Smash Ciphersuite definitions into their own crates

Uses dalek-ff-group for Ed25519 and Ristretto. Uses minimal-ed448 for Ed448. Adds ciphersuite-kp256 for Secp256k1 and P-256.
2025-12-07 19:59:23 +00:00 · 2025-08-20 04:50:37 -04:00
parent 8be03a8fc2
commit b63ef32864
95 changed files with 322 additions and 184 deletions
--- a/.github/workflows/crypto-tests.yml
+++ b/.github/workflows/crypto-tests.yml
@@ -32,6 +32,7 @@ jobs:
            -p dalek-ff-group \
            -p minimal-ed448 \
            -p ciphersuite \
+            -p ciphersuite-kp256 \
            -p multiexp \
            -p schnorr-signatures \
            -p dleq \
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1529,22 +1529,30 @@ dependencies = [
 name = "ciphersuite"
 version = "0.4.2"
 dependencies = [
- "dalek-ff-group",
 "digest 0.10.7",
- "elliptic-curve",
 "ff",
 "ff-group-tests",
 "flexible-transcript",
 "group",
 "hex",
+ "rand_core",
+ "std-shims",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "ciphersuite-kp256"
+version = "0.4.0"
+dependencies = [
+ "ciphersuite",
+ "elliptic-curve",
+ "ff-group-tests",
+ "hex",
 "k256",
- "minimal-ed448",
 "p256",
 "rand_core",
 "sha2",
- "sha3",
- "std-shims",
- "subtle",
 "zeroize",
 ]

@@ -1982,14 +1990,17 @@ dependencies = [
 name = "dalek-ff-group"
 version = "0.4.3"
 dependencies = [
+ "ciphersuite",
 "crypto-bigint",
 "curve25519-dalek",
 "digest 0.10.7",
 "ff",
 "ff-group-tests",
 "group",
+ "hex",
 "rand_core",
 "rustversion",
+ "sha2",
 "subtle",
 "zeroize",
 ]
@@ -2237,6 +2248,7 @@ name = "dkg-musig"
 version = "0.6.0"
 dependencies = [
 "ciphersuite",
+ "dalek-ff-group",
 "dkg",
 "dkg-recovery",
 "multiexp",
@@ -2252,6 +2264,7 @@ version = "0.6.0"
 dependencies = [
 "chacha20",
 "ciphersuite",
+ "dalek-ff-group",
 "dkg",
 "dleq",
 "flexible-transcript",
@@ -2267,6 +2280,7 @@ name = "dkg-promote"
 version = "0.6.1"
 dependencies = [
 "ciphersuite",
+ "dalek-ff-group",
 "dkg",
 "dkg-recovery",
 "dleq",
@@ -2918,6 +2932,7 @@ name = "frost-schnorrkel"
 version = "0.2.0"
 dependencies = [
 "ciphersuite",
+ "dalek-ff-group",
 "flexible-transcript",
 "group",
 "modular-frost",
@@ -4814,6 +4829,7 @@ dependencies = [
 name = "minimal-ed448"
 version = "0.4.1"
 dependencies = [
+ "ciphersuite",
 "crypto-bigint",
 "ff",
 "ff-group-tests",
@@ -4822,6 +4838,7 @@ dependencies = [
 "hex",
 "rand_core",
 "rustversion",
+ "sha3",
 "subtle",
 "zeroize",
 ]
@@ -4885,6 +4902,7 @@ name = "modular-frost"
 version = "0.10.1"
 dependencies = [
 "ciphersuite",
+ "ciphersuite-kp256",
 "dalek-ff-group",
 "digest 0.10.7",
 "dkg",
@@ -8049,6 +8067,7 @@ dependencies = [
 "bitcoin",
 "blake2",
 "ciphersuite",
+ "dalek-ff-group",
 "dkg-musig",
 "dockertest",
 "frame-system",
@@ -8109,6 +8128,7 @@ dependencies = [
 "blake2",
 "borsh",
 "ciphersuite",
+ "dalek-ff-group",
 "dkg-musig",
 "env_logger",
 "flexible-transcript",
@@ -8142,6 +8162,8 @@ dependencies = [
 "blake2",
 "borsh",
 "ciphersuite",
+ "ciphersuite-kp256",
+ "dalek-ff-group",
 "dkg",
 "dockertest",
 "hex",
@@ -8349,6 +8371,7 @@ version = "0.1.0"
 dependencies = [
 "borsh",
 "ciphersuite",
+ "dalek-ff-group",
 "env_logger",
 "flexible-transcript",
 "hex",
@@ -8369,6 +8392,7 @@ name = "serai-message-queue-tests"
 version = "0.1.0"
 dependencies = [
 "ciphersuite",
+ "dalek-ff-group",
 "dockertest",
 "hex",
 "rand_core",
@@ -8385,6 +8409,7 @@ version = "0.1.0"
 dependencies = [
 "bitcoin-serai",
 "ciphersuite",
+ "ciphersuite-kp256",
 "dalek-ff-group",
 "dkg",
 "dkg-dealer",
@@ -8448,6 +8473,7 @@ name = "serai-orchestrator"
 version = "0.0.1"
 dependencies = [
 "ciphersuite",
+ "dalek-ff-group",
 "flexible-transcript",
 "hex",
 "home",
@@ -8536,7 +8562,9 @@ dependencies = [
 "bitcoin-serai",
 "borsh",
 "ciphersuite",
+ "ciphersuite-kp256",
 "curve25519-dalek",
+ "dalek-ff-group",
 "dkg",
 "dockertest",
 "ethereum-serai",
@@ -8671,6 +8699,7 @@ version = "0.1.0"
 dependencies = [
 "borsh",
 "ciphersuite",
+ "dalek-ff-group",
 "dkg-musig",
 "parity-scale-codec",
 "scale-info",
@@ -10419,6 +10448,7 @@ dependencies = [
 "async-trait",
 "blake2",
 "ciphersuite",
+ "dalek-ff-group",
 "flexible-transcript",
 "futures-channel",
 "futures-util",
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -28,6 +28,7 @@ members = [
  "crypto/dalek-ff-group",
  "crypto/ed448",
  "crypto/ciphersuite",
+  "crypto/ciphersuite/kp256",

  "crypto/multiexp",

--- a/common/std-shims/src/sync.rs
+++ b/common/std-shims/src/sync.rs
@@ -25,15 +25,6 @@ mod mutex_shim {
 }
 pub use mutex_shim::{ShimMutex as Mutex, MutexGuard};

