merge from upstream

.github/workflows/lint.yaml

@@ -16,7 +16,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.17
+          go-version: 1.19
 
       - name: Get Dependencies
         run: go get -v -t -d ./...

.github/workflows/test.yaml

@@ -16,7 +16,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.17
+          go-version: 1.19
 
       - name: Get Dependencies
         run: go get -v -t -d ./...

Makefile

@@ -15,8 +15,14 @@ fmt:
 
 .PHONY: test
 test:
-	@go test -v -race -timeout 20m "${TEST_PKG}"
+	@go test -v -race -timeout 25m "${TEST_PKG}"
 
 .PHONY: generate-jsons
 generate-jsons:
 	@go generate ./...
+
+.PHONY: generate-ssz
+generate-ssz:
+	@go generate ./qbft/
+	@go generate ./ssv/
+	@go generate ./types/

README.md

@@ -54,7 +54,7 @@ func ComputeSigningRoot(data MessageRoot, domain SignatureDomain) ([]byte, error
         return nil, errors.Wrap(err, "could not get root from MessageRoot")
     }
 
-    ret := sha256.Sum256(append(dataRoot, domain...))
+    ret := sha256.Sum256(append(dataRoot[:], domain...))
     return ret[:], nil
 }
 ```
@@ -184,17 +184,3 @@ To generate all json spec tests, run:
 foo@bar:~$ go generate ./...
 ```
 Then run all tests
-
-## TODO
-- [//] Proposal duty execution + spec test + consensus validator
-- [//] Aggregator duty execution + spec test + consensus validator
-- [//] Sync committee duty execution + spec test + consensus validator
-- [//] Sync committee aggregator duty
-- [ ] Duty data validation (how do we ensure malicious leader doesn't proposer a non slashable attestation/ block but with invalid data)
-- [ ] Wait 1/3 or 2/3 of slot during duty execution? how else?
-- [X] implement 7,10,13 committee sizes
-- [X] improve pre-consensus partial sigs to support signed roots which are not necessarily what the local node signed (example: node 1 signed randao/ selection proof root X but nodes 2,3,4 signed Y)
-- [X] pre and post consensus timeout redesign as 32 slot timeout can cause the next duty not to start (if it starts in less than 32 slots)
-- [ ] Move ConsensusData struct to ssv package
-- [ ] Remove? storage interface? do we use it?
-- [ ] move spec structs from go-eth2-client to protolambda/zrnt?

dkg/frost/helper.go

@@ -30,5 +30,5 @@ func haveSameRoot(existingMessage, newMessage *dkg.SignedMessage) bool {
 	if err != nil {
 		return false
 	}
-	return bytes.Equal(r1, r2)
+	return bytes.Equal(r1[:], r2[:])
 }

dkg/frost/instance.go

@@ -209,7 +209,7 @@ func (fr *Instance) validateSignedMessage(msg *dkg.SignedMessage) error {
 		return errors.Wrap(err, "failed to get root")
 	}
 
-	if !types.Verify(operator.EncryptionPubKey, root, msg.Signature) {
+	if !types.Verify(operator.EncryptionPubKey, root[:], msg.Signature) {
 		return errors.New("invalid signature")
 	}
 	return nil

dkg/keysign/instance.go

@@ -146,7 +146,7 @@ func (instance *Instance) validateSignedMessage(msg *dkg.SignedMessage) error {
 		return errors.Wrap(err, "failed to get root")
 	}
 
-	if !types.Verify(operator.EncryptionPubKey, root, msg.Signature) {
+	if !types.Verify(operator.EncryptionPubKey, root[:], msg.Signature) {
 		return errors.New("invalid signature")
 	}
 	return nil

dkg/messages.go

@@ -8,7 +8,6 @@ import (
 
 	"github.com/attestantio/go-eth2-client/spec/phase0"
 	"github.com/bloxapp/ssv-spec/types"
-	"github.com/ethereum/go-ethereum/accounts/abi"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/crypto"
 	"github.com/herumi/bls-eth-go-binary/bls"
@@ -85,13 +84,12 @@ func (msg *Message) Validate() error {
 	return nil
 }
 
