Alphanet: remove the secret bootstrap keys

src/client/client_keys.ml

@@ -18,26 +18,18 @@ module Public_key_hash = Client_aliases.Alias (struct
   end)
 
 module Public_key = Client_aliases.Alias (struct
-    type t = Ed25519.public_key
+    type t = Ed25519.Public_key.t
-    let encoding = Ed25519.public_key_encoding
+    let encoding = Ed25519.Public_key.encoding
-    let of_source _ s =
+    let of_source _ s = Lwt.return (Ed25519.Public_key.of_b58check s)
-      Lwt.return (Sodium.Sign.Bytes.to_public_key
+    let to_source _ p = Lwt.return (Ed25519.Public_key.to_b58check p)
-                (Bytes.of_string B64.(decode ~alphabet:uri_safe_alphabet s)))
-    let to_source _ p =
-      Lwt.return B64.(encode ~alphabet:uri_safe_alphabet
-                    (Bytes.to_string (Sodium.Sign.Bytes.of_public_key p)))
     let name = "public key"
   end)
 
 module Secret_key = Client_aliases.Alias (struct
-    type t = Ed25519.secret_key
+    type t = Ed25519.Secret_key.t
-    let encoding = Ed25519.secret_key_encoding
+    let encoding = Ed25519.Secret_key.encoding
-    let of_source _ s =
+    let of_source _ s = Lwt.return (Ed25519.Secret_key.of_b58check s)
-      Lwt.return (Sodium.Sign.Bytes.to_secret_key
+    let to_source _ p = Lwt.return (Ed25519.Secret_key.to_b58check p)
-                (Bytes.of_string B64.(decode ~alphabet:uri_safe_alphabet s)))
-    let to_source _ p =
-      Lwt.return B64.(encode ~alphabet:uri_safe_alphabet
-                    (Bytes.to_string (Sodium.Sign.Bytes.of_secret_key p)))
     let name = "secret key"
   end)
 
@@ -45,13 +37,13 @@ let gen_keys cctxt name =
   let secret_key, public_key = Sodium.Sign.random_keypair () in
   Secret_key.add cctxt name secret_key >>= fun () ->
   Public_key.add cctxt name public_key >>= fun () ->
-  Public_key_hash.add cctxt name (Ed25519.hash public_key) >>= fun () ->
+  Public_key_hash.add cctxt name (Ed25519.Public_key.hash public_key) >>= fun () ->
   cctxt.message "I generated a brand new pair of keys under the name '%s'." name
 
 let check_keys_consistency pk sk =
   let message = MBytes.of_string "Voulez-vous coucher avec moi, ce soir ?" in
   let signature = Ed25519.sign sk message in
-  Ed25519.check_signature pk signature message
+  Ed25519.Signature.check pk signature message
 
 let get_key cctxt pkh =
   Public_key_hash.rev_find cctxt pkh >>= function
@@ -97,7 +89,7 @@ let commands () =
        @@ Public_key.source_param
        @@ stop)
       (fun name key cctxt ->
-         Public_key_hash.add cctxt name (Ed25519.hash key) >>= fun () ->
+         Public_key_hash.add cctxt name (Ed25519.Public_key.hash key) >>= fun () ->
          Public_key.add cctxt name key) ;
     command ~group ~desc: "add an ID a public key hash to the wallet"
       (prefixes [ "add" ; "identity" ]

src/client/client_keys.mli

@@ -11,8 +11,8 @@ module Ed25519 = Environment.Ed25519
 
 module Public_key_hash :
   Client_aliases.Alias with type t = Ed25519.Public_key_hash.t
-module Public_key : Client_aliases.Alias with type t = Ed25519.public_key
+module Public_key : Client_aliases.Alias with type t = Ed25519.Public_key.t
-module Secret_key : Client_aliases.Alias with type t = Ed25519.secret_key
+module Secret_key : Client_aliases.Alias with type t = Ed25519.Secret_key.t
 
 val get_key:
   Client_commands.context ->

src/client/embedded/alpha/baker/client_mining_endorsement.ml

@@ -127,7 +127,7 @@ let inject_endorsement cctxt
     ~block:block_hash
     ~slot:slot
     () >>=? fun bytes ->
-  let signed_bytes = Ed25519.append_signature src_sk bytes in
+  let signed_bytes = Ed25519.Signature.append src_sk bytes in
   Client_node_rpcs.inject_operation
     cctxt ?force ?wait signed_bytes >>=? fun oph ->
   State.record_endorsement cctxt level block_hash slot oph >>=? fun () ->
@@ -151,7 +151,7 @@ let check_endorsement cctxt level slot =
 let forge_endorsement cctxt
     block ?(force = false)
     ~src_sk ?slot ?max_priority src_pk =
-  let src_pkh = Ed25519.hash src_pk in
+  let src_pkh = Ed25519.Public_key.hash src_pk in
   Client_proto_rpcs.Context.next_level cctxt block >>=? fun level ->
   let level = Raw_level.succ @@ level.level in
   begin

src/client/embedded/alpha/baker/client_mining_forge.ml

@@ -29,7 +29,7 @@ let rec compute_stamp
       Tezos_context.Block.forge_header
         shell { mining_slot ; seed_nonce_hash ; proof_of_work_nonce } in
     let signed_header =
-      Ed25519.append_signature delegate_sk unsigned_header in
+      Ed25519.Signature.append delegate_sk unsigned_header in
     let block_hash = Block_hash.hash_bytes [signed_header] in
     if Mining.check_hash block_hash stamp_threshold then
       proof_of_work_nonce
@@ -63,7 +63,7 @@ let inject_block cctxt block
     ~seed_nonce_hash
     ~proof_of_work_nonce
     () >>=? fun unsigned_header ->
-  let signed_header = Ed25519.append_signature src_sk unsigned_header in
+  let signed_header = Ed25519.Signature.append src_sk unsigned_header in
   Client_node_rpcs.inject_block cctxt
     ~wait:true ?force signed_header >>=? fun block_hash ->
   return block_hash

src/client/embedded/alpha/baker/client_mining_operations.ml

@@ -54,7 +54,7 @@ let filter_valid_endorsement cctxt { hash; content } =
   | Some (_, Sourced_operations (Manager_operations _ )) ->
       Lwt.return_none
   | Some ({net_id}, Sourced_operations (Delegate_operations { source ; operations })) ->
-      let source = Ed25519.hash source in
+      let source = Ed25519.Public_key.hash source in
       let endorsements =
         Utils.unopt_list @@ List.map
           (function

src/client/embedded/alpha/client_proto_context.ml

@@ -162,23 +162,6 @@ let commands () =
       (fun cctxt ->
          list_contracts cctxt (block ()) >>= fun res ->
          Client_proto_rpcs.handle_error cctxt res) ;
-    command ~group ~desc: "get the bootstrap keys and bootstrap contract handle"
-      (fixed [ "bootstrap" ])
-      (fun cctxt ->
-         let block = Client_config.block () in
-         Client_proto_rpcs.Constants.bootstrap cctxt block >>= fun accounts ->
-         let cpt = ref 0 in
-         Lwt_list.iter_s
-           (fun { Bootstrap.public_key_hash = pkh ;
-                  public_key = pk ; secret_key = sk } ->
-             incr cpt ;
-             let name = Printf.sprintf "bootstrap%d" !cpt in
-             Public_key_hash.add cctxt name pkh >>= fun () ->
-             Public_key.add cctxt name pk >>= fun () ->
-             Secret_key.add cctxt name sk >>= fun () ->
-             cctxt.message "Bootstrap keys added under the name '%s'." name)
-           accounts >>= fun () ->
-         Lwt.return_unit) ;
     command ~group ~desc: "get the balance of a contract"
       (prefixes [ "get" ; "balance" ]
        @@ ContractAlias.destination_param ~name:"src" ~desc:"source contract"

