Comments (13)
hmm, since the public key and signature groups are reversed, the message also needs to be an element of G1 instead of G2 (part hm = BLS.norm_p2h(message)
).
However, this library does not have a function to hash the elements of G1, so it will not be possible to verify the current situation.
I will implement it when I have time.
from bls12-381.
@tuminfei I released v0.3.0. you can use G2 public key and G1 signature with BLS#verify
.
from bls12-381.
These are the project libraries that I refer to
https://github.com/herumi/bls-go-binary/tree/master
https://github.com/dfinity/verify-bls-signatures
from bls12-381.
public_key_hash = "b31b406c9f6648695a88154ae2e4f5fe87883d4ad81c2844c5571b2d91d401cdd40836e763a7c18dccb84629b0d808f7142c3175bc8231dc09bd53637efd6f2568801385ec973d34e6eef9c8c8280a9f4a114163a43a8540941ba367f0c7cb28"
This is public key not public key hash?
from bls12-381.
der_key = check_delegation(delegation, canister_id, true)
public_key_hash = extract_der(der_key).str2hex
public_key = BLS::PointG1.from_hex(public_key_hash)
I did the conversion, converted to hash.
Do you mean that I use BLS::PointG1.from_hex this method wrong?
from bls12-381.
I can verify the signature by using the rust library or goLang library.
use ic_verify_bls_signature::*;
use rand::Rng;
fn test_bls_signature(
expected_result: bool,
sig: &'static str,
msg: &'static str,
key: &'static str,
) {
let sig = hex::decode(sig).expect("Invalid hex");
let msg = hex::decode(msg).expect("Invalid hex");
let key = hex::decode(key).expect("Invalid hex");
let result = verify_bls_signature(&sig, &msg, &key);
assert_eq!(expected_result, result.is_ok());
}
#[test]
fn verify_valid() {
// derived from agent-rs tests
test_bls_signature(
true,
"b1dd133edb8c9ee98e78449b5537e1b44e51d7807cbcf15b1f11eb08fc326da3a4e9b639131e985c01e27e1750ed7253",
"0d69632d73746174652d726f6f742b2c26a884dbe39b122a1e4bf9bec9fac8d92b6d8e9f6d03f35b0d78cb3c3e1c",
"b31b406c9f6648695a88154ae2e4f5fe87883d4ad81c2844c5571b2d91d401cdd40836e763a7c18dccb84629b0d808f7142c3175bc8231dc09bd53637efd6f2568801385ec973d34e6eef9c8c8280a9f4a114163a43a8540941ba367f0c7cb28");
}
from bls12-381.
I see. The above is just converting the public key to a hex value, not a hash. It is the public key itself.
In your case, the public key is 96 bytes and the signature is 48 bytes. Considering that both are compressed data, the public key would be the element on G2 not G1, and the signature would be the element on G1.
use ic_verify_bls_signature::*;
Please include the URL of the library that has above method.
from bls12-381.
I see. The above is just converting the public key to a hex value, not a hash. It is the public key itself.
In your case, the public key is 96 bytes and the signature is 48 bytes. Considering that both are compressed data, the public key would be the element on G2 not G1, and the signature would be the element on G1.
use ic_verify_bls_signature::*;
Please include the URL of the library that has above method.
https://github.com/dfinity/verify-bls-signatures
from bls12-381.
/// A BLS12-381 public key usable for signature verification
#[derive(Clone, Eq, PartialEq)]
pub struct PublicKey {
pk: G2Affine,
}
/// Deserialize a BLS12-381 public key
pub fn deserialize(bytes: &[u8]) -> Result<Self, InvalidPublicKey> {
let bytes: Result<[u8; Self::BYTES], _> = bytes.try_into();
match bytes {
Err(_) => Err(InvalidPublicKey::WrongLength),
Ok(b) => {
let pk = G2Affine::from_compressed(&b);
if bool::from(pk.is_some()) {
Ok(Self::new(pk.unwrap()))
} else {
Err(InvalidPublicKey::InvalidPoint)
}
}
}
}
It seems that it is a public key of G2
from bls12-381.
yes, so you need to use BLS::PointG2
not BLS::PointG1
for public key. But currently this library dose not support compressed format for BLS::PointG2
. Therefore, it is necessary to pass a public key in uncompressed format to BLS::PointG2#from_hex
.
from bls12-381.
Thank you so much. Also, how do I verify if I use the public key of G2?
def verify(signature, message, public_key)
p = BLS.norm_p1(public_key)
hm = BLS.norm_p2h(message)
g = PointG1::BASE
s = BLS.norm_p2(signature)
ephm = BLS.pairing(p.negate, hm, with_final_exp: false)
egs = BLS.pairing(g, s, with_final_exp: false)
exp = (egs * ephm).final_exponentiate
exp == Fq12::ONE
end
from bls12-381.
Looking forward to your update, thanks
from bls12-381.
Thank you for your support
from bls12-381.
Related Issues (1)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bls12-381.