Commit graph

877 commits

Author SHA1 Message Date
Luke Parker
73566e756d
Minimize use of lazy_static in ed448
Increases usage of const values along with overall Field impl sanity 
with regards to the crypto_bigint backend.
2022-08-31 03:33:19 -04:00
Luke Parker
a59bbe7635
Impl is_odd for dfg::Scalar 2022-08-31 01:05:30 -04:00
Luke Parker
faa43b6874
Move the featured address vectors to a vectors folder 2022-08-31 01:01:51 -04:00
Luke Parker
cc0c6fb5ac
Apply the optimized pow to dalek-ff-group
Saves ~40% from Monero hash_to_curve, assisting with #68.
2022-08-31 00:57:23 -04:00
Luke Parker
c5256d9b06
Use ChaCha20 instead of ChaCha12
Despite being slower and only used for blinding values, its still 
extremely performant. 20 is far more standard and will avoid an eye 
raise from reviewers.
2022-08-30 20:01:46 -04:00
Luke Parker
6093f4ec93
Fix clippy 2022-08-30 16:48:59 -04:00
Luke Parker
139dcde69c
Support including arbitrary data in TXs and return it with outputs
Fixes a bug where all payments identified as being to (0, 0) instead of 
their actual subaddress.
2022-08-30 15:42:23 -04:00
Luke Parker
09fdc1b77a
Close https://github.com/serai-dex/serai/issues/93 2022-08-30 14:35:33 -04:00
Luke Parker
8d56c43f5e
Update to work against the latest foundry
Links the Ethereum contract tests as well
2022-08-30 02:13:53 -04:00
Luke Parker
91f62672d3
fmt again
I botched it. I am sorry.
2022-08-30 01:52:00 -04:00
Luke Parker
6045f4ae59
fmt/clippy for previous commit 2022-08-30 01:05:18 -04:00
Luke Parker
d620231530
Remove Monero torsion-free requirement and make output keys 32 bytes
Maintains the torsion-free requirement in the one place it's used (key 
images).

In the modern day, the output keys are checked to be points, yet in 
older protocol versions they were allowed to be arbitrary bytes.

Closes https://github.com/serai-dex/serai/issues/23 and 
https://github.com/serai-dex/serai/issues/25.
2022-08-30 01:02:55 -04:00
Luke Parker
ee6316b26b
Use a Group::random which doesn't have a known DL
While Group::random shouldn't be used instead of a hash to curve, anyone 
who did would've previously been insecure and now isn't.

Could've done a recover_x and a raw Point construction, followed by a 
cofactor mul, to avoid the serialization, yet the serialization ensures 
full validity under the standard from_bytes function. THis also doesn't 
need to be micro-optimized.
2022-08-29 13:02:20 -04:00
Luke Parker
b97713aac7
Add unnecessary imports to the Ed448 backend to enable publishing
Doesn't change dependencies.
2022-08-29 03:49:40 -04:00
Luke Parker
d6a31863c4
Version bump dalek-ff-group 2022-08-29 03:46:48 -04:00
Luke Parker
081b9a1975
FROST Ed448 (#107)
* Theoretical ed448 impl

* Fixes

* Basic tests

* More efficient scalarmul

Precomputes a table to minimize additions required.

* Add a torsion test

* Split into a constant and variable time backend

The variable time one is still far too slow, at 53s for the tests (~5s a 
scalarmul). It should be usable as a PoC though.

* Rename unsafe Ed448

It's not only unworthy of the Serai branding and deserves more clarity
in the name.

* Add wide reduction to ed448

* Add Zeroize to Ed448

* Rename Ed448 group.rs to point.rs

* Minor lint to FROST

* Ed448 ciphersuite with 8032 test vector

* Macro out the backend fields

* Slight efficiency improvement to point decompression

* Disable the multiexp test in FROST for Ed448

* fmt + clippy ed448

* Fix an infinite loop in the constant time ed448 backend

* Add b"chal" to the 8032 context string for Ed448

Successfully tests against proposed vectors for the FROST IETF draft.

* Fix fmt and clippy

* Use a tabled pow algorithm in ed448's const backend

* Slight tweaks to variable time backend

Stop from_repr(MODULUS) from passing.

* Use extended points

Almost two orders of magnitude faster.

* Efficient ed448 doubling

* Remove the variable time backend

With the recent performance improvements, the constant time backend is 
now 4x faster than the variable time backend was. While the variable 
time backend remains much faster, and the constant time backend is still 
slow compared to other libraries, it's sufficiently performant now.

The FROST test, which runs a series of multiexps over the curve, does 
take 218.26s while Ristretto takes 1 and secp256k1 takes 4.57s.

While 50x slower than secp256k1 is horrible, it's ~1.5 orders of 
magntiude, which is close enough to the desire stated in 
https://github.com/serai-dex/serai/issues/108 to meet it.

Largely makes this library safe to use.

* Correct constants in ed448

* Rename unsafe-ed448 to minimal-ed448

Enables all FROST tests against it.

