hotshot_types/

simple_certificate.rs

// Copyright (c) 2021-2024 Espresso Systems (espressosys.com)
// This file is part of the HotShot repository.

// You should have received a copy of the MIT License
// along with the HotShot repository. If not, see <https://mit-license.org/>.

//! Implementations of the simple certificate type.  Used for Quorum, DA, and Timeout Certificates

use std::{
    fmt::{self, Debug, Display, Formatter},
    hash::Hash,
    marker::PhantomData,
};

use alloy::primitives::{FixedBytes, U256};
use committable::{Commitment, Committable};
use hotshot_utils::anytrace::*;
use serde::{Deserialize, Serialize};

use crate::{
    PeerConfig,
    data::{EpochNumber, Leaf2, ViewNumber, serialize_signature2},
    epoch_membership::EpochMembership,
    light_client::{LightClientState, StakeTableState},
    message::UpgradeLock,
    simple_vote::{
        DaData, DaData2, HasEpoch, NextEpochQuorumData2, QuorumData, QuorumData2, QuorumMarker,
        TimeoutData, TimeoutData2, UpgradeProposalData, VersionedVoteData, ViewSyncCommitData,
        ViewSyncCommitData2, ViewSyncFinalizeData, ViewSyncFinalizeData2, ViewSyncPreCommitData,
        ViewSyncPreCommitData2, Voteable,
    },
    stake_table::{HSStakeTable, StakeTableEntries},
    traits::{
        node_implementation::NodeType,
        signature_key::{SignatureKey, StateSignatureKey},
    },
    utils::{is_epoch_root, is_epoch_transition},
    vote::{Certificate, HasViewNumber},
};

/// Trait which allows use to inject different threshold calculations into a Certificate type
pub trait Threshold<TYPES: NodeType> {
    /// Calculate a threshold based on the membership
    fn threshold(membership: &EpochMembership<TYPES>) -> U256;
}

/// Defines a threshold which is 2f + 1 (Amount needed for Quorum)
#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
pub struct SuccessThreshold {}

impl<TYPES: NodeType> Threshold<TYPES> for SuccessThreshold {
    fn threshold(membership: &EpochMembership<TYPES>) -> U256 {
        membership.success_threshold()
    }
}

/// Defines a threshold which is f + 1 (i.e at least one of the stake is honest)
#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
pub struct OneHonestThreshold {}

impl<TYPES: NodeType> Threshold<TYPES> for OneHonestThreshold {
    fn threshold(membership: &EpochMembership<TYPES>) -> U256 {
        membership.failure_threshold()
    }
}

/// Defines a threshold which is 0.9n + 1 (i.e. over 90% of the nodes with stake)
#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
pub struct UpgradeThreshold {}

impl<TYPES: NodeType> Threshold<TYPES> for UpgradeThreshold {
    fn threshold(membership: &EpochMembership<TYPES>) -> U256 {
        membership.upgrade_threshold()
    }
}

/// A certificate which can be created by aggregating many simple votes on the commitment.
#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
pub struct SimpleCertificate<
    TYPES: NodeType,
    VOTEABLE: Voteable<TYPES>,
    THRESHOLD: Threshold<TYPES>,
> {
    /// The data this certificate is for.  I.e the thing that was voted on to create this Certificate
    pub data: VOTEABLE,
    /// commitment of all the votes this cert should be signed over
    vote_commitment: Commitment<VOTEABLE>,
    /// Which view this QC relates to
    pub view_number: ViewNumber,
    /// assembled signature for certificate aggregation
    pub signatures: Option<<TYPES::SignatureKey as SignatureKey>::QcType>,
    /// phantom data for `THRESHOLD` and `TYPES`
    pub _pd: PhantomData<(TYPES, THRESHOLD)>,
}

impl<TYPES: NodeType, VOTEABLE: Voteable<TYPES>, THRESHOLD: Threshold<TYPES>>
    SimpleCertificate<TYPES, VOTEABLE, THRESHOLD>
{
    /// Creates a new instance of `SimpleCertificate`
    pub fn new(
        data: VOTEABLE,
        vote_commitment: Commitment<VOTEABLE>,
        view_number: ViewNumber,
        signatures: Option<<TYPES::SignatureKey as SignatureKey>::QcType>,
        pd: PhantomData<(TYPES, THRESHOLD)>,
    ) -> Self {
        Self {
            data,
            vote_commitment,
            view_number,
            signatures,
            _pd: pd,
        }
    }

    fn signers(
        &self,
        stake_table: &[<TYPES::SignatureKey as SignatureKey>::StakeTableEntry],
        threshold: U256,
    ) -> Result<Vec<<TYPES::SignatureKey as SignatureKey>::VerificationKeyType>> {
        if self.view_number == ViewNumber::genesis() {
            return Ok(vec![]);
        }
        let real_qc_pp =
            <TYPES::SignatureKey as SignatureKey>::public_parameter(stake_table, threshold);

        let Some(ref signatures) = self.signatures else {
            bail!("No signatures found while retrieving signers");
        };

