Add verification of BLS short signatures #74
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Yes, that should work. Keygen and sig gen would also be great! |
|
This is ready for review |
|
thanks |
|
@randombit could you also update README docs, please? |
|
@paulmillr Sure, I will open another PR on Monday. Thanks for the fast merge! |
OKEAMAH
added a commit
to OKEAMAH/ethers.js
that referenced
this pull request
Aug 19, 2024
 <h3>Snyk has created this PR to upgrade @noble/curves from 1.2.0 to 1.4.2.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **4 versions** ahead of your current version. - The recommended version was released on **a month ago**. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>@noble/curves</b></summary> <ul> <li> <b>1.4.2</b> - <a href="https://github.com/paulmillr/noble-curves/releases/tag/1.4.2">2024-07-01</a></br><ul> <li>Typescript build: revert target from ES2022 to ES2020 due to compat issues</li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/paulmillr/noble-curves/compare/1.4.1...1.4.2"><tt>1.4.1...1.4.2</tt></a></p> </li> <li> <b>1.4.1</b> - <a href="https://github.com/paulmillr/noble-curves/releases/tag/1.4.1">2024-07-01</a></br><ul> <li>bls12-381: Add mapToCurve; fix typescript types</li> <li>ed25519, utils: Improve tree-shaking</li> <li>Typescript build: emit separate type declarations for ESM, to improve compatibility</li> <li>Typescript build: change target from ES2020 to ES2022</li> </ul> <h2>New Contributors</h2> <ul> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/carleeto/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/carleeto">@ carleeto</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2204585940" data-permission-text="Title is private" data-url="paulmillr/noble-curves#133" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/133/hovercard" href="https://github.com/paulmillr/noble-curves/pull/133">#133</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/paulmillr/noble-curves/compare/1.4.0...1.4.1"><tt>1.4.0...1.4.1</tt></a></p> </li> <li> <b>1.4.0</b> - <a href="https://github.com/paulmillr/noble-curves/releases/tag/1.4.0">2024-03-14</a></br><ul> <li>Fix verification of BLS short signatures when using hex</li> <li>Fix types in hash-to-field and weierstrass Entropy</li> <li>Update noble-hashes <a href="https://github.com/paulmillr/noble-hashes/releases/tag/1.4.0">to v1.4</a>, adding support for Big-Endian platforms</li> <li>Small utilities refactor to reduce code duplication</li> <li>tsconfig improvements</li> </ul> <h2>New Contributors</h2> <ul> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ardislu/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ardislu">@ ardislu</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2091950555" data-permission-text="Title is private" data-url="paulmillr/noble-curves#110" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/110/hovercard" href="https://github.com/paulmillr/noble-curves/pull/110">#110</a></li> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhrubabasu/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhrubabasu">@ dhrubabasu</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2139607575" data-permission-text="Title is private" data-url="paulmillr/noble-curves#117" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/117/hovercard" href="https://github.com/paulmillr/noble-curves/pull/117">#117</a></li> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/xrchz/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/xrchz">@ xrchz</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2174811602" data-permission-text="Title is private" data-url="paulmillr/noble-curves#129" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/129/hovercard" href="https://github.com/paulmillr/noble-curves/pull/129">#129</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/paulmillr/noble-curves/compare/1.3.0...1.4.0"><tt>1.3.0...1.4.0</tt></a></p> </li> <li> <b>1.3.0</b> - <a href="https://github.com/paulmillr/noble-curves/releases/tag/1.3.0">2023-12-11</a></br><ul> <li>BLS: <ul> <li>Add support for short signatures. Short sigs allow using G1 as sig and G2 as pubkeys, instead of wise-versa.</li> <li>Contributed by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/randombit/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/randombit">@ randombit</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1857210226" data-permission-text="Title is private" data-url="paulmillr/noble-curves#74" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/74/hovercard" href="https://github.com/paulmillr/noble-curves/pull/74">#74</a></li> <li>Refactor mask-bit settings, improve encoding resiliency</li> </ul> </li> <li>ed25519, ed448: implement <code>Group</code> interface for <code>DecafPoint</code> and <code>RistrettoPoint</code> by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/sublimator/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/sublimator">@ sublimator</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1904561201" data-permission-text="Title is private" data-url="paulmillr/noble-curves#85" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/85/hovercard" href="https://github.com/paulmillr/noble-curves/pull/85">#85</a></li> <li>ed448: Fix x448 private keys, to be 56 bytes, not 57</li> <li>weierstrass: fix <code>weierstrassPoints</code> missing CURVE object by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/secure12/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/secure12">@ secure12</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1938367323" data-permission-text="Title is private" data-url="paulmillr/noble-curves#92" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/92/hovercard" href="https://github.com/paulmillr/noble-curves/pull/92">#92</a></li> <li>utils: <ul> <li><code>hexToBytes</code>: speed-up 6x, improve error formatting by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/arobsn/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/arobsn">@ arobsn</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1895299733" data-permission-text="Title is private" data-url="paulmillr/noble-curves#83" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/83/hovercard" href="https://github.com/paulmillr/noble-curves/pull/83">#83</a></li> <li><code>isBytes</code>: improve reliability in bad environments such as jsdom</li> <li><code>concatBytes</code>: improve safety by early-checking the type</li> <li><code>equalBytes</code>: make constant-time</li> </ul> </li> <li>Bump noble-hashes to <a href="https://github.com/paulmillr/noble-hashes/releases/tag/1.3.3">1.3.3</a></li> <li>Bump typescript version used to build the package to 5.3.2</li> </ul> <h2>New Contributors</h2> <ul> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/randombit/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/randombit">@ randombit</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1857210226" data-permission-text="Title is private" data-url="paulmillr/noble-curves#74" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/74/hovercard" href="https://github.com/paulmillr/noble-curves/pull/74">#74</a></li> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/arobsn/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/arobsn">@ arobsn</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1895299733" data-permission-text="Title is private" data-url="paulmillr/noble-curves#83" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/83/hovercard" href="https://github.com/paulmillr/noble-curves/pull/83">#83</a></li> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/secure12/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/secure12">@ secure12</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1938367323" data-permission-text="Title is private" data-url="paulmillr/noble-curves#92" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/92/hovercard" href="https://github.com/paulmillr/noble-curves/pull/92">#92</a></li> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/yhc125/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/yhc125">@ yhc125</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1945514191" data-permission-text="Title is private" data-url="paulmillr/noble-curves#93" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/93/hovercard" href="https://github.com/paulmillr/noble-curves/pull/93">#93</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/paulmillr/noble-curves/compare/1.2.0...1.3.0"><tt>1.2.0...1.3.0</tt></a></p> </li> <li> <b>1.2.0</b> - <a href="https://github.com/paulmillr/noble-curves/releases/tag/1.2.0">2023-08-23</a></br><ul> <li>ed448: add decaf448 support</li> <li>weierstrass: improve security of random private keys<br> by decreasing bias from <code>2^-64</code> to <code>2^-curve_security_level</code></li> <li>weierstrass: allow extraEntropy to take any amount of bytes</li> <li>poseidon: improve security, make sboxPower mandatory and prohibit values other than 3, 5, 7; prohibit odd roundsFull</li> <li>hash-to-curve: allow string and Uint8Array DSTs</li> <li>tree-shaking improvements: add <code>sideEffects: false</code> to package.json,<br> add pure annotations to ed25519</li> <li>update noble-hashes to <a href="https://github.com/paulmillr/noble-hashes/releases/tag/1.3.2">1.3.2</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/stknob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/stknob">@ stknob</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1772904613" data-permission-text="Title is private" data-url="paulmillr/noble-curves#59" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/59/hovercard" href="https://github.com/paulmillr/noble-curves/pull/59">#59</a></li> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mahnunchik/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mahnunchik">@ mahnunchik</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1760879918" data-permission-text="Title is private" data-url="paulmillr/noble-curves#56" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/56/hovercard" href="https://github.com/paulmillr/noble-curves/pull/56">#56</a></li> <li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/steveluscher/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/steveluscher">@ steveluscher</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1782908940" data-permission-text="Title is private" data-url="paulmillr/noble-curves#62" data-hovercard-type="pull_request" data-hovercard-url="/paulmillr/noble-curves/pull/62/hovercard" href="https://github.com/paulmillr/noble-curves/pull/62">#62</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/paulmillr/noble-curves/compare/1.1.0...1.2.0"><tt>1.1.0...1.2.0</tt></a></p> </li> </ul> from <a href="https://github.com/paulmillr/noble-curves/releases">@noble/curves GitHub release notes</a> </details> </details> --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIyOGRiMDgxMy03OTIyLTQ1YjMtODEzYy04OGIzM2MxNzkwMDAiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjI4ZGIwODEzLTc5MjItNDViMy04MTNjLTg4YjMzYzE3OTAwMCJ9fQ==" width="0" height="0"/> > - 🧐 [View latest project report](https://app.snyk.io/org/okeamah/project/79f5fe07-5650-42a8-a92c-0ae46036ffc8?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates) > - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/okeamah/project/79f5fe07-5650-42a8-a92c-0ae46036ffc8/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/okeamah/project/79f5fe07-5650-42a8-a92c-0ae46036ffc8/settings/integration?pkg=&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"","from":"noble/curves","to":"noble/curves"}],"env":"prod","hasFixes":false,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[],"prId":"28db0813-7922-45b3-813c-88b33c179000","prPublicId":"28db0813-7922-45b3-813c-88b33c179000","packageManager":"npm","priorityScoreList":[],"projectPublicId":"79f5fe07-5650-42a8-a92c-0ae46036ffc8","projectUrl":"https://app.snyk.io/org/okeamah/project/79f5fe07-5650-42a8-a92c-0ae46036ffc8?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2024-07-01T15:29:19.878Z"},"vulns":[]}) --->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi!
I work on a system that uses BLS with short signatures (ie signatures in G1 and public keys in G2). We'd like to be able to use this library to verify such signatures.
Does my current change seem like the general direction of something you would accept? If so I will add also aggregation support, and of course tests. (And also if you want, keygen and signature generation - I don't think we need those but if you want them for parity that certainly is understandable.)
If the approach I'm taking here is not what you would want, just let me know what you're looking for and I'll do that instead!
Related - #64