absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-09 12:49:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d74b00b9e41d77f2a9b520b0acf97ee4e2a43532
serai/crypto/frost/Cargo.toml

102 lines
3.4 KiB
TOML
Raw Normal View History

Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
[package]
Rename FROST's official package name and update documentation
2022-06-19 05:21:22 -04:00
name = "modular-frost"
Smash the singular `Ciphersuite` trait into multiple This helps identify where the various functionalities are used, or rather, not used. The `Ciphersuite` trait present in `patches/ciphersuite`, facilitating the entire FCMP++ tree, only requires the markers _and_ canonical point decoding. I've opened a PR to upstream such a trait into `group` (https://github.com/zkcrypto/group/pull/68). `WrappedGroup` is still justified for as long as `Group::generator` exists. Moving `::generator()` to its own trait, on an independent structure (upstream) would be massively appreciated. @tarcieri also wanted to update from `fn generator()` to `const GENERATOR`, which would encourage further discussion on https://github.com/zkcrypto/group/issues/32 and https://github.com/zkcrypto/group/issues/45, which have been stagnant. The `Id` trait is occasionally used yet really should be first off the chopping block. Finally, `WithPreferredHash` is only actually used around a third of the time, which more than justifies it being a separate trait. --- Updates `dalek_ff_group::Scalar` to directly re-export `curve25519_dalek::Scalar`, as without issue. `dalek_ff_group::RistrettoPoint` also could be replaced with an export of `curve25519_dalek::RistrettoPoint`, yet the coordinator relies on how we implemented `Hash` on it for the hell of it so it isn't worth it at this time. `dalek_ff_group::EdwardsPoint` can't be replaced for an re-export of `curve25519_dalek::SubgroupPoint` as it doesn't implement `zeroize`, `subtle` traits within a released, non-yanked version. Relevance to https://github.com/serai-dex/serai/issues/201 and https://github.com/dalek-cryptography/curve25519-dalek/issues/811#issuecomment-3247732746. Also updates the `Ristretto` ciphersuite to prefer `Blake2b-512` over `SHA2-512`. In order to maintain compliance with FROST's IETF standard, `modular-frost` defines its own ciphersuite for Ristretto which still uses `SHA2-512`.
2025-09-03 12:25:37 -04:00
version = "0.11.0"
Rename FROST's official package name and update documentation
2022-06-19 05:21:22 -04:00
description = "Modular implementation of FROST over ff/group"
Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
license = "MIT"
Fill out Cargo.tomls Updated missing fields/sections, even if some won't be used, to standardize. Also made FROST tests feature-gated.
2022-10-15 23:46:22 -04:00
repository = "https://github.com/serai-dex/serai/tree/develop/crypto/frost"
Transcript crate with both a merlin backend and a basic label len value backend Moves binding factor/seeded RNGs over to the transcripts.
2022-05-03 07:20:24 -04:00
authors = ["Luke Parker <lukeparker5132@gmail.com>"]
Rename FROST's official package name and update documentation
2022-06-19 05:21:22 -04:00
keywords = ["frost", "multisig", "threshold"]
Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
edition = "2021"
Replace `Ciphersuite::hash_to_F` The prior-present `Ciphersuite::hash_to_F` was a sin. Implementations took a DST, yet were not require to securely handle it. It was also biased towards the requirements of `modular-frost` as `ciphersuite` was originally written all those years ago, when `modular-frost` had needs exceeding what `ff`, `group` satisfied. Now, the hash is bound to produce an output which can be converted to a scalar with `ff::FromUniformBytes`. A new `hash_to_F`, which accepts a single argument of the value to hash (removing the potential to insecurely handle the DST by removing the DST entirely). Due to `digest` yielding a `GenericArray`, yet `FromUniformBytes` taking a `const usize`, the `ciphersuite` crate now defines a `FromUniformBytes` trait taking an array (then implemented for all satisfiers of `ff::FromUniformBytes`). In order to get the array type from the `GenericArray`, the output of the hash, `digest` is updated to the `0.11` release candidate which moves to `flexible-array` which solves that problem. The existing, specific `hash_to_F` functions have been moved to `modular-frost` as necessary. `flexible-array` itself is patched to a fork due to https://github.com/RustCrypto/hybrid-array/issues/131.
2025-08-29 05:04:03 -04:00
rust-version = "1.85"
Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
Initial documentation for the Monero libraries (#122) * Document all features * Largely document the Monero libraries Relevant to https://github.com/serai-dex/serai/issues/103 and likely sufficient to get this removed from https://github.com/serai-dex/serai/issues/102.
