From 82d8961dc1c66cb7950ba2eddb6b2d5bd54e6176 Mon Sep 17 00:00:00 2001
From: Kevin Heifner <heifnerk@objectcomputing.com>
Date: Wed, 27 Mar 2024 12:13:24 -0500
Subject: [PATCH 1/8] GH-2334 Avoid unused warning

---
 plugins/producer_api_plugin/producer_api_plugin.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/plugins/producer_api_plugin/producer_api_plugin.cpp b/plugins/producer_api_plugin/producer_api_plugin.cpp
index cd59645a0b..1795923457 100644
--- a/plugins/producer_api_plugin/producer_api_plugin.cpp
+++ b/plugins/producer_api_plugin/producer_api_plugin.cpp
@@ -24,6 +24,7 @@ using namespace eosio;
 {std::string("/v1/" #api_name "/" #call_name), \
    api_category::category, \
    [&http, &producer](string&&, string&& body, url_response_callback&& cb) mutable { \
+          (void)&http; (void)&producer; \
           try { \
              INVOKE \
              cb(http_response_code, fc::variant(result)); \

From 0eb578e4219ee67499d7a32ac9a3a28d3253057e Mon Sep 17 00:00:00 2001
From: Kevin Heifner <heifnerk@objectcomputing.com>
Date: Wed, 27 Mar 2024 13:01:15 -0500
Subject: [PATCH 2/8] Avoid unused http variable by accessing it where needed.

---
 plugins/producer_api_plugin/producer_api_plugin.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/plugins/producer_api_plugin/producer_api_plugin.cpp b/plugins/producer_api_plugin/producer_api_plugin.cpp
index 1795923457..6f86fdd3a6 100644
--- a/plugins/producer_api_plugin/producer_api_plugin.cpp
+++ b/plugins/producer_api_plugin/producer_api_plugin.cpp
@@ -23,8 +23,7 @@ using namespace eosio;
 #define CALL_WITH_400(api_name, category, api_handle, call_name, INVOKE, http_response_code) \
 {std::string("/v1/" #api_name "/" #call_name), \
    api_category::category, \
-   [&http, &producer](string&&, string&& body, url_response_callback&& cb) mutable { \
-          (void)&http; (void)&producer; \
+   [&producer](string&&, string&& body, url_response_callback&& cb) mutable { \
           try { \
              INVOKE \
              cb(http_response_code, fc::variant(result)); \
@@ -64,6 +63,7 @@ using namespace eosio;
      auto result = api_handle.call_name(std::move(params));
 
 #define INVOKE_R_R_D(api_handle, call_name, in_param) \
+     auto& http = app().get_plugin<http_plugin>(); \
      const fc::microseconds http_max_response_time = http.get_max_response_time(); \
      auto deadline = http_max_response_time == fc::microseconds::maximum() ? fc::time_point::maximum() \
                                                                            : fc::time_point::now() + http_max_response_time; \
@@ -92,7 +92,6 @@ void producer_api_plugin::plugin_startup() {
    ilog("starting producer_api_plugin");
    // lifetime of plugin is lifetime of application
    auto& producer = app().get_plugin<producer_plugin>();
-   auto& http = app().get_plugin<http_plugin>();
 
    app().get_plugin<http_plugin>().add_api({
        CALL_WITH_400(producer, producer_ro, producer, paused,

From d76bcbace43104093420a642545d178ca498d81b Mon Sep 17 00:00:00 2001
From: Matt Witherspoon <32485495+spoonincode@users.noreply.github.com>
Date: Wed, 27 Mar 2024 16:21:26 -0400
Subject: [PATCH 3/8] bump chainbase submodule with mlock2() workaround

---
 libraries/chainbase | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/chainbase b/libraries/chainbase
index a6eeebd968..8e05fee8b0 160000
--- a/libraries/chainbase
+++ b/libraries/chainbase
@@ -1 +1 @@
-Subproject commit a6eeebd96865f39b0069d27a230512411433f50d
+Subproject commit 8e05fee8b09e21b78784cb235b7f4021bcd919ae

From 4729bf3aa3ded42e396f921cd526d0c6d69b6adc Mon Sep 17 00:00:00 2001
From: Matt Witherspoon <32485495+spoonincode@users.noreply.github.com>
Date: Mon, 25 Mar 2024 21:45:29 -0400
Subject: [PATCH 4/8] add ASAN CI "platform"

