warp

package
v1.22.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 20, 2025 License: BSD-3-Clause Imports: 24 Imported by: 5

README

Lux Interchain Messaging

Lux Interchain Messaging (ICM) provides a primitive for cross-chain communication on the Lux Network.

The Lux P-Chain provides an index of every network's validator set on the Lux Network, including the BLS public key of each validator (as of the Banff Upgrade). ICM utilizes the weighted validator sets stored on the P-Chain to build a cross-chain communication protocol between any two networks on Lux.

Any Virtual Machine (VM) on Lux can integrate Lux Interchain Messaging to send and receive messages cross-chain.

Background

This README assumes familiarity with:

BLS Multi-Signatures with Public-Key Aggregation

Lux Interchain Messaging utilizes BLS multi-signatures with public key aggregation in order to verify messages signed by another network. When a validator joins a network, the P-Chain records the validator's BLS public key and NodeID, as well as a proof of possession of the validator's BLS private key to defend against rogue public-key attacks.

ICM utilizes the validator set's weights and public keys to verify that an aggregate signature has sufficient weight signing the message from the source network.

BLS provides a way to aggregate signatures off chain into a single signature that can be efficiently verified on chain.

ICM Serialization

Unsigned Message:

+---------------+----------+--------------------------+
|      codecID  :  uint16  |                 2 bytes  |
+---------------+----------+--------------------------+
|     networkID :  uint32  |                 4 bytes  |
+---------------+----------+--------------------------+
| sourceChainId : [32]byte |                32 bytes  |
+---------------+----------+--------------------------+
|       payload :   []byte |       4 + size(payload)  |
+---------------+----------+--------------------------+
                           |  42 + size(payload) bytes|
                           +--------------------------+
  • codecID is the codec version used to serialize the payload and is hardcoded to 0x0000
  • networkID is the unique ID of a Lux Network (Mainnet/Testnet) and provides replay protection for BLS Signers across different Lux Networks
  • sourceChainID is the hash of the transaction that created the blockchain on the Lux P-Chain. It serves as the unique identifier for the blockchain across the Lux Network so that each blockchain can only sign a message with its own id.
  • payload provides an arbitrary byte array containing the contents of the message. VMs define their own message types to include in the payload

BitSetSignature:

+-----------+----------+---------------------------+
|   type_id :   uint32 |                   4 bytes |
+-----------+----------+---------------------------+
|   signers :   []byte |          4 + len(signers) |
+-----------+----------+---------------------------+
| signature : [96]byte |                  96 bytes |
+-----------+----------+---------------------------+
                       | 104 + size(signers) bytes |
                       +---------------------------+
  • typeID is the ID of this signature type, which is 0x00000000
  • signers encodes a bitset of which validators' signatures are included (a bitset is a byte array where each bit indicates membership of the element at that index in the set)
  • signature is an aggregated BLS Multi-Signature of the Unsigned Message

BitSetSignatures are verified within the context of a specific P-Chain height. At any given P-Chain height, the PlatformVM serves a canonically ordered validator set for the source network (validator set is ordered lexicographically by the BLS public key's byte representation). The signers bitset encodes which validator signatures were included. A value of 1 at index i in signers bitset indicates that a corresponding signature from the same validator at index i in the canonical validator set was included in the aggregate signature.

The bitset tells the verifier which BLS public keys should be aggregated to verify the interchain message.

Signed Message:

+------------------+------------------+-------------------------------------------------+
| unsigned_message :  UnsignedMessage |                          size(unsigned_message) |
+------------------+------------------+-------------------------------------------------+
|        signature :        Signature |                                 size(signature) |
+------------------+------------------+-------------------------------------------------+
                                      |  size(unsigned_message) + size(signature) bytes |
                                      +-------------------------------------------------+

Sending a Lux Interchain Message

A blockchain on Lux sends a Lux Interchain Message by coming to agreement on the message that every validator should be willing to sign. As an example, the VM of a blockchain may define that once a block is accepted, the VM should be willing to sign a message including the block hash in the payload to attest to any other network that the block was accepted. The contents of the payload, how to aggregate the signature (VM-to-VM communication, off-chain relayer, etc.), is left to the VM.

