From 354e58a9efabb79624886b92fde56784e6ec765c Mon Sep 17 00:00:00 2001 From: Chih Cheng Liang Date: Thu, 20 Aug 2020 22:37:21 +0800 Subject: [PATCH 1/2] Fix error message of p2 subgroup check --- eth/precompiles/ecpairing.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eth/precompiles/ecpairing.py b/eth/precompiles/ecpairing.py index 6d435e6562..f0ab771c54 100644 --- a/eth/precompiles/ecpairing.py +++ b/eth/precompiles/ecpairing.py @@ -101,7 +101,7 @@ def _process_point(data_buffer: bytes, exponent: int) -> bn128.FQP: raise ValidationError("point is not on curve") if bn128.multiply(p2, bn128.curve_order)[-1] != bn128.FQ2.zero(): - raise ValidationError("TODO: what case is this?????") + raise ValidationError("Point is not in correct subgroup") return exponent * bn128.pairing(FQP_point_to_FQ2_point(p2), p1, final_exponentiate=False) From cad831a0a2423af29deba868e48bb3bd1160516e Mon Sep 17 00:00:00 2001 From: Chih Cheng Liang Date: Thu, 20 Aug 2020 22:37:42 +0800 Subject: [PATCH 2/2] add p1 subgroup check --- eth/_utils/bn128.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/eth/_utils/bn128.py b/eth/_utils/bn128.py index a1a31a4092..a14d315a8e 100644 --- a/eth/_utils/bn128.py +++ b/eth/_utils/bn128.py @@ -25,6 +25,8 @@ def validate_point(x: int, y: int) -> Tuple[bn128.FQ, bn128.FQ, bn128.FQ]: p1 = (FQ(x), FQ(y), FQ(1)) if not bn128.is_on_curve(p1, bn128.b): raise ValidationError("Point is not on the curve") + if bn128.multiply(p1, bn128.curve_order)[-1] != FQ.zero(): + raise ValidationError("Point is not in correct subgroup") else: p1 = (FQ(1), FQ(1), FQ(0))