MaxUint64, } } diff --git a/vms/platformvm/signer/proof_of_possession.go b/vms/platformvm/signer/proof_of_possession.go index f63365d985f4..b99183edb15d 100644 --- a/vms/platformvm/signer/proof_of_possession.go +++ b/vms/platformvm/signer/proof_of_possession.go @@ -28,10 +28,10 @@ type ProofOfPossession struct { publicKey *bls.PublicKey } -func NewProofOfPossession(sk *bls.SecretKey) *ProofOfPossession { - pk := bls.PublicFromSecretKey(sk) +func NewProofOfPossession(sk bls.Signer) *ProofOfPossession { + pk := sk.PublicKey() pkBytes := bls.PublicKeyToCompressedBytes(pk) - sig := bls.SignProofOfPossession(sk, pkBytes) + sig := sk.SignProofOfPossession(pkBytes) sigBytes := bls.SignatureToBytes(sig) pop := &ProofOfPossession{ diff --git a/vms/platformvm/signer/proof_of_possession_test.go b/vms/platformvm/signer/proof_of_possession_test.go index 746e92484459..95e2de2b75b1 100644 --- a/vms/platformvm/signer/proof_of_possession_test.go +++ b/vms/platformvm/signer/proof_of_possession_test.go @@ -41,7 +41,7 @@ func TestProofOfPossession(t *testing.T) { func TestNewProofOfPossessionDeterministic(t *testing.T) { require := require.New(t) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) blsPOP0 := NewProofOfPossession(sk) @@ -60,7 +60,7 @@ func BenchmarkProofOfPossessionVerify(b *testing.B) { } func newProofOfPossession() (*ProofOfPossession, error) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() if err != nil { return nil, err } diff --git a/vms/platformvm/state/staker_test.go b/vms/platformvm/state/staker_test.go index 91b7b8047508..56d22b6c7028 100644 --- a/vms/platformvm/state/staker_test.go +++ b/vms/platformvm/state/staker_test.go @@ -202,7 +202,7 @@ func TestNewPendingStaker(t *testing.T) { func generateStakerTx(require *require.Assertions) *txs.AddPermissionlessValidatorTx { nodeID := ids.GenerateTestNodeID() - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) pop := signer.NewProofOfPossession(sk) subnetID := ids.GenerateTestID() diff --git a/vms/platformvm/state/state_test.go b/vms/platformvm/state/state_test.go index 3636046cabdc..aacb8b0484b3 100644 --- a/vms/platformvm/state/state_test.go +++ b/vms/platformvm/state/state_test.go @@ -545,7 +545,7 @@ func TestState_writeStakers(t *testing.T) { func createPermissionlessValidatorTx(t testing.TB, subnetID ids.ID, validatorsData txs.Validator) *txs.AddPermissionlessValidatorTx { var sig signer.Signer = &signer.Empty{} if subnetID == constants.PrimaryNetworkID { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) sig = signer.NewProofOfPossession(sk) } @@ -785,14 +785,14 @@ func TestState_ApplyValidatorDiffs(t *testing.T) { subnetStakers = make([]Staker, numNodes) ) for i := range primaryStakers { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) timeOffset := time.Duration(i) * time.Second primaryStakers[i] = Staker{ TxID: ids.GenerateTestID(), NodeID: ids.GenerateTestNodeID(), - PublicKey: bls.PublicFromSecretKey(sk), + PublicKey: sk.PublicKey(), SubnetID: constants.PrimaryNetworkID, Weight: uint64(i + 1), StartTime: startTime.Add(timeOffset), @@ -1514,14 +1514,14 @@ func TestL1Validators(t *testing.T) { NodeID: ids.GenerateTestNodeID(), } - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := bls.PublicKeyToUncompressedBytes(pk) - otherSK, err := bls.NewSecretKey() + otherSK, err := bls.NewSigner() require.NoError(t, err) - otherPK := bls.PublicFromSecretKey(otherSK) + otherPK := otherSK.PublicKey() otherPKBytes := bls.PublicKeyToUncompressedBytes(otherPK) tests := []struct { @@ -2016,9 +2016,9 @@ func TestLoadL1ValidatorAndLegacy(t *testing.T) { } require.NoError(state.PutCurrentValidator(legacyStaker)) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := bls.PublicKeyToUncompressedBytes(pk) l1Validator := L1Validator{ @@ -2094,14 +2094,14 @@ func TestGetCurrentValidators(t *testing.T) { subnetID2 := ids.GenerateTestID() subnetIDs := []ids.ID{subnetID1, subnetID2} - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := bls.PublicKeyToUncompressedBytes(pk) - otherSK, err := bls.NewSecretKey() + otherSK, err := bls.NewSigner() require.NoError(t, err) - otherPK := bls.PublicFromSecretKey(otherSK) + otherPK := otherSK.PublicKey() otherPKBytes := bls.PublicKeyToUncompressedBytes(otherPK) now := time.Now() diff --git a/vms/platformvm/txs/add_permissionless_validator_tx_test.go b/vms/platformvm/txs/add_permissionless_validator_tx_test.go index 5caa7cd040df..a9d35af873d7 100644 --- a/vms/platformvm/txs/add_permissionless_validator_tx_test.go +++ b/vms/platformvm/txs/add_permissionless_validator_tx_test.go @@ -1397,7 +1397,7 @@ func TestAddPermissionlessValidatorTxSyntacticVerify(t *testing.T) { }, } - blsSK, err := bls.NewSecretKey() + blsSK, err := bls.NewSigner() require.NoError(t, err) blsPOP := signer.NewProofOfPossession(blsSK) diff --git a/vms/platformvm/txs/convert_subnet_to_l1_tx_test.go b/vms/platformvm/txs/convert_subnet_to_l1_tx_test.go index 2fb59d249d67..0d93f0bd41d0 100644 --- a/vms/platformvm/txs/convert_subnet_to_l1_tx_test.go +++ b/vms/platformvm/txs/convert_subnet_to_l1_tx_test.go @@ -550,7 +550,7 @@ func TestConvertSubnetToL1TxSerialization(t *testing.T) { } func TestConvertSubnetToL1TxSyntacticVerify(t *testing.T) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) var ( diff --git a/vms/platformvm/txs/executor/standard_tx_executor_test.go b/vms/platformvm/txs/executor/standard_tx_executor_test.go index ef08f1e6d6ad..26216061aa52 100644 --- a/vms/platformvm/txs/executor/standard_tx_executor_test.go +++ b/vms/platformvm/txs/executor/standard_tx_executor_test.go @@ -1450,7 +1450,7 @@ func TestDurangoMemoField(t *testing.T) { chainTime = env.state.GetTimestamp() endTime = chainTime.Add(defaultMaxStakingDuration) ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) wallet := newWallet(t, env, walletConfig{}) @@ -2547,7 +2547,7 @@ func TestStandardExecutorConvertSubnetToL1Tx(t *testing.T) { t.Run(test.name, func(t *testing.T) { require := require.New(t) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) // Create the ConvertSubnetToL1Tx @@ -2653,7 +2653,7 @@ func TestStandardExecutorConvertSubnetToL1Tx(t *testing.T) { var ( validationID = subnetID.Append(0) - pkBytes = bls.PublicKeyToUncompressedBytes(bls.PublicFromSecretKey(sk)) + pkBytes = bls.PublicKeyToUncompressedBytes(sk.PublicKey()) ) remainingBalanceOwner, err := txs.Codec.Marshal(txs.CodecVersion, &validator.RemainingBalanceOwner) require.NoError(err) @@ -2748,7 +2748,7 @@ func TestStandardExecutorRegisterL1ValidatorTx(t *testing.T) { require.NoError(t, err) // Create the subnet conversion - initialSK, err := bls.NewSecretKey() + initialSK, err := bls.NewSigner() require.NoError(t, err) const ( @@ -2801,10 +2801,10 @@ func TestStandardExecutorRegisterL1ValidatorTx(t *testing.T) { const weight = 1 // Create the Warp message - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) pop := signer.NewProofOfPossession(sk) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := bls.PublicKeyToUncompressedBytes(pk) remainingBalanceOwner := message.PChainOwner{} @@ -2835,10 +2835,7 @@ func TestStandardExecutorRegisterL1ValidatorTx(t *testing.T) { warpSignature := &warp.BitSetSignature{ Signers: set.NewBits(0).Bytes(), Signature: ([bls.SignatureLen]byte)(bls.SignatureToBytes( - bls.Sign( - sk, - unsignedWarp.Bytes(), - ), + sk.Sign(unsignedWarp.Bytes()), )), } warpMessage := must[*warp.Message](t)(warp.NewMessage( @@ -3103,7 +3100,7 @@ func TestStandardExecutorRegisterL1ValidatorTx(t *testing.T) { ValidationID: ids.GenerateTestID(), SubnetID: subnetID, NodeID: nodeID, - PublicKey: bls.PublicKeyToUncompressedBytes(bls.PublicFromSecretKey(initialSK)), + PublicKey: bls.PublicKeyToUncompressedBytes(initialSK.PublicKey()), Weight: 1, }) }, @@ -3281,7 +3278,7 @@ func TestStandardExecutorSetL1ValidatorWeightTx(t *testing.T) { require.NoError(t, err) // Create the subnet conversion - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) const ( @@ -3355,10 +3352,7 @@ func TestStandardExecutorSetL1ValidatorWeightTx(t *testing.T) { warpSignature := &warp.BitSetSignature{ Signers: set.NewBits(0).Bytes(), Signature: ([bls.SignatureLen]byte)(bls.SignatureToBytes( - bls.Sign( - sk, - unsignedIncreaseWeightWarpMessage.Bytes(), - ), + sk.Sign(unsignedIncreaseWeightWarpMessage.Bytes()), )), } increaseWeightWarpMessage := must[*warp.Message](t)(warp.NewMessage( @@ -3787,7 +3781,7 @@ func TestStandardExecutorIncreaseL1ValidatorBalanceTx(t *testing.T) { require.NoError(t, err) // Create the subnet conversion - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) const ( @@ -4083,7 +4077,7 @@ func TestStandardExecutorDisableL1ValidatorTx(t *testing.T) { require.NoError(t, err) // Create the subnet conversion - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) const ( diff --git a/vms/platformvm/txs/executor/state_changes_test.go b/vms/platformvm/txs/executor/state_changes_test.go index 5b78d790f8af..372a05a431d5 100644 --- a/vms/platformvm/txs/executor/state_changes_test.go +++ b/vms/platformvm/txs/executor/state_changes_test.go @@ -228,7 +228,7 @@ func TestAdvanceTimeTo_RemovesStaleExpiries(t *testing.T) { } func TestAdvanceTimeTo_UpdateL1Validators(t *testing.T) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) const ( @@ -237,7 +237,7 @@ func TestAdvanceTimeTo_UpdateL1Validators(t *testing.T) { ) var ( - pk = bls.PublicFromSecretKey(sk) + pk = sk.PublicKey() pkBytes = bls.PublicKeyToUncompressedBytes(pk) newL1Validator = func(endAccumulatedFee uint64) state.L1Validator { diff --git a/vms/platformvm/txs/executor/warp_verifier_test.go b/vms/platformvm/txs/executor/warp_verifier_test.go index ed58da9d0752..44a93cd2c829 100644 --- a/vms/platformvm/txs/executor/warp_verifier_test.go +++ b/vms/platformvm/txs/executor/warp_verifier_test.go @@ -24,13 +24,13 @@ func TestVerifyWarpMessages(t *testing.T) { var ( subnetID = ids.GenerateTestID() chainID = ids.GenerateTestID() - newValidator = func() (*bls.SecretKey, *validators.GetValidatorOutput) { - sk, err := bls.NewSecretKey() + newValidator = func() (bls.Signer, *validators.GetValidatorOutput) { + sk, err := bls.NewSigner() require.NoError(t, err) return sk, &validators.GetValidatorOutput{ NodeID: ids.GenerateTestNodeID(), - PublicKey: bls.PublicFromSecretKey(sk), + PublicKey: sk.PublicKey(), Weight: 1, } } @@ -59,8 +59,8 @@ func TestVerifyWarpMessages(t *testing.T) { require.NoError(t, err) var ( - sig0 = bls.Sign(sk0, validUnsignedWarpMessage.Bytes()) - sig1 = bls.Sign(sk1, validUnsignedWarpMessage.Bytes()) + sig0 = sk0.Sign(validUnsignedWarpMessage.Bytes()) + sig1 = sk1.Sign(validUnsignedWarpMessage.Bytes()) ) sig, err := bls.AggregateSignatures([]*bls.Signature{sig0, sig1}) require.NoError(t, err) diff --git a/vms/platformvm/validator_set_property_test.go b/vms/platformvm/validator_set_property_test.go index 7189778012d1..5adee28a5fcd 100644 --- a/vms/platformvm/validator_set_property_test.go +++ b/vms/platformvm/validator_set_property_test.go @@ -276,7 +276,7 @@ func addPrimaryValidatorWithBLSKey(t testing.TB, vm *VM, data *validatorInputDat wallet := newWallet(t, vm, walletConfig{}) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) rewardsOwner := &secp256k1fx.OutputOwners{ @@ -414,7 +414,7 @@ func buildTimestampsList(events []uint8, currentTime time.Time, nodeID ids.NodeI currentTime = currentTime.Add(txexecutor.SyncBound) switch endTime := currentTime.Add(defaultMinStakingDuration); events[0] { case startPrimaryWithBLS: - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() if err != nil { return nil, fmt.Errorf("could not make private key: %w", err) } @@ -424,7 +424,7 @@ func buildTimestampsList(events []uint8, currentTime time.Time, nodeID ids.NodeI startTime: currentTime, endTime: endTime, nodeID: nodeID, - publicKey: bls.PublicFromSecretKey(sk), + publicKey: sk.PublicKey(), }) default: return nil, fmt.Errorf("unexpected initial event %d", events[0]) @@ -452,7 +452,7 @@ func buildTimestampsList(events []uint8, currentTime time.Time, nodeID ids.NodeI case startPrimaryWithBLS: currentTime = currentPrimaryVal.endTime.Add(txexecutor.SyncBound) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() if err != nil { return nil, fmt.Errorf("could not make private key: %w", err) } @@ -463,7 +463,7 @@ func buildTimestampsList(events []uint8, currentTime time.Time, nodeID ids.NodeI startTime: currentTime, endTime: endTime, nodeID: nodeID, - publicKey: bls.PublicFromSecretKey(sk), + publicKey: sk.PublicKey(), } res = append(res, val) currentPrimaryVal = val diff --git a/vms/platformvm/validators/manager_benchmark_test.go b/vms/platformvm/validators/manager_benchmark_test.go index fa441db708e3..460c28fc9f88 100644 --- a/vms/platformvm/validators/manager_benchmark_test.go +++ b/vms/platformvm/validators/manager_benchmark_test.go @@ -109,7 +109,7 @@ func addPrimaryValidator( endTime time.Time, height uint64, ) (ids.NodeID, error) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() if err != nil { return ids.EmptyNodeID, err } @@ -118,7 +118,7 @@ func addPrimaryValidator( if err := s.PutCurrentValidator(&state.Staker{ TxID: ids.GenerateTestID(), NodeID: nodeID, - PublicKey: bls.PublicFromSecretKey(sk), + PublicKey: sk.PublicKey(), SubnetID: constants.PrimaryNetworkID, Weight: 2 * units.MegaAvax, StartTime: startTime, diff --git a/vms/platformvm/validators/manager_test.go b/vms/platformvm/validators/manager_test.go index f5893cd40870..9a15b353f3f4 100644 --- a/vms/platformvm/validators/manager_test.go +++ b/vms/platformvm/validators/manager_test.go @@ -39,13 +39,13 @@ func TestGetValidatorSet_AfterEtna(t *testing.T) { Upgrades: upgrades, }) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) var ( subnetID = ids.GenerateTestID() startTime = genesistest.DefaultValidatorStartTime endTime = startTime.Add(24 * time.Hour) - pk = bls.PublicFromSecretKey(sk) + pk = sk.PublicKey() primaryStaker = &state.Staker{ TxID: ids.GenerateTestID(), NodeID: ids.GenerateTestNodeID(), diff --git a/vms/platformvm/vm_regression_test.go b/vms/platformvm/vm_regression_test.go index ad6da320b857..89a3da49ab1d 100644 --- a/vms/platformvm/vm_regression_test.go +++ b/vms/platformvm/vm_regression_test.go @@ -1477,9 +1477,9 @@ func TestSubnetValidatorBLSKeyDiffAfterExpiry(t *testing.T) { Addrs: []ids.ShortID{ids.GenerateTestShortID()}, } ) - sk1, err := bls.NewSecretKey() + sk1, err := bls.NewSigner() require.NoError(t, err) - pk1 := bls.PublicFromSecretKey(sk1) + pk1 := sk1.PublicKey() // build primary network validator with BLS key primaryTx, err := wallet.IssueAddPermissionlessValidatorTx( @@ -1583,9 +1583,9 @@ func TestSubnetValidatorBLSKeyDiffAfterExpiry(t *testing.T) { t.Logf("primaryEndHeight: %d", primaryEndHeight) // reinsert primary validator with a different BLS key - sk2, err := bls.NewSecretKey() + sk2, err := bls.NewSigner() require.NoError(t, err) - pk2 := bls.PublicFromSecretKey(sk2) + pk2 := sk2.PublicKey() primaryRestartTx, err := wallet.IssueAddPermissionlessValidatorTx( &txs.SubnetValidator{ @@ -1749,7 +1749,7 @@ func TestPrimaryNetworkValidatorPopulatedToEmptyBLSKeyDiff(t *testing.T) { require.NoError(err) // reinsert primary validator with a different BLS key - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) primaryRestartTx, err := wallet.IssueAddPermissionlessValidatorTx( @@ -1918,7 +1918,7 @@ func TestSubnetValidatorPopulatedToEmptyBLSKeyDiff(t *testing.T) { require.NoError(err) // reinsert primary validator with a different BLS key - sk2, err := bls.NewSecretKey() + sk2, err := bls.NewSigner() require.NoError(err) primaryRestartTx, err := wallet.IssueAddPermissionlessValidatorTx( diff --git a/vms/platformvm/vm_test.go b/vms/platformvm/vm_test.go index 3a9f2f695817..7d2268c7d20d 100644 --- a/vms/platformvm/vm_test.go +++ b/vms/platformvm/vm_test.go @@ -314,7 +314,7 @@ func TestAddValidatorCommit(t *testing.T) { } ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) // create valid tx @@ -470,7 +470,7 @@ func TestAddValidatorInvalidNotReissued(t *testing.T) { startTime := latestForkTime.Add(txexecutor.SyncBound).Add(1 * time.Second) endTime := startTime.Add(defaultMinStakingDuration) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) rewardsOwner := &secp256k1fx.OutputOwners{ @@ -1905,7 +1905,7 @@ func TestRemovePermissionedValidatorDuringAddPending(t *testing.T) { wallet := newWallet(t, vm, walletConfig{}) nodeID := ids.GenerateTestNodeID() - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) rewardsOwner := &secp256k1fx.OutputOwners{ Threshold: 1, @@ -2121,7 +2121,7 @@ func TestPruneMempool(t *testing.T) { endTime = startTime.Add(vm.MinStakeDuration) ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) rewardsOwner := &secp256k1fx.OutputOwners{ diff --git a/vms/platformvm/warp/gwarp/signer_test.go b/vms/platformvm/warp/gwarp/signer_test.go index 1f4674db4b48..e272aee474ed 100644 --- a/vms/platformvm/warp/gwarp/signer_test.go +++ b/vms/platformvm/warp/gwarp/signer_test.go @@ -21,7 +21,7 @@ import ( type testSigner struct { client *Client server warp.Signer - sk *bls.SecretKey + sk bls.Signer networkID uint32 chainID ids.ID } @@ -29,7 +29,7 @@ type testSigner struct { func setupSigner(t testing.TB) *testSigner { require := require.New(t) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(err) chainID := ids.GenerateTestID() diff --git a/vms/platformvm/warp/message/register_l1_validator_test.go b/vms/platformvm/warp/message/register_l1_validator_test.go index 23c00c4ef4f5..eab8a5a395ab 100644 --- a/vms/platformvm/warp/message/register_l1_validator_test.go +++ b/vms/platformvm/warp/message/register_l1_validator_test.go @@ -16,10 +16,10 @@ import ( ) func newBLSPublicKey(t *testing.T) [bls.PublicKeyLen]byte { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() pkBytes := bls.PublicKeyToCompressedBytes(pk) return [bls.PublicKeyLen]byte(pkBytes) } diff --git a/vms/platformvm/warp/signature_test.go b/vms/platformvm/warp/signature_test.go index 7cb61296c1da..6d21bbc09795 100644 --- a/vms/platformvm/warp/signature_test.go +++ b/vms/platformvm/warp/signature_test.go @@ -35,7 +35,7 @@ var ( type testValidator struct { nodeID ids.NodeID - sk *bls.SecretKey + sk bls.Signer vdr *Validator } @@ -44,13 +44,13 @@ func (v *testValidator) Compare(o *testValidator) int { } func newTestValidator() *testValidator { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() if err != nil { panic(err) } nodeID := ids.GenerateTestNodeID() - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() return &testValidator{ nodeID: nodeID, sk: sk, @@ -344,8 +344,8 @@ func TestSignatureVerification(t *testing.T) { signers.Add(1) unsignedBytes := unsignedMsg.Bytes() - vdr0Sig := bls.Sign(testVdrs[0].sk, unsignedBytes) - vdr1Sig := bls.Sign(testVdrs[1].sk, unsignedBytes) + vdr0Sig := testVdrs[0].sk.Sign(unsignedBytes) + vdr1Sig := testVdrs[1].sk.Sign(unsignedBytes) aggSig, err := bls.AggregateSignatures([]*bls.Signature{vdr0Sig, vdr1Sig}) require.NoError(err) aggSigBytes := [bls.SignatureLen]byte{} @@ -418,7 +418,7 @@ func TestSignatureVerification(t *testing.T) { require.NoError(err) unsignedBytes := unsignedMsg.Bytes() - vdr0Sig := bls.Sign(testVdrs[0].sk, unsignedBytes) + vdr0Sig := testVdrs[0].sk.Sign(unsignedBytes) aggSigBytes := [bls.SignatureLen]byte{} copy(aggSigBytes[:], bls.SignatureToBytes(vdr0Sig)) @@ -458,10 +458,10 @@ func TestSignatureVerification(t *testing.T) { signers.Add(1) unsignedBytes := unsignedMsg.Bytes() - vdr0Sig := bls.Sign(testVdrs[0].sk, unsignedBytes) + vdr0Sig := testVdrs[0].sk.Sign(unsignedBytes) // Give sig from vdr[2] even though the bit vector says it // should be from vdr[1] - vdr2Sig := bls.Sign(testVdrs[2].sk, unsignedBytes) + vdr2Sig := testVdrs[2].sk.Sign(unsignedBytes) aggSig, err := bls.AggregateSignatures([]*bls.Signature{vdr0Sig, vdr2Sig}) require.NoError(err) aggSigBytes := [bls.SignatureLen]byte{} @@ -503,7 +503,7 @@ func TestSignatureVerification(t *testing.T) { signers.Add(1) unsignedBytes := unsignedMsg.Bytes() - vdr0Sig := bls.Sign(testVdrs[0].sk, unsignedBytes) + vdr0Sig := testVdrs[0].sk.Sign(unsignedBytes) // Don't give the sig from vdr[1] aggSigBytes := [bls.SignatureLen]byte{} copy(aggSigBytes[:], bls.SignatureToBytes(vdr0Sig)) @@ -544,11 +544,11 @@ func TestSignatureVerification(t *testing.T) { signers.Add(1) unsignedBytes := unsignedMsg.Bytes() - vdr0Sig := bls.Sign(testVdrs[0].sk, unsignedBytes) - vdr1Sig := bls.Sign(testVdrs[1].sk, unsignedBytes) + vdr0Sig := testVdrs[0].sk.Sign(unsignedBytes) + vdr1Sig := testVdrs[1].sk.Sign(unsignedBytes) // Give sig from vdr[2] even though the bit vector doesn't have // it - vdr2Sig := bls.Sign(testVdrs[2].sk, unsignedBytes) + vdr2Sig := testVdrs[2].sk.Sign(unsignedBytes) aggSig, err := bls.AggregateSignatures([]*bls.Signature{vdr0Sig, vdr1Sig, vdr2Sig}) require.NoError(err) aggSigBytes := [bls.SignatureLen]byte{} @@ -592,8 +592,8 @@ func TestSignatureVerification(t *testing.T) { signers.Add(2) unsignedBytes := unsignedMsg.Bytes() - vdr1Sig := bls.Sign(testVdrs[1].sk, unsignedBytes) - vdr2Sig := bls.Sign(testVdrs[2].sk, unsignedBytes) + vdr1Sig := testVdrs[1].sk.Sign(unsignedBytes) + vdr2Sig := testVdrs[2].sk.Sign(unsignedBytes) aggSig, err := bls.AggregateSignatures([]*bls.Signature{vdr1Sig, vdr2Sig}) require.NoError(err) aggSigBytes := [bls.SignatureLen]byte{} @@ -637,8 +637,8 @@ func TestSignatureVerification(t *testing.T) { signers.Add(2) unsignedBytes := unsignedMsg.Bytes() - vdr1Sig := bls.Sign(testVdrs[1].sk, unsignedBytes) - vdr2Sig := bls.Sign(testVdrs[2].sk, unsignedBytes) + vdr1Sig := testVdrs[1].sk.Sign(unsignedBytes) + vdr2Sig := testVdrs[2].sk.Sign(unsignedBytes) aggSig, err := bls.AggregateSignatures([]*bls.Signature{vdr1Sig, vdr2Sig}) require.NoError(err) aggSigBytes := [bls.SignatureLen]byte{} @@ -699,8 +699,8 @@ func TestSignatureVerification(t *testing.T) { signers.Add(1) // vdr[2] unsignedBytes := unsignedMsg.Bytes() - vdr1Sig := bls.Sign(testVdrs[1].sk, unsignedBytes) - vdr2Sig := bls.Sign(testVdrs[2].sk, unsignedBytes) + vdr1Sig := testVdrs[1].sk.Sign(unsignedBytes) + vdr2Sig := testVdrs[2].sk.Sign(unsignedBytes) aggSig, err := bls.AggregateSignatures([]*bls.Signature{vdr1Sig, vdr2Sig}) require.NoError(err) aggSigBytes := [bls.SignatureLen]byte{} @@ -762,7 +762,7 @@ func TestSignatureVerification(t *testing.T) { unsignedBytes := unsignedMsg.Bytes() // Because vdr[1] and vdr[2] share a key, only one of them sign. - vdr2Sig := bls.Sign(testVdrs[2].sk, unsignedBytes) + vdr2Sig := testVdrs[2].sk.Sign(unsignedBytes) aggSigBytes := [bls.SignatureLen]byte{} copy(aggSigBytes[:], bls.SignatureToBytes(vdr2Sig)) @@ -802,8 +802,8 @@ func TestSignatureVerification(t *testing.T) { signers.Add(2) unsignedBytes := unsignedMsg.Bytes() - vdr1Sig := bls.Sign(testVdrs[1].sk, unsignedBytes) - vdr2Sig := bls.Sign(testVdrs[2].sk, unsignedBytes) + vdr1Sig := testVdrs[1].sk.Sign(unsignedBytes) + vdr2Sig := testVdrs[2].sk.Sign(unsignedBytes) aggSig, err := bls.AggregateSignatures([]*bls.Signature{vdr1Sig, vdr2Sig}) require.NoError(err) aggSigBytes := [bls.SignatureLen]byte{} diff --git a/vms/platformvm/warp/signer.go b/vms/platformvm/warp/signer.go index 8372aef0a728..3fd51583483b 100644 --- a/vms/platformvm/warp/signer.go +++ b/vms/platformvm/warp/signer.go @@ -26,7 +26,7 @@ type Signer interface { Sign(msg *UnsignedMessage) ([]byte, error) } -func NewSigner(sk *bls.SecretKey, networkID uint32, chainID ids.ID) Signer { +func NewSigner(sk bls.Signer, networkID uint32, chainID ids.ID) Signer { return &signer{ sk: sk, networkID: networkID, @@ -35,7 +35,7 @@ func NewSigner(sk *bls.SecretKey, networkID uint32, chainID ids.ID) Signer { } type signer struct { - sk *bls.SecretKey + sk bls.Signer networkID uint32 chainID ids.ID } @@ -49,6 +49,6 @@ func (s *signer) Sign(msg *UnsignedMessage) ([]byte, error) { } msgBytes := msg.Bytes() - sig := bls.Sign(s.sk, msgBytes) + sig := s.sk.Sign(msgBytes) return bls.SignatureToBytes(sig), nil } diff --git a/vms/platformvm/warp/signer_test.go b/vms/platformvm/warp/signer_test.go index af618e766641..914647804441 100644 --- a/vms/platformvm/warp/signer_test.go +++ b/vms/platformvm/warp/signer_test.go @@ -18,7 +18,7 @@ import ( func TestSigner(t *testing.T) { for name, test := range signertest.SignerTests { t.Run(name, func(t *testing.T) { - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) chainID := ids.GenerateTestID() diff --git a/vms/platformvm/warp/signertest/signertest.go b/vms/platformvm/warp/signertest/signertest.go index 24df8b1af7e0..698fe39fe097 100644 --- a/vms/platformvm/warp/signertest/signertest.go +++ b/vms/platformvm/warp/signertest/signertest.go @@ -15,14 +15,14 @@ import ( ) // SignerTests is a list of all signer tests -var SignerTests = map[string]func(t *testing.T, s warp.Signer, sk *bls.SecretKey, networkID uint32, chainID ids.ID){ +var SignerTests = map[string]func(t *testing.T, s warp.Signer, sk bls.Signer, networkID uint32, chainID ids.ID){ "WrongChainID": TestWrongChainID, "WrongNetworkID": TestWrongNetworkID, "Verifies": TestVerifies, } // Test that using a random SourceChainID results in an error -func TestWrongChainID(t *testing.T, s warp.Signer, _ *bls.SecretKey, _ uint32, _ ids.ID) { +func TestWrongChainID(t *testing.T, s warp.Signer, _ bls.Signer, _ uint32, _ ids.ID) { require := require.New(t) msg, err := warp.NewUnsignedMessage( @@ -38,7 +38,7 @@ func TestWrongChainID(t *testing.T, s warp.Signer, _ *bls.SecretKey, _ uint32, _ } // Test that using a different networkID results in an error -func TestWrongNetworkID(t *testing.T, s warp.Signer, _ *bls.SecretKey, networkID uint32, blockchainID ids.ID) { +func TestWrongNetworkID(t *testing.T, s warp.Signer, _ bls.Signer, networkID uint32, blockchainID ids.ID) { require := require.New(t) msg, err := warp.NewUnsignedMessage( @@ -54,7 +54,7 @@ func TestWrongNetworkID(t *testing.T, s warp.Signer, _ *bls.SecretKey, networkID } // Test that a signature generated with the signer verifies correctly -func TestVerifies(t *testing.T, s warp.Signer, sk *bls.SecretKey, networkID uint32, chainID ids.ID) { +func TestVerifies(t *testing.T, s warp.Signer, sk bls.Signer, networkID uint32, chainID ids.ID) { require := require.New(t) msg, err := warp.NewUnsignedMessage( @@ -70,7 +70,7 @@ func TestVerifies(t *testing.T, s warp.Signer, sk *bls.SecretKey, networkID uint sig, err := bls.SignatureFromBytes(sigBytes) require.NoError(err) - pk := bls.PublicFromSecretKey(sk) + pk := sk.PublicKey() msgBytes := msg.Bytes() require.True(bls.Verify(pk, sig, msgBytes)) } diff --git a/vms/platformvm/warp/validator_test.go b/vms/platformvm/warp/validator_test.go index 15e811073149..77ea14291d27 100644 --- a/vms/platformvm/warp/validator_test.go +++ b/vms/platformvm/warp/validator_test.go @@ -162,18 +162,18 @@ func TestGetCanonicalValidatorSet(t *testing.T) { } func