Mark cross_group as experimental

While all of Serai can be argued as experimental, the DLEq proof is 
especially so, as it's lacking any formal proofs over its theory.

Also adds doc(hidden) to the generic DLEqProof, now prefixed with __.

crypto/dleq/Cargo.toml

@@ -31,7 +31,7 @@ transcript = { package = "flexible-transcript", path = "../transcript", features
 
 [features]
 serialize = []
-cross_group = ["multiexp"]
+experimental_cross_group = ["multiexp"]
 secure_capacity_difference = []
 
 # Only applies to cross_group, yet is default to ensure security

crypto/dleq/src/cross_group/mod.rs

@@ -47,10 +47,13 @@ pub enum DLEqError {
   InvalidProof
 }
 
+// This should never be directly instantiated and uses a u8 to represent internal values
+// Any external usage is likely invalid
+#[doc(hidden)]
 // Debug would be such a dump of data this likely isn't helpful, but at least it's available to
 // anyone who wants it
 #[derive(Clone, PartialEq, Eq, Debug)]
-pub struct DLEqProof<
+pub struct __DLEqProof<
   G0: PrimeGroup,
   G1: PrimeGroup,
   const SIGNATURE: u8,
@@ -64,7 +67,7 @@ pub struct DLEqProof<
 
 macro_rules! dleq {
   ($name: ident, $signature: expr, $remainder: literal) => {
-    pub type $name<G0, G1> = DLEqProof<
+    pub type $name<G0, G1> = __DLEqProof<
       G0,
       G1,
       { $signature.to_u8() },
@@ -105,7 +108,7 @@ impl<
   const SIGNATURE: u8,
   const RING_LEN: usize,
   const REMAINDER_RING_LEN: usize
-> DLEqProof<G0, G1, SIGNATURE, RING_LEN, REMAINDER_RING_LEN> where
+> __DLEqProof<G0, G1, SIGNATURE, RING_LEN, REMAINDER_RING_LEN> where
   G0::Scalar: PrimeFieldBits, G1::Scalar: PrimeFieldBits {
 
   pub(crate) fn transcript<T: Transcript>(
@@ -232,7 +235,7 @@ impl<
       );
     }
 
-    let proof = DLEqProof { bits, remainder, poks };
+    let proof = __DLEqProof { bits, remainder, poks };
     debug_assert_eq!(
       proof.reconstruct_keys(),
       (generators.0.primary * f.0, generators.1.primary * f.1)
@@ -353,7 +356,7 @@ impl<
     }
 
     Ok(
-      DLEqProof {
+      __DLEqProof {
         bits,
         remainder,
         poks: (SchnorrPoK::deserialize(r)?, SchnorrPoK::deserialize(r)?)

crypto/dleq/src/lib.rs

@@ -9,7 +9,7 @@ use group::prime::PrimeGroup;
 #[cfg(feature = "serialize")]
 use std::io::{self, ErrorKind, Error, Read, Write};
 
-#[cfg(feature = "cross_group")]
+#[cfg(feature = "experimental_cross_group")]
 pub mod cross_group;
 
 #[cfg(test)]

crypto/dleq/src/tests/mod.rs

@@ -1,4 +1,4 @@
-#[cfg(feature = "cross_group")]
+#[cfg(feature = "experimental_cross_group")]
 mod cross_group;
 
 use hex_literal::hex;