-#[cfg(not(feature = "std"))]
-pub use spin::Once as OnceLock;
-#[rustversion::before(1.70)]
-#[cfg(feature = "std")]
-pub use spin::Once as OnceLock;
-#[rustversion::since(1.70)]
-#[cfg(feature = "std")]
-pub use std::sync::OnceLock;
-
 #[cfg(not(feature = "std"))]
 pub use spin::Lazy as LazyLock;
 #[rustversion::before(1.80)]
--- a/coordinator/Cargo.toml
+++ b/coordinator/Cargo.toml
@@ -25,6 +25,7 @@ rand_core = { version = "0.6", default-features = false, features = ["std"] }
 blake2 = { version = "0.10", default-features = false, features = ["std"] }

 transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std", "recommended"] }
+dalek-ff-group = { path = "../crypto/dalek-ff-group", default-features = false, features = ["std"] }
 ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std"] }
 schnorr = { package = "schnorr-signatures", path = "../crypto/schnorr", default-features = false, features = ["std", "aggregate"] }
 dkg-musig = { path = "../crypto/dkg/musig", default-features = false, features = ["std"] }
--- a/coordinator/src/main.rs
+++ b/coordinator/src/main.rs
@@ -8,12 +8,13 @@ use std::{
 use zeroize::{Zeroize, Zeroizing};
 use rand_core::OsRng;

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{
    ff::{Field, PrimeField},
    GroupEncoding,
  },
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use schnorr::SchnorrSignature;
 use frost::Participant;
--- a/coordinator/src/substrate/cosign.rs
+++ b/coordinator/src/substrate/cosign.rs
@@ -14,7 +14,8 @@

 use zeroize::Zeroizing;

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;

 use borsh::{BorshSerialize, BorshDeserialize};

--- a/coordinator/src/substrate/mod.rs
+++ b/coordinator/src/substrate/mod.rs
@@ -6,7 +6,8 @@ use std::{

 use zeroize::Zeroizing;

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use serai_client::{
  coins::CoinsEvent,
--- a/coordinator/src/tests/tributary/chain.rs
+++ b/coordinator/src/tests/tributary/chain.rs
@@ -7,9 +7,10 @@ use zeroize::Zeroizing;
 use rand_core::{RngCore, CryptoRng, OsRng};
 use futures_util::{task::Poll, poll};

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::Field, GroupEncoding},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };

 use sp_application_crypto::sr25519;
--- a/coordinator/src/tests/tributary/dkg.rs
+++ b/coordinator/src/tests/tributary/dkg.rs
@@ -4,7 +4,8 @@ use std::collections::HashMap;
 use zeroize::Zeroizing;
 use rand_core::{RngCore, OsRng};

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};
 use frost::Participant;

 use sp_runtime::traits::Verify;
--- a/coordinator/src/tests/tributary/mod.rs
+++ b/coordinator/src/tests/tributary/mod.rs
@@ -2,7 +2,8 @@ use core::fmt::Debug;

 use rand_core::{RngCore, OsRng};

-use ciphersuite::{group::Group, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::Group, Ciphersuite};

 use scale::{Encode, Decode};
 use serai_client::{
--- a/coordinator/src/tests/tributary/sync.rs
+++ b/coordinator/src/tests/tributary/sync.rs
@@ -3,7 +3,8 @@ use std::{sync::Arc, collections::HashSet};

 use rand_core::OsRng;

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use tokio::{
  sync::{mpsc, broadcast},
--- a/coordinator/src/tributary/db.rs
+++ b/coordinator/src/tributary/db.rs
@@ -3,7 +3,8 @@ use std::collections::HashMap;
 use scale::Encode;
 use borsh::{BorshSerialize, BorshDeserialize};

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};
 use frost::Participant;

 use serai_client::validator_sets::primitives::{KeyPair, ExternalValidatorSet};
--- a/coordinator/src/tributary/handle.rs
+++ b/coordinator/src/tributary/handle.rs
@@ -4,7 +4,8 @@ use std::collections::HashMap;
 use zeroize::Zeroizing;
 use rand_core::OsRng;

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};
 use frost::dkg::Participant;

 use scale::{Encode, Decode};
--- a/coordinator/src/tributary/mod.rs
+++ b/coordinator/src/tributary/mod.rs
@@ -1,4 +1,5 @@
-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use serai_client::validator_sets::primitives::ExternalValidatorSet;

--- a/coordinator/src/tributary/scanner.rs
+++ b/coordinator/src/tributary/scanner.rs
@@ -3,7 +3,8 @@ use std::{sync::Arc, collections::HashSet};

 use zeroize::Zeroizing;

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use tokio::sync::broadcast;

--- a/coordinator/src/tributary/signing_protocol.rs
+++ b/coordinator/src/tributary/signing_protocol.rs
@@ -63,9 +63,10 @@ use rand_core::OsRng;

 use blake2::{Digest, Blake2s256};

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::PrimeField, GroupEncoding},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use dkg_musig::musig;
 use frost::{FrostError, dkg::Participant, ThresholdKeys, sign::*};
--- a/coordinator/src/tributary/spec.rs
+++ b/coordinator/src/tributary/spec.rs
@@ -3,7 +3,8 @@ use std::{io, collections::HashMap};

 use transcript::{Transcript, RecommendedTranscript};

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};
 use frost::Participant;

 use scale::Encode;
--- a/coordinator/src/tributary/transaction.rs
+++ b/coordinator/src/tributary/transaction.rs
@@ -7,9 +7,10 @@ use rand_core::{RngCore, CryptoRng};
 use blake2::{Digest, Blake2s256};
 use transcript::{Transcript, RecommendedTranscript};

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::Field, GroupEncoding},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use schnorr::SchnorrSignature;
 use frost::Participant;
--- a/coordinator/tributary/Cargo.toml
+++ b/coordinator/tributary/Cargo.toml
@@ -27,7 +27,8 @@ rand_chacha = { version = "0.3", default-features = false, features = ["std"] }
 blake2 = { version = "0.10", default-features = false, features = ["std"] }
 transcript = { package = "flexible-transcript", path = "../../crypto/transcript", default-features = false, features = ["std", "recommended"] }

-ciphersuite = { package = "ciphersuite", path = "../../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] }
+dalek-ff-group = { path = "../../crypto/dalek-ff-group" }
+ciphersuite = { package = "ciphersuite", path = "../../crypto/ciphersuite", default-features = false, features = ["std"] }
 schnorr = { package = "schnorr-signatures", path = "../../crypto/schnorr", default-features = false, features = ["std"] }

 hex = { version = "0.4", default-features = false, features = ["std"] }
--- a/coordinator/tributary/src/blockchain.rs
+++ b/coordinator/tributary/src/blockchain.rs
@@ -1,6 +1,7 @@
 use std::collections::{VecDeque, HashSet};

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use serai_db::{Get, DbTxn, Db};

--- a/coordinator/tributary/src/lib.rs
+++ b/coordinator/tributary/src/lib.rs
@@ -5,7 +5,8 @@ use async_trait::async_trait;

 use zeroize::Zeroizing;

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;

 use scale::Decode;
 use futures_channel::mpsc::UnboundedReceiver;
--- a/coordinator/tributary/src/mempool.rs
+++ b/coordinator/tributary/src/mempool.rs
@@ -1,6 +1,7 @@
 use std::collections::HashMap;

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;

 use serai_db::{DbTxn, Db};

--- a/coordinator/tributary/src/tendermint/mod.rs
+++ b/coordinator/tributary/src/tendermint/mod.rs
@@ -11,12 +11,13 @@ use rand_chacha::ChaCha12Rng;

 use transcript::{Transcript, RecommendedTranscript};

