upgrade package crypto and support KZG cryptography

XDCx/tradingstate/trade.go

@@ -5,8 +5,8 @@ import (
 	"time"
 
 	"github.com/XinFinOrg/XDPoSChain/common"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
 	"github.com/globalsign/mgo/bson"
+	"golang.org/x/crypto/sha3"
 )
 
 const (
@@ -136,7 +136,7 @@ func (t *Trade) SetBSON(raw bson.Raw) error {
 // The OrderHash, Amount, Taker and TradeNonce attributes must be
 // set before attempting to compute the trade orderBookHash
 func (t *Trade) ComputeHash() common.Hash {
-	sha := sha3.NewKeccak256()
+	sha := sha3.NewLegacyKeccak256()
 	sha.Write(t.MakerOrderHash.Bytes())
 	sha.Write(t.TakerOrderHash.Bytes())
 	return common.BytesToHash(sha.Sum(nil))

XDCxlending/lendingstate/lendingitem.go

@@ -10,8 +10,8 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/common"
 	"github.com/XinFinOrg/XDPoSChain/core/state"
 	"github.com/XinFinOrg/XDPoSChain/core/types"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
 	"github.com/globalsign/mgo/bson"
+	"golang.org/x/crypto/sha3"
 )
 
 const (
@@ -308,7 +308,7 @@ func (l *LendingItem) VerifyLendingStatus() error {
 }
 
 func (l *LendingItem) ComputeHash() common.Hash {
-	sha := sha3.NewKeccak256()
+	sha := sha3.NewLegacyKeccak256()
 	if l.Status == LendingStatusNew {
 		sha.Write(l.Relayer.Bytes())
 		sha.Write(l.UserAddress.Bytes())

XDCxlending/lendingstate/lendingitem_test.go

@@ -12,8 +12,8 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/core/rawdb"
 	"github.com/XinFinOrg/XDPoSChain/core/state"
 	"github.com/XinFinOrg/XDPoSChain/crypto"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
 	"github.com/XinFinOrg/XDPoSChain/rpc"
+	"golang.org/x/crypto/sha3"
 )
 
 func TestLendingItem_VerifyLendingSide(t *testing.T) {
@@ -568,9 +568,8 @@ func sendOrder(nonce uint64) {
 }
 
 func computeHash(l *LendingOrderMsg) common.Hash {
-	sha := sha3.NewKeccak256()
+	sha := sha3.NewLegacyKeccak256()
 	if l.Status == LendingStatusCancelled {
-		sha := sha3.NewKeccak256()
 		sha.Write(l.Hash.Bytes())
 		sha.Write(common.BigToHash(big.NewInt(int64(l.AccountNonce))).Bytes())
 		sha.Write(l.UserAddress.Bytes())
@@ -593,5 +592,4 @@ func computeHash(l *LendingOrderMsg) common.Hash {
 		sha.Write(common.BigToHash(big.NewInt(int64(l.AccountNonce))).Bytes())
 	}
 	return common.BytesToHash(sha.Sum(nil))
-
 }

XDCxlending/lendingstate/trade.go

@@ -2,14 +2,14 @@ package lendingstate
 
 import (
 	"fmt"
-	"github.com/XinFinOrg/XDPoSChain/XDCx/tradingstate"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
 	"math/big"
 	"strconv"
 	"time"
 
+	"github.com/XinFinOrg/XDPoSChain/XDCx/tradingstate"
 	"github.com/XinFinOrg/XDPoSChain/common"
 	"github.com/globalsign/mgo/bson"
+	"golang.org/x/crypto/sha3"
 )
 
 const (
@@ -183,7 +183,7 @@ func (t *LendingTrade) SetBSON(raw bson.Raw) error {
 }
 
 func (t *LendingTrade) ComputeHash() common.Hash {
-	sha := sha3.NewKeccak256()
+	sha := sha3.NewLegacyKeccak256()
 	sha.Write(t.InvestingOrderHash.Bytes())
 	sha.Write(t.BorrowingOrderHash.Bytes())
 	return common.BytesToHash(sha.Sum(nil))

