Skip to content

Commit

Permalink
[WIP] Demo batch verification function
Browse files Browse the repository at this point in the history 
part of #614
  • Loading branch information
@Stebalien
Stebalien committed Aug 30, 2024
1 parent 0ebf539 commit 88fd68b
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 8 deletions.
2 changes: 1 addition & 1 deletion blssig/aggregation.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,6 @@ func (v *Verifier) Aggregate(pubkeys []gpbft.PubKey) (_agg gpbft.Aggregate, _err
}
return &aggregation{
mask: cmask,
scheme: v.scheme,
scheme: v.bdnScheme,
}, nil
}
55 changes: 48 additions & 7 deletions blssig/verifier.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,17 +10,20 @@ import (
"github.com/drand/kyber"
bls12381 "github.com/drand/kyber-bls12381"
"github.com/drand/kyber/pairing"
"github.com/drand/kyber/sign"
"github.com/drand/kyber/sign/bdn"
"github.com/drand/kyber/sign/bls"

Check failure on line 15 in blssig/verifier.go

View workflow job for this annotation

GitHub Actions / go-check / All 

"github.com/drand/kyber/sign/bls" is deprecated: This version is vulnerable to rogue public-key attack and the new version of the protocol should be used to make sure a signature aggregate cannot be verified by a forged key. You can find the protocol in kyber/sign/bdn. Note that only the aggregation is broken against the attack and a later version will merge bls and asmbls. (SA1019)
"go.opentelemetry.io/otel/metric"

"github.com/filecoin-project/go-f3/gpbft"
"github.com/filecoin-project/go-f3/internal/measurements"
)

type Verifier struct {
suite pairing.Suite
scheme *bdn.Scheme
keyGroup kyber.Group
suite pairing.Suite
bdnScheme *bdn.Scheme
blsScheme sign.AggregatableScheme
keyGroup kyber.Group

mu sync.RWMutex
pointCache map[string]kyber.Point
Expand All @@ -29,9 +32,9 @@ type Verifier struct {
func VerifierWithKeyOnG1() *Verifier {
suite := bls12381.NewBLS12381Suite()
return &Verifier{
suite: suite,
scheme: bdn.NewSchemeOnG2(suite),
keyGroup: suite.G1(),
suite: suite,
bdnScheme: bdn.NewSchemeOnG2(suite),
keyGroup: suite.G1(),
}
}

Expand Down Expand Up @@ -103,5 +106,43 @@ func (v *Verifier) Verify(pubKey gpbft.PubKey, msg, sig []byte) (_err error) {
return fmt.Errorf("unarshalling public key: %w", err)
}

return v.scheme.Verify(point, msg, sig)
return v.bdnScheme.Verify(point, msg, sig)
}

func (v *Verifier) BatchVerify(pubKeys []gpbft.PubKey, msgs [][]byte, sigs [][]byte) (_err error) {
defer func() {
status := measurements.AttrStatusSuccess
if _err != nil {
status = measurements.AttrStatusError

Check warning on line 116 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L112-L116 

Added lines #L112 - L116 were not covered by tests
}
if perr := recover(); perr != nil {
_err = fmt.Errorf("panicked validating batch signature: %v\n%s",
perr, string(debug.Stack()))
log.Error(_err)
status = measurements.AttrStatusPanic

Check warning on line 122 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L118-L122 

Added lines #L118 - L122 were not covered by tests
}
metrics.verify.Add(context.TODO(), 1, metric.WithAttributes(status))

Check warning on line 124 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L124 

Added line #L124 was not covered by tests
}()
if len(msgs) != len(sigs) {
return fmt.Errorf("number of signatures must match the number of messages")

Check warning on line 127 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L126-L127 

Added lines #L126 - L127 were not covered by tests
}

if len(pubKeys) != len(sigs) {
return fmt.Errorf("number of public keys must match the number of messages")

Check warning on line 131 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L130-L131 

Added lines #L130 - L131 were not covered by tests
}

points := make([]kyber.Point, len(msgs))
for i, pubKey := range pubKeys {
var err error
points[i], err = v.pubkeyToPoint(pubKey)
if err != nil {
return fmt.Errorf("unarshalling public key: %w", err)

Check warning on line 139 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L134-L139 

Added lines #L134 - L139 were not covered by tests
}
}
aggSig, err := v.blsScheme.AggregateSignatures(sigs...)
if err != nil {
return fmt.Errorf("aggregating signatures: %w", err)

Check warning on line 144 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L142-L144 

Added lines #L142 - L144 were not covered by tests
}

return bls.BatchVerify(v.suite, points, msgs, aggSig)

Check warning on line 147 in blssig/verifier.go

View check run for this annotation

Codecov / codecov/patch

blssig/verifier.go#L147 

Added line #L147 was not covered by tests
}

0 comments on commit 88fd68b

Please sign in to comment.