Once the validator set of a blockchain is willing to sign an arbitrary message M, an aggregator performs the following process:

  1. Gather signatures of the message M from N validators (where the N validators meet the required threshold of stake on the destination chain)
  2. Aggregate the N signatures into a multi-signature
  3. Look up the canonical validator set at the P-Chain height where the message will be verified
  4. Encode the selection of the N validators included in the signature in a bitset
  5. Construct the signed message from the aggregate signature, bitset, and original unsigned message

Verifying / Receiving a Lux Interchain Message

Lux Interchain Messages are verified within the context of a specific P-Chain height included in the ProposerVM's header. The P-Chain height is provided as context to the underlying VM when verifying the underlying VM's blocks (implemented by the optional interface WithVerifyContext).

To verify the message, the underlying VM utilizes this warp package to perform the following steps:

  1. Lookup the canonical validator set of the network sending the message at the P-Chain height
  2. Filter the canonical validator set to only the validators claimed by the signature
  3. Verify the weight of the included validators meets the required threshold defined by the receiving VM
  4. Aggregate the public keys of the claimed validators into a single aggregate public key
  5. Verify the aggregate signature of the unsigned message against the aggregate public key

Once a message is verified, it is left to the VM to define the semantics of delivering a verified message.

Design Considerations

Processing Historical Lux Interchain Messages

Verifying a Lux Interchain Message requires a lookup of validator sets at a specific P-Chain height. The P-Chain serves lookups maintaining validator set diffs that can be applied in-order to reconstruct the validator set of any network at any height.

As the P-Chain grows, the number of validator set diffs that needs to be applied in order to reconstruct the validator set needed to verify a Lux Interchain Messages increases over time.

Therefore, in order to support verifying historical Lux Interchain Messages, VMs should provide a mechanism to determine whether a Lux Interchain Message was treated as valid or invalid within a historical block.

When nodes bootstrap in the future, they bootstrap blocks that have already been marked as accepted by the network, so they can assume the block was verified by the validators of the network when it was first accepted.

Therefore, the new bootstrapping node can assume the block was valid to determine whether a Lux Interchain Message should be treated as valid/invalid within the execution of that block.

Two strategies to provide that mechanism are:

  • Require interchain message validity for transaction inclusion. If the transaction is included, the interchain message must have passed verification.
  • Include the results of interchain message verification in the block itself. Use the results to determine which messages passed verification.

Warp 1.5: Quantum-Safe Cross-Chain Messaging

Warp 1.5 extends Lux Interchain Messaging with post-quantum cryptographic security using Ringtail threshold signatures and ML-KEM encryption.

Signature Types

Warp 1.5 introduces new signature types for quantum-safe messaging:

  1. BitSetSignature (Warp 1.0): Classical BLS aggregate signatures
  2. RingtailSignature (Warp 1.5 - Recommended): Post-quantum threshold signatures using LWE
  3. EncryptedWarpPayload (Warp 1.5): ML-KEM + AES-256-GCM encrypted cross-chain payloads
  4. HybridBLSRTSignature (Deprecated): BLS + Ringtail hybrid for transition period
RingtailSignature

Ringtail is a lattice-based threshold signature scheme from LWE (Learning With Errors).

  • Paper: https://eprint.iacr.org/2024/1113
  • Implementation: github.com/luxfi/ringtail
  • Properties:
    • Post-quantum secure (based on LWE hardness)
    • Native threshold support (t-of-n signing in 2 rounds)
    • No need for separate TSS layer
+---------------+----------+---------------------------+
|       type_id :   uint32 |                   4 bytes |
+---------------+----------+---------------------------+
|       signers :   []byte |          4 + len(signers) |
+---------------+----------+---------------------------+
|     signature :   []byte |       4 + len(signature)  |
+---------------+----------+---------------------------+
EncryptedWarpPayload

For confidential cross-chain messaging, Warp 1.5 provides ML-KEM encryption (FIPS 203).