        <TYPES::SignatureKey as SignatureKey>::signers(&real_qc_pp, signatures)
            .wrap()
            .context(|e| warn!("Tracing signers: {e}"))
    }
}

impl<TYPES: NodeType, VOTEABLE: Voteable<TYPES> + Committable, THRESHOLD: Threshold<TYPES>>
    Committable for SimpleCertificate<TYPES, VOTEABLE, THRESHOLD>
{
    fn commit(&self) -> Commitment<Self> {
        let signature_bytes = match self.signatures.as_ref() {
            Some(sigs) => serialize_signature2::<TYPES>(sigs),
            None => vec![],
        };
        committable::RawCommitmentBuilder::new("Certificate")
            .field("data", self.data.commit())
            .field("vote_commitment", self.vote_commitment)
            .field("view number", self.view_number.commit())
            .var_size_field("signatures", &signature_bytes)
            .finalize()
    }
}

impl<TYPES: NodeType, THRESHOLD: Threshold<TYPES>> Certificate<TYPES, DaData>
    for SimpleCertificate<TYPES, DaData, THRESHOLD>
{
    type Voteable = DaData;
    type Threshold = THRESHOLD;

    fn create_signed_certificate(
        vote_commitment: Commitment<VersionedVoteData<TYPES, DaData>>,
        data: Self::Voteable,
        sig: <TYPES::SignatureKey as SignatureKey>::QcType,
        view: ViewNumber,
    ) -> Self {
        let vote_commitment_bytes: [u8; 32] = vote_commitment.into();

        SimpleCertificate {
            data,
            vote_commitment: Commitment::from_raw(vote_commitment_bytes),
            view_number: view,
            signatures: Some(sig),
            _pd: PhantomData,
        }
    }
    fn is_valid_cert(
        &self,
        stake_table: &[<TYPES::SignatureKey as SignatureKey>::StakeTableEntry],
        threshold: U256,
        upgrade_lock: &UpgradeLock<TYPES>,
    ) -> Result<()> {
        if self.view_number == ViewNumber::genesis() {
            return Ok(());
        }
        let real_qc_pp =
            <TYPES::SignatureKey as SignatureKey>::public_parameter(stake_table, threshold);
        let commit = self.data_commitment(upgrade_lock)?;

        let Some(ref signatures) = self.signatures else {
            bail!("No signatures found while validating certificate");
        };

        <TYPES::SignatureKey as SignatureKey>::check(&real_qc_pp, commit.as_ref(), signatures)
            .wrap()
            .context(|e| warn!("Signature check failed: {e}"))
    }
    fn signers(
        &self,
        stake_table: &[<TYPES::SignatureKey as SignatureKey>::StakeTableEntry],
        threshold: U256,
    ) -> Result<Vec<<TYPES::SignatureKey as SignatureKey>::VerificationKeyType>> {
        self.signers(stake_table, threshold)
    }
    /// Proxy's to `Membership.stake`
    fn stake_table_entry(
        membership: &EpochMembership<TYPES>,
        pub_key: &TYPES::SignatureKey,
    ) -> Option<PeerConfig<TYPES>> {
        membership.da_stake(pub_key)
    }

    /// Proxy's to `Membership.da_stake_table`
    fn stake_table(membership: &EpochMembership<TYPES>) -> HSStakeTable<TYPES> {
        membership.da_stake_table().collect()
    }