2022-09-28 07:44:49 -05:00
[package.metadata.docs.rs]
all-features = true
Use doc_auto_cfg
2022-09-29 04:47:55 -04:00
rustdoc-args = ["--cfg", "docsrs"]
Initial documentation for the Monero libraries (#122) * Document all features * Largely document the Monero libraries Relevant to https://github.com/serai-dex/serai/issues/103 and likely sufficient to get this removed from https://github.com/serai-dex/serai/issues/102.
2022-09-28 07:44:49 -05:00
Add workspace lints
2023-12-16 20:54:24 -05:00
[lints]
workspace = true
Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
[dependencies]
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
std-shims = { version = "0.1", path = "../../common/std-shims", default-features = false, features = ["alloc"] }
Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
thiserror = { version = "2", default-features = false }
Utilize zeroize (#76) * Apply Zeroize to nonces used in Bulletproofs Also makes bit decomposition constant time for a given amount of outputs. * Fix nonce reuse for single-signer CLSAG * Attach Zeroize to most structures in Monero, and ZOnDrop to anything with private data * Zeroize private keys and nonces * Merge prepare_outputs and prepare_transactions * Ensure CLSAG is constant time * Pass by borrow where needed, bug fixes The past few commitments have been one in-progress chunk which I've broken up as best read. * Add Zeroize to FROST structs Still needs to zeroize internally, yet next step. Not quite as aggressive as Monero, partially due to the limitations of HashMaps, partially due to less concern about metadata, yet does still delete a few smaller items of metadata (group key, context string...). * Remove Zeroize from most Monero multisig structs These structs largely didn't have private data, just fields with private data, yet those fields implemented ZeroizeOnDrop making them already covered. While there is still traces of the transaction left in RAM, fully purging that was never the intent. * Use Zeroize within dleq bitvec doesn't offer Zeroize, so a manual zeroing has been implemented. * Use Zeroize for random_nonce It isn't perfect, due to the inability to zeroize the digest, and due to kp256 requiring a few transformations. It does the best it can though. Does move the per-curve random_nonce to a provided one, which is allowed as of https://github.com/cfrg/draft-irtf-cfrg-frost/pull/231. * Use Zeroize on FROST keygen/signing * Zeroize constant time multiexp. * Correct when FROST keygen zeroizes * Move the FROST keys Arc into FrostKeys Reduces amount of instances in memory. * Manually implement Debug for FrostCore to not leak the secret share * Misc bug fixes * clippy + multiexp test bug fixes * Correct FROST key gen share summation It leaked our own share for ourself. * Fix cross-group DLEq tests
2022-08-03 03:25:18 -05:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
rand_core = { version = "0.6", default-features = false, features = ["alloc"] }
rand_chacha = { version = "0.3", default-features = false }
Utilize zeroize (#76) * Apply Zeroize to nonces used in Bulletproofs Also makes bit decomposition constant time for a given amount of outputs. * Fix nonce reuse for single-signer CLSAG * Attach Zeroize to most structures in Monero, and ZOnDrop to anything with private data * Zeroize private keys and nonces * Merge prepare_outputs and prepare_transactions * Ensure CLSAG is constant time * Pass by borrow where needed, bug fixes The past few commitments have been one in-progress chunk which I've broken up as best read. * Add Zeroize to FROST structs Still needs to zeroize internally, yet next step. Not quite as aggressive as Monero, partially due to the limitations of HashMaps, partially due to less concern about metadata, yet does still delete a few smaller items of metadata (group key, context string...). * Remove Zeroize from most Monero multisig structs These structs largely didn't have private data, just fields with private data, yet those fields implemented ZeroizeOnDrop making them already covered. While there is still traces of the transaction left in RAM, fully purging that was never the intent. * Use Zeroize within dleq bitvec doesn't offer Zeroize, so a manual zeroing has been implemented. * Use Zeroize for random_nonce It isn't perfect, due to the inability to zeroize the digest, and due to kp256 requiring a few transformations. It does the best it can though. Does move the per-curve random_nonce to a provided one, which is allowed as of https://github.com/cfrg/draft-irtf-cfrg-frost/pull/231. * Use Zeroize on FROST keygen/signing * Zeroize constant time multiexp. * Correct when FROST keygen zeroizes * Move the FROST keys Arc into FrostKeys Reduces amount of instances in memory. * Manually implement Debug for FrostCore to not leak the secret share * Misc bug fixes * clippy + multiexp test bug fixes * Correct FROST key gen share summation It leaked our own share for ourself. * Fix cross-group DLEq tests
2022-08-03 03:25:18 -05:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
zeroize = { version = "^1.5", default-features = false, features = ["alloc", "zeroize_derive"] }
subtle = { version = "^2.4", default-features = false }
Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
hex = { version = "0.4", default-features = false, features = ["alloc"], optional = true }
Add Ed25519 to FROST and remove expand_xmd for elliptic_curve's Doesn't fully utilize ec's hash2curve module as k256 Scalar doesn't have FromOkm for some reason. The previously present bigint reduction is preserved. Updates ff/group to 0.12. Premised on https://github.com/cfrg/draft-irtf-cfrg-frost/pull/205 being merged, as while this Ed25519 is vector compliant, it's technically not spec compliant due to that conflict.
