Added to/from bytes for SchnorrSignature and started adding tests.

Author: damrobi

mithril-stm/src/schnorr_signatures/helper.rs

@@ -1,32 +1,12 @@
-use midnight_circuits::{
-    ecc::{
-        hash_to_curve::HashToCurveGadget,
-        native::EccChip,
-    },
-    hash::poseidon::PoseidonChip,
-    instructions::{
-        HashToCurveCPU,
-        hash::HashCPU,
-    },
-    types::AssignedNative,
-};
-
 pub use midnight_curves::{
-    Bls12, EDWARDS_D, Fq as JubjubBase, Fq as BlsScalar, Fr as JubjubScalar,
-    G1Affine as BlstG1Affine, G1Projective as BlstG1, G2Affine as BlstG2Affine, JubjubAffine,
-    JubjubExtended as Jubjub, JubjubExtended, JubjubSubgroup, MODULUS,
+    EDWARDS_D, Fq as JubjubBase, Fr as JubjubScalar,
+    JubjubAffine, JubjubExtended, JubjubSubgroup,
 };
 
-
-
 use ff::Field;
-use group::Group;
-use rand_core::{CryptoRng, RngCore};
 use subtle::{Choice, ConstantTimeEq};
-use thiserror::Error;
-
-// use crate::schnorr_signatures::{get_coordinates, jubjub_base_to_scalar, is_on_curve};
 
+use std::slice;
 
 
 pub fn get_coordinates(point: JubjubSubgroup) -> (JubjubBase, JubjubBase) {

mithril-stm/src/schnorr_signatures/mod.rs

@@ -44,7 +44,7 @@ type JubjubHashToCurve = HashToCurveGadget<
 
 type PoseidonHash = PoseidonChip<JubjubBase>;
 
-pub const DST_SIGNATURE: JubjubBase = JubjubBase::from_raw([2u64, 0, 0, 0]);
+pub(crate) const DST_SIGNATURE: JubjubBase = JubjubBase::from_raw([2u64, 0, 0, 0]);
 
 
 #[derive(Debug, Error)]
@@ -58,59 +58,81 @@ pub enum SignatureError {
 
 
 
-
 #[cfg(test)]
 mod tests {
+    // use blst::{blst_p1, blst_p2};
+    use proptest::prelude::*;
+    use rand_chacha::ChaCha20Rng;
+    use rand_core::{RngCore, SeedableRng, OsRng};
+
+    // use crate::bls_multi_signature::helper::unsafe_helpers::{p1_affine_to_sig, p2_affine_to_vk};
+    use crate::error::{MultiSignatureError, RegisterError};
+    use crate::key_registration::KeyRegistration;
+
     use super::*;
-    use rand_core::OsRng;
-
-    /// Test signing functionality.
-    #[test]
-    fn test_signature_verification_valid() {
-        let mut rng = OsRng;
-        let sk = SigningKey::generate(&mut rng);
-        let msg = JubjubBase::random(&mut rng);
-
-        // Sign the message
-        let signature = sk.sign(msg, &mut rng);
-
-        // Ensure the components of the signature are non-default values
-        assert_ne!(
-            signature.sigma,
-            JubjubSubgroup::identity(),
-            "Signature sigma should not be the identity element."
-        );
-        assert_ne!(
-            signature.s,
-            JubjubScalar::ZERO,
-            "Signature s component should not be zero."
-        );
-        assert_ne!(
-            signature.c,
-            JubjubBase::ZERO,
-            "Signature c component should not be zero."
-        );
-
-        signature.verify(msg, &VerificationKey::from(&sk)).unwrap();
+
+    impl PartialEq for SchnorrSigningKey {
+        fn eq(&self, other: &Self) -> bool {
+            self.to_bytes() == other.to_bytes()
+        }
     }
 
-    #[test]
-    fn test_signature_verification_invalid_signature() {
-        let mut rng = OsRng;
-        let sk = SigningKey::generate(&mut rng);
-        let msg = JubjubBase::random(&mut rng);
-        let vk: VerificationKey = (&sk).into();
-
-        // Generate signature and tamper with it
-        let mut signature = sk.sign(msg, &mut rng);
-        signature.s = JubjubScalar::random(&mut rng); // Modify `s` component
-
-        // Verify the modified signature
-        let result = signature.verify(msg, &vk);
-        assert!(
-            result.is_err(),
-            "Invalid signature should fail verification, but it passed."
-        );
+    // impl Eq for SchnorrSigningKey {}
+
+    proptest! {
+        #![proptest_config(ProptestConfig::with_cases(1000))]
+    
+        /// Test signing functionality.
+        #[test]
+        fn test_signature_verification_valid(seed in any::<u64>()) {
+            let mut rng = OsRng;
+            let sk = SchnorrSigningKey::generate(&mut rng);
+            let msg = JubjubBase::random(&mut rng);
+
+            // Sign the message
+            let signature = sk.sign(msg, &mut rng);
+
+            // Ensure the components of the signature are non-default values
+            assert_ne!(
+                signature.sigma,
+                JubjubSubgroup::identity(),
+                "Signature sigma should not be the identity element."
+            );
+            assert_ne!(
+                signature.s,
+                JubjubScalar::ZERO,
+                "Signature s component should not be zero."
+            );
+            assert_ne!(
+                signature.c,
+                JubjubBase::ZERO,
+                "Signature c component should not be zero."
+            );
+
+            signature.verify(msg, &SchnorrVerificationKey::from(&sk)).unwrap();
+        }
+
+        #[test]
+        fn test_signature_verification_invalid_signature(seed in any::<u64>()) {
+            let mut rng = OsRng;
+            let sk = SchnorrSigningKey::generate(&mut rng);
+            let msg = JubjubBase::random(&mut rng);
+            let vk: SchnorrVerificationKey = (&sk).into();
+
+            // Generate signature and tamper with it
+            let mut signature = sk.sign(msg, &mut rng);
+            signature.s = JubjubScalar::random(&mut rng); // Modify `s` component
+
+            // Verify the modified signature
+            let result = signature.verify(msg, &vk);
+            assert!(
+                result.is_err(),
+                "Invalid signature should fail verification, but it passed."
+            );
+        }
+    
+    
     }
 
