Missing check in public key aggregation #8
Labels
fix:bug
Something isn't working
type:enhancement
Issues concerning code or feature improvement (performance, refactoring, etc)
Milestone
Summary
From audit finding BLS-04:
For the same reasons as in BLS-03 (#7), the public key aggregation function
omits the identity check, though will do the subgroup check when
instantiated with
from_bytes()
:Likewise,
is_valid()
may be used, or justis_identity()
.Note that the signature aggregation does not require an identity check.
The text was updated successfully, but these errors were encountered: