use feature verify-signature instead of no-verify-signature

Author: hanabi1224

.github/workflows/ci.yml

@@ -28,7 +28,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-latest, macos-latest]
-        name: [build, check-m2-native, check-clippy, test-fvm, test, integration, conformance, calibration]
+        name: [build, check-m2-native, check-clippy, check-clippy-verify-signature, test-fvm, test, integration, conformance, calibration]
         include:
           - name: build
             key: v3
@@ -47,11 +47,11 @@ jobs:
             command: clippy
             # we disable default features because rust will otherwise unify them and turn on opencl in CI.
             args: --all --all-targets --no-default-features
-          - name: check-clippy(no-verify-signature)
+          - name: check-clippy-verify-signature
             key: v3
             command: clippy
             # we disable default features because rust will otherwise unify them and turn on opencl in CI.
-            args: --all --all-targets --no-default-features --features no-verify-signature
+            args: --all --all-targets --no-default-features --features verify-signature
           - name: test-fvm
             key: v3-cov
             push: true

fvm/Cargo.toml

@@ -48,7 +48,7 @@ fvm = { path = ".", features = ["testing"], default-features = false }
 coverage-helper = { workspace = true }
 
 [features]
-default = ["opencl"]
+default = ["opencl", "verify-signature"]
 opencl = ["filecoin-proofs-api/opencl"]
 cuda = ["filecoin-proofs-api/cuda"]
 cuda-supraseal = ["filecoin-proofs-api/cuda-supraseal"]
@@ -58,7 +58,7 @@ m2-native = []
 upgrade-actor = []
 gas_calibration = []
 nv23-dev = []
-# Use this feature to remove `verify_signature` syscall that is supposed to be removed by FIP-0079,
+# Use this feature to keep `verify_signature` syscall that is supposed to be removed by FIP-0079,
 # The current implementation keeps it by default for backward compatibility reason.
 # See <https://github.com/filecoin-project/ref-fvm/issues/2001>
-no-verify-signature = []
+verify-signature = []

fvm/src/kernel/default.rs

@@ -573,7 +573,7 @@ impl<C> CryptoOps for DefaultKernel<C>
 where
     C: CallManager,
 {
-    #[cfg(not(feature = "no-verify-signature"))]
+    #[cfg(feature = "verify-signature")]
     fn verify_signature(
         &self,
         sig_type: SignatureType,

fvm/src/kernel/mod.rs

@@ -220,7 +220,7 @@ pub trait ActorOps {
     fn balance_of(&self, actor_id: ActorID) -> Result<TokenAmount>;
 }
 
-#[cfg(not(feature = "no-verify-signature"))]
+#[cfg(feature = "verify-signature")]
 /// Cryptographic primitives provided by the kernel.
 #[delegatable_trait]
 pub trait CryptoOps {
@@ -263,7 +263,7 @@ pub trait CryptoOps {
     fn hash(&self, code: u64, data: &[u8]) -> Result<Multihash>;
 }
 
-#[cfg(feature = "no-verify-signature")]
+#[cfg(not(feature = "verify-signature"))]
 /// Cryptographic primitives provided by the kernel.
 #[delegatable_trait]
 pub trait CryptoOps {

fvm/src/syscalls/crypto.rs

@@ -12,7 +12,7 @@ use crate::{
     syscall_error,
 };
 
-#[cfg(not(feature = "no-verify-signature"))]
+#[cfg(feature = "verify-signature")]
 /// Verifies that a signature is valid for an address and plaintext.
 ///
 /// The return i32 indicates the status code of the verification:

fvm/src/syscalls/mod.rs

@@ -315,7 +315,7 @@ where
         if cfg!(feature = "m2-native") {
             linker.link_syscall("actor", "install_actor", actor::install_actor)?;
         }
-        #[cfg(not(feature = "no-verify-signature"))]
+        #[cfg(feature = "verify-signature")]
         linker.link_syscall("crypto", "verify_signature", crypto::verify_signature)?;
         linker.link_syscall(
             "crypto",

sdk/Cargo.toml

@@ -21,10 +21,10 @@ fvm_shared = { workspace = true }
 fvm_ipld_encoding = { workspace = true }
 
 [features]
-default = []
+default = ["verify-signature"]
 m2-native = []
 upgrade-actor = []
-# Use this feature to remove `verify_signature` syscall that is supposed to be removed by FIP-0079,
+# Use this feature to keep `verify_signature` syscall that is supposed to be removed by FIP-0079,
 # The current implementation keeps it by default for backward compatibility reason.
 # See <https://github.com/filecoin-project/ref-fvm/issues/2001>
-no-verify-signature = []
+verify-signature = []

sdk/src/crypto.rs

@@ -21,7 +21,7 @@ use num_traits::FromPrimitive;
 
 use crate::{status_code_to_bool, sys, SyscallResult};
 
-#[cfg(not(feature = "no-verify-signature"))]
+#[cfg(feature = "verify-signature")]
 /// Verifies that a signature is valid for an address and plaintext.
 ///
 /// NOTE: This only supports f1 and f3 addresses.
@@ -47,7 +47,7 @@ pub fn verify_signature(
     }
 }
 
-#[cfg(feature = "no-verify-signature")]
+#[cfg(not(feature = "verify-signature"))]
 /// Verifies that a signature is valid for an address and plaintext.
 ///
 /// NOTE: This only supports f1 and f3 addresses.

sdk/src/sys/crypto.rs

@@ -28,7 +28,7 @@ super::fvm_syscalls! {
     /// | Error               | Reason                                               |
     /// |---------------------|------------------------------------------------------|
     /// | [`IllegalArgument`] | signature, address, or plaintext buffers are invalid |
-    #[cfg(not(feature = "no-verify-signature"))]
+    #[cfg(feature = "verify-signature")]
     pub fn verify_signature(
         sig_type: u32,
         sig_off: *const u8,

testing/test_actors/actors/fil-syscall-actor/Cargo.toml

@@ -17,4 +17,4 @@ crate-type = ["cdylib"] ## cdylib is necessary for Wasm build
 
 [features]
 coverage = ["minicov"]
-no-verify-signature = ["fvm_sdk/no-verify-signature"]
+verify-signature = ["fvm_sdk/verify-signature"]

testing/test_actors/actors/fil-syscall-actor/src/actor.rs

@@ -98,7 +98,7 @@ fn test_secp_signature() {
     // test that calling sdk::sys::crypto::verify_signature with invalid parameters result
     // in correct error value
     //
-    #[cfg(not(feature = "no-verify-signature"))]
+    #[cfg(feature = "verify-signature")]
     unsafe {
         let sig_type = signature.signature_type();
         let sig_bytes = signature.bytes();

testing/test_actors/build.rs

@@ -99,13 +99,13 @@ fn main() -> Result<(), Box<dyn Error>> {
         .expect("failed to write to manifest");
     }
 
-    // Generate syscall actor with no-verify-signature feature.
+    // Generate syscall actor with verify-signature feature.
     {
         let (var, pkg) = ("SYSCALL_ACTOR_BINARY_FIP0079", "fil_syscall_actor");
         let mut cmd = Command::new(cargo);
         cmd.arg("build")
             .arg(format!("-p={pkg}"))
-            // .arg(format!("--features=no-verify-signature"))
+            .arg("--features=verify-signature")
             .arg(format!("--target={WASM_TARGET}"))
             .arg("--profile=wasm")
             .arg("--locked")