-
Notifications
You must be signed in to change notification settings - Fork 47
Description
In #587 we added BLS signatures to cardano-base, this because Leios will need them. This issue suggest dropping
In the work that has been done, the proof of possession protocol followed the Leios paper. Where we roughly define (see the code here)
$ \mu_1 = sign("PoP" | vk\_bytes, sk) \in G_{1/2}$ -
$\mu_2 = g_{\{1/2\}}^{sk} \in G_{\{1/2\}}$ (note that this is just the public key in the other group)
For a
Now note that in Leios we also use the BLS key as a VRF, which does not warrant the use of a proof of possession, but we should still be careful with changes that do not follow the paper.
If we do make this change, this will save bytes in the PoP, but also the verification time of such a PoP will become equivalent to just a signature check (we currently do roughly the work of two such checks). Additionally, this will make our implementation IETF compliant, making it easier for other languages to grab off-the-shelf BLS signature libs instead of having to implement their own crypto.
- Check with research that dropping
$\mu_2$ poses no security risk (the security proofs also hold with just using the isomorphism) - Implement the changes
The below image shows the adjusted BLS protocol for Leios (BLS signatures + VRF over the same keys)

Metadata
Metadata
Assignees
Labels
Type
Projects
Status