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{
    GroupEncoding,
    ff::{Field, PrimeField},
  },
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use schnorr::{
  SchnorrSignature,
--- a/coordinator/tributary/src/tendermint/tx.rs
+++ b/coordinator/tributary/src/tendermint/tx.rs
@@ -4,7 +4,8 @@ use scale::{Encode, Decode, IoReader};

 use blake2::{Digest, Blake2s256};

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;

 use crate::{
  transaction::{Transaction, TransactionKind, TransactionError},
--- a/coordinator/tributary/src/tests/block.rs
+++ b/coordinator/tributary/src/tests/block.rs
@@ -1,9 +1,11 @@
 use std::{sync::Arc, io, collections::HashMap, fmt::Debug};

 use blake2::{Digest, Blake2s256};
+
+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::Field, Group},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use schnorr::SchnorrSignature;

--- a/coordinator/tributary/src/tests/blockchain.rs
+++ b/coordinator/tributary/src/tests/blockchain.rs
@@ -10,7 +10,8 @@ use rand::rngs::OsRng;

 use blake2::{Digest, Blake2s256};

-use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::Field, Ciphersuite};

 use serai_db::{DbTxn, Db, MemDb};

--- a/coordinator/tributary/src/tests/mempool.rs
+++ b/coordinator/tributary/src/tests/mempool.rs
@@ -3,7 +3,8 @@ use std::{sync::Arc, collections::HashMap};
 use zeroize::Zeroizing;
 use rand::{RngCore, rngs::OsRng};

-use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::Field, Ciphersuite};

 use tendermint::ext::Commit;

--- a/coordinator/tributary/src/tests/transaction/mod.rs
+++ b/coordinator/tributary/src/tests/transaction/mod.rs
@@ -6,9 +6,10 @@ use rand::{RngCore, CryptoRng, rngs::OsRng};

 use blake2::{Digest, Blake2s256};

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::Field, Group},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use schnorr::SchnorrSignature;

--- a/coordinator/tributary/src/tests/transaction/signed.rs
+++ b/coordinator/tributary/src/tests/transaction/signed.rs
@@ -2,7 +2,8 @@ use rand::rngs::OsRng;

 use blake2::{Digest, Blake2s256};

-use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::Field, Ciphersuite};

 use crate::{
  ReadWrite,
--- a/coordinator/tributary/src/tests/transaction/tendermint.rs
+++ b/coordinator/tributary/src/tests/transaction/tendermint.rs
@@ -3,7 +3,8 @@ use std::sync::Arc;
 use zeroize::Zeroizing;
 use rand::{RngCore, rngs::OsRng};

-use ciphersuite::{Ristretto, Ciphersuite, group::ff::Field};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{Ciphersuite, group::ff::Field};

 use scale::Encode;

--- a/coordinator/tributary/src/transaction.rs
+++ b/coordinator/tributary/src/transaction.rs
@@ -6,9 +6,10 @@ use thiserror::Error;

 use blake2::{Digest, Blake2b512};

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{Group, GroupEncoding},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use schnorr::SchnorrSignature;

--- a/crypto/ciphersuite/Cargo.toml
+++ b/crypto/ciphersuite/Cargo.toml
@@ -26,20 +26,10 @@ subtle = { version = "^2.4", default-features = false }

 digest = { version = "0.10", default-features = false, features = ["core-api"] }
 transcript = { package = "flexible-transcript", path = "../transcript", version = "^0.3.2", default-features = false }
-sha2 = { version = "0.10", default-features = false, optional = true }
-sha3 = { version = "0.10", default-features = false, optional = true }

 ff = { version = "0.13", default-features = false, features = ["bits"] }
 group = { version = "0.13", default-features = false }

-dalek-ff-group = { path = "../dalek-ff-group", version = "0.4", default-features = false, optional = true }
-
-elliptic-curve = { version = "0.13", default-features = false, features = ["hash2curve"], optional = true }
-p256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"], optional = true }
-k256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"], optional = true }
-
-minimal-ed448 = { path = "../ed448", version = "0.4", default-features = false, optional = true }
-
 [dev-dependencies]
 hex = { version = "0.4", default-features = false, features = ["std"] }

@@ -59,27 +49,8 @@ std = [

  "digest/std",
  "transcript/std",
-  "sha2?/std",
-  "sha3?/std",

  "ff/std",
-
-  "dalek-ff-group?/std",
-
-  "elliptic-curve?/std",
-  "p256?/std",
-  "k256?/std",
-  "minimal-ed448?/std",
 ]

-dalek = ["sha2", "dalek-ff-group"]
-ed25519 = ["dalek"]
-ristretto = ["dalek"]
-
-kp256 = ["sha2", "elliptic-curve"]
-p256 = ["kp256", "dep:p256"]
-secp256k1 = ["kp256", "k256"]
-
-ed448 = ["sha3", "minimal-ed448"]
-
 default = ["std"]
--- a/crypto/ciphersuite/README.md
+++ b/crypto/ciphersuite/README.md
@@ -21,6 +21,8 @@ Their `hash_to_F` is the
 [IETF's hash to curve](https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-16.html),
 yet applied to their scalar field.

+Please see the [`ciphersuite-kp256`](https://docs.rs/ciphersuite-kp256) crate for more info.
+
 ### Ed25519/Ristretto

 Ed25519/Ristretto are offered via
@@ -33,6 +35,8 @@ the draft
 [RFC-RISTRETTO](https://www.ietf.org/archive/id/draft-irtf-cfrg-ristretto255-decaf448-05.html).
 The domain-separation tag is naively prefixed to the message.

+Please see the [`dalek-ff-group`](https://docs.rs/dalek-ff-group) crate for more info.
+
 ### Ed448

