Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BLS and Secp operators #351

Merged
merged 2 commits into from
Dec 1, 2023
Merged

BLS and Secp operators #351

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
10ed131
soft-fork3 has activated and we can now enable BLS and Secp operation…
arvidn Nov 30, 2023
fe31b64
suppress advisory about OpenSSL X509StoreRef::objects
arvidn Dec 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/workflows/dependency-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,3 +18,5 @@ jobs:
uses: actions/checkout@v3
- name: 'Dependency Review'
uses: actions/dependency-review-action@v3
with:
allow-ghsas: GHSA-xphf-cx8h-7q9g
4 changes: 2 additions & 2 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 3 additions & 4 deletions fuzz/fuzz_targets/run_program.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@ use libfuzzer_sys::fuzz_target;

use clvmr::allocator::Allocator;
use clvmr::chia_dialect::{
ChiaDialect, ENABLE_BLS_OPS, ENABLE_BLS_OPS_OUTSIDE_GUARD, ENABLE_SECP_OPS, MEMPOOL_MODE,
NO_UNKNOWN_OPS,
ChiaDialect, ENABLE_BLS_OPS_OUTSIDE_GUARD, MEMPOOL_MODE, NO_UNKNOWN_OPS,
};
use clvmr::cost::Cost;
use clvmr::reduction::Reduction;
Expand All @@ -25,8 +24,8 @@ fuzz_target!(|data: &[u8]| {

for flags in [
0,
ENABLE_BLS_OPS | ENABLE_BLS_OPS_OUTSIDE_GUARD | ENABLE_SECP_OPS,
ENABLE_BLS_OPS | ENABLE_BLS_OPS_OUTSIDE_GUARD | ENABLE_SECP_OPS | NO_UNKNOWN_OPS,
ENABLE_BLS_OPS_OUTSIDE_GUARD,
ENABLE_BLS_OPS_OUTSIDE_GUARD | NO_UNKNOWN_OPS,
MEMPOOL_MODE,
] {
let dialect = ChiaDialect::new(flags);
Expand Down
43 changes: 12 additions & 31 deletions src/chia_dialect.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,10 @@ pub const NO_UNKNOWN_OPS: u32 = 0x0002;
// the number of pairs
pub const LIMIT_HEAP: u32 = 0x0004;

// When set, we allow softfork with extension 0 (which includes coinid and the
// BLS operators). This remains disabled until the soft-fork activates
pub const ENABLE_BLS_OPS: u32 = 0x0010;

// enables the BLS ops extensions *outside* the softfork guard. This is a
// hard-fork and should only be enabled when it activates
pub const ENABLE_BLS_OPS_OUTSIDE_GUARD: u32 = 0x0020;

// enables the secp operators. This is a soft-fork
pub const ENABLE_SECP_OPS: u32 = 0x0040;

// enabling this is a hard fork. This will allow negative numbers in the
// division operator
pub const ENABLE_FIXED_DIV: u32 = 0x0080;
Expand Down Expand Up @@ -92,20 +85,17 @@ impl Dialect for ChiaDialect {

let opcode = u32::from_be_bytes(b.try_into().unwrap());

if (self.flags & ENABLE_SECP_OPS) != 0 {
// the secp operators have a fixed cost of 1850000 and 1300000,
// which makes the multiplier 0x1c3a8f and 0x0cf84f (there is an
// implied +1) and cost function 0
let f = match opcode {
0x13d61f00 => op_secp256k1_verify,
0x1c3a8f00 => op_secp256r1_verify,
_ => {
return unknown_operator(allocator, o, argument_list, self.flags, max_cost);
}
};
return f(allocator, argument_list, max_cost);
}
return unknown_operator(allocator, o, argument_list, self.flags, max_cost);
// the secp operators have a fixed cost of 1850000 and 1300000,
// which makes the multiplier 0x1c3a8f and 0x0cf84f (there is an
// implied +1) and cost function 0
let f = match opcode {
0x13d61f00 => op_secp256k1_verify,
0x1c3a8f00 => op_secp256r1_verify,
_ => {
return unknown_operator(allocator, o, argument_list, self.flags, max_cost);
}
};
return f(allocator, argument_list, max_cost);
}
if b.len() != 1 {
return unknown_operator(allocator, o, argument_list, self.flags, max_cost);
Expand Down Expand Up @@ -203,18 +193,9 @@ impl Dialect for ChiaDialect {

