diff --git a/Cargo.lock b/Cargo.lock index 91e51d24..3f95bf34 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -5119,7 +5119,7 @@ dependencies = [ [[package]] name = "multiexp" -version = "0.4.0" +version = "0.4.1" dependencies = [ "dalek-ff-group", "ff", diff --git a/crypto/multiexp/Cargo.toml b/crypto/multiexp/Cargo.toml index 228b85ab..3f5f7f21 100644 --- a/crypto/multiexp/Cargo.toml +++ b/crypto/multiexp/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "multiexp" -version = "0.4.0" +version = "0.4.1" description = "Multiexponentiation algorithms for ff/group" license = "MIT" repository = "https://github.com/serai-dex/serai/tree/develop/crypto/multiexp" diff --git a/crypto/multiexp/src/batch.rs b/crypto/multiexp/src/batch.rs index 8016047d..ea8044dd 100644 --- a/crypto/multiexp/src/batch.rs +++ b/crypto/multiexp/src/batch.rs @@ -12,7 +12,7 @@ use crate::{multiexp, multiexp_vartime}; // Flatten the contained statements to a single Vec. // Wrapped in Zeroizing in case any of the included statements contain private values. #[allow(clippy::type_complexity)] -fn flat + Zeroize>( +fn flat>( slice: &[(Id, Vec<(G::Scalar, G)>)], ) -> Zeroizing> { Zeroizing::new(slice.iter().flat_map(|pairs| pairs.1.iter()).copied().collect::>()) @@ -21,11 +21,11 @@ fn flat + Zeroize /// A batch verifier intended to verify a series of statements are each equivalent to zero. #[allow(clippy::type_complexity)] #[derive(Clone, Zeroize)] -pub struct BatchVerifier + Zeroize>( +pub struct BatchVerifier>( Zeroizing)>>, ); -impl + Zeroize> +impl> BatchVerifier { /// Create a new batch verifier, expected to verify the following amount of statements. diff --git a/crypto/multiexp/src/lib.rs b/crypto/multiexp/src/lib.rs index 604d0fd6..8b16aa91 100644 --- a/crypto/multiexp/src/lib.rs +++ b/crypto/multiexp/src/lib.rs @@ -5,6 +5,8 @@ #[cfg(not(feature = "std"))] #[macro_use] extern crate alloc; +#[allow(unused_imports)] +use std_shims::prelude::*; use std_shims::vec::Vec; use zeroize::Zeroize; @@ -175,7 +177,9 @@ fn algorithm(len: usize) -> Algorithm { /// Performs a multiexponentiation, automatically selecting the optimal algorithm based on the /// amount of pairs. -pub fn multiexp>(pairs: &[(G::Scalar, G)]) -> G { +pub fn multiexp>( + pairs: &[(G::Scalar, G)], +) -> G { match algorithm(pairs.len()) { Algorithm::Null => Group::identity(), Algorithm::Single => pairs[0].1 * pairs[0].0, diff --git a/crypto/multiexp/src/pippenger.rs b/crypto/multiexp/src/pippenger.rs index 3660b7b2..76b161ba 100644 --- a/crypto/multiexp/src/pippenger.rs +++ b/crypto/multiexp/src/pippenger.rs @@ -7,7 +7,7 @@ use crate::prep_bits; // Pippenger's algorithm for multiexponentiation, as published in the SIAM Journal on Computing // DOI: 10.1137/0209022 -pub(crate) fn pippenger>( +pub(crate) fn pippenger>( pairs: &[(G::Scalar, G)], window: u8, ) -> G { @@ -25,6 +25,7 @@ pub(crate) fn pippenger>( for p in 0 .. bits.len() { buckets[usize::from(bits[p][n])] += pairs[p].1; } + buckets.zeroize(); let mut intermediate_sum = G::identity(); for b in (1 .. buckets.len()).rev() { diff --git a/crypto/multiexp/src/straus.rs b/crypto/multiexp/src/straus.rs index f576c973..638b2827 100644 --- a/crypto/multiexp/src/straus.rs +++ b/crypto/multiexp/src/straus.rs @@ -24,12 +24,12 @@ fn prep_tables(pairs: &[(G::Scalar, G)], window: u8) -> Vec> { // Straus's algorithm for multiexponentiation, as published in The American Mathematical Monthly // DOI: 10.2307/2310929 -pub(crate) fn straus>( +pub(crate) fn straus>( pairs: &[(G::Scalar, G)], window: u8, ) -> G { let mut groupings = prep_bits(pairs, window); - let tables = prep_tables(pairs, window); + let mut tables = prep_tables(pairs, window); let mut res = G::identity(); for b in (0 .. groupings[0].len()).rev() { @@ -45,6 +45,7 @@ pub(crate) fn straus>( } groupings.zeroize(); + tables.zeroize(); res } diff --git a/crypto/multiexp/src/tests/batch.rs b/crypto/multiexp/src/tests/batch.rs index 2e78a5dc..09c04c74 100644 --- a/crypto/multiexp/src/tests/batch.rs +++ b/crypto/multiexp/src/tests/batch.rs @@ -9,7 +9,7 @@ use group::Group; use crate::BatchVerifier; -pub(crate) fn test_batch + Zeroize>() { +pub(crate) fn test_batch>() { let valid = |batch: BatchVerifier<_, G>| { assert!(batch.verify()); assert!(batch.verify_vartime()); diff --git a/crypto/multiexp/src/tests/mod.rs b/crypto/multiexp/src/tests/mod.rs index 3050c96e..9d5e8503 100644 --- a/crypto/multiexp/src/tests/mod.rs +++ b/crypto/multiexp/src/tests/mod.rs @@ -18,7 +18,7 @@ mod batch; use batch::test_batch; #[allow(dead_code)] -fn benchmark_internal>(straus_bool: bool) { +fn benchmark_internal>(straus_bool: bool) { let runs: usize = 20; let mut start = 0; @@ -83,7 +83,7 @@ fn benchmark_internal>(straus_bool: b } } -fn test_multiexp>() { +fn test_multiexp>() { let test = |pairs: &[_], sum| { // These should automatically determine the best algorithm assert_eq!(multiexp(pairs), sum);