ton/crypto/vm/bls.h

/*
    This file is part of TON Blockchain Library.

    TON Blockchain Library is free software: you can redistribute it and/or modify
    it under the terms of the GNU Lesser General Public License as published by
    the Free Software Foundation, either version 2 of the License, or
    (at your option) any later version.

    TON Blockchain Library is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Lesser General Public License for more details.

    You should have received a copy of the GNU Lesser General Public License
    along with TON Blockchain Library.  If not, see <http://www.gnu.org/licenses/>.
*/

#include <vector>
#include "td/utils/buffer.h"
#include "common/bitstring.h"
#include "common/refint.h"

namespace vm {
namespace bls {

const size_t P1_SIZE = 48;
const size_t P2_SIZE = 96;
const size_t FP_SIZE = 48;

using P1 = td::BitArray<P1_SIZE * 8>;
using P2 = td::BitArray<P2_SIZE * 8>;
using FP = td::BitArray<FP_SIZE * 8>;
using FP2 = td::BitArray<FP_SIZE * 2 * 8>;

bool verify(const P1 &pub, td::Slice msg, const P2 &sig);
P2 aggregate(const std::vector<P2> &sig);
bool fast_aggregate_verify(const std::vector<P1> &pubs, td::Slice msg, const P2 &sig);
bool aggregate_verify(const std::vector<std::pair<P1, td::BufferSlice>> &pubs_msgs, const P2 &sig);

P1 g1_add(const P1 &a, const P1 &b);
P1 g1_sub(const P1 &a, const P1 &b);
P1 g1_neg(const P1 &a);
P1 g1_mul(const P1 &p, const td::RefInt256 &x);
P1 g1_multiexp(const std::vector<std::pair<P1, td::RefInt256>> &ps);
P1 g1_zero();
P1 map_to_g1(const FP &a);
bool g1_in_group(const P1 &a);
bool g1_is_zero(const P1 &a);

P2 g2_add(const P2 &a, const P2 &b);
P2 g2_sub(const P2 &a, const P2 &b);
P2 g2_neg(const P2 &a);
P2 g2_mul(const P2 &p, const td::RefInt256 &x);
P2 g2_multiexp(const std::vector<std::pair<P2, td::RefInt256>> &ps);
P2 g2_zero();
P2 map_to_g2(const FP2 &a);
bool g2_in_group(const P2 &a);
bool g2_is_zero(const P2 &a);

bool pairing(const std::vector<std::pair<P1, P2>> &ps);

td::RefInt256 get_r();

