feat(crypto): add blst

Makefile

@@ -67,6 +67,12 @@ ifeq (boltdb,$(findstring boltdb,$(COSMOS_BUILD_OPTIONS)))
   build_tags += boltdb
 endif
 
+# handle blst
+ifeq (blst,$(findstring blst,$(COSMOS_BUILD_OPTIONS)))
+  CGO_ENABLED=1
+  build_tags += blst
+endif
+
 whitespace :=
 whitespace += $(whitespace)
 comma := ,

crypto/codec/amino.go

@@ -4,7 +4,7 @@ import (
 	"github.com/cometbft/cometbft/crypto/sr25519"
 
 	"cosmossdk.io/core/legacy"
-
+	bls12_381 "github.com/cosmos/cosmos-sdk/crypto/keys/bls12_381"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
 	kmultisig "github.com/cosmos/cosmos-sdk/crypto/keys/multisig"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
@@ -21,6 +21,7 @@ func RegisterCrypto(cdc legacy.Amino) {
 		ed25519.PubKeyName)
 	cdc.RegisterConcrete(&secp256k1.PubKey{},
 		secp256k1.PubKeyName)
+	cdc.RegisterConcrete(&bls12_381.PubKey{}, bls12_381.PubKeyName)
 	cdc.RegisterConcrete(&kmultisig.LegacyAminoPubKey{},
 		kmultisig.PubKeyAminoRoute)
 
@@ -31,4 +32,5 @@ func RegisterCrypto(cdc legacy.Amino) {
 		ed25519.PrivKeyName)
 	cdc.RegisterConcrete(&secp256k1.PrivKey{},
 		secp256k1.PrivKeyName)
+	cdc.RegisterConcrete(&bls12_381.PrivKey{}, bls12_381.PrivKeyName)
 }

crypto/codec/cmt.go

@@ -6,7 +6,7 @@ import (
 	"github.com/cometbft/cometbft/crypto/encoding"
 
 	"cosmossdk.io/errors"
-
+	bls12_381 "github.com/cosmos/cosmos-sdk/crypto/keys/bls12_381"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
 	cryptotypes "github.com/cosmos/cosmos-sdk/crypto/types"
@@ -24,6 +24,10 @@ func FromCmtProtoPublicKey(protoPk cmtprotocrypto.PublicKey) (cryptotypes.PubKey
 		return &secp256k1.PubKey{
 			Key: protoPk.Secp256K1,
 		}, nil
+	case *cmtprotocrypto.PublicKey_Bls12381:
+		return &bls12_381.PubKey{
+			Key: protoPk.Bls12381,
+		}, nil
 	default:
 		return nil, errors.Wrapf(sdkerrors.ErrInvalidType, "cannot convert %v from Tendermint public key", protoPk)
 	}
@@ -44,6 +48,12 @@ func ToCmtProtoPublicKey(pk cryptotypes.PubKey) (cmtprotocrypto.PublicKey, error
 				Secp256K1: pk.Key,
 			},
 		}, nil
+	case *bls12_381.PubKey:
+		return cmtprotocrypto.PublicKey{
+			Sum: &cmtprotocrypto.PublicKey_Bls12381{
+				Bls12381: pk.Key,
+			},
+		}, nil
 	default:
 		return cmtprotocrypto.PublicKey{}, errors.Wrapf(sdkerrors.ErrInvalidType, "cannot convert %v to Tendermint public key", pk)
 	}

crypto/codec/proto.go

@@ -3,6 +3,7 @@ package codec
 import (
 	"cosmossdk.io/core/registry"
 
+	bls12_381 "github.com/cosmos/cosmos-sdk/crypto/keys/bls12_381"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/multisig"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
@@ -16,11 +17,13 @@ func RegisterInterfaces(registry registry.InterfaceRegistrar) {
 	registry.RegisterInterface("cosmos.crypto.PubKey", pk)
 	registry.RegisterImplementations(pk, &ed25519.PubKey{})
 	registry.RegisterImplementations(pk, &secp256k1.PubKey{})
+	registry.RegisterImplementations(pk, &bls12_381.PubKey{})
 	registry.RegisterImplementations(pk, &multisig.LegacyAminoPubKey{})
 
 	var priv *cryptotypes.PrivKey
 	registry.RegisterInterface("cosmos.crypto.PrivKey", priv)
 	registry.RegisterImplementations(priv, &secp256k1.PrivKey{})
 	registry.RegisterImplementations(priv, &ed25519.PrivKey{})
+	registry.RegisterImplementations(priv, &bls12_381.PrivKey{})
 	secp256r1.RegisterInterfaces(registry)
 }

crypto/hd/algo.go

@@ -19,6 +19,9 @@ const (
 	// Ed25519Type represents the Ed25519Type signature system.
 	// It is currently not supported for end-user keys (wallets/ledgers).
 	Ed25519Type = PubKeyType("ed25519")
+	// Ed25519Type represents the Ed25519Type signature system.
+	// It is currently not supported for end-user keys (wallets/ledgers).
+	Bls12_381Type = PubKeyType("bls12_381")
 	// Sr25519Type represents the Sr25519Type signature system.
 	Sr25519Type = PubKeyType("sr25519")
 )

