mirror of
https://github.com/serai-dex/serai.git
synced 2025-01-26 04:25:57 +00:00
Update to the latest bitcoin-serai
This commit is contained in:
parent
e64827b6d7
commit
861a8352e5
4 changed files with 1 additions and 41 deletions
2
Cargo.lock
generated
2
Cargo.lock
generated
|
@ -8106,9 +8106,7 @@ dependencies = [
|
|||
"borsh",
|
||||
"ciphersuite",
|
||||
"dkg",
|
||||
"flexible-transcript",
|
||||
"hex",
|
||||
"k256",
|
||||
"log",
|
||||
"modular-frost",
|
||||
"parity-scale-codec",
|
||||
|
|
|
@ -23,8 +23,6 @@ hex = { version = "0.4", default-features = false, features = ["std"] }
|
|||
scale = { package = "parity-scale-codec", version = "3", default-features = false, features = ["std"] }
|
||||
borsh = { version = "1", default-features = false, features = ["std", "derive", "de_strict_order"] }
|
||||
|
||||
transcript = { package = "flexible-transcript", path = "../../crypto/transcript", default-features = false, features = ["std", "recommended"] }
|
||||
k256 = { version = "0.13", default-features = false, features = ["std"] }
|
||||
ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["std", "secp256k1"] }
|
||||
dkg = { path = "../../crypto/dkg", default-features = false, features = ["std", "evrf-secp256k1"] }
|
||||
frost = { package = "modular-frost", path = "../../crypto/frost", default-features = false }
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
use ciphersuite::{group::GroupEncoding, Ciphersuite, Secp256k1};
|
||||
use frost::ThresholdKeys;
|
||||
|
||||
use bitcoin_serai::bitcoin::{hashes::Hash, TapTweakHash};
|
||||
|
||||
use crate::{primitives::x_coord_to_even_point, scan::scanner};
|
||||
|
||||
pub(crate) struct KeyGenParams;
|
||||
|
@ -12,39 +10,6 @@ impl key_gen::KeyGenParams for KeyGenParams {
|
|||
type ExternalNetworkCiphersuite = Secp256k1;
|
||||
|
||||
fn tweak_keys(keys: &mut ThresholdKeys<Self::ExternalNetworkCiphersuite>) {
|
||||
/*
|
||||
Offset the keys by their hash to prevent a malicious participant from inserting a script
|
||||
path, as specified in
|
||||
https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki#cite_note-23
|
||||
|
||||
This isn't exactly the same, as we then increment the key until it happens to be even, yet
|
||||
the goal is simply that someone who biases the key-gen can't insert their own script path.
|
||||
By adding the hash of the key to the key, anyone who attempts such bias will change the key
|
||||
used (changing the bias necessary).
|
||||
|
||||
This is also potentially unnecessary for Serai, which uses an eVRF-based DKG. While that can
|
||||
be biased (by manipulating who participates as we use it robustly and only require `t`
|
||||
participants), contributions cannot be arbitrarily defined. That presumably requires
|
||||
performing a search of the possible keys for some collision with 2**128 work. It's better to
|
||||
offset regardless and avoid this question however.
|
||||
*/
|
||||
{
|
||||
use k256::elliptic_curve::{
|
||||
bigint::{Encoding, U256},
|
||||
ops::Reduce,
|
||||
};
|
||||
let tweak_hash = TapTweakHash::hash(&keys.group_key().to_bytes().as_slice()[1 ..]);
|
||||
/*
|
||||
https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki#cite_ref-13-0 states how the
|
||||
bias is negligible. This reduction shouldn't ever occur, yet if it did, the script path
|
||||
would be unusable due to a check the script path hash is less than the order. That doesn't
|
||||
impact us as we don't want the script path to be usable.
|
||||
*/
|
||||
*keys = keys.offset(<Secp256k1 as Ciphersuite>::F::reduce(U256::from_be_bytes(
|
||||
*tweak_hash.to_raw_hash().as_ref(),
|
||||
)));
|
||||
}
|
||||
|
||||
*keys = bitcoin_serai::wallet::tweak_keys(keys);
|
||||
// Also create a scanner to assert these keys, and all expected paths, are usable
|
||||
scanner(keys.group_key());
|
||||
|
|
|
@ -2,7 +2,6 @@ use std::io;
|
|||
|
||||
use rand_core::{RngCore, CryptoRng};
|
||||
|
||||
use transcript::{Transcript, RecommendedTranscript};
|
||||
use ciphersuite::Secp256k1;
|
||||
use frost::{dkg::ThresholdKeys, sign::PreprocessMachine};
|
||||
|
||||
|
@ -81,7 +80,7 @@ impl PreprocessMachine for ClonableTransctionMachine {
|
|||
.0
|
||||
.signable()
|
||||
.expect("signing an invalid SignableTransaction")
|
||||
.multisig(&self.1, RecommendedTranscript::new(b"Serai Processor Bitcoin Transaction"))
|
||||
.multisig(&self.1)
|
||||
.expect("incorrect keys used for SignableTransaction")
|
||||
.preprocess(rng)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue