absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-09 20:59:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Response to usage of unwrap in non-test code

Browse Source 
This commit replaces all usage of `unwrap` with `expect` within
`networks/monero`, clarifying why the panic risked is unreachable. This commit
also replaces some uses of `unwrap` with solutions which are guaranteed not to
fail.

Notably, compilation on 128-bit systems is prevented, ensuring
`u64::try_from(usize::MAX)` will never panic at runtime.

Slight breaking changes are additionally included as necessary to massage out
some avoidable panics.
This commit is contained in:
Luke Parker
2025-08-08 21:28:47 -04:00
parent 4f65a0b147
commit a5f4c450c6
31 changed files with 310 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
networks/monero/ringct/bulletproofs/build.rs
View File

@@ -16,8 +16,10 @@ fn generators(prefix: &'static str, path: &str) {
generators_string.extend(
format!(
"
curve25519_dalek::edwards::CompressedEdwardsY({:?}).decompress().unwrap(),
",
curve25519_dalek::edwards::CompressedEdwardsY({:?})
.decompress()
.expect(\"generator from build script wasn't on-curve\"),
",
generator.compress().to_bytes()
)
.chars(),
@@ -33,10 +35,10 @@ fn generators(prefix: &'static str, path: &str) {
let mut H_str = String::new();
serialize(&mut H_str, &generators.H);
let path = Path::new(&env::var("OUT_DIR").unwrap()).join(path);
let path = Path::new(&env::var("OUT_DIR").expect("cargo didn't set $OUT_DIR")).join(path);
let _ = remove_file(&path);
File::create(&path)
.unwrap()
.expect("failed to create file in $OUT_DIR")
.write_all(
format!(
"
@@ -52,15 +54,15 @@ fn generators(prefix: &'static str, path: &str) {
)
.as_bytes(),
)
.unwrap();
.expect("couldn't write generated source code to file on disk");
}
#[cfg(not(feature = "compile-time-generators"))]
fn generators(prefix: &'static str, path: &str) {
let path = Path::new(&env::var("OUT_DIR").unwrap()).join(path);
let path = Path::new(&env::var("OUT_DIR").expect("cargo didn't set $OUT_DIR")).join(path);
let _ = remove_file(&path);
File::create(&path)
.unwrap()
.expect("failed to create file in $OUT_DIR")
.write_all(
format!(
r#"
@@ -71,7 +73,7 @@ fn generators(prefix: &'static str, path: &str) {
)
.as_bytes(),
)
.unwrap();
.expect("couldn't write generated source code to file on disk");
}
fn main() {

29
networks/monero/ringct/bulletproofs/src/lib.rs
View File

@@ -5,7 +5,6 @@
#![allow(non_snake_case)]
use std_shims::{
vec,
vec::Vec,
io::{self, Read, Write},
};
@@ -124,9 +123,15 @@ impl Bulletproof {
let commitments = outputs.iter().map(Commitment::calculate).collect::<Vec<_>>();
Ok(Bulletproof::Original(
OriginalStatement::new(&commitments)
.unwrap()
.prove(rng, OriginalWitness::new(outputs).unwrap())
.unwrap(),
.expect("failed to create statement despite checking amount of commitments")
.prove(
rng,
OriginalWitness::new(outputs)
.expect("failed to create witness despite checking amount of commitments"),
)
.expect(
"failed to prove Bulletproof::Original despite ensuring statement/witness consistency",
),
))
}
@@ -144,9 +149,15 @@ impl Bulletproof {
let commitments = outputs.iter().map(Commitment::calculate).collect::<Vec<_>>();
Ok(Bulletproof::Plus(
PlusStatement::new(&commitments)
.unwrap()
.prove(rng, &Zeroizing::new(PlusWitness::new(outputs).unwrap()))
.unwrap(),
.expect("failed to create statement despite checking amount of commitments")
.prove(
rng,
&Zeroizing::new(
PlusWitness::new(outputs)
.expect("failed to create witness despite checking amount of commitments"),
),
)
.expect("failed to prove Bulletproof::Plus despite ensuring statement/witness consistency"),
))
}
@@ -255,8 +266,8 @@ impl Bulletproof {
/// Serialize a Bulletproof(+) to a `Vec<u8>`.
pub fn serialize(&self) -> Vec<u8> {
let mut serialized = vec![];
self.write(&mut serialized).unwrap();
let mut serialized = Vec::with_capacity(512);
self.write(&mut serialized).expect("write failed but <Vec as io::Write> doesn't fail");
serialized
}