accounts/abi/bind/backends/simulated.go

@@ -42,6 +42,7 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/core/state"
 	"github.com/XinFinOrg/XDPoSChain/core/types"
 	"github.com/XinFinOrg/XDPoSChain/core/vm"
+	"github.com/XinFinOrg/XDPoSChain/crypto"
 	"github.com/XinFinOrg/XDPoSChain/eth/filters"
 	"github.com/XinFinOrg/XDPoSChain/ethdb"
 	"github.com/XinFinOrg/XDPoSChain/event"
@@ -101,7 +102,7 @@ func NewXDCSimulatedBackend(alloc core.GenesisAlloc, gasLimit uint64, chainConfi
 		GasLimit:  gasLimit, // need this big, support initial smart contract
 		Config:    chainConfig,
 		Alloc:     alloc,
-		ExtraData: append(make([]byte, 32), make([]byte, 65)...),
+		ExtraData: append(make([]byte, 32), make([]byte, crypto.SignatureLength)...),
 	}
 	genesis.MustCommit(database)
 	consensus := XDPoS.NewFaker(database, chainConfig)

accounts/usbwallet/ledger.go

@@ -32,6 +32,7 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/common"
 	"github.com/XinFinOrg/XDPoSChain/common/hexutil"
 	"github.com/XinFinOrg/XDPoSChain/core/types"
+	"github.com/XinFinOrg/XDPoSChain/crypto"
 	"github.com/XinFinOrg/XDPoSChain/log"
 	"github.com/XinFinOrg/XDPoSChain/rlp"
 )
@@ -341,7 +342,7 @@ func (w *ledgerDriver) ledgerSign(derivationPath []uint32, tx *types.Transaction
 		op = ledgerP1ContTransactionData
 	}
 	// Extract the Ethereum signature and do a sanity validation
-	if len(reply) != 65 {
+	if len(reply) != crypto.SignatureLength {
 		return common.Address{}, nil, errors.New("reply lacks signature")
 	}
 	signature := append(reply[1:], reply[0])
@@ -352,7 +353,7 @@ func (w *ledgerDriver) ledgerSign(derivationPath []uint32, tx *types.Transaction
 		signer = new(types.HomesteadSigner)
 	} else {
 		signer = types.NewEIP155Signer(chainID)
-		signature[64] = signature[64] - byte(chainID.Uint64()*2+35)
+		signature[crypto.RecoveryIDOffset] = signature[crypto.RecoveryIDOffset] - byte(chainID.Uint64()*2+35)
 	}
 	signed, err := tx.WithSignature(signer, signature)
 	if err != nil {

accounts/usbwallet/trezor.go

@@ -32,6 +32,7 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/common"
 	"github.com/XinFinOrg/XDPoSChain/common/hexutil"
 	"github.com/XinFinOrg/XDPoSChain/core/types"
+	"github.com/XinFinOrg/XDPoSChain/crypto"
 	"github.com/XinFinOrg/XDPoSChain/log"
 	"github.com/golang/protobuf/proto"
 )
@@ -222,7 +223,7 @@ func (w *trezorDriver) trezorSign(derivationPath []uint32, tx *types.Transaction
 	} else {
 		// Trezor backend does not support typed transactions yet.
 		signer = types.NewEIP155Signer(chainID)
-		signature[64] = signature[64] - byte(chainID.Uint64()*2+35)
+		signature[crypto.RecoveryIDOffset] = signature[crypto.RecoveryIDOffset] - byte(chainID.Uint64()*2+35)
 	}
 
 	// Inject the final signature into the transaction and sanity check the sender

bmt/bmt_test.go

@@ -29,7 +29,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
+	"golang.org/x/crypto/sha3"
 )
 
 const (
@@ -39,7 +39,7 @@ const (
 // TestRefHasher tests that the RefHasher computes the expected BMT hash for
 // all data lengths between 0 and 256 bytes
 func TestRefHasher(t *testing.T) {
-	hashFunc := sha3.NewKeccak256
+	hashFunc := sha3.NewLegacyKeccak256
 
 	sha3 := func(data ...[]byte) []byte {
 		h := hashFunc()
@@ -212,7 +212,7 @@ func testHasher(f func(BaseHasher, []byte, int, int) error) error {
 	tdata := testDataReader(4128)
 	data := make([]byte, 4128)
 	tdata.Read(data)
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 	size := hasher().Size()
 	counts := []int{1, 2, 3, 4, 5, 8, 16, 32, 64, 128}
 
