Show (PrivateKey r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods showsPrec ∷ Int → PrivateKey r → ShowS # show ∷ PrivateKey r → String # showList ∷ [PrivateKey r] → ShowS #
Eq (PrivateKey r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods (==) ∷ PrivateKey r → PrivateKey r → Bool # (/=) ∷ PrivateKey r → PrivateKey r → Bool #

rawDeserialisePrivateKey ∷ ∀ (r ∷ KeyRole). KeyScope → ByteString → Maybe (PrivateKey r) Source #

rawSerialisePrivateKey ∷ ∀ (r ∷ KeyRole). PrivateKey r → ByteString Source #

coercePrivateKey ∷ ∀ (r2 ∷ KeyRole) (r1 ∷ KeyRole). PrivateKey r1 → PrivateKey r2 Source #

derivePublicKey ∷ ∀ (r ∷ KeyRole). PrivateKey r → PublicKey r Source #

data PublicKey (r ∷ KeyRole) Source #

BLS public key type, parameterized by key role

Instances

Instances details

Show (PublicKey r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods showsPrec ∷ Int → PublicKey r → ShowS # show ∷ PublicKey r → String # showList ∷ [PublicKey r] → ShowS #
Eq (PublicKey r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods (==) ∷ PublicKey r → PublicKey r → Bool # (/=) ∷ PublicKey r → PublicKey r → Bool #

rawDeserialisePublicKey ∷ ∀ (r ∷ KeyRole). KeyScope → ByteString → Maybe (PublicKey r) Source #

rawSerialisePublicKey ∷ ∀ (r ∷ KeyRole). PublicKey r → ByteString Source #

coercePublicKey ∷ ∀ (r2 ∷ KeyRole) (r1 ∷ KeyRole). PublicKey r1 → PublicKey r2 Source #

data Signature (r ∷ KeyRole) Source #

BLS signature type, parameterized by key role

Instances

Instances details

Typeable r ⇒ FromCBOR (Signature r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods fromCBOR ∷ Decoder s (Signature r) Source # label ∷ Proxy (Signature r) → Text Source #
Typeable r ⇒ ToCBOR (Signature r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods toCBOR ∷ Signature r → Encoding Source # encodedSizeExpr ∷ (∀ t. ToCBOR t ⇒ Proxy t → Size) → Proxy (Signature r) → Size Source # encodedListSizeExpr ∷ (∀ t. ToCBOR t ⇒ Proxy t → Size) → Proxy [Signature r] → Size Source #
Show (Signature r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods showsPrec ∷ Int → Signature r → ShowS # show ∷ Signature r → String # showList ∷ [Signature r] → ShowS #
Eq (Signature r) Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods (==) ∷ Signature r → Signature r → Bool # (/=) ∷ Signature r → Signature r → Bool #

data ProofOfPossession Source #

BLS proof of possession type

Instances

Instances details

FromCBOR ProofOfPossession Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods fromCBOR ∷ Decoder s ProofOfPossession Source # label ∷ Proxy ProofOfPossession → Text Source #
ToCBOR ProofOfPossession Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods toCBOR ∷ ProofOfPossession → Encoding Source # encodedSizeExpr ∷ (∀ t. ToCBOR t ⇒ Proxy t → Size) → Proxy ProofOfPossession → Size Source # encodedListSizeExpr ∷ (∀ t. ToCBOR t ⇒ Proxy t → Size) → Proxy [ProofOfPossession] → Size Source #
Show ProofOfPossession Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods showsPrec ∷ Int → ProofOfPossession → ShowS # show ∷ ProofOfPossession → String # showList ∷ [ProofOfPossession] → ShowS #
Eq ProofOfPossession Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods (==) ∷ ProofOfPossession → ProofOfPossession → Bool # (/=) ∷ ProofOfPossession → ProofOfPossession → Bool #

class HasBLSContext (r ∷ KeyRole) where Source #

Role-separated BLS contexts for signatures

Methods

blsCtx ∷ Proxy r → KeyScope → BLS12381SignContext Source #

Instances

Instances details

HasBLSContext 'POP Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods blsCtx ∷ Proxy 'POP → KeyScope → BLS12381SignContext Source #
HasBLSContext 'SIGN Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods blsCtx ∷ Proxy 'SIGN → KeyScope → BLS12381SignContext Source #
HasBLSContext 'VRF Source #
Instance details Defined in Ouroboros.Consensus.Committee.Crypto.BLS Methods blsCtx ∷ Proxy 'VRF → KeyScope → BLS12381SignContext Source #

signWithRole ∷ ∀ (r ∷ KeyRole) msg. (SignableRepresentation msg, HasBLSContext r) ⇒ PrivateKey r → msg → Signature r Source #

Sign a message with a private key, producing a signature

verifyWithRole ∷ ∀ (r ∷ KeyRole) msg. (SignableRepresentation msg, HasBLSContext r) ⇒ PublicKey r → msg → Signature r → Either String () Source #

Verify a signature on a message with a public key

createProofOfPossession ∷ PrivateKey 'POP → KeyHash 'StakePool → ProofOfPossession Source #

Create a proof of possession signature for a private key

verifyProofOfPossession ∷ PublicKey 'POP → KeyHash 'StakePool → ProofOfPossession → Either String () Source #

Verify a proof of possession signature for a public key

Aggregate keys and signatures

aggregatePublicKeys ∷ ∀ (r ∷ KeyRole). NE [PublicKey r] → Either String (PublicKey r) Source #

Aggregate multiple public keys into a single one.

PRECONDITION: all keys must have the same scope.

PRECONDITION: this assumes that proofs of possession have already been verified for all keys in advance.

aggregateSignatures ∷ ∀ (r ∷ KeyRole). NE [Signature r] → Either String (Signature r) Source #

Aggregate multiple signatures into a single one

VRF signature manipulation

signatureNatural ∷ Signature 'VRF → Natural Source #

Convert a BLS signature to a natural number for use in local sortition

signatureNaturalMax ∷ Natural Source #

The maximum natural number that can be produced by a BLS signature

toNormalizedVRFOutput ∷ Signature 'VRF → NormalizedVRFOutput Source #

Create a normalized VRF output from a BLS signature

Linearized VRF output verification

linearizeAndVerifyVRFs ∷ SignableRepresentation msg ⇒ NE [PublicKey 'VRF] → msg → NE [Signature 'VRF] → Either String () Source #

Verify a list of VRF outputs against on the same input using linearization.

The idea is to first aggregate all public keys and VRF outputs into a single aggregate ones. These can then be verified in one go, saving the (higher) cost of multiple signature verifications.

However, since we later derive a numeric value from each individual VRF output, verifying the aggregate signature alone is not sufficient. This is because an attacker could swap their (bad) VRF output with someone else's (better) one, and a naive signature aggregation and verification approach would still succeed.

Instead, each VRF output is first linearized using a scalar derived from the signature itself, and then aggregated together. This way, if an attacker tries to swap their VRF output with someone else's, the linearization will produce a different aggregate signature that will fail verification.

PRECONDITION: all keys must have the same scope.

PRECONDITION: the number of signatures must match the number of keys.