---
 .cicd/platforms/asan.Dockerfile | 37 +++++++++++++++++++++++++++++++++
 .github/workflows/build.yaml    |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 .cicd/platforms/asan.Dockerfile

diff --git a/.cicd/platforms/asan.Dockerfile b/.cicd/platforms/asan.Dockerfile
new file mode 100644
index 0000000000..23ac698b14
--- /dev/null
+++ b/.cicd/platforms/asan.Dockerfile
@@ -0,0 +1,37 @@
+# syntax=docker/dockerfile:1
+FROM ubuntu:jammy
+ENV TZ="America/New_York"
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y build-essential      \
+                       cmake                \
+                       git                  \
+                       jq                   \
+                       libcurl4-openssl-dev \
+                       libgmp-dev           \
+                       llvm-11-dev          \
+                       lsb-release          \
+                       ninja-build          \
+                       python3-numpy        \
+                       software-properties-common \
+                       file                 \
+                       wget                 \
+                       zlib1g-dev           \
+                       zstd
+
+RUN yes | bash -c "$(wget -O - https://apt.llvm.org/llvm.sh)" llvm.sh 18
+
+#make sure no confusion on what llvm library leap's cmake should pick up on
+RUN rm -rf /usr/lib/llvm-18/lib/cmake
+
+ENV LEAP_PLATFORM_HAS_EXTRAS_CMAKE=1
+COPY <<-EOF /extras.cmake
+  set(CMAKE_BUILD_TYPE "RelWithDebInfo" CACHE STRING "" FORCE)
+
+  set(CMAKE_C_COMPILER "clang-18" CACHE STRING "")
+  set(CMAKE_CXX_COMPILER "clang++-18" CACHE STRING "")
+  set(CMAKE_C_FLAGS "-fsanitize=address -fno-omit-frame-pointer" CACHE STRING "")
+  set(CMAKE_CXX_FLAGS "-fsanitize=address -fno-omit-frame-pointer" CACHE STRING "")
+EOF
+
+ENV ASAN_OPTIONS=detect_leaks=0
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 81036c04d2..7f42f51044 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -137,6 +137,7 @@ jobs:
           - cfg: {name: 'ubuntu22',      base: 'ubuntu22', builddir: 'ubuntu22'}
           - cfg: {name: 'asserton',      base: 'asserton', builddir: 'asserton'}
           - cfg: {name: 'ubsan',         base: 'ubsan',    builddir: 'ubsan'}
+          - cfg: {name: 'asan',          base: 'asan',     builddir: 'asan'}
           - cfg: {name: 'ubuntu20repro', base: 'ubuntu20', builddir: 'reproducible'}
           - cfg: {name: 'ubuntu22repro', base: 'ubuntu22', builddir: 'reproducible'}
     runs-on: ["self-hosted", "enf-x86-hightier"]

From 23d3315b58c98c7a1eb48c7c48a64c76180c5b6a Mon Sep 17 00:00:00 2001
From: Matt Witherspoon <32485495+spoonincode@users.noreply.github.com>
Date: Wed, 27 Mar 2024 19:57:08 -0400
Subject: [PATCH 5/8] bump chainbase submodule to main HEAD w/ mlock2()
 workaround

---
 libraries/chainbase | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/chainbase b/libraries/chainbase
index 8e05fee8b0..0324e06d0b 160000
--- a/libraries/chainbase
+++ b/libraries/chainbase
@@ -1 +1 @@
-Subproject commit 8e05fee8b09e21b78784cb235b7f4021bcd919ae
+Subproject commit 0324e06d0b8f4e7e09b0d41c7f6a086fd1a7bac7

From 6563ea9c981e184e58c35187f4bd10bb5d1ef91d Mon Sep 17 00:00:00 2001
From: greg7mdp <greg7mdp@gmail.com>
Date: Tue, 2 Apr 2024 16:44:06 -0400
Subject: [PATCH 6/8] Update for new version of bls library with change in
 to/fromBytes params.

