Skip to content

BLS12381 scheme lacks subgroup check in v1.13.15 #376

New issue
New issue
Closed
Closed
BLS12381 scheme lacks subgroup check in v1.13.15#376
Assignees
txhsl
Labels
antimevEverything related to anti-mev featuresenhancementNew feature or request
Milestone
v0.4.1
@txhsl

Description

@txhsl
txhsl
opened on Dec 26, 2024

Rationale

The current Geth version v1.13.15 we are using doesn't perform subgroup check, only expect before bls12381Pairing. Ethereum introduced this fix through ethereum/EIPs#8456, and finally implemented in v1.14.2 through ethereum/go-ethereum#29637.

Implementation

Since we are using Consensys/gnark-crypto for most of the encoding/decoding, the BLS signature and Envelope transaction are well-checked, so that no need to update.

But the EVM format related decoding only checks IsOnCurve(). This happens in decodePointG1() and decodePointG2() of both EVM precompiles and DKG.

I'm going to add BLS12381 subgroup check to our crypto/tpke, but leave the code in core/vm/contracts.go for v1.14.2 upgrade.

Metadata

Metadata

Assignees

Labels

antimevEverything related to anti-mev featuresenhancementNew feature or request

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions