Ed25519 suitable for use in consensus-critical contexts.

Overview

Ed25519 for consensus-critical contexts

This library provides an Ed25519 implementation with validation rules intended for consensus-critical contexts.

ed25519-consensus = "1"

Ed25519 signatures are widely used in consensus-critical contexts (e.g., blockchains), where different nodes must agree on whether or not a given signature is valid. However, Ed25519 does not clearly define criteria for signature validity, and even standards-conformant implementations are not required to agree on whether a signature is valid.

Different Ed25519 implementations may not (and in practice, do not) agree on validation criteria in subtle edge cases. This poses a double risk to the use of Ed25519 in consensus-critical contexts. First, the presence of multiple Ed25519 implementations may open the possibility of consensus divergence. Second, even when a single implementation is used, the protocol implicitly includes that particular version's validation criteria as part of the consensus rules. However, if the implementation is not intended to be used in consensus-critical contexts, it may change validation criteria between releases.

For instance, the initial implementation of Zcash consensus in zcashd inherited validity criteria from a then-current version of libsodium (1.0.15). Due to a bug in libsodium, this was different from the intended criteria documented in the Zcash protocol specification 3 (before the specification was changed to match libsodium 1.0.15 in specification version 2020.1.2). Also, libsodium never guaranteed stable validity criteria, and changed behavior in a later point release. This forced zcashd to use an older version of the library before eventually patching a newer version to have consistent validity criteria. To be compatible, Zebra had to implement a special library, ed25519-zebra, to provide Zcash-flavored Ed25519, attempting to match libsodium 1.0.15 exactly. And the initial attempt to implement ed25519-zebra was also incompatible, because it precisely matched the wrong compile-time configuration of libsodium.

This problem is fixed by ZIP215, a specification of a precise set of validation criteria for Ed25519 signatures. Although originally developed for Zcash, these rules are of general interest, as they precisely specified and ensure that batch and individual verification are guaranteed to give the same results. This library implements these rules; it is a fork of ed25519-zebra with Zcash-specific parts removed.

More details on this problem and its solution can be found in It's 255:19AM. Do you know what your validation criteria are?

Example

use std::convert::TryFrom;
use rand::thread_rng;
use ed25519_consensus::*;

let msg = b"ed25519-consensus";

// Signer's context
let (vk_bytes, sig_bytes) = {
    // Generate a signing key and sign the message
    let sk = SigningKey::new(thread_rng());
    let sig = sk.sign(msg);

    // Types can be converted to raw byte arrays with From/Into
    let sig_bytes: [u8; 64] = sig.into();
    let vk_bytes: [u8; 32] = VerificationKey::from(&sk).into();

    (vk_bytes, sig_bytes)
};

// Verify the signature
assert!(
    VerificationKey::try_from(vk_bytes)
        .and_then(|vk| vk.verify(&sig_bytes.into(), msg))
        .is_ok()
);
You might also like...
An example of a fairing for rocket to use tracing (as this pops up at many places in dicussions and questions)
An example of a fairing for rocket to use tracing (as this pops up at many places in dicussions and questions)

Rocket Tracing Fairing Example This repository aims to give a short example of how you can add a Fairing to your Rocket for tracing and how to use it

A flexible, simple to use, immutable, clone-efficient String replacement for Rust

A flexible, simple to use, immutable, clone-efficient String replacement for Rust. It unifies literals, inlined, and heap allocated strings into a single type.

Manage self-hosted Supabase instances with an easy to use API & Web Portal (soon)

SupaManager A project by Harry Bairstow; Manage self-hosted Supabase instances with an easy to use API & Web Portal (soon) ⚠️ Note: The project is in

Examples of how to use Rust with Serverless Framework, Lambda, API Gateway v1 and v2, SQS, GraphQL, etc

Rust Serverless Examples All examples live in their own directories: project: there is nothing here, just a simple cargo new project_name with a custo

Automatically transform your Next.js Pages to use SuperJSON with SWC

🔌 NEXT SUPERJSON PLUGIN export default function Page({ date }) { return ( div Today is {date.toDateString()} /div ) } // You c

ffizz is a library of utilities for exporting Rust libs for use in other languages

ffizz ffizz is a library of utilities for exporting Rust libs for use in other languages. FFI generally requires a lot of unsafe code, which in turn r

A Rust framework to develop and use plugins within your project, without worrying about the low-level details.