// interpret the extension argument passed to the softfork operator, and
// return the Operators it enables (or None) if we don't know what it means
// We have to pretend that we don't know about the BLS extensions until
// after the soft-fork activation, which is controlled by the ENABLE_BLS_OPS
// flag
fn softfork_extension(&self, ext: u32) -> OperatorSet {
match ext {
0 => {
if (self.flags & ENABLE_BLS_OPS) == 0 {
OperatorSet::Default
} else {
OperatorSet::BLS
}
}
0 => OperatorSet::BLS,
// new extensions go here
_ => OperatorSet::Default,
}
Expand Down
3 changes: 1 addition & 2 deletions src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,7 @@ pub use chia_dialect::ChiaDialect;
pub use run_program::run_program;

pub use chia_dialect::{
ENABLE_BLS_OPS, ENABLE_BLS_OPS_OUTSIDE_GUARD, ENABLE_FIXED_DIV, ENABLE_SECP_OPS, LIMIT_HEAP,
MEMPOOL_MODE, NO_UNKNOWN_OPS,
ENABLE_BLS_OPS_OUTSIDE_GUARD, ENABLE_FIXED_DIV, LIMIT_HEAP, MEMPOOL_MODE, NO_UNKNOWN_OPS,
};

#[cfg(feature = "counters")]
Expand Down
85 changes: 25 additions & 60 deletions src/run_program.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -555,9 +555,7 @@ struct RunProgramTest {
use crate::test_ops::parse_exp;

#[cfg(test)]
use crate::chia_dialect::{
ENABLE_BLS_OPS, ENABLE_BLS_OPS_OUTSIDE_GUARD, ENABLE_FIXED_DIV, ENABLE_SECP_OPS, NO_UNKNOWN_OPS,
};
use crate::chia_dialect::{ENABLE_BLS_OPS_OUTSIDE_GUARD, ENABLE_FIXED_DIV, NO_UNKNOWN_OPS};

#[cfg(test)]
const TEST_CASES: &[RunProgramTest] = &[
Expand Down Expand Up @@ -960,7 +958,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 979))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -976,7 +974,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 959) (q . 9))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -992,7 +990,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 939) (q . 9) (q x))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -1010,7 +1008,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 919) (q . 9) (q x) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -1019,7 +1017,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 0x00000397) (q . 9) (q x) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -1037,7 +1035,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 919) (q . 0x00ffffffff) (q x) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -1055,7 +1053,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 919) (q . -1) (q x) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -1073,7 +1071,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 919) (q . 0x0100000000) (q x) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -1091,7 +1089,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 919) (q 1 2 3) (q x) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1000,
err: "",
Expand All @@ -1109,7 +1107,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 1000))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 1000,
err: "cost exceeded",
Expand All @@ -1118,15 +1116,15 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork)",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 0,
err: "first of non-cons",
},
RunProgramTest {
prg: "(softfork (q . 0))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 1000,
err: "cost must be > 0",
Expand All @@ -1135,15 +1133,15 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . -1))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 1000,
err: "softfork requires positive int arg",
},
RunProgramTest {
prg: "(softfork (q 1 2 3))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 1000,
err: "softfork requires int arg",
Expand All @@ -1153,7 +1151,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 160) (q . 0) (q . (q . 42)) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 241,
err: "",
Expand All @@ -1162,7 +1160,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 159) (q . 0) (q . (q . 42)) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 241,
err: "cost exceeded",
Expand All @@ -1172,15 +1170,15 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 161) (q . 0) (q . (q . 42)) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 10000,
err: "softfork specified cost mismatch",
},

