Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BLSSignatureChecker::checkSignatures - document that msgHash parameter MUST be a hash, because it's otherwise treated as a point in G1 #172

Open
wadealexc opened this issue Feb 6, 2024 · 0 comments

Comments

@wadealexc
Copy link
Collaborator

From Middleware audit, item P2:

Clients of EigenLayer-middleware will call its main validation function, checkSignatures.

Clients should be careful to ensure that argument msgHash is indeed a hash (i.e., collision-resistant), and not directly controlled by an untrusted party. If the latter were to happen, multiple purported signed messages (likely garbage) could be validated. The reason is that the argument is being passed to function trySignatureAndApkVerification and eventually to hashToG1, which (despite its name) is not a collision-resistant hash function: it directly applies a modulo operation to its argument, before attempting to find a group element.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant