BLS secret key validation is missing

ChainSafe / bls

💻 Javascript Implementation of Boneh-Lynn-Shacham Signatures

https://github.com/ethereum/eth2.0-specs/blob/v0.10.1/specs/phase0/beacon-chain.md#bls-signatures

Apache License 2.0

100 stars 19 forks source link

BLS secret key validation is missing #96

Open dnkolegov opened 3 years ago

dnkolegov commented 3 years ago

Describe the bug The BLS spec requires that the secret key (SK) must be a uniformly random integer such that 1 <= SK < r. Where r is the order curve.

The last check is missing:

Expected behavior

Check that the provided SK < r.

dapplion commented 3 years ago

Thanks for looking into this! I think BLST takes care of that, but it would be good to add a test. Transfering to bls repo.

dnkolegov commented 3 years ago

The following test for SK = q+1 will pass and will not raise an exception.

describe("q+1 secret key", () => {
    const qHex = fromHex("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000002");
    const sk = bls.SecretKey.fromBytes(qHex);
    const msg = Buffer.from("sample-msg");
    const sig = sk.sign(msg);
    const pk = sk.toPublicKey();
    console.log(pk.toBytes())
    it("verify", () => {
      const valid = bls.verify(msg, pk, sig);
      expect(valid).to.equal(true);
    });

 });

dapplion commented 3 years ago

Feel free to do a PR with the test and a fix if you want! I can do the latter if you need help.