exebench for keyless

aptos-move/aptos-vm/src/keyless_validation.rs

@@ -248,16 +248,17 @@ pub(crate) fn validate_authenticators(
                         get_jwk_for_authenticator(&federated_jwks.jwks, pk.inner_keyless_pk(), sig)?
                     },
                     // 2.b: If this is not a federated keyless account, then we fail the validation.
-                    AnyKeylessPublicKey::Normal(_) => return Err(e),
+                    AnyKeylessPublicKey::Normal(_) => {
+                        return Err(e)
+                    },
                 }
             },
         };
-
         match &sig.cert {
             EphemeralCertificate::ZeroKnowledgeSig(zksig) => match jwk {
                 JWK::RSA(rsa_jwk) => {
                     if zksig.exp_horizon_secs > config.max_exp_horizon_secs {
-                        // println!("[aptos-vm][groth16] Expiration horizon is too long");
+                        println!("[aptos-vm][groth16] Expiration horizon is too long");
                         return Err(invalid_signature!("The expiration horizon is too long"));
                     }
 
@@ -277,7 +278,7 @@ pub(crate) fn validate_authenticators(
                                 config,
                             )
                             .map_err(|_| {
-                                // println!("[aptos-vm][groth16] PIH computation failed");
+                                println!("[aptos-vm][groth16] PIH computation failed");
                                 invalid_signature!("Could not compute public inputs hash")
                             })?;
                             // println!("Public inputs hash time: {:?}", start.elapsed());
@@ -295,26 +296,27 @@ pub(crate) fn validate_authenticators(
                                                 training_wheels_pk.as_ref().unwrap(),
                                             )
                                             .map_err(|_| {
-                                                // println!("[aptos-vm][groth16] TW sig verification failed");
+                                                println!("[aptos-vm][groth16] TW sig verification failed");
                                                 invalid_signature!(
                                                     "Could not verify training wheels signature"
                                                 )
                                             })?;
                                     },
                                     None => {
-                                        // println!("[aptos-vm][groth16] Expected TW sig to be set");
+                                        println!("[aptos-vm][groth16] Expected TW sig to be set");
                                         return Err(invalid_signature!(
                                             "Training wheels signature expected but it is missing"
                                         ));
                                     },
                                 }
                             }
-
+                            println!("exeing, pub_inputs_hash={}", public_inputs_hash.0);
+                            println!("exeing, pvk_a1b2={}", pvk.as_ref().unwrap().alpha_g1_beta_g2);
                             let result = zksig
                                 .verify_groth16_proof(public_inputs_hash, pvk.as_ref().unwrap());
 
                             result.map_err(|_| {
-                                // println!("[aptos-vm][groth16] ZKP verification failed");
+                                println!("[aptos-vm][groth16] ZKP verification failed");
                                 // println!("[aptos-vm][groth16] PIH: {}", public_inputs_hash);
                                 // match zksig.proof {
                                 //     ZKP::Groth16(proof) => {

aptos-move/vm-genesis/src/lib.rs

@@ -69,6 +69,8 @@ use once_cell::sync::Lazy;
 use rand::prelude::*;
 use serde::{Deserialize, Serialize};
 use std::collections::BTreeMap;
+use aptos_types::jwks::jwk::JWK;
+use aptos_types::keyless::proof_simulation::TEST_GROTH16_KEYS;
 
 // The seed is arbitrarily picked to produce a consistent key. XXX make this more formal?
 const GENESIS_SEED: [u8; 32] = [42; 32];
@@ -109,6 +111,7 @@ pub struct GenesisConfiguration {
     pub initial_features_override: Option<Features>,
     pub randomness_config_override: Option<OnChainRandomnessConfig>,
     pub jwk_consensus_config_override: Option<OnChainJWKConsensusConfig>,
+    pub initial_jwks: Vec<PatchUpsertJWK>,
 }
 
 pub static GENESIS_KEYPAIR: Lazy<(Ed25519PrivateKey, Ed25519PublicKey)> = Lazy::new(|| {
@@ -304,7 +307,7 @@ pub fn encode_genesis_change_set(
         .unwrap_or_else(OnChainJWKConsensusConfig::default_for_genesis);
     initialize_jwk_consensus_config(&mut session, &module_storage, &jwk_consensus_config);
     initialize_jwks_resources(&mut session, &module_storage);
-    initialize_keyless_accounts(&mut session, &module_storage, chain_id);
+    initialize_keyless_accounts(&mut session, &module_storage, chain_id, genesis_config.initial_jwks.clone());
     set_genesis_end(&mut session, &module_storage);
 
