From 67136110a73c7990aaea5026ea0c1b811c18f7f9 Mon Sep 17 00:00:00 2001
From: Adam Allombert-Goget <adam.allombert@nomadic-labs.com>
Date: Tue, 11 Mar 2025 11:42:51 +0100
Subject: [PATCH] crypto: update aggregate_signature_opt now takes a subgroup
 check opt

---
 src/lib_bls12_381_signature/bls12_381_signature.ml |  8 ++++----
 .../bls12_381_signature.mli                        | 14 ++++++++++----
 src/lib_crypto/aggregate_signature.ml              |  4 ++--
 src/lib_crypto/s.ml                                |  5 +++--
 src/lib_protocol_environment/environment_V10.ml    |  7 ++++++-
 src/lib_protocol_environment/environment_V11.ml    |  7 ++++++-
 src/lib_protocol_environment/environment_V12.ml    |  7 ++++++-
 src/lib_protocol_environment/environment_V13.ml    |  7 ++++++-
 src/lib_protocol_environment/environment_V14.ml    |  7 ++++++-
 src/lib_protocol_environment/environment_V15.ml    |  2 +-
 src/lib_protocol_environment/environment_V5.ml     |  2 ++
 src/lib_protocol_environment/environment_V6.ml     |  2 ++
 src/lib_protocol_environment/environment_V7.ml     |  8 +++++++-
 src/lib_protocol_environment/environment_V8.ml     |  8 +++++++-
 src/lib_protocol_environment/environment_V9.ml     |  7 ++++++-
 src/lib_protocol_environment/sigs/v15.ml           |  2 +-
 src/lib_protocol_environment/sigs/v15/s.mli        |  2 +-
 17 files changed, 76 insertions(+), 23 deletions(-)

diff --git a/src/lib_bls12_381_signature/bls12_381_signature.ml b/src/lib_bls12_381_signature/bls12_381_signature.ml
index 75406dedc41a..f2868af84412 100644
--- a/src/lib_bls12_381_signature/bls12_381_signature.ml
+++ b/src/lib_bls12_381_signature/bls12_381_signature.ml
@@ -241,10 +241,10 @@ module MinPk = struct
           else false
         else false)
 
-  let aggregate_signature_opt signatures =
+  let aggregate_signature_opt ?(subgroup_check = true) signatures =
     let signatures =
       Bls12_381.G2.affine_array_of_compressed_bytes_opt
-        ~subgroup_check:true
+        ~subgroup_check
         (Array.of_list signatures)
     in
     Option.map
@@ -570,10 +570,10 @@ module MinSig = struct
           else false
         else false)
 
-  let aggregate_signature_opt signatures =
+  let aggregate_signature_opt ?(subgroup_check = true) signatures =
     let signatures =
       Bls12_381.G1.affine_array_of_compressed_bytes_opt
-        ~subgroup_check:true
+        ~subgroup_check
         (Array.of_list signatures)
     in
     Option.map
diff --git a/src/lib_bls12_381_signature/bls12_381_signature.mli b/src/lib_bls12_381_signature/bls12_381_signature.mli
index a81130d79fd3..05601b2660f7 100644
--- a/src/lib_bls12_381_signature/bls12_381_signature.mli
+++ b/src/lib_bls12_381_signature/bls12_381_signature.mli
@@ -114,8 +114,11 @@ module MinPk : sig
       [signatures], following {{:
       https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-bls-signature-04#section-2.8
       } section 2.8}.
-      Return [None] if [INVALID] is expected in the specification *)
-  val aggregate_signature_opt : signature list -> signature option
+      Return [None] if [INVALID] is expected in the specification. If
+      [subgroup_check] is set, the function also checks if the points are in G2.
+      (set by default) *)
+  val aggregate_signature_opt :
+    ?subgroup_check:bool -> signature list -> signature option
 
