Smash the singular Ciphersuite trait into multiple

This helps identify where the various functionalities are used, or rather, not
used. The `Ciphersuite` trait present in `patches/ciphersuite`, facilitating
the entire FCMP++ tree, only requires the markers _and_ canonical point
decoding. I've opened a PR to upstream such a trait into `group`
(https://github.com/zkcrypto/group/pull/68).

`WrappedGroup` is still justified for as long as `Group::generator` exists.
Moving `::generator()` to its own trait, on an independent structure (upstream)
would be massively appreciated. @tarcieri also wanted to update from
`fn generator()` to `const GENERATOR`, which would encourage further discussion
on https://github.com/zkcrypto/group/issues/32 and
https://github.com/zkcrypto/group/issues/45, which have been stagnant.

The `Id` trait is occasionally used yet really should be first off the chopping
block.

Finally, `WithPreferredHash` is only actually used around a third of the time,
which more than justifies it being a separate trait.

---

Updates `dalek_ff_group::Scalar` to directly re-export
`curve25519_dalek::Scalar`, as without issue. `dalek_ff_group::RistrettoPoint`
also could be replaced with an export of `curve25519_dalek::RistrettoPoint`,
yet the coordinator relies on how we implemented `Hash` on it for the hell of
it so it isn't worth it at this time. `dalek_ff_group::EdwardsPoint` can't be
replaced for an re-export of `curve25519_dalek::SubgroupPoint` as it doesn't
implement `zeroize`, `subtle` traits within a released, non-yanked version.
Relevance to https://github.com/serai-dex/serai/issues/201 and
https://github.com/dalek-cryptography/curve25519-dalek/issues/811#issuecomment-3247732746.

Also updates the `Ristretto` ciphersuite to prefer `Blake2b-512` over
`SHA2-512`. In order to maintain compliance with FROST's IETF standard,
`modular-frost` defines its own ciphersuite for Ristretto which still uses
`SHA2-512`.

coordinator/src/dkg_confirmation.rs

@@ -3,11 +3,10 @@ use std::{boxed::Box, collections::HashMap};
 
 use zeroize::Zeroizing;
 use rand_core::OsRng;
-use ciphersuite::{group::GroupEncoding, Ciphersuite};
-use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, *};
 use dkg::{Participant, musig};
 use frost_schnorrkel::{
-  frost::{FrostError, sign::*},
+  frost::{curve::Ristretto, FrostError, sign::*},
   Schnorrkel,
 };
 
@@ -31,7 +30,7 @@ fn schnorrkel() -> Schnorrkel {
 
 fn our_i(
   set: &NewSetInformation,
-  key: &Zeroizing<<Ristretto as Ciphersuite>::F>,
+  key: &Zeroizing<<Ristretto as WrappedGroup>::F>,
   data: &HashMap<Participant, Vec<u8>>,
 ) -> Participant {
   let public = SeraiAddress((Ristretto::generator() * key.deref()).to_bytes());
@@ -125,7 +124,7 @@ pub(crate) struct ConfirmDkgTask<CD: DbTrait, TD: DbTrait> {
   set: NewSetInformation,
   tributary_db: TD,
 
-  key: Zeroizing<<Ristretto as Ciphersuite>::F>,
+  key: Zeroizing<<Ristretto as WrappedGroup>::F>,
   signer: Option<Signer>,
 }
 
@@ -134,7 +133,7 @@ impl<CD: DbTrait, TD: DbTrait> ConfirmDkgTask<CD, TD> {
     db: CD,
     set: NewSetInformation,
     tributary_db: TD,
-    key: Zeroizing<<Ristretto as Ciphersuite>::F>,
+    key: Zeroizing<<Ristretto as WrappedGroup>::F>,
   ) -> Self {
     Self { db, set, tributary_db, key, signer: None }
   }
@@ -153,7 +152,7 @@ impl<CD: DbTrait, TD: DbTrait> ConfirmDkgTask<CD, TD> {
     db: &mut CD,
     set: ExternalValidatorSet,
     attempt: u32,
-    key: Zeroizing<<Ristretto as Ciphersuite>::F>,
+    key: Zeroizing<<Ristretto as WrappedGroup>::F>,
     signer: &mut Option<Signer>,
   ) {
     // Perform the preprocess

coordinator/src/main.rs

@@ -7,7 +7,7 @@ use rand_core::{RngCore, OsRng};
 use dalek_ff_group::Ristretto;
 use ciphersuite::{
   group::{ff::PrimeField, GroupEncoding},
-  Ciphersuite,
+  *,
 };
 
 use borsh::BorshDeserialize;
@@ -352,7 +352,7 @@ async fn main() {
     let mut key_bytes = [0; 32];
     key_bytes.copy_from_slice(&key_vec);
     key_vec.zeroize();
-    let key = Zeroizing::new(<Ristretto as Ciphersuite>::F::from_repr(key_bytes).unwrap());
+    let key = Zeroizing::new(<Ristretto as WrappedGroup>::F::from_repr(key_bytes).unwrap());
     key_bytes.zeroize();
     key
   };
@@ -439,7 +439,7 @@ async fn main() {
     EphemeralEventStream::new(
       db.clone(),
       serai.clone(),
-      SeraiAddress((<Ristretto as Ciphersuite>::generator() * serai_key.deref()).to_bytes()),
+      SeraiAddress((<Ristretto as WrappedGroup>::generator() * serai_key.deref()).to_bytes()),
     )
     .continually_run(substrate_ephemeral_task_def, vec![substrate_task]),
   );

coordinator/src/substrate.rs

@@ -3,7 +3,7 @@ use std::sync::Arc;
 
 use zeroize::Zeroizing;
 
