Skip to content

Commit

Permalink
Hash ticket before performing arithmetic
Browse files Browse the repository at this point in the history
To ensure no arithmetic properties leak from BLS-G2 affine compressed
representation.

Signed-off-by: Jakub Sztandera <[email protected]>
  • Loading branch information
Kubuxu committed Jul 7, 2024
1 parent b5674db commit c72178b
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion gpbft/gpbft.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"github.com/filecoin-project/go-bitfield"
rlepluslazy "github.com/filecoin-project/go-bitfield/rle"
"github.com/filecoin-project/go-f3/merkle"
"golang.org/x/crypto/blake2b"
"golang.org/x/xerrors"
)

Expand Down Expand Up @@ -1434,7 +1435,8 @@ func (c *convergeState) FindMaxTicketProposal(table PowerTable) ConvergeValue {
for key, value := range c.values {
for _, ticket := range c.tickets[key] {
senderPower, _ := table.Get(ticket.Sender)
ticketAsInt := new(big.Int).SetBytes(ticket.Ticket)
ticketHash := blake2b.Sum256(ticket.Ticket)
ticketAsInt := new(big.Int).SetBytes(ticketHash[:])
weightedTicket := new(big.Int).Mul(ticketAsInt, big.NewInt(int64(senderPower)))
if maxTicket == nil || weightedTicket.Cmp(maxTicket) > 0 {
maxTicket = weightedTicket
Expand Down

0 comments on commit c72178b

Please sign in to comment.