Use cases:

  • Private bridge transfers (hidden amounts/recipients)
  • Sealed-bid cross-chain auctions
  • Confidential governance votes
  • MEV protection (encrypt intent until committed)
+--------------------+----------+---------------------------------+
|    encapsulated_key :   []byte |   4 + 1088 (ML-KEM-768)         |
+--------------------+----------+---------------------------------+
|              nonce :   []byte |   4 + 12 (AES-GCM nonce)        |
+--------------------+----------+---------------------------------+
|         ciphertext :   []byte |   4 + len(ciphertext)           |
+--------------------+----------+---------------------------------+
|    recipient_key_id :   []byte |   4 + len(recipient_key_id)     |
+--------------------+----------+---------------------------------+
Teleport: Cross-Chain Bridge Integration

Teleport is the high-level cross-chain bridging protocol built on Warp 1.5:

// TeleportMessage wraps a Warp message for cross-chain transfer
type TeleportMessage struct {
    Version     uint8           // Teleport protocol version
    MessageType TeleportType    // Transfer, Swap, Lock, Unlock, etc.
    Payload     []byte          // Application-specific data
    Encrypted   bool            // Whether payload is encrypted
}

// TeleportTypes for cross-chain operations
const (
    TeleportTransfer TeleportType = iota // Asset transfer
    TeleportSwap                         // Cross-chain swap
    TeleportLock                         // Lock assets on source
    TeleportUnlock                       // Unlock assets on dest
    TeleportAttest                       // Attestation message
    TeleportGovernance                   // Cross-chain governance
)
Migration Path
  1. Pre-quantum (Current): BLS-only (BitSetSignature)
  2. Transition: Support both BLS and Ringtail signatures
  3. Post-quantum (Warp 1.5): Ringtail-only (RingtailSignature) recommended
Security Levels
Component Algorithm Security Level
Threshold Signatures Ringtail (LWE) Post-quantum secure
Key Encapsulation ML-KEM-768 NIST Level 3 (192-bit PQ)
Symmetric Encryption AES-256-GCM 256-bit classical
Legacy Signatures BLS Classical (for compatibility)

Documentation

Index

Constants

View Source 
const (
	// RingtailQ is the NTT-friendly prime modulus
	RingtailQ = 0x1000000004A01 // 48-bit prime

	// RingtailM is the matrix dimension M
	RingtailM = 8

	// RingtailN is the matrix dimension N
	RingtailN = 7

	// RingtailKappa is the hash output bound
	RingtailKappa = 23

	// RingtailDbar is the signature dimension
	RingtailDbar = 48

	// RingtailKeySize is the symmetric key size in bytes (256 bits)
	RingtailKeySize = 32
)

Ringtail signature constants (from github.com/luxfi/ringtail/sign/config.go)

View Source 
const (
	// MLKEM768CiphertextLen is ML-KEM-768 ciphertext length (NIST Level 3) - DEFAULT
	MLKEM768CiphertextLen = 1088

	// MLKEM768PublicKeyLen is ML-KEM-768 public key length
	MLKEM768PublicKeyLen = 1184

	// MLKEM768SharedSecretLen is the shared secret length
	MLKEM768SharedSecretLen = 32

	// MLKEM1024CiphertextLen is ML-KEM-1024 ciphertext length (NIST Level 5)
	MLKEM1024CiphertextLen = 1568

	// AESGCMNonceLen is the nonce length for AES-256-GCM
	AESGCMNonceLen = 12

	// AESGCMTagLen is the authentication tag length
	AESGCMTagLen = 16
)

ML-KEM security levels per FIPS 203

View Source 
const CodecVersion = 0
View Source 
const RingtailSignatureLen = 3309

RingtailSignatureLen is a placeholder for legacy compatibility. Actual Ringtail signature size depends on threshold parameters. Ringtail uses LWE-based signatures, not ML-DSA. See: https://eprint.iacr.org/2024/1113

Deprecated: Use RingtailSignature type which handles variable-length signatures.

View Source 
const TeleportVersion uint8 = 1

TeleportVersion is the current version of the Teleport protocol

Variables

View Source 
var (
	ErrInvalidBitSet      = errors.New("bitset is invalid")
	ErrInsufficientWeight = errors.New("signature weight is insufficient")
	ErrInvalidSignature   = errors.New("signature is invalid")
	ErrParseSignature     = errors.New("failed to parse signature")
	ErrInvalidRTSignature = errors.New("ringtail signature is invalid")
	ErrMissingRTPublicKey = errors.New("missing ringtail public key for validator")
	ErrHybridVerifyFailed = errors.New("hybrid signature verification failed")
	ErrDecryptionFailed   = errors.New("ML-KEM decryption failed")
	ErrInvalidCiphertext  = errors.New("invalid ciphertext")
)
View Source 
var (
	ErrWrongSourceChainID = errors.New("wrong SourceChainID")
	ErrWrongNetworkID     = errors.New("wrong networkID")
)
View Source 
var (
	ErrInvalidTeleportVersion = errors.New("invalid teleport version")
	ErrInvalidTeleportType    = errors.New("invalid teleport type")
	ErrMissingPayload         = errors.New("teleport message missing payload")
	ErrDecryptRequired        = errors.New("payload is encrypted but no decryption key provided")
)
View Source 
var (
	ErrUnknownValidator = errors.New("unknown validator")
	ErrWeightOverflow   = errors.New("weight overflowed")
)
View Source 
var AnycastID = ids.ID{
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
}

AnycastID is a special DestinationChainID that is used to indicate that the message is intended to be able to be received by any chain.

