diff --git a/specs/bls_signature.md b/specs/bls_signature.md index 9dd5cac8b..4dd479a6a 100644 --- a/specs/bls_signature.md +++ b/specs/bls_signature.md @@ -106,11 +106,11 @@ def modular_squareroot(value: int) -> int: ### `bls_aggregate_pubkeys` -Let `bls_aggregate_pubkeys(pubkeys: [uint384]) -> uint384` return `pubkeys[0] + .... + pubkeys[len(pubkeys)-1]`, where `+` is the elliptic curve addition operation over the G1 curve. +Let `bls_aggregate_pubkeys(pubkeys: List[Bytes48]) -> Bytes48` return `pubkeys[0] + .... + pubkeys[len(pubkeys)-1]`, where `+` is the elliptic curve addition operation over the G1 curve. ### `bls_aggregate_signatures` -Let `bls_aggregate_signatures(signatures: [[uint384]]) -> [uint384]` return `signatures[0] + .... + signatures[len(signatures)-1]`, where `+` is the elliptic curve addition operation over the G2 curve. +Let `bls_aggregate_signatures(signatures: List[Bytes96]) -> Bytes96` return `signatures[0] + .... + signatures[len(signatures)-1]`, where `+` is the elliptic curve addition operation over the G2 curve. ## Signature verification @@ -124,7 +124,7 @@ g = Fq2([g_x, g_y]) ### `bls_verify` -Let `bls_verify(pubkey: uint384, message: bytes32, signature: [uint384], domain: uint64) -> bool`: +Let `bls_verify(pubkey: Bytes48, message: Bytes32, signature: Bytes96, domain: uint64) -> bool`: * Verify that `pubkey` is a valid G1 point. * Verify that `signature` is a valid G2 point. @@ -132,7 +132,7 @@ Let `bls_verify(pubkey: uint384, message: bytes32, signature: [uint384], domain: ### `bls_verify_multiple` -Let `bls_verify_multiple(pubkeys: [uint384], messages: [bytes32], signature: [uint384], domain: uint64) -> bool`: +Let `bls_verify_multiple(pubkeys: List[Bytes48], messages: List[Bytes32], signature: Bytes96, domain: uint64) -> bool`: * Verify that each `pubkey` in `pubkeys` is a valid G1 point. * Verify that `signature` is a valid G2 point. diff --git a/specs/core/0_beacon-chain.md b/specs/core/0_beacon-chain.md index 5640340b6..3b804b680 100644 --- a/specs/core/0_beacon-chain.md +++ b/specs/core/0_beacon-chain.md @@ -76,7 +76,7 @@ - [`get_beacon_proposer_index`](#get_beacon_proposer_index) - [`merkle_root`](#merkle_root) - [`get_attestation_participants`](#get_attestation_participants) - - [`bytes1`, `bytes2`, ...](#bytes1-bytes2-) + - [`int_to_bytes1`, `int_to_bytes2`, ...](#int_to_bytes1-int_to_bytes2-) - [`get_effective_balance`](#get_effective_balance) - [`get_fork_version`](#get_fork_version) - [`get_domain`](#get_domain) @@ -190,9 +190,9 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted | `GENESIS_SLOT` | `0` | | `GENESIS_START_SHARD` | `0` | | `FAR_FUTURE_SLOT` | `2**64 - 1` | -| `ZERO_HASH` | `bytes32(0)` | -| `EMPTY_SIGNATURE` | `[bytes48(0), bytes48(0)]` | -| `BLS_WITHDRAWAL_PREFIX_BYTE` | `bytes1(0)` | +| `ZERO_HASH` | `int_to_bytes32(0)` | +| `EMPTY_SIGNATURE` | `int_to_bytes96(0)` | +| `BLS_WITHDRAWAL_PREFIX_BYTE` | `int_to_bytes1(0)` | ### Time parameters @@ -266,11 +266,11 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # First proposal data 'proposal_data_1': ProposalSignedData, # First proposal signature - 'proposal_signature_1': '[uint384]', + 'proposal_signature_1': 'bytes96', # Second proposal data 'proposal_data_2': ProposalSignedData, # Second proposal signature - 'proposal_signature_2': '[uint384]', + 'proposal_signature_2': 'bytes96', } ``` @@ -298,7 +298,7 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Attestation data 'data': AttestationData, # Aggregate signature - 'aggregate_signature': ['uint384'], + 'aggregate_signature': 'bytes96', } ``` @@ -315,7 +315,7 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Custody