Check verification keys of the other signers

nymtech · Nov 9, 2022 · 0452ab9 · 0452ab9
1 parent 51e407b
commit 0452ab9
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/common/nymcoconut/Cargo.toml b/common/nymcoconut/Cargo.toml
@@ -17,6 +17,7 @@ serde_derive = "1.0"
 bs58 = "0.4.0"
 sha2 = "0.9"
 
+dkg = { path = "../crypto/dkg" }
 pemstore = { path = "../pemstore" }
 
 [dependencies.ff]
@@ -30,7 +31,6 @@ default-features = false
 [dev-dependencies]
 criterion = { version="0.3", features=["html_reports"] }
 doc-comment = "0.3"
-dkg = { path = "../crypto/dkg" }
 rand_chacha = "0.3"
 
 [dev-dependencies.bincode]

diff --git a/common/nymcoconut/src/scheme/verification.rs b/common/nymcoconut/src/scheme/verification.rs
@@ -212,6 +212,39 @@ pub fn check_bilinear_pairing(p: &G1Affine, q: &G2Prepared, r: &G1Affine, s: &G2
     multi_miller.final_exponentiation().is_identity().into()
 }
 
+pub fn check_vk_pairing(
+    params: &Parameters,
+    dkg_alpha: G2Projective,
+    dkg_beta: &[G2Projective],
+    vk: &VerificationKey,
+) -> bool {
+    if dkg_beta.len() != vk.beta_g1.len() || dkg_beta.len() != vk.beta_g2.len() {
+        return false;
+    }
+    if vk.alpha != dkg_alpha {
+        return false;
+    }
+    if dkg_beta
+        .iter()
+        .zip(vk.beta_g2.iter())
+        .any(|(dkg_beta, vk_beta)| dkg_beta != vk_beta)
+    {
+        return false;
+    }
+    if vk.beta_g1.iter().zip(vk.beta_g2.iter()).any(|(g1, g2)| {
+        !check_bilinear_pairing(
+            &params.gen1(),
+            &G2Prepared::from(g2.to_affine()),
+            &g1.to_affine(),
+            params.prepared_miller_g2(),
+        )
+    }) {
+        return false;
+    }
+
+    true
+}
+
 pub fn verify_credential(
     params: &Parameters,
     verification_key: &VerificationKey,