crypto/keys/bls12_381/keys.go

@@ -0,0 +1,168 @@
+package bls12_381
+
+import (
+	"bytes"
+	"crypto/sha256"
+	fmt "fmt"
+
+	"github.com/cometbft/cometbft/crypto"
+	"github.com/cometbft/cometbft/crypto/tmhash"
+
+	bls12381 "github.com/cosmos/crypto/curves/bls12381"
+
+	"github.com/cosmos/cosmos-sdk/codec"
+	cryptotypes "github.com/cosmos/cosmos-sdk/crypto/types"
+)
+
+const (
+	PrivKeyName = "tendermint/PrivKeyEd25519"
+	PubKeyName  = "tendermint/PubKeyEd25519"
+	// PubKeySize is the size, in bytes, of public keys as used in this package.
+	PubKeySize = 32
+	// PrivKeySize is the size, in bytes, of private keys as used in this package.
+	PrivKeySize = 64
+	// SignatureSize the size of an Edwards25519 signature. Namely the size of a compressed
+	// Edwards25519 point, and a field element. Both of which are 32 bytes.
+	SignatureSize = 64
+	// SeedSize is the size, in bytes, of private key seeds. These are the
+	// private key representations used by RFC 8032.
+	SeedSize = 32
+
+	keyType = "bls12381"
+)
+
+// ===============================================================================================
+// Private Key
+// ===============================================================================================
+
+// PrivKey is a wrapper around the Ethereum BLS12-381 private key type. This
+// wrapper conforms to crypto.Pubkey to allow for the use of the Ethereum
+// BLS12-381 private key type.
+
+var (
+	_ cryptotypes.PrivKey  = &PrivKey{}
+	_ codec.AminoMarshaler = &PrivKey{}
+)
+
+// NewPrivateKeyFromBytes build a new key from the given bytes.
+func NewPrivateKeyFromBytes(bz []byte) (PrivKey, error) {
+	secretKey, err := bls12381.SecretKeyFromBytes(bz)
+	if err != nil {
+		return nil, err
+	}
+	return secretKey.Marshal(), nil
+}
+
+// GenPrivKey generates a new key.
+func GenPrivKey() (PrivKey, error) {
+	secretKey, err := bls12381.RandKey()
+	return PrivKey(secretKey.Marshal()), err
+}
+
+// Bytes returns the byte representation of the Key.
+func (privKey PrivKey) Bytes() []byte {
+	return privKey
+}
+
+// PubKey returns the private key's public key. If the privkey is not valid
+// it returns a nil value.
+func (privKey PrivKey) PubKey() cryptotypes.PubKey {
+	secretKey, err := bls12381.SecretKeyFromBytes(privKey)
+	if err != nil {
+		return nil
+	}
+
+	return PubKey(secretKey.PublicKey().Marshal())
+}
+
+// Equals returns true if two keys are equal and false otherwise.
+func (privKey PrivKey) Equals(other cryptotypes.LedgerPrivKey) bool {
+	return privKey.Type() == other.Type() && bytes.Equal(privKey.Bytes(), other.Bytes())
+}
+
+// Type returns the type.
+func (PrivKey) Type() string {
+	return KeyType
+}
+
+// Sign signs the given byte array. If msg is larger than
+// MaxMsgLen, SHA256 sum will be signed instead of the raw bytes.
+func (privKey PrivKey) Sign(msg []byte) ([]byte, error) {
+	secretKey, err := bls12381.SecretKeyFromBytes(privKey)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(msg) > MaxMsgLen {
+		hash := sha256.Sum256(msg)
+		sig := secretKey.Sign(hash[:])
+		return sig.Marshal(), nil
+	}
+	sig := secretKey.Sign(msg)
+	return sig.Marshal(), nil
+}
+
+// ===============================================================================================
+// Public Key
+// ===============================================================================================
+
+// Pubkey is a wrapper around the Ethereum BLS12-381 public key type. This
+// wrapper conforms to crypto.Pubkey to allow for the use of the Ethereum
+// BLS12-381 public key type.
+
+var _ cryptotypes.PubKey = &PubKey{}
+
+// Address returns the address of the key.
+//
+// The function will panic if the public key is invalid.
+func (pubKey PubKey) Address() crypto.Address {
+	pk, _ := bls12381.PublicKeyFromBytes(pubKey)
+	if len(pk.Marshal()) != PubKeySize {
+		panic("pubkey is incorrect size")
+	}
+	return crypto.Address(tmhash.SumTruncated(pubKey))
+}
+
+// VerifySignature verifies the given signature.
+func (pubKey PubKey) VerifySignature(msg, sig []byte) bool {
+	if len(sig) != SignatureLength {
+		return false
+	}
+
+	pubK, err := bls12381.PublicKeyFromBytes(pubKey)
+	if err != nil { // invalid pubkey
+		return false
+	}
+
+	if len(msg) > MaxMsgLen {
+		hash := sha256.Sum256(msg)
+		msg = hash[:]
+	}
+
+	ok, err := bls12381.VerifySignature(sig, [MaxMsgLen]byte(msg[:MaxMsgLen]), pubK)
+	if err != nil { // bad signature
+		return false
+	}
+
+	return ok
+}
+
+// Bytes returns the byte format.
+func (pubKey PubKey) Bytes() []byte {
+	return pubKey
+}
+
+// Type returns the key's type.
+func (PubKey) Type() string {
+	return KeyType
+}
+
+// Equals returns true if the other's type is the same and their bytes are deeply equal.
+func (pubKey PubKey) Equals(other cryptotypes.PubKey) bool {
+	return pubKey.Type() == other.Type() && bytes.Equal(pubKey.Bytes(), other.Bytes())
+}
+
+// String returns Hex representation of a pubkey with it's type
+func (pubKey PubKey) String() string {
+	return fmt.Sprintf("PubKeyBLS12_381{%X}", pubKey.Key)
+}