contexts added

curiecrypt · curiecrypt · commit 64aad5f0d95a · 2025-11-14T16:51:51.000+03:00
diff --git a/mithril-stm/src/aggregate_signature/basic_verifier.rs b/mithril-stm/src/aggregate_signature/basic_verifier.rs
@@ -1,4 +1,4 @@
-use anyhow::anyhow;
+use anyhow::{Context, anyhow};
 use std::collections::{BTreeMap, HashMap, HashSet};
 
 use crate::bls_multi_signature::{BlsSignature, BlsVerificationKey};
@@ -64,7 +64,8 @@ impl BasicVerifier {
         for sig_reg in signatures {
             sig_reg
                 .sig
-                .check_indices(parameters, &sig_reg.reg_party.1, msg, total_stake)?;
+                .check_indices(parameters, &sig_reg.reg_party.1, msg, total_stake)
+                .with_context(|| "Preliminary verification for basic verifier failed.")?;
             for &index in &sig_reg.sig.indexes {
                 unique_indices.insert(index);
                 nr_indices += 1;
@@ -238,13 +239,15 @@ impl BasicVerifier {
             parameters,
             msg,
             &sig_reg_list,
-        )?;
+        )
+        .with_context(|| "Basic verification failed during selection of unique k indices.")?;
 
         Self::preliminary_verify(&self.total_stake, &unique_sigs, parameters, msg)?;
 
         let (sigs, vks) = Self::collect_signatures_verification_keys(&unique_sigs);
 
-        BlsSignature::verify_aggregate(msg.to_vec().as_slice(), &vks, &sigs)?;
+        BlsSignature::verify_aggregate(msg.to_vec().as_slice(), &vks, &sigs)
+            .with_context(|| "Basic verifier failed in multisignature verification.")?;
 
         Ok(())
     }
diff --git a/mithril-stm/src/aggregate_signature/clerk.rs b/mithril-stm/src/aggregate_signature/clerk.rs
@@ -3,6 +3,7 @@ use crate::{
     Index, Parameters, Signer, SingleSignature, Stake, StmResult, VerificationKey,
     aggregate_signature::ConcatenationProof,
 };
+use anyhow::Context;
 use blake2::digest::{Digest, FixedOutput};
 
 #[cfg(feature = "future_proof_system")]
@@ -80,7 +81,12 @@ impl<D: Digest + Clone + FixedOutput + Send + Sync> Clerk<D> {
     ) -> StmResult<AggregateSignature<D>> {
         match aggregate_signature_type {
             AggregateSignatureType::Concatenation => Ok(AggregateSignature::Concatenation(
-                ConcatenationProof::aggregate_signatures(self, sigs, msg)?,
+                ConcatenationProof::aggregate_signatures(self, sigs, msg).with_context(|| {
+                    format!(
+                        "Signatures failed to aggregate for type {}",
+                        AggregateSignatureType::Concatenation
+                    )
+                })?,
             )),
             #[cfg(feature = "future_proof_system")]
             AggregateSignatureType::Future => Err(anyhow!(
diff --git a/mithril-stm/src/aggregate_signature/proof/concatenation.rs b/mithril-stm/src/aggregate_signature/proof/concatenation.rs
@@ -1,3 +1,4 @@
+use anyhow::Context;
 use blake2::digest::{Digest, FixedOutput};
 
 use serde::{Deserialize, Serialize};
@@ -52,6 +53,9 @@ impl<D: Clone + Digest + FixedOutput + Send + Sync> ConcatenationProof<D> {
             &clerk.params,
             &msgp,
             &sig_reg_list,
+        )
+        .with_context(
+            || "Failed to aggregate unique signatures during selection for the k indices.",
         )?;
 
         unique_sigs.sort_unstable();
@@ -90,7 +94,8 @@ impl<D: Clone + Digest + FixedOutput + Send + Sync> ConcatenationProof<D> {
             &self.signatures,
             parameters,
             &msgp,
-        )?;
+        )
+        .with_context(|| "Preliminary verification of aggregate signatures failed.")?;
 
         let leaves = self
             .signatures
@@ -99,7 +104,8 @@ impl<D: Clone + Digest + FixedOutput + Send + Sync> ConcatenationProof<D> {
             .collect::<Vec<RegisteredParty>>();
 
         avk.get_merkle_tree_batch_commitment()
-            .verify_leaves_membership_from_batch_path(&leaves, &self.batch_proof)?;
+            .verify_leaves_membership_from_batch_path(&leaves, &self.batch_proof)
+            .with_context(|| "Batch proof is invalid in preliminary verification.")?;
 
         Ok(BasicVerifier::collect_signatures_verification_keys(
             &self.signatures,
@@ -119,9 +125,12 @@ impl<D: Clone + Digest + FixedOutput + Send + Sync> ConcatenationProof<D> {
         parameters: &Parameters,
     ) -> StmResult<()> {
         let msgp = avk.get_merkle_tree_batch_commitment().concatenate_with_message(msg);
-        let (sigs, vks) = self.preliminary_verify(msg, avk, parameters)?;
+        let (sigs, vks) = self
+            .preliminary_verify(msg, avk, parameters)
+            .with_context(|| "Aggregate signature verification failed")?;
 
