Remove external crypto trait bounds (#207)

* BeefyKeystore newtype

* WIP

* remove mod ecdsa

* WIP

* fix tests

* some polishing

Author: adoerr

client/beefy/rpc/src/lib.rs

@@ -19,7 +19,6 @@
 #![warn(missing_docs)]
 
 use beefy_gadget::notification::BeefySignedCommitmentStream;
-use codec::Encode;
 use futures::{StreamExt, TryStreamExt};
 use jsonrpc_core::futures::{
 	future::{Executor as Executor01, Future as Future01},
@@ -63,14 +62,14 @@ pub trait BeefyApi<Notification, Hash> {
 }
 
 /// Implements the BeefyApi RPC trait for interacting with BEEFY.
-pub struct BeefyRpcHandler<Block: BlockT, Signature> {
-	signed_commitment_stream: BeefySignedCommitmentStream<Block, Signature>,
+pub struct BeefyRpcHandler<Block: BlockT> {
+	signed_commitment_stream: BeefySignedCommitmentStream<Block>,
 	manager: SubscriptionManager,
 }
 
-impl<Block: BlockT, Signature> BeefyRpcHandler<Block, Signature> {
+impl<Block: BlockT> BeefyRpcHandler<Block> {
 	/// Creates a new BeefyRpcHandler instance.
-	pub fn new<E>(signed_commitment_stream: BeefySignedCommitmentStream<Block, Signature>, executor: E) -> Self
+	pub fn new<E>(signed_commitment_stream: BeefySignedCommitmentStream<Block>, executor: E) -> Self
 	where
 		E: Executor01<Box<dyn Future01<Item = (), Error = ()> + Send>> + Send + Sync + 'static,
 	{
@@ -82,10 +81,9 @@ impl<Block: BlockT, Signature> BeefyRpcHandler<Block, Signature> {
 	}
 }
 
-impl<Block, Signature> BeefyApi<notification::SignedCommitment, Block> for BeefyRpcHandler<Block, Signature>
+impl<Block> BeefyApi<notification::SignedCommitment, Block> for BeefyRpcHandler<Block>
 where
 	Block: BlockT,
-	Signature: Clone + Encode + Send + 'static,
 {
 	type Metadata = sc_rpc::Metadata;
 
@@ -97,7 +95,7 @@ where
 		let stream = self
 			.signed_commitment_stream
 			.subscribe()
-			.map(|x| Ok::<_, ()>(notification::SignedCommitment::new::<Block, Signature>(x)))
+			.map(|x| Ok::<_, ()>(notification::SignedCommitment::new::<Block>(x)))
 			.map_err(|e| warn!("Notification stream error: {:?}", e))
 			.compat();
 

client/beefy/rpc/src/notification.rs

@@ -26,12 +26,9 @@ use sp_runtime::traits::Block as BlockT;
 pub struct SignedCommitment(sp_core::Bytes);
 
 impl SignedCommitment {
-	pub fn new<Block, Signature>(
-		signed_commitment: beefy_gadget::notification::SignedCommitment<Block, Signature>,
-	) -> Self
+	pub fn new<Block>(signed_commitment: beefy_gadget::notification::SignedCommitment<Block>) -> Self
 	where
 		Block: BlockT,
-		Signature: Encode,
 	{
 		SignedCommitment(signed_commitment.encode().into())
 	}

client/beefy/src/error.rs

@@ -20,15 +20,10 @@
 
 use std::fmt::Debug;
 
-use sp_core::crypto::Public;
-
-/// Crypto related errors
-#[derive(Debug, thiserror::Error)]
-pub(crate) enum Crypto<Id: Public + Debug> {
-	/// Check signature error
-	#[error("Message signature {0} by {1:?} is invalid.")]
-	InvalidSignature(String, Id),
-	/// Sign commitment error
-	#[error("Failed to sign comitment using key: {0:?}. Reason: {1}")]
-	CannotSign(Id, String),
+#[derive(Debug, thiserror::Error, PartialEq)]
+pub enum Error {
+	#[error("Keystore error: {0}")]
+	Keystore(String),
+	#[error("Signature error: {0}")]
+	Signature(String),
 }

client/beefy/src/gossip.rs

@@ -15,8 +15,6 @@
 // along with this program. If not, see <https://www.gnu.org/licenses/>.
 
