feat(core): port core/eth2signeddata#501
Open
varex83agent wants to merge 2 commits into
Open
Conversation
Add the Eth2SignedData layer over the existing signed-data types: the signing DomainName and signing Epoch for each beacon-chain signed payload, plus verify_eth2_signed_data which resolves the upstream domain and runs BLS verification. Wires sigagg's new_verifier to it, replacing the no-op placeholder. Ports charon/core/eth2signeddata.go (v1.7.1). Co-Authored-By: Bohdan Ohorodnii <35969035+varex83@users.noreply.github.com>
iamquang95
approved these changes
Jun 26, 2026
varex83agent
added a commit
that referenced
this pull request
Jun 26, 2026
- eth2signeddata: check cheap message_root/signature before the (potentially client-bound) epoch lookup in verify_eth2_signed_data - eth2signeddata: add verification tests for the non-versioned Attestation and SignedAggregateAndProof payloads - sigagg: SigAggError::PubkeyFromCore now carries the inner conversion error instead of discarding it - sigagg: SigAggError::VerificationFailed uses #[from] for Eth2SignedDataError - types: drop stale "todo: add Eth2SignedData type" comment Co-Authored-By: Bohdan Ohorodnii <varex83@nethermind.io> Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- eth2signeddata: check cheap message_root/signature before the (potentially client-bound) epoch lookup in verify_eth2_signed_data - eth2signeddata: add verification tests for the non-versioned Attestation and SignedAggregateAndProof payloads - sigagg: SigAggError::PubkeyFromCore now carries the inner conversion error instead of discarding it - sigagg: SigAggError::VerificationFailed uses #[from] for Eth2SignedDataError - types: drop stale "todo: add Eth2SignedData type" comment Co-Authored-By: Bohdan Ohorodnii <varex83@nethermind.io>
varex83agent
force-pushed
the
bohdan/port-eth2signeddata
branch
from
2df0f55 to
b8a2dc3
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Ports
core/eth2signeddatafrom Charon (charon/core/eth2signeddata.go, v1.7.1), closing #438.The signed-data types already existed in
crates/core/src/signeddata.rs(theSignedDatatrait:signature/set_signature/message_root). What was missing is the eth2 verification layer — the per-type signing domain and signing epoch, and the function that ties them to upstream domain resolution + BLS verification. Thecore::typesTODO and thesigagg::new_verifierno-op both pointed at this gap.What's added
New module
crates/core/src/eth2signeddata.rs:trait Eth2SignedData: SignedData— addsdomain_name()and asyncepoch(client).verify_eth2_signed_data(client, data, pubkey)— mirrors Go'sVerifyEth2SignedData: resolve epoch →message_root()→signing::verify(domain, epoch, root, sig, pubkey).Eth2SignedDataimpls for all 12 payloads, matching the Go domain/epoch mapping exactly (proposer, attester, voluntary-exit, application-builder@epoch-0, randao, selection-proof, aggregate-and-proof, sync-committee, contribution-and-proof, sync-committee-selection-proof — versioned and non-versioned variants).as_eth2_signed_data(&dyn SignedData) -> Option<&dyn Eth2SignedData>— the Rust equivalent of Go'sdata.(core.Eth2SignedData)type assertion.Supporting changes:
sigagg::new_verifiernow takesArc<EthBeaconNodeApiClient>and verifies viaverify_eth2_signed_data(was a no-op placeholder; no production callers yet). NewSigAggErrorvariants mirror Go'sNewVerifiererror paths (invalid eth2 signed data,pubkey from core,aggregate signature verification failed).versioned::SignedProposalBlock::slot()helper (mirrors the existinggraffiti()/signature()), needed for the proposal's signing epoch.Tests
TestVerifyEth2SignedDatais translated directly: for each of the 10 payload types the Go table exercises, load the existing golden JSON fixture, resolve epoch + message root against aBeaconMock, BLS-sign the signing-domain data root, inject the signature, and assert verification succeeds. Plus wrong-pubkey / zero-signature rejection, theas_eth2_signed_dataview, and a sigagg test thatnew_verifierrejects non-eth2 data.Gates
cargo +nightly fmt --all --check✅cargo clippy -p pluto-core -p pluto-eth2api --all-targets --all-features -- -D warnings✅cargo test -p pluto-core(559) /cargo test -p pluto-eth2api(114) ✅Closes #438