     // Reconfiguration should happen after all on-chain invocations.
@@ -676,6 +679,7 @@ fn initialize_keyless_accounts(
     session: &mut SessionExt,
     module_storage: &impl AptosModuleStorage,
     chain_id: ChainId,
+    mut initial_jwks_for_testing: Vec<PatchUpsertJWK>,
 ) {
     let config = keyless::Configuration::new_for_devnet();
     exec_function(
@@ -690,7 +694,8 @@ fn initialize_keyless_accounts(
         ]),
     );
     if !chain_id.is_mainnet() {
-        let vk = Groth16VerificationKey::from(&*DEVNET_VERIFICATION_KEY);
+        let pvk = &(*TEST_GROTH16_KEYS).prepared_vk;
+        let vk = Groth16VerificationKey::from(pvk);
         exec_function(
             session,
             module_storage,
@@ -703,11 +708,11 @@ fn initialize_keyless_accounts(
             ]),
         );
 
-        let patch: PatchJWKMoveStruct = PatchUpsertJWK {
+        let additional_jwk_patch = PatchUpsertJWK {
             issuer: get_sample_iss(),
             jwk: secure_test_rsa_jwk().into(),
-        }
-        .into();
+        };
+        initial_jwks_for_testing.push(additional_jwk_patch);
         exec_function(
             session,
             module_storage,
@@ -716,7 +721,7 @@ fn initialize_keyless_accounts(
             vec![],
             serialize_values(&vec![
                 MoveValue::Signer(CORE_CODE_ADDRESS),
-                MoveValue::Vector(vec![patch.as_move_value()]),
+                initial_jwks_for_testing.into_iter().map(PatchJWKMoveStruct::from).collect::<Vec<_>>().as_move_value(),
             ]),
         );
     }
@@ -1229,6 +1234,7 @@ pub fn generate_test_genesis(
             initial_features_override: None,
             randomness_config_override: None,
             jwk_consensus_config_override: None,
+            initial_jwks: vec![],
         },
         &OnChainConsensusConfig::default_for_genesis(),
         &OnChainExecutionConfig::default_for_genesis(),
@@ -1279,6 +1285,7 @@ fn mainnet_genesis_config() -> GenesisConfiguration {
         initial_features_override: None,
         randomness_config_override: None,
         jwk_consensus_config_override: None,
+        initial_jwks: vec![],
     }
 }
 

crates/aptos-genesis/src/builder.rs

@@ -45,6 +45,7 @@ use std::{
     path::{Path, PathBuf},
     sync::Arc,
 };
+use aptos_types::jwks::patch::PatchUpsertJWK;
 
 const VALIDATOR_IDENTITY: &str = "validator-identity.yaml";
 const VFN_IDENTITY: &str = "vfn-identity.yaml";
@@ -441,6 +442,7 @@ pub struct GenesisConfiguration {
     pub initial_features_override: Option<Features>,
     pub randomness_config_override: Option<OnChainRandomnessConfig>,
     pub jwk_consensus_config_override: Option<OnChainJWKConsensusConfig>,
+    pub initial_jwks: Vec<PatchUpsertJWK>,
 }
 
 pub type InitConfigFn = Arc<dyn Fn(usize, &mut NodeConfig, &mut NodeConfig) + Send + Sync>;
@@ -662,6 +664,7 @@ impl Builder {
             initial_features_override: None,
             randomness_config_override: None,
             jwk_consensus_config_override: None,
+            initial_jwks: vec![],
         };
         if let Some(init_genesis_config) = &self.init_genesis_config {
             (init_genesis_config)(&mut genesis_config);

crates/aptos-genesis/src/lib.rs

@@ -33,6 +33,7 @@ use aptos_types::{
 use aptos_vm::AptosVM;
 use aptos_vm_genesis::Validator;
 use std::convert::TryInto;
+use aptos_types::jwks::patch::PatchUpsertJWK;
 
