Merge pull request #103 from CosmWasm/aw/2.1-crypto-examples

Add examples to new crypto APIs
CosmWasm · Jul 18, 2024 · ac5d188 · ac5d188
2 parents fd7158d + b929b1b
commit ac5d188
Show file tree

Hide file tree

Showing 5 changed files with 117 additions and 10 deletions.
diff --git a/docs-test-gen/templates/core.tpl b/docs-test-gen/templates/core.tpl
@@ -35,6 +35,24 @@ struct Ed25519VerifyMsg {
   signature: Binary,
 }
 
+#[cw_serde]
+struct Bls12VerifyMsg {
+  signature: Binary,
+  pubkey: Binary,
+  msg: Binary,
+  dst: Binary,
+}
+
+#[cw_serde]
+struct RecoveryResponse {
+  public_key: HexBinary,
+}
+
+#[cw_serde]
+struct VerifyResponse {
+  is_valid: bool,
+}
+
 #[cw_serde]
 struct ExecuteMsg {}
 

diff --git a/src/pages/core/standard-library/cryptography/bls12-381.mdx b/src/pages/core/standard-library/cryptography/bls12-381.mdx
@@ -20,6 +20,48 @@ CosmWasm offers a byte-oriented API for signature verification. This API also
 doesn't care whether the public key is part of the G1 or G2 group (same for the
 other components). They just have to somehow fit together.
 
-<Callout>TODO: Add example as soon as BLS12-381 is properly released</Callout>
+## Verify on G1
+
+Signature verification with public key in G1:
+
+```rust filename="contract.rs" template="core"
+#[cfg_attr(not(feature = "library"), entry_point)]
+pub fn query(
+    deps: Deps,
+    _env: Env,
+    msg: Bls12VerifyMsg,
+) -> StdResult<QueryResponse> {
+    // Verify the signature. On chain!
+    let msg_hash = deps.api.bls12_381_hash_to_g2(HashFunction::Sha256, &msg.msg, &msg.dst)?;
+    let is_valid = deps.api.bls12_381_pairing_equality(&BLS12_381_G1_GENERATOR, &msg.signature, &msg.pubkey, &msg_hash)?;
+    let response = to_json_binary(&VerifyResponse {
+        is_valid
+    })?;
+
+    Ok(response)
+}
+```
+
+## Verify on G2
+
+Signature verification with public key in G2 (See https://hackmd.io/@benjaminion/bls12-381#Verification in combination with https://hackmd.io/@benjaminion/bls12-381#Swapping-G1-and-G2):
+
+```rust filename="contract.rs" template="core"
+#[cfg_attr(not(feature = "library"), entry_point)]
+pub fn query(
+    deps: Deps,
+    _env: Env,
+    msg: Bls12VerifyMsg,
+) -> StdResult<QueryResponse> {
+    // Verify the signature. On chain!
+    let msg_hash = deps.api.bls12_381_hash_to_g1(HashFunction::Sha256, &msg.msg, &msg.dst)?;
+    let is_valid = deps.api.bls12_381_pairing_equality(&msg.signature, &BLS12_381_G2_GENERATOR, &msg_hash, &msg.pubkey)?;
+    let response = to_json_binary(&VerifyResponse {
+        is_valid
+    })?;
+
+    Ok(response)
+}
+```
 
 [drand]: https://drand.love/
diff --git a/src/pages/core/standard-library/cryptography/ed25519.mdx b/src/pages/core/standard-library/cryptography/ed25519.mdx
@@ -29,9 +29,11 @@ pub fn query(
 
     // Verify the signature. On chain!
     let is_valid = deps.api.ed25519_verify(&message, &signature, &public_key)?;
-    let response = format!("{{ \"is_valid\": {is_valid} }}");
+    let response = to_json_binary(&VerifyResponse {
+        is_valid
+    })?;
 
-    Ok(QueryResponse::new(response.into_bytes()))
+    Ok(response)
 }
 ```
 

diff --git a/src/pages/core/standard-library/cryptography/k256.mdx b/src/pages/core/standard-library/cryptography/k256.mdx
@@ -29,9 +29,11 @@ pub fn query(
 
     // Verify the signature. On chain!
     let is_valid = deps.api.secp256k1_verify(&message_hash, &signature, &public_key)?;
-    let response = format!("{{ \"is_valid\": {is_valid} }}");
+    let response = to_json_binary(&VerifyResponse {
+        is_valid
+    })?;
 
-    Ok(QueryResponse::new(response.into_bytes()))
+    Ok(response)
 }
 ```
 
@@ -50,9 +52,10 @@ pub fn query(
 
     // Recover the public key. On chain!
     let public_key = deps.api.secp256k1_recover_pubkey(&message_hash, &signature, recovery_id)?;
-    let public_key = HexBinary::from(public_key).to_hex();
-    let response = format!("{{ \"public_key\": \"{public_key}\" }}");
+    let response = to_json_binary(&RecoveryResponse {
+        public_key: public_key.into(),
+    })?;
 
-    Ok(QueryResponse::new(response.into_bytes()))
+    Ok(response)
 }
 ```
diff --git a/src/pages/core/standard-library/cryptography/p256.mdx b/src/pages/core/standard-library/cryptography/p256.mdx
@@ -12,6 +12,48 @@ added to CosmWasm.
 
 ## Example
 
-## Signature verification
+### Signature verification
 
-<Callout>TODO: Add example as soon as secp256r1 is properly released</Callout>
+```rust filename="contract.rs" template="core"
+#[cfg_attr(not(feature = "library"), entry_point)]
+pub fn query(
+    deps: Deps,
+    _env: Env,
+    msg: EcdsaVerifyMsg,
+) -> StdResult<QueryResponse> {
+    let public_key = msg.public_key;
+    let signature = msg.signature;
+    let message_hash = msg.message_hash;
+
+    // Verify the signature. On chain!
+    let is_valid = deps.api.secp256r1_verify(&message_hash, &signature, &public_key)?;
+    let response = to_json_binary(&VerifyResponse {
+        is_valid
+    })?;
+
+    Ok(response)
+}
+```
+
+### Public key recovery
+
+```rust filename="contract.rs" template="core"
+#[cfg_attr(not(feature = "library"), entry_point)]
+pub fn query(
+    deps: Deps,
+    _env: Env,
+    msg: EcdsaRecoverMsg,
+) -> StdResult<QueryResponse> {
+    let signature = msg.signature;
+    let message_hash = msg.message_hash;
+    let recovery_id = msg.recovery_id;
+
+    // Recover the public key. On chain!
+    let public_key = deps.api.secp256r1_recover_pubkey(&message_hash, &signature, recovery_id)?;
+    let response = to_json_binary(&RecoveryResponse {
+        public_key: public_key.into(),
+    })?;
+
+    Ok(response)
+}
+```