src/client/embedded/alpha/client_proto_contracts.ml

@@ -104,7 +104,7 @@ let get_delegate cctxt block source =
 let may_check_key sourcePubKey sourcePubKeyHash =
   match sourcePubKey with
   | Some sourcePubKey ->
-      if not (Ed25519.Public_key_hash.equal (Ed25519.hash sourcePubKey) sourcePubKeyHash)
+      if not (Ed25519.Public_key_hash.equal (Ed25519.Public_key.hash sourcePubKey) sourcePubKeyHash)
       then
         failwith "Invalid public key in `client_proto_endorsement`"
       else

src/client/embedded/alpha/client_proto_programs.ml

@@ -664,7 +664,7 @@ let commands () =
              cctxt.message "Hash: %S@.Signature: %S"
                hash
                (signature |>
-                Data_encoding.Binary.to_bytes Ed25519.signature_encoding |>
+                Data_encoding.Binary.to_bytes Ed25519.Signature.encoding |>
                 Hex_encode.hex_of_bytes)
          | Error errs ->
              cctxt.warning "%a" pp_print_error errs >>= fun () ->

src/client/embedded/alpha/client_proto_rpcs.ml

@@ -35,8 +35,6 @@ let call_error_service2 cctxt s block a1 a2 =
   call_service2 cctxt s block a1 a2 >|= wrap_error
 
 module Constants = struct
-  let bootstrap cctxt block =
-    call_service1 cctxt Services.Constants.bootstrap block ()
   let errors cctxt block =
     call_service1 cctxt Services.Constants.errors block ()
   let cycle_length cctxt block =

src/client/embedded/alpha/client_proto_rpcs.mli

@@ -21,9 +21,6 @@ module Constants : sig
   val errors:
     Client_commands.context ->
     block -> Json_schema.schema Lwt.t
-  val bootstrap:
-    Client_commands.context ->
-    block -> Bootstrap.account list Lwt.t
   val cycle_length:
     Client_commands.context ->
     block -> int32 tzresult Lwt.t

src/client/embedded/genesis/client_proto_main.ml

@@ -28,7 +28,7 @@ let forge_block
 let mine cctxt block command fitness seckey =
   Client_blocks.get_block_info cctxt block >>= fun bi ->
   forge_block cctxt block bi.net command fitness >>= fun blk ->
-  let signed_blk = Environment.Ed25519.append_signature seckey blk in
+  let signed_blk = Environment.Ed25519.Signature.append seckey blk in
   Client_node_rpcs.inject_block cctxt ~wait:true signed_blk >>=? fun hash ->
   cctxt.answer "Injected %a" Block_hash.pp_short hash >>= fun () ->
   return ()
@@ -54,7 +54,7 @@ let commands () =
       prefixes [ "and" ; "key" ] @@
       param ~name:"password" ~desc:"Dictator's key"
         (fun _ key ->
-           Lwt.return (Environment.Ed25519.secret_key_of_b58check key))
+           Lwt.return (Environment.Ed25519.Secret_key.of_b58check key))
         stop
     end
       (fun hash fitness seckey cctxt ->
@@ -74,7 +74,7 @@ let commands () =
       prefixes [ "and" ; "key" ] @@
       param ~name:"password" ~desc:"Dictator's key"
         (fun _ key ->
-           Lwt.return (Environment.Ed25519.secret_key_of_b58check key))
+           Lwt.return (Environment.Ed25519.Secret_key.of_b58check key))
         stop
     end
       (fun hash fitness seckey cctxt ->

src/client/embedded/genesis/client_proto_main.mli

@@ -12,6 +12,6 @@ val mine:
   Client_node_rpcs.Blocks.block ->
   Data.Command.t ->
   Fitness.fitness ->
-  Environment.Ed25519.secret_key ->
+  Environment.Ed25519.Secret_key.t ->
   unit tzresult Lwt.t
 

src/node/updater/environment.ml

@@ -9,22 +9,6 @@
 
 module Ed25519 = struct
 
-  type secret_key = Sodium.Sign.secret_key
-  type public_key = Sodium.Sign.public_key
-  type signature = MBytes.t
-
-  let sign key msg =
-    Sodium.Sign.Bigbytes.(of_signature @@ sign_detached key msg)
-
-  let check_signature public_key signature msg =
-    try
-      Sodium.Sign.Bigbytes.(verify public_key (to_signature signature) msg) ;
-      true
-    with _ -> false
-
-  let append_signature key msg =
-    MBytes.concat msg (sign key msg)
-
   module Public_key_hash = Hash.Make_Blake2B(Base58)(struct
       let name = "Ed25519.Public_key_hash"
       let title = "An Ed25519 public key ID"
@@ -35,129 +19,178 @@ module Ed25519 = struct
   let () =
     Base58.check_encoded_prefix Public_key_hash.b58check_encoding "tz1" 36
 