 /// The maximum number of live gossip rounds allowed, i.e. we will expire messages older than this.
-use std::{fmt::Debug, marker::PhantomData};
-
 use codec::{Decode, Encode};
 use log::debug;
 use parking_lot::RwLock;
@@ -27,10 +25,14 @@ use sc_network_gossip::{
 	ValidatorContext as GossipValidatorContext,
 };
 
-use sp_core::Pair;
 use sp_runtime::traits::{Block, Hash, Header, NumberFor};
 
-use beefy_primitives::{MmrRootHash, VoteMessage};
+use beefy_primitives::{
+	crypto::{Public, Signature},
+	MmrRootHash, VoteMessage,
+};
+
+use crate::keystore::BeefyKeystore;
 
 // Limit BEEFY gossip by keeping only a bound number of voting rounds alive.
 const MAX_LIVE_GOSSIP_ROUNDS: usize = 5;
@@ -51,24 +53,22 @@ where
 /// rejected/expired.
 ///
 ///All messaging is handled in a single BEEFY global topic.
-pub(crate) struct BeefyGossipValidator<B, P>
+pub(crate) struct BeefyGossipValidator<B>
 where
 	B: Block,
 {
 	topic: B::Hash,
 	live_rounds: RwLock<Vec<NumberFor<B>>>,
-	_pair: PhantomData<P>,
 }
 
-impl<B, P> BeefyGossipValidator<B, P>
+impl<B> BeefyGossipValidator<B>
 where
 	B: Block,
 {
-	pub fn new() -> BeefyGossipValidator<B, P> {
+	pub fn new() -> BeefyGossipValidator<B> {
 		BeefyGossipValidator {
 			topic: topic::<B>(),
 			live_rounds: RwLock::new(Vec::new()),
-			_pair: PhantomData,
 		}
 	}
 
@@ -91,21 +91,18 @@ where
 	}
 }
 
-impl<B, P> GossipValidator<B> for BeefyGossipValidator<B, P>
+impl<B> GossipValidator<B> for BeefyGossipValidator<B>
 where
 	B: Block,
-	P: Pair,
-	P::Public: Debug + Decode,
-	P::Signature: Debug + Decode,
 {
 	fn validate(
 		&self,
 		_context: &mut dyn GossipValidatorContext<B>,
 		sender: &sc_network::PeerId,
 		mut data: &[u8],
 	) -> GossipValidationResult<B::Hash> {
-		if let Ok(msg) = VoteMessage::<MmrRootHash, NumberFor<B>, P::Public, P::Signature>::decode(&mut data) {
-			if P::verify(&msg.signature, &msg.commitment.encode(), &msg.id) {
+		if let Ok(msg) = VoteMessage::<MmrRootHash, NumberFor<B>, Public, Signature>::decode(&mut data) {
+			if BeefyKeystore::verify(&msg.id, &msg.signature, &msg.commitment.encode()) {
 				return GossipValidationResult::ProcessAndKeep(self.topic);
 			} else {
 				// TODO: report peer
@@ -119,25 +116,25 @@ where
 	fn message_expired<'a>(&'a self) -> Box<dyn FnMut(B::Hash, &[u8]) -> bool + 'a> {
 		let live_rounds = self.live_rounds.read();
 		Box::new(move |_topic, mut data| {
-			let message = match VoteMessage::<MmrRootHash, NumberFor<B>, P::Public, P::Signature>::decode(&mut data) {
+			let message = match VoteMessage::<MmrRootHash, NumberFor<B>, Public, Signature>::decode(&mut data) {
 				Ok(vote) => vote,
 				Err(_) => return true,
 			};
 
-			!BeefyGossipValidator::<B, P>::is_live(&live_rounds, message.commitment.block_number)
+			!BeefyGossipValidator::<B>::is_live(&live_rounds, message.commitment.block_number)
 		})
 	}
 
