Luke Parker
36034c2f72
Move ecdh derivation up to prevent Scalar::one() * ecdh
2023-03-11 10:51:40 -05:00
Luke Parker
5e62072a0f
Fix #237
2023-03-11 10:31:58 -05:00
Luke Parker
e56495d624
Prefix arbitrary data with 127
...
Since we cannot expect/guarantee a payment ID will be included, the previous
position-based code for determining arbitrary data wasn't sufficient.
2023-03-11 05:47:25 -05:00
Luke Parker
71dbc798b5
Fix #251
2023-03-11 05:23:38 -05:00
Luke Parker
4335baa43f
cargo update
2023-03-11 04:49:05 -05:00
akildemir
77de28f77a
add monero seed support ( #252 )
...
* add monero seed support
* fix some of the pr comments
* remove languages module and unnecessary error returns
* Clean classic seed impl
Fixes a few issues regarding Zeroize usage/API safety. Mainly a cleanup.
---------
Co-authored-by: Luke Parker <lukeparker5132@gmail.com>
2023-03-10 14:16:00 -05:00
Luke Parker
ad470bc969
\#242 Expand usage of black_box/zeroize
...
This commit greatly expands the usage of black_box/zeroize on bits, as it
originally should have. It is likely overkill, leading to less efficient
code generation, yet does its best to be comprehensive where comprehensiveness
is extremely annoying to achieve.
In the future, this usage of black_box may be desirable to move to its own
crate.
Credit to @AaronFeickert for identifying the original commit was incomplete.
2023-03-10 06:27:44 -05:00
Luke Parker
62dfc63532
Fix Ethereum, again
2023-03-07 06:25:21 -05:00
Luke Parker
1e201562df
Correct doc comments re: HTML tags
2023-03-07 05:34:29 -05:00
Luke Parker
11114dcb74
Further fix the clippy lint controls for Hash on dalek_ff_group::*Point
2023-03-07 05:31:02 -05:00
Luke Parker
837c776297
Make Schnorr modular to its transcript
2023-03-07 05:30:21 -05:00
Luke Parker
6bff3866ea
Correct Ethereum
2023-03-07 05:25:25 -05:00
Luke Parker
b0730e3fdf
Fix last commit again
2023-03-07 04:47:06 -05:00
Luke Parker
2e78d61752
Fix last commit
2023-03-07 04:39:15 -05:00
Luke Parker
0b8a4ab3d0
Use a backwards compatible clippy lint for impl Hash
2023-03-07 04:26:19 -05:00
Luke Parker
c358090f16
Use black_box to help obscure the dalek-ff-group bool -> Choice conversion
...
I have no idea if this will actually help, yet it can't hurt.
Feature gated due to MSRV requirements.
Fixes #242 .
2023-03-07 04:23:41 -05:00
Luke Parker
adb5f34fda
Merge branch 'crypto-audit' into crypto-tweaks
2023-03-07 04:08:34 -05:00
Luke Parker
ed056cceaf
3.5.2 Test non-canonical from_repr
...
Unfortunately, G::from_bytes doesn't require canonicity so that still can't
be properly tested for. While we could try to detect SEC1, and write tests
on that, there's not a suitably stable/wide enough solution to be worth it.
2023-03-07 04:05:56 -05:00
Luke Parker
2bad06e5d9
Fix #200
2023-03-07 03:55:58 -05:00
Luke Parker
5a9a42f025
Use variable time for verifying PoKs in the DKG
2023-03-07 03:48:16 -05:00
Luke Parker
7d12c785b7
Correct error comment in ff-group-tests
2023-03-07 03:46:55 -05:00
Luke Parker
e08adcc1ac
Have Ciphersuite re-export Group
2023-03-07 03:46:16 -05:00
Luke Parker
af5702fccd
Make encryption public
...
It's necessary in order to read encryption messages over the network.
2023-03-07 03:37:30 -05:00
Luke Parker
5037962d3c
Rename dkg serialize/deserialize to write/read
2023-03-07 03:37:25 -05:00
Luke Parker
5b26115f81
Add Debug implementations to dkg
2023-03-07 03:26:39 -05:00
Luke Parker
1a99629a4a
Add feature-gated serde support for Participant/ThresholdParams
...
