Scheme

commonware_consensus::simplex::signing_scheme

Trait Scheme 

Source 
pub trait Scheme:
    Clone
    + Debug
    + Send
    + Sync
    + 'static {
    type PublicKey: PublicKey;
    type Signature: Clone + Debug + PartialEq + Eq + Hash + Send + Sync + CodecFixed<Cfg = ()>;
    type Certificate: Clone + Debug + PartialEq + Eq + Hash + Send + Sync + Codec;
    type Seed: Clone + Encode + Send;

    // Required methods
    fn me(&self) -> Option<u32>;
    fn participants(&self) -> &Ordered<Self::PublicKey>;
    fn sign_vote<D: Digest>(
        &self,
        namespace: &[u8],
        context: VoteContext<'_, D>,
    ) -> Option<Vote<Self>>;
    fn verify_vote<D: Digest>(
        &self,
        namespace: &[u8],
        context: VoteContext<'_, D>,
        vote: &Vote<Self>,
    ) -> bool;
    fn assemble_certificate<I>(&self, votes: I) -> Option<Self::Certificate>
       where I: IntoIterator<Item = Vote<Self>>;
    fn verify_certificate<R: Rng + CryptoRng, D: Digest>(
        &self,
        rng: &mut R,
        namespace: &[u8],
        context: VoteContext<'_, D>,
        certificate: &Self::Certificate,
    ) -> bool;
    fn seed(
        &self,
        round: Round,
        certificate: &Self::Certificate,
    ) -> Option<Self::Seed>;
    fn is_attributable(&self) -> bool;
    fn certificate_codec_config(&self) -> <Self::Certificate as Read>::Cfg;
    fn certificate_codec_config_unbounded() -> <Self::Certificate as Read>::Cfg;

    // Provided methods
    fn verify_votes<R, D, I>(
        &self,
        _rng: &mut R,
        namespace: &[u8],
        context: VoteContext<'_, D>,
        votes: I,
    ) -> VoteVerification<Self>
       where R: Rng + CryptoRng,
             D: Digest,
             I: IntoIterator<Item = Vote<Self>> { ... }
    fn verify_certificates<'a, R, D, I>(
        &self,
        rng: &mut R,
        namespace: &[u8],
        certificates: I,
    ) -> bool
       where R: Rng + CryptoRng,
             D: Digest,
             I: Iterator<Item = (VoteContext<'a, D>, &'a Self::Certificate)> { ... }
}
Expand description

Cryptographic surface required by simplex.

A Scheme produces validator votes, validates them (individually or in batches), assembles quorum certificates, checks recovered certificates and, when available, derives a randomness seed for leader rotation. Implementations may override the provided defaults to take advantage of scheme-specific batching strategies.

§Identity Keys vs Consensus Keys

A participant may supply both an identity key and a consensus key. The identity key is used for assigning a unique order to the committee and authenticating connections whereas the consensus key is used for actually signing and verifying votes/certificates.

This flexibility is supported because some cryptographic schemes are only performant when used in batch verification (like bls12381_multisig) and/or are refreshed frequently (like bls12381_threshold). Refer to ed25519 for an example of a scheme that uses the same key for both purposes.

Required Associated Types§

Source

type PublicKey: PublicKey

Public key type for participant identity used to order and index the committee.

Source

type Signature: Clone + Debug + PartialEq + Eq + Hash + Send + Sync + CodecFixed<Cfg = ()>

Vote signature emitted by individual validators.

Source

type Certificate: Clone + Debug + PartialEq + Eq + Hash + Send + Sync + Codec

Quorum certificate recovered from a set of votes.

Source

type Seed: Clone + Encode + Send

Randomness seed derived from a certificate, if the scheme supports it.

Required Methods§

Source

fn me(&self) -> Option<u32>

Returns the index of “self” in the participant set, if available. Returns None if the scheme is a verifier-only instance.

Source

fn participants(&self) -> &Ordered<Self::PublicKey>

Returns the ordered set of participant public identity keys managed by the scheme.

Source

fn sign_vote<D: Digest>( &self, namespace: &[u8], context: VoteContext<'_, D>, ) -> Option<Vote<Self>>

Signs a vote for the given context using the supplied namespace for domain separation. Returns None if the scheme cannot sign (e.g. it’s a verifier-only instance).

Source

fn verify_vote<D: Digest>( &self, namespace: &[u8], context: VoteContext<'_, D>, vote: &Vote<Self>, ) -> bool

Verifies a single vote against the participant material managed by the scheme.

Source

fn assemble_certificate<I>(&self, votes: I) -> Option<Self::Certificate>
where I: IntoIterator<Item = Vote<Self>>,

Aggregates a quorum of votes into a certificate, returning None if the quorum is not met.

Callers must not include duplicate votes from the same signer.

Source

fn verify_certificate<R: Rng + CryptoRng, D: Digest>( &self, rng: &mut R, namespace: &[u8], context: VoteContext<'_, D>, certificate: &Self::Certificate, ) -> bool

Verifies a certificate that was recovered or received from the network.

Source

fn seed( &self, round: Round, certificate: &Self::Certificate, ) -> Option<Self::Seed>

Extracts randomness seed, if provided by the scheme, derived from the certificate for the given round.

Source

fn is_attributable(&self) -> bool

Returns whether per-validator fault evidence can be safely exposed.

Schemes where individual signatures can be safely reported as fault evidence should return true.

This is used by reporter::AttributableReporter to safely expose consensus activities.

Source

fn certificate_codec_config(&self) -> <Self::Certificate as Read>::Cfg

Encoding configuration for bounded-size certificate decoding used in network payloads.

Source

fn certificate_codec_config_unbounded() -> <Self::Certificate as Read>::Cfg

Encoding configuration that allows unbounded certificate decoding.

Only use this when decoding data from trusted local storage, it must not be exposed to adversarial inputs or network payloads.

Provided Methods§

Source

fn verify_votes<R, D, I>( &self, _rng: &mut R, namespace: &[u8], context: VoteContext<'_, D>, votes: I, ) -> VoteVerification<Self>
where R: Rng + CryptoRng, D: Digest, I: IntoIterator<Item = Vote<Self>>,

Batch-verifies votes and separates valid messages from the voter indices that failed verification.

Callers must not include duplicate votes from the same signer.

Source

fn verify_certificates<'a, R, D, I>( &self, rng: &mut R, namespace: &[u8], certificates: I, ) -> bool
where R: Rng + CryptoRng, D: Digest, I: Iterator<Item = (VoteContext<'a, D>, &'a Self::Certificate)>,

Verifies a stream of certificates, returning false at the first failure.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors§

Source§

impl Scheme for commonware_consensus::simplex::signing_scheme::ed25519::Scheme

Source§

type PublicKey = PublicKey

Source§

type Signature = Signature

Source§

type Certificate = Certificate

Source§

type Seed = ()

Source§

impl<P: PublicKey, V: Variant + Send + Sync> Scheme for commonware_consensus::simplex::signing_scheme::bls12381_threshold::Scheme<P, V>

Source§

type PublicKey = P

Source§

type Signature = Signature<V>

Source§

type Certificate = Signature<V>

Source§

type Seed = Seed<V>

Source§

impl<P: PublicKey, V: Variant + Send + Sync> Scheme for commonware_consensus::simplex::signing_scheme::bls12381_multisig::Scheme<P, V>

Source§

type PublicKey = P

Source§

type Signature = <V as Variant>::Signature

Source§

type Certificate = Certificate<V>

Source§

type Seed = ()