   (** [aggregate_public_key_opt ?subgroup_check pks] aggregates the public keys
       [pks]. If [subgroup_check] is set, the function also checks if the
@@ -305,8 +308,11 @@ module MinSig : sig
       [signatures], following {{:
       https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-bls-signature-04#section-2.8
       } section 2.8 }.
-      Return [None] if [INVALID] is expected in the specification *)
-  val aggregate_signature_opt : signature list -> signature option
+      Return [None] if [INVALID] is expected in the specification. If
+      [subgroup_check] is set, the function also checks if the points are in G1.
+      (set by default) *)
+  val aggregate_signature_opt :
+    ?subgroup_check:bool -> signature list -> signature option
 
   (** [aggregate_public_key_opt ?subgroup_check pks] aggregates the public keys
       [pks]. If [subgroup_check] is set, the function also checks if the
diff --git a/src/lib_crypto/aggregate_signature.ml b/src/lib_crypto/aggregate_signature.ml
index 6af35fdbba07..74a93319763c 100644
--- a/src/lib_crypto/aggregate_signature.ml
+++ b/src/lib_crypto/aggregate_signature.ml
@@ -499,7 +499,7 @@ let aggregate_check pks signature =
       |> Option.map (Bls.aggregate_check pks)
       |> Option.value ~default:false
 
-let aggregate_signature_opt signatures =
+let aggregate_signature_opt ?subgroup_check signatures =
   let open Result_syntax in
   let aux acc s =
     match s with
@@ -510,7 +510,7 @@ let aggregate_signature_opt signatures =
   in
   match List.fold_left_e aux [] signatures with
   | Ok signatures ->
-      Bls.aggregate_signature_opt signatures
+      Bls.aggregate_signature_opt ?subgroup_check signatures
       |> Option.map (fun s -> Bls12_381 s)
   | Error _ -> None
 
diff --git a/src/lib_crypto/s.ml b/src/lib_crypto/s.ml
index 49caeb494d03..9a8acebb6c82 100644
--- a/src/lib_crypto/s.ml
+++ b/src/lib_crypto/s.ml
@@ -448,8 +448,9 @@ module type AGGREGATE_SIGNATURE = sig
     (Public_key.t * watermark option * bytes) list -> t -> bool
 
   (** [aggregate_signature_opt sig_list] creates an aggregated signature using
-      the list of signatures [sig_list]. *)
-  val aggregate_signature_opt : t list -> t option
+      the list of signatures [sig_list]. If [subgroup_check] is set, the
+      function also checks if the points are in the prime subgroup. *)
+  val aggregate_signature_opt : ?subgroup_check:bool -> t list -> t option
 
   (** [aggregate_public_key_opt pk_list] creates an aggregated public key using
       the list of public_keys [pk_list]. If [subgroup_check] is set, the function
diff --git a/src/lib_protocol_environment/environment_V10.ml b/src/lib_protocol_environment/environment_V10.ml
index 120d968900a7..1a917bcd6bb0 100644
--- a/src/lib_protocol_environment/environment_V10.ml
+++ b/src/lib_protocol_environment/environment_V10.ml
@@ -319,7 +319,12 @@ struct
   module Ed25519 = Tezos_crypto.Signature.Ed25519
   module Secp256k1 = Tezos_crypto.Signature.Secp256k1
   module P256 = Tezos_crypto.Signature.P256
-  module Bls = Tezos_crypto.Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
 
   module Signature = struct
     include Tezos_crypto.Signature.V1
diff --git a/src/lib_protocol_environment/environment_V11.ml b/src/lib_protocol_environment/environment_V11.ml
index 8849bb66fdff..fb2daabfe8c5 100644
--- a/src/lib_protocol_environment/environment_V11.ml
+++ b/src/lib_protocol_environment/environment_V11.ml
@@ -330,7 +330,12 @@ struct
   module Ed25519 = Tezos_crypto.Signature.Ed25519
   module Secp256k1 = Tezos_crypto.Signature.Secp256k1
   module P256 = Tezos_crypto.Signature.P256
-  module Bls = Tezos_crypto.Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
 