-func (msg *Message) GetRoot() ([]byte, error) {
+func (msg *Message) GetRoot() ([32]byte, error) {
 	marshaledRoot, err := msg.Encode()
 	if err != nil {
-		return nil, errors.Wrap(err, "could not encode PartialSignatureMessage")
+		return [32]byte{}, errors.Wrap(err, "could not encode Message")
 	}
-	ret := sha256.Sum256(marshaledRoot)
-	return ret[:], nil
+	return sha256.Sum256(marshaledRoot), nil
 }
 
 type SignedMessage struct {
@@ -116,7 +114,7 @@ func (signedMsg *SignedMessage) Validate() error {
 	return signedMsg.Message.Validate()
 }
 
-func (signedMsg *SignedMessage) GetRoot() ([]byte, error) {
+func (signedMsg *SignedMessage) GetRoot() ([32]byte, error) {
 	return signedMsg.Message.GetRoot()
 }
 
@@ -245,34 +243,20 @@ type Output struct {
 	DepositDataSignature types.Signature
 }
 
-func (o *Output) GetRoot() ([]byte, error) {
-	bytesSolidity, _ := abi.NewType("bytes", "", nil)
-
-	arguments := abi.Arguments{
-		{
-			Type: bytesSolidity,
-		},
-		{
-			Type: bytesSolidity,
-		},
-		{
-			Type: bytesSolidity,
-		},
-		{
-			Type: bytesSolidity,
-		},
-	}
+func (o *Output) Encode() ([]byte, error) {
+	return json.Marshal(o)
+}
+
+func (o *Output) Decode(data []byte) error {
+	return json.Unmarshal(data, o)
+}
 
-	bytes, err := arguments.Pack(
-		[]byte(o.EncryptedShare),
-		[]byte(o.SharePubKey),
-		[]byte(o.ValidatorPubKey),
-		[]byte(o.DepositDataSignature),
-	)
+func (o *Output) GetRoot() ([32]byte, error) {
+	marshaledRoot, err := o.Encode()
 	if err != nil {
-		return nil, err
+		return [32]byte{}, errors.Wrap(err, "could not encode Message")
 	}
-	return crypto.Keccak256(bytes), nil
+	return sha256.Sum256(marshaledRoot), nil
 }
 
 type SignedOutput struct {
@@ -314,27 +298,12 @@ func (msg *BlameData) Decode(data []byte) error {
 	return json.Unmarshal(data, msg)
 }
 
-func (msg *BlameData) GetRoot() ([]byte, error) {
-	bytesSolidity, _ := abi.NewType("bytes", "", nil)
-	boolSolidity, _ := abi.NewType("bool", "", nil)
-
-	arguments := abi.Arguments{
-		{
-			Type: boolSolidity,
-		},
-		{
-			Type: bytesSolidity,
-		},
-	}
-
-	bytes, err := arguments.Pack(
-		msg.Valid,
-		[]byte(msg.BlameMessage),
-	)
+func (msg *BlameData) GetRoot() ([32]byte, error) {
+	marshaledRoot, err := msg.Encode()
 	if err != nil {
-		return nil, err
+		return [32]byte{}, errors.Wrap(err, "could not encode Message")
 	}
-	return crypto.Keccak256(bytes), nil
+	return sha256.Sum256(marshaledRoot), nil
 }
 
 func SignOutput(output *Output, privKey *ecdsa.PrivateKey) (types.Signature, error) {
@@ -343,7 +312,7 @@ func SignOutput(output *Output, privKey *ecdsa.PrivateKey) (types.Signature, err
 		return nil, errors.Wrap(err, "could not get root from output message")
 	}
 
-	return crypto.Sign(root, privKey)
+	return crypto.Sign(root[:], privKey)
 }
 
 // PartialDepositData contains a partial deposit data signature

dkg/node.go

@@ -292,7 +292,7 @@ func (n *Node) validateSignedMessage(message *SignedMessage) error {
 		Signer:  message.Signer,
 	}, types.ComputeSignatureDomain(n.config.SignatureDomainType, types.DKGSignatureType))
 
-	isValid := types.Verify(operator.EncryptionPubKey, root, message.Signature)
+	isValid := types.Verify(operator.EncryptionPubKey, root[:], message.Signature)
 	if !isValid {
 		return errors.Wrap(err, "signed message invalid")
 	}

dkg/protocol.go

@@ -1,10 +1,12 @@
 package dkg
 
 import (
+	"crypto/sha256"
+	"encoding/json"
+
 	"github.com/bloxapp/ssv-spec/types"
-	"github.com/ethereum/go-ethereum/accounts/abi"
-	"github.com/ethereum/go-ethereum/crypto"
 	"github.com/herumi/bls-eth-go-binary/bls"
+	"github.com/pkg/errors"
 )
 
 type ProtocolOutcome struct {
@@ -50,24 +52,20 @@ type KeySignOutput struct {
 	ValidatorPK types.ValidatorPK
 }
 
-func (o *KeySignOutput) GetRoot() ([]byte, error) {
-	bytesSolidity, _ := abi.NewType("bytes", "", nil)
-	arguments := abi.Arguments{
-		{
-			Type: bytesSolidity,
-		},
-		{
-			Type: bytesSolidity,
-		},
-	}
-	bytes, err := arguments.Pack(
-		[]byte(o.ValidatorPK),
-		[]byte(o.Signature),
-	)
+func (o *KeySignOutput) Encode() ([]byte, error) {
+	return json.Marshal(o)
+}
+
+func (o *KeySignOutput) Decode(data []byte) error {
+	return json.Unmarshal(data, o)
+}
+
+func (o *KeySignOutput) GetRoot() ([32]byte, error) {
+	marshaledRoot, err := o.Encode()
 	if err != nil {
-		return nil, err
+		return [32]byte{}, errors.Wrap(err, "could not encode Message")
 	}
-	return crypto.Keccak256(bytes), nil
+	return sha256.Sum256(marshaledRoot), nil
 }
 
 // BlameOutput is the output of blame round

dkg/runner.go

@@ -2,6 +2,8 @@ package dkg
 
 import (
 	"bytes"
+	"crypto/rand"
+	"crypto/rsa"
 	"fmt"
 
 	"github.com/bloxapp/ssv-spec/types"
@@ -232,7 +234,7 @@ func (r *runner) validateSignedOutput(msg *SignedOutput) error {
 		return errors.Wrap(err, "fail to get root")
 	}
 
-	isValid := types.Verify(operator.EncryptionPubKey, root, msg.Signature)
+	isValid := types.Verify(operator.EncryptionPubKey, root[:], msg.Signature)
 	if !isValid {
 		return errors.New("invalid signature")
 	}
@@ -310,7 +312,7 @@ func (r *runner) prepareAndBroadcastKeyGenOutput() error {
 	// TODO: this is encryped in such manner so that cli can generate a compatible
 	// keyshares file
 	// https://docs.ssv.network/developers/tools/ssv-key-distributor/ssv-keys-cli
-	encryptedShare, err := r.config.Signer.Encrypt(r.Operator.EncryptionPubKey, []byte("0x"+r.KeygenOutcome.ProtocolOutput.Share.SerializeToHexStr()))
+	encryptedShare, err := rsa.EncryptPKCS1v15(rand.Reader, r.Operator.EncryptionPubKey, []byte("0x"+r.KeygenOutcome.ProtocolOutput.Share.SerializeToHexStr()))
 	if err != nil {
 		return errors.Wrap(err, "could not encrypt share")
 	}