    /// Proxy's to `Membership.da_total_nodes`
    fn total_nodes(membership: &EpochMembership<TYPES>) -> usize {
        membership.da_total_nodes()
    }

    fn threshold(membership: &EpochMembership<TYPES>) -> U256 {
        membership.da_success_threshold()
    }

    fn data(&self) -> &Self::Voteable {
        &self.data
    }

    fn data_commitment(
        &self,
        upgrade_lock: &UpgradeLock<TYPES>,
    ) -> Result<Commitment<VersionedVoteData<TYPES, DaData>>> {
        Ok(VersionedVoteData::new(self.data.clone(), self.view_number, upgrade_lock)?.commit())
    }
}

impl<TYPES: NodeType, THRESHOLD: Threshold<TYPES>> Certificate<TYPES, DaData2>
    for SimpleCertificate<TYPES, DaData2, THRESHOLD>
{
    type Voteable = DaData2;
    type Threshold = THRESHOLD;

    fn create_signed_certificate(
        vote_commitment: Commitment<VersionedVoteData<TYPES, DaData2>>,
        data: Self::Voteable,
        sig: <TYPES::SignatureKey as SignatureKey>::QcType,
        view: ViewNumber,
    ) -> Self {
        let vote_commitment_bytes: [u8; 32] = vote_commitment.into();

        SimpleCertificate {
            data,
            vote_commitment: Commitment::from_raw(vote_commitment_bytes),
            view_number: view,
            signatures: Some(sig),
            _pd: PhantomData,
        }
    }
    fn is_valid_cert(
        &self,
        stake_table: &[<TYPES::SignatureKey as SignatureKey>::StakeTableEntry],
        threshold: U256,
        upgrade_lock: &UpgradeLock<TYPES>,
    ) -> Result<()> {
        if self.view_number == ViewNumber::genesis() {
            return Ok(());
        }
        let real_qc_pp =
            <TYPES::SignatureKey as SignatureKey>::public_parameter(stake_table, threshold);
        let commit = self.data_commitment(upgrade_lock)?;
        let signatures = self
            .signatures
            .as_ref()
            .ok_or_else(|| warn!("missing signatures"))?;

        <TYPES::SignatureKey as SignatureKey>::check(&real_qc_pp, commit.as_ref(), signatures)
            .wrap()
            .context(|e| warn!("Signature check failed: {e}"))
    }
    fn signers(
        &self,
        stake_table: &[<TYPES::SignatureKey as SignatureKey>::StakeTableEntry],
        threshold: U256,
    ) -> Result<Vec<<TYPES::SignatureKey as SignatureKey>::VerificationKeyType>> {
        self.signers(stake_table, threshold)
    }
    /// Proxy's to `Membership.stake`
    fn stake_table_entry(
        membership: &EpochMembership<TYPES>,
        pub_key: &TYPES::SignatureKey,
    ) -> Option<PeerConfig<TYPES>> {
        membership.da_stake(pub_key)
    }

    /// Proxy's to `Membership.da_stake_table`
    fn stake_table(membership: &EpochMembership<TYPES>) -> HSStakeTable<TYPES> {
        membership.da_stake_table().collect()
    }

    /// Proxy's to `Membership.da_total_nodes`
    fn total_nodes(membership: &EpochMembership<TYPES>) -> usize {
        membership.da_total_nodes()
    }

    fn threshold(membership: &EpochMembership<TYPES>) -> U256 {
        membership.da_success_threshold()
    }

    fn data(&self) -> &Self::Voteable {
        &self.data
    }

    fn data_commitment(
        &self,
        upgrade_lock: &UpgradeLock<TYPES>,
    ) -> Result<Commitment<VersionedVoteData<TYPES, DaData2>>> {
        Ok(VersionedVoteData::new(self.data.clone(), self.view_number, upgrade_lock)?.commit())
    }
}

impl<
    TYPES: NodeType,
    VOTEABLE: Voteable<TYPES> + 'static + QuorumMarker,
    THRESHOLD: Threshold<TYPES>,
> Certificate<TYPES, VOTEABLE> for SimpleCertificate<TYPES, VOTEABLE, THRESHOLD>
{
    type Voteable = VOTEABLE;
    type Threshold = THRESHOLD;

    fn create_signed_certificate(
        vote_commitment: Commitment<VersionedVoteData<TYPES, VOTEABLE>>,
        data: Self::Voteable,
        sig: <TYPES::SignatureKey as SignatureKey>::QcType,
        view: ViewNumber,
    ) -> Self {
        let vote_commitment_bytes: [u8; 32] = vote_commitment.into();