6
networks/monero/ringct/bulletproofs/src/original/inner_product.rs
View File

@@ -174,7 +174,11 @@ impl IpStatement {
R_vec.push(R * INV_EIGHT());
// Now that we've calculate L, R, transcript them to receive x (26-27)
transcript = Self::transcript_L_R(transcript, *L_vec.last().unwrap(), *R_vec.last().unwrap());
transcript = Self::transcript_L_R(
transcript,
*L_vec.last().expect("couldn't get last L_vec despite always being non-empty"),
*R_vec.last().expect("couldn't get last R_vec despite always being non-empty"),
);
let x = transcript;
let x_inv = x.invert();

7
networks/monero/ringct/bulletproofs/src/original/mod.rs
View File

@@ -227,8 +227,11 @@ impl<'a> AggregateRangeStatement<'a> {
let x_ip = transcript;
let ip = IpStatement::new_without_P_transcript(y_inv_pow_n, x_ip)
.prove(transcript, IpWitness::new(l, r).unwrap())
.unwrap();
.prove(
transcript,
IpWitness::new(l, r).expect("Bulletproofs::Original created an invalid IpWitness"),
)
.expect("Bulletproofs::Original failed to prove the inner-product");
let res = AggregateRangeProof { A, S, T1, T2, tau_x, mu, t_hat, ip };
#[cfg(debug_assertions)]

15
networks/monero/ringct/bulletproofs/src/plus/aggregate_range_proof.rs
View File

@@ -106,7 +106,9 @@ impl<'a> AggregateRangeStatement<'a> {
let mut d = ScalarVector::new(mn);
for j in 1 ..= V.len() {
z_pow.push(*z_pow.last().unwrap() * z_pow[0]);
z_pow.push(
*z_pow.last().expect("couldn't get last z_pow despite always being non-empty") * z_pow[0],
);
d = d + &(Self::d_j(j, V.len()) * (z_pow[j - 1]));
}
@@ -229,8 +231,15 @@ impl<'a> AggregateRangeStatement<'a> {
Some(AggregateRangeProof {
A,
wip: WipStatement::new(generators, A_hat, y)
.prove(rng, transcript, &Zeroizing::new(WipWitness::new(a_l, a_r, alpha).unwrap()))
.unwrap(),
.prove(
rng,
transcript,
&Zeroizing::new(
WipWitness::new(a_l, a_r, alpha)
.expect("Bulletproofs::Plus created an invalid WipWitness"),
),
)
.expect("Bulletproof::Plus failed to prove the weighted inner-product"),
})
}

8
networks/monero/ringct/bulletproofs/src/plus/weighted_inner_product.rs
View File

@@ -230,7 +230,9 @@ impl WipStatement {
let c_l = a1.clone().weighted_inner_product(&b2, &y);
let c_r = (a2.clone() * y_n_hat).weighted_inner_product(&b1, &y);
let y_inv_n_hat = y_inv.pop().unwrap();
let y_inv_n_hat = y_inv
.pop()
.expect("couldn't pop y_inv despite y_inv being of same length as times iterated");
let mut L_terms = (a1.clone() * y_inv_n_hat)
.0
@@ -331,7 +333,9 @@ impl WipStatement {
let mut res = Vec::with_capacity(y.len());
res.push(inv_y);
while res.len() < y.len() {
res.push(inv_y * res.last().unwrap());
res.push(
inv_y * res.last().expect("couldn't get last inv_y despite inv_y always being non-empty"),
);
}
res
};

