Ecosystem/serai
Ecosystem/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-01-12 05:44:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Update to the latest bitcoin-serai

Browse source
This commit is contained in:
Luke Parker 2024-09-19 21:19:34 -04:00
parent e64827b6d7
commit 861a8352e5
4 changed files with 1 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Cargo.lock generated
View file

@ -8106,9 +8106,7 @@ dependencies = [
"borsh", "borsh",
"ciphersuite", "ciphersuite",
"dkg", "dkg",
"flexible-transcript",
"hex", "hex",
"k256",
"log", "log",
"modular-frost", "modular-frost",
"parity-scale-codec", "parity-scale-codec",

2
processor/bitcoin/Cargo.toml
View file

@ -23,8 +23,6 @@ hex = { version = "0.4", default-features = false, features = ["std"] }
scale = { package = "parity-scale-codec", version = "3", default-features = false, features = ["std"] } scale = { package = "parity-scale-codec", version = "3", default-features = false, features = ["std"] }
borsh = { version = "1", default-features = false, features = ["std", "derive", "de_strict_order"] } borsh = { version = "1", default-features = false, features = ["std", "derive", "de_strict_order"] }
transcript = { package = "flexible-transcript", path = "../../crypto/transcript", default-features = false, features = ["std", "recommended"] }
k256 = { version = "0.13", default-features = false, features = ["std"] }
ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["std", "secp256k1"] } ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["std", "secp256k1"] }
dkg = { path = "../../crypto/dkg", default-features = false, features = ["std", "evrf-secp256k1"] } dkg = { path = "../../crypto/dkg", default-features = false, features = ["std", "evrf-secp256k1"] }
frost = { package = "modular-frost", path = "../../crypto/frost", default-features = false } frost = { package = "modular-frost", path = "../../crypto/frost", default-features = false }

35
processor/bitcoin/src/key_gen.rs
View file

@ -1,8 +1,6 @@
use ciphersuite::{group::GroupEncoding, Ciphersuite, Secp256k1}; use ciphersuite::{group::GroupEncoding, Ciphersuite, Secp256k1};
use frost::ThresholdKeys; use frost::ThresholdKeys;
use bitcoin_serai::bitcoin::{hashes::Hash, TapTweakHash};
use crate::{primitives::x_coord_to_even_point, scan::scanner}; use crate::{primitives::x_coord_to_even_point, scan::scanner};
pub(crate) struct KeyGenParams; pub(crate) struct KeyGenParams;
@ -12,39 +10,6 @@ impl key_gen::KeyGenParams for KeyGenParams {
type ExternalNetworkCiphersuite = Secp256k1; type ExternalNetworkCiphersuite = Secp256k1;
fn tweak_keys(keys: &mut ThresholdKeys<Self::ExternalNetworkCiphersuite>) { fn tweak_keys(keys: &mut ThresholdKeys<Self::ExternalNetworkCiphersuite>) {
/*
Offset the keys by their hash to prevent a malicious participant from inserting a script
path, as specified in
https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki#cite_note-23
This isn't exactly the same, as we then increment the key until it happens to be even, yet
the goal is simply that someone who biases the key-gen can't insert their own script path.
By adding the hash of the key to the key, anyone who attempts such bias will change the key
used (changing the bias necessary).
This is also potentially unnecessary for Serai, which uses an eVRF-based DKG. While that can
be biased (by manipulating who participates as we use it robustly and only require `t`
participants), contributions cannot be arbitrarily defined. That presumably requires
performing a search of the possible keys for some collision with 2**128 work. It's better to
offset regardless and avoid this question however.
*/
{
use k256::elliptic_curve::{
bigint::{Encoding, U256},
ops::Reduce,
};
let tweak_hash = TapTweakHash::hash(&keys.group_key().to_bytes().as_slice()[1 ..]);
/*
https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki#cite_ref-13-0 states how the
bias is negligible. This reduction shouldn't ever occur, yet if it did, the script path
would be unusable due to a check the script path hash is less than the order. That doesn't
impact us as we don't want the script path to be usable.
*/
*keys = keys.offset(<Secp256k1 as Ciphersuite>::F::reduce(U256::from_be_bytes(
*tweak_hash.to_raw_hash().as_ref(),
)));
}
*keys = bitcoin_serai::wallet::tweak_keys(keys); *keys = bitcoin_serai::wallet::tweak_keys(keys);
// Also create a scanner to assert these keys, and all expected paths, are usable // Also create a scanner to assert these keys, and all expected paths, are usable
scanner(keys.group_key()); scanner(keys.group_key());

3
processor/bitcoin/src/primitives/transaction.rs
View file

@ -2,7 +2,6 @@ use std::io;
use rand_core::{RngCore, CryptoRng}; use rand_core::{RngCore, CryptoRng};
use transcript::{Transcript, RecommendedTranscript};
use ciphersuite::Secp256k1; use ciphersuite::Secp256k1;
use frost::{dkg::ThresholdKeys, sign::PreprocessMachine}; use frost::{dkg::ThresholdKeys, sign::PreprocessMachine};
@ -81,7 +80,7 @@ impl PreprocessMachine for ClonableTransctionMachine {
.0 .0
.signable() .signable()
.expect("signing an invalid SignableTransaction") .expect("signing an invalid SignableTransaction")
.multisig(&self.1, RecommendedTranscript::new(b"Serai Processor Bitcoin Transaction")) .multisig(&self.1)
.expect("incorrect keys used for SignableTransaction") .expect("incorrect keys used for SignableTransaction")
.preprocess(rng) .preprocess(rng)
} }