        SimpleCertificate {
            data,
            vote_commitment: Commitment::from_raw(vote_commitment_bytes),
            view_number: view,
            signatures: Some(sig),
            _pd: PhantomData,
        }
    }

    fn is_valid_cert(
        &self,
        stake_table: &[<TYPES::SignatureKey as SignatureKey>::StakeTableEntry],
        threshold: U256,
        upgrade_lock: &UpgradeLock<TYPES>,
    ) -> Result<()> {
        if self.view_number == ViewNumber::genesis() {
            return Ok(());
        }
        let real_qc_pp =
            <TYPES::SignatureKey as SignatureKey>::public_parameter(stake_table, threshold);
        let commit = self.data_commitment(upgrade_lock)?;
        let signatures = self
            .signatures
            .as_ref()
            .ok_or_else(|| warn!("missing signatures"))?;

        <TYPES::SignatureKey as SignatureKey>::check(&real_qc_pp, commit.as_ref(), signatures)
            .wrap()
            .context(|e| warn!("Signature check failed: {e}"))
    }

    fn signers(
        &self,
        stake_table: &[<TYPES::SignatureKey as SignatureKey>::StakeTableEntry],
        threshold: U256,
    ) -> Result<Vec<<TYPES::SignatureKey as SignatureKey>::VerificationKeyType>> {
        self.signers(stake_table, threshold)
    }

    fn threshold(membership: &EpochMembership<TYPES>) -> U256 {
        THRESHOLD::threshold(membership)
    }

    fn stake_table_entry(
        membership: &EpochMembership<TYPES>,
        pub_key: &TYPES::SignatureKey,
    ) -> Option<PeerConfig<TYPES>> {
        membership.stake(pub_key)
    }

    fn stake_table(membership: &EpochMembership<TYPES>) -> HSStakeTable<TYPES> {
        membership.stake_table().collect()
    }

    /// Proxy's to `Membership.total_nodes`
    fn total_nodes(membership: &EpochMembership<TYPES>) -> usize {
        membership.total_nodes()
    }

    fn data(&self) -> &Self::Voteable {
        &self.data
    }
    fn data_commitment(
        &self,
        upgrade_lock: &UpgradeLock<TYPES>,
    ) -> Result<Commitment<VersionedVoteData<TYPES, VOTEABLE>>> {
        Ok(VersionedVoteData::new(self.data.clone(), self.view_number, upgrade_lock)?.commit())
    }
}

impl<TYPES: NodeType, VOTEABLE: Voteable<TYPES> + 'static, THRESHOLD: Threshold<TYPES>>
    HasViewNumber for SimpleCertificate<TYPES, VOTEABLE, THRESHOLD>
{
    fn view_number(&self) -> ViewNumber {
        self.view_number
    }
}

impl<TYPES: NodeType, VOTEABLE: Voteable<TYPES> + HasEpoch + 'static, THRESHOLD: Threshold<TYPES>>
    HasEpoch for SimpleCertificate<TYPES, VOTEABLE, THRESHOLD>
{
    fn epoch(&self) -> Option<EpochNumber> {
        self.data.epoch()
    }
}

impl<TYPES: NodeType> Display for QuorumCertificate<TYPES> {
    fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
        write!(f, "view: {:?}", self.view_number)
    }
}

impl<TYPES: NodeType> UpgradeCertificate<TYPES> {
    /// Determines whether or not a certificate is relevant (i.e. we still have time to reach a
    /// decide)
    ///
    /// # Errors
    /// Returns an error when the certificate is no longer relevant
    pub async fn is_relevant(&self, view_number: ViewNumber) -> Result<()> {
        ensure!(
            self.data.new_version_first_view >= view_number,
            "Upgrade certificate is no longer relevant."
        );

        Ok(())
    }

    /// Validate an upgrade certificate.
    /// # Errors
    /// Returns an error when the upgrade certificate is invalid.
    pub async fn validate(
        upgrade_certificate: &Option<Self>,
        membership: &EpochMembership<TYPES>,
        epoch: Option<EpochNumber>,
        upgrade_lock: &UpgradeLock<TYPES>,
    ) -> Result<()> {
        ensure!(epoch == membership.epoch(), "Epochs don't match!");
        if let Some(cert) = upgrade_certificate {
            let membership_stake_table = membership.stake_table();
            let membership_upgrade_threshold = membership.upgrade_threshold();

            cert.is_valid_cert(
                &StakeTableEntries::from_iter(membership_stake_table).0,
                membership_upgrade_threshold,
                upgrade_lock,
            )
            .context(|e| warn!("Invalid upgrade certificate: {e}"))?;
        }

        Ok(())
    }

    /// Given an upgrade certificate and a view, tests whether the view is in the period
    /// where we are upgrading, which requires that we propose with null blocks.
    pub fn upgrading_in(&self, view: ViewNumber) -> bool {
        view > self.data.old_version_last_view && view < self.data.new_version_first_view
    }
}

impl<TYPES: NodeType> QuorumCertificate<TYPES> {
    /// Convert a `QuorumCertificate` into a `QuorumCertificate2`
    pub fn to_qc2(self) -> QuorumCertificate2<TYPES> {
        let bytes: [u8; 32] = self.data.leaf_commit.into();
        let data = QuorumData2 {
            leaf_commit: Commitment::from_raw(bytes),
            epoch: None,
            block_number: None,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> QuorumCertificate2<TYPES> {
    /// Convert a `QuorumCertificate2` into a `QuorumCertificate`
    pub fn to_qc(self) -> QuorumCertificate<TYPES> {
        let bytes: [u8; 32] = self.data.leaf_commit.into();
        let data = QuorumData {
            leaf_commit: Commitment::from_raw(bytes),
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> DaCertificate<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_dac2(self) -> DaCertificate2<TYPES> {
        let data = DaData2 {
            payload_commit: self.data.payload_commit,
            next_epoch_payload_commit: None,
            epoch: None,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> DaCertificate2<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_dac(self) -> DaCertificate<TYPES> {
        let data = DaData {
            payload_commit: self.data.payload_commit,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> ViewSyncPreCommitCertificate<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_vsc2(self) -> ViewSyncPreCommitCertificate2<TYPES> {
        let data = ViewSyncPreCommitData2 {
            relay: self.data.relay,
            round: self.data.round,
            epoch: None,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> ViewSyncPreCommitCertificate2<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_vsc(self) -> ViewSyncPreCommitCertificate<TYPES> {
        let data = ViewSyncPreCommitData {
            relay: self.data.relay,
            round: self.data.round,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> ViewSyncCommitCertificate<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_vsc2(self) -> ViewSyncCommitCertificate2<TYPES> {
        let data = ViewSyncCommitData2 {
            relay: self.data.relay,
            round: self.data.round,
            epoch: None,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> ViewSyncCommitCertificate2<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_vsc(self) -> ViewSyncCommitCertificate<TYPES> {
        let data = ViewSyncCommitData {
            relay: self.data.relay,
            round: self.data.round,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> ViewSyncFinalizeCertificate<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_vsc2(self) -> ViewSyncFinalizeCertificate2<TYPES> {
        let data = ViewSyncFinalizeData2 {
            relay: self.data.relay,
            round: self.data.round,
            epoch: None,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> ViewSyncFinalizeCertificate2<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_vsc(self) -> ViewSyncFinalizeCertificate<TYPES> {
        let data = ViewSyncFinalizeData {
            relay: self.data.relay,
            round: self.data.round,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> TimeoutCertificate<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_tc2(self) -> TimeoutCertificate2<TYPES> {
        let data = TimeoutData2 {
            view: self.data.view,
            epoch: None,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

impl<TYPES: NodeType> TimeoutCertificate2<TYPES> {
    /// Convert a `DaCertificate` into a `DaCertificate2`
    pub fn to_tc(self) -> TimeoutCertificate<TYPES> {
        let data = TimeoutData {
            view: self.data.view,
        };

        let bytes: [u8; 32] = self.vote_commitment.into();
        let vote_commitment = Commitment::from_raw(bytes);

        SimpleCertificate {
            data,
            vote_commitment,
            view_number: self.view_number,
            signatures: self.signatures.clone(),
            _pd: PhantomData,
        }
    }
}

