Make private/public key strong type (iotexproject#699)

* Make private/public key strong type

* Address comments and add tests for keypair pkg

* Return invalid public/private key length as an error instead of panic

Author: lizhefeng

actpool/actpool.go

@@ -18,6 +18,7 @@ import (
 	"github.com/iotexproject/iotex-core/iotxaddress"
 	"github.com/iotexproject/iotex-core/logger"
 	"github.com/iotexproject/iotex-core/pkg/hash"
+	"github.com/iotexproject/iotex-core/pkg/keypair"
 	"github.com/iotexproject/iotex-core/proto"
 )
 
@@ -208,7 +209,8 @@ func (ap *actPool) AddVote(vote *action.Vote) error {
 		return errors.Wrapf(ErrActPool, "insufficient space for vote")
 	}
 
-	voter, _ := iotxaddress.GetAddress(vote.SelfPubkey, iotxaddress.IsTestnet, iotxaddress.ChainID)
+	selfPublicKey, _ := vote.SelfPublicKey()
+	voter, _ := iotxaddress.GetAddress(selfPublicKey, iotxaddress.IsTestnet, iotxaddress.ChainID)
 	// Wrap vote as an action
 	action := &iproto.ActionPb{Action: &iproto.ActionPb_Vote{vote.ConvertToVotePb()}}
 	return ap.addAction(voter.RawAddress, action, hash, vote.Nonce)
@@ -289,7 +291,11 @@ func (ap *actPool) validateVote(vote *action.Vote) error {
 		logger.Error().Msg("Error when validating vote")
 		return errors.Wrapf(ErrActPool, "oversized data")
 	}
-	voter, err := iotxaddress.GetAddress(vote.SelfPubkey, iotxaddress.IsTestnet, iotxaddress.ChainID)
+	selfPublicKey, err := vote.SelfPublicKey()
+	if err != nil {
+		return err
+	}
+	voter, err := iotxaddress.GetAddress(selfPublicKey, iotxaddress.IsTestnet, iotxaddress.ChainID)
 	if err != nil {
 		logger.Error().Err(err).Msg("Error when validating vote")
 		return errors.Wrapf(err, "invalid voter address")
@@ -306,9 +312,13 @@ func (ap *actPool) validateVote(vote *action.Vote) error {
 		logger.Error().Err(err).Msg("Error when validating vote")
 		return errors.Wrapf(err, "invalid nonce value")
 	}
-	if len(vote.VotePubkey) > 0 {
+	votePublicKey, err := vote.VotePublicKey()
+	if err != nil {
+		return err
+	}
+	if votePublicKey != keypair.ZeroPublicKey {
 		// Reject vote if votee is not a candidate
-		votee, err := iotxaddress.GetAddress(vote.VotePubkey, iotxaddress.IsTestnet, iotxaddress.ChainID)
+		votee, err := iotxaddress.GetAddress(votePublicKey, iotxaddress.IsTestnet, iotxaddress.ChainID)
 		if err != nil {
 			logger.Error().
 				Err(err).Hex("voter", vote.SelfPubkey[:]).Hex("votee", vote.VotePubkey).

actpool/actpool_test.go

@@ -21,6 +21,7 @@ import (
 	"github.com/iotexproject/iotex-core/config"
 	"github.com/iotexproject/iotex-core/iotxaddress"
 	"github.com/iotexproject/iotex-core/logger"
+	"github.com/iotexproject/iotex-core/pkg/keypair"
 	pb "github.com/iotexproject/iotex-core/proto"
 	"github.com/iotexproject/iotex-core/test/mock/mock_blockchain"
 	"github.com/iotexproject/iotex-core/test/util"
@@ -222,7 +223,7 @@ func TestActPool_AddActs(t *testing.T) {
 	replaceTsf, _ := signedTransfer(addr1, addr2, uint64(1), big.NewInt(1))
 	err = ap.AddTsf(replaceTsf)
 	require.Equal(ErrNonce, errors.Cause(err))
-	replaceVote := action.NewVote(4, addr1.PublicKey, []byte{})
+	replaceVote := action.NewVote(4, addr1.PublicKey, keypair.ZeroPublicKey)
 	replaceVote, _ = replaceVote.Sign(addr1)
 	require.Equal(ErrNonce, errors.Cause(err))
 	// Case IV: Nonce is too large
@@ -580,11 +581,11 @@ func TestActPool_Reset(t *testing.T) {
 	require.Nil(err)
 	tsf21, _ := signedTransfer(addr4, addr5, uint64(1), big.NewInt(10))
 	vote22, _ := signedVote(addr4, addr4, uint64(2))
-	vote23 := action.NewVote(3, addr4.PublicKey, []byte{})
+	vote23 := action.NewVote(3, addr4.PublicKey, keypair.ZeroPublicKey)
 	vote23, err = vote23.Sign(addr4)
 	vote24, _ := signedVote(addr5, addr5, uint64(1))
 	tsf25, _ := signedTransfer(addr5, addr4, uint64(2), big.NewInt(10))
-	vote26 := action.NewVote(3, addr5.PublicKey, []byte{})
+	vote26 := action.NewVote(3, addr5.PublicKey, keypair.ZeroPublicKey)
 	vote26, err = vote26.Sign(addr5)
 
