nimbus-eth2/beacon_chain/spec/digest.nim

# beacon_chain
# Copyright (c) 2018-2019 Status Research & Development GmbH
# Licensed and distributed under either of
#   * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT).
#   * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0).
# at your option. This file may not be copied, modified, or distributed except according to those terms.

# Serenity hash function / digest
#
# https://github.com/ethereum/eth2.0-specs/blob/v0.9.0/specs/core/0_beacon-chain.md#hash
#
# In Phase 0 the beacon chain is deployed with SHA256 (SHA2-256).
# Note that is is different from Keccak256 (often mistakenly called SHA3-256)
# and SHA3-256.
#
# In Eth1.0, the default hash function is Keccak256 and SHA256 is available as a precompiled contract.
#
# In our code base, to enable a smooth transition
# (already did Blake2b --> Keccak256 --> SHA2-256),
# we call this function `eth2hash`, and it outputs a `Eth2Digest`. Easy to sed :)

import
  chronicles,
  nimcrypto/[sha2, hash, utils], eth/common/eth_types_json_serialization,
  hashes

export
  eth_types_json_serialization, hash.`$`

type
  Eth2Digest* = MDigest[32 * 8] ## `hash32` from spec
  Eth2Hash* = sha256            ## Context for hash function

chronicles.formatIt Eth2Digest:
  mixin toHex
  it.data.toHex(true)

func shortLog*(x: Eth2Digest): string =
  x.data.toHex(true)[0..7]

# TODO: expose an in-place digest function
#       when hashing in loop or into a buffer
#       See: https://github.com/cheatfate/nimcrypto/blob/b90ba3abd/nimcrypto/sha2.nim#L570
func eth2hash*(v: openArray[byte]): Eth2Digest {.inline.} =
  # We use the init-update-finish interface to avoid
  # the expensive burning/clearing memory (20~30% perf)
  # TODO: security implication?
  var ctx: sha256
  ctx.init()
  ctx.update(v)
  ctx.finish()

proc update*(ctx: var Sha2Context; digest: Eth2Digest) =
  ctx.update digest.data

template withEth2Hash*(body: untyped): Eth2Digest =
  ## This little helper will init the hash function and return the sliced
  ## hash:
  ## let hashOfData = withHash: h.update(data)
  var h  {.inject.}: sha256
  init(h)
  body
  var res = finish(h)
  res

func hash*(x: Eth2Digest): Hash =
  ## Hash for digests for Nim hash tables
  # Stub for BeaconChainDB

  # We just slice the first 4 or 8 bytes of the block hash
  # depending of if we are on a 32 or 64-bit platform
  result = cast[ptr Hash](unsafeAddr x)[]
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00			`# beacon_chain`
fix keccak256 digest comments 2019-03-09 20:34:08 +00:00			`# Copyright (c) 2018-2019 Status Research & Development GmbH`
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00			`# Licensed and distributed under either of`
			`# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT).`
			`# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0).`
			`# at your option. This file may not be copied, modified, or distributed except according to those terms.`

