bls icon indicating copy to clipboard operation
bls copied to clipboard

Published 20 hours ago • verified publisher icon ChainSafe

BLS secret key validation is missing

Open dnkolegov opened this issue 3 years ago • 3 comments

Describe the bug The BLS spec requires that the secret key (SK) must be a uniformly random integer such that 1 <= SK < r. Where r is the order curve.

The last check is missing:

Expected behavior

Check that the provided SK < r.

dnkolegov avatar Jun 02 '21 13:06 dnkolegov

Thanks for looking into this! I think BLST takes care of that, but it would be good to add a test. Transfering to bls repo.

dapplion avatar Jun 03 '21 07:06 dapplion

The following test for SK = q+1 will pass and will not raise an exception.

describe("q+1 secret key", () => {
    const qHex = fromHex("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000002");
    const sk = bls.SecretKey.fromBytes(qHex);
    const msg = Buffer.from("sample-msg");
    const sig = sk.sign(msg);
    const pk = sk.toPublicKey();
    console.log(pk.toBytes())
    it("verify", () => {
      const valid = bls.verify(msg, pk, sig);
      expect(valid).to.equal(true);
    });
    
 });

dnkolegov avatar Jun 03 '21 11:06 dnkolegov

Feel free to do a PR with the test and a fix if you want! I can do the latter if you need help.

dapplion avatar Jun 03 '21 13:06 dapplion