These don't have secret data yet sometimes have value to be communicated.
2023-03-07 03:13:55 -05:00
Luke Parker
b1ea2dfba6
Add support for hashing (as in HashMap) dalek points
2023-03-07 03:10:55 -05:00
Luke Parker
0e8c55e050
Update and remove unused dependencies
2023-03-07 03:06:46 -05:00
Luke Parker
d36fc026dd
Remove unused generic in frost
2023-03-07 02:40:09 -05:00
Luke Parker
0bbf511062
Add 'static/Send/Sync to specific traits in crypto
...
These were proven necessary by our real world usage.
2023-03-07 02:38:47 -05:00
Luke Parker
2729882d65
Update to {k, p}256 0.12
2023-03-07 02:34:10 -05:00
Luke Parker
c37cc0b4e2
Update Zeroize pin to ^1.5 from 1.5
2023-03-07 02:29:59 -05:00
Luke Parker
a053454ae4
3.9.4 Add tests to the transcript crate
2023-03-07 02:25:10 -05:00
Luke Parker
20a33079f8
3.9.3 Document Merlin domain_separate conflict potential and add an asert
2023-03-06 20:16:57 -05:00
Luke Parker
8307d4f6c8
cargo fmt
2023-03-06 08:23:14 -05:00
Luke Parker
db1fefe7c1
Update tendermint/node to latest substrate
2023-03-06 08:20:01 -05:00
Luke Parker
4a81640ab8
Update runtime to latest substrate
2023-03-06 08:14:22 -05:00
Luke Parker
943438628d
cargo update
2023-03-06 07:39:43 -05:00
Luke Parker
7efedb9a91
3.9.1 Also correct invalid doc comment
2023-03-06 07:16:04 -05:00
Luke Parker
79124b9a33
3.9.2 Better document rng_seed is allowed to conflict with challenge
2023-03-02 11:19:26 -05:00
Luke Parker
6fec95b1a7
3.7.2 Remove code randomizing which side odd elements end up on
...
This could still be gamed. For [1, 2, 3], the options were ([1], [2, 3]) or
([1, 2], [3]). This means 2 would always have the maximum round count, and
thus this is still game-able. There's no point to keeping its complexity
accordingly when the algorithm is as efficient as it is.
While a proper random could be used to satisfy 3.7.2, it'd break the
expected determinism.
2023-03-02 11:16:00 -05:00
Luke Parker
2f4f1de488
3.9.1 Fix SecureDigest trait bound
2023-03-02 10:57:22 -05:00
Luke Parker
97374a3e24
3.8.6 Correct transcript to scalar derivation
...
Replaces the externally passed in Digest with C::H since C is available.
2023-03-02 10:04:18 -05:00
Luke Parker
530671795a
3.8.5 Let the caller pass in a DST for the aggregation hash function
...
Also moves the aggregator over to Digest. While a bit verbose for this context,
as all appended items were fixed length, it's length prefixing is solid and
the API is pleasant. The downside is the additional dependency which is
in tree and quite compact.
2023-03-02 09:29:37 -05:00
Luke Parker
8b7e7b1a1c
3.8.4 Don't additionally transcript keys with challenges
2023-03-02 09:14:36 -05:00
Luke Parker
053f07a281
3.8.3 Document challenge requirements
2023-03-02 09:08:53 -05:00
Luke Parker
08f9287107
3.8.2 Add Ed25519 RFC 8032 test vectors
2023-03-02 09:06:03 -05:00
Luke Parker
35043d2889
3.8.1 Document RFC 8032 compatibility
2023-03-02 08:45:09 -05:00
Luke Parker
1d2ebdca62
3.7.6, 3.7.7 Optimize multiexp implementations
2023-03-02 06:12:02 -05:00
Luke Parker
e5329b42e6
3.7.5 Further document multiexp functions
2023-03-02 05:49:45 -05:00