/// Type alias for a `QuorumCertificate`, which is a `SimpleCertificate` over `QuorumData`
pub type QuorumCertificate<TYPES> = SimpleCertificate<TYPES, QuorumData<TYPES>, SuccessThreshold>;
/// Type alias for a `QuorumCertificate2`, which is a `SimpleCertificate` over `QuorumData2`
pub type QuorumCertificate2<TYPES> = SimpleCertificate<TYPES, QuorumData2<TYPES>, SuccessThreshold>;
/// Type alias for a `QuorumCertificate2`, which is a `SimpleCertificate` over `QuorumData2`
pub type NextEpochQuorumCertificate2<TYPES> =
    SimpleCertificate<TYPES, NextEpochQuorumData2<TYPES>, SuccessThreshold>;
/// Type alias for a `DaCertificate`, which is a `SimpleCertificate` over `DaData`
pub type DaCertificate<TYPES> = SimpleCertificate<TYPES, DaData, SuccessThreshold>;
/// Type alias for a `DaCertificate2`, which is a `SimpleCertificate` over `DaData2`
pub type DaCertificate2<TYPES> = SimpleCertificate<TYPES, DaData2, SuccessThreshold>;
/// Type alias for a Timeout certificate over a view number
pub type TimeoutCertificate<TYPES> = SimpleCertificate<TYPES, TimeoutData, SuccessThreshold>;
/// Type alias for a `TimeoutCertificate2`, which is a `SimpleCertificate` over `TimeoutData2`
pub type TimeoutCertificate2<TYPES> = SimpleCertificate<TYPES, TimeoutData2, SuccessThreshold>;
/// Type alias for a `ViewSyncPreCommit` certificate over a view number
pub type ViewSyncPreCommitCertificate<TYPES> =
    SimpleCertificate<TYPES, ViewSyncPreCommitData, OneHonestThreshold>;
/// Type alias for a `ViewSyncPreCommitCertificate2`, which is a `SimpleCertificate` over `ViewSyncPreCommitData2`
pub type ViewSyncPreCommitCertificate2<TYPES> =
    SimpleCertificate<TYPES, ViewSyncPreCommitData2, OneHonestThreshold>;
/// Type alias for a `ViewSyncCommit` certificate over a view number
pub type ViewSyncCommitCertificate<TYPES> =
    SimpleCertificate<TYPES, ViewSyncCommitData, SuccessThreshold>;
/// Type alias for a `ViewSyncCommitCertificate2`, which is a `SimpleCertificate` over `ViewSyncCommitData2`
pub type ViewSyncCommitCertificate2<TYPES> =
    SimpleCertificate<TYPES, ViewSyncCommitData2, SuccessThreshold>;
/// Type alias for a `ViewSyncFinalize` certificate over a view number
pub type ViewSyncFinalizeCertificate<TYPES> =
    SimpleCertificate<TYPES, ViewSyncFinalizeData, SuccessThreshold>;
/// Type alias for a `ViewSyncFinalizeCertificate2`, which is a `SimpleCertificate` over `ViewSyncFinalizeData2`
pub type ViewSyncFinalizeCertificate2<TYPES> =
    SimpleCertificate<TYPES, ViewSyncFinalizeData2, SuccessThreshold>;
/// Type alias for a `UpgradeCertificate`, which is a `SimpleCertificate` of `UpgradeProposalData`
pub type UpgradeCertificate<TYPES> =
    SimpleCertificate<TYPES, UpgradeProposalData, UpgradeThreshold>;

/// Type for light client state update certificate
#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
pub struct LightClientStateUpdateCertificateV2<TYPES: NodeType> {
    /// The epoch of the light client state
    pub epoch: EpochNumber,
    /// Light client state for epoch transition
    pub light_client_state: LightClientState,
    /// Next epoch stake table state
    pub next_stake_table_state: StakeTableState,
    /// Signatures to the light client state
    #[allow(clippy::type_complexity)]
    pub signatures: Vec<(
        TYPES::StateSignatureKey,
        <TYPES::StateSignatureKey as StateSignatureKey>::StateSignature, // LCV3 signature
        <TYPES::StateSignatureKey as StateSignatureKey>::StateSignature, // LCV2 signature
    )>,
    /// Present in versions >= V4.
    ///
    /// This field stores the Keccak-256 hash of the concatenated Merkle roots.
    /// Currently, it includes only the Espresso reward Merkle tree root.
    pub auth_root: FixedBytes<32>,
}

/// Type for light client state update certificate
#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
pub struct LightClientStateUpdateCertificateV1<TYPES: NodeType> {
    /// The epoch of the light client state
    pub epoch: EpochNumber,
    /// Light client state for epoch transition
    pub light_client_state: LightClientState,
    /// Next epoch stake table state
    pub next_stake_table_state: StakeTableState,
    /// Signatures to the light client state
    pub signatures: Vec<(
        TYPES::StateSignatureKey,
        <TYPES::StateSignatureKey as StateSignatureKey>::StateSignature,
    )>,
}

impl<TYPES: NodeType> From<LightClientStateUpdateCertificateV1<TYPES>>
    for LightClientStateUpdateCertificateV2<TYPES>
{
    fn from(v1: LightClientStateUpdateCertificateV1<TYPES>) -> Self {
        Self {
            epoch: v1.epoch,
            light_client_state: v1.light_client_state,
            next_stake_table_state: v1.next_stake_table_state,
            signatures: v1
                .signatures
                .into_iter()
                .map(|(key, sig)| (key, sig.clone(), sig)) // Cloning the signatures here because we use it only for storage.
                .collect(),
            auth_root: Default::default(),
        }
    }
}