 	err = ap1.AddTsf(tsf21)

blockchain/action/transfer.go

@@ -21,6 +21,7 @@ import (
 	"github.com/iotexproject/iotex-core/logger"
 	"github.com/iotexproject/iotex-core/pkg/enc"
 	"github.com/iotexproject/iotex-core/pkg/hash"
+	"github.com/iotexproject/iotex-core/pkg/keypair"
 	"github.com/iotexproject/iotex-core/pkg/version"
 	"github.com/iotexproject/iotex-core/proto"
 )
@@ -41,7 +42,7 @@ type (
 		Sender          string
 		Recipient       string
 		Payload         []byte
-		SenderPublicKey []byte
+		SenderPublicKey keypair.PublicKey
 		Signature       []byte
 		IsCoinbase      bool
 		// Coinbase transfer is not expected to be received from the network but can only be generated by block producer
@@ -107,7 +108,7 @@ func (tsf *Transfer) ByteStream() []byte {
 	stream = append(stream, tsf.Sender...)
 	stream = append(stream, tsf.Recipient...)
 	stream = append(stream, tsf.Payload...)
-	stream = append(stream, tsf.SenderPublicKey...)
+	stream = append(stream, tsf.SenderPublicKey[:]...)
 	// Signature = Sign(hash(ByteStream())), so not included
 	if tsf.IsCoinbase {
 		stream = append(stream, 1)
@@ -126,7 +127,7 @@ func (tsf *Transfer) ConvertToTransferPb() *iproto.TransferPb {
 		Sender:       tsf.Sender,
 		Recipient:    tsf.Recipient,
 		Payload:      tsf.Payload,
-		SenderPubKey: tsf.SenderPublicKey,
+		SenderPubKey: tsf.SenderPublicKey[:],
 		Signature:    tsf.Signature,
 		IsCoinbase:   tsf.IsCoinbase,
 	}
@@ -146,7 +147,7 @@ func (tsf *Transfer) ToJSON() *explorer.Transfer {
 		Sender:       tsf.Sender,
 		Recipient:    tsf.Recipient,
 		Payload:      hex.EncodeToString(tsf.Payload),
-		SenderPubKey: hex.EncodeToString(tsf.SenderPublicKey),
+		SenderPubKey: keypair.EncodePublicKey(tsf.SenderPublicKey),
 		Signature:    hex.EncodeToString(tsf.Signature),
 		IsCoinbase:   tsf.IsCoinbase,
 	}
@@ -184,8 +185,7 @@ func (tsf *Transfer) ConvertFromTransferPb(pbTx *iproto.TransferPb) {
 	}
 	tsf.Payload = nil
 	tsf.Payload = pbTx.Payload
-	tsf.SenderPublicKey = nil
-	tsf.SenderPublicKey = pbTx.SenderPubKey
+	copy(tsf.SenderPublicKey[:], pbTx.SenderPubKey)
 	tsf.Signature = nil
 	tsf.Signature = pbTx.Signature
 	tsf.IsCoinbase = pbTx.IsCoinbase
@@ -206,12 +206,12 @@ func NewTransferFromJSON(jsonTsf *explorer.Transfer) (*Transfer, error) {
 		return nil, err
 	}
 	tsf.Payload = payload
-	senderPubKey, err := hex.DecodeString(jsonTsf.SenderPubKey)
+	senderPubKey, err := keypair.StringToPubKeyBytes(jsonTsf.SenderPubKey)
 	if err != nil {
 		logger.Error().Err(err).Msg("Fail to create a new Transfer from TransferJSON")
 		return nil, err
 	}
-	tsf.SenderPublicKey = senderPubKey
+	copy(tsf.SenderPublicKey[:], senderPubKey)
 	signature, err := hex.DecodeString(jsonTsf.Signature)
 	if err != nil {
 		logger.Error().Err(err).Msg("Fail to create a new Transfer from TransferJSON")

blockchain/action/vote.go

@@ -20,6 +20,7 @@ import (
 	"github.com/iotexproject/iotex-core/logger"
 	"github.com/iotexproject/iotex-core/pkg/enc"
 	"github.com/iotexproject/iotex-core/pkg/hash"
+	"github.com/iotexproject/iotex-core/pkg/keypair"
 	"github.com/iotexproject/iotex-core/pkg/version"
 	"github.com/iotexproject/iotex-core/proto"
 )
@@ -42,17 +43,27 @@ type Vote struct {
 }
 
