Process bls changes (#11684)

* Implement ProcessBLSToExecutionChanges

* Batch process signatures

* gaz

* Change runtime behavior

* Terence's review

beacon-chain/core/blocks/BUILD.bazel

@@ -41,8 +41,8 @@ go_library(
         "//contracts/deposit:go_default_library",
         "//crypto/bls:go_default_library",
         "//crypto/hash:go_default_library",
-        "//crypto/hash/htr:go_default_library",
         "//encoding/bytesutil:go_default_library",
+        "//encoding/ssz:go_default_library",
         "//math:go_default_library",
         "//network/forks:go_default_library",
         "//proto/engine/v1:go_default_library",
@@ -70,6 +70,7 @@ go_test(
         "deposit_test.go",
         "eth1_data_test.go",
         "exit_test.go",
+        "exports_test.go",
         "genesis_test.go",
         "header_test.go",
         "payload_test.go",
@@ -97,7 +98,8 @@ go_test(
         "//consensus-types/primitives:go_default_library",
         "//container/trie:go_default_library",
         "//crypto/bls:go_default_library",
-        "//crypto/hash/htr:go_default_library",
+        "//crypto/bls/common:go_default_library",
+        "//crypto/hash:go_default_library",
         "//encoding/bytesutil:go_default_library",
         "//encoding/ssz:go_default_library",
         "//proto/engine/v1:go_default_library",

beacon-chain/core/blocks/exports_test.go

@@ -0,0 +1,3 @@
+package blocks
+
+var ProcessBLSToExecutionChange = processBLSToExecutionChange

beacon-chain/core/blocks/withdrawals.go

@@ -8,17 +8,74 @@ import (
 	"github.com/prysmaticlabs/prysm/v3/beacon-chain/core/signing"
 	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state"
 	"github.com/prysmaticlabs/prysm/v3/config/params"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/interfaces"
 	types "github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
-	"github.com/prysmaticlabs/prysm/v3/crypto/hash/htr"
-	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	"github.com/prysmaticlabs/prysm/v3/crypto/bls"
+	"github.com/prysmaticlabs/prysm/v3/crypto/hash"
+	"github.com/prysmaticlabs/prysm/v3/encoding/ssz"
 	enginev1 "github.com/prysmaticlabs/prysm/v3/proto/engine/v1"
 	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/runtime/version"
 	"github.com/prysmaticlabs/prysm/v3/time/slots"
 )
 
 const executionToBLSPadding = 12
 
-// ProcessBLSToExecutionChange validates a SignedBLSToExecution message and
+func ProcessBLSToExecutionChanges(
+	st state.BeaconState,
+	signed interfaces.SignedBeaconBlock) (state.BeaconState, error) {
+	if signed.Version() < version.Capella {
+		return st, nil
+	}
+	changes, err := signed.Block().Body().BLSToExecutionChanges()
+	if err != nil {
+		return nil, errors.Wrap(err, "could not get BLSToExecutionChanges")
+	}
+	// Return early if no changes
+	if len(changes) == 0 {
+		return st, nil
+	}
+	// Verify Signatures before processing them
+	batch := &bls.SignatureBatch{
+		Signatures: make([][]byte, len(changes)),
+		PublicKeys: make([]bls.PublicKey, len(changes)),
+		Messages:   make([][32]byte, len(changes)),
+	}
+	epoch := slots.ToEpoch(st.Slot())
+	domain, err := signing.Domain(st.Fork(), epoch, params.BeaconConfig().DomainBLSToExecutionChange, st.GenesisValidatorsRoot())
+	if err != nil {
+		return nil, err
+	}
+	for i, change := range changes {
+		batch.Signatures[i] = change.Signature
+		publicKey, err := bls.PublicKeyFromBytes(change.Message.FromBlsPubkey)
+		if err != nil {
+			return nil, errors.Wrap(err, "could not convert bytes to public key")
+		}
+		batch.PublicKeys[i] = publicKey
+		htr, err := signing.SigningData(change.Message.HashTreeRoot, domain)
+		if err != nil {
+			return nil, errors.Wrap(err, "could not compute BLSToExecutionChange signing data")
+		}
+		batch.Messages[i] = htr
+	}
+	verify, err := batch.Verify()
+	if err != nil {
+		return nil, errors.Wrap(err, "could not verify BLSToExecutionChange signatures")
+	}
+	if !verify {
+		return nil, signing.ErrSigFailedToVerify
+	}
+	for _, change := range changes {
+		st, err = processBLSToExecutionChange(st, change)
+		if err != nil {
+			return nil, errors.Wrap(err, "could not process BLSToExecutionChange")
+		}
+	}
+	return st, nil
+}
+
+// processBLSToExecutionChange validates a SignedBLSToExecution message and
 // changes the validator's withdrawal address accordingly.
 //
 // Spec pseudocode definition:
@@ -39,7 +96,7 @@ const executionToBLSPadding = 12
 //	    + b'\x00' * 11
 //	    + address_change.to_execution_address
 //	)
-func ProcessBLSToExecutionChange(st state.BeaconState, signed *ethpb.SignedBLSToExecutionChange) (state.BeaconState, error) {
+func processBLSToExecutionChange(st state.BeaconState, signed *ethpb.SignedBLSToExecutionChange) (state.BeaconState, error) {
 	if signed == nil {
 		return st, errNilSignedWithdrawalMessage
 	}
@@ -59,21 +116,12 @@ func ProcessBLSToExecutionChange(st state.BeaconState, signed *ethpb.SignedBLSTo
 