}  // namespace bls
}  // namespace vm
TVM Upgrade (#686) * New TVM instructions * Remove PREVBLOCKS * Separate target ton_crypto into TVM-related and -unrelared code * Add fine for failed "send message"; rework SENDMSG * Fix include * Fix bugs, improve action fines * Disable fines for special accounts * Handle msg_balance_remaining.grams == null in transaction.cpp * Bugfixes in SENDMSG * Fix fee calculation in SENDMSG * Fix CellStorageStat and transaction.cpp after merge * SETBOUNCEONACTIONPHASEFAIL instruction * ADDDIVMOD instructions * RUNVM, RUNVMX instructions * Changes in RUNVM * Tests for adddiv and runvm * HASHEXT instruction * Improve opcode-timing More iterations Don't measure preliminary run Remove logs and other excessive operations Add "error" to output * Increase RUNVM gas price * Optimize HASHEXT, adjust gas price * Add "bounce of action fail" flag to actions * Stack operations with unlimited arguments * Ristretto255 instructions * Adjust gas consumption * Optional fixed number of return values in RUNVM, fix exception handling * Adjust gas consumption * Simplify gas consumption logic * Support of secp256k1 and sodium libraries in builds (#11) * add support of secp256k1 library to the builds (linux, win) * add support of secp256k1 library to the builds (linux, win) * install secp256k1 via brew * install libsodium via brew; change sodium to upper case in FindSodium.cmake * install libsodium via brew; change sodium to upper case in FindSodium.cmake * simplify FindSodium.cmake * bug fixing * bug fixing * bug fixing * add macro SODIUM_STATIC * adjust build command for windows * put back original FindSodium.cmake * put back original FindSodium.cmake * fix sodium unzipped path for windows; add ninja * fix sodium unzipped path for windows; add ninja * fix sodium unzipped path for windows; add ninja * Win32 github build for secp256k1 * x64 architecture github build for secp256k1 * fix sodium linking on linux * enable docker buildx arm64 builds from forked repos * enable docker buildx arm64 builds from forked repos * enable docker buildx arm64 builds from forked repos * adjust mac builds for secp2561k and sodium * fix tonlib jni generation * minor fix * sync fixes across platforms * add libsodium build script for android and precompiled static libraries * build tonlib for android (fails) * FindSodium uppercase * remove system libsodium for android, use precompiled instead; specify SECP256K1_INCLUDE_DIR fir mac 12.6 * uppercase sodium * simplify FindSodium * fix windows build sodium path; use ninja for windows * simplify sodium 2 * adjust windows sodium paths; add paths to android jni * add ninja build windows * add ninja build windows * add ninja build windows 2 * remove win ninja * fix 1 * fix 2 * fix win 3 * fix linux compile 3 * fix jni 1 * fix jni 2 and mac * fix jni 3 * fix jni 4 * fix jni 5 * fix mac 6 * fix mac 7 and jni paths * fix jni 8 * rework sodium for android * rework sodium for android * rework sodium for android 2 * fixed sodium for android 2 * fixed sodium for android 3 * static secp256k1 for android * add precompiled arm secp256k1 * add precompiled arm secp256k1 * build native-lib with secp256k1 x86-64 (non arm) * update precompiled with NDK libsecp256k1.a * update precompiled with NDK libsecp256k1.a * update precompiled with NDK libsecp256k1.a * refactor llvm-strip location * refactor llvm-strip location * add native-lib.so for armv7a, armv8a * add native-lib.so for armv7a, armv8a * test armv7a, armv8a * armv7a - fails linking on sodium, test -> armv8a * works x86-64, armv7a - fails linking on sodium, armv8a - fails linking secp256k1 (incompatible with aarch64linux) * update libpsec256k1, sodium static libs * test x86 android native-lib * test armv7 android native-lib * test armv8 android native-lib * x86_64 and arm64 android native-lib works * x86_64 and arm64 android native-lib works * x86_64 and arm64 android native-lib works * test armv7 android native-lib * test all android native-libs * test all android native-libs * test all android native-libs * test all android native-libs - without SodiumAndroid * test all android native-libs - with FindSodiumAndroid.cmake * win, with Sodium via SODIUM_DIR * win, with Sodium via SODIUM_DIR env * win, with Sodium via SODIUM_DIR env * win, with Sodium via SODIUM_DIR env and SODIUM_USE_STATIC_LIBS * win, with Sodium via SODIUM_DIR, SODIUM_USE_STATIC_LIBS and SODIUM_INCLUDE_DIR * android, with FindSodium * android, with FindSodium with SODIUM_USE_STATIC_LIBS * remove if not apple * target_link_libraries(ton_crypto_core PUBLIC secp256k1) * android SECP256K1_INCLUDE_DIRS * android SECP256K1_INCLUDE_DIR * add libsecp256k1.a/so pre-compiled with ubuntu 22 x86-64 * add libsecp256k1.a/so pre-compiled with ubuntu 22 x86-64 * sodium dirs * sodium dirs * sodium dirs * remove NOT APPLE and SodiumAndroid * add NOT APPLE and remove SodiumAndroid * add NOT APPLE and remove SodiumAndroid * remove build scripts for 18.04, reduce CMakeLists.txt * remove build scripts for 18.04, reduce CMakeLists.txt * Fix cas consumption during library load * Fix fetch_config_params after merge * Add all ADDDIVMOD ops to Asm.fif * Save unpaid storage fee to due_payment * Add "set prev blocks info" to emulator * Adjusted builds (#13) * Update flake.nix Add libsodium * add libsecp256k1-dev and libsodium-dev into wasm build * make back emulator a shared library; put emulator to artifacts; compile wasm artifacts with sodium and secp256k1. * add secp256k1 to nix * compile emulator statically with nix * compile emulator statically with nix * compile emulator lib statically with nix * compile emulator lib statically with nix * add libemulator to artifacts * add shared libemulator library to artifacts * minor release fix * update set-output commands; add recent_changelog.md * releases fixes * releases fixes, multiline * releases fixes, multiline * releases fixes, multiline * put back multiline changelog * put back multiline changelog * ConfigParam 19 (global-id) and GLOBALID instruction * Fix gas consumption in HASHEXT * Add blst library * Add bls instructions * Allow passing long code to opcode-timing * Add bls testcase * More BLS instructions * Fix tests, add bls tests * Add more bls tests * Improve some bls operations * Adjust some BLS gas prices * Adjust BLS gas prices * Enable __BLST_PORTABLE__ flag only if PORTABLE flag is set * Add tests for BLS_PAIRING * GASCONSUMED instruction * Fix compilation against docker with blst library; (#14) * fix compilation against docker with blst library; add precompiled libblst.a to android builds * minor fix * Adjust BLKSWX gas * Fix comparison with NAN * Allow arbitrary integers for scalars in ristretto multiplication, fix test * Adjust nix builds according to PR 694 (#15) * integrate and test PR-694 * integrate and test PR-694, test 2 * Add P256_CHKSIGN (secp256r1) --------- Co-authored-by: SpyCheese <mikle98@yandex.ru> Co-authored-by: neodiX42 <namlem@gmail.com> 2023-05-24 18:14:13 +00:00			`/*`
			`This file is part of TON Blockchain Library.`

