anza-xyz
diff --git a/‎Cargo.lock‎
Lines changed: 1 addition & 0 deletions b/‎Cargo.lock‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎bls-cert-verify/Cargo.toml‎
Lines changed: 2 additions & 1 deletion b/‎bls-cert-verify/Cargo.toml‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎dev-bins/Cargo.lock‎
Lines changed: 17 additions & 0 deletions b/‎dev-bins/Cargo.lock‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎programs/sbf/Cargo.lock‎
Lines changed: 17 additions & 0 deletions b/‎programs/sbf/Cargo.lock‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎runtime/Cargo.toml‎
Lines changed: 1 addition & 0 deletions b/‎runtime/Cargo.toml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎runtime/src/bank.rs‎
Lines changed: 24 additions & 0 deletions b/‎runtime/src/bank.rs‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎runtime/src/epoch_stakes.rs‎
Lines changed: 1 addition & 1 deletion b/‎runtime/src/epoch_stakes.rs‎
Lines changed: 1 addition & 1 deletion
@@ -28,7 +28,8 @@ wincode = { workspace = true }
 [dev-dependencies]
 # See order-crates-for-publishing.py for using this unusual `path = "."`
 agave-bls-cert-verify = { path = ".", features = ["agave-unstable-api", "dev-context-only-utils"] }
-agave-votor = { workspace = true }
+# See order-crates-for-publishing.py for using this unusual `path`
+agave-votor = { path = "../votor" }
 criterion = { workspace = true }
 solana-hash = { workspace = true }
 
 
@@ -51,6 +51,7 @@ frozen-abi = [
 shuttle-test = ["dep:shuttle"]
 
 [dependencies]
+agave-bls-cert-verify = { workspace = true }
 agave-feature-set = { workspace = true }
 agave-fs = { workspace = true }
 agave-precompiles = { workspace = true }
 
@@ -63,6 +63,7 @@ use {
         transaction_batch::{OwnedOrBorrowed, TransactionBatch},
     },
     accounts_lt_hash::{CacheValue as AccountsLtHashCacheValue, Stats as AccountsLtHashStats},
+    agave_bls_cert_verify::cert_verify::{self, Error as CertVerifyError},
     agave_feature_set::{
         self as feature_set, increase_cpi_account_info_limit, raise_cpi_nesting_limit_to_8,
         relax_programdata_account_check_migration, FeatureSet,
@@ -5163,6 +5164,29 @@ impl Bank {
         self.epoch_stakes.get(&epoch)
     }
 
+    /// Verify a BLS certificate's signature using this bank's epoch stakes.
+    ///
+    /// Returns (stake present in certificate, total stake in validator set) on success.
+    pub fn verify_certificate(
+        &self,
+        cert: &Certificate,
+    ) -> std::result::Result<(u64, u64), CertVerifyError> {
+        let slot = cert.cert_type.slot();
+        let epoch_stakes = self
+            .epoch_stakes_from_slot(slot)
+            .ok_or(CertVerifyError::MissingRankMap)?;
+        let key_to_rank_map = epoch_stakes.bls_pubkey_to_rank_map();
+        let total_stake = epoch_stakes.total_stake();
+
+        let stake = cert_verify::verify_certificate(cert, key_to_rank_map.len(), |rank| {
+            key_to_rank_map
+                .get_pubkey_stake_entry(rank)
+                .map(|entry| (entry.stake, entry.bls_pubkey))
+        })?;
+
+        Ok((stake, total_stake))
+    }
+
     pub fn epoch_stakes_map(&self) -> &HashMap<Epoch, VersionedEpochStakes> {
         &self.epoch_stakes
     }
 
@@ -36,7 +36,7 @@ pub struct BLSPubkeyStakeEntry {
 pub struct BLSPubkeyToRankMap {
     /// Mapping from validator [`BLSPubkey`] to rank.
     rank_map: HashMap<BLSPubkey, u16>,
-    /// Mapping from rank to validator [`(Pubkey, BLSPubkey)`].
+    /// Mapping from rank to [`BLSPubkeyStakeEntry`].
     //
     // TODO(wen): We can make sorted_pubkeys a Vec<BLSPubkey> after we remove ed25519
     // pubkey from the consensus pool.