bitfield 'custody_bitfield': 'bytes', # BLS aggregate signature - 'aggregate_signature': ['uint384'], + 'aggregate_signature': 'bytes96', } ``` @@ -328,17 +328,17 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Shard number 'shard': 'uint64', # Hash of root of the signed beacon block - 'beacon_block_root': 'hash32', + 'beacon_block_root': 'bytes32', # Hash of root of the ancestor at the epoch boundary - 'epoch_boundary_root': 'hash32', + 'epoch_boundary_root': 'bytes32', # Shard block's hash of root - 'shard_block_root': 'hash32', + 'shard_block_root': 'bytes32', # Last crosslink's hash of root - 'latest_crosslink_root': 'hash32', + 'latest_crosslink_root': 'bytes32', # Slot of the last justified beacon block 'justified_slot': 'uint64', # Hash of the last justified beacon block - 'justified_block_root': 'hash32', + 'justified_block_root': 'bytes32', } ``` @@ -360,7 +360,7 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted ```python { # Branch in the deposit tree - 'branch': '[hash32]', + 'branch': ['bytes32'], # Index in the deposit tree 'index': 'uint64', # Data @@ -386,15 +386,15 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted ```python { # BLS pubkey - 'pubkey': 'uint384', + 'pubkey': 'bytes48', # Withdrawal credentials - 'withdrawal_credentials': 'hash32', + 'withdrawal_credentials': 'bytes32', # Initial RANDAO commitment - 'randao_commitment': 'hash32', + 'randao_commitment': 'bytes32', # Initial custody commitment - 'custody_commitment': 'hash32', + 'custody_commitment': 'bytes32', # A BLS signature of this `DepositInput` - 'proof_of_possession': ['uint384'], + 'proof_of_possession': 'bytes96', } ``` @@ -409,7 +409,7 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Index of the exiting validator 'validator_index': 'uint24', # Validator signature - 'signature': '[uint384]', + 'signature': 'bytes96', } ``` @@ -421,11 +421,11 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted { ## Header ## 'slot': 'uint64', - 'parent_root': 'hash32', - 'state_root': 'hash32', - 'randao_reveal': 'hash32', + 'parent_root': 'bytes32', + 'state_root': 'bytes32', + 'randao_reveal': 'bytes32', 'eth1_data': Eth1Data, - 'signature': ['uint384'], + 'signature': 'bytes96', ## Body ## 'body': BeaconBlockBody, @@ -458,7 +458,7 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Shard number (`BEACON_CHAIN_SHARD_NUMBER` for beacon chain) 'shard': 'uint64', # Block's hash of root - 'block_root': 'hash32', + 'block_root': 'bytes32', } ``` @@ -478,17 +478,17 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted 'validator_balances': ['uint64'], 'validator_registry_update_slot': 'uint64', 'validator_registry_exit_count': 'uint64', - 'validator_registry_delta_chain_tip': 'hash32', # For light clients to track deltas + 'validator_registry_delta_chain_tip': 'bytes32', # For light clients to track deltas # Randomness and committees - 'latest_randao_mixes': ['hash32'], - 'latest_vdf_outputs': ['hash32'], + 'latest_randao_mixes': ['bytes32'], + 'latest_vdf_outputs': ['bytes32'], 'previous_epoch_start_shard': 'uint64', 'current_epoch_start_shard': 'uint64', 'previous_epoch_calculation_slot': 'uint64', 'current_epoch_calculation_slot': 'uint64', - 'previous_epoch_randao_mix': 'hash32', - 'current_epoch_randao_mix': 'hash32', + 'previous_epoch_randao_mix': 'bytes32', + 'current_epoch_randao_mix': 'bytes32', # Custody challenges 'custody_challenges': [CustodyChallenge], @@ -501,10 +501,10 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Recent state 'latest_crosslinks': [Crosslink], - 'latest_block_roots': ['hash32'], # Needed to process