Replace Ciphersuite::hash_to_F

The prior-present `Ciphersuite::hash_to_F` was a sin. Implementations took a DST, yet were not require to securely handle it. It was also biased towards the requirements of `modular-frost` as `ciphersuite` was originally written all those years ago, when `modular-frost` had needs exceeding what `ff`, `group` satisfied. Now, the hash is bound to produce an output which can be converted to a scalar with `ff::FromUniformBytes`. A new `hash_to_F`, which accepts a single argument of the value to hash (removing the potential to insecurely handle the DST by removing the DST entirely). Due to `digest` yielding a `GenericArray`, yet `FromUniformBytes` taking a `const usize`, the `ciphersuite` crate now defines a `FromUniformBytes` trait taking an array (then implemented for all satisfiers of `ff::FromUniformBytes`). In order to get the array type from the `GenericArray`, the output of the hash, `digest` is updated to the `0.11` release candidate which moves to `flexible-array` which solves that problem. The existing, specific `hash_to_F` functions have been moved to `modular-frost` as necessary. `flexible-array` itself is patched to a fork due to https://github.com/RustCrypto/hybrid-array/issues/131.
2025-12-08 12:19:24 +00:00 · 2025-08-29 05:04:03 -04:00
parent a4811c9a41
commit 90bc364f9f
37 changed files with 355 additions and 416 deletions
--- a/substrate/primitives/src/account.rs
+++ b/substrate/primitives/src/account.rs
@@ -103,7 +103,7 @@ pub fn insecure_pair_from_name(name: &str) -> Pair {
 /// This key should never be considered a secure private key. It has effectively no entropy.
 #[cfg(feature = "std")]
 pub fn insecure_arbitrary_key_from_name<C: ciphersuite::Ciphersuite>(name: &str) -> C::F {
-  C::hash_to_F(b"insecure arbitrary key", name.as_bytes())
+  C::hash_to_F(name.as_bytes())
 }

 pub struct AccountLookup;