From 87dea5e455fa20ee0a0ffb97af3d8c0bdb938d79 Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Thu, 23 Feb 2023 04:56:05 -0500
Subject: [PATCH] 3.3.3 Add an assert if polynomial is called with 0

This will only be called with 0 if the code fails to do proper screening of its
arguments. If such a flaw is present, the DKG lib is critically broken (as this
function isn't public). If it was allowed to continue executing, it'd reveal
the secret share.
---
 crypto/dkg/src/frost.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/dkg/src/frost.rs b/crypto/dkg/src/frost.rs
index 0bc7ac7a..8884a9b2 100644
--- a/crypto/dkg/src/frost.rs
+++ b/crypto/dkg/src/frost.rs
@@ -151,6 +151,7 @@ impl<C: Ciphersuite> KeyGenMachine<C> {
 }
 
 fn polynomial<F: PrimeField + Zeroize>(coefficients: &[Zeroizing<F>], l: u16) -> Zeroizing<F> {
+  assert!(l != 0, "attempting to evaluate a polynomial with 0");
   let l = F::from(u64::from(l));
   let mut share = Zeroizing::new(F::zero());
   for (idx, coefficient) in coefficients.iter().rev().enumerate() {