 // NewVote returns a Vote instance
-func NewVote(nonce uint64, selfPubKey []byte, votePubKey []byte) *Vote {
+func NewVote(nonce uint64, selfPubKey keypair.PublicKey, votePubKey keypair.PublicKey) *Vote {
 	pbVote := &iproto.VotePb{
 		Version: version.ProtocolVersion,
 
 		Nonce:      nonce,
-		SelfPubkey: selfPubKey,
-		VotePubkey: votePubKey,
+		SelfPubkey: selfPubKey[:],
+		VotePubkey: votePubKey[:],
 	}
 	return &Vote{pbVote}
 }
 
+// SelfPublicKey returns the self public key of the vote
+func (v *Vote) SelfPublicKey() (keypair.PublicKey, error) {
+	return keypair.BytesToPublicKey(v.SelfPubkey)
+}
+
+// VotePublicKey returns the vote public key of the vote
+func (v *Vote) VotePublicKey() (keypair.PublicKey, error) {
+	return keypair.BytesToPublicKey(v.VotePubkey)
+}
+
 // TotalSize returns the total size of this Vote
 func (v *Vote) TotalSize() uint32 {
 	size := TimestampSizeInBytes
@@ -86,16 +97,24 @@ func (v *Vote) ConvertToVotePb() *iproto.VotePb {
 }
 
 // ToJSON converts Vote to VoteJSON
-func (v *Vote) ToJSON() *explorer.Vote {
+func (v *Vote) ToJSON() (*explorer.Vote, error) {
 	// used by account-based model
+	voterPubKey, err := keypair.BytesToPubKeyString(v.SelfPubkey)
+	if err != nil {
+		return nil, err
+	}
+	voteePubKey, err := keypair.BytesToPubKeyString(v.VotePubkey)
+	if err != nil {
+		return nil, err
+	}
 	vote := &explorer.Vote{
 		Version:     int64(v.Version),
 		Nonce:       int64(v.Nonce),
-		VoterPubKey: hex.EncodeToString(v.SelfPubkey),
-		VoteePubKey: hex.EncodeToString(v.VotePubkey),
+		VoterPubKey: voterPubKey,
+		VoteePubKey: voteePubKey,
 		Signature:   hex.EncodeToString(v.Signature),
 	}
-	return vote
+	return vote, nil
 }
 
 // Serialize returns a serialized byte stream for the Transfer
@@ -114,13 +133,13 @@ func NewVoteFromJSON(jsonVote *explorer.Vote) (*Vote, error) {
 	v.Version = uint32(jsonVote.Version)
 	// used by account-based model
 	v.Nonce = uint64(jsonVote.Nonce)
-	voterPubKey, err := hex.DecodeString(jsonVote.VoterPubKey)
+	voterPubKey, err := keypair.StringToPubKeyBytes(jsonVote.VoterPubKey)
 	if err != nil {
 		logger.Error().Err(err).Msg("Fail to create a new Vote from VoteJSON")
 		return nil, err
 	}
 	v.SelfPubkey = voterPubKey
-	voteePubKey, err := hex.DecodeString(jsonVote.VoteePubKey)
+	voteePubKey, err := keypair.StringToPubKeyBytes(jsonVote.VoteePubKey)
 	if err != nil {
 		logger.Error().Err(err).Msg("Fail to create a new Vote from VoteJSON")
 		return nil, err
@@ -155,7 +174,7 @@ func (v *Vote) Hash() hash.Hash32B {
 // Sign signs the Vote using sender's private key
 func (v *Vote) Sign(sender *iotxaddress.Address) (*Vote, error) {
 	// check the sender is correct
-	if !bytes.Equal(v.SelfPubkey, sender.PublicKey) {
+	if !bytes.Equal(v.SelfPubkey, sender.PublicKey[:]) {
 		return nil, errors.Wrapf(ErrVoteError, "signing pubKey %x does not match with Vote pubKey %x",
 			v.SelfPubkey, sender.PublicKey)
 	}