View Source 
var Codec codec.Manager

Functions

func AggregatePublicKeys 

func AggregatePublicKeys(vdrs []*Validator) (*bls.PublicKey, error)

AggregatePublicKeys returns the public key of the provided validators.

Invariant: All of the public keys in [vdrs] are valid.

func AggregateRingtailPublicKeys added in v1.16.56 

func AggregateRingtailPublicKeys(publicKeys [][]byte) ([]byte, error)

AggregateRingtailPublicKeys aggregates multiple Ringtail public keys into a single combined public key for threshold verification. This uses the threshold package's SchemeRingtail when available, falling back to XOR-based aggregation as a placeholder.

func SumWeight 

func SumWeight(vdrs []*Validator) (uint64, error)

SumWeight returns the total weight of the provided validators.

func VerifyRingtailSignature added in v1.16.56 

func VerifyRingtailSignature(publicKey []byte, message []byte, signature []byte) bool

VerifyRingtailSignature verifies a Ringtail lattice-based signature. This uses the threshold package's SchemeRingtail verifier when available.

func VerifyWeight 

func VerifyWeight(
	sigWeight uint64,
	totalWeight uint64,
	quorumNum uint64,
	quorumDen uint64,
) error

VerifyWeight returns [nil] if [sigWeight] is at least [quorumNum]/[quorumDen] of [totalWeight]. If [sigWeight >= totalWeight * quorumNum / quorumDen] then return [nil]

Types

type BitSetSignature 

type BitSetSignature struct {
	// Signers is a big-endian byte slice encoding which validators signed this
	// message.
	Signers   []byte                 `serialize:"true"`
	Signature [bls.SignatureLen]byte `serialize:"true"`
}

func (*BitSetSignature) NumSigners 

func (s *BitSetSignature) NumSigners() (int, error)

func (*BitSetSignature) String 

func (s *BitSetSignature) String() string

func (*BitSetSignature) Verify 

func (s *BitSetSignature) Verify(
	msg *UnsignedMessage,
	networkID uint32,
	validators CanonicalValidatorSet,
	quorumNum uint64,
	quorumDen uint64,
) error

type CachedValidatorState added in v1.16.56 

type CachedValidatorState struct {
	// contains filtered or unexported fields
}

CachedValidatorState wraps ValidatorState with an LRU cache

func NewCachedValidatorState added in v1.16.56 

func NewCachedValidatorState(
	state ValidatorState,
	upgradeConfig *upgrade.Config,
	networkID uint32,
	registerer metric.Registerer,
) (*CachedValidatorState, error)

NewCachedValidatorState creates a new cached validator state with Granite upgrade awareness

func (*CachedValidatorState) GetValidatorSet added in v1.16.56 

func (c *CachedValidatorState) GetValidatorSet(
	ctx context.Context,
	height uint64,
	subnetID ids.ID,
) (map[ids.NodeID]*ValidatorData, error)

GetValidatorSet implements ValidatorState with caching for post-Granite queries

type CanonicalValidatorSet 

type CanonicalValidatorSet struct {
	// Validators slice in canonical ordering of the validators that has public key
	Validators []*Validator
	// The total weight of all the validators, including the ones that doesn't have a public key
	TotalWeight uint64
}

func FlattenValidatorSet 

func FlattenValidatorSet(vdrSet map[ids.NodeID]*ValidatorData) (CanonicalValidatorSet, error)

FlattenValidatorSet converts the provided [vdrSet] into a canonical ordering. Also returns the total weight of the validator set.

func GetCanonicalValidatorSetFromChainID 

func GetCanonicalValidatorSetFromChainID(ctx context.Context,
	pChainState validators.State,
	pChainHeight uint64,
	sourceChainID ids.ID,
) (CanonicalValidatorSet, error)