-  let hash v =
+  module Public_key = struct
-    Public_key_hash.hash_bytes
+
-      [ Sodium.Sign.Bigbytes.of_public_key v ]
+    type t = Sodium.Sign.public_key
+    let compare = Sodium.Sign.compare_public_keys
+    let (=) xs ys = compare xs ys = 0
+    let (<>) xs ys = compare xs ys <> 0
+    let (<) xs ys = compare xs ys < 0
+    let (<=) xs ys = compare xs ys <= 0
+    let (>=) xs ys = compare xs ys >= 0
+    let (>) xs ys = compare xs ys > 0
+    let max x y = if x >= y then x else y
+    let min x y = if x <= y then x else y
+
+    type Base58.data +=
+      | Public_key of t
+
+    let b58check_encoding =
+      Base58.register_encoding
+        ~prefix: Base58.Prefix.ed25519_public_key
+        ~length:Sodium.Sign.public_key_size
+        ~to_raw:(fun x -> Bytes.to_string (Sodium.Sign.Bytes.of_public_key x))
+        ~of_raw:(fun x ->
+            try Some (Sodium.Sign.Bytes.to_public_key (Bytes.of_string x))
+            with _ -> None)
+        ~wrap:(fun x -> Public_key x)
+
+    let of_b58check s =
+      match Base58.simple_decode b58check_encoding s with
+      | Some x -> x
+      | None -> Pervasives.failwith "Unexpected hash (ed25519 public key)"
+    let to_b58check s = Base58.simple_encode b58check_encoding s
+
+    let of_bytes s = Sodium.Sign.Bytes.to_public_key s
+
+    let () =
+      Base58.check_encoded_prefix b58check_encoding "edpk" 54
+
+    let encoding =
+      let open Data_encoding in
+      splitted
+        ~json:
+          (describe
+             ~title: "An Ed25519 public key (Base58Check encoded)" @@
+           conv
+             (fun s -> Base58.simple_encode b58check_encoding s)
+             (fun s ->
+                match Base58.simple_decode b58check_encoding s with
+                | Some x -> x
+                | None -> Data_encoding.Json.cannot_destruct
+                            "Ed25519 public key: unexpected prefix.")
+             string)
+        ~binary:
+          (conv
+             Sodium.Sign.Bigbytes.of_public_key
+             Sodium.Sign.Bigbytes.to_public_key
+             bytes)
+
+    let hash v =
+      Public_key_hash.hash_bytes
+        [ Sodium.Sign.Bigbytes.of_public_key v ]
+
+  end
+
+  module Secret_key = struct
+
+    type t = Sodium.Sign.secret_key
+
+    type Base58.data +=
+      | Secret_key of t
+
+    let b58check_encoding =
+      Base58.register_encoding
+        ~prefix: Base58.Prefix.ed25519_secret_key
+        ~length:Sodium.Sign.secret_key_size
+        ~to_raw:(fun x -> Bytes.to_string (Sodium.Sign.Bytes.of_secret_key x))
+        ~of_raw:(fun x ->
+            try Some (Sodium.Sign.Bytes.to_secret_key (Bytes.of_string x))
+            with _ -> None)
+        ~wrap:(fun x -> Secret_key x)
+
+    let of_b58check s =
+      match Base58.simple_decode b58check_encoding s with
+      | Some x -> x
+      | None -> Pervasives.failwith "Unexpected hash (ed25519 secret key)"
+    let to_b58check s = Base58.simple_encode b58check_encoding s
+
+    let of_bytes s = Sodium.Sign.Bytes.to_secret_key s
+
+    let () =
+      Base58.check_encoded_prefix b58check_encoding "edsk" 98
+
+    let encoding =
+      let open Data_encoding in
+      splitted
+        ~json:
+          (describe
+             ~title: "An Ed25519 secret key (Base58Check encoded)" @@
+           conv
+             (fun s -> Base58.simple_encode b58check_encoding s)
+             (fun s ->
+                match Base58.simple_decode b58check_encoding s with
+                | Some x -> x
+                | None -> Data_encoding.Json.cannot_destruct
+                            "Ed25519 secret key: unexpected prefix.")
+             string)
+        ~binary:
+          (conv
+             Sodium.Sign.Bigbytes.of_secret_key
+             Sodium.Sign.Bigbytes.to_secret_key
+             bytes)
+
+  end
+
+  let sign key msg =
+    Sodium.Sign.Bigbytes.(of_signature @@ sign_detached key msg)
+
+  module Signature = struct
+
+    type t = MBytes.t
+
+    type Base58.data +=
+      | Signature of t
+
+    let b58check_encoding =
+      Base58.register_encoding
+        ~prefix: Base58.Prefix.ed25519_signature
+        ~length:Sodium.Sign.signature_size
+        ~to_raw:MBytes.to_string
+        ~of_raw:(fun s -> Some (MBytes.of_string s))
+        ~wrap:(fun x -> Signature x)
+
+    let of_b58check s =
+      match Base58.simple_decode b58check_encoding s with
+      | Some x -> x
+      | None -> Pervasives.failwith "Unexpected hash (ed25519 signature)"
+    let to_b58check s = Base58.simple_encode b58check_encoding s
+
+    let of_bytes s = MBytes.of_string (Bytes.to_string s)
+
+    let () =
+      Base58.check_encoded_prefix b58check_encoding "edsig" 99
+
+    let encoding =
+      let open Data_encoding in
+      splitted
+        ~json:
+          (describe
+             ~title: "An Ed25519 signature (Base58Check encoded)" @@
+           conv
+             (fun s -> Base58.simple_encode b58check_encoding s)
+             (fun s ->
+                match Base58.simple_decode b58check_encoding s with
+                | Some x -> x
+                | None -> Data_encoding.Json.cannot_destruct
+                            "Ed25519 signature: unexpected prefix.")
+             string)
+        ~binary: (Fixed.bytes 64)
+
+    let check public_key signature msg =
+      try
+        Sodium.Sign.Bigbytes.(verify public_key (to_signature signature) msg) ;
+        true
+      with _ -> false
+
+    let append key msg =
+      MBytes.concat msg (sign key msg)
+
+  end
 
   let generate_key () =
     let secret, pub = Sodium.Sign.random_keypair () in
-    (hash pub, pub, secret)
+    (Public_key.hash pub, pub, secret)
-
-  type Base58.data +=
-    | Public_key of public_key
-    | Secret_key of secret_key
-    | Signature of signature
-
-  let b58check_public_key_encoding =
-    Base58.register_encoding
-      ~prefix: Base58.Prefix.ed25519_public_key
-      ~length:Sodium.Sign.public_key_size
-      ~to_raw:(fun x -> Bytes.to_string (Sodium.Sign.Bytes.of_public_key x))
-      ~of_raw:(fun x ->
-          try Some (Sodium.Sign.Bytes.to_public_key (Bytes.of_string x))
-          with _ -> None)
-      ~wrap:(fun x -> Public_key x)
-
-  let b58check_secret_key_encoding =
-    Base58.register_encoding
-      ~prefix: Base58.Prefix.ed25519_secret_key
-      ~length:Sodium.Sign.secret_key_size
-      ~to_raw:(fun x -> Bytes.to_string (Sodium.Sign.Bytes.of_secret_key x))
-      ~of_raw:(fun x ->
-          try Some (Sodium.Sign.Bytes.to_secret_key (Bytes.of_string x))
-          with _ -> None)
-      ~wrap:(fun x -> Secret_key x)
-
-  let b58check_signature_encoding =
-    Base58.register_encoding
-      ~prefix: Base58.Prefix.ed25519_signature
-      ~length:Sodium.Sign.signature_size
-      ~to_raw:MBytes.to_string
-      ~of_raw:(fun s -> Some (MBytes.of_string s))
-      ~wrap:(fun x -> Signature x)
-
-  let public_key_of_b58check s =
-    match Base58.simple_decode b58check_public_key_encoding s with
-    | Some x -> x
-    | None -> Pervasives.failwith "Unexpected hash (ed25519 public key)"
-  let b58check_of_public_key s = Base58.simple_encode b58check_public_key_encoding s
-
-  let secret_key_of_b58check s =
-    match Base58.simple_decode b58check_secret_key_encoding s with
-    | Some x -> x
-    | None -> Pervasives.failwith "Unexpected hash (ed25519 secret key)"
-  let b58check_of_secret_key s = Base58.simple_encode b58check_secret_key_encoding s
-
-  let signature_of_b58check s =
-    match Base58.simple_decode b58check_signature_encoding s with
-    | Some x -> x
-    | None -> Pervasives.failwith "Unexpected hash (ed25519 signature)"
-  let b58check_of_signature s = Base58.simple_encode b58check_signature_encoding s
-
-  let public_key_of_bytes s = Sodium.Sign.Bytes.to_public_key s
-  let secret_key_of_bytes s = Sodium.Sign.Bytes.to_secret_key s
-  let signature_of_bytes s = Sodium.Sign.Bytes.to_signature s
-
-  let () =
-    Base58.check_encoded_prefix b58check_public_key_encoding "edpk" 54 ;
-    Base58.check_encoded_prefix b58check_secret_key_encoding "edsk" 98 ;
-    Base58.check_encoded_prefix b58check_signature_encoding "edsig" 99
-
-  let public_key_encoding =
-    let open Data_encoding in
-    splitted
-      ~json:
-        (describe
-           ~title: "An Ed25519 public key (Base58Check encoded)" @@
-         conv
-           (fun s -> Base58.simple_encode b58check_public_key_encoding s)
-           (fun s ->
-              match Base58.simple_decode b58check_public_key_encoding s with
-              | Some x -> x
-              | None -> Data_encoding.Json.cannot_destruct
-                          "Ed25519 public key: unexpected prefix.")
-           string)
-      ~binary:
-        (conv
-           Sodium.Sign.Bigbytes.of_public_key
-           Sodium.Sign.Bigbytes.to_public_key
-           bytes)
-
-  let secret_key_encoding =
-    let open Data_encoding in
-    splitted
-      ~json:
-        (describe
-           ~title: "An Ed25519 secret key (Base58Check encoded)" @@
-         conv
-           (fun s -> Base58.simple_encode b58check_secret_key_encoding s)
-           (fun s ->
-              match Base58.simple_decode b58check_secret_key_encoding s with
-              | Some x -> x
-              | None -> Data_encoding.Json.cannot_destruct
-                          "Ed25519 secret key: unexpected prefix.")
-           string)
-      ~binary:
-        (conv
-           Sodium.Sign.Bigbytes.of_secret_key
-           Sodium.Sign.Bigbytes.to_secret_key
-           bytes)
-
-  let signature_encoding =
-    let open Data_encoding in
-    splitted
-      ~json:
-        (describe
-           ~title: "An Ed25519 signature (Base58Check encoded)" @@
-         conv
-           (fun s -> Base58.simple_encode b58check_signature_encoding s)
-           (fun s ->
-              match Base58.simple_decode b58check_signature_encoding s with
-              | Some x -> x
-              | None -> Data_encoding.Json.cannot_destruct
-                          "Ed25519 signature: unexpected prefix.")
-           string)
-      ~binary: (Fixed.bytes 64)
 