   module Signature = struct
     include Tezos_crypto.Signature.V1
diff --git a/src/lib_protocol_environment/environment_V12.ml b/src/lib_protocol_environment/environment_V12.ml
index f9b7148342b0..cc0c61db5a49 100644
--- a/src/lib_protocol_environment/environment_V12.ml
+++ b/src/lib_protocol_environment/environment_V12.ml
@@ -330,7 +330,12 @@ struct
   module Ed25519 = Tezos_crypto.Signature.Ed25519
   module Secp256k1 = Tezos_crypto.Signature.Secp256k1
   module P256 = Tezos_crypto.Signature.P256
-  module Bls = Tezos_crypto.Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
 
   module Signature = struct
     include Tezos_crypto.Signature.V1
diff --git a/src/lib_protocol_environment/environment_V13.ml b/src/lib_protocol_environment/environment_V13.ml
index a7c3daf2b9fb..43051c59c113 100644
--- a/src/lib_protocol_environment/environment_V13.ml
+++ b/src/lib_protocol_environment/environment_V13.ml
@@ -330,7 +330,12 @@ struct
   module Ed25519 = Tezos_crypto.Signature.Ed25519
   module Secp256k1 = Tezos_crypto.Signature.Secp256k1
   module P256 = Tezos_crypto.Signature.P256
-  module Bls = Tezos_crypto.Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
 
   module Signature = struct
     include Tezos_crypto.Signature.V1
diff --git a/src/lib_protocol_environment/environment_V14.ml b/src/lib_protocol_environment/environment_V14.ml
index 6ac9746abda4..aceec0f8f690 100644
--- a/src/lib_protocol_environment/environment_V14.ml
+++ b/src/lib_protocol_environment/environment_V14.ml
@@ -335,7 +335,12 @@ struct
   module Ed25519 = Tezos_crypto.Signature.Ed25519
   module Secp256k1 = Tezos_crypto.Signature.Secp256k1
   module P256 = Tezos_crypto.Signature.P256
-  module Bls = Tezos_crypto.Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
 
   module Signature = struct
     include Tezos_crypto.Signature.V1
diff --git a/src/lib_protocol_environment/environment_V15.ml b/src/lib_protocol_environment/environment_V15.ml
index b733e12a683e..6b1f1a70069e 100644
--- a/src/lib_protocol_environment/environment_V15.ml
+++ b/src/lib_protocol_environment/environment_V15.ml
@@ -527,7 +527,7 @@ struct
       val aggregate_check :
         (Public_key.t * watermark option * bytes) list -> t -> bool
 
-      val aggregate_signature_opt : t list -> t option
+      val aggregate_signature_opt : ?subgroup_check:bool -> t list -> t option
 
       val aggregate_public_key_opt :
         ?subgroup_check:bool -> Public_key.t list -> Public_key.t option
diff --git a/src/lib_protocol_environment/environment_V5.ml b/src/lib_protocol_environment/environment_V5.ml
index b0d6ab4daa9a..a2e524b98c35 100644
--- a/src/lib_protocol_environment/environment_V5.ml
+++ b/src/lib_protocol_environment/environment_V5.ml
@@ -270,6 +270,8 @@ struct
     let verify = Aug.verify
 
     let aggregate_verify = Aug.aggregate_verify
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
   end
 
   module Ed25519 = Signature.Ed25519
diff --git a/src/lib_protocol_environment/environment_V6.ml b/src/lib_protocol_environment/environment_V6.ml
index c5cf9ac814e9..d52e53d238b0 100644
--- a/src/lib_protocol_environment/environment_V6.ml
+++ b/src/lib_protocol_environment/environment_V6.ml
@@ -271,6 +271,8 @@ struct
     let verify = Aug.verify
 
     let aggregate_verify = Aug.aggregate_verify
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
   end
 
