Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Partial Signature Verification Aggregation #46

Merged
merged 4 commits into from
Mar 30, 2024
Merged

Partial Signature Verification Aggregation #46

merged 4 commits into from
Mar 30, 2024
+122 −0

Conversation

MatheusFranco99
Copy link
Contributor

@MatheusFranco99 MatheusFranco99 commented Mar 19, 2024
edited
Loading

This SIP attempts to reduce the current cost of signature verification. Specifically, it boosts the partial signature steps, in which a quorum is needed to trigger some action. To accomplish that, it proposes performing a single BLS verification on the reconstructed signatures only when a quorum is reached.

The SIP is based on discussion #38.

@MatheusFranco99 MatheusFranco99 self-assigned this Mar 19, 2024
GalRogozinski
GalRogozinski requested changes Mar 19, 2024
View reviewed changes
sips/reduce_signatures_no_fork.md Outdated
A partial signature message implies one RSA verification (in the message validation layer) and two BLS verifications (for `SignedPartialSignatureMessage` and `PartialSignatureMessage`). Notice that two signatures are used to verify that the sender is correct and one is used to verify if the (same) sender correctly signed the beacon partial signature. Therefore, we can, simply, ignore the first BLS signature since the RSA signature is already being checked.

> [!NOTE]
> Since we want a no-fork change, one must still BLS-sign twice to be compatible with the previous version.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is still a rogue key attack vector here ;-\

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How is that? Can you give an example?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't an attacker put a bad sig on the first BLS check simply?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it can. But let's say one malicious operator creates an invalid signature on the SignedPartialSignatureMessage. What is the attack outcome in generating an inconsistent state?

sips/reduce_signatures_no_fork.md Outdated Show resolved Hide resolved
@MatheusFranco99 MatheusFranco99 mentioned this pull request Mar 21, 2024
Merged
4 tasks
@MatheusFranco99 MatheusFranco99 changed the title Reduce Signature with no fork - SIP Partial Signature Verification Aggregation Mar 27, 2024
@alonmuroch
Copy link
Contributor

Any projected gains from this? in terms of speed/ CPU/ etc?

@MatheusFranco99
Copy link
Contributor Author

@alonmuroch
This small change allows the cryptography cost to be reduced to 77% of the current value, a 1.3x boost.

@GalRogozinski GalRogozinski merged commit f271193 into main Mar 30, 2024
@GalRogozinski GalRogozinski deleted the reduce_signatures_no_fork branch March 30, 2024 20:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@GalRogozinski GalRogozinski GalRogozinski approved these changes

@liorrutenberg liorrutenberg liorrutenberg approved these changes

@moshe-blox moshe-blox moshe-blox approved these changes

@alonmuroch alonmuroch Awaiting requested review from alonmuroch

Assignees

@MatheusFranco99 MatheusFranco99

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@MatheusFranco99 @alonmuroch @GalRogozinski @liorrutenberg @moshe-blox