sign/bls: rejects aggregated signatures built with duplicated messages.#595
sign/bls: rejects aggregated signatures built with duplicated messages.#595armfazh merged 1 commit intocloudflare:mainfrom
Conversation
| // 1. If any two input messages are equal, return INVALID. | ||
| set := make(map[string]struct{}, len(msgs)) | ||
| for _, m := range msgs { | ||
| k := string(m) |
There was a problem hiding this comment.
a []byte type does not get native comparison (it has to use bytes.Equal), while string does.
There was a problem hiding this comment.
Is it guaranteed that bytes.Equal(x, y) if and only if string(x) == string(y) for all bytestrings x, y?
There was a problem hiding this comment.
interesting, the code now encodes the messages into string explictly.
another option is to hash messages, but more costly and collisions might happen.
There was a problem hiding this comment.
Ah I see. My concern now is that this might allocate a huge amount if messages are large.
I think the original string thing might be fine, actually. Go's string comparison is actually a byte comparison. And according to Gemini, Go's compiler avoids allocating for string(x) when it's only used for a map lookup.
The other option is you can do make(map[[32]byte]struct{}, len(msgs)), and use Blake3 or something fast for hashing. Blake3 is cryptographic, so collisions won't be an issue.
armfazh
force-pushed
the
bls_verification
branch
from
af92289 to
09bf70f
Compare
armfazh
force-pushed
the
bls_verification
branch
from
09bf70f to
e97b6e7
Compare
3 participants
AggregateVerify must reject attempts to verify aggregated signatures with duplicated messages.