---
 benchmark/bls.cpp                      | 22 +++++-----
 libraries/chain/webassembly/crypto.cpp | 59 +++++++++++++-------------
 2 files changed, 41 insertions(+), 40 deletions(-)

diff --git a/benchmark/bls.cpp b/benchmark/bls.cpp
index 4c86e78ba1..b1fcc35e6e 100644
--- a/benchmark/bls.cpp
+++ b/benchmark/bls.cpp
@@ -152,7 +152,7 @@ void benchmark_bls_g1_add() {
    // prepare g1 operand in Jacobian LE format
    g1 p = random_g1();
    std::array<char, 96> op;
-   p.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)op.data(), 96), false);
+   p.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)op.data(), 96), from_mont::yes);
 
    // prepare result operand
    std::array<char, 96> result;
@@ -171,7 +171,7 @@ void benchmark_bls_g2_add() {
    // prepare g2 operand in Jacobian LE format
    g2 p = random_g2();
    std::array<char, 192> op;
-   p.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)op.data(), 192), false);
+   p.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)op.data(), 192), from_mont::yes);
 
    // prepare result operand
    std::array<char, 192> result;
@@ -191,7 +191,7 @@ void benchmark_bls_g1_weighted_sum_impl(const std::string& test_name, uint32_t n
    std::vector<char> g1_buf(96*num_points);
    for (auto i=0u; i < num_points; ++i) {
       g1 p = random_g1();
-      p.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)g1_buf.data() + i * 96, 96), false);
+      p.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)g1_buf.data() + i * 96, 96), from_mont::yes);
    }
    chain::span<const char> g1_points(g1_buf.data(), g1_buf.size());
 
@@ -236,7 +236,7 @@ void benchmark_bls_g2_weighted_sum_impl(const std::string& test_name, uint32_t n
    std::vector<char> g2_buf(192*num_points);
    for (auto i=0u; i < num_points; ++i) {
       g2 p = random_g2();
-      p.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)g2_buf.data() + i * 192, 192), false);
+      p.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)g2_buf.data() + i * 192, 192), from_mont::yes);
    }
    eosio::chain::span<const char> g2_points(g2_buf.data(), g2_buf.size());
 
@@ -281,7 +281,7 @@ void benchmark_bls_pairing_impl(const std::string& test_name, uint32_t num_pairs
    std::vector<char> g1_buf(96*num_pairs);
    for (auto i=0u; i < num_pairs; ++i) {
       g1 p = random_g1();
-      p.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)g1_buf.data() + i * 96, 96), false);
+      p.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)g1_buf.data() + i * 96, 96), from_mont::yes);
    }
    eosio::chain::span<const char> g1_points(g1_buf.data(), g1_buf.size());
 
@@ -289,7 +289,7 @@ void benchmark_bls_pairing_impl(const std::string& test_name, uint32_t num_pairs
    std::vector<char> g2_buf(192*num_pairs);
    for (auto i=0u; i < num_pairs; ++i) {
       g2 p2 = random_g2();
-      p2.toAffineBytesLE(std::span<uint8_t, (192)>((uint8_t*)g2_buf.data() + i * 192, (192)), false);
+      p2.toAffineBytesLE(std::span<uint8_t, (192)>((uint8_t*)g2_buf.data() + i * 192, (192)), from_mont::yes);
    }
    eosio::chain::span<const char> g2_points(g2_buf.data(), g2_buf.size());
 
@@ -320,7 +320,7 @@ void benchmark_bls_g1_map() {
    // prepare e operand. Must be fp LE.
    std::array<char, 48> e;
    fp a = random_fe();
-   a.toBytesLE(std::span<uint8_t, 48>((uint8_t*)e.data(), 48), false);
+   a.toBytesLE(std::span<uint8_t, 48>((uint8_t*)e.data(), 48), from_mont::yes);
 
    // prepare result operand
    std::array<char, 96> result;
@@ -338,7 +338,7 @@ void benchmark_bls_g1_map() {
 void benchmark_bls_g2_map() {
    std::array<char, 96> e;
    fp2 a = random_fe2();
-   a.toBytesLE(std::span<uint8_t, 96>((uint8_t*)e.data(), 96), false);
+   a.toBytesLE(std::span<uint8_t, 96>((uint8_t*)e.data(), 96), from_mont::yes);
 
    // prepare result operand
    std::array<char, 192> result;
@@ -378,12 +378,12 @@ void benchmark_bls_fp_mul() {
    // prepare op1
    std::array<char, 48> op1;
    fp a = random_fe();
-   a.toBytesLE(std::span<uint8_t, 48>((uint8_t*)op1.data(), 48), false);
+   a.toBytesLE(std::span<uint8_t, 48>((uint8_t*)op1.data(), 48), from_mont::yes);
 