			`# Serenity hash function / digest`
			`#`
initial 0.9.0 spec sync (#509) * rename compute_epoch_of_slot(...) to compute_epoch_at_slot(...) * remove some unnecessary imports; remove some crosslink-related code and tests; complete renaming of compute_epoch_of_slot(...) to compute_epoch_at_slot(...) * rm more transfer-related code and tests; rm more unnecessary strutils imports * rm remaining unused imports * remove useless get_empty_per_epoch_cache(...)/compute_start_slot_of_epoch(...) calls * rename compute_start_slot_of_epoch(...) to compute_start_slot_at_epoch(...) * rename ACTIVATION_EXIT_DELAY to MAX_SEED_LOOKAHEAD * update domain types to 0.9.0 * mark AttesterSlashing, IndexedAttestation, AttestationDataAndCustodyBit, DepositData, BeaconBlockHeader, Fork, integer_squareroot(...), and process_voluntary_exit(...) as 0.9.0 * mark increase_balance(...), decrease_balance(...), get_block_root(...), CheckPoint, Deposit, PendingAttestation, HistoricalBatch, is_active_validator(...), and is_slashable_attestation_data(...) as 0.9.0 * mark compute_activation_exit_epoch(...), bls_verify(...), Validator, get_active_validator_indices(...), get_current_epoch(...), get_total_active_balance(...), and get_previous_epoch(...) as 0.9.0 * mark get_block_root_at_slot(...), ProposerSlashing, get_domain(...), VoluntaryExit, mainnet preset Gwei values, minimal preset max operations, process_block_header(...), and is_slashable_validator(...) as 0.9.0 * mark makeWithdrawalCredentials(...), get_validator_churn_limit(...), get_total_balance(...), is_valid_indexed_attestation(...), bls_aggregate_pubkeys(...), initial genesis value/constants, Attestation, get_randao_mix(...), mainnet preset max operations per block constants, minimal preset Gwei values and time parameters, process_eth1_data(...), get_shuffled_seq(...), compute_committee(...), and process_slots(...) as 0.9.0; partially update get_indexed_attestation(...) to 0.9.0 by removing crosslink refs and associated tests * mark initiate_validator_exit(...), process_registry_updates(...), BeaconBlock, Eth1Data, compute_domain(...), process_randao(...), process_attester_slashing(...), get_base_reward(...), and process_slot(...) as 0.9.0 2019-10-30 19:41:19 +00:00			`# https://github.com/ethereum/eth2.0-specs/blob/v0.9.0/specs/core/0_beacon-chain.md#hash`
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00			`#`
[Tests] SHA256 + official shuffling vectors (#263) * Change digests to SHA2-256 (from Keccak256) * Fix sha256 digest initialization - pass shuffling test * Add comments + remove old shuffling tests * Remove stale tree hashing tests * Small toOpenArray optim + notes on in-place hashing * Revert "Revert "Update test repo"" This reverts commit f385467cd3312058ec0ccf70be83e80f400a41c5. * Revert "Revert "Fix SIGFPE on shuffling for 0"" This reverts commit 226d380f8733663c033edee94fdd8427c4ddb2a5. * Revert "Revert "Implement shuffling test (pending typedesc and shuffling algo fix)"" This reverts commit 813cb6fbb8cdbb768a894c35173c3adc1e5d6c59. * withEth2hash templates now needs ctx.init() * Use init-update-finish to avoid burnMem 2019-05-10 08:14:01 +00:00			`# In Phase 0 the beacon chain is deployed with SHA256 (SHA2-256).`
			`# Note that is is different from Keccak256 (often mistakenly called SHA3-256)`
			`# and SHA3-256.`
fix keccak256 digest comments 2019-03-09 20:34:08 +00:00			`#`
[Tests] SHA256 + official shuffling vectors (#263) * Change digests to SHA2-256 (from Keccak256) * Fix sha256 digest initialization - pass shuffling test * Add comments + remove old shuffling tests * Remove stale tree hashing tests * Small toOpenArray optim + notes on in-place hashing * Revert "Revert "Update test repo"" This reverts commit f385467cd3312058ec0ccf70be83e80f400a41c5. * Revert "Revert "Fix SIGFPE on shuffling for 0"" This reverts commit 226d380f8733663c033edee94fdd8427c4ddb2a5. * Revert "Revert "Implement shuffling test (pending typedesc and shuffling algo fix)"" This reverts commit 813cb6fbb8cdbb768a894c35173c3adc1e5d6c59. * withEth2hash templates now needs ctx.init() * Use init-update-finish to avoid burnMem 2019-05-10 08:14:01 +00:00			`# In Eth1.0, the default hash function is Keccak256 and SHA256 is available as a precompiled contract.`