GetCanonicalValidatorSetFromChainID returns the canonical validator set given a validators.State, pChain height and a sourceChainID.

func GetCanonicalValidatorSetFromSubsubnetID added in v1.16.56 

func GetCanonicalValidatorSetFromSubsubnetID(
	ctx context.Context,
	pChainState ValidatorState,
	pChainHeight uint64,
	subsubnetID ids.ID,
) (CanonicalValidatorSet, error)

GetCanonicalValidatorSetFromSubsubnetID returns the CanonicalValidatorSet of [subsubnetID] at [pChcainHeight]. The returned CanonicalValidatorSet includes the validator set in a canonical ordering and the total weight.

type EncryptedWarpPayload added in v1.16.56 

type EncryptedWarpPayload struct {
	// EncapsulatedKey is the ML-KEM ciphertext containing the encapsulated shared secret
	// Size: 1088 bytes for ML-KEM-768
	EncapsulatedKey []byte `serialize:"true"`

	// Nonce is the AES-GCM nonce (12 bytes)
	Nonce []byte `serialize:"true"`

	// Ciphertext is the AES-256-GCM encrypted payload
	// Includes 16-byte authentication tag at the end
	Ciphertext []byte `serialize:"true"`

	// RecipientKeyID identifies which ML-KEM public key was used
	// This allows recipients to know which private key to use for decryption
	RecipientKeyID []byte `serialize:"true"`
}

EncryptedWarpPayload provides quantum-safe encryption for confidential cross-chain messages using ML-KEM (FIPS 203) key encapsulation.

Use cases: - Private bridge transfers (hidden amounts/recipients) - Sealed-bid cross-chain auctions - Confidential governance votes - MEV protection (encrypt intent until committed)

Encryption: ML-KEM-768 (NIST Level 3) + AES-256-GCM Security: 192-bit post-quantum for key exchange, 256-bit symmetric

func EncryptWarpPayload added in v1.16.56 

func EncryptWarpPayload(plaintext []byte, recipientPubKey []byte, recipientKeyID []byte) (*EncryptedWarpPayload, error)

Encrypt creates an encrypted Warp payload using ML-KEM + AES-256-GCM

Parameters:

  • plaintext: The message to encrypt
  • recipientPubKey: The recipient's ML-KEM-768 public key
  • recipientKeyID: Identifier for the recipient's key (e.g., hash of pubkey)

Returns:

  • EncryptedWarpPayload containing the encrypted message
  • error if encryption fails

func (*EncryptedWarpPayload) Decrypt added in v1.16.56 

func (e *EncryptedWarpPayload) Decrypt(recipientPrivKey []byte) ([]byte, error)

Decrypt decrypts an encrypted Warp payload using the recipient's ML-KEM private key

Parameters:

  • recipientPrivKey: The recipient's ML-KEM-768 private key

Returns:

  • The decrypted plaintext
  • error if decryption fails (wrong key, tampered ciphertext, etc.)

func (*EncryptedWarpPayload) Size added in v1.16.56 

func (e *EncryptedWarpPayload) Size() int

Size returns the total size of the encrypted payload in bytes

func (*EncryptedWarpPayload) String added in v1.16.56 

func (e *EncryptedWarpPayload) String() string

type HybridBLSRTSignature added in v1.16.56 

type HybridBLSRTSignature struct {
	// Signers is a big-endian byte slice encoding which validators signed
	Signers []byte `serialize:"true"`

	// BLSSignature is the aggregated BLS signature (96 bytes)
	BLSSignature [bls.SignatureLen]byte `serialize:"true"`

	// RingtailSignature is the aggregated Ringtail lattice signature
	// Uses threshold signing to produce a single combined signature
	RingtailSignature []byte `serialize:"true"`

	// RingtailPublicKeys contains the Ringtail public keys for each signer
	// in the same order as indicated by the Signers bitset
	// This is needed because validators may have different RT keys than BLS keys
	RingtailPublicKeys [][]byte `serialize:"true"`
}

HybridBLSRTSignature implements a quantum-safe hybrid signature combining: - BLS aggregate signatures (classical security, compact) - Ringtail lattice signatures (post-quantum security, larger)

Both signatures MUST verify for the message to be considered valid. This provides security against both classical and quantum attackers.