 	#[allow(clippy::type_complexity)]
 	fn message_allowed<'a>(&'a self) -> Box<dyn FnMut(&PeerId, MessageIntent, &B::Hash, &[u8]) -> bool + 'a> {
 		let live_rounds = self.live_rounds.read();
 		Box::new(move |_who, _intent, _topic, mut data| {
-			let message = match VoteMessage::<MmrRootHash, NumberFor<B>, P::Public, P::Signature>::decode(&mut data) {
+			let message = match VoteMessage::<MmrRootHash, NumberFor<B>, Public, Signature>::decode(&mut data) {
 				Ok(vote) => vote,
 				Err(_) => return true,
 			};
 
-			BeefyGossipValidator::<B, P>::is_live(&live_rounds, message.commitment.block_number)
+			BeefyGossipValidator::<B>::is_live(&live_rounds, message.commitment.block_number)
 		})
 	}
 }

client/beefy/src/keystore.rs

@@ -0,0 +1,206 @@
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+use std::convert::TryInto;
+
+use sp_application_crypto::RuntimeAppPublic;
+use sp_core::keccak_256;
+use sp_keystore::{SyncCryptoStore, SyncCryptoStorePtr};
+
+use beefy_primitives::{
+	crypto::{Public, Signature},
+	KEY_TYPE,
+};
+
+use crate::error;
+
+/// A BEEFY specific keystore implemented as a `Newtype`. This is basically a
+/// wrapper around [`sp_keystore::SyncCryptoStore`] and allows to customize
+/// common cryptographic functionality.
+pub(crate) struct BeefyKeystore(Option<SyncCryptoStorePtr>);
+
+impl BeefyKeystore {
+	/// Check if the keystore contains a private key for one of the public keys
+	/// contained in `keys`. A public key with a matching private key is known
+	/// as a local authority id.
+	///
+	/// Return the public key for which we also do have a private key. If no
+	/// matching private key is found, `None` will be returned.
+	pub fn authority_id(&self, keys: &[Public]) -> Option<Public> {
+		let store = self.0.clone()?;
+
+		for key in keys {
+			if SyncCryptoStore::has_keys(&*store, &[(key.to_raw_vec(), KEY_TYPE)]) {
+				return Some(key.clone());
+			}
+		}
+
+		None
+	}
+
+	/// Sign `message` with the `public` key.
+	///
+	/// Note that `message` usually will be pre-hashed before being singed.
+	///
+	/// Return the message signature or an error in case of failure.
+	pub fn sign(&self, public: &Public, message: &[u8]) -> Result<Signature, error::Error> {
+		let store = if let Some(store) = self.0.clone() {
+			store
+		} else {
+			return Err(error::Error::Keystore("no Keystore".to_string()));
+		};
+
+		let msg = keccak_256(message);
+		let public = public.as_ref();
+
+		let sig = SyncCryptoStore::ecdsa_sign_prehashed(&*store, KEY_TYPE, public, &msg)
+			.map_err(|e| error::Error::Keystore(e.to_string()))?
+			.ok_or_else(|| error::Error::Signature("ecdsa_sign_prehashed() failed".to_string()))?;
+
+		// check that `sig` has the expected result type
+		let sig = sig
+			.clone()
+			.try_into()
+			.map_err(|_| error::Error::Signature(format!("invalid signature {:?} for key {:?}", sig, public)))?;
+
+		Ok(sig)
+	}
+
+	/// Use the `public` key to verify that `sig` is a valid signature for `message`.
+	///
+	/// Return `true` if the signature is authentic, `false` otherwise.
+	pub fn verify(public: &Public, sig: &Signature, message: &[u8]) -> bool {
+		let msg = keccak_256(message);
+		let sig = sig.as_ref();
+		let public = public.as_ref();
+
+		sp_core::ecdsa::Pair::verify_prehashed(sig, &msg, public)
+	}
+}
+
+impl From<Option<SyncCryptoStorePtr>> for BeefyKeystore {
+	fn from(store: Option<SyncCryptoStorePtr>) -> BeefyKeystore {
+		BeefyKeystore(store)