			`TON Blockchain Library is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU Lesser General Public License as published by`
			`the Free Software Foundation, either version 2 of the License, or`
			`(at your option) any later version.`

			`TON Blockchain Library is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU Lesser General Public License for more details.`

			`You should have received a copy of the GNU Lesser General Public License`
			`along with TON Blockchain Library. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`#include <vector>`
			`#include "td/utils/buffer.h"`
			`#include "common/bitstring.h"`
			`#include "common/refint.h"`

			`namespace vm {`
			`namespace bls {`

			`const size_t P1_SIZE = 48;`
			`const size_t P2_SIZE = 96;`
			`const size_t FP_SIZE = 48;`

			`using P1 = td::BitArray<P1_SIZE * 8>;`
			`using P2 = td::BitArray<P2_SIZE * 8>;`
			`using FP = td::BitArray<FP_SIZE * 8>;`
			`using FP2 = td::BitArray<FP_SIZE * 2 * 8>;`

			`bool verify(const P1 &pub, td::Slice msg, const P2 &sig);`
			`P2 aggregate(const std::vector<P2> &sig);`
			`bool fast_aggregate_verify(const std::vector<P1> &pubs, td::Slice msg, const P2 &sig);`
			`bool aggregate_verify(const std::vector<std::pair<P1, td::BufferSlice>> &pubs_msgs, const P2 &sig);`

			`P1 g1_add(const P1 &a, const P1 &b);`
			`P1 g1_sub(const P1 &a, const P1 &b);`
			`P1 g1_neg(const P1 &a);`
			`P1 g1_mul(const P1 &p, const td::RefInt256 &x);`
			`P1 g1_multiexp(const std::vector<std::pair<P1, td::RefInt256>> &ps);`
			`P1 g1_zero();`
			`P1 map_to_g1(const FP &a);`
			`bool g1_in_group(const P1 &a);`
			`bool g1_is_zero(const P1 &a);`

			`P2 g2_add(const P2 &a, const P2 &b);`
			`P2 g2_sub(const P2 &a, const P2 &b);`
			`P2 g2_neg(const P2 &a);`
			`P2 g2_mul(const P2 &p, const td::RefInt256 &x);`
			`P2 g2_multiexp(const std::vector<std::pair<P2, td::RefInt256>> &ps);`
			`P2 g2_zero();`
			`P2 map_to_g2(const FP2 &a);`
			`bool g2_in_group(const P2 &a);`
			`bool g2_is_zero(const P2 &a);`

			`bool pairing(const std::vector<std::pair<P1, P2>> &ps);`

			`td::RefInt256 get_r();`

			`} // namespace bls`
			`} // namespace vm`