Migration path: 1. Pre-quantum: BLS-only (BitSetSignature) 2. Transition: HybridBLSRTSignature (both required) 3. Post-quantum: Ringtail-only (future)

func (*HybridBLSRTSignature) NumSigners added in v1.16.56 

func (s *HybridBLSRTSignature) NumSigners() (int, error)

NumSigners returns the number of validators that participated in signing

func (*HybridBLSRTSignature) String added in v1.16.56 

func (s *HybridBLSRTSignature) String() string

func (*HybridBLSRTSignature) Verify added in v1.16.56 

func (s *HybridBLSRTSignature) Verify(
	msg *UnsignedMessage,
	networkID uint32,
	validators CanonicalValidatorSet,
	quorumNum uint64,
	quorumDen uint64,
) error

Verify validates both BLS and Ringtail signatures Both MUST be valid for the hybrid signature to be accepted

type Message 

type Message struct {
	UnsignedMessage `serialize:"true"`
	Signature       Signature `serialize:"true"`
	// contains filtered or unexported fields
}

Message defines the standard format for a Warp message.

func NewMessage 

func NewMessage(
	unsignedMsg *UnsignedMessage,
	signature Signature,
) (*Message, error)

NewMessage creates a new *Message and initializes it.

func ParseMessage 

func ParseMessage(b []byte) (*Message, error)

ParseMessage converts a slice of bytes into an initialized *Message.

func (*Message) Bytes 

func (m *Message) Bytes() []byte

Bytes returns the binary representation of this message. It assumes that the message is initialized from either New, Parse, or an explicit call to Initialize.

func (*Message) Initialize 

func (m *Message) Initialize() error

Initialize recalculates the result of Bytes(). It does not call Initialize() on the UnsignedMessage.

func (*Message) String 

func (m *Message) String() string

type RingtailSignature added in v1.16.56 

type RingtailSignature struct {
	// Signers is a big-endian byte slice encoding which validators signed
	Signers []byte `serialize:"true"`

	// Signature is the Ringtail threshold signature
	// Contains: c (challenge polynomial), z (response vector), Delta (hint vector)
	// Size depends on threshold parameters (M, N, Dbar, Kappa)
	Signature []byte `serialize:"true"`
}

RingtailSignature is the Warp 1.5 quantum-safe signature type. This is the recommended signature type for all new Warp messages. It uses Ringtail (LWE-based) threshold signatures for post-quantum security.

Ringtail properties: - Native threshold support (no need for separate TSS layer) - Two-round signing protocol - Post-quantum secure (based on LWE hardness) - Paper: https://eprint.iacr.org/2024/1113

Replaces: BitSetSignature (BLS), HybridBLSRTSignature Security: Post-quantum secure (LWE-based) Size: Variable based on threshold parameters

func (*RingtailSignature) NumSigners added in v1.16.56 

func (s *RingtailSignature) NumSigners() (int, error)

NumSigners returns the number of validators that participated in signing

func (*RingtailSignature) String added in v1.16.56 

func (s *RingtailSignature) String() string

func (*RingtailSignature) Verify added in v1.16.56 

func (s *RingtailSignature) Verify(
	msg *UnsignedMessage,
	networkID uint32,
	validators CanonicalValidatorSet,
	quorumNum uint64,
	quorumDen uint64,
) error

Verify validates the Ringtail (ML-DSA) threshold signature

type Signature 

type Signature interface {
	fmt.Stringer

	// NumSigners is the number of [bls.PublicKeys] that participated in the
	// [Signature]. This is exposed because users of these signatures typically
	// impose a verification fee that is a function of the number of
	// signers.
	NumSigners() (int, error)

	// Verify that this signature was signed by at least [quorumNum]/[quorumDen]
	// of the validators of [msg.SourceChainID] at [pChainHeight].
	//
	// Invariant: [msg] is correctly initialized.
	Verify(
		msg *UnsignedMessage,
		networkID uint32,
		validators CanonicalValidatorSet,
		quorumNum uint64,
		quorumDen uint64,
	) error
}

type SignatureType added in v1.16.56 

type SignatureType uint8

SignatureType indicates which signature algorithm to use 

const (
	// SigTypeBLS uses classical BLS signatures (Warp 1.0 compatibility)
	SigTypeBLS SignatureType = iota
	// SigTypeRingtail uses quantum-safe Ringtail signatures (recommended)
	SigTypeRingtail
	// SigTypeHybrid uses BLS+Ringtail hybrid (deprecated)
	SigTypeHybrid
)