    // prepare op2
    std::array<char, 48> op2;
    fp b = random_fe();
-   b.toBytesLE(std::span<uint8_t, 48>((uint8_t*)op2.data(), 48), false);
+   b.toBytesLE(std::span<uint8_t, 48>((uint8_t*)op2.data(), 48), from_mont::yes);
 
    // prepare result operand
    std::array<char, 48> result;
@@ -401,7 +401,7 @@ void benchmark_bls_fp_exp() {
    // prepare base
    std::array<char, 48> base;
    fp a = random_fe();
-   a.toBytesLE(std::span<uint8_t, 48>((uint8_t*)base.data(), 48), false);
+   a.toBytesLE(std::span<uint8_t, 48>((uint8_t*)base.data(), 48), from_mont::yes);
 
    // prepare exp operand
    std::array<char, 64> exp;
diff --git a/libraries/chain/webassembly/crypto.cpp b/libraries/chain/webassembly/crypto.cpp
index 470cc3b28a..4b1fef0028 100644
--- a/libraries/chain/webassembly/crypto.cpp
+++ b/libraries/chain/webassembly/crypto.cpp
@@ -25,9 +25,10 @@ namespace {
 namespace {
    using eosio::chain::span;
    using eosio::chain::webassembly::return_code;
+   using bls12_381::from_mont;
 }
 
-namespace eosio { namespace chain { namespace webassembly {
+namespace eosio::chain::webassembly {
 
    void interface::assert_recover_key( legacy_ptr<const fc::sha256> digest,
                                        legacy_span<const char> sig,
@@ -262,24 +263,24 @@ namespace eosio { namespace chain { namespace webassembly {
    int32_t interface::bls_g1_add(span<const char> op1, span<const char> op2, span<char> result) const {
       if(op1.size() != 96 ||  op2.size() != 96 ||  result.size() != 96)
          return return_code::failure;
-      std::optional<bls12_381::g1> a = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)op1.data(), 96), true, false);
-      std::optional<bls12_381::g1> b = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)op2.data(), 96), true, false);
+      std::optional<bls12_381::g1> a = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)op1.data(), 96), {.check_valid = true, .to_mont = true});
+      std::optional<bls12_381::g1> b = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)op2.data(), 96), {.check_valid = true, .to_mont = true});
       if(!a || !b)
          return return_code::failure;
       bls12_381::g1 c = a->add(*b);
-      c.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), false);
+      c.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), from_mont::yes);
       return return_code::success;
    }
 
    int32_t interface::bls_g2_add(span<const char> op1, span<const char> op2, span<char> result) const {
       if(op1.size() != 192 ||  op2.size() != 192 ||  result.size() != 192)
          return return_code::failure;
-      std::optional<bls12_381::g2> a = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)op1.data(), 192), true, false);
-      std::optional<bls12_381::g2> b = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)op2.data(), 192), true, false);
+      std::optional<bls12_381::g2> a = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)op1.data(), 192), {.check_valid = true, .to_mont = true});
+      std::optional<bls12_381::g2> b = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)op2.data(), 192), {.check_valid = true, .to_mont = true});
       if(!a || !b)
          return return_code::failure;
       bls12_381::g2 c = a->add(*b);
-      c.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), false);
+      c.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), from_mont::yes);
       return return_code::success;
    }
 
@@ -289,12 +290,12 @@ namespace eosio { namespace chain { namespace webassembly {
 
       // Use much efficient scale for the special case of n == 1.
       if (1 == n) {
-         std::optional<bls12_381::g1> a = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)points.data(), 96), true, false);
+         std::optional<bls12_381::g1> a = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)points.data(), 96), {.check_valid = true, .to_mont = true});
          if(!a)
             return return_code::failure;
          std::array<uint64_t, 4> b = bls12_381::scalar::fromBytesLE<4>(std::span<uint8_t, 32>((uint8_t*)scalars.data(), 32));
          bls12_381::g1 c = a->scale(b);
-         c.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), false);
+         c.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), from_mont::yes);
          return return_code::success;
       }
 