// without the flag to enable the BLS extensions, it's an unknown extension
RunProgramTest {
prg: "(softfork (q . 161) (q . 0) (q . (q . 42)) (q . ()))",
prg: "(softfork (q . 161) (q . 1) (q . (q . 42)) (q . ()))",
arvidn marked this conversation as resolved.
Show resolved Hide resolved
args: "()",
flags: NO_UNKNOWN_OPS,
result: None,
Expand All @@ -1195,7 +1193,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 1432) (q . 0) (q a (i (= (coinid (q . 0x1234500000000000000000000000000000000000000000000000000000000000) (q . 0x6789abcdef000000000000000000000000000000000000000000000000000000) (q . 123456789)) (q . 0x69bfe81b052bfc6bd7f3fb9167fec61793175b897c16a35827f947d5cc98e4bc)) (q x) (q . 0)) (q . ())) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: None,
cost: 1513,
err: "clvm raise",
Expand All @@ -1205,7 +1203,7 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(softfork (q . 1432) (q . 0) (q a (i (= (coinid (q . 0x1234500000000000000000000000000000000000000000000000000000000000) (q . 0x6789abcdef000000000000000000000000000000000000000000000000000000) (q . 123456789)) (q . 0x69bfe81b052bfc6bd7f3fb9167fec61793175b897c16a35827f947d5cc98e4bc)) (q . 0) (q x)) (q . ())) (q . ()))",
args: "()",
flags: ENABLE_BLS_OPS,
flags: 0,
result: Some("()"),
cost: 1513,
err: "",
Expand Down Expand Up @@ -1242,19 +1240,10 @@ const TEST_CASES: &[RunProgramTest] = &[

// secp261k1

// secp ops are unknown if flag not set
RunProgramTest {
prg: "(secp256k1_verify (q . 0x02888b0c110ef0b4962e3fc6929cbba7a8bb25b4b2c885f55c76365018c909b439) (q . 0x74c2941eb2ebe5aa4f2287a4c5e506a6290c045004058de97a7edf0122548668) (q . 0x1acb7a6e062e78ccd4237b12c22f02b5a8d9b33cb3ba13c35e88e036baa1cbca75253bb9a96ffc48b43196c69c2972d8f965b1baa4e52348d8081cde65e6c018))",
args: "()",
flags: NO_UNKNOWN_OPS,
result: None,
cost: 861,
err: "unimplemented operator",
},
arvidn marked this conversation as resolved.
Show resolved Hide resolved
RunProgramTest {
prg: "(secp256k1_verify (q . 0x02888b0c110ef0b4962e3fc6929cbba7a8bb25b4b2c885f55c76365018c909b439) (q . 0x74c2941eb2ebe5aa4f2287a4c5e506a6290c045004058de97a7edf0122548668) (q . 0x1acb7a6e062e78ccd4237b12c22f02b5a8d9b33cb3ba13c35e88e036baa1cbca75253bb9a96ffc48b43196c69c2972d8f965b1baa4e52348d8081cde65e6c018))",
args: "()",
flags: ENABLE_SECP_OPS,
flags: 0,
result: Some("0"),
cost: 1300061,
err: "",
Expand All @@ -1263,34 +1252,18 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(secp256k1_verify (q . 0x02888b0c110ef0b4962e3fc6929cbba7a8bb25b4b2c885f55c76365018c909b439) (q . 0x74c2941eb2ebe5aa4f2287a4c5e506a6290c045004058de97a7edf0122548668) (q . 0x1acb7a6e062e78ccd4237b12c22f02b5a8d9b33cb3ba13c35e88e036baa1cbca75253bb9a96ffc48b43196c69c2972d8f965b1baa4e52348d8081cde65e6c019))",
args: "()",
flags: ENABLE_SECP_OPS,
flags: 0,
result: None,
cost: 0,
err: "secp256k1_verify failed",
},
RunProgramTest {
prg: "(secp256k1_verify (q . 0x02888b0c110ef0b4962e3fc6929cbba7a8bb25b4b2c885f55c76365018c909b439) (q . 0x74c2941eb2ebe5aa4f2287a4c5e506a6290c045004058de97a7edf0122548668) (q . 0x1acb7a6e062e78ccd4237b12c22f02b5a8d9b33cb3ba13c35e88e036baa1cbca75253bb9a96ffc48b43196c69c2972d8f965b1baa4e52348d8081cde65e6c019))",
args: "()",
flags: 0,
result: Some("0"),
cost: 1300061,
err: "",
},
arvidn marked this conversation as resolved.
Show resolved Hide resolved