 end
 

src/proto/alpha/apply.ml

@@ -143,7 +143,7 @@ let apply_sourced_operation
             accept_failing_script source content)
         (ctxt, origination_nonce) contents
   | Delegate_operations { source ; operations = contents } ->
-      let delegate = Ed25519.hash source in
+      let delegate = Ed25519.Public_key.hash source in
       check_signature_and_update_public_key
         ctxt delegate (Some source) operation >>=? fun ctxt ->
     (* TODO, see how to extract the public key hash after this operation to

src/proto/alpha/block_repr.ml

@@ -15,7 +15,7 @@ open Tezos_hash
 type header = {
   shell: Updater.shell_block ;
   proto: proto_header ;
-  signature: Ed25519.signature ;
+  signature: Ed25519.Signature.t ;
 }
 
 and proto_header = {
@@ -45,7 +45,7 @@ let signed_proto_header_encoding =
   let open Data_encoding in
   merge_objs
     proto_header_encoding
-    (obj1 (req "signature" Ed25519.signature_encoding))
+    (obj1 (req "signature" Ed25519.Signature.encoding))
 
 let unsigned_header_encoding =
   let open Data_encoding in

src/proto/alpha/block_repr.mli

@@ -13,7 +13,7 @@ open Tezos_hash
 type header = {
   shell: Updater.shell_block ;
   proto: proto_header ;
-  signature: Ed25519.signature ;
+  signature: Ed25519.Signature.t ;
 }
 
 and proto_header = {

src/proto/alpha/bootstrap_storage.ml

@@ -9,71 +9,13 @@
 
 type account = {
   public_key_hash : Ed25519.Public_key_hash.t ;
-  public_key : Ed25519.public_key ;
+  public_key : Ed25519.Public_key.t ;
-  secret_key : Ed25519.secret_key ;
 }
 
 (* FIXME: when incresing wealth *10, the node is very slow to initialize...
    this should be investigated... *)
 let wealth = Tez_repr.of_cents_exn 2_000_000_00L
 
-let make ~raw_secret_key ~raw_public_key =
-  let raw_secret_key =
-    raw_secret_key
-    |> Hex_encode.hex_decode
-    |> MBytes.of_string in
-  let raw_public_key =
-    raw_public_key
-    |> Hex_encode.hex_decode
-    |> MBytes.of_string in
-  let secret_key =
-    match Data_encoding.Binary.of_bytes Ed25519.secret_key_encoding raw_secret_key with
-    | None -> assert false
-    | Some v -> v in
-  let public_key =
-    match Data_encoding.Binary.of_bytes Ed25519.public_key_encoding raw_public_key with
-    | None -> assert false
-    | Some v -> v in
-  (* check that keys correspond *)
-  let bytes = MBytes.of_string "some test text" in
-  let signature = Ed25519.sign secret_key bytes in
-  assert (Ed25519.check_signature public_key signature bytes) ;
-  let public_key_hash = Ed25519.hash public_key in
-  { public_key_hash ; public_key ; secret_key }
-
-let accounts = [
-  make
-    ~raw_public_key:
-      "000000204798D2CC98473D7E250C898885718AFD2E4EFBCB1A1595AB9730761ED830DE0F"
-    ~raw_secret_key:
-      "000000408500C86780141917FCD8AC6A54A43A9EEDA1ABA9D263CE5DEC5A1D0E5DF1E598\
-       4798D2CC98473D7E250C898885718AFD2E4EFBCB1A1595AB9730761ED830DE0F" ;
-  make
-    ~raw_public_key:
-      "000000202dc050925cf3a80c0d0fd4589e1d86e2a4e07118e29458a537ed6382cb697d97"
-    ~raw_secret_key:
-      "000000403f6aa02bc3cf23d7d4955f3d2708c84368372779aca1cfe013def93cf15dfcdb\
-       2dc050925cf3a80c0d0fd4589e1d86e2a4e07118e29458a537ed6382cb697d97" ;
-  make
-    ~raw_public_key:
-      "000000206b6aa000041caa65d1df72354d329beae2a782c59021f25c6f40bf4a88781c1b"
-    ~raw_secret_key:
-      "00000040c56dcb77f1fff00d1a1f5330a77a9f1f31cf70fa7ad691a22b5ec28cdb232350\
-       6b6aa000041caa65d1df72354d329beae2a782c59021f25c6f40bf4a88781c1b" ;
-  make
-    ~raw_public_key:
-      "0000002050e67edf7dbff2c9a45f0bfae892964c67c61472a74d3ab1e51aa009611c788f"
-    ~raw_secret_key:
-      "000000401fa3088f39928af52331654f0d9234787f345988a4ee46b619b94d8ad5405dc8\
-       50e67edf7dbff2c9a45f0bfae892964c67c61472a74d3ab1e51aa009611c788f" ;
-  make
-    ~raw_public_key:
-      "00000020c34b689f812ccca41c114a123aa44f55846fec7eb956b6b852d2d19003e63165"
-    ~raw_secret_key:
-      "00000040e4104362f6db39d47aa1a85bd0d5b54b712f6d8c603c0c81bf01b42123d0d9b9\
-       c34b689f812ccca41c114a123aa44f55846fec7eb956b6b852d2d19003e63165" ;
-]
-
 let init_account ctxt account =
   Storage.Public_key.init ctxt account.public_key_hash account.public_key >>=? fun ctxt ->
   Contract_storage.credit
@@ -82,24 +24,31 @@ let init_account ctxt account =
     wealth >>=? fun ctxt ->
   return ctxt
 