@@ -304,7 +305,7 @@ namespace eosio { namespace chain { namespace webassembly {
       sv.reserve(n);
       for(uint32_t i = 0; i < n; i++)
       {
-         std::optional<bls12_381::g1> p = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)points.data() + i*96, 96), true, false);
+         std::optional<bls12_381::g1> p = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)points.data() + i*96, 96), {.check_valid = true, .to_mont = true});
          if(!p.has_value())
             return return_code::failure;
          std::array<uint64_t, 4> s = bls12_381::scalar::fromBytesLE<4>(std::span<const uint8_t, 32>((const uint8_t*)scalars.data() + i*32, 32));
@@ -314,7 +315,7 @@ namespace eosio { namespace chain { namespace webassembly {
             context.trx_context.checktime();
       }
       bls12_381::g1 r = bls12_381::g1::weightedSum(pv, sv, [this](){ context.trx_context.checktime();}); // accessing value is safe
-      r.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), false);
+      r.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), from_mont::yes);
       return return_code::success;
    }
 
@@ -324,12 +325,12 @@ namespace eosio { namespace chain { namespace webassembly {
 
       // Use much efficient scale for the special case of n == 1.
       if (1 == n) {
-         std::optional<bls12_381::g2> a = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)points.data(), 192), true, false);
+         std::optional<bls12_381::g2> a = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)points.data(), 192), {.check_valid = true, .to_mont = true});
          if(!a)
             return return_code::failure;
          std::array<uint64_t, 4> b = bls12_381::scalar::fromBytesLE<4>(std::span<uint8_t, 32>((uint8_t*)scalars.data(), 32));
          bls12_381::g2 c = a->scale(b);
-         c.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), false);
+         c.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), from_mont::yes);
          return return_code::success;
       }
 
@@ -339,7 +340,7 @@ namespace eosio { namespace chain { namespace webassembly {
       sv.reserve(n);
       for(uint32_t i = 0; i < n; i++)
       {
-         std::optional<bls12_381::g2> p = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)points.data() + i*192, 192), true, false);
+         std::optional<bls12_381::g2> p = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)points.data() + i*192, 192), {.check_valid = true, .to_mont = true});
          if(!p)
             return return_code::failure;
          std::array<uint64_t, 4> s = bls12_381::scalar::fromBytesLE<4>(std::span<const uint8_t, 32>((const uint8_t*)scalars.data() + i*32, 32));
@@ -349,7 +350,7 @@ namespace eosio { namespace chain { namespace webassembly {
             context.trx_context.checktime();
       }
       bls12_381::g2 r = bls12_381::g2::weightedSum(pv, sv, [this](){ context.trx_context.checktime();}); // accessing value is safe
-      r.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), false);
+      r.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), from_mont::yes);
       return return_code::success;
    }
 
@@ -360,8 +361,8 @@ namespace eosio { namespace chain { namespace webassembly {
       v.reserve(n);
       for(uint32_t i = 0; i < n; i++)
       {
-         std::optional<bls12_381::g1> p_g1 = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)g1_points.data() + i*96, 96), true, false);
-         std::optional<bls12_381::g2> p_g2 = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)g2_points.data() + i*192, 192), true, false);
+         std::optional<bls12_381::g1> p_g1 = bls12_381::g1::fromAffineBytesLE(std::span<const uint8_t, 96>((const uint8_t*)g1_points.data() + i*96, 96), {.check_valid = true, .to_mont = true});
+         std::optional<bls12_381::g2> p_g2 = bls12_381::g2::fromAffineBytesLE(std::span<const uint8_t, 192>((const uint8_t*)g2_points.data() + i*192, 192), {.check_valid = true, .to_mont = true});
          if(!p_g1 || !p_g2)
             return return_code::failure;
          bls12_381::pairing::add_pair(v, *p_g1, *p_g2);
@@ -369,29 +370,29 @@ namespace eosio { namespace chain { namespace webassembly {
             context.trx_context.checktime();
       }
       bls12_381::fp12 r = bls12_381::pairing::calculate(v, [this](){ context.trx_context.checktime();});
-      r.toBytesLE(std::span<uint8_t, 576>((uint8_t*)result.data(), 576), false);
+      r.toBytesLE(std::span<uint8_t, 576>((uint8_t*)result.data(), 576), from_mont::yes);
       return return_code::success;
    }
 
    int32_t interface::bls_g1_map(span<const char> e, span<char> result) const {
       if(e.size() != 48 ||  result.size() != 96)
          return return_code::failure;
-      std::optional<bls12_381::fp> a = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)e.data(), 48), true, false);
+      std::optional<bls12_381::fp> a = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)e.data(), 48), {.check_valid = true, .to_mont = true});
       if(!a)
          return return_code::failure;
       bls12_381::g1 c = bls12_381::g1::mapToCurve(*a);
-      c.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), false);
+      c.toAffineBytesLE(std::span<uint8_t, 96>((uint8_t*)result.data(), 96), from_mont::yes);
       return return_code::success;
    }
 
