commonware_consensus/ordered_broadcast/
scheme.rs

1//! Signing scheme implementations for `ordered_broadcast`.
2//!
3//! This module provides protocol-specific wrappers around the generic signing schemes
4//! in [`commonware_cryptography::certificate`]. Each wrapper binds the scheme's subject type to
5//! [`AckSubject`], which is used for signing and verifying chunk acknowledgments.
6//!
7//! # Available Schemes
8//!
9//! - [`ed25519`]: Attributable signatures with individual verification. HSM-friendly,
10//!   no trusted setup required.
11//! - [`bls12381_multisig`]: Attributable signatures with aggregated verification.
12//!   Compact certificates while preserving attribution.
13//! - [`bls12381_threshold`]: Non-attributable threshold signatures. Constant-size
14//!   certificates regardless of committee size.
15
16use super::types::AckSubject;
17use commonware_cryptography::{certificate, Digest, PublicKey};
18
19/// Marker trait for signing schemes compatible with `ordered_broadcast`.
20///
21/// This trait binds a [`certificate::Scheme`] to the [`AckSubject`] subject
22/// type used by the ordered broadcast protocol. It is automatically implemented
23/// for any scheme whose subject type matches `AckSubject<'a, P, D>`.
24pub trait Scheme<P: PublicKey, D: Digest>:
25    for<'a> certificate::Scheme<Subject<'a, D> = AckSubject<'a, P, D>, PublicKey = P>
26{
27}
28
29impl<P: PublicKey, D: Digest, S> Scheme<P, D> for S where
30    S: for<'a> certificate::Scheme<Subject<'a, D> = AckSubject<'a, P, D>, PublicKey = P>
31{
32}
33
34pub mod bls12381_multisig {
35    //! BLS12-381 multi-signature implementation of the [`Scheme`] trait for `ordered_broadcast`.
36    //!
37    //! [`Scheme`] is **attributable**: individual signatures can be
38    //! used by an external observer as evidence of either liveness or of committing a fault.
39    //! Certificates contain signer indices alongside an aggregated signature,
40    //! enabling secure per-validator activity tracking and conflict detection.
41
42    use crate::ordered_broadcast::types::AckSubject;
43    use commonware_cryptography::impl_certificate_bls12381_multisig;
44
45    impl_certificate_bls12381_multisig!(AckSubject<'a, P, D>);
46}
47
48pub mod bls12381_threshold {
49    //! BLS12-381 threshold implementation of the [`Scheme`] trait for `ordered_broadcast`.
50    //!
51    //! [`Scheme`] is **non-attributable**: exposing partial signatures
52    //! as evidence of either liveness or of committing a fault is not safe. With threshold signatures,
53    //! any `t` valid partial signatures can be used to forge a partial signature for any other player,
54    //! enabling equivocation attacks. Because peer connections are authenticated, evidence can be used locally
55    //! (as it must be sent by said participant) but can't be used by an external observer.
56
57    use crate::ordered_broadcast::types::AckSubject;
58    use commonware_cryptography::impl_certificate_bls12381_threshold;
59
60    impl_certificate_bls12381_threshold!(AckSubject<'a, P, D>);
61}
62
63pub mod ed25519 {
64    //! Ed25519 implementation of the [`Scheme`] trait for `ordered_broadcast`.
65    //!
66    //! [`Scheme`] is **attributable**: individual signatures can be safely
67    //! presented to some third party as evidence of either liveness or of committing a fault. Certificates
68    //! contain signer indices alongside individual signatures, enabling secure
69    //! per-validator activity tracking and fault detection.
70
71    use crate::ordered_broadcast::types::AckSubject;
72    use commonware_cryptography::{ed25519, impl_certificate_ed25519};
73
74    impl_certificate_ed25519!(AckSubject<'a, ed25519::PublicKey, D>);
75}