@@ -239,7 +239,7 @@ func TestHasherReuseWithRelease(t *testing.T) {
 }
 
 func testHasherReuse(i int, t *testing.T) {
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 	pool := NewTreePool(hasher, 128, i)
 	defer pool.Drain(0)
 	bmt := New(pool)
@@ -258,7 +258,7 @@ func testHasherReuse(i int, t *testing.T) {
 }
 
 func TestHasherConcurrency(t *testing.T) {
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 	pool := NewTreePool(hasher, 128, maxproccnt)
 	defer pool.Drain(0)
 	wg := sync.WaitGroup{}
@@ -379,7 +379,7 @@ func benchmarkBMTBaseline(n int, t *testing.B) {
 	tdata := testDataReader(64)
 	data := make([]byte, 64)
 	tdata.Read(data)
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 
 	t.ReportAllocs()
 	t.ResetTimer()
@@ -409,7 +409,7 @@ func benchmarkHasher(n int, t *testing.B) {
 	tdata.Read(data)
 
 	size := 1
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 	segmentCount := 128
 	pool := NewTreePool(hasher, segmentCount, size)
 	bmt := New(pool)
@@ -428,7 +428,7 @@ func benchmarkHasherReuse(poolsize, n int, t *testing.B) {
 	data := make([]byte, n)
 	tdata.Read(data)
 
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 	segmentCount := 128
 	pool := NewTreePool(hasher, segmentCount, poolsize)
 	cycles := 200
@@ -455,7 +455,7 @@ func benchmarkSHA3(n int, t *testing.B) {
 	data := make([]byte, n)
 	tdata := testDataReader(n)
 	tdata.Read(data)
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 	h := hasher()
 
 	t.ReportAllocs()
@@ -471,7 +471,7 @@ func benchmarkRefHasher(n int, t *testing.B) {
 	data := make([]byte, n)
 	tdata := testDataReader(n)
 	tdata.Read(data)
-	hasher := sha3.NewKeccak256
+	hasher := sha3.NewLegacyKeccak256
 	rbmt := NewRefHasher(hasher, 128)
 
 	t.ReportAllocs()

cmd/XDC/main.go

@@ -98,6 +98,7 @@ var (
 		//utils.TrieCacheGenFlag,
 		utils.CacheLogSizeFlag,
 		utils.FDLimitFlag,
+		utils.CryptoKZGFlag,
 		utils.ListenPortFlag,
 		utils.MaxPeersFlag,
 		utils.MaxPendingPeersFlag,

cmd/puppeth/wizard_genesis.go

@@ -105,7 +105,7 @@ func (w *wizard) makeGenesis() {
 				}
 			}
 		}
-		genesis.ExtraData = make([]byte, 32+len(signers)*common.AddressLength+65)
+		genesis.ExtraData = make([]byte, 32+len(signers)*common.AddressLength+crypto.SignatureLength)
 		for i, signer := range signers {
 			copy(genesis.ExtraData[32+i*common.AddressLength:], signer[:])
 		}
@@ -179,7 +179,7 @@ func (w *wizard) makeGenesis() {
 		validatorCap := new(big.Int)
 		validatorCap.SetString("50000000000000000000000", 10)
 		var validatorCaps []*big.Int
-		genesis.ExtraData = make([]byte, 32+len(signers)*common.AddressLength+65)
+		genesis.ExtraData = make([]byte, 32+len(signers)*common.AddressLength+crypto.SignatureLength)
 		for i, signer := range signers {
 			validatorCaps = append(validatorCaps, validatorCap)
 			copy(genesis.ExtraData[32+i*common.AddressLength:], signer[:])

cmd/utils/flags.go

@@ -41,6 +41,7 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/core/txpool"
 	"github.com/XinFinOrg/XDPoSChain/core/vm"
 	"github.com/XinFinOrg/XDPoSChain/crypto"
+	"github.com/XinFinOrg/XDPoSChain/crypto/kzg4844"
 	"github.com/XinFinOrg/XDPoSChain/eth/downloader"
 	"github.com/XinFinOrg/XDPoSChain/eth/ethconfig"
 	"github.com/XinFinOrg/XDPoSChain/eth/filters"
@@ -310,6 +311,12 @@ var (
 		Usage:    "Raise the open file descriptor resource limit (default = system fd limit)",
 		Category: flags.PerfCategory,
 	}
+	CryptoKZGFlag = &cli.StringFlag{
+		Name:     "crypto-kzg",
+		Usage:    "KZG library implementation to use; gokzg (recommended) or ckzg",
+		Value:    "gokzg",
+		Category: flags.PerfCategory,
+	}
 