func RecommendedSignatureType added in v1.16.56 

func RecommendedSignatureType() SignatureType

RecommendedSignatureType returns the recommended signature type for Warp 1.5 This is Ringtail (quantum-safe) by default

func (SignatureType) IsQuantumSafe added in v1.16.56 

func (s SignatureType) IsQuantumSafe() bool

IsQuantumSafe returns whether the signature type provides post-quantum security

func (SignatureType) String added in v1.16.56 

func (s SignatureType) String() string

String returns the name of the signature type

type Signer 

type Signer interface {
	// Returns this node's BLS signature over an unsigned message. If the caller
	// does not have the authority to sign the message, an error will be
	// returned.
	//
	// Assumes the unsigned message is correctly initialized.
	Sign(msg *UnsignedMessage) ([]byte, error)
}

func NewSigner 

func NewSigner(sk bls.Signer, networkID uint32, chainID ids.ID) Signer

type TeleportAttestPayload added in v1.16.56 

type TeleportAttestPayload struct {
	// AttestationType identifies what is being attested
	AttestationType uint8 `serialize:"true"`

	// Timestamp of the attestation
	Timestamp uint64 `serialize:"true"`

	// Data is the attestation payload (e.g., price feed, compute result)
	Data []byte `serialize:"true"`

	// AttesterID identifies who created the attestation
	AttesterID ids.NodeID `serialize:"true"`
}

TeleportAttestPayload represents an attestation (oracle data)

type TeleportMessage added in v1.16.56 

type TeleportMessage struct {
	// Version is the Teleport protocol version
	Version uint8 `serialize:"true"`

	// MessageType indicates the type of cross-chain operation
	MessageType TeleportType `serialize:"true"`

	// SourceChainID identifies the source blockchain
	SourceChainID ids.ID `serialize:"true"`

	// DestChainID identifies the destination blockchain
	DestChainID ids.ID `serialize:"true"`

	// Nonce prevents replay attacks
	Nonce uint64 `serialize:"true"`

	// Payload contains the application-specific message data
	// For TeleportPrivate, this should be an EncryptedWarpPayload
	Payload []byte `serialize:"true"`

	// Encrypted indicates whether the payload is encrypted
	Encrypted bool `serialize:"true"`
}

TeleportMessage wraps a Warp message for cross-chain bridging operations. This is the high-level abstraction for Teleport cross-chain messaging.

Warp 1.5 supports three signature types: - BitSetSignature: Classical BLS (legacy) - RingtailSignature: Quantum-safe (recommended) - HybridBLSRTSignature: BLS+RT hybrid (deprecated)

func NewPrivateTeleportMessage added in v1.16.56 

func NewPrivateTeleportMessage(
	sourceChainID ids.ID,
	destChainID ids.ID,
	nonce uint64,
	payload []byte,
	recipientPubKey []byte,
	recipientKeyID []byte,
) (*TeleportMessage, error)

NewPrivateTeleportMessage creates an encrypted Teleport message

func NewTeleportMessage added in v1.16.56 

func NewTeleportMessage(
	messageType TeleportType,
	sourceChainID ids.ID,
	destChainID ids.ID,
	nonce uint64,
	payload []byte,
) *TeleportMessage

NewTeleportMessage creates a new Teleport message for cross-chain communication

func (*TeleportMessage) DecryptPayload added in v1.16.56 

func (t *TeleportMessage) DecryptPayload(recipientPrivKey []byte) ([]byte, error)

DecryptPayload decrypts an encrypted TeleportMessage payload

func (*TeleportMessage) String added in v1.16.56 

func (t *TeleportMessage) String() string

String returns a human-readable representation of the TeleportMessage

func (*TeleportMessage) ToWarpMessage added in v1.16.56 

func (t *TeleportMessage) ToWarpMessage(networkID uint32) (*UnsignedMessage, error)

ToWarpMessage converts a TeleportMessage to an UnsignedMessage for signing

func (*TeleportMessage) Validate added in v1.16.56 

func (t *TeleportMessage) Validate() error

Validate checks if the TeleportMessage is well-formed

type TeleportTransferPayload added in v1.16.56 

type TeleportTransferPayload struct {
	// AssetID is the asset being transferred
	AssetID ids.ID `serialize:"true"`

	// Amount is the quantity being transferred
	Amount uint64 `serialize:"true"`

	// Sender is the source address (chain-specific encoding)
	Sender []byte `serialize:"true"`