fix keccak256 digest comments 2019-03-09 20:34:08 +00:00			`#`
[Tests] SHA256 + official shuffling vectors (#263) * Change digests to SHA2-256 (from Keccak256) * Fix sha256 digest initialization - pass shuffling test * Add comments + remove old shuffling tests * Remove stale tree hashing tests * Small toOpenArray optim + notes on in-place hashing * Revert "Revert "Update test repo"" This reverts commit f385467cd3312058ec0ccf70be83e80f400a41c5. * Revert "Revert "Fix SIGFPE on shuffling for 0"" This reverts commit 226d380f8733663c033edee94fdd8427c4ddb2a5. * Revert "Revert "Implement shuffling test (pending typedesc and shuffling algo fix)"" This reverts commit 813cb6fbb8cdbb768a894c35173c3adc1e5d6c59. * withEth2hash templates now needs ctx.init() * Use init-update-finish to avoid burnMem 2019-05-10 08:14:01 +00:00			`# In our code base, to enable a smooth transition`
			`# (already did Blake2b --> Keccak256 --> SHA2-256),`
			# we call this function `eth2hash`, and it outputs a `Eth2Digest`. Easy to sed :)
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00
Chain creation and network simulation start script 2018-12-19 12:58:53 +00:00			`import`
interop updates * add interop launcher scripts * stick validator_keygen into beacon_node * fix lmd ghost slot number on missing block * use mocked eth1data when producing blocks * use bls public key method for withdrawal credentials * fix deposit domain * prefer lowercase for a bunch of toHex * build simulation binary in data folder to avoid data types confusion 2019-09-01 15:02:49 +00:00			`chronicles,`
			`nimcrypto/[sha2, hash, utils], eth/common/eth_types_json_serialization,`
Fork choice compiles (but untested) 2019-01-08 17:28:21 +00:00			`hashes`
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00
Chain creation and network simulation start script 2018-12-19 12:58:53 +00:00			`export`
			eth_types_json_serialization, hash.`$`
spec updates (#37) * use repeat_hash from spec in randao * add some logging to state processing * export crypto string converters in spec insulation layer * enable block signature verification * ssz: add support for arrays, remove custom data type code * correctly handle previous and new block * add trivial block processing tests * prefer iterative repeat_hash * state transition mostly done * handle most specials and slashings 2018-12-13 16:00:55 +00:00
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00			`type`
			Eth2Digest* = MDigest[32 * 8] ## `hash32` from spec
[Tests] SHA256 + official shuffling vectors (#263) * Change digests to SHA2-256 (from Keccak256) * Fix sha256 digest initialization - pass shuffling test * Add comments + remove old shuffling tests * Remove stale tree hashing tests * Small toOpenArray optim + notes on in-place hashing * Revert "Revert "Update test repo"" This reverts commit f385467cd3312058ec0ccf70be83e80f400a41c5. * Revert "Revert "Fix SIGFPE on shuffling for 0"" This reverts commit 226d380f8733663c033edee94fdd8427c4ddb2a5. * Revert "Revert "Implement shuffling test (pending typedesc and shuffling algo fix)"" This reverts commit 813cb6fbb8cdbb768a894c35173c3adc1e5d6c59. * withEth2hash templates now needs ctx.init() * Use init-update-finish to avoid burnMem 2019-05-10 08:14:01 +00:00			`Eth2Hash* = sha256 ## Context for hash function`
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00
interop updates * add interop launcher scripts * stick validator_keygen into beacon_node * fix lmd ghost slot number on missing block * use mocked eth1data when producing blocks * use bls public key method for withdrawal credentials * fix deposit domain * prefer lowercase for a bunch of toHex * build simulation binary in data folder to avoid data types confusion 2019-09-01 15:02:49 +00:00			`chronicles.formatIt Eth2Digest:`
			`mixin toHex`
			`it.data.toHex(true)`