 	// hash the public key and verify it matches the withdrawal credentials
 	fromPubkey := message.FromBlsPubkey
-	pubkeyChunks := [][32]byte{bytesutil.ToBytes32(fromPubkey[:32]), bytesutil.ToBytes32(fromPubkey[32:])}
-	digest := make([][32]byte, 1)
-	htr.VectorizedSha256(pubkeyChunks, digest)
-	if !bytes.Equal(digest[0][1:], cred[1:]) {
+	hashFn := ssz.NewHasherFunc(hash.CustomSHA256Hasher())
+	digest := hashFn.Hash(fromPubkey)
+	if !bytes.Equal(digest[1:], cred[1:]) {
 		return nil, errInvalidWithdrawalCredentials
 	}
 
-	epoch := slots.ToEpoch(st.Slot())
-	domain, err := signing.Domain(st.Fork(), epoch, params.BeaconConfig().DomainBLSToExecutionChange, st.GenesisValidatorsRoot())
-	if err != nil {
-		return nil, err
-	}
-	if err := signing.VerifySigningRoot(message, fromPubkey, signed.Signature, domain); err != nil {
-		return nil, signing.ErrSigFailedToVerify
-	}
 	newCredentials := make([]byte, executionToBLSPadding)
 	newCredentials[0] = params.BeaconConfig().ETH1AddressWithdrawalPrefixByte
 	val.WithdrawalCredentials = append(newCredentials, message.ToExecutionAddress...)

beacon-chain/core/blocks/withdrawals_test.go

@@ -10,10 +10,12 @@ import (
 	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state"
 	state_native "github.com/prysmaticlabs/prysm/v3/beacon-chain/state/state-native"
 	"github.com/prysmaticlabs/prysm/v3/config/params"
+	consensusblocks "github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
 	types "github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
 	"github.com/prysmaticlabs/prysm/v3/crypto/bls"
-	"github.com/prysmaticlabs/prysm/v3/crypto/hash/htr"
-	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	"github.com/prysmaticlabs/prysm/v3/crypto/bls/common"
+	"github.com/prysmaticlabs/prysm/v3/crypto/hash"
+	"github.com/prysmaticlabs/prysm/v3/encoding/ssz"
 	enginev1 "github.com/prysmaticlabs/prysm/v3/proto/engine/v1"
 	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
 	"github.com/prysmaticlabs/prysm/v3/testing/require"
@@ -32,14 +34,13 @@ func TestProcessBLSToExecutionChange(t *testing.T) {
 			FromBlsPubkey:      pubkey,
 		}
 
-		pubkeyChunks := [][32]byte{bytesutil.ToBytes32(pubkey[:32]), bytesutil.ToBytes32(pubkey[32:])}
-		digest := make([][32]byte, 1)
-		htr.VectorizedSha256(pubkeyChunks, digest)
-		digest[0][0] = params.BeaconConfig().BLSWithdrawalPrefixByte
+		hashFn := ssz.NewHasherFunc(hash.CustomSHA256Hasher())
+		digest := hashFn.Hash(pubkey)
+		digest[0] = params.BeaconConfig().BLSWithdrawalPrefixByte
 
 		registry := []*ethpb.Validator{
 			{
-				WithdrawalCredentials: digest[0][:],
+				WithdrawalCredentials: digest[:],
 			},
 		}
 		st, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{
@@ -80,14 +81,13 @@ func TestProcessBLSToExecutionChange(t *testing.T) {
 			FromBlsPubkey:      pubkey,
 		}
 