 Ed448 is offered via [minimal-ed448](https://crates.io/crates/minimal-ed448), an
@@ -42,3 +46,5 @@ to its prime-order subgroup.
 Its `hash_to_F` is the wide reduction of SHAKE256, with a 114-byte output, as
 used in [RFC-8032](https://www.rfc-editor.org/rfc/rfc8032). The
 domain-separation tag is naively prefixed to the message.
+
+Please see the [`minimal-ed448`](https://docs.rs/minimal-ed448) crate for more info.
--- a/crypto/ciphersuite/kp256/Cargo.toml
+++ b/crypto/ciphersuite/kp256/Cargo.toml
@@ -0,0 +1,55 @@
+[package]
+name = "ciphersuite-kp256"
+version = "0.4.0"
+description = "Ciphersuites built around ff/group"
+license = "MIT"
+repository = "https://github.com/serai-dex/serai/tree/develop/crypto/ciphersuite/kp256"
+authors = ["Luke Parker <lukeparker5132@gmail.com>"]
+keywords = ["ciphersuite", "ff", "group"]
+edition = "2021"
+rust-version = "1.66"
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
+[lints]
+workspace = true
+
+[dependencies]
+rand_core = { version = "0.6", default-features = false }
+
+zeroize = { version = "^1.5", default-features = false, features = ["derive"] }
+
+sha2 = { version = "0.10", default-features = false }
+
+elliptic-curve = { version = "0.13", default-features = false, features = ["hash2curve"] }
+p256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"] }
+k256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"] }
+
+ciphersuite = { path = "../", version = "0.4", default-features = false }
+
+[dev-dependencies]
+hex = { version = "0.4", default-features = false, features = ["std"] }
+
+rand_core = { version = "0.6", default-features = false, features = ["std"] }
+
+ff-group-tests = { version = "0.13", path = "../../ff-group-tests" }
+
+[features]
+alloc = ["ciphersuite/alloc"]
+std = [
+  "rand_core/std",
+
+  "zeroize/std",
+
+  "sha2/std",
+
+  "elliptic-curve/std",
+  "p256/std",
+  "k256/std",
+
+  "ciphersuite/std",
+]
+
+default = ["std"]
--- a/crypto/ciphersuite/kp256/LICENSE
+++ b/crypto/ciphersuite/kp256/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021-2023 Luke Parker
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/crypto/ciphersuite/kp256/README.md
+++ b/crypto/ciphersuite/kp256/README.md
@@ -0,0 +1,3 @@
+# Ciphersuite {k, p}256
+
+SECP256k1 and P-256 Ciphersuites around k256 and p256.
--- a/crypto/ciphersuite/kp256/src/lib.rs
+++ b/crypto/ciphersuite/kp256/src/lib.rs
@@ -1,16 +1,17 @@
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+#![cfg_attr(not(feature = "std"), no_std)]
+
 use zeroize::Zeroize;

 use sha2::Sha256;

-use group::ff::PrimeField;
-
 use elliptic_curve::{
  generic_array::GenericArray,
  bigint::{NonZero, CheckedAdd, Encoding, U384},
  hash2curve::{Expander, ExpandMsg, ExpandMsgXmd},
 };

-use crate::Ciphersuite;
+use ciphersuite::{group::ff::PrimeField, Ciphersuite};

 macro_rules! kp_curve {
  (
@@ -107,12 +108,9 @@ fn test_oversize_dst<C: Ciphersuite>() {
 /// Ciphersuite for Secp256k1.
 ///
 /// hash_to_F is implemented via the IETF draft for hash to curve's hash_to_field (v16).
-#[cfg(feature = "secp256k1")]
 #[derive(Clone, Copy, PartialEq, Eq, Debug, Zeroize)]
 pub struct Secp256k1;
-#[cfg(feature = "secp256k1")]
 kp_curve!("secp256k1", k256, Secp256k1, b"secp256k1");
-#[cfg(feature = "secp256k1")]
 #[test]
 fn test_secp256k1() {
  ff_group_tests::group::test_prime_group_bits::<_, k256::ProjectivePoint>(&mut rand_core::OsRng);
@@ -145,12 +143,9 @@ fn test_secp256k1() {
 /// Ciphersuite for P-256.
 ///
 /// hash_to_F is implemented via the IETF draft for hash to curve's hash_to_field (v16).
-#[cfg(feature = "p256")]
 #[derive(Clone, Copy, PartialEq, Eq, Debug, Zeroize)]
 pub struct P256;
-#[cfg(feature = "p256")]
 kp_curve!("p256", p256, P256, b"P-256");
-#[cfg(feature = "p256")]
 #[test]
 fn test_p256() {
  ff_group_tests::group::test_prime_group_bits::<_, p256::ProjectivePoint>(&mut rand_core::OsRng);
--- a/crypto/ciphersuite/src/lib.md
+++ b/crypto/ciphersuite/src/lib.md
@@ -2,7 +2,7 @@

 Ciphersuites for elliptic curves premised on ff/group.

-This library, except for the not recommended Ed448 ciphersuite, was
+This library was
 [audited by Cypher Stack in March 2023](https://github.com/serai-dex/serai/raw/e1bb2c191b7123fd260d008e31656d090d559d21/audits/Cypher%20Stack%20crypto%20March%202023/Audit.pdf),
 culminating in commit
 [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
--- a/crypto/ciphersuite/src/lib.rs
+++ b/crypto/ciphersuite/src/lib.rs
@@ -26,25 +26,6 @@ use group::{
 #[cfg(any(feature = "alloc", feature = "std"))]
 use group::GroupEncoding;

-#[cfg(feature = "dalek")]
-mod dalek;
-#[cfg(feature = "ristretto")]
-pub use dalek::Ristretto;
-#[cfg(feature = "ed25519")]
-pub use dalek::Ed25519;
-
-#[cfg(feature = "kp256")]
-mod kp256;
-#[cfg(feature = "secp256k1")]
-pub use kp256::Secp256k1;
-#[cfg(feature = "p256")]
-pub use kp256::P256;
-
-#[cfg(feature = "ed448")]
-mod ed448;
-#[cfg(feature = "ed448")]
-pub use ed448::*;
-
 /// Unified trait defining a ciphersuite around an elliptic curve.
 pub trait Ciphersuite:
  'static + Send + Sync + Clone + Copy + PartialEq + Eq + Debug + Zeroize
--- a/crypto/dalek-ff-group/Cargo.toml
+++ b/crypto/dalek-ff-group/Cargo.toml
@@ -25,18 +25,22 @@ subtle = { version = "^2.4", default-features = false }
 rand_core = { version = "0.6", default-features = false }

 digest = { version = "0.10", default-features = false }
+sha2 = { version = "0.10", default-features = false }

 ff = { version = "0.13", default-features = false, features = ["bits"] }
 group = { version = "0.13", default-features = false }
+ciphersuite = { path = "../ciphersuite", default-features = false }

 crypto-bigint = { version = "0.5", default-features = false, features = ["zeroize"] }

 curve25519-dalek = { version = ">= 4.0, < 4.2", default-features = false, features = ["alloc", "zeroize", "digest", "group", "precomputed-tables"] }

 [dev-dependencies]
+hex = "0.4"
 rand_core = { version = "0.6", default-features = false, features = ["std"] }
 ff-group-tests = { path = "../ff-group-tests" }

 [features]
-std = ["zeroize/std", "subtle/std", "rand_core/std", "digest/std"]
+alloc = ["zeroize/alloc", "ciphersuite/alloc"]
+std = ["alloc", "zeroize/std", "subtle/std", "rand_core/std", "digest/std", "sha2/std", "ciphersuite/std"]
 default = ["std"]
--- a/crypto/dalek-ff-group/src/ciphersuite.rs
+++ b/crypto/dalek-ff-group/src/ciphersuite.rs
@@ -3,9 +3,9 @@ use zeroize::Zeroize;
 use sha2::{Digest, Sha512};

 use group::Group;
-use dalek_ff_group::Scalar;
+use crate::Scalar;