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	#![allow(clippy::unit_cmp)]
+
+	use sp_core::{keccak_256, Pair};
+	use sp_keystore::{testing::KeyStore, SyncCryptoStore, SyncCryptoStorePtr};
+
+	use beefy_primitives::{crypto, KEY_TYPE};
+
+	use super::BeefyKeystore;
+	use crate::error::Error;
+
+	#[test]
+	fn authority_id_works() {
+		let store: SyncCryptoStorePtr = KeyStore::new().into();
+
+		let alice = crypto::Pair::from_string("//Alice", None).unwrap();
+		let _ = SyncCryptoStore::insert_unknown(&*store, KEY_TYPE, "//Alice", alice.public().as_ref()).unwrap();
+
+		let bob = crypto::Pair::from_string("//Bob", None).unwrap();
+		let charlie = crypto::Pair::from_string("//Charlie", None).unwrap();
+
+		let store: BeefyKeystore = Some(store).into();
+
+		let mut keys = vec![bob.public(), charlie.public()];
+
+		let id = store.authority_id(keys.as_slice());
+		assert!(id.is_none());
+
+		keys.push(alice.public());
+
+		let id = store.authority_id(keys.as_slice()).unwrap();
+		assert_eq!(id, alice.public());
+	}
+
+	#[test]
+	fn sign_works() {
+		let store: SyncCryptoStorePtr = KeyStore::new().into();
+
+		let suri = "//Alice";
+		let pair = sp_core::ecdsa::Pair::from_string(suri, None).unwrap();
+
+		let res = SyncCryptoStore::insert_unknown(&*store, KEY_TYPE, suri, pair.public().as_ref()).unwrap();
+		assert_eq!((), res);
+
+		let beefy_store: BeefyKeystore = Some(store.clone()).into();
+
+		let msg = b"are you involved or commited?";
+		let sig1 = beefy_store.sign(&pair.public().into(), msg).unwrap();
+
+		let msg = keccak_256(b"are you involved or commited?");
+		let sig2 = SyncCryptoStore::ecdsa_sign_prehashed(&*store, KEY_TYPE, &pair.public(), &msg)
+			.unwrap()
+			.unwrap();
+
+		assert_eq!(sig1, sig2.into());
+	}
+
+	#[test]
+	fn sign_error() {
+		let store: SyncCryptoStorePtr = KeyStore::new().into();
+
+		let bob = crypto::Pair::from_string("//Bob", None).unwrap();
+		let res = SyncCryptoStore::insert_unknown(&*store, KEY_TYPE, "//Bob", bob.public().as_ref()).unwrap();
+		assert_eq!((), res);
+
+		let alice = crypto::Pair::from_string("//Alice", None).unwrap();
+
+		let store: BeefyKeystore = Some(store).into();
+
+		let msg = b"are you involved or commited?";
+		let sig = store.sign(&alice.public(), msg).err().unwrap();
+		let err = Error::Signature("ecdsa_sign_prehashed() failed".to_string());
+		assert_eq!(sig, err);
+	}
+
+	#[test]
+	fn sign_no_keystore() {
+		let store: BeefyKeystore = None.into();
+
+		let alice = crypto::Pair::from_string("//Alice", None).unwrap();
+		let msg = b"are you involved or commited";
+
+		let sig = store.sign(&alice.public(), msg).err().unwrap();
+		let err = Error::Keystore("no Keystore".to_string());
+		assert_eq!(sig, err);
+	}
+
+	#[test]
+	fn verify_works() {
+		let store: SyncCryptoStorePtr = KeyStore::new().into();
+
+		let suri = "//Alice";
+		let pair = crypto::Pair::from_string(suri, None).unwrap();
+
+		let res = SyncCryptoStore::insert_unknown(&*store, KEY_TYPE, suri, pair.public().as_ref()).unwrap();
+		assert_eq!((), res);
+
+		let store: BeefyKeystore = Some(store).into();
+
+		// `msg` and `sig` match
+		let msg = b"are you involved or commited?";
+		let sig = store.sign(&pair.public(), msg).unwrap();
+		assert!(BeefyKeystore::verify(&pair.public(), &sig, msg));
+
+		// `msg and `sig` don't match
+		let msg = b"you are just involved";
+		assert!(!BeefyKeystore::verify(&pair.public(), &sig, msg));
+	}
+}