 /// Holder object for all pieces needed to generate a genesis transaction
 #[derive(Clone)]
@@ -76,6 +77,7 @@ pub struct GenesisInfo {
     pub initial_features_override: Option<Features>,
     pub randomness_config_override: Option<OnChainRandomnessConfig>,
     pub jwk_consensus_config_override: Option<OnChainJWKConsensusConfig>,
+    pub initial_jwks: Vec<PatchUpsertJWK>,
 }
 
 impl GenesisInfo {
@@ -115,6 +117,7 @@ impl GenesisInfo {
             initial_features_override: genesis_config.initial_features_override.clone(),
             randomness_config_override: genesis_config.randomness_config_override.clone(),
             jwk_consensus_config_override: genesis_config.jwk_consensus_config_override.clone(),
+            initial_jwks: genesis_config.initial_jwks.clone(),
         })
     }
 
@@ -150,6 +153,7 @@ impl GenesisInfo {
                 initial_features_override: self.initial_features_override.clone(),
                 randomness_config_override: self.randomness_config_override.clone(),
                 jwk_consensus_config_override: self.jwk_consensus_config_override.clone(),
+                initial_jwks: self.initial_jwks.clone(),
             },
             &self.consensus_config,
             &self.execution_config,

crates/aptos-genesis/src/mainnet.rs

@@ -16,6 +16,7 @@ use aptos_types::{
     transaction::Transaction,
     waypoint::Waypoint,
 };
+use aptos_types::jwks::patch::PatchUpsertJWK;
 use aptos_vm::AptosVM;
 use aptos_vm_genesis::{AccountBalance, EmployeePool, ValidatorWithCommissionRate};
 
@@ -143,6 +144,7 @@ impl MainnetGenesisInfo {
                 initial_features_override: self.initial_features_override.clone(),
                 randomness_config_override: self.randomness_config_override.clone(),
                 jwk_consensus_config_override: self.jwk_consensus_config_override.clone(),
+                initial_jwks: vec![],
             },
         )
     }

execution/executor-benchmark/src/account_generator.rs

@@ -17,15 +17,15 @@ impl AccountGenerator {
     const SEED_ACCOUNTS_ROOT_SEED: u64 = u64::max_value();
     const USER_ACCOUNTS_ROOT_SEED: u64 = 0;
 
-    pub fn new_for_seed_accounts() -> Self {
-        Self::new(Self::SEED_ACCOUNTS_ROOT_SEED, 0)
+    pub fn new_for_seed_accounts(is_keyless: bool) -> Self {
+        Self::new(Self::SEED_ACCOUNTS_ROOT_SEED, 0, is_keyless)
     }
 
-    pub fn new_for_user_accounts(num_to_skip: u64) -> Self {
-        Self::new(Self::USER_ACCOUNTS_ROOT_SEED, num_to_skip)
+    pub fn new_for_user_accounts(num_to_skip: u64, is_keyless: bool) -> Self {
+        Self::new(Self::USER_ACCOUNTS_ROOT_SEED, num_to_skip, is_keyless)
     }
 
-    fn new(root_seed: u64, num_to_skip: u64) -> Self {
+    fn new(root_seed: u64, num_to_skip: u64, is_keyless: bool) -> Self {
         let mut root_rng = StdRng::seed_from_u64(root_seed);
         let num_rngs_to_skip = num_to_skip / Self::MAX_ACCOUNT_GEN_PER_RNG;
         for _ in 0..num_rngs_to_skip {
@@ -35,14 +35,14 @@ impl AccountGenerator {
         let mut active_rng_quota = Self::MAX_ACCOUNT_GEN_PER_RNG - active_rng_to_skip;
         let mut active_rng = StdRng::seed_from_u64(root_rng.next_u64());
         for _ in 0..active_rng_to_skip {
-            LocalAccount::generate(&mut active_rng);
+            LocalAccount::generate_v2(&mut active_rng, is_keyless);
         }
         let (sender, receiver) = mpsc::sync_channel(100 /* bound */);
 
         std::thread::Builder::new()
             .name("account_generator".to_string())
             .spawn(move || {
-                while sender.send(LocalAccount::generate(&mut active_rng)).is_ok() {
+                while sender.send(LocalAccount::generate_v2(&mut active_rng, is_keyless)).is_ok() {
                     active_rng_quota -= 1;
                     if active_rng_quota == 0 {
                         active_rng = StdRng::seed_from_u64(root_rng.next_u64());

execution/executor-benchmark/src/db_generator.rs

@@ -19,6 +19,9 @@ use aptos_storage_interface::DbReaderWriter;
 use aptos_types::on_chain_config::Features;
 use aptos_vm::AptosVM;
 use std::{fs, path::Path};
+use std::sync::Arc;
+use aptos_types::jwks::patch::PatchUpsertJWK;
+use aptos_types::keyless::test_utils::{get_sample_iss, get_sample_jwk};
 
 pub fn create_db_with_accounts<V>(
     num_accounts: usize,
@@ -30,6 +33,7 @@ pub fn create_db_with_accounts<V>(
     enable_storage_sharding: bool,
     pipeline_config: PipelineConfig,
     init_features: Features,
+    is_keyless: bool,
 ) where
     V: TransactionBlockExecutor + 'static,
 {
@@ -59,6 +63,7 @@ pub fn create_db_with_accounts<V>(
         enable_storage_sharding,
         pipeline_config,
         init_features,
+        is_keyless,
     );
 }
 
@@ -67,8 +72,10 @@ fn bootstrap_with_genesis(
     enable_storage_sharding: bool,
     init_features: Features,
 ) {
-    let (config, _genesis_key) =
-        aptos_genesis::test_utils::test_config_with_custom_features(init_features);
+    let (config, _genesis_key) = aptos_genesis::test_utils::test_config_with_custom_onchain(Some(Arc::new(move |config| {
+        config.initial_features_override = Some(init_features.clone());
+        config.initial_jwks = vec![PatchUpsertJWK { issuer: get_sample_iss(), jwk: get_sample_jwk().into() }];
+    })));
 
     let mut rocksdb_configs = RocksdbConfigs::default();
     rocksdb_configs.state_merkle_db_config.max_open_files = -1;

execution/executor-benchmark/src/lib.rs

@@ -110,6 +110,7 @@ pub fn run_benchmark<V>(
     enable_storage_sharding: bool,
     pipeline_config: PipelineConfig,
     init_features: Features,
+    is_keyless: bool,
 ) where
     V: TransactionBlockExecutor + 'static,
 {
@@ -147,7 +148,7 @@ pub fn run_benchmark<V>(
         }
 
         let accounts_cache =
-            TransactionGenerator::gen_user_account_cache(db.reader.clone(), num_accounts_to_be_loaded, num_accounts_to_skip);
+            TransactionGenerator::gen_user_account_cache(db.reader.clone(), num_accounts_to_be_loaded, num_accounts_to_skip, is_keyless);
         let (main_signer_accounts, burner_accounts) =
             accounts_cache.split(num_main_signer_accounts);
 
@@ -195,6 +196,7 @@ pub fn run_benchmark<V>(
         source_dir,
         Some(num_accounts_to_load),
         pipeline_config.num_generator_workers,
+        is_keyless,
     );
 
     let mut overall_measuring = OverallMeasuring::start();
@@ -306,6 +308,7 @@ pub fn add_accounts<V>(
     enable_storage_sharding: bool,
     pipeline_config: PipelineConfig,
     init_features: Features,
+    is_keyless: bool,
 ) where
     V: TransactionBlockExecutor + 'static,
 {
@@ -326,6 +329,7 @@ pub fn add_accounts<V>(
         enable_storage_sharding,
         pipeline_config,
         init_features,
+        is_keyless,
     );
 }
 
@@ -340,6 +344,7 @@ fn add_accounts_impl<V>(
     enable_storage_sharding: bool,
     pipeline_config: PipelineConfig,
     init_features: Features,
+    is_keyless: bool,
 ) where
     V: TransactionBlockExecutor + 'static,
 {
@@ -366,6 +371,7 @@ fn add_accounts_impl<V>(
         &source_dir,
         None,
         pipeline_config.num_generator_workers,
+        is_keyless,
     );
 
     let start_time = Instant::now();
@@ -375,6 +381,7 @@ fn add_accounts_impl<V>(
         num_new_accounts,
         init_account_balance,
         block_size,
+        is_keyless,
     );
     pipeline.start_execution();
     generator.drop_sender();
@@ -780,6 +787,7 @@ mod tests {
             false,
             PipelineConfig::default(),
             Features::default(),
+            false,
         );
     }