   module Ed25519 = Signature.Ed25519
diff --git a/src/lib_protocol_environment/environment_V7.ml b/src/lib_protocol_environment/environment_V7.ml
index 2c63f1ae1256..5ad0d4b73270 100644
--- a/src/lib_protocol_environment/environment_V7.ml
+++ b/src/lib_protocol_environment/environment_V7.ml
@@ -275,7 +275,13 @@ struct
   module Ed25519 = Signature.Ed25519
   module Secp256k1 = Signature.Secp256k1
   module P256 = Signature.P256
-  module Bls = Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
+
   module Signature = Signature.V0
   module Timelock = Tezos_crypto.Timelock_legacy
   module Vdf = Class_group_vdf.Vdf_self_contained
diff --git a/src/lib_protocol_environment/environment_V8.ml b/src/lib_protocol_environment/environment_V8.ml
index 86cd8a5ab81b..47f60c2c10ab 100644
--- a/src/lib_protocol_environment/environment_V8.ml
+++ b/src/lib_protocol_environment/environment_V8.ml
@@ -308,7 +308,13 @@ struct
   module Ed25519 = Signature.Ed25519
   module Secp256k1 = Signature.Secp256k1
   module P256 = Signature.P256
-  module Bls = Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
+
   module Signature = Signature.V1
   module Timelock = Tezos_crypto.Timelock_legacy
   module Vdf = Class_group_vdf.Vdf_self_contained
diff --git a/src/lib_protocol_environment/environment_V9.ml b/src/lib_protocol_environment/environment_V9.ml
index c15c642c026b..f5f1a06b34bc 100644
--- a/src/lib_protocol_environment/environment_V9.ml
+++ b/src/lib_protocol_environment/environment_V9.ml
@@ -307,7 +307,12 @@ struct
   module Ed25519 = Tezos_crypto.Signature.Ed25519
   module Secp256k1 = Tezos_crypto.Signature.Secp256k1
   module P256 = Tezos_crypto.Signature.P256
-  module Bls = Tezos_crypto.Signature.Bls
+
+  module Bls = struct
+    include Tezos_crypto.Signature.Bls
+
+    let aggregate_signature_opt = aggregate_signature_opt ~subgroup_check:true
+  end
 
   module Signature = struct
     include Tezos_crypto.Signature.V1
diff --git a/src/lib_protocol_environment/sigs/v15.ml b/src/lib_protocol_environment/sigs/v15.ml
index cb71c6779675..3bc76847015b 100644
--- a/src/lib_protocol_environment/sigs/v15.ml
+++ b/src/lib_protocol_environment/sigs/v15.ml
@@ -9471,7 +9471,7 @@ module type AGGREGATE_SIGNATURE = sig
 
   val aggregate_check : (Public_key.t * watermark option * bytes) list -> t -> bool
 
-  val aggregate_signature_opt : t list -> t option
+  val aggregate_signature_opt : ?subgroup_check:bool -> t list -> t option
 
   val aggregate_public_key_opt :
     ?subgroup_check:bool -> Public_key.t list -> Public_key.t option
diff --git a/src/lib_protocol_environment/sigs/v15/s.mli b/src/lib_protocol_environment/sigs/v15/s.mli
index 5c4b2bff7c23..4e18e982dd80 100644
--- a/src/lib_protocol_environment/sigs/v15/s.mli
+++ b/src/lib_protocol_environment/sigs/v15/s.mli
@@ -240,7 +240,7 @@ module type AGGREGATE_SIGNATURE = sig
 
   val aggregate_check : (Public_key.t * watermark option * bytes) list -> t -> bool
 
-  val aggregate_signature_opt : t list -> t option
+  val aggregate_signature_opt : ?subgroup_check:bool -> t list -> t option
 
   val aggregate_public_key_opt :
     ?subgroup_check:bool -> Public_key.t list -> Public_key.t option
-- 
GitLab