-use crate::Ciphersuite;
+use ciphersuite::Ciphersuite;

 macro_rules! dalek_curve {
  (
@@ -15,7 +15,7 @@ macro_rules! dalek_curve {
    $Point:       ident,
    $ID:          literal
  ) => {
-    use dalek_ff_group::$Point;
+    use crate::$Point;

    impl Ciphersuite for $Ciphersuite {
      type F = Scalar;
@@ -40,12 +40,9 @@ macro_rules! dalek_curve {
 /// hash_to_F is implemented with a naive concatenation of the dst and data, allowing transposition
 /// between the two. This means `dst: b"abc", data: b"def"`, will produce the same scalar as
 /// `dst: "abcdef", data: b""`. Please use carefully, not letting dsts be substrings of each other.
-#[cfg(any(test, feature = "ristretto"))]
 #[derive(Clone, Copy, PartialEq, Eq, Debug, Zeroize)]
 pub struct Ristretto;
-#[cfg(any(test, feature = "ristretto"))]
 dalek_curve!("ristretto", Ristretto, RistrettoPoint, b"ristretto");
-#[cfg(any(test, feature = "ristretto"))]
 #[test]
 fn test_ristretto() {
  ff_group_tests::group::test_prime_group_bits::<_, RistrettoPoint>(&mut rand_core::OsRng);
@@ -71,12 +68,9 @@ fn test_ristretto() {
 /// hash_to_F is implemented with a naive concatenation of the dst and data, allowing transposition
 /// between the two. This means `dst: b"abc", data: b"def"`, will produce the same scalar as
 /// `dst: "abcdef", data: b""`. Please use carefully, not letting dsts be substrings of each other.
-#[cfg(feature = "ed25519")]
 #[derive(Clone, Copy, PartialEq, Eq, Debug, Zeroize)]
 pub struct Ed25519;
-#[cfg(feature = "ed25519")]
 dalek_curve!("ed25519", Ed25519, EdwardsPoint, b"edwards25519");
-#[cfg(feature = "ed25519")]
 #[test]
 fn test_ed25519() {
  ff_group_tests::group::test_prime_group_bits::<_, EdwardsPoint>(&mut rand_core::OsRng);
--- a/crypto/dalek-ff-group/src/lib.rs
+++ b/crypto/dalek-ff-group/src/lib.rs
@@ -38,6 +38,9 @@ use group::{
 mod field;
 pub use field::FieldElement;

+mod ciphersuite;
+pub use crate::ciphersuite::{Ed25519, Ristretto};
+
 // Use black_box when possible
 #[rustversion::since(1.66)]
 mod black_box {
--- a/crypto/dkg/Cargo.toml
+++ b/crypto/dkg/Cargo.toml
@@ -27,9 +27,6 @@ borsh = { version = "1", default-features = false, features = ["derive", "de_str

 ciphersuite = { path = "../ciphersuite", version = "^0.4.1", default-features = false, features = ["alloc"] }

-[dev-dependencies]
-ciphersuite = { path = "../ciphersuite", default-features = false, features = ["ristretto"] }
-
 [features]
 std = [
  "thiserror/std",
--- a/crypto/dkg/musig/Cargo.toml
+++ b/crypto/dkg/musig/Cargo.toml
@@ -31,7 +31,7 @@ dkg = { path = "../", version = "0.6", default-features = false }

 [dev-dependencies]
 rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }
-ciphersuite = { path = "../../ciphersuite", default-features = false, features = ["ristretto"] }
+dalek-ff-group = { path = "../../dalek-ff-group" }
 dkg-recovery = { path = "../recovery", default-features = false, features = ["std"] }

 [features]
--- a/crypto/dkg/musig/src/tests.rs
+++ b/crypto/dkg/musig/src/tests.rs
@@ -3,7 +3,8 @@ use std::collections::HashMap;
 use zeroize::Zeroizing;
 use rand_core::OsRng;

-use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::Field, Ciphersuite};

 use dkg_recovery::recover_key;
 use crate::*;
--- a/crypto/dkg/pedpop/Cargo.toml
+++ b/crypto/dkg/pedpop/Cargo.toml
@@ -34,4 +34,4 @@ dkg = { path = "../", version = "0.6", default-features = false, features = ["st

 [dev-dependencies]
 rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }
-ciphersuite = { path = "../../ciphersuite", default-features = false, features = ["ristretto"] }
+dalek-ff-group = { path = "../../dalek-ff-group", default-features = false }
--- a/crypto/dkg/pedpop/src/tests.rs
+++ b/crypto/dkg/pedpop/src/tests.rs
@@ -2,7 +2,8 @@ use std::collections::HashMap;

 use rand_core::{RngCore, CryptoRng, OsRng};

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;

 use crate::*;

--- a/crypto/dkg/promote/Cargo.toml
+++ b/crypto/dkg/promote/Cargo.toml
@@ -30,5 +30,5 @@ dkg = { path = "../", version = "0.6.1", default-features = false, features = ["
 [dev-dependencies]
 zeroize = { version = "^1.5", default-features = false, features = ["std", "zeroize_derive"] }
 rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }
-ciphersuite = { path = "../../ciphersuite", default-features = false, features = ["ristretto"] }
+dalek-ff-group = { path = "../../dalek-ff-group" }
 dkg-recovery = { path = "../recovery", default-features = false, features = ["std"] }
--- a/crypto/dkg/promote/src/tests.rs
+++ b/crypto/dkg/promote/src/tests.rs
@@ -4,9 +4,10 @@ use std::collections::HashMap;
 use zeroize::{Zeroize, Zeroizing};
 use rand_core::OsRng;

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::Field, Group},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };

 use dkg::*;
--- a/crypto/ed448/Cargo.toml
+++ b/crypto/ed448/Cargo.toml
@@ -24,8 +24,11 @@ rand_core = { version = "0.6", default-features = false }
 zeroize = { version = "^1.5", default-features = false, features = ["zeroize_derive"] }
 subtle = { version = "^2.4", default-features = false }

+sha3 = { version = "0.10", default-features = false }
+
 ff = { version = "0.13", default-features = false, features = ["bits"] }
 group = { version = "0.13", default-features = false }
+ciphersuite = { path = "../ciphersuite", default-features = false }

 generic-array = { version = "1", default-features = false }
 crypto-bigint = { version = "0.5", default-features = false, features = ["zeroize"] }
@@ -38,5 +41,6 @@ rand_core = { version = "0.6", default-features = false, features = ["std"] }
 ff-group-tests = { path = "../ff-group-tests" }

 [features]
-std = ["rand_core/std", "zeroize/std", "subtle/std", "ff/std"]
+alloc = ["zeroize/alloc", "ciphersuite/alloc"]
+std = ["alloc", "rand_core/std", "zeroize/std", "subtle/std", "sha3/std", "ff/std", "ciphersuite/std"]
 default = ["std"]
--- a/crypto/ed448/src/ciphersuite.rs
+++ b/crypto/ed448/src/ciphersuite.rs
@@ -1,15 +1,17 @@
 use zeroize::Zeroize;