2022-06-06 02:18:25 -04:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
transcript = { package = "flexible-transcript", path = "../transcript", version = "^0.3.2", default-features = false, features = ["recommended"] }
Add first party support for k256 and p256 under feature flags Given the lack of vectors for k256, it's currently a match of the p256 spec (with a distinct context string), yet p256 is still always used when testing.
2022-06-05 16:08:51 -04:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
dalek-ff-group = { path = "../dalek-ff-group", version = "0.5", default-features = false, features = ["alloc"], optional = true }
minimal-ed448 = { path = "../ed448", version = "0.4", default-features = false, features = ["alloc"], optional = true }
ciphersuite = { path = "../ciphersuite", version = "^0.4.1", default-features = false, features = ["alloc"] }
Replace `Ciphersuite::hash_to_F` The prior-present `Ciphersuite::hash_to_F` was a sin. Implementations took a DST, yet were not require to securely handle it. It was also biased towards the requirements of `modular-frost` as `ciphersuite` was originally written all those years ago, when `modular-frost` had needs exceeding what `ff`, `group` satisfied. Now, the hash is bound to produce an output which can be converted to a scalar with `ff::FromUniformBytes`. A new `hash_to_F`, which accepts a single argument of the value to hash (removing the potential to insecurely handle the DST by removing the DST entirely). Due to `digest` yielding a `GenericArray`, yet `FromUniformBytes` taking a `const usize`, the `ciphersuite` crate now defines a `FromUniformBytes` trait taking an array (then implemented for all satisfiers of `ff::FromUniformBytes`). In order to get the array type from the `GenericArray`, the output of the hash, `digest` is updated to the `0.11` release candidate which moves to `flexible-array` which solves that problem. The existing, specific `hash_to_F` functions have been moved to `modular-frost` as necessary. `flexible-array` itself is patched to a fork due to https://github.com/RustCrypto/hybrid-array/issues/131.
2025-08-29 05:04:03 -04:00
sha2 = { version = "0.10.0", default-features = false, optional = true }
elliptic-curve = { version = "0.13", default-features = false, features = ["hash2curve"], optional = true }
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
ciphersuite-kp256 = { path = "../ciphersuite/kp256", version = "0.4", default-features = false, features = ["alloc"], optional = true }
Have Ciphersuite re-export Group
2023-03-07 03:46:16 -05:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
multiexp = { path = "../multiexp", version = "0.4", default-features = false, features = ["alloc", "batch"] }
Fix https://github.com/serai-dex/serai/issues/5
2022-05-03 07:42:09 -04:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
schnorr = { package = "schnorr-signatures", path = "../schnorr", version = "^0.5.1", default-features = false, features = ["alloc"] }
Fix https://github.com/serai-dex/serai/issues/14.
2022-07-12 01:28:01 -04:00
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
dkg = { path = "../dkg", version = "0.6.1", default-features = false }
dkg-recovery = { path = "../dkg/recovery", version = "0.6", default-features = false, optional = true }
dkg-dealer = { path = "../dkg/dealer", version = "0.6", default-features = false, optional = true }
Create a dedicated crate for the DKG (#141) * Add dkg crate * Remove F_len and G_len They're generally no longer used. * Replace hash_to_vec with a provided method around associated type H: Digest Part of trying to minimize this trait so it can be moved elsewhere. Vec, which isn't std, may have been a blocker. * Encrypt secret shares within the FROST library Reduces requirements on callers in order to be correct. * Update usage of Zeroize within FROST * Inline functions in key_gen There was no reason to have them separated as they were. sign probably has the same statement available, yet that isn't the focus right now. * Add a ciphersuite package which provides hash_to_F * Set the Ciphersuite version to something valid * Have ed448 export Scalar/FieldElement/Point at the top level * Move FROST over to Ciphersuite * Correct usage of ff in ciphersuite * Correct documentation handling * Move Schnorr signatures to their own crate * Remove unused feature from schnorr * Fix Schnorr tests * Split DKG into a separate crate * Add serialize to Commitments and SecretShare Helper for buf = vec![]; .write(buf).unwrap(); buf * Move FROST over to the new dkg crate * Update Monero lib to latest FROST * Correct ethereum's usage of features * Add serialize to GeneratorProof * Add serialize helper function to FROST * Rename AddendumSerialize to WriteAddendum * Update processor * Slight fix to processor
2022-10-29 03:54:42 -05:00
Initial commit Combines the existing frost-rs, dalek-ff-group, and monero-rs repos into a monorepo. Makes tweaks necessary as needed. Replaces RedDSA (which was going to be stubbed out into a new folder for now) with an offset system that voids its need and allows stealth addresses with CLSAG.
