From 070045054172b71160e00641fcabf6800b20a136 Mon Sep 17 00:00:00 2001
From: Ethen Pociask <ethen@eigenlabs.org>
Date: Thu, 9 Jan 2025 16:35:53 +0700
Subject: [PATCH] fix(sigmap-EDAP-06): Missing IsOnCurve & IsInSubgroup Checks
 For Elliptic Curve Point

---
 verify/verifier.go | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/verify/verifier.go b/verify/verifier.go
index a79c9f8..56f0f3e 100644
--- a/verify/verifier.go
+++ b/verify/verifier.go
@@ -132,9 +132,30 @@ func (v *Verifier) VerifyCommitment(expectedCommit *common.G1Commitment, blob []
 
 	expectedX := &fp.Element{}
 	expectedX.Unmarshal(expectedCommit.X)
+
+	// map field elements to G1 point and ensure it exists within G1 subgroup &
+	// exists on the curve
+	xAffine := bn254.MapToG1(*expectedX)
+	if !xAffine.IsInSubGroup() {
+		return fmt.Errorf("expected x is not in the subgroup: %x", expectedX.Marshal())
+	}
+
+	if !xAffine.IsOnCurve() {
+		return fmt.Errorf("expected x is not on the curve: %x", expectedX.Marshal())
+	}
+
 	expectedY := &fp.Element{}
 	expectedY.Unmarshal(expectedCommit.Y)
 
+	yAffine := bn254.MapToG1(*expectedY)
+	if !yAffine.IsInSubGroup() {
+		return fmt.Errorf("expected y is not in the subgroup: %x", expectedY.Marshal())
+	}
+
+	if !yAffine.IsOnCurve() {
+		return fmt.Errorf("expected y is not on the curve: %x", expectedY.Marshal())
+	}
+
 	errMsg := ""
 	if !actualCommit.X.Equal(expectedX) || !actualCommit.Y.Equal(expectedY) {
 		errMsg += fmt.Sprintf("field elements do not match, x actual commit: %x, x expected commit: %x, ", actualCommit.X.Marshal(), expectedX.Marshal())