* No longer require the hazmat feature to use ed448

* Remove extraneous as_refs
2022-08-29 02:32:59 -05:00
Luke Parker
f71f19e26c
Add a repository field to the DLEq Cargo.toml 2022-08-26 09:10:34 -04:00
Luke Parker
33ee6b7a02
Bump FROST version 2022-08-26 09:09:18 -04:00
Luke Parker
dbd39b557e
Add a basic CONTRIBUTING file (#77)
* Add a basic CONTRIBUTING file

* Mild updates to CONTRIBUTING, mainly about formatting

* Add import ordering to CONTRIBUTING
2022-08-26 07:41:00 -05:00
Luke Parker
a8a00598e4
Update to FROST v8 2022-08-26 05:59:43 -04:00
Luke Parker
4881ddae87
Update Monero crate description 2022-08-25 04:02:30 -04:00
Luke Parker
546b772be3
Clarify licensing per https://github.com/serai-dex/serai/issues/13
Implements bullets 2-4 of 
https://github.com/serai-dex/serai/issues/13#issuecomment-1212689876.
2022-08-25 04:02:13 -04:00
Luke Parker
5b2940e161
Lint previous commit 2022-08-22 13:35:49 -04:00
Luke Parker
5c106cecf6
Fix https://github.com/serai-dex/serai/issues/105 2022-08-22 12:15:14 -04:00
Luke Parker
5a1f011db8
Fix https://github.com/serai-dex/serai/issues/106 2022-08-22 08:57:36 -04:00
Luke Parker
5751204a98
Introduce a subaddress capable scanner type 2022-08-22 08:32:09 -04:00
Luke Parker
19f5fd8fe9
Include subaddress and payment ID in SpendableOutput 2022-08-22 07:22:54 -04:00
Luke Parker
f0b914c721
Support sending to integrated addresses 2022-08-22 06:54:01 -04:00
Luke Parker
99b683b843
Update processor 2022-08-22 05:27:35 -04:00
Luke Parker
331aa6c644
Implement Featured Addresses
Closes https://github.com/serai-dex/serai/issues/37.
2022-08-22 04:27:58 -04:00
Luke Parker
3fffea178f
Visibility fixes 2022-08-21 11:29:01 -04:00
Luke Parker
d596eeee6e
Update visibility of various items in Monero 2022-08-21 11:06:17 -04:00
Luke Parker
60d93c4b2d
Update BP fee_weight
Closes https://github.com/serai-dex/serai/issues/8.
2022-08-21 10:35:10 -04:00
Luke Parker
755d021f8e
Canonicalize read_varint
There is a slight note we only implement u64 varint's, while Monero does 
it for arbitrary uints, yet that's not relevant at this time. It is 
documented in #25.
2022-08-21 08:58:28 -04:00
Luke Parker
c5beee5648
Fix #48
Removes monero, yet we still use monero-rs's base58 and epee libraries.
2022-08-21 08:41:19 -04:00
Luke Parker
d12507e612
Fix a DoS in Monero
A malicious TX could cause an arbitrary amount of memory to be allocated 
despite not even containing that amount of data.
2022-08-21 07:52:49 -04:00
Luke Parker
8af3a9ea51
Correct Monero build script 2022-08-21 06:48:59 -04:00
Luke Parker
603a3f8c9f
Generate Bulletproofs(+) generators at compile time
Creates a new monero-generators crate so the monero crate can run the 
code in question at build time.

Saves several seconds from running the tests.

Closes https://github.com/serai-dex/serai/issues/101.
2022-08-21 06:36:53 -04:00
Luke Parker
577fe99a08
Fix https://github.com/serai-dex/serai/issues/18 2022-08-21 05:13:07 -04:00
Luke Parker
00d61286b1
Lint Monero serialization 2022-08-21 04:41:55 -04:00
Luke Parker
76db682a25
Replace static Scalar with a uint conversion in BP+ 2022-08-21 00:46:23 -04:00
Luke Parker
f319966dca
Lint Getting Started document 2022-08-21 00:45:41 -04:00
TheArchitect108
74e2d230e8
Simple getting started doc (#91)
* simple getting started doc

* Swap Old Ubuntu and Solc

* Fixes indents and removes OS preferences

* drops indents from code blocks
2022-08-20 23:26:16 -05:00
Luke Parker
c53e7ad6c7
Bump dalek-ff-group version 2022-08-18 17:11:55 -04:00
J. Burfeind
a2aa182cc4
Conditional negate (#90)
* Reorder tests in dalek-ff-group

* Add required method for ConditionallyNegatable

Adds lifetime bound implementation `Neg`
for borrowed FieldElements in dalek-ff-group.
2022-08-18 15:02:31 -05:00
aiyion.prime
45912d6837 Add implementation for sqrt_ratio_i()
in dalek-ff-group
2022-08-18 13:38:57 -05:00
Luke Parker
0543f3c469
Patch Benchmark 2022-08-16 17:43:46 -04:00
Luke Parker
f809827acd
cargo update
Fixes https://github.com/serai-dex/serai/issues/82.
2022-08-16 03:44:32 -04:00
Luke Parker
a73bcc908f
Add missing test annotation 2022-08-13 19:43:43 -04:00
Luke Parker
75c3cdc5af
Comment the previous commit
Despite the intentions of https://github.com/serai-dex/serai/issues/85, 
it failed to be practically faster :/

Updates a DLEq test to be better as well.
2022-08-13 19:43:18 -04:00