VPlugin: A plugin framework for Rust. Website | Issues | Documentation VPlugin is a Rust framework to develop and use plugins on applications and libr

How to use an Arduino library in a Rust project?

Example of an Arduino library usage in a Rust project The project tested with Arduino UNO on Fedora 35. It demonstrates the usage of LiquidCrystal_I2C

A simple to use rust package to generate or parse Twitter snowflake IDs,generate time sortable 64 bits unique ids for distributed systems

A simple to use rust package to generate or parse Twitter snowflake IDs,generate time sortable 64 bits unique ids for distributed systems (inspired from twitter snowflake)

Comments
  • Remove Copy implementation from SigningKey

    Remove Copy implementation from SigningKey

    Removes Copy implementation from SigningKey in favor of requiring explicit use of Clone, related to comments from https://github.com/informalsystems/tendermint-rs/issues/1077

    opened by zbuc 0
  • [WIP] Use `ed25519::Signature` as the signature type; MSRV 1.60

    [WIP] Use `ed25519::Signature` as the signature type; MSRV 1.60

    This allows using ed25519-consensus in conjunction with the signature::{Signer, Verifier} traits. These traits are generic around a signature type parameter, which in this case is ed25519::Signature.

    Uses namespaced features to activate both dep:serde and ed25519/serde, which requires an MSRV of 1.60.

    opened by tarcieri 2
Owner
Penumbra
Penumbra is a fully private proof-of-stake network interoperable with the Cosmos ecosystem.
Penumbra
Czkawka is a simple, fast and easy to use app to remove unnecessary files from your computer.

Multi functional app to find duplicates, empty folders, similar images etc.

Rafał Mikrut 9.2k Jan 4, 2023
bevy_blender is a Bevy library that allows you to use assets created in Blender directly from the .blend file

bevy_blender bevy_blender is a Bevy library that allows you to use assets created in Blender directly from the .blend file.

Jerald Thomas 45 Jan 4, 2023
swc node binding use wasm

node_swc swc node binding use wasm Build Make sure you have rust wasm-pack installed. $ yarn build # build wasm, node Usage import { parseSync, printS

伊撒尔 23 Sep 8, 2022
Use enum to filter something, support | and & operator.

Filter Use enum to filter something, support | and & operator. Just need to implement Filter Trait with filter-macros crate. How to work Example #[add

上铺小哥 9 Feb 8, 2022
Easy to use Rust i18n library based on code generation

rosetta-i18n rosetta-i18n is an easy-to-use and opinionated Rust internationalization (i18n) library powered by code generation. rosetta_i18n::include

null 38 Dec 18, 2022
Proof of Concept / Experiment: Use IDF-HAL-LL from bare metal Rust

Proof of Concept / Experiment: Use IDF-HAL-LL from BM Rust idf-ll-compile pre-compiles a static library for ESP32C3 and ESP32 esp-ll a simple crate th

Björn Quentin 0 Aug 11, 2022
How to use libtor in a Rust app

libtor example Uses libtor crate to run a Tor daemon in process. This example spawns the Tor daemon using Tokio's spawn_blocking, and then spawns othe

Byron Hambly 1 Nov 28, 2021
Examples to demonstrate how to use PipeCD

examples A repository contains some examples for PipeCD. NOTE: This repository is automatically synced from the examples directory of pipe-cd/pipe rep

PipeCD 20 Dec 14, 2022
This is my painful experience trying to use sensors in Rapier2D and NPhysics

Sensor-Pain This is my painful experience trying to use sensors in Rapier2D and NPhysics. We're using a sensor on the player box to detect if the play

null 0 Dec 24, 2021
Generate bindings to use Rust code in Qt and QML

Rust Qt Binding Generator This code generator gets you started quickly to use Rust code from Qt and QML. In other words, it helps to create a Qt based

KDE GitHub Mirror 768 Dec 24, 2022