+
+let make public_key =
+  { public_key ; public_key_hash = Ed25519.Public_key.hash public_key }
+
+let accounts ctxt =
+  let { Constants_repr.bootstrap_keys } = Storage.constants ctxt in
+  List.map make bootstrap_keys
+
 let init ctxt =
-  fold_left_s init_account ctxt accounts >>=? fun ctxt ->
+  fold_left_s init_account ctxt (accounts ctxt) >>=? fun ctxt ->
   return ctxt
 
 let account_encoding =
   let open Data_encoding in
   conv
-    (fun {public_key_hash ; public_key ; secret_key } ->
+    (fun {public_key_hash ; public_key } ->
-       (public_key_hash, public_key, secret_key))
+       (public_key_hash, public_key))
-    (fun (public_key_hash, public_key, secret_key) ->
+    (fun (public_key_hash, public_key) ->
-       { public_key_hash ; public_key ; secret_key })
+       { public_key_hash ; public_key })
-    (obj3
+    (obj2
        (req "publicKeyHash" Ed25519.Public_key_hash.encoding)
-       (req "publicKey" Ed25519.public_key_encoding)
+       (req "publicKey" Ed25519.Public_key.encoding))
-       (req "secretKey" Ed25519.secret_key_encoding))
 
 let refill ctxt =
-  (* Unefficient HACK for tha alphanet only... *)
+  (* Unefficient HACK for the alphanet only... *)
   Contract_storage.list ctxt >>=? fun contracts ->
   List.fold_left
     (fun total contract ->
@@ -108,6 +57,7 @@ let refill ctxt =
     (return Tez_repr.zero) contracts >>=? fun total ->
   (* The 5 bootstrap accounts should have at least 1/2 of the total amount
      of tokens. *)
+  let accounts = accounts ctxt in
   let min_balance =
     Tez_repr.(total / 2L / (Int64.of_int (List.length accounts))) in
   fold_left_s

src/proto/alpha/bootstrap_storage.mli

@@ -9,13 +9,12 @@
 
 type account = {
   public_key_hash : Ed25519.Public_key_hash.t ;
-  public_key : Ed25519.public_key ;
+  public_key : Ed25519.Public_key.t ;
-  secret_key : Ed25519.secret_key ;
 }
 
 val account_encoding: account Data_encoding.t
 
-val accounts: account list
+val accounts: Storage.t -> account list
 
 val init: Storage.t -> Storage.t tzresult Lwt.t
 

src/proto/alpha/constants_repr.ml

@@ -42,8 +42,12 @@ type constants = {
   max_signing_slot: int ;
   instructions_per_transaction: int ;
   proof_of_work_threshold: int64 ;
+  bootstrap_keys: Ed25519.Public_key.t list ;
 }
 
+let read_public_key s =
+  Ed25519.Public_key.of_bytes (Bytes.of_string (Hex_encode.hex_decode s))
+
 let default = {
   cycle_length = 2048l ;
   voting_period_length = 32768l ;
@@ -58,6 +62,14 @@ let default = {
   instructions_per_transaction = 16 * 1024 ;
   proof_of_work_threshold =
     Int64.(lognot (sub (shift_left 1L 56) 1L)) ;
+  bootstrap_keys =
+    List.map read_public_key [
+      "dd5d3536916765fd00a8cd402bddd34e87b49ae5159c43b8feecfd9f06b267d2" ;
+      "ce09f1c6b91d48cdd9f2aa98daf780f07353c759866c7dfbe50eb023bde51629" ;
+      "9c328bddf6249bbe550121076194d99bbe60e5b1e144da4f426561b5d3bbc6ab" ;
+      "a3db517734e07ace089ad0a2388e7276fb9b114bd79259dd5c93b0c33d57d6a2" ;
+      "6d2d52e62f1d48f3cf9badbc90cfe5f3aa600194bf21eda44b8e64698a82d341" ;
+    ]
 }
 
 let opt (=) def v = if def = v then None else Some v
@@ -72,6 +84,7 @@ let constants_encoding =
   Data_encoding.conv
     (fun c ->
        let module Compare_slot_durations = Compare.List (Period_repr) in
+       let module Compare_keys = Compare.List (Ed25519.Public_key) in
        let cycle_length =
          opt Compare.Int32.(=)
            default.cycle_length c.cycle_length
@@ -97,6 +110,9 @@ let constants_encoding =
        and proof_of_work_threshold =
          opt Compare.Int64.(=)
            default.proof_of_work_threshold c.proof_of_work_threshold
+       and bootstrap_keys =
+         opt Compare_keys.(=)
+           default.bootstrap_keys c.bootstrap_keys
        in
        (( cycle_length,
           voting_period_length,
@@ -105,7 +121,8 @@ let constants_encoding =
           first_free_mining_slot,
           max_signing_slot,
           instructions_per_transaction,
-          proof_of_work_threshold ), ()) )
+          proof_of_work_threshold,
+          bootstrap_keys), ()) )
     (fun (( cycle_length,
             voting_period_length,
             time_before_reward,
@@ -113,7 +130,8 @@ let constants_encoding =
             first_free_mining_slot,
             max_signing_slot,
             instructions_per_transaction,
-            proof_of_work_threshold ), ()) ->
+            proof_of_work_threshold,
+            bootstrap_keys), ()) ->
       { cycle_length =
           unopt default.cycle_length cycle_length ;
         voting_period_length =
@@ -132,10 +150,12 @@ let constants_encoding =
           unopt default.instructions_per_transaction instructions_per_transaction ;
         proof_of_work_threshold =
           unopt default.proof_of_work_threshold proof_of_work_threshold ;
+        bootstrap_keys =
+          unopt default.bootstrap_keys bootstrap_keys ;
       } )
      Data_encoding.(
        merge_objs
-         (obj8
+         (obj9
             (opt "cycle_length" int32)
             (opt "voting_period_length" int32)
             (opt "time_before_reward" int64)
@@ -143,7 +163,8 @@ let constants_encoding =
             (opt "first_free_mining_slot" int32)
             (opt "max_signing_slot" int31)
             (opt "instructions_per_transaction" int31)
-            (opt "proof_of_work_threshold" int64))
+            (opt "proof_of_work_threshold" int64)
+            (opt "bootstrap_keys" (list Ed25519.Public_key.encoding)))
          unit)
 
 type error += Constant_read of exn

src/proto/alpha/mining.ml

@@ -154,7 +154,7 @@ let check_header_hash {Block.shell;proto;signature} stamp_threshold =
     Block_hash.hash_bytes [
       Data_encoding.Binary.to_bytes
         (Data_encoding.tup2
-           Block.unsigned_header_encoding Ed25519.signature_encoding)
+           Block.unsigned_header_encoding Ed25519.Signature.encoding)
         ((shell, proto), signature)] in
   check_hash hash stamp_threshold
 
@@ -173,7 +173,7 @@ let check_signature ctxt block id =
   Public_key.get ctxt id >>=? fun key ->
   let check_signature key { Block.proto ; shell ; signature } =
     let unsigned_header = Block.forge_header shell proto in
-    Ed25519.check_signature key signature unsigned_header in
+    Ed25519.Signature.check key signature unsigned_header in
   if check_signature key block then
     return ()
   else

src/proto/alpha/operation_repr.ml

@@ -13,7 +13,7 @@ type operation = {
   hash: Operation_hash.t ;
   shell: Updater.shell_operation ;
   contents: proto_operation ;
-  signature: Ed25519.signature option ;
+  signature: Ed25519.Signature.t option ;
 }
 
 and proto_operation =
@@ -33,13 +33,13 @@ and anonymous_operation =
 and sourced_operations =
   | Manager_operations of {
       source: Contract_repr.contract ;
-      public_key: Ed25519.public_key option ;
+      public_key: Ed25519.Public_key.t option ;
       fee: Tez_repr.tez ;
       counter: counter ;
       operations: manager_operation list ;
     }
   | Delegate_operations of {
-      source: Ed25519.public_key ;
+      source: Ed25519.Public_key.t ;
       operations: delegate_operation list ;
     }
 