	// Recipient is the destination address (chain-specific encoding)
	Recipient []byte `serialize:"true"`

	// Fee paid for the bridge operation
	Fee uint64 `serialize:"true"`

	// Memo is optional metadata
	Memo []byte `serialize:"true"`
}

TeleportTransferPayload represents a cross-chain asset transfer

func NewTransferPayload added in v1.16.56 

func NewTransferPayload(
	assetID ids.ID,
	amount uint64,
	sender []byte,
	recipient []byte,
	fee uint64,
	memo []byte,
) *TeleportTransferPayload

NewTransferPayload creates a new transfer payload for cross-chain asset transfers

func ParseTransferPayload added in v1.16.56 

func ParseTransferPayload(data []byte) (*TeleportTransferPayload, error)

ParseTransferPayload deserializes a transfer payload

func (*TeleportTransferPayload) Bytes added in v1.16.56 

func (p *TeleportTransferPayload) Bytes() ([]byte, error)

Bytes serializes the transfer payload

type TeleportType added in v1.16.56 

type TeleportType uint8

TeleportType represents the type of cross-chain operation 

const (
	// TeleportTransfer is a standard asset transfer between chains
	TeleportTransfer TeleportType = iota
	// TeleportSwap is an atomic swap between chains
	TeleportSwap
	// TeleportLock locks assets on the source chain
	TeleportLock
	// TeleportUnlock unlocks assets on the destination chain
	TeleportUnlock
	// TeleportAttest is an attestation message (oracle data, price feeds)
	TeleportAttest
	// TeleportGovernance is a cross-chain governance message
	TeleportGovernance
	// TeleportPrivate is an encrypted private transfer
	TeleportPrivate
)

type UnsignedMessage 

type UnsignedMessage struct {
	NetworkID     uint32 `serialize:"true"`
	SourceChainID ids.ID `serialize:"true"`
	Payload       []byte `serialize:"true"`
	// contains filtered or unexported fields
}

UnsignedMessage defines the standard format for an unsigned Warp message.

func NewUnsignedMessage 

func NewUnsignedMessage(
	networkID uint32,
	sourceChainID ids.ID,
	payload []byte,
) (*UnsignedMessage, error)

NewUnsignedMessage creates a new *UnsignedMessage and initializes it.

func ParseUnsignedMessage 

func ParseUnsignedMessage(b []byte) (*UnsignedMessage, error)

ParseUnsignedMessage converts a slice of bytes into an initialized *UnsignedMessage.

func (*UnsignedMessage) Bytes 

func (m *UnsignedMessage) Bytes() []byte

Bytes returns the binary representation of this message. It assumes that the message is initialized from either New, Parse, or an explicit call to Initialize.

func (*UnsignedMessage) ID 

func (m *UnsignedMessage) ID() ids.ID

ID returns an identifier for this message. It assumes that the message is initialized from either New, Parse, or an explicit call to Initialize.

func (*UnsignedMessage) Initialize 

func (m *UnsignedMessage) Initialize() error

Initialize recalculates the result of Bytes().

func (*UnsignedMessage) String 

func (m *UnsignedMessage) String() string

type Validator 

type Validator struct {
	PublicKey      *bls.PublicKey
	PublicKeyBytes []byte
	RingtailPubKey []byte // Post-quantum Ringtail public key
	Weight         uint64
	NodeIDs        []ids.NodeID
}

func FilterValidators 

func FilterValidators(
	indices set.Bits,
	vdrs []*Validator,
) ([]*Validator, error)

FilterValidators returns the validators in [vdrs] whose bit is set to 1 in [indices].

Returns an error if [indices] references an unknown validator.

func (*Validator) Compare 

func (v *Validator) Compare(o *Validator) int

type ValidatorData added in v1.16.56 

type ValidatorData struct {
	NodeID         ids.NodeID
	PublicKey      []byte // BLS public key (classical)
	RingtailPubKey []byte // Ringtail public key (post-quantum)
	Weight         uint64
}

ValidatorData contains the data for a single validator

type ValidatorState 

type ValidatorState interface {
	GetValidatorSet(ctx context.Context, height uint64, subnetID ids.ID) (map[ids.NodeID]*ValidatorData, error)
}

ValidatorState defines the functions that must be implemented to get the canonical validator set for warp message validation.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.