mirror of
https://github.com/OffchainLabs/prysm.git
synced 2026-01-10 05:47:59 -05:00
Fix BLS Aggregation Method (#3269)
* lint * update to new method * fix all tests
This commit is contained in:
Nishant Das
@@ -991,7 +991,7 @@ go_repository(
|
||||
|
||||
go_repository(
|
||||
name = "com_github_phoreproject_bls",
|
||||
commit = "fb0e03c433000562a8f27e0e820667fd6c13d62b",
|
||||
commit = "da95d4798b09e9f45a29dc53124b2a0b4c1dfc13",
|
||||
importpath = "github.com/phoreproject/bls",
|
||||
)
|
||||
|
||||
|
||||
@@ -829,17 +829,23 @@ func VerifyIndexedAttestation(beaconState *pb.BeaconState, indexedAtt *ethpb.Ind
|
||||
pubkeys = append(pubkeys, pubkey)
|
||||
}
|
||||
|
||||
var msgs [][32]byte
|
||||
cus0 := &pb.AttestationDataAndCustodyBit{Data: indexedAtt.Data, CustodyBit: false}
|
||||
cus1 := &pb.AttestationDataAndCustodyBit{Data: indexedAtt.Data, CustodyBit: true}
|
||||
cus0Root, err := ssz.HashTreeRoot(cus0)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not tree hash att data and custody bit 0")
|
||||
if len(custodyBit0Indices) > 0 {
|
||||
cus0Root, err := ssz.HashTreeRoot(cus0)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not tree hash att data and custody bit 0")
|
||||
}
|
||||
msgs = append(msgs, cus0Root)
|
||||
}
|
||||
cus1Root, err := ssz.HashTreeRoot(cus1)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not tree hash att data and custody bit 1")
|
||||
if len(custodyBit1Indices) > 0 {
|
||||
cus1Root, err := ssz.HashTreeRoot(cus1)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not tree hash att data and custody bit 1")
|
||||
}
|
||||
msgs = append(msgs, cus1Root)
|
||||
}
|
||||
msgs := append(cus0Root[:], cus1Root[:]...)
|
||||
|
||||
sig, err := bls.SignatureFromBytes(indexedAtt.Signature)
|
||||
if err != nil {
|
||||
|
||||
@@ -23,7 +23,7 @@ import (
|
||||
"github.com/prysmaticlabs/go-ssz"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/cache/depositcache"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/db"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
blockchain "github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/p2p"
|
||||
pb "github.com/prysmaticlabs/prysm/proto/beacon/p2p/v1"
|
||||
ethpb "github.com/prysmaticlabs/prysm/proto/eth/v1alpha1"
|
||||
|
||||
@@ -15,7 +15,7 @@ import (
|
||||
"github.com/prometheus/client_golang/prometheus/promauto"
|
||||
"github.com/prysmaticlabs/go-ssz"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/db"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
blockchain "github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/operations"
|
||||
p2p "github.com/prysmaticlabs/prysm/beacon-chain/p2p"
|
||||
pb "github.com/prysmaticlabs/prysm/proto/beacon/p2p/v1"
|
||||
|
||||
@@ -8,7 +8,7 @@ import (
|
||||
ptypes "github.com/gogo/protobuf/types"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/db"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
blockchain "github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
pbp2p "github.com/prysmaticlabs/prysm/proto/beacon/p2p/v1"
|
||||
pb "github.com/prysmaticlabs/prysm/proto/beacon/rpc/v1"
|
||||
ethpb "github.com/prysmaticlabs/prysm/proto/eth/v1alpha1"
|
||||
|
||||
@@ -15,7 +15,7 @@ import (
|
||||
grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/cache"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/db"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
blockchain "github.com/prysmaticlabs/prysm/beacon-chain/deprecated-blockchain"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/operations"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/p2p"
|
||||
"github.com/prysmaticlabs/prysm/beacon-chain/sync"
|
||||
|
||||
@@ -109,10 +109,26 @@ func (s *Signature) Verify(msg []byte, pub *PublicKey, domain uint64) bool {
|
||||
return g1.VerifyWithDomain(bytesutil.ToBytes32(msg), pub.val, s.val, bytesutil.ToBytes8(b))
|
||||
}
|
||||
|
||||
// VerifyAggregate verifies each public key against a message.
|
||||
// VerifyAggregate verifies each public key against its respective message.
