absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-08 12:19:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Correct discrepancies with the IETF draft

Browse Source 
While all the transcript/extension code works as expected, which means, 
they don't cause any conflicts, n was still capped at u64::MAX at 
creation when it needs to be u16. Furthermore, participant index and 
scalars/points were little endian instead of big endian/curve dependent.
This commit is contained in:
Luke Parker
2022-05-06 07:49:18 -04:00
parent b443747994
commit 3dab26cd94
7 changed files with 32 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
crypto/frost/src/sign.rs
View File

@@ -149,7 +149,7 @@ fn sign_with_share<C: Curve, A: Algorithm<C>>(
let transcript = params.algorithm.transcript();
transcript.domain_separate(b"FROST");
if params.keys.offset.is_some() {
transcript.append_message(b"offset", &C::F_to_le_bytes(&params.keys.offset.unwrap()));
transcript.append_message(b"offset", &C::F_to_bytes(&params.keys.offset.unwrap()));
}
}
@@ -170,7 +170,7 @@ fn sign_with_share<C: Curve, A: Algorithm<C>>(
B.push(Some(our_preprocess.commitments));
{
let transcript = params.algorithm.transcript();
transcript.append_message(b"participant", &u16::try_from(l).unwrap().to_le_bytes());
transcript.append_message(b"participant", &u16::try_from(l).unwrap().to_be_bytes());
transcript.append_message(
b"commitments",
&our_preprocess.serialized[0 .. (C::G_len() * 2)]
@@ -206,7 +206,7 @@ fn sign_with_share<C: Curve, A: Algorithm<C>>(
B.push(Some([D, E]));
{
let transcript = params.algorithm.transcript();
transcript.append_message(b"participant", &u16::try_from(l).unwrap().to_le_bytes());
transcript.append_message(b"participant", &u16::try_from(l).unwrap().to_be_bytes());
transcript.append_message(b"commitments", &commitments[0 .. commitments_len]);
}
}
@@ -255,7 +255,7 @@ fn sign_with_share<C: Curve, A: Algorithm<C>>(
our_preprocess.nonces[0] + (our_preprocess.nonces[1] * binding),
msg
);
Ok((Package { Ris, R, share }, C::F_to_le_bytes(&share)))
Ok((Package { Ris, R, share }, C::F_to_bytes(&share)))
}
// This doesn't check the signing set is as expected and unexpected changes can cause false blames
@@ -291,7 +291,7 @@ fn complete<C: Curve, A: Algorithm<C>>(
Err(FrostError::InvalidShare(l))?;
}
let part = C::F_from_le_slice(serialized[l].as_ref().unwrap())
let part = C::F_from_slice(serialized[l].as_ref().unwrap())
.map_err(|_| FrostError::InvalidShare(l))?;
sum += part;
responses.push(Some(part));