7
networks/monero/ringct/clsag/src/lib.rs
View File

@@ -199,9 +199,10 @@ fn core(
// (c_p * I) + (c_c * D) + (s_i * PH)
let R = match A_c1 {
Mode::Sign(..) => EdwardsPoint::multiscalar_mul([c_p, c_c, s[i]], [I, D, &PH]),
Mode::Verify(..) => {
images_precomp.as_ref().unwrap().vartime_mixed_multiscalar_mul([c_p, c_c], [s[i]], [PH])
}
Mode::Verify(..) => images_precomp
.as_ref()
.expect("value populated when verifying wasn't populated")
.vartime_mixed_multiscalar_mul([c_p, c_c], [s[i]], [PH]),
};
to_hash.truncate(((2 * n) + 3) * 32);

16
networks/monero/ringct/clsag/src/multisig.rs
View File

@@ -223,7 +223,7 @@ impl Algorithm<Ed25519> for ClsagMultisig {
self
.mask_recv
.take()
.unwrap()
.expect("image was none multiple times, despite setting to Some on first iteration")
.recv()
.ok_or(FrostError::InternalError("CLSAG mask was not provided"))?,
);
@@ -243,7 +243,8 @@ impl Algorithm<Ed25519> for ClsagMultisig {
// Accumulate the interpolated share
let interpolated_key_image_share =
addendum.key_image_share * lagrange::<dfg::Scalar>(l, view.included());
*self.image.as_mut().unwrap() += interpolated_key_image_share;
*self.image.as_mut().expect("image populated on first iteration wasn't Some") +=
interpolated_key_image_share;
self
.key_image_shares
@@ -272,14 +273,15 @@ impl Algorithm<Ed25519> for ClsagMultisig {
// opening of the commitment being re-randomized (and what it's re-randomized to)
let mut rng = ChaCha20Rng::from_seed(self.transcript.rng_seed(b"decoy_responses"));
self.msg_hash = Some(msg_hash.try_into().expect("CLSAG message hash should be 32-bytes"));
let msg_hash = msg_hash.try_into().expect("CLSAG message hash should be 32-bytes");
self.msg_hash = Some(msg_hash);
let sign_core = Clsag::sign_core(
&mut rng,
&self.image.expect("verifying a share despite never processing any addendums").0,
&self.context,
self.mask.expect("mask wasn't set"),
self.msg_hash.as_ref().unwrap(),
&msg_hash,
nonce_sums[0][0].0,
nonce_sums[0][1].0,
);
@@ -301,7 +303,7 @@ impl Algorithm<Ed25519> for ClsagMultisig {
_: &[Vec<dfg::EdwardsPoint>],
sum: dfg::Scalar,
) -> Option<Self::Signature> {
let interim = self.interim.as_ref().unwrap();
let interim = self.interim.as_ref().expect("verify called before sign_share");
let mut clsag = interim.clsag.clone();
// We produced shares as `r - p x`, yet the signature is actually `r - p x - c x`
// Substract `c x` (saved as `c`) now
@@ -311,7 +313,7 @@ impl Algorithm<Ed25519> for ClsagMultisig {
self.context.decoys.ring(),
&self.image.expect("verifying a signature despite never processing any addendums").0,
&interim.pseudo_out,
self.msg_hash.as_ref().unwrap(),
self.msg_hash.as_ref().expect("verify called before sign_share"),
)
.is_ok()
{
@@ -326,7 +328,7 @@ impl Algorithm<Ed25519> for ClsagMultisig {
nonces: &[Vec<dfg::EdwardsPoint>],
share: dfg::Scalar,
) -> Result<Vec<(dfg::Scalar, dfg::EdwardsPoint)>, ()> {
let interim = self.interim.as_ref().unwrap();
let interim = self.interim.as_ref().expect("verify_share called before sign_share");
// For a share `r - p x`, the following two equalities should hold:
// - `(r - p x)G == R.0 - pV`, where `V = xG`