impl<TYPES: NodeType> From<LightClientStateUpdateCertificateV2<TYPES>>
    for LightClientStateUpdateCertificateV1<TYPES>
{
    fn from(v2: LightClientStateUpdateCertificateV2<TYPES>) -> Self {
        Self {
            epoch: v2.epoch,
            light_client_state: v2.light_client_state,
            next_stake_table_state: v2.next_stake_table_state,
            signatures: v2
                .signatures
                .into_iter()
                .map(|(key, _, sig)| (key, sig))
                .collect(),
        }
    }
}

impl<TYPES: NodeType> HasViewNumber for LightClientStateUpdateCertificateV2<TYPES> {
    fn view_number(&self) -> ViewNumber {
        ViewNumber::new(self.light_client_state.view_number)
    }
}

impl<TYPES: NodeType> HasEpoch for LightClientStateUpdateCertificateV2<TYPES> {
    fn epoch(&self) -> Option<EpochNumber> {
        Some(self.epoch)
    }
}

impl<TYPES: NodeType> LightClientStateUpdateCertificateV1<TYPES> {
    pub fn genesis() -> Self {
        Self {
            epoch: EpochNumber::genesis(),
            light_client_state: Default::default(),
            next_stake_table_state: Default::default(),
            signatures: vec![],
        }
    }
}

impl<TYPES: NodeType> LightClientStateUpdateCertificateV2<TYPES> {
    pub fn genesis() -> Self {
        Self {
            epoch: EpochNumber::genesis(),
            light_client_state: Default::default(),
            next_stake_table_state: Default::default(),
            signatures: vec![],
            auth_root: Default::default(),
        }
    }
}

#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
#[serde(bound(deserialize = "QuorumCertificate2<TYPES>:for<'a> Deserialize<'a>"))]
pub struct EpochRootQuorumCertificateV2<TYPES: NodeType> {
    pub qc: QuorumCertificate2<TYPES>,
    pub state_cert: LightClientStateUpdateCertificateV2<TYPES>,
}

impl<TYPES: NodeType> HasViewNumber for EpochRootQuorumCertificateV2<TYPES> {
    fn view_number(&self) -> ViewNumber {
        self.qc.view_number()
    }
}

impl<TYPES: NodeType> HasEpoch for EpochRootQuorumCertificateV2<TYPES> {
    fn epoch(&self) -> Option<EpochNumber> {
        self.qc.epoch()
    }
}

#[derive(Serialize, Deserialize, Eq, Hash, PartialEq, Debug, Clone)]
#[serde(bound(deserialize = "QuorumCertificate2<TYPES>:for<'a> Deserialize<'a>"))]
pub struct EpochRootQuorumCertificateV1<TYPES: NodeType> {
    pub qc: QuorumCertificate2<TYPES>,
    pub state_cert: LightClientStateUpdateCertificateV1<TYPES>,
}

impl<TYPES: NodeType> HasViewNumber for EpochRootQuorumCertificateV1<TYPES> {
    fn view_number(&self) -> ViewNumber {
        self.qc.view_number()
    }
}

impl<TYPES: NodeType> HasEpoch for EpochRootQuorumCertificateV1<TYPES> {
    fn epoch(&self) -> Option<EpochNumber> {
        self.qc.epoch()
    }
}

impl<TYPES: NodeType> From<EpochRootQuorumCertificateV1<TYPES>>
    for EpochRootQuorumCertificateV2<TYPES>
{
    fn from(root_qc: EpochRootQuorumCertificateV1<TYPES>) -> Self {
        Self {
            qc: root_qc.qc,
            state_cert: root_qc.state_cert.into(),
        }
    }
}

impl<TYPES: NodeType> From<EpochRootQuorumCertificateV2<TYPES>>
    for EpochRootQuorumCertificateV1<TYPES>
{
    fn from(root_qc: EpochRootQuorumCertificateV2<TYPES>) -> Self {
        Self {
            qc: root_qc.qc,
            state_cert: root_qc.state_cert.into(),
        }
    }
}

/// A pair of QCs (or a single QC) attesting to a leaf.
///
/// Generally we only need a single QC, but during an epoch transition, we require a pair: one
/// signed by the current membership and one signed by the next epoch's membership. This type
/// encapsulates both.
#[derive(Clone, Debug, Deserialize, Serialize, PartialEq, Eq)]
#[serde(bound = "")]
pub struct CertificatePair<TYPES: NodeType> {
    /// The basic QC.
    qc: QuorumCertificate2<TYPES>,