2022-04-21 21:36:18 -04:00
[dev-dependencies]
Fix Ethereum, again
2023-03-07 06:25:21 -05:00
hex = "0.4"
Explicitly set features in modular-frost
2023-11-13 05:31:47 -05:00
serde_json = { version = "1", default-features = false, features = ["std"] }
Add first party support for k256 and p256 under feature flags Given the lack of vectors for k256, it's currently a match of the p256 spec (with a distinct context string), yet p256 is still always used when testing.
2022-06-05 16:08:51 -04:00
Have modular-frost compile again
2025-08-18 01:54:52 -04:00
dkg = { path = "../dkg", default-features = false, features = ["std"] }
dkg-recovery = { path = "../dkg/recovery", default-features = false, features = ["std"] }
Add dealer key generation crate
2025-08-18 02:13:12 -04:00
dkg-dealer = { path = "../dkg/dealer", default-features = false, features = ["std"] }
Correct dev-dependencies for modular-frost
2022-11-14 19:20:56 -05:00
Add first party support for k256 and p256 under feature flags Given the lack of vectors for k256, it's currently a match of the p256 spec (with a distinct context string), yet p256 is still always used when testing.
2022-06-05 16:08:51 -04:00
[features]
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
std = [
"std-shims/std",
"thiserror/std",
"rand_core/std",
"rand_chacha/std",
"zeroize/std",
"subtle/std",
"hex?/std",
"transcript/std",
"dalek-ff-group?/std",
"minimal-ed448?/std",
"ciphersuite/std",
"sha2?/std",
"elliptic-curve?/std",
"ciphersuite-kp256?/std",
"multiexp/std",
"schnorr/std",
"dkg/std",
"dkg-recovery?/std",
"dkg-dealer?/std",
]
Smash Ciphersuite definitions into their own crates Uses dalek-ff-group for Ed25519 and Ristretto. Uses minimal-ed448 for Ed448. Adds ciphersuite-kp256 for Secp256k1 and P-256.
2025-08-20 04:50:37 -04:00
ed25519 = ["dalek-ff-group"]
ristretto = ["dalek-ff-group"]
FROST Ed448 (#107) * Theoretical ed448 impl * Fixes * Basic tests * More efficient scalarmul Precomputes a table to minimize additions required. * Add a torsion test * Split into a constant and variable time backend The variable time one is still far too slow, at 53s for the tests (~5s a scalarmul). It should be usable as a PoC though. * Rename unsafe Ed448 It's not only unworthy of the Serai branding and deserves more clarity in the name. * Add wide reduction to ed448 * Add Zeroize to Ed448 * Rename Ed448 group.rs to point.rs * Minor lint to FROST * Ed448 ciphersuite with 8032 test vector * Macro out the backend fields * Slight efficiency improvement to point decompression * Disable the multiexp test in FROST for Ed448 * fmt + clippy ed448 * Fix an infinite loop in the constant time ed448 backend * Add b"chal" to the 8032 context string for Ed448 Successfully tests against proposed vectors for the FROST IETF draft. * Fix fmt and clippy * Use a tabled pow algorithm in ed448's const backend * Slight tweaks to variable time backend Stop from_repr(MODULUS) from passing. * Use extended points Almost two orders of magnitude faster. * Efficient ed448 doubling * Remove the variable time backend With the recent performance improvements, the constant time backend is now 4x faster than the variable time backend was. While the variable time backend remains much faster, and the constant time backend is still slow compared to other libraries, it's sufficiently performant now. The FROST test, which runs a series of multiexps over the curve, does take 218.26s while Ristretto takes 1 and secp256k1 takes 4.57s. While 50x slower than secp256k1 is horrible, it's ~1.5 orders of magntiude, which is close enough to the desire stated in https://github.com/serai-dex/serai/issues/108 to meet it. Largely makes this library safe to use. * Correct constants in ed448 * Rename unsafe-ed448 to minimal-ed448 Enables all FROST tests against it. * No longer require the hazmat feature to use ed448 * Remove extraneous as_refs
2022-08-29 02:32:59 -05:00
Replace `Ciphersuite::hash_to_F` The prior-present `Ciphersuite::hash_to_F` was a sin. Implementations took a DST, yet were not require to securely handle it. It was also biased towards the requirements of `modular-frost` as `ciphersuite` was originally written all those years ago, when `modular-frost` had needs exceeding what `ff`, `group` satisfied. Now, the hash is bound to produce an output which can be converted to a scalar with `ff::FromUniformBytes`. A new `hash_to_F`, which accepts a single argument of the value to hash (removing the potential to insecurely handle the DST by removing the DST entirely). Due to `digest` yielding a `GenericArray`, yet `FromUniformBytes` taking a `const usize`, the `ciphersuite` crate now defines a `FromUniformBytes` trait taking an array (then implemented for all satisfiers of `ff::FromUniformBytes`). In order to get the array type from the `GenericArray`, the output of the hash, `digest` is updated to the `0.11` release candidate which moves to `flexible-array` which solves that problem. The existing, specific `hash_to_F` functions have been moved to `modular-frost` as necessary. `flexible-array` itself is patched to a fork due to https://github.com/RustCrypto/hybrid-array/issues/131.