 	// Miner settings
 	MiningEnabledFlag = &cli.BoolFlag{
@@ -1445,7 +1452,14 @@ func SetEthConfig(ctx *cli.Context, stack *node.Node, cfg *ethconfig.Config) {
 			cfg.GasPrice = big.NewInt(1)
 		}
 	}
-	// TODO(fjl): move trie cache generations into config
+	// Set any dangling config values
+	if ctx.String(CryptoKZGFlag.Name) != "gokzg" && ctx.String(CryptoKZGFlag.Name) != "ckzg" {
+		Fatalf("--%s flag must be 'gokzg' or 'ckzg'", CryptoKZGFlag.Name)
+	}
+	log.Info("Initializing the KZG library", "backend", ctx.String(CryptoKZGFlag.Name))
+	if err := kzg4844.UseCKZG(ctx.String(CryptoKZGFlag.Name) == "ckzg"); err != nil {
+		Fatalf("Failed to set KZG library implementation to %s: %v", ctx.String(CryptoKZGFlag.Name), err)
+	}
 }
 
 // SetupNetwork configures the system for either the main net or some test network.

common/types.go

@@ -25,7 +25,7 @@ import (
 	"reflect"
 
 	"github.com/XinFinOrg/XDPoSChain/common/hexutil"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
+	"golang.org/x/crypto/sha3"
 )
 
 const (
@@ -240,7 +240,7 @@ func (a Address) Hash() Hash    { return BytesToHash(a[:]) }
 // Hex returns an EIP55-compliant hex string representation of the address.
 func (a Address) Hex() string {
 	unchecksummed := hex.EncodeToString(a[:])
-	sha := sha3.NewKeccak256()
+	sha := sha3.NewLegacyKeccak256()
 	sha.Write([]byte(unchecksummed))
 	hash := sha.Sum(nil)
 

consensus/XDPoS/engines/engine_v1/utils.go

@@ -7,10 +7,10 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/consensus/XDPoS/utils"
 	"github.com/XinFinOrg/XDPoSChain/core/types"
 	"github.com/XinFinOrg/XDPoSChain/crypto"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
 	"github.com/XinFinOrg/XDPoSChain/params"
 	"github.com/XinFinOrg/XDPoSChain/rlp"
 	lru "github.com/hashicorp/golang-lru"
+	"golang.org/x/crypto/sha3"
 )
 
 // Get masternodes address from checkpoint Header.
@@ -59,7 +59,7 @@ func getM1M2(masternodes []common.Address, validators []int64, currentHeader *ty
 }
 
 func sigHash(header *types.Header) (hash common.Hash) {
-	hasher := sha3.NewKeccak256()
+	hasher := sha3.NewLegacyKeccak256()
 
 	enc := []interface{}{
 		header.ParentHash,
@@ -74,7 +74,7 @@ func sigHash(header *types.Header) (hash common.Hash) {
 		header.GasLimit,
 		header.GasUsed,
 		header.Time,
-		header.Extra[:len(header.Extra)-65], // Yes, this will panic if extra is too short
+		header.Extra[:len(header.Extra)-crypto.SignatureLength], // Yes, this will panic if extra is too short
 		header.MixDigest,
 		header.Nonce,
 	}

consensus/XDPoS/engines/engine_v2/utils.go

@@ -11,14 +11,14 @@ import (
 	"github.com/XinFinOrg/XDPoSChain/consensus/XDPoS/utils"
 	"github.com/XinFinOrg/XDPoSChain/core/types"
 	"github.com/XinFinOrg/XDPoSChain/crypto"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
 	"github.com/XinFinOrg/XDPoSChain/log"
 	"github.com/XinFinOrg/XDPoSChain/rlp"
 	lru "github.com/hashicorp/golang-lru"
+	"golang.org/x/crypto/sha3"
 )
 
 func sigHash(header *types.Header) (hash common.Hash) {
-	hasher := sha3.NewKeccak256()
+	hasher := sha3.NewLegacyKeccak256()
 
 	enc := []interface{}{
 		header.ParentHash,

consensus/XDPoS/utils/utils.go

@@ -9,9 +9,9 @@ import (
 	"strconv"
 
 	"github.com/XinFinOrg/XDPoSChain/common"
-	"github.com/XinFinOrg/XDPoSChain/crypto/sha3"
 	"github.com/XinFinOrg/XDPoSChain/log"
 	"github.com/XinFinOrg/XDPoSChain/rlp"
+	"golang.org/x/crypto/sha3"
 )
 
 func Position(list []common.Address, x common.Address) int {
@@ -91,7 +91,7 @@ func DecodeBytesExtraFields(b []byte, val interface{}) error {
 }
 
 func rlpHash(x interface{}) (h common.Hash) {
-	hw := sha3.NewKeccak256()
+	hw := sha3.NewLegacyKeccak256()
 	err := rlp.Encode(hw, x)
 	if err != nil {
 		log.Error("[rlpHash] Fail to hash item", "Error", err)