-		pubkeyChunks := [][32]byte{bytesutil.ToBytes32(pubkey[:32]), bytesutil.ToBytes32(pubkey[32:])}
-		digest := make([][32]byte, 1)
-		htr.VectorizedSha256(pubkeyChunks, digest)
-		digest[0][0] = params.BeaconConfig().BLSWithdrawalPrefixByte
+		hashFn := ssz.NewHasherFunc(hash.CustomSHA256Hasher())
+		digest := hashFn.Hash(pubkey)
+		digest[0] = params.BeaconConfig().BLSWithdrawalPrefixByte
 
 		registry := []*ethpb.Validator{
 			{
-				WithdrawalCredentials: digest[0][:],
+				WithdrawalCredentials: digest[:],
 			},
 		}
 		st, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{
@@ -160,15 +160,13 @@ func TestProcessBLSToExecutionChange(t *testing.T) {
 			ValidatorIndex:     0,
 			FromBlsPubkey:      pubkey,
 		}
-
-		pubkeyChunks := [][32]byte{bytesutil.ToBytes32(pubkey[:32]), bytesutil.ToBytes32(pubkey[32:])}
-		digest := make([][32]byte, 1)
-		htr.VectorizedSha256(pubkeyChunks, digest)
-		digest[0][0] = params.BeaconConfig().BLSWithdrawalPrefixByte
+		hashFn := ssz.NewHasherFunc(hash.CustomSHA256Hasher())
+		digest := hashFn.Hash(pubkey)
+		digest[0] = params.BeaconConfig().BLSWithdrawalPrefixByte
 
 		registry := []*ethpb.Validator{
 			{
-				WithdrawalCredentials: digest[0][:],
+				WithdrawalCredentials: digest[:],
 			},
 		}
 		registry[0].WithdrawalCredentials[0] = params.BeaconConfig().ETH1AddressWithdrawalPrefixByte
@@ -578,3 +576,77 @@ func TestProcessWithdrawals(t *testing.T) {
 		})
 	}
 }
+
+func TestProcessBLSToExecutionChanges(t *testing.T) {
+	spb := &ethpb.BeaconStateCapella{
+		Fork: &ethpb.Fork{
+			CurrentVersion:  params.BeaconConfig().GenesisForkVersion,
+			PreviousVersion: params.BeaconConfig().GenesisForkVersion,
+		},
+	}
+	numValidators := 10
+	validators := make([]*ethpb.Validator, numValidators)
+	blsChanges := make([]*ethpb.BLSToExecutionChange, numValidators)
+	spb.Balances = make([]uint64, numValidators)
+	privKeys := make([]common.SecretKey, numValidators)
+	maxEffectiveBalance := params.BeaconConfig().MaxEffectiveBalance
+	executionAddress := []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13}
+
+	for i := range validators {
+		v := &ethpb.Validator{}
+		v.EffectiveBalance = maxEffectiveBalance
+		v.WithdrawableEpoch = params.BeaconConfig().FarFutureEpoch
+		v.WithdrawalCredentials = make([]byte, 32)
+		priv, err := bls.RandKey()
+		require.NoError(t, err)
+		privKeys[i] = priv
+		pubkey := priv.PublicKey().Marshal()
+
+		message := &ethpb.BLSToExecutionChange{
+			ToExecutionAddress: executionAddress,
+			ValidatorIndex:     types.ValidatorIndex(i),
+			FromBlsPubkey:      pubkey,
+		}
+
+		hashFn := ssz.NewHasherFunc(hash.CustomSHA256Hasher())
+		digest := hashFn.Hash(pubkey)
+		digest[0] = params.BeaconConfig().BLSWithdrawalPrefixByte
+		copy(v.WithdrawalCredentials, digest[:])
+		validators[i] = v
+		blsChanges[i] = message
+	}
+	spb.Validators = validators
+	st, err := state_native.InitializeFromProtoCapella(spb)
+	require.NoError(t, err)
+
+	signedChanges := make([]*ethpb.SignedBLSToExecutionChange, numValidators)
+	for i, message := range blsChanges {
+		signature, err := signing.ComputeDomainAndSign(st, time.CurrentEpoch(st), message, params.BeaconConfig().DomainBLSToExecutionChange, privKeys[i])
+		require.NoError(t, err)
+
+		signed := &ethpb.SignedBLSToExecutionChange{
+			Message:   message,
+			Signature: signature,
+		}
+		signedChanges[i] = signed
+	}
+
+	body := &ethpb.BeaconBlockBodyCapella{
+		BlsToExecutionChanges: signedChanges,
+	}
+	bpb := &ethpb.BeaconBlockCapella{
+		Body: body,
+	}
+	sbpb := &ethpb.SignedBeaconBlockCapella{
+		Block: bpb,
+	}
+	signed, err := consensusblocks.NewSignedBeaconBlock(sbpb)
+	require.NoError(t, err)
+	st, err = blocks.ProcessBLSToExecutionChanges(st, signed)
+	require.NoError(t, err)
+	vals := st.Validators()
+	for _, val := range vals {
+		require.DeepEqual(t, executionAddress, val.WithdrawalCredentials[12:])
+		require.Equal(t, params.BeaconConfig().ETH1AddressWithdrawalPrefixByte, val.WithdrawalCredentials[0])
+	}
+}