@@ -152,7 +152,7 @@ module Encoding = struct
   let manager_kind_encoding =
     (obj5
        (req "source" Contract_repr.encoding)
-       (opt "public_key" Ed25519.public_key_encoding)
+       (opt "public_key" Ed25519.Public_key.encoding)
        (req "fee" Tez_repr.encoding)
        (req "counter" int32)
        (req "operations"
@@ -220,7 +220,7 @@ module Encoding = struct
 
   let delegate_kind_encoding =
     (obj2
-       (req "source" Ed25519.public_key_encoding)
+       (req "source" Ed25519.Public_key.encoding)
        (req "operations"
           (list (union [
                endorsement_case 0 ;
@@ -299,7 +299,7 @@ module Encoding = struct
   let signed_proto_operation_encoding =
     merge_objs
       proto_operation_encoding
-      (obj1 (varopt "signature" Ed25519.signature_encoding))
+      (obj1 (varopt "signature" Ed25519.Signature.encoding))
 
 end
 
@@ -332,7 +332,7 @@ let check_signature key { shell ; contents ; signature }  =
       fail Missing_signature
   | Sourced_operations _, Some signature ->
       let unsigned_operation = forge shell contents in
-      if Ed25519.check_signature key signature unsigned_operation then
+      if Ed25519.Signature.check key signature unsigned_operation then
         return ()
       else
         fail Invalid_signature

src/proto/alpha/operation_repr.mli

@@ -13,7 +13,7 @@ type operation = {
   hash: Operation_hash.t ;
   shell: Updater.shell_operation ;
   contents: proto_operation ;
-  signature: Ed25519.signature option ;
+  signature: Ed25519.Signature.t option ;
 }
 
 and proto_operation =
@@ -33,13 +33,13 @@ and anonymous_operation =
 and sourced_operations =
   | Manager_operations of {
       source: Contract_repr.contract ;
-      public_key: Ed25519.public_key option ;
+      public_key: Ed25519.Public_key.t option ;
       fee: Tez_repr.tez ;
       counter: counter ;
       operations: manager_operation list ;
     }
   | Delegate_operations of {
-      source: Ed25519.public_key ;
+      source: Ed25519.Public_key.t ;
       operations: delegate_operation list ;
     }
 
@@ -87,11 +87,11 @@ val parse:
 
 val parse_proto:
   MBytes.t ->
-  (proto_operation * Ed25519.signature option) tzresult Lwt.t
+  (proto_operation * Ed25519.Signature.t option) tzresult Lwt.t
 
 type error += Invalid_signature
 val check_signature:
-  Ed25519.public_key -> operation -> unit tzresult Lwt.t
+  Ed25519.Public_key.t -> operation -> unit tzresult Lwt.t
 
 val forge: Updater.shell_operation -> proto_operation -> MBytes.t
 

src/proto/alpha/script_interpreter.ml

@@ -484,7 +484,7 @@ let rec interp
           | Check_signature, Item (key, Item ((signature, message), rest)) ->
               Public_key.get ctxt key >>=? fun key ->
               let message = MBytes.of_string message in
-              let res = Ed25519.check_signature key signature message in
+              let res = Ed25519.Signature.check key signature message in
               logged_return (Item (res, rest), qta - 1, ctxt)
           | H ty, Item (v, rest) ->
               let hash = Script.hash_expr (unparse_data ty v) in

src/proto/alpha/script_ir_translator.ml

@@ -304,7 +304,7 @@ let rec unparse_data
     | Signature_t, s ->
         let text =
           Hex_encode.hex_encode
-            (MBytes.to_string (Data_encoding.Binary.to_bytes Ed25519.signature_encoding s)) in
+            (MBytes.to_string (Data_encoding.Binary.to_bytes Ed25519.Signature.encoding s)) in
         String (-1, text)
     | Tez_t, v ->
         String (-1, Tez.to_string v)
@@ -679,7 +679,7 @@ let rec parse_data
     (* Signatures *)
     | Signature_t, String (_, s) -> begin try
           match Data_encoding.Binary.of_bytes
-                  Ed25519.signature_encoding
+                  Ed25519.Signature.encoding
                   (MBytes.of_string (Hex_encode.hex_decode s)) with
           | Some s -> return s
           | None -> raise Not_found

src/proto/alpha/services.ml

@@ -107,13 +107,6 @@ module Constants = struct
       ~output: json_schema
       RPC.Path.(custom_root / "constants" / "errors")
 
-  let bootstrap custom_root =
-    RPC.service
-      ~description: "Hardcoded predefined keys and contract"
-      ~input: empty
-      ~output: (list Bootstrap.account_encoding)
-      RPC.Path.(custom_root / "constants" / "bootstrap_keys")
-
 end
 
 module Context = struct
@@ -192,7 +185,7 @@ module Context = struct
     let pk_encoding =
       (obj2
          (req "hash" Ed25519.Public_key_hash.encoding)
-         (req "public_key" Ed25519.public_key_encoding))
+         (req "public_key" Ed25519.Public_key.encoding))
 
     let list custom_root =
       RPC.service
@@ -353,7 +346,7 @@ module Helpers = struct
                  (req "pred_block" Block_hash.encoding)
                  (req "operation_hash" Operation_hash.encoding)
                  (req "forged_operation" bytes)
-                 (opt "signature" Ed25519.signature_encoding))
+                 (opt "signature" Ed25519.Signature.encoding))
       ~output: (wrap_tzerror
                   (obj1 (req "contracts" (list Contract.encoding))))
       RPC.Path.(custom_root / "helpers" / "apply_operation")

src/proto/alpha/services_registration.ml

@@ -87,10 +87,6 @@ let () =
     (fun () ->
        Lwt.return (Data_encoding.Json.(schema (error_encoding ()))))
 
-let () =
-  register1_noctxt Services.Constants.bootstrap
-    (fun () -> Lwt.return Bootstrap.accounts)
-
 (*-- Context -----------------------------------------------------------------*)
 
 let level ctxt =
@@ -210,7 +206,7 @@ let () =
       | Some contract -> contract
       | None ->
           Contract.default_contract
-            (List.hd Bootstrap.accounts).Bootstrap.public_key_hash in
+            (List.hd (Bootstrap.accounts ctxt)).Bootstrap.public_key_hash in
     let storage : Script.storage =
       { storage ; storage_type = (script : Script.code).storage_type } in
     let qta =
@@ -423,7 +419,7 @@ let () =
 let operation_public_key ctxt = function
   | None -> return None
   | Some public_key ->
-      let hash = Ed25519.hash public_key in
+      let hash = Ed25519.Public_key.hash public_key in
       Public_key.get_option ctxt hash >>=? function
       | None -> return (Some public_key)
       | Some _ -> return None

src/proto/alpha/storage.ml

@@ -409,10 +409,10 @@ end
 module Public_key =
   Make_iterable_data_storage (Ed25519.Public_key_hash)
     (struct
-      type value = Ed25519.public_key
+      type value = Ed25519.Public_key.t
       let key = Key.public_keys
       let name = "public keys"
-      let encoding = Ed25519.public_key_encoding
+      let encoding = Ed25519.Public_key.encoding
     end)
 