-use digest::{
-  typenum::U114, core_api::BlockSizeUser, Update, Output, OutputSizeUser, FixedOutput,
-  ExtendableOutput, XofReader, HashMarker, Digest,
+use sha3::{
+  digest::{
+    typenum::U114, core_api::BlockSizeUser, Update, Output, OutputSizeUser, FixedOutput,
+    ExtendableOutput, XofReader, HashMarker, Digest,
+  },
+  Shake256,
 };
-use sha3::Shake256;

 use group::Group;
-use minimal_ed448::{Scalar, Point};
+use crate::{Scalar, Point};

-use crate::Ciphersuite;
+use ciphersuite::Ciphersuite;

 /// Shake256, fixed to a 114-byte output, as used by Ed448.
 #[derive(Clone, Default)]
--- a/crypto/ed448/src/lib.rs
+++ b/crypto/ed448/src/lib.rs
@@ -14,3 +14,6 @@ pub use field::FieldElement;

 mod point;
 pub use point::Point;
+
+mod ciphersuite;
+pub use crate::ciphersuite::Ed448;
--- a/crypto/frost/Cargo.toml
+++ b/crypto/frost/Cargo.toml
@@ -34,6 +34,7 @@ dalek-ff-group = { path = "../dalek-ff-group", version = "0.4", default-features
 minimal-ed448 = { path = "../ed448", version = "0.4", default-features = false, features = ["std"], optional = true }

 ciphersuite = { path = "../ciphersuite", version = "^0.4.1", default-features = false, features = ["std"] }
+ciphersuite-kp256 = { path = "../ciphersuite/kp256", version = "0.4", default-features = false, features = ["std"], optional = true }

 multiexp = { path = "../multiexp", version = "0.4", default-features = false, features = ["std", "batch"] }

@@ -52,12 +53,12 @@ dkg-recovery = { path = "../dkg/recovery", default-features = false, features =
 dkg-dealer = { path = "../dkg/dealer", default-features = false, features = ["std"] }

 [features]
-ed25519 = ["dalek-ff-group", "ciphersuite/ed25519"]
-ristretto = ["dalek-ff-group", "ciphersuite/ristretto"]
+ed25519 = ["dalek-ff-group"]
+ristretto = ["dalek-ff-group"]

-secp256k1 = ["ciphersuite/secp256k1"]
-p256 = ["ciphersuite/p256"]
+secp256k1 = ["ciphersuite-kp256"]
+p256 = ["ciphersuite-kp256"]

-ed448 = ["minimal-ed448", "ciphersuite/ed448"]
+ed448 = ["minimal-ed448"]

-tests = ["hex", "rand_core/getrandom", "dkg-dealer" ,"dkg-recovery"]
+tests = ["hex", "rand_core/getrandom", "dkg-dealer", "dkg-recovery"]
--- a/crypto/frost/src/curve/dalek.rs
+++ b/crypto/frost/src/curve/dalek.rs
@@ -16,7 +16,7 @@ macro_rules! dalek_curve {
    $CONTEXT: literal,
    $chal: literal
  ) => {
-    pub use ciphersuite::$Curve;
+    pub use dalek_ff_group::$Curve;

    impl Curve for $Curve {
      const CONTEXT: &'static [u8] = $CONTEXT;
--- a/crypto/frost/src/curve/ed448.rs
+++ b/crypto/frost/src/curve/ed448.rs
@@ -1,7 +1,8 @@
 use digest::Digest;

 use minimal_ed448::{Scalar, Point};
-pub use ciphersuite::{group::GroupEncoding, Shake256_114, Ed448};
+pub use minimal_ed448::Ed448;
+pub use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use crate::{curve::Curve, algorithm::Hram};

@@ -18,7 +19,7 @@ impl Ietf8032Ed448Hram {
  #[allow(non_snake_case)]
  pub(crate) fn hram(context: &[u8], R: &Point, A: &Point, m: &[u8]) -> Scalar {
    Scalar::wide_reduce(
-      Shake256_114::digest(
+      <Ed448 as Ciphersuite>::H::digest(
        [
          &[b"SigEd448".as_ref(), &[0, u8::try_from(context.len()).unwrap()]].concat(),
          context,
--- a/crypto/frost/src/curve/kp256.rs
+++ b/crypto/frost/src/curve/kp256.rs
@@ -11,7 +11,7 @@ macro_rules! kp_curve {

    $CONTEXT: literal
  ) => {
-    pub use ciphersuite::$Curve;
+    pub use ciphersuite_kp256::$Curve;

    impl Curve for $Curve {
      const CONTEXT: &'static [u8] = $CONTEXT;
--- a/crypto/schnorr/Cargo.toml
+++ b/crypto/schnorr/Cargo.toml
@@ -36,7 +36,7 @@ rand_core = { version = "0.6", features = ["std"] }
 sha2 = "0.10"

 dalek-ff-group = { path =  "../dalek-ff-group" }
-ciphersuite = { path = "../ciphersuite", features = ["ed25519"] }
+ciphersuite = { path = "../ciphersuite" }

 [features]
 aggregate = ["transcript"]
--- a/crypto/schnorr/src/tests/mod.rs
+++ b/crypto/schnorr/src/tests/mod.rs
@@ -3,9 +3,10 @@ use core::ops::Deref;
 use zeroize::Zeroizing;
 use rand_core::OsRng;

+use dalek_ff_group::Ed25519;
 use ciphersuite::{
  group::{ff::Field, Group},
-  Ciphersuite, Ed25519,
+  Ciphersuite,
 };
 use multiexp::BatchVerifier;

--- a/crypto/schnorr/src/tests/rfc8032.rs
+++ b/crypto/schnorr/src/tests/rfc8032.rs
@@ -5,8 +5,8 @@

 use sha2::{Digest, Sha512};

-use dalek_ff_group::Scalar;
-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ed25519};
+use dalek_ff_group::{Scalar, Ed25519};
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use crate::SchnorrSignature;

--- a/crypto/schnorrkel/Cargo.toml
+++ b/crypto/schnorrkel/Cargo.toml
@@ -24,7 +24,8 @@ transcript = { package = "flexible-transcript", path = "../transcript", version

 group = "0.13"

-ciphersuite = { path = "../ciphersuite", version = "^0.4.1", features = ["std", "ristretto"] }
+dalek-ff-group = { path = "../dalek-ff-group" }
+ciphersuite = { path = "../ciphersuite", version = "^0.4.1", features = ["std"] }
 schnorr = { package = "schnorr-signatures", path = "../schnorr", version = "^0.5.1" }
 frost = { path = "../frost", package = "modular-frost", version = "^0.10.0", features = ["ristretto"] }

--- a/crypto/schnorrkel/src/lib.rs
+++ b/crypto/schnorrkel/src/lib.rs
@@ -9,8 +9,11 @@ use zeroize::Zeroizing;

 use transcript::{Transcript, MerlinTranscript};

-use group::{ff::PrimeField, GroupEncoding};
-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{
+  group::{ff::PrimeField, GroupEncoding},
+  Ciphersuite,
+};
 use schnorr::SchnorrSignature;

 use ::frost::{
--- a/message-queue/Cargo.toml
+++ b/message-queue/Cargo.toml
@@ -30,7 +30,8 @@ rand_core = { version = "0.6", default-features = false, features = ["std"] }

