blvm-sdk 0.1.8

Bitcoin Commons software developer kit, governance infrastructure and composition framework for Bitcoin
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141

//! # Governance Signatures

use blvm_secp256k1::ecdsa::{
    ecdsa_sig_parse_compact, ecdsa_sig_verify, ecdsa_sign_compact_rfc6979, ge_from_pubkey_bytes,
};
use blvm_secp256k1::scalar::Scalar;
use sha2::Digest;
use std::fmt;

use crate::governance::error::{GovernanceError, GovernanceResult};

/// A compact (64-byte) governance signature.
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct Signature {
    pub(crate) bytes: [u8; 64],
}

impl Signature {
    /// Create a signature from compact 64-byte encoding.
    pub fn from_bytes(bytes: &[u8]) -> GovernanceResult<Self> {
        let arr: [u8; 64] = bytes.try_into().map_err(|_| {
            GovernanceError::InvalidSignatureFormat(
                "Signature must be 64 bytes (compact r||s)".to_string(),
            )
        })?;
        // Validate parsability.
        ecdsa_sig_parse_compact(&arr).ok_or_else(|| {
            GovernanceError::InvalidSignatureFormat("Invalid compact signature".to_string())
        })?;
        Ok(Self { bytes: arr })
    }

    /// Get compact 64-byte encoding.
    pub fn to_bytes(&self) -> [u8; 64] {
        self.bytes
    }

    /// DER-encoded form (for legacy compatibility).
    pub fn to_der_bytes(&self) -> Vec<u8> {
        use blvm_secp256k1::ecdsa::ecdsa_sig_serialize_der;
        let (r, s) =
            ecdsa_sig_parse_compact(&self.bytes).expect("bytes were validated on construction");
        ecdsa_sig_serialize_der(&r, &s)
    }
}

impl fmt::Display for Signature {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(f, "{}", hex::encode(self.to_bytes()))
    }
}

/// Sign a message with a 32-byte secret key (SHA-256 hash, RFC 6979 nonce).
pub fn sign_message(secret_key: &[u8; 32], message: &[u8]) -> GovernanceResult<Signature> {
    let hash: [u8; 32] = sha2::Sha256::digest(message).into();
    let compact = ecdsa_sign_compact_rfc6979(&hash, secret_key)
        .ok_or_else(|| GovernanceError::Cryptographic("ECDSA signing failed".to_string()))?;
    Ok(Signature { bytes: compact })
}

/// Verify a signature against a message and public key.
pub fn verify_signature(
    signature: &Signature,
    message: &[u8],
    public_key: &crate::governance::PublicKey,
) -> GovernanceResult<bool> {
    let hash: [u8; 32] = sha2::Sha256::digest(message).into();
    verify_hash(signature, &hash, public_key)
}

/// Verify a signature against a pre-computed 32-byte message hash.
pub fn verify_signature_hash(
    signature: &Signature,
    message_hash: &[u8; 32],
    public_key: &crate::governance::PublicKey,
) -> GovernanceResult<bool> {
    verify_hash(signature, message_hash, public_key)
}

fn verify_hash(
    signature: &Signature,
    hash: &[u8; 32],
    public_key: &crate::governance::PublicKey,
) -> GovernanceResult<bool> {
    let (sigr, sigs) = match ecdsa_sig_parse_compact(&signature.bytes) {
        Some(p) => p,
        None => return Ok(false),
    };
    let pk = match ge_from_pubkey_bytes(&public_key.public_key_bytes) {
        Some(p) => p,
        None => {
            return Err(GovernanceError::InvalidKey(
                "Invalid public key".to_string(),
            ))
        }
    };
    let mut msg = Scalar::zero();
    let _ = msg.set_b32(hash);
    Ok(ecdsa_sig_verify(&sigr, &sigs, &pk, &msg))
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::governance::GovernanceKeypair;

    #[test]
    fn test_sign_and_verify() {
        let keypair = GovernanceKeypair::generate().unwrap();
        let message = b"test message";
        let signature = sign_message(&keypair.secret_key, message).unwrap();
        let verified = verify_signature(&signature, message, &keypair.public_key()).unwrap();
        assert!(verified);
    }

    #[test]
    fn test_signature_serialization() {
        let keypair = GovernanceKeypair::generate().unwrap();
        let message = b"test message";
        let signature = sign_message(&keypair.secret_key, message).unwrap();
        let bytes = signature.to_bytes();
        let reconstructed = Signature::from_bytes(&bytes).unwrap();
        assert_eq!(signature, reconstructed);
    }

    #[test]
    fn test_invalid_signature() {
        let keypair = GovernanceKeypair::generate().unwrap();
        let message = b"test message";
        let signature = sign_message(&keypair.secret_key, message).unwrap();
        let verified =
            verify_signature(&signature, b"wrong message", &keypair.public_key()).unwrap();
        assert!(!verified);
    }

    #[test]
    fn test_invalid_signature_format() {
        let result = Signature::from_bytes(&[0u8; 63]);
        assert!(result.is_err());
    }
}