 (** Seed *)

src/proto/alpha/storage.mli

@@ -218,7 +218,7 @@ end
 
 module Public_key : Iterable_data_storage
   with type key = Ed25519.Public_key_hash.t
-   and type value = Ed25519.public_key
+   and type value = Ed25519.Public_key.t
    and type context := t
 
 (** Seed *)

src/proto/alpha/tezos_context.ml

@@ -38,10 +38,10 @@ module Cycle = Cycle_repr
 module Script_int = Script_int_repr
 module Script = Script_repr
 
-type public_key = Ed25519.public_key
+type public_key = Ed25519.Public_key.t
 type public_key_hash = Ed25519.Public_key_hash.t
-type secret_key = Ed25519.secret_key
+type secret_key = Ed25519.Secret_key.t
-type signature = Ed25519.signature
+type signature = Ed25519.Signature.t
 
 include Tezos_hash
 

src/proto/alpha/tezos_context.mli

@@ -21,10 +21,10 @@ module Contract_hash = Tezos_hash.Contract_hash
 
 module Nonce_hash = Tezos_hash.Nonce_hash
 
-type public_key = Ed25519.public_key
+type public_key = Ed25519.Public_key.t
 type public_key_hash = Ed25519.Public_key_hash.t
-type secret_key = Ed25519.secret_key
+type secret_key = Ed25519.Secret_key.t
-type signature = Ed25519.signature
+type signature = Ed25519.Signature.t
 
 module Tez : sig
 
@@ -157,9 +157,8 @@ module Bootstrap : sig
   type account = {
     public_key_hash: public_key_hash ;
     public_key: public_key ;
-    secret_key: secret_key ;
   }
-  val accounts: account list
+  val accounts: context -> account list
   val account_encoding: account Data_encoding.t
   val refill: context -> context tzresult Lwt.t
 end
@@ -528,7 +527,7 @@ module Block : sig
   type header = {
     shell: Updater.shell_block ;
     proto: proto_header ;
-    signature: Ed25519.signature ;
+    signature: Ed25519.Signature.t ;
   }
 
   and proto_header = {

src/proto/environment/ed25519.mli

@@ -1,36 +1,66 @@
 (** Tezos - Ed25519 cryptography *)
 
 
-(** {2 Signature} ************************************************************)
-
-(** An Ed25519 public key *)
-type public_key
-
-(** An Ed25519 secret key *)
-type secret_key
-
-(** The result of signing a sequence of bytes with a secret key *)
-type signature
-
-(** Signs a sequence of bytes with a secret key *)
-val sign : secret_key -> MBytes.t -> signature
-
-(** Checks a signature *)
-val check_signature : public_key -> signature -> MBytes.t -> bool
-
 (** {2 Hashed public keys for user ID} ***************************************)
 
 module Public_key_hash : Hash.HASH
 
-(** Hashes an Ed25519 public key *)
-val hash : public_key -> Public_key_hash.t
 
-(** {2 Serializers} **********************************************************)
+(** {2 Signature} ************************************************************)
 
-val public_key_encoding : public_key Data_encoding.t
+module Public_key : sig
 
-val secret_key_encoding : secret_key Data_encoding.t
+  include Compare.S
+  val encoding: t Data_encoding.t
 
-val signature_encoding : signature Data_encoding.t
+  val hash: t -> Public_key_hash.t
 
-val public_key_of_bytes : Bytes.t -> public_key
+  type Base58.data +=
+    | Public_key of t
+
+  val of_b58check: string -> t
+  val to_b58check: t -> string
+
+  val of_bytes: Bytes.t -> t
+
+end
+
+module Secret_key : sig
+
+  type t
+  val encoding: t Data_encoding.t
+
+  type Base58.data +=
+    | Secret_key of t
+
+  val of_b58check: string -> t
+  val to_b58check: t -> string
+
+  val of_bytes: Bytes.t -> t
+
+end
+
+module Signature : sig
+
+  type t
+  val encoding: t Data_encoding.t
+
+  type Base58.data +=
+    | Signature of t
+
+  val of_b58check: string -> t
+  val to_b58check: t -> string
+
+  val of_bytes: Bytes.t -> t
+
+  (** Checks a signature *)
+  val check: Public_key.t -> t -> MBytes.t -> bool
+
+  (** Append a signature *)
+  val append: Secret_key.t -> MBytes.t -> MBytes.t
+
+end
+
+val sign: Secret_key.t -> MBytes.t -> Signature.t
+
+val generate_key: unit -> (Public_key_hash.t * Public_key.t * Secret_key.t)

src/proto/genesis/data.ml

@@ -44,7 +44,7 @@ module Command = struct
     let open Data_encoding in
     obj2
       (req "content" encoding)
-      (req "signature" Ed25519.signature_encoding)
+      (req "signature" Ed25519.Signature.encoding)
 
   let forge shell command =
     Data_encoding.Binary.to_bytes
@@ -60,25 +60,25 @@ module Pubkey = struct
   let default =
     let pubkey =
       "4d5373455738070434f214826d301a1c206780d7f789fcbf94c2149b2e0718cc" in
-    Ed25519.public_key_of_bytes
+    Ed25519.Public_key.of_bytes
       (Bytes.of_string (Hex_encode.hex_decode pubkey))
 
   let get_pubkey ctxt =
     Context.get ctxt pubkey_key >>= function
     | None -> Lwt.return default
     | Some b ->
-        match Data_encoding.Binary.of_bytes Ed25519.public_key_encoding b with
+        match Data_encoding.Binary.of_bytes Ed25519.Public_key.encoding b with
         | None -> Lwt.return default
         | Some pk -> Lwt.return pk
 
   let set_pubkey ctxt v =
     Context.set ctxt pubkey_key @@
-    Data_encoding.Binary.to_bytes Ed25519.public_key_encoding v
+    Data_encoding.Binary.to_bytes Ed25519.Public_key.encoding v
 
   let sandbox_encoding =
     let open Data_encoding in
     merge_objs
-      (obj1 (req "genesis_pubkey" Ed25519.public_key_encoding))
+      (obj1 (req "genesis_pubkey" Ed25519.Public_key.encoding))
       Data_encoding.unit
 
   let may_change_default ctxt json =

src/proto/genesis/main.ml

@@ -40,7 +40,7 @@ let max_number_of_operations = 0
 type block = {
   shell: Updater.shell_block ;
   command: Data.Command.t ;
-  signature: Ed25519.signature ;
+  signature: Ed25519.Signature.t ;
 }
 
 let max_block_length =
@@ -57,7 +57,7 @@ let check_signature ctxt { shell ; command ; signature } =
   let bytes = Data.Command.forge shell command in
   Data.Pubkey.get_pubkey ctxt >>= fun public_key ->
   fail_unless
-    (Ed25519.check_signature public_key signature bytes)
+    (Ed25519.Signature.check public_key signature bytes)
     Invalid_signature
 