    int32_t interface::bls_g2_map(span<const char> e, span<char> result) const {
       if(e.size() != 96 ||  result.size() != 192)
          return return_code::failure;
-      std::optional<bls12_381::fp2> a = bls12_381::fp2::fromBytesLE(std::span<const uint8_t, 96>((const uint8_t*)e.data(), 96), true, false);
+      std::optional<bls12_381::fp2> a = bls12_381::fp2::fromBytesLE(std::span<const uint8_t, 96>((const uint8_t*)e.data(), 96), {.check_valid = true, .to_mont = true});
       if(!a)
          return return_code::failure;
       bls12_381::g2 c = bls12_381::g2::mapToCurve(*a);
-      c.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), false);
+      c.toAffineBytesLE(std::span<uint8_t, 192>((uint8_t*)result.data(), 192), from_mont::yes);
       return return_code::success;
    }
 
@@ -401,19 +402,19 @@ namespace eosio { namespace chain { namespace webassembly {
          return return_code::failure;  
       std::array<uint64_t, 8> k = bls12_381::scalar::fromBytesLE<8>(std::span<const uint8_t, 64>((const uint8_t*)s.data(), 64));
       bls12_381::fp e = bls12_381::fp::modPrime<8>(k);
-      e.toBytesLE(std::span<uint8_t, 48>((uint8_t*)result.data(), 48), false);
+      e.toBytesLE(std::span<uint8_t, 48>((uint8_t*)result.data(), 48), from_mont::yes);
       return return_code::success;
    }
 
    int32_t interface::bls_fp_mul(span<const char> op1, span<const char> op2, span<char> result) const {
       if(op1.size() != 48 || op2.size() != 48 || result.size() != 48)
          return return_code::failure;
-      std::optional<bls12_381::fp> a = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)op1.data(), 48), true, false);
-      std::optional<bls12_381::fp> b = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)op2.data(), 48), true, false);
+      std::optional<bls12_381::fp> a = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)op1.data(), 48), {.check_valid = true, .to_mont = true});
+      std::optional<bls12_381::fp> b = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)op2.data(), 48), {.check_valid = true, .to_mont = true});
       if(!a || !b)
          return return_code::failure;
       bls12_381::fp c = a->multiply(*b);
-      c.toBytesLE(std::span<uint8_t, 48>((uint8_t*)result.data(), 48), false);
+      c.toBytesLE(std::span<uint8_t, 48>((uint8_t*)result.data(), 48), from_mont::yes);
       return return_code::success;
    }
 
@@ -421,13 +422,13 @@ namespace eosio { namespace chain { namespace webassembly {
       // exp is scalar.
       if(base.size() != 48 || exp.size() != 64 || result.size() != 48)
          return return_code::failure;
-      std::optional<bls12_381::fp> a = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)base.data(), 48), true, false);
+      std::optional<bls12_381::fp> a = bls12_381::fp::fromBytesLE(std::span<const uint8_t, 48>((const uint8_t*)base.data(), 48), {.check_valid = true, .to_mont = true});
       if(!a)
          return return_code::failure;
       std::array<uint64_t, 8> b = bls12_381::scalar::fromBytesLE<8>(std::span<const uint8_t, 64>((const uint8_t*)exp.data(), 64));
       bls12_381::fp c = a->exp<8>(b);
-      c.toBytesLE(std::span<uint8_t, 48>((uint8_t*)result.data(), 48), false);
+      c.toBytesLE(std::span<uint8_t, 48>((uint8_t*)result.data(), 48), from_mont::yes);
       return return_code::success;
    }
 
-}}} // ns eosio::chain::webassembly
+} // ns eosio::chain::webassembly

From 3a3fe8c050c6575869253d500848eb75456ad543 Mon Sep 17 00:00:00 2001
From: greg7mdp <greg7mdp@gmail.com>
Date: Tue, 2 Apr 2024 20:39:48 -0400
Subject: [PATCH 7/8] Update to latest bls12 commit.