// secp261r1

RunProgramTest {
prg: "(secp256r1_verify (q . 0x0437a1674f3883b7171a11a20140eee014947b433723cf9f181a18fee4fcf96056103b3ff2318f00cca605e6f361d18ff0d2d6b817b1fa587e414f8bb1ab60d2b9) (q . 0x9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08) (q . 0xe8de121f4cceca12d97527cc957cca64a4bcfc685cffdee051b38ee81cb22d7e2c187fec82c731018ed2d56f08a4a5cbc40c5bfe9ae18c02295bb65e7f605ffc))",
args: "()",
flags: NO_UNKNOWN_OPS,
result: None,
cost: 861,
err: "unimplemented operator",
},
arvidn marked this conversation as resolved.
Show resolved Hide resolved
RunProgramTest {
prg: "(secp256r1_verify (q . 0x0437a1674f3883b7171a11a20140eee014947b433723cf9f181a18fee4fcf96056103b3ff2318f00cca605e6f361d18ff0d2d6b817b1fa587e414f8bb1ab60d2b9) (q . 0x9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08) (q . 0xe8de121f4cceca12d97527cc957cca64a4bcfc685cffdee051b38ee81cb22d7e2c187fec82c731018ed2d56f08a4a5cbc40c5bfe9ae18c02295bb65e7f605ffc))",
args: "()",
flags: ENABLE_SECP_OPS,
flags: 0,
result: Some("0"),
cost: 1850061,
err: "",
Expand All @@ -1299,19 +1272,11 @@ const TEST_CASES: &[RunProgramTest] = &[
RunProgramTest {
prg: "(secp256r1_verify (q . 0x0437a1674f3883b7171a11a20140eee014947b433723cf9f181a18fee4fcf96056103b3ff2318f00cca605e6f361d18ff0d2d6b817b1fa587e414f8bb1ab60d2b9) (q . 0x9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08) (q . 0xe8de121f4cceca12d97527cc957cca64a4bcfc685cffdee051b38ee81cb22d7e2c187fec82c731018ed2d56f08a4a5cbc40c5bfe9ae18c02295bb65e7f605ffd))",
args: "()",
flags: ENABLE_SECP_OPS,
flags: 0,
result: None,
cost: 0,
err: "secp256r1_verify failed",
},
RunProgramTest {
prg: "(secp256r1_verify (q . 0x0437a1674f3883b7171a11a20140eee014947b433723cf9f181a18fee4fcf96056103b3ff2318f00cca605e6f361d18ff0d2d6b817b1fa587e414f8bb1ab60d2b9) (q . 0x9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08) (q . 0xe8de121f4cceca12d97527cc957cca64a4bcfc685cffdee051b38ee81cb22d7e2c187fec82c731018ed2d56f08a4a5cbc40c5bfe9ae18c02295bb65e7f605ffd))",
args: "()",
flags: 0,
result: Some("0"),
cost: 1850061,
err: "",
},
arvidn marked this conversation as resolved.
Show resolved Hide resolved
];

#[cfg(test)]
Expand Down
Loading
Loading