Scaffold an initial cardano-crypto-leios package#670
Open
ch1bo wants to merge 24 commits into
Open
Conversation
3 tasks
ch1bo
changed the title
ch1bo
force-pushed
the
ch1bo/cardano-crypto-leios
branch
from
d85df0c to
aa227fa
Compare
ch1bo
force-pushed
the
ch1bo/cardano-crypto-leios
branch
from
bf92c7d to
780e347
Compare
10 tasks
ch1bo
force-pushed
the
ch1bo/cardano-crypto-leios
branch
2 times, most recently
from
1102098 to
25e16ac
Compare
Roundtrip and golden tests for LeiosCert
These are the only means to create and verify leios certificates about a certain message (a leios vote). Committee selection was deliberately kept out of scope
The golden test compares 'cardano-crypto-leios/test/golden/LeiosCert' byte-for-byte against the hex-dump output of 'encodeWithIndex'. Without this attribute, the default Windows 'core.autocrlf=true' translates LF to CRLF on checkout and the comparison fails, even though the file is committed with LF endings.
These were needed/useful in the cardano-ledger-dijkstra integration
ch1bo
force-pushed
the
ch1bo/cardano-crypto-leios
branch
2 times, most recently
from
73d303e to
745de18
Compare
This avoids redundant import warnings on newer GHC versions
ch1bo
force-pushed
the
ch1bo/cardano-crypto-leios
branch
from
745de18 to
38a3b98
Compare
lehins
requested changes
Jun 19, 2026
lehins
left a comment
lehins
left a comment
Collaborator
There was a problem hiding this comment.
Consistency is one of the most important parts in software development. It is important to use consistent dependencies as the rest of the project, in this case cardano-base repo being that project.
Comment on lines
+141
to
+142
| { signers :: !BitField | ||
| , aggregatedSignature :: !LeiosSignature |
Collaborator
There was a problem hiding this comment.
This is a pretty terrible naming, since signers can easily be a local binding anywhere in the cardano-node codebase. I suggest something more descriptive like:
Suggested change
| { signers :: !BitField | |
| , aggregatedSignature :: !LeiosSignature | |
| { leisCertSigners :: !BitField | |
| , leisCertSignature :: !LeiosSignature | |
| -- ^ Aggregated BLS signature |
Contributor
Author
There was a problem hiding this comment.
I deliberately wanted to match the CDDL as close as possible. The call sites should be all in this module, outside construction and inspection are not really intended (to be convenient) and we could even choose to not export the field selectors. However, I didn't want to be too prescriptive on this type.
- Replace indexed-hex golden file with raw binary; drop the .gitattributes LF pin and the base16-bytestring dep. - Extract InsufficientWeight's named fields into a WeightMismatch record so no constructor has partial accessors; drop -Wno-partial-fields and DuplicateRecordFields. - Introduce strict LeiosVoter to replace the lazy (Weight, VerKey) tuple in Committee; switch BLSAggregationFailed to Text; tighten verifier accumulator strictness. - Don't export field selectors that can easily overlap.
Replaces the list-of-bytes construction in 'mkBitField' (and the 'BS.unpack' list comprehension in 'bitFieldMembers') with direct mutable 'ByteArray' operations from 'Data.Primitive.ByteArray', so the ByteArray-backed representation isn't undone by intermediate list allocations. Wire encode/decode stay zero-copy via the existing SBS aliasing; on-wire bytes are unchanged (golden test confirms).
'enforceSize' from cardano-binary only accepts definite-length lists, which would reject any producer that emits the 2-element outer array of a Leios certificate as an indefinite-length CBOR array. Switch to 'decodeListLenOrIndef' + 'matchSize' for the definite branch and a trailing 'decodeBreakOr' for the indefinite branch. Adds a QuickCheck property that round-trips through a hand-rolled indefinite-length encoding to lock the new behaviour in.
Section headers move into the export list; the body's '-- *' / '-- **' markers are removed to avoid double sections in Haddock. Doc strings stay at the definitions. 'mkBitField' and 'bitFieldMembers' are no longer exported — they're only callable through 'aggregateLeiosCert' / 'verifyLeiosCert', which the tests exercise transitively. Adversarial tests still have the 'bitFieldFromBytes' / 'bitFieldToBytes' wire helpers.
'aggregateLeiosCert' was binding 'entries = Map.toAscList contributions' just to feed two separate consumers: a range-check over keys and a signature-aggregation over values. Each consumer can take its Map.keys / Map.elems input directly, which lets list fusion eliminate the intermediates per pass. Adds source/destination type applications to every fromIntegral in the package (src + test + testlib) so the conversion's intent is explicit at the call site and silent type-changes during refactors are caught.
This should be a typical size (> 99% of current stake distribution)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a new package for leios cryptographic types and operations. This was done in course of IntersectMBO/ouroboros-consensus#2068, I'm currently integrating this with the
cardano-ledgermasterand expect a follow-up PR there.The digital signature scheme is BLS12-381 and fixed in the module. Contrary to the CIP-164, the certificate does not contain a slot or
EbHashanymore. This makes definition incardano-basea lot easier and in the current block structure design, the "message" against which the certificate is signed would be available from the (block) context in which the certificate is used.Most importantly, this module contains encoders/decoders for the
LeiosCerttype including roundtrip and golden tests. This should be enough for thecardano-ledgerto use this type confidently inDijkstraera blocks.There are also property tests about aggregating and verifying certificates. The
Committeeis part of this package, but how it is selected is deliberately kept out of scope.