Hash ticket before performing arithmetic (#424)

To ensure no arithmetic properties leak from BLS-G2 affine compressed representation. Signed-off-by: Jakub Sztandera <[email protected]>
filecoin-project · Jul 7, 2024 · d3c2ae4 · d3c2ae4
1 parent 0bc5cca
commit d3c2ae4
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/gpbft/gpbft.go b/gpbft/gpbft.go
@@ -14,6 +14,7 @@ import (
 	"github.com/filecoin-project/go-bitfield"
 	rlepluslazy "github.com/filecoin-project/go-bitfield/rle"
 	"github.com/filecoin-project/go-f3/merkle"
+	"golang.org/x/crypto/blake2b"
 	"golang.org/x/xerrors"
 )
 
@@ -1433,7 +1434,8 @@ func (c *convergeState) FindMaxTicketProposal(table PowerTable) ConvergeValue {
 	for key, value := range c.values {
 		for _, ticket := range c.tickets[key] {
 			senderPower, _ := table.Get(ticket.Sender)
-			ticketAsInt := new(big.Int).SetBytes(ticket.Ticket)
+			ticketHash := blake2b.Sum256(ticket.Ticket)
+			ticketAsInt := new(big.Int).SetBytes(ticketHash[:])
 			weightedTicket := new(big.Int).Mul(ticketAsInt, big.NewInt(int64(senderPower)))
 			if maxTicket == nil || weightedTicket.Cmp(maxTicket) > 0 {
 				maxTicket = weightedTicket