add initial block pool (#139) * implement in-memory block graph * store tail block in database * resolve unknown parents by syncing them from peers * introduce concept of resolved blocks and attestations - those that follow minimal protocol rules * update state head lazily * log more stuff * shortHash -> shortLog * start 9/10 beacon nodes by default, last can be started manually * see also #134 * fix start.sh epoch length 2019-02-28 21:21:29 +00:00			`func shortLog*(x: Eth2Digest): string =`
interop updates * add interop launcher scripts * stick validator_keygen into beacon_node * fix lmd ghost slot number on missing block * use mocked eth1data when producing blocks * use bls public key method for withdrawal credentials * fix deposit domain * prefer lowercase for a bunch of toHex * build simulation binary in data folder to avoid data types confusion 2019-09-01 15:02:49 +00:00			`x.data.toHex(true)[0..7]`
add initial block pool (#139) * implement in-memory block graph * store tail block in database * resolve unknown parents by syncing them from peers * introduce concept of resolved blocks and attestations - those that follow minimal protocol rules * update state head lazily * log more stuff * shortHash -> shortLog * start 9/10 beacon nodes by default, last can be started manually * see also #134 * fix start.sh epoch length 2019-02-28 21:21:29 +00:00
[Tests] SHA256 + official shuffling vectors (#263) * Change digests to SHA2-256 (from Keccak256) * Fix sha256 digest initialization - pass shuffling test * Add comments + remove old shuffling tests * Remove stale tree hashing tests * Small toOpenArray optim + notes on in-place hashing * Revert "Revert "Update test repo"" This reverts commit f385467cd3312058ec0ccf70be83e80f400a41c5. * Revert "Revert "Fix SIGFPE on shuffling for 0"" This reverts commit 226d380f8733663c033edee94fdd8427c4ddb2a5. * Revert "Revert "Implement shuffling test (pending typedesc and shuffling algo fix)"" This reverts commit 813cb6fbb8cdbb768a894c35173c3adc1e5d6c59. * withEth2hash templates now needs ctx.init() * Use init-update-finish to avoid burnMem 2019-05-10 08:14:01 +00:00			`# TODO: expose an in-place digest function`
			`# when hashing in loop or into a buffer`
			`# See: https://github.com/cheatfate/nimcrypto/blob/b90ba3abd/nimcrypto/sha2.nim#L570`
			`func eth2hash*(v: openArray[byte]): Eth2Digest {.inline.} =`
			`# We use the init-update-finish interface to avoid`
			`# the expensive burning/clearing memory (20~30% perf)`
			`# TODO: security implication?`
			`var ctx: sha256`
			`ctx.init()`
Remove one-line hash to avoid burnMem. Remove unnecessary copyMem()s. 2019-03-28 20:38:41 +00:00			`ctx.update(v)`
Implement the latest SSZ specification and integrate the official SSZ test suite 2019-07-03 07:35:05 +00:00			`ctx.finish()`
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00
v0.8.1 tests refactor (#326) * Introduce new mocking proc to replace: - makeFakeValidatorPrivKey - hackPrivKey - getNextBeaconProposerIndex - addBlock - makeBlock * Add comments on datastructure unsynced with the spec * Add merkle tree constructor and initial mocking for deposits (missing merkle proofs) * [Mock] Implement sparse merkle tree and merkle proof builder * [Mocking] Genesis deposits * Add compact_committees_roots init + mock genesis state * [Tests] Add first deposit test using the new mocking procedures * [Tests -deposits] add at and over 32 ETH deposit tests * [Tests - deposits] Add test for validator top-up * [Tests -deposits] Mention the TODO to test for invalid conditions * [Tests] Add stub to test "is_valid_genesis_state" * [Merkle proofs] Implement round-trip checks * Deactivate roundtrips test * SSZ - use EF convention for hash_tree_root / hashTreeRoot * [Tests - Attestation] Attestation mocking + initial test * Add mocking + 3 new tests for valid attestations + mention future invalid attestation tests * Add crosslinks test (1 failing to attestations in block being duplicated in state transition) * Single attestation crosslink test - workaround https://github.com/status-im/nim-beacon-chain/issues/361 * Add test for failed crosslink penalty * Rebase fixes + add refactored tests to test suite * justif-finalization helpers first batch * Add 234 finalization tests * Fix justif test, Rule I 234 finalization does not happen with sufficient support. (Also unittest check template does not fail properly in some cases) * Add tests for all finalization rules * Properly delete nim-byteutils following https://github.com/status-im/nim-beacon-chain/commit/c91727e7e5f9c7a95a634055e94e9d3bcb6cc41a#diff-7c3613dba5171cb6027c67835dd3b9d4 * use digest helper for deposit root 2019-08-28 12:07:00 +00:00			`proc update*(ctx: var Sha2Context; digest: Eth2Digest) =`
			`ctx.update digest.data`

introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00			`template withEth2Hash*(body: untyped): Eth2Digest =`
			`## This little helper will init the hash function and return the sliced`
			`## hash:`
			`## let hashOfData = withHash: h.update(data)`
v0.8.1 tests refactor (#326) * Introduce new mocking proc to replace: - makeFakeValidatorPrivKey - hackPrivKey - getNextBeaconProposerIndex - addBlock - makeBlock * Add comments on datastructure unsynced with the spec * Add merkle tree constructor and initial mocking for deposits (missing merkle proofs) * [Mock] Implement sparse merkle tree and merkle proof builder * [Mocking] Genesis deposits * Add compact_committees_roots init + mock genesis state * [Tests] Add first deposit test using the new mocking procedures * [Tests -deposits] add at and over 32 ETH deposit tests * [Tests - deposits] Add test for validator top-up * [Tests -deposits] Mention the TODO to test for invalid conditions * [Tests] Add stub to test "is_valid_genesis_state" * [Merkle proofs] Implement round-trip checks * Deactivate roundtrips test * SSZ - use EF convention for hash_tree_root / hashTreeRoot * [Tests - Attestation] Attestation mocking + initial test * Add mocking + 3 new tests for valid attestations + mention future invalid attestation tests * Add crosslinks test (1 failing to attestations in block being duplicated in state transition) * Single attestation crosslink test - workaround https://github.com/status-im/nim-beacon-chain/issues/361 * Add test for failed crosslink penalty * Rebase fixes + add refactored tests to test suite * justif-finalization helpers first batch * Add 234 finalization tests * Fix justif test, Rule I 234 finalization does not happen with sufficient support. (Also unittest check template does not fail properly in some cases) * Add tests for all finalization rules * Properly delete nim-byteutils following https://github.com/status-im/nim-beacon-chain/commit/c91727e7e5f9c7a95a634055e94e9d3bcb6cc41a#diff-7c3613dba5171cb6027c67835dd3b9d4 * use digest helper for deposit root 2019-08-28 12:07:00 +00:00			`var h {.inject.}: sha256`
			`init(h)`
introduce Eth2Hash, Eth2Digest and friends (#22, fixes #3) * introduce Eth2Hash, Eth2Digest and friends 2018-11-27 23:10:09 +00:00			`body`
v0.8.1 tests refactor (#326) * Introduce new mocking proc to replace: - makeFakeValidatorPrivKey - hackPrivKey - getNextBeaconProposerIndex - addBlock - makeBlock * Add comments on datastructure unsynced with the spec * Add merkle tree constructor and initial mocking for deposits (missing merkle proofs) * [Mock] Implement sparse merkle tree and merkle proof builder * [Mocking] Genesis deposits * Add compact_committees_roots init + mock genesis state * [Tests] Add first deposit test using the new mocking procedures * [Tests -deposits] add at and over 32 ETH deposit tests * [Tests - deposits] Add test for validator top-up * [Tests -deposits] Mention the TODO to test for invalid conditions * [Tests] Add stub to test "is_valid_genesis_state" * [Merkle proofs] Implement round-trip checks * Deactivate roundtrips test * SSZ - use EF convention for hash_tree_root / hashTreeRoot * [Tests - Attestation] Attestation mocking + initial test * Add mocking + 3 new tests for valid attestations + mention future invalid attestation tests * Add crosslinks test (1 failing to attestations in block being duplicated in state transition) * Single attestation crosslink test - workaround https://github.com/status-im/nim-beacon-chain/issues/361 * Add test for failed crosslink penalty * Rebase fixes + add refactored tests to test suite * justif-finalization helpers first batch * Add 234 finalization tests * Fix justif test, Rule I 234 finalization does not happen with sufficient support. (Also unittest check template does not fail properly in some cases) * Add tests for all finalization rules * Properly delete nim-byteutils following https://github.com/status-im/nim-beacon-chain/commit/c91727e7e5f9c7a95a634055e94e9d3bcb6cc41a#diff-7c3613dba5171cb6027c67835dd3b9d4 * use digest helper for deposit root 2019-08-28 12:07:00 +00:00			`var res = finish(h)`
			`res`
Fork choice compiles (but untested) 2019-01-08 17:28:21 +00:00
			`func hash*(x: Eth2Digest): Hash =`
[Tests] SHA256 + official shuffling vectors (#263) * Change digests to SHA2-256 (from Keccak256) * Fix sha256 digest initialization - pass shuffling test * Add comments + remove old shuffling tests * Remove stale tree hashing tests * Small toOpenArray optim + notes on in-place hashing * Revert "Revert "Update test repo"" This reverts commit f385467cd3312058ec0ccf70be83e80f400a41c5. * Revert "Revert "Fix SIGFPE on shuffling for 0"" This reverts commit 226d380f8733663c033edee94fdd8427c4ddb2a5. * Revert "Revert "Implement shuffling test (pending typedesc and shuffling algo fix)"" This reverts commit 813cb6fbb8cdbb768a894c35173c3adc1e5d6c59. * withEth2hash templates now needs ctx.init() * Use init-update-finish to avoid burnMem 2019-05-10 08:14:01 +00:00			`## Hash for digests for Nim hash tables`
Fork choice compiles (but untested) 2019-01-08 17:28:21 +00:00			`# Stub for BeaconChainDB`

			`# We just slice the first 4 or 8 bytes of the block hash`
			`# depending of if we are on a 32 or 64-bit platform`
Make the code compile in Nim 0.19.0 2019-01-11 16:41:57 +00:00			`result = cast[ptr Hash](unsafeAddr x)[]`