beacon-chain/core/signing/signing_root.go

@@ -47,12 +47,12 @@ func ComputeDomainAndSign(st state.ReadOnlyBeaconState, epoch types.Epoch, obj f
 //	       domain=domain,
 //	   ))
 func ComputeSigningRoot(object fssz.HashRoot, domain []byte) ([32]byte, error) {
-	return signingData(object.HashTreeRoot, domain)
+	return SigningData(object.HashTreeRoot, domain)
 }
 
 // Computes the signing data by utilising the provided root function and then
 // returning the signing data of the container object.
-func signingData(rootFunc func() ([32]byte, error), domain []byte) ([32]byte, error) {
+func SigningData(rootFunc func() ([32]byte, error), domain []byte) ([32]byte, error) {
 	objRoot, err := rootFunc()
 	if err != nil {
 		return [32]byte{}, err
@@ -107,7 +107,7 @@ func VerifyBlockHeaderSigningRoot(blkHdr *ethpb.BeaconBlockHeader, pub, signatur
 	if err != nil {
 		return errors.Wrap(err, "could not convert bytes to signature")
 	}
-	root, err := signingData(blkHdr.HashTreeRoot, domain)
+	root, err := SigningData(blkHdr.HashTreeRoot, domain)
 	if err != nil {
 		return errors.Wrap(err, "could not compute signing root")
 	}
@@ -146,7 +146,7 @@ func BlockSignatureBatch(pub, signature, domain []byte, rootFunc func() ([32]byt
 		return nil, errors.Wrap(err, "could not convert bytes to public key")
 	}
 	// utilize custom block hashing function
-	root, err := signingData(rootFunc, domain)
+	root, err := SigningData(rootFunc, domain)
 	if err != nil {
 		return nil, errors.Wrap(err, "could not compute signing root")
 	}

beacon-chain/core/transition/transition_no_verify_sig.go

@@ -368,7 +368,11 @@ func altairOperations(
 	if _, err := altair.ProcessDeposits(ctx, st, signedBeaconBlock.Block().Body().Deposits()); err != nil {
 		return nil, errors.Wrap(err, "could not process altair deposit")
 	}
-	return b.ProcessVoluntaryExits(ctx, st, signedBeaconBlock.Block().Body().VoluntaryExits())
+	st, err = b.ProcessVoluntaryExits(ctx, st, signedBeaconBlock.Block().Body().VoluntaryExits())
+	if err != nil {
+		return nil, errors.Wrap(err, "could not process voluntary exits")
+	}
+	return b.ProcessBLSToExecutionChanges(st, signedBeaconBlock)
 }
 
 // This calls phase 0 block operations.

crypto/bls/common/BUILD.bazel

@@ -9,6 +9,7 @@ go_library(
     ],
     importpath = "github.com/prysmaticlabs/prysm/v3/crypto/bls/common",
     visibility = [
+        "//beacon-chain/core/blocks:__subpackages__",
         "//crypto/bls:__subpackages__",
         "//testing:__subpackages__",
     ],