Document crypto crates with audit notices

2025-01-08 20:09:54 +00:00 · 2023-03-16 18:46:48 -04:00 · 2023-03-16 18:46:48 -04:00 · 4ed819fc7d
commit 4ed819fc7d
parent 74924095e1
10 changed files with 49 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -9,6 +9,8 @@ wallet.
 ### Layout
 - `audits`: Audits for various parts of Serai.
 - `docs`: Documentation on the Serai protocol.
 - `common`: Crates containing utilities common to a variety of areas under
--- a/crypto/ciphersuite/README.md
+++ b/crypto/ciphersuite/README.md
@ -2,6 +2,10 @@
 Ciphersuites for elliptic curves premised on ff/group.
 This library, except for the not recommended Ed448 ciphersuite, was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
 ### Secp256k1/P-256
 Secp256k1 and P-256 are offered via [k256](https://crates.io/crates/k256) and
--- a/crypto/dalek-ff-group/README.md
+++ b/crypto/dalek-ff-group/README.md
@ -2,3 +2,7 @@
 ff/group bindings around curve25519-dalek with a from_hash/random function based
 around modern dependencies.
 This library was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
--- a/crypto/dkg/README.md
+++ b/crypto/dkg/README.md
@ -10,3 +10,7 @@ another, are also provided.
 Currently included is the two-round protocol from the
 [FROST paper](https://eprint.iacr.org/2020/852).
 This library was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
--- a/crypto/dleq/README.md
+++ b/crypto/dleq/README.md
@ -3,7 +3,11 @@
 Implementation of discrete log equality proofs for curves implementing
 `ff`/`group`. There is also a highly experimental cross-group DLEq proof, under
 the `experimental` feature, which has no formal proofs available yet is
-available here regardless. This library has NOT undergone auditing.
+available here regardless.
 This library, except for the `experimental` feature, was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
 ### Cross-Group DLEq
--- a/crypto/ff-group-tests/README.md
+++ b/crypto/ff-group-tests/README.md
@ -3,3 +3,7 @@
 A series of sanity checks for implementors of the ff/group APIs. Implementors
 are assumed to be of a non-trivial size. These tests do not attempt to check if
 constant time implementations are used.
 This library was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
--- a/crypto/frost/README.md
+++ b/crypto/frost/README.md
@ -11,3 +11,7 @@ integrating with existing systems.
 This library offers ciphersuites compatible with the
 [IETF draft](https://github.com/cfrg/draft-irtf-cfrg-frost). Currently, version
 11 is supported.
 This library was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
--- a/crypto/multiexp/README.md
+++ b/crypto/multiexp/README.md
@ -4,3 +4,7 @@ A multiexp implementation for ff/group implementing Straus and Pippenger. A
 batch verification API is also available via the "batch" feature, which enables
 secure multiexponentation batch verification given a series of values which
 should sum to 0, identifying which doesn't via binary search if they don't.
 This library was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
--- a/crypto/schnorr/README.md
+++ b/crypto/schnorr/README.md
@ -0,0 +1,14 @@
 # Schnorr Signatures
 A challenge (and therefore HRAm) agnostic Schnorr signature library. This is
 intended to be used as a primitive by a variety of crates relying on Schnorr
 signatures, voiding the need to constantly define a Schnorr signature struct
 with associated functions.
 This library provides signatures of the `R, s` form. Batch verification is
 supported via the multiexp crate. Half-aggregation, as defined in
 https://eprint.iacr.org/2021/350, is also supported.
 This library was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.
--- a/crypto/transcript/README.md
+++ b/crypto/transcript/README.md
@ -25,3 +25,7 @@ their type, and their length.
 `MerlinTranscript` was used to justify the API, and if any issues existed with
 `DigestTranscript`, enable a fallback. It was also meant as a way to be
 compatible with existing Rust projects using `merlin`.
 This library was
 [audited by Cypher Stack in March 2023](../../audits/Cypher Stack crypto March 2023/Audit.pdf),
 culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06.