diff --git a/bolt-sidecar/src/driver.rs b/bolt-sidecar/src/driver.rs index 1f15db88..af511892 100644 --- a/bolt-sidecar/src/driver.rs +++ b/bolt-sidecar/src/driver.rs @@ -22,7 +22,7 @@ use crate::{ server::{CommitmentsApiServer, Event as CommitmentEvent}, spec::Error as CommitmentError, }, - crypto::{bls::cl_public_key_to_arr, SignableBLS, SignerECDSA}, + crypto::{SignableBLS, SignerECDSA}, primitives::{ read_signed_delegations_from_file, CommitmentRequest, ConstraintsMessage, FetchPayloadRequest, SignedConstraints, TransactionExt, @@ -326,23 +326,25 @@ impl SidecarDriver { }; // NOTE: we iterate over the transactions in the request and generate a signed constraint - // for each one. This is because the transactions in the commitment request are not - // supposed to be treated as a relative-ordering bundle, but a batch - // with no ordering guarantees. + // for each one. This is because the transactions in the commitment request are not supposed + // to be treated as a relative-ordering bundle, but a batch with no ordering guarantees. + // + // For more information, check out the constraints API docs: + // https://docs.boltprotocol.xyz/technical-docs/api/builder#constraints for tx in inclusion_request.txs { let tx_type = tx.tx_type(); let message = ConstraintsMessage::from_transaction(pubkey.clone(), target_slot, tx); let digest = message.digest(); - let signature = match self.constraint_signer { - SignerBLS::Local(ref signer) => signer.sign_commit_boost_root(digest), - SignerBLS::CommitBoost(ref signer) => signer.sign_commit_boost_root(digest).await, - SignerBLS::Keystore(ref signer) => { - signer.sign_commit_boost_root(digest, cl_public_key_to_arr(pubkey.clone())) + let signature_result = match &self.constraint_signer { + SignerBLS::Local(signer) => signer.sign_commit_boost_root(digest), + SignerBLS::CommitBoost(signer) => signer.sign_commit_boost_root(digest).await, + SignerBLS::Keystore(signer) => { + signer.sign_commit_boost_root(digest, pubkey.clone()) } }; - let signed_constraints = match signature { + let signed_constraints = match signature_result { Ok(signature) => SignedConstraints { message, signature }, Err(e) => { error!(?e, "Failed to sign constraints"); diff --git a/bolt-sidecar/src/signer/commit_boost.rs b/bolt-sidecar/src/signer/commit_boost.rs index f9fa399e..f91a7c72 100644 --- a/bolt-sidecar/src/signer/commit_boost.rs +++ b/bolt-sidecar/src/signer/commit_boost.rs @@ -91,8 +91,6 @@ impl CommitBoostSigner { } /// Verify the BLS signature of the object with the given public key. - /// - /// Note: The default implementation should be used where possible. pub fn verify_bls( &self, data: &[u8; 32], @@ -103,8 +101,6 @@ impl CommitBoostSigner { } /// Verify the ECDSA signature of the object with the given public key. - /// - /// Note: The default implementation should be used where possible. pub fn verify_ecdsa(&self, data: &[u8; 32], sig: &Signature, pubkey: &EcdsaPublicKey) -> bool { let sig = secp256k1::ecdsa::Signature::from_str(&sig.to_hex()).expect("signature is valid"); let pubkey = diff --git a/bolt-sidecar/src/signer/keystore.rs b/bolt-sidecar/src/signer/keystore.rs index 413f6951..e1975978 100644 --- a/bolt-sidecar/src/signer/keystore.rs +++ b/bolt-sidecar/src/signer/keystore.rs @@ -9,14 +9,16 @@ use std::{ path::{Path, PathBuf}, }; -use alloy::rpc::types::beacon::constants::BLS_PUBLIC_KEY_BYTES_LEN; - use ethereum_consensus::crypto::PublicKey as BlsPublicKey; use lighthouse_bls::Keypair; use lighthouse_eth2_keystore::Keystore; use ssz::Encode; -use crate::{builder::signature::compute_signing_root, crypto::bls::BLSSig, ChainConfig}; +use crate::{ + builder::signature::compute_signing_root, + crypto::bls::{cl_public_key_to_arr, BLSSig}, + ChainConfig, +}; use super::SignerResult; @@ -109,7 +111,7 @@ impl KeystoreSigner { pub fn sign_commit_boost_root( &self, root: [u8; 32], - public_key: [u8; BLS_PUBLIC_KEY_BYTES_LEN], + public_key: BlsPublicKey, ) -> SignerResult { self.sign_root(root, public_key, self.chain.commit_boost_domain()) } @@ -118,7 +120,7 @@ impl KeystoreSigner { fn sign_root( &self, root: [u8; 32], - public_key: [u8; BLS_PUBLIC_KEY_BYTES_LEN], + public_key: BlsPublicKey, domain: [u8; 32], ) -> SignerResult { let sk = self @@ -126,7 +128,9 @@ impl KeystoreSigner { .iter() // `as_ssz_bytes` returns the raw bytes we need .find(|kp| kp.pk.as_ssz_bytes() == public_key.as_ref()) - .ok_or(KeystoreError::UnknownPublicKey(hex::encode(public_key)))?; + .ok_or(KeystoreError::UnknownPublicKey(hex::encode(cl_public_key_to_arr( + public_key, + ))))?; let signing_root = compute_signing_root(root, domain); @@ -193,6 +197,7 @@ mod tests { }; use blst::min_pk::SecretKey; + use ethereum_consensus::crypto::PublicKey as BlsPublicKey; use crate::{signer::local::LocalSigner, ChainConfig}; @@ -365,7 +370,10 @@ mod tests { let sig_local = local_signer.sign_commit_boost_root([0; 32]).expect("to sign message"); let sig_keystore = keystore_signer_from_password - .sign_commit_boost_root([0; 32], public_key_bytes) + .sign_commit_boost_root( + [0; 32], + BlsPublicKey::try_from(public_key_bytes.as_ref()).unwrap(), + ) .expect("to sign message"); assert_eq!(sig_local, sig_keystore); }