 let apply ctxt header _ops =

test/sandbox.json

@@ -1,6 +1,13 @@
 {
     "genesis_pubkey":
-       "edpkuSLWfVU1Vq7Jg9FucPyKmma6otcMHac9zG4oU1KMHSTBpJuGQ2",
+      "edpkuSLWfVU1Vq7Jg9FucPyKmma6otcMHac9zG4oU1KMHSTBpJuGQ2",
+    "bootstrap_keys": [
+        "edpkuBknW28nW72KG6RoHtYW7p12T6GKc7nAbwYX5m8Wd9sDVC9yav",
+        "edpktzNbDAUjUk697W7gYg2CRuBQjyPxbEg8dLccYYwKSKvkPvjtV9",
+        "edpkuTXkJDGcFd5nh6VvMz8phXxU3Bi7h6hqgywNFi1vZTfQNnS1RV",
+        "edpkuFrRoDSEbJYgxRtLx2ps82UdaYc1WwfS9sE11yhauZt5DgCHbU",
+        "edpkv8EUUH68jmo3f7Um5PezmfGrRF24gnfLpH3sVNwJnV5bVCxL2n"
+    ],
     "slot_durations" : [ 10, 5 ],
     "cycle_length" : 128,
     "first_free_mining_slot" : 4

test/test-basic.sh

@@ -25,13 +25,19 @@ sleep 3
 
 ${CLIENT} list versions
 
+${CLIENT} add identity bootstrap1 tz1KqTpEZ7Yob7QbPE4Hy4Wo8fHG8LhKxZSx
+${CLIENT} add public key bootstrap1 edpkuBknW28nW72KG6RoHtYW7p12T6GKc7nAbwYX5m8Wd9sDVC9yav
+${CLIENT} add secret key bootstrap1 edskRuR1azSfboG86YPTyxrQgosh5zChf5bVDmptqLTb5EuXAm9rsnDYfTKhq7rDQujdn5WWzwUMeV3agaZ6J2vPQT58jJAJPi
+${CLIENT} add identity bootstrap2 tz1gjaF81ZRRvdzjobyfVNsAeSC6PScjfQwN
+${CLIENT} add identity bootstrap3 tz1faswCTDciRzE4oJ9jn2Vm2dvjeyA9fUzU
+${CLIENT} add identity bootstrap4 tz1b7tUupMgCNw2cCLpKTkSD1NZzB5TkP2sv
+${CLIENT} add identity bootstrap5 tz1ddb9NMYHZi5UzPdzTZMYQQZoMub195zgv
+
 ${CLIENT} activate \
           protocol ProtoALphaALphaALphaALphaALphaALphaALphaALphaDdp3zK \
           with fitness 1 \
           and key edskRhxswacLW6jF6ULavDdzwqnKJVS4UcDTNiCyiH6H8ZNnn2pmNviL7pRNz9kRxxaWQFzEQEcZExGHKbwmuaAcoMegj5T99z
 
-${CLIENT} bootstrap
-
 KEY1=foo
 KEY2=bar
 

test/test_basic.ml

@@ -78,9 +78,40 @@ type account = {
 }
 
 let genesis_sk =
-  Environment.Ed25519.secret_key_of_b58check
+  Environment.Ed25519.Secret_key.of_b58check
     "edskRhxswacLW6jF6ULavDdzwqnKJVS4UcDTNiCyiH6H8ZNnn2pmNviL7pRNz9kRxxaWQFzEQEcZExGHKbwmuaAcoMegj5T99z"
 
+let bootstrap1_pk =
+  Environment.Ed25519.Public_key.of_b58check
+    "edpkuBknW28nW72KG6RoHtYW7p12T6GKc7nAbwYX5m8Wd9sDVC9yav"
+let bootstrap2_pk =
+  Environment.Ed25519.Public_key.of_b58check
+    "edpktzNbDAUjUk697W7gYg2CRuBQjyPxbEg8dLccYYwKSKvkPvjtV9"
+let bootstrap3_pk =
+  Environment.Ed25519.Public_key.of_b58check
+    "edpkuTXkJDGcFd5nh6VvMz8phXxU3Bi7h6hqgywNFi1vZTfQNnS1RV"
+let bootstrap4_pk =
+  Environment.Ed25519.Public_key.of_b58check
+    "edpkuFrRoDSEbJYgxRtLx2ps82UdaYc1WwfS9sE11yhauZt5DgCHbU"
+let bootstrap5_pk =
+  Environment.Ed25519.Public_key.of_b58check
+    "edpkv8EUUH68jmo3f7Um5PezmfGrRF24gnfLpH3sVNwJnV5bVCxL2n"
+let bootstrap1_sk =
+  Environment.Ed25519.Secret_key.of_b58check
+    "edskRuR1azSfboG86YPTyxrQgosh5zChf5bVDmptqLTb5EuXAm9rsnDYfTKhq7rDQujdn5WWzwUMeV3agaZ6J2vPQT58jJAJPi"
+let bootstrap2_sk =
+  Environment.Ed25519.Secret_key.of_b58check
+    "edskRkJz4Rw2rM5NtabEWMbbg2bF4b1nfFajaqEuEk4SgU7eeDbym9gVQtBTbYo32WUg2zb5sNBkD1whRN7zX43V9bftBbtaKc"
+let bootstrap3_sk =
+  Environment.Ed25519.Secret_key.of_b58check
+    "edskS3qsqsNgdjUqeMsVcEwBn8dkZ5iDRz6aF21KhcCtRiAkWBypUSbicccR4Vgqm9UdW2Vabuos6seezqgbXTrmcbLUG4rdAC"
+let bootstrap4_sk =
+  Environment.Ed25519.Secret_key.of_b58check
+    "edskRg9qcPqaVQa6jXWNMU5p71tseSuR7NzozgqZ9URsVDi81wTyPJdFSBdeakobyHUi4Xgu61jgKRQvkhXrPmEdEUfiqfiJFL"
+let bootstrap5_sk =
+  Environment.Ed25519.Secret_key.of_b58check
+    "edskS7rLN2Df3nbS1EYvwJbWo4umD7yPM1SUeX7gp1WhCVpMFXjcCyM58xs6xsnTsVqHQmJQ2RxoAjJGedWfvFmjQy6etA3dgZ"
+
 let switch_protocol () =
   let fitness =
     Client_embedded_proto_alpha.Fitness_repr.from_int64 0L in
@@ -89,21 +120,24 @@ let switch_protocol () =
     fitness genesis_sk
 
 let bootstrap_accounts () =
-  Client_proto_rpcs.Constants.bootstrap cctxt (`Head 0)
-  >>= fun accounts ->
   let cpt = ref 0 in
   Lwt.return
     (List.map
-       (fun { Bootstrap.public_key_hash ; public_key ; secret_key } ->
+       (fun (public_key, secret_key) ->
           incr cpt ;
           let name = Printf.sprintf "bootstrap%d" !cpt in
+          let public_key_hash = Environment.Ed25519.Public_key.hash public_key in
           { name ; contract = Contract.default_contract public_key_hash;
             public_key_hash ; public_key ; secret_key })
-       accounts)
+       [ bootstrap1_pk, bootstrap1_sk;
+         bootstrap2_pk, bootstrap2_sk;
+         bootstrap3_pk, bootstrap3_sk;
+         bootstrap4_pk, bootstrap4_sk;
+         bootstrap5_pk, bootstrap5_sk; ])
 
 let create_account name =
   let secret_key, public_key = Sodium.Sign.random_keypair () in
-  let public_key_hash = Environment.Ed25519.hash public_key in
+  let public_key_hash = Environment.Ed25519.Public_key.hash public_key in
   let contract = Contract.default_contract public_key_hash in
   Lwt.return { name ; contract ; public_key_hash ; public_key ; secret_key }