---
 libraries/libfc/libraries/bls12-381 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/libfc/libraries/bls12-381 b/libraries/libfc/libraries/bls12-381
index 397cfe1bb3..382cb5f57b 160000
--- a/libraries/libfc/libraries/bls12-381
+++ b/libraries/libfc/libraries/bls12-381
@@ -1 +1 @@
-Subproject commit 397cfe1bb3b8d109d26944ee083a79579c7b34a0
+Subproject commit 382cb5f57bcc32c45a3dacceed8afe219d239133

From ccc79c5e862bcb7b5eaa9c688644901edae20769 Mon Sep 17 00:00:00 2001
From: greg7mdp <greg7mdp@gmail.com>
Date: Wed, 3 Apr 2024 10:26:40 -0400
Subject: [PATCH 8/8] Additional changes to support bls12 API change.

---
 libraries/libfc/include/fc/crypto/bls_signature.hpp | 10 ++++++----
 libraries/libfc/src/crypto/bls_private_key.cpp      | 11 +++++------
 libraries/libfc/src/crypto/bls_public_key.cpp       |  5 ++---
 libraries/libfc/src/crypto/bls_signature.cpp        |  7 ++-----
 unittests/finality_test_cluster.cpp                 |  4 ++--
 5 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/libraries/libfc/include/fc/crypto/bls_signature.hpp b/libraries/libfc/include/fc/crypto/bls_signature.hpp
index f536556a4b..d8c2191d4e 100644
--- a/libraries/libfc/include/fc/crypto/bls_signature.hpp
+++ b/libraries/libfc/include/fc/crypto/bls_signature.hpp
@@ -106,9 +106,10 @@ namespace fc::crypto::blslib {
 
       template<typename T>
       friend T& operator<<(T& ds, const bls_aggregate_signature& sig) {
-         constexpr bool raw = false;
-         std::array<uint8_t, 192> affine_non_montgomery_le = sig._jacobian_montgomery_le.toAffineBytesLE(raw);
-         // Serialization as variable length array when it is stored as a fixed length array. This makes for easier deserialization by external tools
+         std::array<uint8_t, 192> affine_non_montgomery_le =
+            sig._jacobian_montgomery_le.toAffineBytesLE(bls12_381::from_mont::yes);
+         // Serialization as variable length array when it is stored as a fixed length array.
+         // This makes for easier deserialization by external tools
          fc::raw::pack(ds, fc::unsigned_int(static_cast<uint32_t>(sizeof(affine_non_montgomery_le))));
          ds.write(reinterpret_cast<const char*>(affine_non_montgomery_le.data()), sizeof(affine_non_montgomery_le));
          return ds;
@@ -117,7 +118,8 @@ namespace fc::crypto::blslib {
       // Could use FC_REFLECT, but to make it obvious serialization matches bls_signature implement via operator
       template<typename T>
       friend T& operator>>(T& ds, bls_aggregate_signature& sig) {
-         // Serialization as variable length array when it is stored as a fixed length array. This makes for easier deserialization by external tools
+         // Serialization as variable length array when it is stored as a fixed length array.
+         // This makes for easier deserialization by external tools
          fc::unsigned_int size;
          fc::raw::unpack( ds, size );
          std::array<uint8_t, 192> affine_non_montgomery_le;
diff --git a/libraries/libfc/src/crypto/bls_private_key.cpp b/libraries/libfc/src/crypto/bls_private_key.cpp
index d68f0c02ab..d6de273111 100644
--- a/libraries/libfc/src/crypto/bls_private_key.cpp
+++ b/libraries/libfc/src/crypto/bls_private_key.cpp
@@ -7,25 +7,24 @@
 
 namespace fc::crypto::blslib {
 
+   using from_mont = bls12_381::from_mont;
+
    bls_public_key bls_private_key::get_public_key() const
    {
       bls12_381::g1 pk = bls12_381::public_key(_sk);
-      constexpr bool raw = false;
-      return bls_public_key(pk.toAffineBytesLE(raw));
+      return bls_public_key(pk.toAffineBytesLE(from_mont::yes));
    }
 
    bls_signature bls_private_key::proof_of_possession() const
    {
       bls12_381::g2 proof = bls12_381::pop_prove(_sk);
-      constexpr bool raw = false;
-      return bls_signature(proof.toAffineBytesLE(raw));
+      return bls_signature(proof.toAffineBytesLE(from_mont::yes));
    }
 
