Merge #15: BIP Halfagg: Fix two inconsistencies

jonasnick · jonasnick · commit 5f3c9553582c · 2024-02-02T19:50:55.000Z
c3236ba BIP Halfagg: Match IncAggregate signature in Aggregate (Fabian Jahr) 544f123 Hacspec Halfagg: Match BIP340 challenge input to BIP (Fabian Jahr) Pull request description: ACKs for top commit: real-or-random: utACK c3236ba jonasnick: ACK c3236ba Tree-SHA512: 0e7f212a4c20c55757d6f29cf091c3ef6c444d0d10d10267191ddeeedddcb5638e577aa1f9d1b547b69a7d86c280d428bff8633f4bacdaa19aeb9776e46573f8
diff --git a/hacspec-halfagg/src/halfagg.rs b/hacspec-halfagg/src/halfagg.rs
@@ -120,7 +120,7 @@ pub fn verify_aggregate(aggsig: &AggSig, pm_aggd: &Seq<(PublicKey, Message)>) ->
             VerifyResult::Err(Error::InvalidSignature)?;
         }
         let r = r_res.unwrap();
-        let e = scalar_from_bytes(hash_challenge(rx, bytes_from_point(p), msg));
+        let e = scalar_from_bytes(hash_challenge(rx, pk, msg));
         pmr[i] = (pk, msg, rx);
         let z = randomizer(&pmr, i);
         terms[2 * i] = (z, r);
diff --git a/half-aggregation.mediawiki b/half-aggregation.mediawiki
@@ -123,7 +123,8 @@ Input:
 
 '''''Aggregate(pms<sub>0..u-1</sub>)''''':
 * Let ''aggsig = bytes(0)''
-* Return ''IncAggregate(aggsig, pms<sub>0..u-1</sub>)''; fail if that fails.
+* Let ''pm_aggd'' be an empty array
+* Return ''IncAggregate(aggsig, pm_aggd, pms<sub>0..u-1</sub>)''; fail if that fails.
 
 ==== IncAggregate ====
 

Original file line number	Diff line number	Diff line change
`@@ -120,7 +120,7 @@ pub fn verify_aggregate(aggsig: &AggSig, pm_aggd: &Seq<(PublicKey, Message)>) ->`
`120`	`120`	`VerifyResult::Err(Error::InvalidSignature)?;`
`121`	`121`	`}`
`122`	`122`	`let r = r_res.unwrap();`
`123`		`- let e = scalar_from_bytes(hash_challenge(rx, bytes_from_point(p), msg));`
	`123`	`+ let e = scalar_from_bytes(hash_challenge(rx, pk, msg));`
`124`	`124`	`pmr[i] = (pk, msg, rx);`
`125`	`125`	`let z = randomizer(&pmr, i);`
`126`	`126`	`terms[2 * i] = (z, r);`