 # Cryptography
 transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std", "recommended"] }
-ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] }
+dalek-ff-group = { path = "../crypto/dalek-ff-group", default-features = false, features = ["std"] }
+ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std"] }
 schnorr-signatures = { path = "../crypto/schnorr", default-features = false, features = ["std"] }

 # Application
--- a/message-queue/src/client.rs
+++ b/message-queue/src/client.rs
@@ -3,9 +3,10 @@ use core::ops::Deref;
 use zeroize::{Zeroize, Zeroizing};
 use rand_core::OsRng;

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::ff::{Field, PrimeField},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };
 use schnorr_signatures::SchnorrSignature;

--- a/message-queue/src/main.rs
+++ b/message-queue/src/main.rs
@@ -3,7 +3,8 @@ pub(crate) use std::{
  collections::HashMap,
 };

-pub(crate) use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+pub(crate) use ciphersuite::{group::GroupEncoding, Ciphersuite};
 pub(crate) use schnorr_signatures::SchnorrSignature;

 pub(crate) use serai_primitives::ExternalNetworkId;
--- a/message-queue/src/messages.rs
+++ b/message-queue/src/messages.rs
@@ -1,5 +1,6 @@
 use transcript::{Transcript, RecommendedTranscript};
-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use borsh::{BorshSerialize, BorshDeserialize};

--- a/orchestration/Cargo.toml
+++ b/orchestration/Cargo.toml
@@ -23,7 +23,8 @@ rand_core = { version = "0.6", default-features = false, features = ["std", "get
 rand_chacha = { version = "0.3", default-features = false, features = ["std"] }

 transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std", "recommended"] }
-ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] }
+dalek-ff-group = { path = "../crypto/dalek-ff-group", default-features = false, features = ["std"] }
+ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std"] }

 zalloc = { path = "../common/zalloc" }

--- a/orchestration/src/coordinator.rs
+++ b/orchestration/src/coordinator.rs
@@ -2,7 +2,8 @@ use std::path::Path;

 use zeroize::Zeroizing;

-use ciphersuite::{group::ff::PrimeField, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::PrimeField, Ciphersuite};

 use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile};

--- a/orchestration/src/main.rs
+++ b/orchestration/src/main.rs
@@ -18,12 +18,13 @@ use rand_chacha::ChaCha20Rng;

 use transcript::{Transcript, RecommendedTranscript};

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{
    ff::{Field, PrimeField},
    GroupEncoding,
  },
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };

 mod mimalloc;
--- a/orchestration/src/message_queue.rs
+++ b/orchestration/src/message_queue.rs
@@ -1,6 +1,7 @@
 use std::path::Path;

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile};

--- a/orchestration/src/processor.rs
+++ b/orchestration/src/processor.rs
@@ -2,7 +2,8 @@ use std::path::Path;

 use zeroize::Zeroizing;

-use ciphersuite::{group::ff::PrimeField, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::PrimeField, Ciphersuite};

 use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile};

--- a/orchestration/src/serai.rs
+++ b/orchestration/src/serai.rs
@@ -1,7 +1,8 @@
 use std::path::Path;

 use zeroize::Zeroizing;
-use ciphersuite::{group::ff::PrimeField, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::PrimeField, Ciphersuite};

 use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile};

--- a/processor/Cargo.toml
+++ b/processor/Cargo.toml
@@ -35,7 +35,8 @@ serde_json = { version = "1", default-features = false, features = ["std"] }

 # Cryptography
 blake2 = { version = "0.10", default-features = false, features = ["std"] }
-ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] }
+dalek-ff-group = { path = "../crypto/dalek-ff-group", default-features = false, features = ["std"] }
+ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std"] }

 transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std"] }
 dkg-pedpop = { path = "../crypto/dkg/pedpop", default-features = false }
@@ -50,10 +51,10 @@ secp256k1 = { version = "0.29", default-features = false, features = ["std", "gl
 bitcoin-serai = { path = "../networks/bitcoin", default-features = false, features = ["std"], optional = true }

 # Ethereum
+ciphersuite-kp256 = { path = "../crypto/ciphersuite/kp256", default-features = false, features = ["std"], optional = true }
 ethereum-serai = { path = "../networks/ethereum", default-features = false, optional = true }

 # Monero
-dalek-ff-group = { path = "../crypto/dalek-ff-group", default-features = false, features = ["std"], optional = true }
 monero-simple-request-rpc = { git = "https://github.com/monero-oxide/monero-oxide", rev = "a74f41c2270707e340a9cb57fcd97a762d04975b", default-features = false, optional = true }
 monero-wallet = { git = "https://github.com/monero-oxide/monero-oxide", rev = "a74f41c2270707e340a9cb57fcd97a762d04975b", default-features = false, features = ["std", "multisig", "compile-time-generators"], optional = true }

@@ -86,9 +87,9 @@ serai-docker-tests = { path = "../tests/docker" }
 secp256k1 = ["k256", "frost/secp256k1"]
 bitcoin = ["dep:secp256k1", "secp256k1", "bitcoin-serai", "serai-client/bitcoin"]

-ethereum = ["secp256k1", "ethereum-serai/tests"]
+ethereum = ["secp256k1", "ciphersuite-kp256", "ethereum-serai/tests"]

-ed25519 = ["dalek-ff-group", "frost/ed25519"]
+ed25519 = ["frost/ed25519"]
 monero = ["ed25519", "monero-simple-request-rpc", "monero-wallet", "serai-client/monero"]

 binaries = ["env_logger", "serai-env", "message-queue"]
--- a/processor/src/networks/ethereum.rs
+++ b/processor/src/networks/ethereum.rs
@@ -7,7 +7,8 @@ use std::{

 use async_trait::async_trait;

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Secp256k1};
+use ciphersuite::{group::GroupEncoding, Ciphersuite};
+use ciphersuite_kp256::Secp256k1;
 use frost::ThresholdKeys;

 use ethereum_serai::{
--- a/processor/src/tests/literal/mod.rs
+++ b/processor/src/tests/literal/mod.rs
@@ -286,7 +286,8 @@ mod monero {
 mod ethereum {
  use super::*;

-  use ciphersuite::{Ciphersuite, Secp256k1};
+  use ciphersuite::Ciphersuite;
+  use ciphersuite_kp256::Secp256k1;

  use serai_client::validator_sets::primitives::Session;

--- a/substrate/client/Cargo.toml
+++ b/substrate/client/Cargo.toml
@@ -38,6 +38,7 @@ simple-request = { path = "../../common/request", version = "0.1", optional = tr

 bitcoin = { version = "0.32", optional = true }

+dalek-ff-group = { path = "../../crypto/dalek-ff-group", optional = true }
 ciphersuite = { path = "../../crypto/ciphersuite", version = "0.4", optional = true }
 monero-wallet = { git = "https://github.com/monero-oxide/monero-oxide", rev = "a74f41c2270707e340a9cb57fcd97a762d04975b", version = "0.1.0", default-features = false, features = ["std"], optional = true }

