Function bls_on_arkworks::aggregate_verify
source · pub fn aggregate_verify(
public_keys: Vec<PublicKey>,
messages: Vec<Octets>,
signature: &Signature,
dst: &Octets
) -> bool
Expand description
(spec link) Checks an aggregated signature over several (PK, message) pairs.
Implementation:
1. R = signature_to_point(signature)
2. If R is INVALID, return INVALID
3. If signature_subgroup_check(R) is INVALID, return INVALID
4. C1 = 1 (the identity element in GT)
5. for i in 1, ..., n:
6. If KeyValidate(PK_i) is INVALID, return INVALID
7. xP = pubkey_to_point(PK_i)
8. Q = hash_to_point(message_i)
9. C1 = C1 * pairing(Q, xP)
10. C2 = pairing(R, P)
11. If C1 == C2, return VALID, else return INVALID
XXX: this function doesn’t take DST as an argument in the spec. It should!