-use ciphersuite::Ciphersuite;
+use ciphersuite::*;
 use dalek_ff_group::Ristretto;
 
 use tokio::sync::mpsc;
@@ -23,7 +23,7 @@ use serai_coordinator_p2p::P2p;
 use crate::{Db, KeySet};
 
 pub(crate) struct SubstrateTask<P: P2p> {
-  pub(crate) serai_key: Zeroizing<<Ristretto as Ciphersuite>::F>,
+  pub(crate) serai_key: Zeroizing<<Ristretto as WrappedGroup>::F>,
   pub(crate) db: Db,
   pub(crate) message_queue: Arc<MessageQueue>,
   pub(crate) p2p: P,

coordinator/src/tributary.rs

@@ -4,7 +4,7 @@ use std::sync::Arc;
 use zeroize::Zeroizing;
 use rand_core::OsRng;
 use blake2::{digest::typenum::U32, Digest, Blake2s};
-use ciphersuite::Ciphersuite;
+use ciphersuite::*;
 use dalek_ff_group::Ristretto;
 
 use tokio::sync::mpsc;
@@ -160,7 +160,7 @@ impl<CD: DbTrait, TD: DbTrait, P: P2p> ContinuallyRan
 #[must_use]
 async fn add_signed_unsigned_transaction<TD: DbTrait, P: P2p>(
   tributary: &Tributary<TD, Transaction, P>,
-  key: &Zeroizing<<Ristretto as Ciphersuite>::F>,
+  key: &Zeroizing<<Ristretto as WrappedGroup>::F>,
   mut tx: Transaction,
 ) -> bool {
   // If this is a signed transaction, sign it
@@ -213,7 +213,7 @@ async fn add_with_recognition_check<TD: DbTrait, P: P2p>(
   set: ExternalValidatorSet,
   tributary_db: &mut TD,
   tributary: &Tributary<TD, Transaction, P>,
-  key: &Zeroizing<<Ristretto as Ciphersuite>::F>,
+  key: &Zeroizing<<Ristretto as WrappedGroup>::F>,
   tx: Transaction,
 ) -> bool {
   let kind = tx.kind();
@@ -252,7 +252,7 @@ pub(crate) struct AddTributaryTransactionsTask<CD: DbTrait, TD: DbTrait, P: P2p>
   tributary_db: TD,
   tributary: Tributary<TD, Transaction, P>,
   set: NewSetInformation,
-  key: Zeroizing<<Ristretto as Ciphersuite>::F>,
+  key: Zeroizing<<Ristretto as WrappedGroup>::F>,
 }
 impl<CD: DbTrait, TD: DbTrait, P: P2p> ContinuallyRan for AddTributaryTransactionsTask<CD, TD, P> {
   type Error = DoesNotError;
@@ -382,7 +382,7 @@ pub(crate) struct SignSlashReportTask<CD: DbTrait, TD: DbTrait, P: P2p> {
   tributary_db: TD,
   tributary: Tributary<TD, Transaction, P>,
   set: NewSetInformation,
-  key: Zeroizing<<Ristretto as Ciphersuite>::F>,
+  key: Zeroizing<<Ristretto as WrappedGroup>::F>,
 }
 impl<CD: DbTrait, TD: DbTrait, P: P2p> ContinuallyRan for SignSlashReportTask<CD, TD, P> {
   type Error = DoesNotError;
@@ -470,7 +470,7 @@ pub(crate) async fn spawn_tributary<P: P2p>(
   p2p: P,
   p2p_add_tributary: &mpsc::UnboundedSender<(ExternalValidatorSet, Tributary<Db, Transaction, P>)>,
   set: NewSetInformation,
-  serai_key: Zeroizing<<Ristretto as Ciphersuite>::F>,
+  serai_key: Zeroizing<<Ristretto as WrappedGroup>::F>,
 ) {
   // Don't spawn retired Tributaries
   if crate::db::RetiredTributary::get(&db, set.set.network).map(|session| session.0) >=
@@ -490,7 +490,7 @@ pub(crate) async fn spawn_tributary<P: P2p>(
 
   let mut tributary_validators = Vec::with_capacity(set.validators.len());
   for (validator, weight) in set.validators.iter().copied() {
-    let validator_key = <Ristretto as Ciphersuite>::read_G(&mut validator.0.as_slice())
+    let validator_key = <Ristretto as GroupIo>::read_G(&mut validator.0.as_slice())
       .expect("Serai validator had an invalid public key");
     let weight = u64::from(weight);
     tributary_validators.push((validator_key, weight));