Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing check in public key aggregation #8

Closed
moCello opened this issue Feb 9, 2024 · 0 comments · Fixed by #11
Closed

Missing check in public key aggregation #8

moCello opened this issue Feb 9, 2024 · 0 comments · Fixed by #11
Assignees
@moCello
Labels
fix:bug Something isn't working type:enhancement Issues concerning code or feature improvement (performance, refactoring, etc)
Milestone
Mainnet

Comments

@moCello
Copy link
Member

moCello commented Feb 9, 2024

Summary

From audit finding BLS-04:

For the same reasons as in BLS-03 (#7), the public key aggregation function
omits the identity check, though will do the subgroup check when
instantiated with from_bytes():

    pub fn aggregate(&mut self, pks: &[PublicKey]) {
        #[cfg(feature = "parallel")]
        let iter = pks.par_iter();

        #[cfg(not(feature = "parallel"))]
        let iter = pks.iter();

        let sum: G2Projective = iter
            .map(|pk| dusk_bls12_381::G2Projective::from(pk.pk_t()))
            .sum();
        (self.0).0 = ((self.0).0 + sum).into();
    }

Likewise, is_valid() may be used, or just is_identity().

Note that the signature aggregation does not require an identity check.
@HDauven HDauven added fix:bug Something isn't working type:enhancement Issues concerning code or feature improvement (performance, refactoring, etc) labels Apr 10, 2024
@HDauven HDauven added this to the Mainnet milestone Apr 10, 2024
moCello added a commit that referenced this issue Apr 23, 2024
@moCello
Add point validity check for pk-aggregation
70f36a7 
Resolves #8
moCello added a commit that referenced this issue Apr 23, 2024
@moCello
Add point validity check for pk-aggregation
e35fd09 
Resolves #8
@moCello moCello mentioned this issue Apr 23, 2024
Merged
moCello added a commit that referenced this issue Apr 23, 2024
@moCello
Add point validity check for pk-aggregation
f48a594 
Resolves #8
@moCello moCello mentioned this issue Apr 23, 2024
Closed
@ureeves ureeves mentioned this issue Apr 24, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@moCello moCello

Labels
fix:bug Something isn't working type:enhancement Issues concerning code or feature improvement (performance, refactoring, etc)
Projects
None yet
Milestone
Mainnet
Development

Successfully merging a pull request may close this issue.

Add point validity check for pk-aggregation dusk-network/bls12_381-bls
2 participants
@HDauven @moCello