blockchain/block.go

@@ -20,6 +20,7 @@ import (
 	"github.com/iotexproject/iotex-core/logger"
 	"github.com/iotexproject/iotex-core/pkg/enc"
 	"github.com/iotexproject/iotex-core/pkg/hash"
+	"github.com/iotexproject/iotex-core/pkg/keypair"
 	"github.com/iotexproject/iotex-core/pkg/version"
 	"github.com/iotexproject/iotex-core/proto"
 )
@@ -33,15 +34,15 @@ type Payee struct {
 // BlockHeader defines the struct of block header
 // make sure the variable type and order of this struct is same as "BlockHeaderPb" in blockchain.pb.go
 type BlockHeader struct {
-	version       uint32       // version
-	chainID       uint32       // this chain's ID
-	height        uint64       // block height
-	timestamp     uint64       // timestamp
-	prevBlockHash hash.Hash32B // hash of previous block
-	txRoot        hash.Hash32B // merkle root of all transactions
-	stateRoot     hash.Hash32B // merkle root of all states
-	blockSig      []byte       // block signature
-	Pubkey        []byte       // block miner's public key
+	version       uint32            // version
+	chainID       uint32            // this chain's ID
+	height        uint64            // block height
+	timestamp     uint64            // timestamp
+	prevBlockHash hash.Hash32B      // hash of previous block
+	txRoot        hash.Hash32B      // merkle root of all transactions
+	stateRoot     hash.Hash32B      // merkle root of all states
+	blockSig      []byte            // block signature
+	Pubkey        keypair.PublicKey // block miner's public key
 
 }
 
@@ -98,7 +99,7 @@ func (b *Block) ByteStreamHeader() []byte {
 	stream = append(stream, b.Header.prevBlockHash[:]...)
 	stream = append(stream, b.Header.txRoot[:]...)
 	stream = append(stream, b.Header.stateRoot[:]...)
-	stream = append(stream, b.Header.Pubkey...)
+	stream = append(stream, b.Header.Pubkey[:]...)
 	return stream
 }
 
@@ -168,7 +169,7 @@ func (b *Block) ConvertFromBlockHeaderPb(pbBlock *iproto.BlockPb) {
 	copy(b.Header.txRoot[:], pbBlock.GetHeader().GetTxRoot())
 	copy(b.Header.stateRoot[:], pbBlock.GetHeader().GetStateRoot())
 	b.Header.blockSig = pbBlock.GetHeader().GetSignature()
-	b.Header.Pubkey = pbBlock.GetHeader().GetPubkey()
+	copy(b.Header.Pubkey[:], pbBlock.GetHeader().GetPubkey())
 }
 
 // ConvertFromBlockPb converts BlockPb to Block
@@ -235,8 +236,8 @@ func (b *Block) HashBlock() hash.Hash32B {
 
 // SignBlock allows signer to sign the block b
 func (b *Block) SignBlock(signer *iotxaddress.Address) error {
-	if signer.PrivateKey == nil {
-		return errors.New("The private key is nil")
+	if signer.PrivateKey == keypair.ZeroPrivateKey {
+		return errors.New("The private key is empty")
 	}
 	b.Header.Pubkey = signer.PublicKey
 	blkHash := b.HashBlock()

blockchain/block_test.go

@@ -58,27 +58,27 @@ func TestMerkle(t *testing.T) {
 	require.NotNil(cbtsf4)
 
 	// verify tx hash
-	hash0, _ := hex.DecodeString("38628817384f0c67ea3396529162e8d7cb4491c227c6a8eaaaf8828bc11614fd")
+	hash0, _ := hex.DecodeString("f752082c2c52249ebe0faca08819745b5567cfecdf40ef76b2a3cc73b427874f")
 	actual := cbtsf0.Hash()
 	require.Equal(hash0, actual[:])
 	t.Logf("actual hash = %x", actual[:])
 
-	hash1, _ := hex.DecodeString("ce5dd70b032614bd8e3d82b257b478eb49a4da90d531e7db6cd4eebc98ed149d")
+	hash1, _ := hex.DecodeString("408a62a55eb9eaf6cebe37dd3816e0c9a367281540e8a3254f1b51e441b555d7")
 	actual = cbtsf1.Hash()
 	require.Equal(hash1, actual[:])
 	t.Logf("actual hash = %x", actual[:])
 
-	hash2, _ := hex.DecodeString("164914612e8628e0de69ea4e4184e63d46439ceb46c46fc60a43b636277dc1e9")
+	hash2, _ := hex.DecodeString("5170d22f3d357208849f6e0356cdc04f85c6ff73c9c5720f8e50c616440983d0")
 	actual = cbtsf2.Hash()
 	require.Equal(hash2, actual[:])
 	t.Logf("actual hash = %x", actual[:])
 
-	hash3, _ := hex.DecodeString("73e0a24bb15687ffb98c254f617db7e7d59963f020de38b1a7c284ffde7dc8d5")
+	hash3, _ := hex.DecodeString("8eda19d0e16cbb541f2c6251acd83d3847dd69ed9531b8a9335011cfc5ab26c0")
 	actual = cbtsf3.Hash()
 	require.Equal(hash3, actual[:])
 	t.Logf("actual hash = %x", actual[:])
 
-	hash4, _ := hex.DecodeString("e1c72a310432a0040bedb40ee8ea885fc93258f19687e271a2e2c2fb62723474")
+	hash4, _ := hex.DecodeString("5aa0107cb37e63b1276e889ab8e071cabf5611606560fd5e8d6a3786eec35265")
 	actual = cbtsf4.Hash()
 	require.Equal(hash4, actual[:])
 	t.Logf("actual hash = %x", actual[:])

blockchain/blockchain.go

@@ -20,6 +20,7 @@ import (
 	"github.com/iotexproject/iotex-core/iotxaddress"
 	"github.com/iotexproject/iotex-core/logger"
 	"github.com/iotexproject/iotex-core/pkg/hash"
+	"github.com/iotexproject/iotex-core/pkg/keypair"
 	"github.com/iotexproject/iotex-core/pkg/lifecycle"
 	"github.com/iotexproject/iotex-core/pkg/version"
 	"github.com/iotexproject/iotex-core/state"
@@ -473,7 +474,7 @@ func (bc *blockchain) MintNewBlock(tsf []*action.Transfer, vote []*action.Vote,
 	tsf = append(tsf, action.NewCoinBaseTransfer(big.NewInt(int64(bc.genesis.BlockReward)), producer.RawAddress))
 
 	blk := NewBlock(bc.chainID, bc.tipHeight+1, bc.tipHash, tsf, vote)
-	if producer.PrivateKey == nil {
+	if producer.PrivateKey == keypair.ZeroPrivateKey {
 		logger.Warn().Msg("Unsigned block...")
 		return blk, nil
 	}

blockchain/blockdao.go

@@ -504,13 +504,21 @@ func putVotes(dao *blockDAO, blk *Block, batch db.KVStoreBatch) error {
 	for _, vote := range blk.Votes {
 		voteHash := vote.Hash()
 
-		SenderAddress, err := iotxaddress.GetAddress(vote.SelfPubkey, iotxaddress.IsTestnet, iotxaddress.ChainID)
+		selfPublicKey, err := vote.SelfPublicKey()
+		if err != nil {
+			return err
+		}
+		SenderAddress, err := iotxaddress.GetAddress(selfPublicKey, iotxaddress.IsTestnet, iotxaddress.ChainID)
 		if err != nil {
 			return errors.Wrapf(err, " to get sender address for pubkey %x", vote.SelfPubkey)
 		}
 		Sender := SenderAddress.RawAddress
 
-		RecipientAddress, err := iotxaddress.GetAddress(vote.VotePubkey, iotxaddress.IsTestnet, iotxaddress.ChainID)
+		votePublicKey, err := vote.VotePublicKey()
+		if err != nil {
+			return err
+		}
+		RecipientAddress, err := iotxaddress.GetAddress(votePublicKey, iotxaddress.IsTestnet, iotxaddress.ChainID)
 		if err != nil {
 			return errors.Wrapf(err, " to get recipient address for pubkey %x", vote.VotePubkey)
 		}

blockchain/blockvalidator.go

@@ -123,7 +123,11 @@ func (v *validator) Validate(blk *Block, tipHeight uint64, tipHash hash.Hash32B)
 		for _, vote := range blk.Votes {
 			go func(vote *action.Vote, correctVote *uint64) {
 				defer wg.Done()
-				address, err := iotxaddress.GetAddress(vote.SelfPubkey, iotxaddress.IsTestnet, iotxaddress.ChainID)
+				selfPublicKey, err := vote.SelfPublicKey()
+				if err != nil {
+					return
+				}
+				address, err := iotxaddress.GetAddress(selfPublicKey, iotxaddress.IsTestnet, iotxaddress.ChainID)
 				if err != nil {
 					return
 				}