TestFilterValidators(t *testing.T) { - sk0, err := bls.NewSecretKey() + sk0, err := bls.NewSigner() require.NoError(t, err) - pk0 := bls.PublicFromSecretKey(sk0) + pk0 := sk0.PublicKey() vdr0 := &Validator{ PublicKey: pk0, PublicKeyBytes: bls.PublicKeyToUncompressedBytes(pk0), Weight: 1, } - sk1, err := bls.NewSecretKey() + sk1, err := bls.NewSigner() require.NoError(t, err) - pk1 := bls.PublicFromSecretKey(sk1) + pk1 := sk1.PublicKey() vdr1 := &Validator{ PublicKey: pk1, PublicKeyBytes: bls.PublicKeyToUncompressedBytes(pk1), @@ -315,9 +315,9 @@ func BenchmarkGetCanonicalValidatorSet(b *testing.B) { getValidatorOutputs := make([]*validators.GetValidatorOutput, 0, numNodes) for i := 0; i < numNodes; i++ { nodeID := ids.GenerateTestNodeID() - blsPrivateKey, err := bls.NewSecretKey() + blsPrivateKey, err := bls.NewSigner() require.NoError(b, err) - blsPublicKey := bls.PublicFromSecretKey(blsPrivateKey) + blsPublicKey := blsPrivateKey.PublicKey() getValidatorOutputs = append(getValidatorOutputs, &validators.GetValidatorOutput{ NodeID: nodeID, PublicKey: blsPublicKey, diff --git a/wallet/chain/p/builder_test.go b/wallet/chain/p/builder_test.go index b98e0d30e722..c4a9e39a7125 100644 --- a/wallet/chain/p/builder_test.go +++ b/wallet/chain/p/builder_test.go @@ -581,7 +581,7 @@ func TestAddPermissionlessValidatorTx(t *testing.T) { delegationShares uint32 = reward.PercentDenominator ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) pop := signer.NewProofOfPossession(sk) @@ -682,9 +682,9 @@ func TestAddPermissionlessDelegatorTx(t *testing.T) { } func TestConvertSubnetToL1Tx(t *testing.T) { - sk0, err := bls.NewSecretKey() + sk0, err := bls.NewSigner() require.NoError(t, err) - sk1, err := bls.NewSecretKey() + sk1, err := bls.NewSigner() require.NoError(t, err) var ( @@ -767,7 +767,7 @@ func TestRegisterL1ValidatorTx(t *testing.T) { balance = units.Avax ) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) pop := signer.NewProofOfPossession(sk) @@ -808,7 +808,7 @@ func TestRegisterL1ValidatorTx(t *testing.T) { signers := set.NewBits(0) unsignedBytes := unsignedWarp.Bytes() - sig := bls.Sign(sk, unsignedBytes) + sig := sk.Sign(unsignedBytes) sigBytes := [bls.SignatureLen]byte{} copy(sigBytes[:], bls.SignatureToBytes(sig)) @@ -890,7 +890,7 @@ func TestSetL1ValidatorWeightTx(t *testing.T) { ) require.NoError(t, err) - sk, err := bls.NewSecretKey() + sk, err := bls.NewSigner() require.NoError(t, err) warp, err := warp.NewMessage( @@ -899,10 +899,7 @@ func TestSetL1ValidatorWeightTx(t *testing.T) { Signers: set.NewBits(0).Bytes(), Signature: ([bls.SignatureLen]byte)( bls.SignatureToBytes( - bls.Sign( - sk, - unsignedWarp.Bytes(), - ), + sk.Sign(unsignedWarp.Bytes()), ), ), }, diff --git a/wallet/subnet/primary/examples/register-l1-validator/main.go b/wallet/subnet/primary/examples/register-l1-validator/main.go index f9fba80043de..42aeb3a0f36a 100644 --- a/wallet/subnet/primary/examples/register-l1-validator/main.go +++ b/wallet/subnet/primary/examples/register-l1-validator/main.go @@ -111,7 +111,7 @@ func main() { signers := set.NewBits(0) unsignedBytes := unsignedWarp.Bytes() - sig := bls.Sign(sk, unsignedBytes) + sig := sk.Sign(unsignedBytes) sigBytes := [bls.SignatureLen]byte{} copy(sigBytes[:], bls.SignatureToBytes(sig)) diff --git a/wallet/subnet/primary/examples/set-l1-validator-weight/main.go b/wallet/subnet/primary/examples/set-l1-validator-weight/main.go index 38ade3645056..e6e86e5cdb36 100644 --- a/wallet/subnet/primary/examples/set-l1-validator-weight/main.go +++ b/wallet/subnet/primary/examples/set-l1-validator-weight/main.go @@ -97,10 +97,7 @@ func main() { Signers: set.NewBits(0).Bytes(), Signature: ([bls.SignatureLen]byte)( bls.SignatureToBytes( - bls.Sign( - sk, - unsignedWarp.Bytes(), - ), + sk.Sign(unsignedWarp.Bytes()), ), ), },