    /// A QC from the next epoch's membership, if this QC is part of an epoch transition.
    next_epoch_qc: Option<NextEpochQuorumCertificate2<TYPES>>,
}

impl<TYPES: NodeType> CertificatePair<TYPES> {
    /// Create a certificate pair.
    pub fn new(
        qc: QuorumCertificate2<TYPES>,
        next_epoch_qc: Option<NextEpochQuorumCertificate2<TYPES>>,
    ) -> Self {
        Self { qc, next_epoch_qc }
    }

    /// Create a certificate for a non-epoch-transitioning block.
    pub fn non_epoch_change(qc: QuorumCertificate2<TYPES>) -> Self {
        Self::new(qc, None)
    }

    /// Create a certificate for the parent of a leaf, using the justifying QCs in the leaf.
    pub fn for_parent(leaf: &Leaf2<TYPES>) -> Self {
        Self {
            qc: leaf.justify_qc(),
            next_epoch_qc: leaf.next_epoch_justify_qc(),
        }
    }

    /// The raw QC.
    pub fn qc(&self) -> &QuorumCertificate2<TYPES> {
        &self.qc
    }

    /// A raw QC from the subsequent epoch's quorum, if this certificate is part of an epoch change.
    pub fn next_epoch_qc(&self) -> Option<&NextEpochQuorumCertificate2<TYPES>> {
        self.next_epoch_qc.as_ref()
    }

    /// The leaf commitment signed by this certificate.
    pub fn leaf_commit(&self) -> Commitment<Leaf2<TYPES>> {
        self.qc.data.leaf_commit
    }

    /// The epoch number this certificate belongs to.
    ///
    /// [`None`] if this certificate originated before epochs were enabled.
    pub fn epoch(&self) -> Option<EpochNumber> {
        self.qc.data.epoch
    }

    /// The block number attached to this certificate.
    ///
    /// [`None`] if this certificate originated before epochs were enabled.
    pub fn block_number(&self) -> Option<u64> {
        self.qc.data.block_number
    }

    /// Verify that the next epoch QC is present and consistent if required.
    ///
    /// This checks that if required, the next epoch QC is present and is consistent with the
    /// primary QC. It does not check the signature on either QC, only that the data being signed
    /// over is consistent between the two.
    ///
    /// Returns the next epoch QC if it is present and invariants are satisfied. Returns an error if
    /// a required next epoch QC is missing or if it is inconsistent with the primary QC. Returns
    /// [`None`] if a next epoch QC is not required for this certificate.
    pub fn verify_next_epoch_qc(
        &self,
        epoch_height: u64,
    ) -> Result<Option<&NextEpochQuorumCertificate2<TYPES>>> {
        let block_number = self.qc.data.block_number.context(warn!(
            "QC for epoch {:?} has no block number",
            self.qc.data.epoch
        ))?;
        if !is_epoch_transition(block_number, epoch_height) {
            tracing::debug!(
                block_number,
                epoch_height,
                "QC is not in an epoch transition"
            );
            return Ok(None);
        }

        let next_epoch_qc = self.next_epoch_qc.as_ref().context(warn!(
            "Received High QC for the transition block {block_number} but not the next epoch QC"
        ))?;

        // The signature from the next epoch must be over the same data.
        ensure!(self.qc.view_number == next_epoch_qc.view_number);
        ensure!(self.qc.data == *next_epoch_qc.data);

        Ok(Some(next_epoch_qc))
    }
}

impl<TYPES: NodeType> HasViewNumber for CertificatePair<TYPES> {
    fn view_number(&self) -> ViewNumber {
        self.qc.view_number()
    }
}

/// Check that a light client state update certificate corresponds to a given QC:
/// the QC is for an epoch root block, the epochs match, and the view numbers match.
pub fn check_qc_state_cert_correspondence<TYPES: NodeType>(
    qc: &QuorumCertificate2<TYPES>,
    state_cert: &LightClientStateUpdateCertificateV2<TYPES>,
    epoch_height: u64,
) -> bool {
    qc.data
        .block_number
        .is_some_and(|bn| is_epoch_root(bn, epoch_height))
        && Some(state_cert.epoch) == qc.data.epoch()
        && qc.view_number().u64() == state_cert.light_client_state.view_number
}