From 05cc60d638f90d784d8ed39a8053e6ecf9ed31ee Mon Sep 17 00:00:00 2001
From: Chih Cheng Liang <chihchengliang@gmail.com>
Date: Wed, 3 Jul 2019 19:18:37 +0800
Subject: [PATCH] fix chia bls invalid private key range

---
 eth2/_utils/bls_bindings/chia_network/api.py              | 8 +++++++-
 .../forks/test_serenity_block_validation.py               | 4 ++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/eth2/_utils/bls_bindings/chia_network/api.py b/eth2/_utils/bls_bindings/chia_network/api.py
index 4d34531f91..da92cfd536 100644
--- a/eth2/_utils/bls_bindings/chia_network/api.py
+++ b/eth2/_utils/bls_bindings/chia_network/api.py
@@ -14,6 +14,10 @@
     ValidationError,
 )
 
+from py_ecc.optimized_bls12_381 import (
+    curve_order,
+)
+
 
 def _privkey_int_to_bytes(privkey: int) -> bytes:
     return privkey.to_bytes(bls_chia.PrivateKey.PRIVATE_KEY_SIZE, "big")
@@ -35,6 +39,9 @@ def sign(message_hash: Hash32,
 
 
 def privtopub(k: int) -> BLSPubkey:
+    if k <= 0 or k >= curve_order:
+        raise ValidationError(f"Expect integer between 0 and {curve_order}, got {k}")
+
     privkey_chia = bls_chia.PrivateKey.from_bytes(_privkey_int_to_bytes(k))
     return cast(BLSPubkey, privkey_chia.get_public_key().serialize())
 
@@ -74,7 +81,6 @@ def verify_multiple(pubkeys: Sequence[BLSPubkey],
                     message_hashes: Sequence[Hash32],
                     signature: BLSSignature,
                     domain: int) -> bool:
-
     len_msgs = len(message_hashes)
 
     if len(pubkeys) != len_msgs:
diff --git a/tests/eth2/core/beacon/state_machines/forks/test_serenity_block_validation.py b/tests/eth2/core/beacon/state_machines/forks/test_serenity_block_validation.py
index 9de9e4cda9..36e12030e5 100644
--- a/tests/eth2/core/beacon/state_machines/forks/test_serenity_block_validation.py
+++ b/tests/eth2/core/beacon/state_machines/forks/test_serenity_block_validation.py
@@ -77,8 +77,8 @@ def test_validate_block_slot(sample_beacon_state_params,
     'slots_per_epoch, shard_count,'
     'proposer_privkey, proposer_pubkey, is_valid_signature',
     (
-        (5, 2, 0, bls.privtopub(0), True, ),
-        (5, 2, 0, bls.privtopub(0)[1:] + b'\x01', False),
+        (5, 2, 0, bls.privtopub(56), True, ),
+        (5, 2, 0, bls.privtopub(56)[1:] + b'\x01', False),
         (5, 2, 123, bls.privtopub(123), True),
         (5, 2, 123, bls.privtopub(123)[1:] + b'\x01', False),
     )