diff --git a/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_motoko/main.mo b/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_motoko/main.mo index f62b8afef..aa80e6da5 100644 --- a/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_motoko/main.mo +++ b/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_motoko/main.mo @@ -315,12 +315,12 @@ shared ({ caller = initializer }) actor class () { vetkd_public_key : ({ canister_id : ?Principal; derivation_path : [Blob]; - key_id : { curve : { #bls12_381 }; name : Text }; + key_id : { curve : { #bls12_381_g2 }; name : Text }; }) -> async ({ public_key : Blob }); - vetkd_encrypted_key : ({ - public_key_derivation_path : [Blob]; + vetkd_derive_encrypted_key : ({ + derivation_path : [Blob]; derivation_id : Blob; - key_id : { curve : { #bls12_381 }; name : Text }; + key_id : { curve : { #bls12_381_g2 }; name : Text }; encryption_public_key : Blob; }) -> async ({ encrypted_key : Blob }); }; @@ -331,7 +331,7 @@ shared ({ caller = initializer }) actor class () { let { public_key } = await vetkd_system_api.vetkd_public_key({ canister_id = null; derivation_path = Array.make(Text.encodeUtf8("note_symmetric_key")); - key_id = { curve = #bls12_381; name = "test_key_1" }; + key_id = { curve = #bls12_381_g2; name = "test_key_1" }; }); Hex.encode(Blob.toArray(public_key)); }; @@ -348,10 +348,10 @@ shared ({ caller = initializer }) actor class () { buf.append(Buffer.fromArray(Blob.toArray(Text.encodeUtf8(note.owner)))); let derivation_id = Blob.fromArray(Buffer.toArray(buf)); // prefix-free - let { encrypted_key } = await vetkd_system_api.vetkd_encrypted_key({ + let { encrypted_key } = await vetkd_system_api.vetkd_derive_encrypted_key({ derivation_id; - public_key_derivation_path = Array.make(Text.encodeUtf8("note_symmetric_key")); - key_id = { curve = #bls12_381; name = "test_key_1" }; + derivation_path = Array.make(Text.encodeUtf8("note_symmetric_key")); + key_id = { curve = #bls12_381_g2; name = "test_key_1" }; encryption_public_key; }); Hex.encode(Blob.toArray(encrypted_key)); diff --git a/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/lib.rs b/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/lib.rs index ff4a708c6..81ccb930f 100644 --- a/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/lib.rs +++ b/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/lib.rs @@ -364,7 +364,7 @@ async fn symmetric_key_verification_key_for_note() -> String { let request = VetKDPublicKeyRequest { canister_id: None, derivation_path: vec![b"note_symmetric_key".to_vec()], - key_id: bls12_381_test_key_1(), + key_id: bls12_381_g2_test_key_1(), }; let (response,): (VetKDPublicKeyReply,) = ic_cdk::call( @@ -396,8 +396,8 @@ async fn encrypted_symmetric_key_for_note( buf.extend_from_slice(note.owner.as_bytes()); buf // prefix-free }, - public_key_derivation_path: vec![b"note_symmetric_key".to_vec()], - key_id: bls12_381_test_key_1(), + derivation_path: vec![b"note_symmetric_key".to_vec()], + key_id: bls12_381_g2_test_key_1(), encryption_public_key, } } else { @@ -407,18 +407,18 @@ async fn encrypted_symmetric_key_for_note( let (response,): (VetKDEncryptedKeyReply,) = ic_cdk::call( vetkd_system_api_canister_id(), - "vetkd_encrypted_key", + "vetkd_derive_encrypted_key", (request,), ) .await - .expect("call to vetkd_encrypted_key failed"); + .expect("call to vetkd_derive_encrypted_key failed"); hex::encode(response.encrypted_key) } -fn bls12_381_test_key_1() -> VetKDKeyId { +fn bls12_381_g2_test_key_1() -> VetKDKeyId { VetKDKeyId { - curve: VetKDCurve::Bls12_381, + curve: VetKDCurve::Bls12_381_G2, name: "test_key_1".to_string(), } } diff --git a/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/vetkd_types.rs b/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/vetkd_types.rs index 566761e31..dba834304 100644 --- a/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/vetkd_types.rs +++ b/motoko/encrypted-notes-dapp-vetkd/src/encrypted_notes_rust/src/vetkd_types.rs @@ -6,8 +6,9 @@ pub type CanisterId = Principal; #[derive(CandidType, Deserialize)] pub enum VetKDCurve { - #[serde(rename = "bls12_381")] - Bls12_381, + #[serde(rename = "bls12_381_g2")] + #[allow(non_camel_case_types)] + Bls12_381_G2, } #[derive(CandidType, Deserialize)] @@ -30,7 +31,7 @@ pub struct VetKDPublicKeyReply { #[derive(CandidType, Deserialize)] pub struct VetKDEncryptedKeyRequest { - pub public_key_derivation_path: Vec>, + pub derivation_path: Vec>, pub derivation_id: Vec, pub key_id: VetKDKeyId, pub encryption_public_key: Vec, diff --git a/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.did b/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.did index ac265c2b7..21df6853b 100644 --- a/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.did +++ b/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.did @@ -1,5 +1,5 @@ type canister_id = principal; -type vetkd_curve = variant { bls12_381 }; +type vetkd_curve = variant { bls12_381_g2 }; service : { vetkd_public_key : ( @@ -9,9 +9,9 @@ service : { key_id : record { curve : vetkd_curve; name : text }; } ) -> (record { public_key : blob }); - vetkd_encrypted_key : ( + vetkd_derive_encrypted_key : ( record { - public_key_derivation_path : vec blob; + derivation_path : vec blob; derivation_id : blob; key_id : record { curve : vetkd_curve; name : text }; encryption_public_key : blob; diff --git a/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.wasm b/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.wasm index 1c34fb3b7..f9e57a8d6 100755 Binary files a/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.wasm and b/motoko/encrypted-notes-dapp-vetkd/vetkd_system_api.wasm differ diff --git a/motoko/vetkd/src/app_backend/Main.mo b/motoko/vetkd/src/app_backend/Main.mo index 91a3a3e1c..ad0a1f904 100644 --- a/motoko/vetkd/src/app_backend/Main.mo +++ b/motoko/vetkd/src/app_backend/Main.mo @@ -10,12 +10,12 @@ actor { vetkd_public_key : ({ canister_id : ?Principal; derivation_path : [Blob]; - key_id : { curve : { #bls12_381 }; name : Text }; + key_id : { curve : { #bls12_381_g2 }; name : Text }; }) -> async ({ public_key : Blob }); - vetkd_encrypted_key : ({ - public_key_derivation_path : [Blob]; + vetkd_derive_encrypted_key : ({ + derivation_path : [Blob]; derivation_id : Blob; - key_id : { curve : { #bls12_381 }; name : Text }; + key_id : { curve : { #bls12_381_g2 }; name : Text }; encryption_public_key : Blob; }) -> async ({ encrypted_key : Blob }); }; @@ -26,7 +26,7 @@ actor { let { public_key } = await vetkd_system_api.vetkd_public_key({ canister_id = null; derivation_path; - key_id = { curve = #bls12_381; name = "test_key_1" }; + key_id = { curve = #bls12_381_g2; name = "test_key_1" }; }); Hex.encode(Blob.toArray(public_key)); }; @@ -35,7 +35,7 @@ actor { let { public_key } = await vetkd_system_api.vetkd_public_key({ canister_id = null; derivation_path = Array.make(Text.encodeUtf8("symmetric_key")); - key_id = { curve = #bls12_381; name = "test_key_1" }; + key_id = { curve = #bls12_381_g2; name = "test_key_1" }; }); Hex.encode(Blob.toArray(public_key)); }; @@ -43,10 +43,10 @@ actor { public shared ({ caller }) func encrypted_symmetric_key_for_caller(encryption_public_key : Blob) : async Text { Debug.print("encrypted_symmetric_key_for_caller: caller: " # debug_show (caller)); - let { encrypted_key } = await vetkd_system_api.vetkd_encrypted_key({ + let { encrypted_key } = await vetkd_system_api.vetkd_derive_encrypted_key({ derivation_id = Principal.toBlob(caller); - public_key_derivation_path = Array.make(Text.encodeUtf8("symmetric_key")); - key_id = { curve = #bls12_381; name = "test_key_1" }; + derivation_path = Array.make(Text.encodeUtf8("symmetric_key")); + key_id = { curve = #bls12_381_g2; name = "test_key_1" }; encryption_public_key; }); Hex.encode(Blob.toArray(encrypted_key)); @@ -56,7 +56,7 @@ actor { let { public_key } = await vetkd_system_api.vetkd_public_key({ canister_id = null; derivation_path = Array.make(Text.encodeUtf8("ibe_encryption")); - key_id = { curve = #bls12_381; name = "test_key_1" }; + key_id = { curve = #bls12_381_g2; name = "test_key_1" }; }); Hex.encode(Blob.toArray(public_key)); }; @@ -64,10 +64,10 @@ actor { public shared ({ caller }) func encrypted_ibe_decryption_key_for_caller(encryption_public_key : Blob) : async Text { Debug.print("encrypted_ibe_decryption_key_for_caller: caller: " # debug_show (caller)); - let { encrypted_key } = await vetkd_system_api.vetkd_encrypted_key({ + let { encrypted_key } = await vetkd_system_api.vetkd_derive_encrypted_key({ derivation_id = Principal.toBlob(caller); - public_key_derivation_path = Array.make(Text.encodeUtf8("ibe_encryption")); - key_id = { curve = #bls12_381; name = "test_key_1" }; + derivation_path = Array.make(Text.encodeUtf8("ibe_encryption")); + key_id = { curve = #bls12_381_g2; name = "test_key_1" }; encryption_public_key; }); Hex.encode(Blob.toArray(encrypted_key)); diff --git a/motoko/vetkd/src/system_api/src/lib.rs b/motoko/vetkd/src/system_api/src/lib.rs index 37a265eaa..4232aa51a 100644 --- a/motoko/vetkd/src/system_api/src/lib.rs +++ b/motoko/vetkd/src/system_api/src/lib.rs @@ -33,12 +33,12 @@ lazy_static::lazy_static! { } thread_local! { - static RNG: RefCell> = RefCell::new(None); + static RNG: RefCell> = const { RefCell::new(None) } } #[update] async fn vetkd_public_key(request: VetKDPublicKeyRequest) -> VetKDPublicKeyReply { - ensure_bls12_381_test_key_1(request.key_id); + ensure_bls12_381_g2_test_key_1(request.key_id); ensure_derivation_path_is_valid(&request.derivation_path); let derivation_path = { let canister_id = request.canister_id.unwrap_or_else(ic_cdk::caller); @@ -51,13 +51,13 @@ async fn vetkd_public_key(request: VetKDPublicKeyRequest) -> VetKDPublicKeyReply } #[update] -async fn vetkd_encrypted_key(request: VetKDEncryptedKeyRequest) -> VetKDEncryptedKeyReply { +async fn vetkd_derive_encrypted_key(request: VetKDEncryptedKeyRequest) -> VetKDEncryptedKeyReply { ensure_call_is_paid(ENCRYPTED_KEY_CYCLE_COSTS); - ensure_bls12_381_test_key_1(request.key_id); - ensure_derivation_path_is_valid(&request.public_key_derivation_path); + ensure_bls12_381_g2_test_key_1(request.key_id); + ensure_derivation_path_is_valid(&request.derivation_path); let derivation_path = DerivationPath::new( ic_cdk::caller().as_slice(), - &request.public_key_derivation_path, + &request.derivation_path, ); let tpk = TransportPublicKey::deserialize(&request.encryption_public_key).unwrap_or_else( @@ -93,8 +93,8 @@ async fn vetkd_encrypted_key(request: VetKDEncryptedKeyRequest) -> VetKDEncrypte } } -fn ensure_bls12_381_test_key_1(key_id: VetKDKeyId) { - if key_id.curve != VetKDCurve::Bls12_381 { +fn ensure_bls12_381_g2_test_key_1(key_id: VetKDKeyId) { + if key_id.curve != VetKDCurve::Bls12_381_G2 { ic_cdk::trap("unsupported key ID curve"); } if key_id.name.as_str() != "test_key_1" { @@ -102,7 +102,7 @@ fn ensure_bls12_381_test_key_1(key_id: VetKDKeyId) { } } -fn ensure_derivation_path_is_valid(derivation_path: &Vec>) { +fn ensure_derivation_path_is_valid(derivation_path: &[Vec]) { if derivation_path.len() > 255 { ic_cdk::trap("derivation path too long") } diff --git a/motoko/vetkd/src/system_api/src/types.rs b/motoko/vetkd/src/system_api/src/types.rs index 11c063c50..64340f1ac 100644 --- a/motoko/vetkd/src/system_api/src/types.rs +++ b/motoko/vetkd/src/system_api/src/types.rs @@ -6,8 +6,9 @@ pub type CanisterId = Principal; #[derive(CandidType, Deserialize, Eq, PartialEq)] pub enum VetKDCurve { - #[serde(rename = "bls12_381")] - Bls12_381, + #[serde(rename = "bls12_381_g2")] + #[allow(non_camel_case_types)] + Bls12_381_G2, } #[derive(CandidType, Deserialize, Eq, PartialEq)] @@ -30,7 +31,7 @@ pub struct VetKDPublicKeyReply { #[derive(CandidType, Deserialize)] pub struct VetKDEncryptedKeyRequest { - pub public_key_derivation_path: Vec>, + pub derivation_path: Vec>, pub derivation_id: Vec, pub key_id: VetKDKeyId, pub encryption_public_key: Vec, diff --git a/motoko/vetkd/src/system_api/vetkd_system_api.did b/motoko/vetkd/src/system_api/vetkd_system_api.did index ac265c2b7..21df6853b 100644 --- a/motoko/vetkd/src/system_api/vetkd_system_api.did +++ b/motoko/vetkd/src/system_api/vetkd_system_api.did @@ -1,5 +1,5 @@ type canister_id = principal; -type vetkd_curve = variant { bls12_381 }; +type vetkd_curve = variant { bls12_381_g2 }; service : { vetkd_public_key : ( @@ -9,9 +9,9 @@ service : { key_id : record { curve : vetkd_curve; name : text }; } ) -> (record { public_key : blob }); - vetkd_encrypted_key : ( + vetkd_derive_encrypted_key : ( record { - public_key_derivation_path : vec blob; + derivation_path : vec blob; derivation_id : blob; key_id : record { curve : vetkd_curve; name : text }; encryption_public_key : blob; diff --git a/rust/vetkd/src/app_backend/src/lib.rs b/rust/vetkd/src/app_backend/src/lib.rs index 477119f41..1f976e7f5 100644 --- a/rust/vetkd/src/app_backend/src/lib.rs +++ b/rust/vetkd/src/app_backend/src/lib.rs @@ -14,7 +14,7 @@ async fn symmetric_key_verification_key() -> String { let request = VetKDPublicKeyRequest { canister_id: None, derivation_path: vec![b"symmetric_key".to_vec()], - key_id: bls12_381_test_key_1(), + key_id: bls12_381_g2_test_key_1(), }; let (response,): (VetKDPublicKeyReply,) = ic_cdk::api::call::call( @@ -34,18 +34,18 @@ async fn encrypted_symmetric_key_for_caller(encryption_public_key: Vec) -> S let request = VetKDEncryptedKeyRequest { derivation_id: ic_cdk::caller().as_slice().to_vec(), - public_key_derivation_path: vec![b"symmetric_key".to_vec()], - key_id: bls12_381_test_key_1(), + derivation_path: vec![b"symmetric_key".to_vec()], + key_id: bls12_381_g2_test_key_1(), encryption_public_key, }; let (response,): (VetKDEncryptedKeyReply,) = ic_cdk::api::call::call( vetkd_system_api_canister_id(), - "vetkd_encrypted_key", + "vetkd_derive_encrypted_key", (request,), ) .await - .expect("call to vetkd_encrypted_key failed"); + .expect("call to vetkd_derive_encrypted_key failed"); hex::encode(response.encrypted_key) } @@ -55,7 +55,7 @@ async fn ibe_encryption_key() -> String { let request = VetKDPublicKeyRequest { canister_id: None, derivation_path: vec![b"ibe_encryption".to_vec()], - key_id: bls12_381_test_key_1(), + key_id: bls12_381_g2_test_key_1(), }; let (response,): (VetKDPublicKeyReply,) = ic_cdk::api::call::call( @@ -75,25 +75,25 @@ async fn encrypted_ibe_decryption_key_for_caller(encryption_public_key: Vec) let request = VetKDEncryptedKeyRequest { derivation_id: ic_cdk::caller().as_slice().to_vec(), - public_key_derivation_path: vec![b"ibe_encryption".to_vec()], - key_id: bls12_381_test_key_1(), + derivation_path: vec![b"ibe_encryption".to_vec()], + key_id: bls12_381_g2_test_key_1(), encryption_public_key, }; let (response,): (VetKDEncryptedKeyReply,) = ic_cdk::api::call::call( vetkd_system_api_canister_id(), - "vetkd_encrypted_key", + "vetkd_derive_encrypted_key", (request,), ) .await - .expect("call to vetkd_encrypted_key failed"); + .expect("call to vetkd_derive_encrypted_key failed"); hex::encode(response.encrypted_key) } -fn bls12_381_test_key_1() -> VetKDKeyId { +fn bls12_381_g2_test_key_1() -> VetKDKeyId { VetKDKeyId { - curve: VetKDCurve::Bls12_381, + curve: VetKDCurve::Bls12_381_G2, name: "test_key_1".to_string(), } } diff --git a/rust/vetkd/src/app_backend/src/types.rs b/rust/vetkd/src/app_backend/src/types.rs index 03ae4fc89..556bbd22b 100644 --- a/rust/vetkd/src/app_backend/src/types.rs +++ b/rust/vetkd/src/app_backend/src/types.rs @@ -6,8 +6,9 @@ pub type CanisterId = Principal; #[derive(CandidType, Deserialize)] pub enum VetKDCurve { - #[serde(rename = "bls12_381")] - Bls12_381, + #[serde(rename = "bls12_381_g2")] + #[allow(non_camel_case_types)] + Bls12_381_G2, } #[derive(CandidType, Deserialize)] @@ -30,7 +31,7 @@ pub struct VetKDPublicKeyReply { #[derive(CandidType, Deserialize)] pub struct VetKDEncryptedKeyRequest { - pub public_key_derivation_path: Vec>, + pub derivation_path: Vec>, pub derivation_id: Vec, pub key_id: VetKDKeyId, pub encryption_public_key: Vec, diff --git a/rust/vetkd/src/system_api/src/lib.rs b/rust/vetkd/src/system_api/src/lib.rs index 37a265eaa..aaa3ef9a8 100644 --- a/rust/vetkd/src/system_api/src/lib.rs +++ b/rust/vetkd/src/system_api/src/lib.rs @@ -38,7 +38,7 @@ thread_local! { #[update] async fn vetkd_public_key(request: VetKDPublicKeyRequest) -> VetKDPublicKeyReply { - ensure_bls12_381_test_key_1(request.key_id); + ensure_bls12_381_g2_test_key_1(request.key_id); ensure_derivation_path_is_valid(&request.derivation_path); let derivation_path = { let canister_id = request.canister_id.unwrap_or_else(ic_cdk::caller); @@ -51,13 +51,13 @@ async fn vetkd_public_key(request: VetKDPublicKeyRequest) -> VetKDPublicKeyReply } #[update] -async fn vetkd_encrypted_key(request: VetKDEncryptedKeyRequest) -> VetKDEncryptedKeyReply { +async fn vetkd_derive_encrypted_key(request: VetKDEncryptedKeyRequest) -> VetKDEncryptedKeyReply { ensure_call_is_paid(ENCRYPTED_KEY_CYCLE_COSTS); - ensure_bls12_381_test_key_1(request.key_id); - ensure_derivation_path_is_valid(&request.public_key_derivation_path); + ensure_bls12_381_g2_test_key_1(request.key_id); + ensure_derivation_path_is_valid(&request.derivation_path); let derivation_path = DerivationPath::new( ic_cdk::caller().as_slice(), - &request.public_key_derivation_path, + &request.derivation_path, ); let tpk = TransportPublicKey::deserialize(&request.encryption_public_key).unwrap_or_else( @@ -93,8 +93,8 @@ async fn vetkd_encrypted_key(request: VetKDEncryptedKeyRequest) -> VetKDEncrypte } } -fn ensure_bls12_381_test_key_1(key_id: VetKDKeyId) { - if key_id.curve != VetKDCurve::Bls12_381 { +fn ensure_bls12_381_g2_test_key_1(key_id: VetKDKeyId) { + if key_id.curve != VetKDCurve::Bls12_381_G2 { ic_cdk::trap("unsupported key ID curve"); } if key_id.name.as_str() != "test_key_1" { diff --git a/rust/vetkd/src/system_api/src/types.rs b/rust/vetkd/src/system_api/src/types.rs index 11c063c50..64340f1ac 100644 --- a/rust/vetkd/src/system_api/src/types.rs +++ b/rust/vetkd/src/system_api/src/types.rs @@ -6,8 +6,9 @@ pub type CanisterId = Principal; #[derive(CandidType, Deserialize, Eq, PartialEq)] pub enum VetKDCurve { - #[serde(rename = "bls12_381")] - Bls12_381, + #[serde(rename = "bls12_381_g2")] + #[allow(non_camel_case_types)] + Bls12_381_G2, } #[derive(CandidType, Deserialize, Eq, PartialEq)] @@ -30,7 +31,7 @@ pub struct VetKDPublicKeyReply { #[derive(CandidType, Deserialize)] pub struct VetKDEncryptedKeyRequest { - pub public_key_derivation_path: Vec>, + pub derivation_path: Vec>, pub derivation_id: Vec, pub key_id: VetKDKeyId, pub encryption_public_key: Vec, diff --git a/rust/vetkd/src/system_api/vetkd_system_api.did b/rust/vetkd/src/system_api/vetkd_system_api.did index ac265c2b7..21df6853b 100644 --- a/rust/vetkd/src/system_api/vetkd_system_api.did +++ b/rust/vetkd/src/system_api/vetkd_system_api.did @@ -1,5 +1,5 @@ type canister_id = principal; -type vetkd_curve = variant { bls12_381 }; +type vetkd_curve = variant { bls12_381_g2 }; service : { vetkd_public_key : ( @@ -9,9 +9,9 @@ service : { key_id : record { curve : vetkd_curve; name : text }; } ) -> (record { public_key : blob }); - vetkd_encrypted_key : ( + vetkd_derive_encrypted_key : ( record { - public_key_derivation_path : vec blob; + derivation_path : vec blob; derivation_id : blob; key_id : record { curve : vetkd_curve; name : text }; encryption_public_key : blob;