Fix zeroization timeline in multiexp, cargo machete

Cargo.lock

@@ -2705,7 +2705,6 @@ dependencies = [
  "merlin",
  "sha2",
  "std-shims",
- "subtle",
  "zeroize",
 ]
 

crypto/multiexp/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "multiexp"
-version = "0.4.1"
+version = "0.4.2"
 description = "Multiexponentiation algorithms for ff/group"
 license = "MIT"
 repository = "https://github.com/serai-dex/serai/tree/develop/crypto/multiexp"

crypto/multiexp/src/pippenger.rs

@@ -25,13 +25,14 @@ pub(crate) fn pippenger<G: Zeroize + Group<Scalar: PrimeFieldBits>>(
     for p in 0 .. bits.len() {
       buckets[usize::from(bits[p][n])] += pairs[p].1;
     }
-    buckets.zeroize();
 
     let mut intermediate_sum = G::identity();
     for b in (1 .. buckets.len()).rev() {
       intermediate_sum += buckets[b];
       res += intermediate_sum;
     }
+
+    buckets.zeroize();
   }
 
   bits.zeroize();

crypto/transcript/Cargo.toml

@@ -19,7 +19,6 @@ workspace = true
 [dependencies]
 std-shims = { path = "../../common/std-shims", version = "0.1.4", default-features = false }
 
-subtle = { version = "^2.4", default-features = false }
 zeroize = { version = "^1.5", default-features = false }
 
 digest = { version = "0.10", default-features = false, features = ["core-api"] }
@@ -32,7 +31,7 @@ sha2 = { version = "0.10", default-features = false }
 blake2 = { version = "0.10", default-features = false }
 
 [features]
-std = ["std-shims/std", "subtle/std", "zeroize/std", "digest/std", "blake2?/std", "merlin?/std"]
+std = ["std-shims/std", "zeroize/std", "digest/std", "blake2?/std", "merlin?/std"]
 recommended = ["blake2"]
 tests = []
 default = ["std"]