attestations, older to newer + 'latest_block_roots': ['bytes32'], # Needed to process attestations, older to newer 'latest_penalized_balances': ['uint64'], # Balances penalized at every withdrawal period 'latest_attestations': [PendingAttestation], - 'batched_block_roots': ['hash32'], + 'batched_block_roots': ['bytes32'], # Ethereum 1.0 chain data 'latest_eth1_data': Eth1Data, @@ -517,11 +517,11 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted ```python { # BLS public key - 'pubkey': 'uint384', + 'pubkey': 'bytes48', # Withdrawal credentials - 'withdrawal_credentials': 'hash32', + 'withdrawal_credentials': 'bytes32', # RANDAO commitment - 'randao_commitment': 'hash32', + 'randao_commitment': 'bytes32', # Slots the proposer has skipped (i.e. layers of RANDAO expected) 'randao_layers': 'uint64', # Slot when validator activated @@ -537,7 +537,7 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Status flags 'status_flags': 'uint64', # Custody commitment - 'custody_commitment': 'hash32', + 'custody_commitment': 'bytes32', # Slot of latest custody reseed 'latest_custody_reseed_slot': 'uint64', # Slot of second-latest custody reseed @@ -552,7 +552,7 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted # Slot number 'slot': 'uint64', # Shard block root - 'shard_block_root': 'hash32', + 'shard_block_root': 'bytes32', } ``` @@ -588,9 +588,9 @@ Unless otherwise indicated, code appearing in `this style` is to be interpreted ```python { - 'latest_registry_delta_root': 'hash32', + 'latest_registry_delta_root': 'bytes32', 'validator_index': 'uint24', - 'pubkey': 'uint384', + 'pubkey': 'bytes48', 'slot': 'uint64', 'flag': 'uint64', } @@ -808,7 +808,7 @@ def get_active_validator_indices(validators: [Validator], slot: int) -> List[int #### `shuffle` ```python -def shuffle(values: List[Any], seed: Hash32) -> List[Any]: +def shuffle(values: List[Any], seed: Bytes32) -> List[Any]: """ Returns the shuffled ``values`` with ``seed`` as entropy. """ @@ -888,7 +888,7 @@ def get_committee_count_per_slot(active_validator_count: int) -> int: #### `get_shuffling` ```python -def get_shuffling(seed: Hash32, +def get_shuffling(seed: Bytes32, validators: List[Validator], slot: int) -> List[List[int]] """ @@ -905,7 +905,7 @@ def get_shuffling(seed: Hash32, committees_per_slot = get_committee_count_per_slot(len(active_validator_indices)) # Shuffle - seed = xor(seed, bytes32(slot)) + seed = xor(seed, int_to_bytes32(slot)) shuffled_active_validator_indices = shuffle(active_validator_indices, seed) # Split the shuffled list into epoch_length * committees_per_slot pieces @@ -983,7 +983,7 @@ def get_crosslink_committees_at_slot(state: BeaconState, ```python def get_block_root(state: BeaconState, - slot: int) -> Hash32: + slot: int) -> Bytes32: """ Returns the block root at a recent ``slot``. """ @@ -998,7 +998,7 @@ def get_block_root(state: BeaconState, ```python def get_randao_mix(state: BeaconState, - slot: int) -> Hash32: + slot: int) -> Bytes32: """ Returns the randao mix at a recent ``slot``. """ @@ -1022,7 +1022,7 @@ def get_beacon_proposer_index(state: BeaconState, #### `merkle_root` ```python -def merkle_root(values: List[Hash32]) -> Hash32: +def merkle_root(values: List[Bytes32]) -> Bytes32: """ Merkleize ``values`` (where ``len(values)`` is a power of two) and return the Merkle root. """ @@ -1058,9 +1058,9 @@ def get_attestation_participants(state: BeaconState, return participants ``` -#### `bytes1`, `bytes2`, ... +#### `int_to_bytes1`, `int_to_bytes2`, ... -`bytes1(x): return x.to_bytes(1, 'big')`, `bytes2(x): return x.to_bytes(2, 'big')`, and so on for all integers, particularly 