-        BlsSignature::verify_aggregate(msgp.as_slice(), &vks, &sigs)?;
+        BlsSignature::verify_aggregate(msgp.as_slice(), &vks, &sigs)
+            .with_context(|| "Aggregate signature verification failed")?;
         Ok(())
     }
 
diff --git a/mithril-stm/src/bls_multi_signature/signature.rs b/mithril-stm/src/bls_multi_signature/signature.rs
@@ -1,4 +1,4 @@
-use anyhow::anyhow;
+use anyhow::{Context, anyhow};
 use std::{cmp::Ordering, iter::Sum};
 
 use blake2::{Blake2b, Blake2b512, Digest};
@@ -143,7 +143,7 @@ impl BlsSignature {
         vks: &[BlsVerificationKey],
         sigs: &[BlsSignature],
     ) -> StmResult<()> {
-        let (aggr_vk, aggr_sig) = Self::aggregate(vks, sigs)?;
+        let (aggr_vk, aggr_sig) = Self::aggregate(vks, sigs).with_context(|| "Multi signature verification failed in aggregation of verification keys and signatures.")?;
 
         blst_error_to_stm_error(
             aggr_sig.0.verify(
diff --git a/mithril-stm/src/merkle_tree/commitment.rs b/mithril-stm/src/merkle_tree/commitment.rs
@@ -6,7 +6,7 @@ use serde::{Deserialize, Serialize};
 use crate::StmResult;
 use crate::error::MerkleTreeError;
 use crate::merkle_tree::{MerkleBatchPath, MerklePath, MerkleTreeLeaf, parent, sibling};
-use anyhow::anyhow;
+use anyhow::{Context, anyhow};
 /// `MerkleTree` commitment.
 /// This structure differs from `MerkleTree` in that it does not contain all elements, which are not always necessary.
 /// Instead, it only contains the root of the tree.
@@ -208,7 +208,14 @@ impl<D: Digest + FixedOutput> MerkleTreeBatchCommitment<D> {
                 if ordered_indices[i] & 1 == 0 {
                     new_hashes.push(
                         D::new()
-                            .chain(values.first().ok_or(MerkleTreeError::SerializationError)?)
+                            .chain(
+                                values
+                                    .first()
+                                    .ok_or(MerkleTreeError::SerializationError)
+                                    .with_context(|| {
+                                        format!("Could not verify leave membership from batch path for idx = {} and ordered_indices[{}]", idx, i)
+                                    })?,
+                            )
                             .chain(&leaves[i])
                             .finalize()
                             .to_vec(),
@@ -225,7 +232,16 @@ impl<D: Digest + FixedOutput> MerkleTreeBatchCommitment<D> {
                         new_hashes.push(
                             D::new()
                                 .chain(&leaves[i])
-                                .chain(values.first().ok_or(MerkleTreeError::SerializationError)?)
+                                .chain(
+                                    values
+                                        .first()
+                                        .ok_or(MerkleTreeError::SerializationError)
+                                        .with_context(|| {
+                                            format!(
+                                                "Could not verify leave membership from batch path for idx = {} where sibling < nr_nodes", idx
+                                            )
+                                        })?,
+                                )
                                 .finalize()
                                 .to_vec(),
                         );
diff --git a/mithril-stm/src/single_signature/signature.rs b/mithril-stm/src/single_signature/signature.rs
@@ -12,7 +12,7 @@ use crate::{
     AggregateVerificationKey, Index, Parameters, Stake, StmResult, StmSignatureError,
     VerificationKey,
 };
-use anyhow::anyhow;
+use anyhow::{Context, anyhow};
 
 /// Signature created by a single party who has won the lottery.
 #[derive(Debug, Clone, Serialize, Deserialize)]
@@ -37,7 +37,13 @@ impl SingleSignature {
         msg: &[u8],
     ) -> StmResult<()> {
         let msgp = avk.get_merkle_tree_batch_commitment().concatenate_with_message(msg);
-        self.basic_verify(params, pk, stake, &msgp, &avk.get_total_stake())?;
+        self.basic_verify(params, pk, stake, &msgp, &avk.get_total_stake())
+            .with_context(|| {
+                format!(
+                    "Single signature verification failed for signer index {}.",
+                    self.signer_index
+                )
+            })?;
         Ok(())
     }
 
@@ -148,8 +154,11 @@ impl SingleSignature {
         msg: &[u8],
         total_stake: &Stake,
     ) -> StmResult<()> {
-        self.sigma.verify(msg, pk)?;
-        self.check_indices(params, stake, msg, total_stake)?;
+        self.sigma
+            .verify(msg, pk)
+            .with_context(|| "Basic verification of single signature failed.")?;
+        self.check_indices(params, stake, msg, total_stake)
+            .with_context(|| "Basic verification of single signature failed.")?;
 
         Ok(())
     }
