From 72afcf1f063b92bee8021755a7d9da68950758b1 Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Thu, 7 Jul 2022 08:51:17 -0400
Subject: [PATCH] Mark cross_group as experimental

While all of Serai can be argued as experimental, the DLEq proof is
especially so, as it's lacking any formal proofs over its theory.

Also adds doc(hidden) to the generic DLEqProof, now prefixed with __.
---
 crypto/dleq/Cargo.toml             |  2 +-
 crypto/dleq/src/cross_group/mod.rs | 13 ++++++++-----
 crypto/dleq/src/lib.rs             |  2 +-
 crypto/dleq/src/tests/mod.rs       |  2 +-
 4 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/crypto/dleq/Cargo.toml b/crypto/dleq/Cargo.toml
index 8943544c..7216c338 100644
--- a/crypto/dleq/Cargo.toml
+++ b/crypto/dleq/Cargo.toml
@@ -31,7 +31,7 @@ transcript = { package = "flexible-transcript", path = "../transcript", features
 
 [features]
 serialize = []
-cross_group = ["multiexp"]
+experimental_cross_group = ["multiexp"]
 secure_capacity_difference = []
 
 # Only applies to cross_group, yet is default to ensure security
diff --git a/crypto/dleq/src/cross_group/mod.rs b/crypto/dleq/src/cross_group/mod.rs
index 932f7242..370b6c8e 100644
--- a/crypto/dleq/src/cross_group/mod.rs
+++ b/crypto/dleq/src/cross_group/mod.rs
@@ -47,10 +47,13 @@ pub enum DLEqError {
   InvalidProof
 }
 
+// This should never be directly instantiated and uses a u8 to represent internal values
+// Any external usage is likely invalid
+#[doc(hidden)]
 // Debug would be such a dump of data this likely isn't helpful, but at least it's available to
 // anyone who wants it
 #[derive(Clone, PartialEq, Eq, Debug)]
-pub struct DLEqProof<
+pub struct __DLEqProof<
   G0: PrimeGroup,
   G1: PrimeGroup,
   const SIGNATURE: u8,
@@ -64,7 +67,7 @@ pub struct DLEqProof<
 
 macro_rules! dleq {
   ($name: ident, $signature: expr, $remainder: literal) => {
-    pub type $name<G0, G1> = DLEqProof<
+    pub type $name<G0, G1> = __DLEqProof<
       G0,
       G1,
       { $signature.to_u8() },
@@ -105,7 +108,7 @@ impl<
   const SIGNATURE: u8,
   const RING_LEN: usize,
   const REMAINDER_RING_LEN: usize
-> DLEqProof<G0, G1, SIGNATURE, RING_LEN, REMAINDER_RING_LEN> where
+> __DLEqProof<G0, G1, SIGNATURE, RING_LEN, REMAINDER_RING_LEN> where
   G0::Scalar: PrimeFieldBits, G1::Scalar: PrimeFieldBits {
 
   pub(crate) fn transcript<T: Transcript>(
@@ -232,7 +235,7 @@ impl<
       );
     }
 
-    let proof = DLEqProof { bits, remainder, poks };
+    let proof = __DLEqProof { bits, remainder, poks };
     debug_assert_eq!(
       proof.reconstruct_keys(),
       (generators.0.primary * f.0, generators.1.primary * f.1)
@@ -353,7 +356,7 @@ impl<
     }
 
     Ok(
-      DLEqProof {
+      __DLEqProof {
         bits,
         remainder,
         poks: (SchnorrPoK::deserialize(r)?, SchnorrPoK::deserialize(r)?)
diff --git a/crypto/dleq/src/lib.rs b/crypto/dleq/src/lib.rs
index f960cdfe..176de0b4 100644
--- a/crypto/dleq/src/lib.rs
+++ b/crypto/dleq/src/lib.rs
@@ -9,7 +9,7 @@ use group::prime::PrimeGroup;
 #[cfg(feature = "serialize")]
 use std::io::{self, ErrorKind, Error, Read, Write};
 
-#[cfg(feature = "cross_group")]
+#[cfg(feature = "experimental_cross_group")]
 pub mod cross_group;
 
 #[cfg(test)]
diff --git a/crypto/dleq/src/tests/mod.rs b/crypto/dleq/src/tests/mod.rs
index 119bbc6b..1fe2172f 100644
--- a/crypto/dleq/src/tests/mod.rs
+++ b/crypto/dleq/src/tests/mod.rs
@@ -1,4 +1,4 @@
-#[cfg(feature = "cross_group")]
+#[cfg(feature = "experimental_cross_group")]
 mod cross_group;
 
 use hex_literal::hex;