1, 2, 3, 4, 8, 32. +`int_to_bytes1(x): return x.to_bytes(1, 'big')`, `int_to_bytes2(x): return x.to_bytes(2, 'big')`, and so on for all integers, particularly 1, 2, 3, 4, 8, 32, 48, 96. #### `get_effective_balance` @@ -1294,11 +1294,11 @@ First, a helper function: ```python def validate_proof_of_possession(state: BeaconState, - pubkey: int, - proof_of_possession: bytes, - withdrawal_credentials: Hash32, - randao_commitment: Hash32, - custody_commitment: Hash32) -> bool: + pubkey: Bytes48, + proof_of_possession: Bytes96, + withdrawal_credentials: Bytes32, + randao_commitment: Bytes32, + custody_commitment: Bytes32) -> bool: proof_of_possession_data = DepositInput( pubkey=pubkey, withdrawal_credentials=withdrawal_credentials, @@ -1323,12 +1323,12 @@ Now, to add a [validator](#dfn-validator) or top up an existing [validator](#dfn ```python def process_deposit(state: BeaconState, - pubkey: int, + pubkey: Bytes48, amount: int, - proof_of_possession: bytes, - withdrawal_credentials: Hash32, - randao_commitment: Hash32, - custody_commitment: Hash32) -> None: + proof_of_possession: Bytes96, + withdrawal_credentials: Bytes32, + randao_commitment: Bytes32, + custody_commitment: Bytes32) -> None: """ Process a deposit from Ethereum 1.0. Note that this function mutates ``state``. @@ -1552,7 +1552,7 @@ For each `deposit` in `block.body.deposits`: * Verify that `verify_merkle_branch(hash(serialized_deposit_data), deposit.branch, DEPOSIT_CONTRACT_TREE_DEPTH, deposit.index, state.latest_eth1_data.deposit_root)` is `True`. ```python -def verify_merkle_branch(leaf: Hash32, branch: [Hash32], depth: int, index: int, root: Hash32) -> bool: +def verify_merkle_branch(leaf: Bytes32, branch: [Bytes32], depth: int, index: int, root: Bytes32) -> bool: value = leaf for i in range(depth): if index // (2**i) % 2: diff --git a/specs/core/1_shard-data-chains.md b/specs/core/1_shard-data-chains.md index 973a0d332..cabe2934e 100644 --- a/specs/core/1_shard-data-chains.md +++ b/specs/core/1_shard-data-chains.md @@ -70,7 +70,7 @@ To validate a block header on shard `shard_id`, compute as follows: * Verify that `beacon_chain_ref` is the hash of a block in the beacon chain with slot less than or equal to `slot`. Verify that `beacon_chain_ref` is equal to or a descendant of the `beacon_chain_ref` specified in the `ShardBlock` pointed to by `parent_root`. * Let `state` be the state of the beacon chain block referred to by `beacon_chain_ref`. Let `validators` be `[validators[i] for i in state.current_persistent_committees[shard_id]]`. * Assert `len(participation_bitfield) == ceil_div8(len(validators))` -* Let `proposer_index = hash(state.randao_mix + bytes8(shard_id) + bytes8(slot)) % len(validators)`. Let `msg` be the block but with the `block.signature` set to `[0, 0]`. Verify that `BLSVerify(pub=validators[proposer_index].pubkey, msg=hash(msg), sig=block.signature, domain=get_domain(state, slot, SHARD_PROPOSER_DOMAIN))` passes. +* Let `proposer_index = hash(state.randao_mix + int_to_bytes8(shard_id) + int_to_bytes8(slot)) % len(validators)`. Let `msg` be the block but with the `block.signature` set to `[0, 0]`. Verify that `BLSVerify(pub=validators[proposer_index].pubkey, msg=hash(msg), sig=block.signature, domain=get_domain(state, slot, SHARD_PROPOSER_DOMAIN))` passes. * Generate the `group_public_key` by adding the public keys of all the validators for whom the corresponding position in the bitfield is set to 1. Verify that `BLSVerify(pub=group_public_key, msg=parent_root, sig=block.aggregate_signature, domain=get_domain(state, slot, SHARD_ATTESTER_DOMAIN))` passes. ### Block Merklization helper