    bls_signature bls_private_key::sign( std::span<const uint8_t> message ) const
    {
       bls12_381::g2 sig = bls12_381::sign(_sk, message);
-      constexpr bool raw = false;
-      return bls_signature(sig.toAffineBytesLE(raw));
+      return bls_signature(sig.toAffineBytesLE(from_mont::yes));
    }
 
    bls_private_key bls_private_key::generate() {
diff --git a/libraries/libfc/src/crypto/bls_public_key.cpp b/libraries/libfc/src/crypto/bls_public_key.cpp
index c85219b29b..107402db56 100644
--- a/libraries/libfc/src/crypto/bls_public_key.cpp
+++ b/libraries/libfc/src/crypto/bls_public_key.cpp
@@ -13,9 +13,8 @@ namespace fc::crypto::blslib {
    }
 
    bls12_381::g1 bls_public_key::from_affine_bytes_le(const std::array<uint8_t, 96>& affine_non_montgomery_le) {
-      constexpr bool check = true; // check if base64urlstr is invalid
-      constexpr bool raw = false;  // non-montgomery
-      std::optional<bls12_381::g1> g1 = bls12_381::g1::fromAffineBytesLE(affine_non_montgomery_le, check, raw);
+      std::optional<bls12_381::g1> g1 =
+         bls12_381::g1::fromAffineBytesLE(affine_non_montgomery_le, {.check_valid = true, .to_mont = true});
       FC_ASSERT(g1);
       return *g1;
    }
diff --git a/libraries/libfc/src/crypto/bls_signature.cpp b/libraries/libfc/src/crypto/bls_signature.cpp
index 873201873d..f580dca2e0 100644
--- a/libraries/libfc/src/crypto/bls_signature.cpp
+++ b/libraries/libfc/src/crypto/bls_signature.cpp
@@ -6,9 +6,7 @@
 namespace fc::crypto::blslib {
 
    bls12_381::g2 bls_signature::to_jacobian_montgomery_le(const std::array<uint8_t, 192>& affine_non_montgomery_le) {
-      constexpr bool check = true;  // verify
-      constexpr bool raw   = false; // to montgomery
-      auto           g2    = bls12_381::g2::fromAffineBytesLE(affine_non_montgomery_le, check, raw);
+      auto g2 = bls12_381::g2::fromAffineBytesLE(affine_non_montgomery_le, {.check_valid = true, .to_mont = true});
       FC_ASSERT(g2, "Invalid bls_signature");
       return *g2;
    }
@@ -48,8 +46,7 @@ namespace fc::crypto::blslib {
    }
 
    std::string bls_aggregate_signature::to_string() const {
-      constexpr bool raw = false;
-      std::array<uint8_t, 192> affine_non_montgomery_le = _jacobian_montgomery_le.toAffineBytesLE(raw);
+      std::array<uint8_t, 192> affine_non_montgomery_le = _jacobian_montgomery_le.toAffineBytesLE(bls12_381::from_mont::yes);
       std::string data_str = fc::crypto::blslib::serialize_base64url<std::array<uint8_t, 192>>(affine_non_montgomery_le);
       return config::bls_signature_prefix + data_str;
    }
diff --git a/unittests/finality_test_cluster.cpp b/unittests/finality_test_cluster.cpp
index 8f7f3de165..0ea13c13ed 100644
--- a/unittests/finality_test_cluster.cpp
+++ b/unittests/finality_test_cluster.cpp
@@ -118,7 +118,7 @@ void finality_test_cluster::node1_corrupt_vote_finalizer_key() {
    // corrupt the finalizer_key (manipulate so it is different)
    auto g1 = node1.votes[0].finalizer_key.jacobian_montgomery_le();
    g1 = bls12_381::aggregate_public_keys(std::array{g1, g1});
-   auto affine = g1.toAffineBytesLE(false);
+   auto affine = g1.toAffineBytesLE(bls12_381::from_mont::yes);
    node1.votes[0].finalizer_key = fc::crypto::blslib::bls_public_key(affine);
 }
 
@@ -128,7 +128,7 @@ void finality_test_cluster::node1_corrupt_vote_signature() {
    // corrupt the signature
    auto g2 = node1.votes[0].sig.jacobian_montgomery_le();
    g2 = bls12_381::aggregate_signatures(std::array{g2, g2});
-   auto affine = g2.toAffineBytesLE(false);
+   auto affine = g2.toAffineBytesLE(bls12_381::from_mont::yes);
    node1.votes[0].sig = fc::crypto::blslib::bls_signature(affine);
 }