Replace bincode with borsh (#452)

* Add SignalsConfig to chain_spec

* Correct multiexp feature flagging for rand_core std

* Remove bincode for borsh

Replaces a non-canonical encoding with a canonical encoding which additionally
should be faster.

Also fixes an issue where we used bincode in transcripts where it cannot be
trusted.

This ended up fixing a myriad of other bugs observed, unfortunately.
Accordingly, it either has to be merged or the bug fixes from it must be ported
to a new PR.

* Make serde optional, minimize usage

* Make borsh an optional dependency of substrate/ crates

* Remove unused dependencies

* Use [u8; 64] where possible in the processor messages

* Correct borsh feature flagging

coordinator/src/main.rs

@@ -21,7 +21,7 @@ use serai_env as env;
 use scale::Encode;
 use serai_client::{
   primitives::NetworkId,
-  validator_sets::primitives::{Session, ValidatorSet},
+  validator_sets::primitives::{Session, ValidatorSet, KeyPair},
   Public, Serai, SeraiInInstructions,
 };
 
@@ -501,7 +501,7 @@ async fn handle_processor_message<D: Db, P: P2p>(
             &mut txn,
             key,
             spec,
-            &(Public(substrate_key), network_key.try_into().unwrap()),
+            &KeyPair(Public(substrate_key), network_key.try_into().unwrap()),
             id.attempt,
           );
 
@@ -587,7 +587,7 @@ async fn handle_processor_message<D: Db, P: P2p>(
           vec![Transaction::SubstratePreprocess(SignData {
             plan: id.id,
             attempt: id.attempt,
-            data: preprocesses,
+            data: preprocesses.into_iter().map(Into::into).collect(),
             signed: Transaction::empty_signed(),
           })]
         }
@@ -612,7 +612,7 @@ async fn handle_processor_message<D: Db, P: P2p>(
                 };
                 id.encode()
               },
-              preprocesses,
+              preprocesses.into_iter().map(Into::into).collect(),
             );
 
             let intended = Transaction::Batch(
@@ -681,7 +681,7 @@ async fn handle_processor_message<D: Db, P: P2p>(
             vec![Transaction::SubstratePreprocess(SignData {
               plan: id.id,
               attempt: id.attempt,
-              data: preprocesses,
+              data: preprocesses.into_iter().map(Into::into).collect(),
               signed: Transaction::empty_signed(),
             })]
           }

coordinator/src/processors.rs

@@ -25,8 +25,8 @@ impl Processors for Arc<MessageQueue> {
     let msg: CoordinatorMessage = msg.into();
     let metadata =
       Metadata { from: self.service, to: Service::Processor(network), intent: msg.intent() };
-    let msg = serde_json::to_string(&msg).unwrap();
-    self.queue(metadata, msg.into_bytes()).await;
+    let msg = borsh::to_vec(&msg).unwrap();
+    self.queue(metadata, msg).await;
   }
   async fn recv(&mut self, network: NetworkId) -> Message {
     let msg = self.next(Service::Processor(network)).await;
@@ -36,7 +36,7 @@ impl Processors for Arc<MessageQueue> {
 
     // Deserialize it into a ProcessorMessage
     let msg: ProcessorMessage =
-      serde_json::from_slice(&msg.msg).expect("message wasn't a JSON-encoded ProcessorMessage");
+      borsh::from_slice(&msg.msg).expect("message wasn't a borsh-encoded ProcessorMessage");
 
     return Message { id, network, msg };
   }

coordinator/src/tests/tributary/dkg.rs

@@ -10,6 +10,7 @@ use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
 use frost::Participant;
 
 use sp_runtime::traits::Verify;
+use serai_client::validator_sets::primitives::KeyPair;
 
 use tokio::time::sleep;
 
@@ -279,7 +280,7 @@ async fn dkg_test() {
   OsRng.fill_bytes(&mut substrate_key);
   let mut network_key = vec![0; usize::try_from((OsRng.next_u64() % 32) + 32).unwrap()];
   OsRng.fill_bytes(&mut network_key);
-  let key_pair = (serai_client::Public(substrate_key), network_key.try_into().unwrap());
+  let key_pair = KeyPair(serai_client::Public(substrate_key), network_key.try_into().unwrap());
 
   let mut txs = vec![];
   for (i, key) in keys.iter().enumerate() {

coordinator/src/tributary/handle.rs

@@ -72,7 +72,7 @@ pub fn error_generating_key_pair<G: Get>(
 
   // Sign a key pair which can't be valid
   // (0xff used as 0 would be the Ristretto identity point, 0-length for the network key)
-  let key_pair = (Public([0xff; 32]), vec![0xffu8; 0].try_into().unwrap());
+  let key_pair = KeyPair(Public([0xff; 32]), vec![0xffu8; 0].try_into().unwrap());
   match DkgConfirmer::share(spec, key, attempt, preprocesses, &key_pair) {
     Ok(mut share) => {
       // Zeroize the share to ensure it's not accessed
@@ -312,7 +312,7 @@ pub(crate) async fn handle_application_tx<
             }
             let to = Participant::new(to).unwrap();
 
-            DkgShare::set(txn, genesis, from.into(), to.into(), &share);
+            DkgShare::set(txn, genesis, from.into(), to.into(), share);
           }
         }
       }
@@ -556,9 +556,16 @@ pub(crate) async fn handle_application_tx<
     }
 
     Transaction::SubstratePreprocess(data) => {
-      let Ok(_) = check_sign_data_len::<D>(txn, spec, data.signed.signer, data.data.len()) else {
+      let signer = data.signed.signer;
+      let Ok(_) = check_sign_data_len::<D>(txn, spec, signer, data.data.len()) else {
         return;
       };
+      for data in &data.data {
+        if data.len() != 64 {
+          fatal_slash::<D>(txn, genesis, signer.to_bytes(), "non-64-byte Substrate preprocess");
+          return;
+        }
+      }
       match handle(
         txn,
         &DataSpecification {
@@ -578,7 +585,10 @@ pub(crate) async fn handle_application_tx<
               spec.set().network,
               coordinator::CoordinatorMessage::SubstratePreprocesses {
                 id: SubstrateSignId { key, id: data.plan, attempt: data.attempt },
-                preprocesses,
+                preprocesses: preprocesses
+                  .into_iter()
+                  .map(|(k, v)| (k, v.try_into().unwrap()))
+                  .collect(),
               },
             )
             .await;