-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Example - Centralized Telescope with BLS Signatures #114
base: main
Are you sure you want to change the base?
Conversation
examples/centralized_telescope.rs
Outdated
return false; | ||
} | ||
|
||
for sig in self.aggregate.valid_signatures.clone() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
since you are not modifying the valid_signatures
during iteration, it is more efficient and more idiomatic to use iter()
instead of clone()
, that is
if !self.aggregate.valid_signatures
.iter()
.all(|sig| sig.verify::<N>(&commitment, closed_registration))
{
return false;
}
This way, you are avoiding unnecessary cloning (better memory efficiency).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since all these signatures are BLS signatures you could batch verify them!
You could implement this in aggregate.rs
using blst's function
pub fn aggregate_verify(
&self,
sig_groupcheck: bool,
msgs: &[&[u8]],
dst: &[u8],
pks: &[&PublicKey],
pks_validate: bool,
) -> BLST_ERROR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good work!
Some suggestions here and there to simplify the code (usnig type alias instead of struct, merging impl block potentially...) and make it more efficient (not using maps but sets, batching the verification).
I think the example would improve in clarity if you rename the folder "threshold_signature" "aggregate_signature" as we are only using these signature list (from registered signers) to create a threshold signature in centralized_telescope.rs. Perhaps renaming centralized_telescope.rs "centralized_threshold.rs" also?
examples/centralized_telescope.rs
Outdated
return false; | ||
} | ||
|
||
for sig in self.aggregate.valid_signatures.clone() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since all these signatures are BLS signatures you could batch verify them!
You could implement this in aggregate.rs
using blst's function
pub fn aggregate_verify(
&self,
sig_groupcheck: bool,
msgs: &[&[u8]],
dst: &[u8],
pks: &[&PublicKey],
pks_validate: bool,
) -> BLST_ERROR
Thanks for working on this @curiecrypt! Do you need my review or @rrtoledo and @djetchev will be enough? |
Co-authored-by: Raphael <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this example is heavily inspired by Mithril which nice. The problem is, it is too advanced. I spent 30 minutes looking at it and I still don't have a good understanding. For people not familiar with alba, this would be even more difficult.
Some of the things that make it complicated are registration and commitments. I know it would be a big overhaul, but I think we could consider something simpler for the demo example. One idea is to implement a multisignature scheme defined in alba-definitions.pdf
that I shared yesterday on slack, Definition 3. There is no registration or commitments there and we would just implement four functions: KeyGen
, Sign
, Aggregate
, Verify
. Such an implementation would be under 100 lines of code.
What do you think?
Also, I definitely support changing the element size to 48 bytes to fit the signature. |
Content
This PR aims to provide a use case of the
centralized_telescope
scheme.It includes a threshold signature scheme to be used to create a centralized telescope proof.
/examples
is to directory to store examples we implement for the implemented schemes./examples/thresholdsignature
: A basic functionality for the threshold signature scheme is implemented./examples/thresholdsignature/signer
: A signer candidate is created. The candidate creates a signer after registration. A registered signer can generate a signature by signing the hash of the check sum of the closed registration and the message./examples/thresholdsignature/registration
: Key registration is done by using a simple hash map. Registration is closed by generating the checksum of the registered keys./examples/thresholdsignature/signature
: An individual signature is verified if its signer is registered. Furthermore, a valid individual signature can be converted to an element of theprover_set
by hashing it./examples/thresholdsignature/ aggregate
: Creates an aggregate signature by validating given individual signatures. It also creates theprover_set
by converting all valid signatures to elements./examples/centralized_telescope.rs
is the use case example for the centralized telescope.AlbaThresholdProof
stores the aggregate signature and the Alba proof.prover_set
.AlbaThresholdProof
is verified by first verifying the aggregate signature. If all checks are passed, the Alba proof is verified.The threshold signature scheme implemented for the centralized telescope can also be used for the latter Alba settings that we implement.
Pre-submit checklist
Comments
Only the working scheme is tested.
The cases where the threshold signature generation/verification fails could also be tested if needed.
Issue(s)
Closes #78