+
 }

mithril-stm/src/schnorr_signatures/signature.rs

@@ -29,7 +29,7 @@ pub struct SchnorrSignature {
 
 impl SchnorrSignature {
     /// Verify a signature against a verification key.
-    pub fn verify(&self, msg: JubjubBase, vk: &VerificationKey) -> Result<(), SignatureError> {
+    pub fn verify(&self, msg: JubjubBase, vk: &SchnorrVerificationKey) -> Result<(), SignatureError> {
         let g = JubjubSubgroup::generator();
         let hash = JubjubHashToCurve::hash_to_curve(&[msg]);
         let c_scalar = jubjub_base_to_scalar(self.c);

mithril-stm/src/schnorr_signatures/signing_key.rs

@@ -1,6 +1,6 @@
 
 pub use midnight_curves::{Fq as JubjubBase, Fr as JubjubScalar,
-    JubjubExtended as Jubjub, JubjubExtended, JubjubSubgroup,
+    JubjubExtended as Jubjub, JubjubExtended, JubjubSubgroup
 };
 use midnight_circuits::{
     instructions::{
@@ -12,9 +12,10 @@ use midnight_circuits::{
 use ff::Field;
 use group::Group;
 use rand_core::{CryptoRng, RngCore};
+use subtle::CtOption;
 use thiserror::Error;
 
-use crate::schnorr_signatures::helper::{get_coordinates, jubjub_base_to_scalar, is_on_curve};
+use crate::{error::MultiSignatureError, schnorr_signatures::helper::{get_coordinates, is_on_curve, jubjub_base_to_scalar}};
 use crate::schnorr_signatures::verification_key::*;
 use crate::schnorr_signatures::signature::*;
 
@@ -24,13 +25,13 @@ use crate::schnorr_signatures::{JubjubHashToCurve, SignatureError, PoseidonHash,
 
 /// The signing key is a scalar from the Jubjub scalar field
 #[derive(Debug, Clone)]
-pub struct SigningKey(JubjubScalar);
+pub struct SchnorrSigningKey(JubjubScalar);
 
 /// Implementation of the Schnorr signature scheme using the Jubjub curve
-impl SigningKey {
+impl SchnorrSigningKey {
     pub fn generate(rng: &mut (impl RngCore + CryptoRng)) -> Self {
         let sk = JubjubScalar::random(rng);
-        SigningKey(sk)
+        SchnorrSigningKey(sk)
     }
 
     /// A slightly modified version of the regular Schnorr signature (I think)
@@ -71,13 +72,34 @@ impl SigningKey {
         SchnorrSignature { sigma, s, c }
     }
 
-}
+    /// Convert the schnorr secret key into byte string.
+    /// Uses midnight curve implem for the conversion
+    pub fn to_bytes(&self) -> [u8; 32] {
+        self.0.to_bytes()
+    }
 
+    /// Convert a string of bytes into a `SchnorrSigningKey`.
+    ///
+    /// # Error
+    /// Fails if the byte string represents a scalar larger than the group order.
+    pub fn from_bytes(bytes: &[u8]) -> Result<Self, MultiSignatureError> {
+        // This is a bit ugly, I'll try to find a better way to do it
+        let bytes = bytes.get(..32).ok_or(MultiSignatureError::SerializationError)?.try_into().unwrap();
+        // Jubjub returs a CtChoice so I convert it to an option that looses the const time property
+        match JubjubScalar::from_bytes(bytes).into_option().ok_or(MultiSignatureError::SerializationError) {
+            Ok(sk) => Ok(Self(sk)),
+            // the error should be updated
+            Err(e) => Err(e)
+        }
+    }
+
+}
 
-impl From<&SigningKey> for VerificationKey {
-    fn from(sk: &SigningKey) -> Self {
+// Should we have this implementation?
+impl From<&SchnorrSigningKey> for SchnorrVerificationKey {
+    fn from(sk: &SchnorrSigningKey) -> Self {
         let g = JubjubSubgroup::generator();
         let vk = &g * &sk.0;
-        VerificationKey(vk)
+        SchnorrVerificationKey(vk)
     }
 }

mithril-stm/src/schnorr_signatures/verification_key.rs

@@ -27,10 +27,10 @@ use crate::schnorr_signatures::{JubjubHashToCurve, SignatureError, PoseidonHash,
 
 
 #[derive(Debug, Clone, Copy, Default)]
-pub struct VerificationKey(pub JubjubSubgroup);
+pub struct SchnorrVerificationKey(pub JubjubSubgroup);
 
 
-impl VerificationKey {
+impl SchnorrVerificationKey {
     pub fn to_field(&self) -> [JubjubBase; 2] {
         let (x, y) = get_coordinates(self.0);
         [x, y]
@@ -66,6 +66,6 @@ impl VerificationKey {
             return Err(SignatureError::SerializationError);
         }
 
-        Ok(VerificationKey(point))
+        Ok(SchnorrVerificationKey(point))
     }
 }