|
||||
// This is vulnerable to rogue public-key attack. Each user must
|
||||
// provide a proof-of-knowledge of the public key.
|
||||
func (s *Signature) VerifyAggregate(pubKeys []*PublicKey, msg []byte, domain uint64) bool {
|
||||
func (s *Signature) VerifyAggregate(pubKeys []*PublicKey, msg [][32]byte, domain uint64) bool {
|
||||
if len(pubKeys) == 0 {
|
||||
return false // Otherwise panic in VerifyAggregateCommonWithDomain.
|
||||
}
|
||||
var keys []*g1.PublicKey
|
||||
for _, v := range pubKeys {
|
||||
keys = append(keys, v.val)
|
||||
}
|
||||
b := make([]byte, 8)
|
||||
binary.BigEndian.PutUint64(b, domain)
|
||||
return s.val.VerifyAggregateWithDomain(keys, msg, bytesutil.ToBytes8(b))
|
||||
}
|
||||
|
||||
// VerifyAggregateCommon verifies each public key against its respective message.
|
||||
// This is vulnerable to rogue public-key attack. Each user must
|
||||
// provide a proof-of-knowledge of the public key.
|
||||
func (s *Signature) VerifyAggregateCommon(pubKeys []*PublicKey, msg []byte, domain uint64) bool {
|
||||
if len(pubKeys) == 0 {
|
||||
return false // Otherwise panic in VerifyAggregateCommonWithDomain.
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ func BenchmarkSignature_VerifyAggregate(b *testing.B) {
|
||||
|
||||
b.ResetTimer()
|
||||
for i := 0; i < b.N; i++ {
|
||||
if !aggregated.VerifyAggregate(pks, msg, domain) {
|
||||
if !aggregated.VerifyAggregateCommon(pks, msg, domain) {
|
||||
b.Fatal("could not verify aggregate sig")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,6 +36,25 @@ func TestSignVerify(t *testing.T) {
|
||||
}
|
||||
|
||||
func TestVerifyAggregate(t *testing.T) {
|
||||
pubkeys := make([]*bls.PublicKey, 0, 100)
|
||||
sigs := make([]*bls.Signature, 0, 100)
|
||||
var msgs [][32]byte
|
||||
for i := 0; i < 100; i++ {
|
||||
msg := [32]byte{'h', 'e', 'l', 'l', 'o', byte(i)}
|
||||
priv, _ := bls.RandKey(rand.Reader)
|
||||
pub := priv.PublicKey()
|
||||
sig := priv.Sign(msg[:], 0)
|
||||
pubkeys = append(pubkeys, pub)
|
||||
sigs = append(sigs, sig)
|
||||
msgs = append(msgs, msg)
|
||||
}
|
||||
aggSig := bls.AggregateSignatures(sigs)
|
||||
if !aggSig.VerifyAggregate(pubkeys, msgs, 0) {
|
||||
t.Error("Signature did not verify")
|
||||
}
|
||||
}
|
||||
|
||||
func TestVerifyAggregateCommon(t *testing.T) {
|
||||
pubkeys := make([]*bls.PublicKey, 0, 100)
|
||||
sigs := make([]*bls.Signature, 0, 100)
|
||||
msg := []byte("hello")
|
||||
@@ -47,7 +66,7 @@ func TestVerifyAggregate(t *testing.T) {
|
||||
sigs = append(sigs, sig)
|
||||
}
|
||||
aggSig := bls.AggregateSignatures(sigs)
|
||||
if !aggSig.VerifyAggregate(pubkeys, msg, 0) {
|
||||
if !aggSig.VerifyAggregateCommon(pubkeys, msg, 0) {
|
||||
t.Error("Signature did not verify")
|
||||
}
|
||||
}
|
||||
@@ -58,7 +77,7 @@ func TestVerifyAggregate_ReturnsFalseOnEmptyPubKeyList(t *testing.T) {
|
||||
msg := []byte("hello")
|
||||
|
||||
aggSig := bls.AggregateSignatures(sigs)
|
||||
if aggSig.VerifyAggregate(pubkeys, msg, 0 /*domain*/) != false {
|
||||
if aggSig.VerifyAggregateCommon(pubkeys, msg, 0 /*domain*/) != false {
|
||||
t.Error("Expected VerifyAggregate to return false with empty input " +
|
||||
"of public keys.")
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user