2025-08-29 05:04:03 -04:00
secp256k1 = ["sha2", "elliptic-curve", "ciphersuite-kp256"]
p256 = ["sha2", "elliptic-curve", "ciphersuite-kp256"]
FROST Ed448 (#107) * Theoretical ed448 impl * Fixes * Basic tests * More efficient scalarmul Precomputes a table to minimize additions required. * Add a torsion test * Split into a constant and variable time backend The variable time one is still far too slow, at 53s for the tests (~5s a scalarmul). It should be usable as a PoC though. * Rename unsafe Ed448 It's not only unworthy of the Serai branding and deserves more clarity in the name. * Add wide reduction to ed448 * Add Zeroize to Ed448 * Rename Ed448 group.rs to point.rs * Minor lint to FROST * Ed448 ciphersuite with 8032 test vector * Macro out the backend fields * Slight efficiency improvement to point decompression * Disable the multiexp test in FROST for Ed448 * fmt + clippy ed448 * Fix an infinite loop in the constant time ed448 backend * Add b"chal" to the 8032 context string for Ed448 Successfully tests against proposed vectors for the FROST IETF draft. * Fix fmt and clippy * Use a tabled pow algorithm in ed448's const backend * Slight tweaks to variable time backend Stop from_repr(MODULUS) from passing. * Use extended points Almost two orders of magnitude faster. * Efficient ed448 doubling * Remove the variable time backend With the recent performance improvements, the constant time backend is now 4x faster than the variable time backend was. While the variable time backend remains much faster, and the constant time backend is still slow compared to other libraries, it's sufficiently performant now. The FROST test, which runs a series of multiexps over the curve, does take 218.26s while Ristretto takes 1 and secp256k1 takes 4.57s. While 50x slower than secp256k1 is horrible, it's ~1.5 orders of magntiude, which is close enough to the desire stated in https://github.com/serai-dex/serai/issues/108 to meet it. Largely makes this library safe to use. * Correct constants in ed448 * Rename unsafe-ed448 to minimal-ed448 Enables all FROST tests against it. * No longer require the hazmat feature to use ed448 * Remove extraneous as_refs
2022-08-29 02:32:59 -05:00
Smash Ciphersuite definitions into their own crates Uses dalek-ff-group for Ed25519 and Ristretto. Uses minimal-ed448 for Ed448. Adds ciphersuite-kp256 for Secp256k1 and P-256.
2025-08-20 04:50:37 -04:00
ed448 = ["minimal-ed448"]
Fill out Cargo.tomls Updated missing fields/sections, even if some won't be used, to standardize. Also made FROST tests feature-gated.
2022-10-15 23:46:22 -04:00
Smash Ciphersuite definitions into their own crates Uses dalek-ff-group for Ed25519 and Ristretto. Uses minimal-ed448 for Ed448. Adds ciphersuite-kp256 for Secp256k1 and P-256.
2025-08-20 04:50:37 -04:00
tests = ["hex", "rand_core/getrandom", "dkg-dealer", "dkg-recovery"]
Finally make `modular-frost` work with `alloc` alone Carries the update to `frost-schnorrkel` and `bitcoin-serai`.
2025-09-15 23:16:11 -04:00
default = ["std"]
Reference in New Issue Copy Permalink