@@ -47,7 +48,8 @@ hex = "0.4"

 blake2 = "0.10"

-ciphersuite = { path = "../../crypto/ciphersuite", features = ["ristretto"] }
+dalek-ff-group = { path = "../../crypto/dalek-ff-group" }
+ciphersuite = { path = "../../crypto/ciphersuite" }
 dkg-musig = { path = "../../crypto/dkg/musig" }
 frost = { package = "modular-frost", path = "../../crypto/frost", features = ["tests"] }
 schnorrkel = { path = "../../crypto/schnorrkel", package = "frost-schnorrkel" }
@@ -63,7 +65,7 @@ borsh = ["serai-abi/borsh"]

 networks = []
 bitcoin = ["networks", "dep:bitcoin"]
-monero = ["networks", "ciphersuite/ed25519", "monero-wallet"]
+monero = ["networks", "dalek-ff-group", "monero-wallet"]

 # Assumes the default usage is to use Serai as a DEX, which doesn't actually
 # require connecting to a Serai node
--- a/substrate/client/src/networks/monero.rs
+++ b/substrate/client/src/networks/monero.rs
@@ -2,7 +2,8 @@ use core::{str::FromStr, fmt};

 use scale::{Encode, Decode};

-use ciphersuite::{Ciphersuite, Ed25519};
+use dalek_ff_group::Ed25519;
+use ciphersuite::Ciphersuite;

 use monero_wallet::address::{AddressError, Network, AddressType, MoneroAddress};

--- a/substrate/client/tests/common/genesis_liquidity.rs
+++ b/substrate/client/tests/common/genesis_liquidity.rs
@@ -3,7 +3,8 @@ use std::collections::HashMap;
 use rand_core::{RngCore, OsRng};
 use zeroize::Zeroizing;

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;
 use dkg_musig::musig;
 use schnorrkel::Schnorrkel;

--- a/substrate/client/tests/common/validator_sets.rs
+++ b/substrate/client/tests/common/validator_sets.rs
@@ -9,7 +9,8 @@ use sp_core::{
  Pair as PairTrait,
 };

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;
 use dkg_musig::musig;
 use schnorrkel::Schnorrkel;

--- a/substrate/validator-sets/primitives/Cargo.toml
+++ b/substrate/validator-sets/primitives/Cargo.toml
@@ -18,7 +18,8 @@ workspace = true
 [dependencies]
 zeroize = { version = "^1.5", features = ["derive"], optional = true }

-ciphersuite = { path = "../../../crypto/ciphersuite", version = "0.4", default-features = false, features = ["alloc", "ristretto"] }
+dalek-ff-group = { path = "../../../crypto/dalek-ff-group", default-features = false, features = ["alloc"] }
+ciphersuite = { path = "../../../crypto/ciphersuite", version = "0.4", default-features = false, features = ["alloc"] }
 dkg-musig = { path = "../../../crypto/dkg/musig", default-features = false }

 borsh = { version = "1", default-features = false, features = ["derive", "de_strict_order"], optional = true }
--- a/substrate/validator-sets/primitives/src/lib.rs
+++ b/substrate/validator-sets/primitives/src/lib.rs
@@ -3,7 +3,8 @@
 #[cfg(feature = "std")]
 use zeroize::Zeroize;

-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};

 use scale::{Encode, Decode, MaxEncodedLen};
 use scale_info::TypeInfo;
--- a/tests/coordinator/Cargo.toml
+++ b/tests/coordinator/Cargo.toml
@@ -24,7 +24,9 @@ zeroize = { version = "1", default-features = false }
 rand_core = { version = "0.6", default-features = false }

 blake2 = "0.10"
-ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["ristretto", "secp256k1"] }
+dalek-ff-group = { path = "../../crypto/dalek-ff-group", default-features = false }
+ciphersuite = { path = "../../crypto/ciphersuite", default-features = false }
+ciphersuite-kp256 = { path = "../../crypto/ciphersuite/kp256", default-features = false }
 schnorrkel = "0.11"
 dkg = { path = "../../crypto/dkg", default-features = false }

--- a/tests/coordinator/src/lib.rs
+++ b/tests/coordinator/src/lib.rs
@@ -14,9 +14,10 @@ use rand_core::{RngCore, OsRng};

 use zeroize::Zeroizing;

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::PrimeField, GroupEncoding},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };

 use serai_client::primitives::ExternalNetworkId;
--- a/tests/coordinator/src/tests/batch.rs
+++ b/tests/coordinator/src/tests/batch.rs
@@ -10,7 +10,10 @@ use blake2::{
  digest::{consts::U32, Digest},
  Blake2b,
 };
-use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto, Secp256k1};
+
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::GroupEncoding, Ciphersuite};
+use ciphersuite_kp256::Secp256k1;
 use dkg::Participant;

 use scale::Encode;
--- a/tests/coordinator/src/tests/key_gen.rs
+++ b/tests/coordinator/src/tests/key_gen.rs
@@ -6,10 +6,12 @@ use std::{
 use zeroize::Zeroizing;
 use rand_core::OsRng;

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::Field, GroupEncoding},
-  Ciphersuite, Ristretto, Secp256k1,
+  Ciphersuite,
 };
+use ciphersuite_kp256::Secp256k1;
 use dkg::ThresholdParams;

 use serai_client::{
--- a/tests/coordinator/src/tests/rotation.rs
+++ b/tests/coordinator/src/tests/rotation.rs
@@ -1,6 +1,6 @@
 use tokio::time::{sleep, Duration};

-use ciphersuite::Secp256k1;
+use ciphersuite_kp256::Secp256k1;

 use serai_client::{
  primitives::{insecure_pair_from_name, NetworkId},
--- a/tests/coordinator/src/tests/sign.rs
+++ b/tests/coordinator/src/tests/sign.rs
@@ -5,7 +5,7 @@ use std::{

 use rand_core::{RngCore, OsRng};

-use ciphersuite::Secp256k1;
+use ciphersuite_kp256::Secp256k1;

 use dkg::Participant;

--- a/tests/message-queue/Cargo.toml
+++ b/tests/message-queue/Cargo.toml
@@ -22,7 +22,8 @@ hex = "0.4"
 zeroize = { version = "1", default-features = false }
 rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }

-ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["ristretto"] }
+dalek-ff-group = { path = "../../crypto/dalek-ff-group", default-features = false }
+ciphersuite = { path = "../../crypto/ciphersuite", default-features = false }

 serai-primitives = { path = "../../substrate/primitives" }
 serai-message-queue = { path = "../../message-queue" }
--- a/tests/message-queue/src/lib.rs
+++ b/tests/message-queue/src/lib.rs
@@ -2,9 +2,10 @@ use std::collections::HashMap;

 use rand_core::OsRng;

+use dalek_ff_group::Ristretto;
 use ciphersuite::{
  group::{ff::Field, GroupEncoding},
-  Ciphersuite, Ristretto,
+  Ciphersuite,
 };

 use serai_primitives::{ExternalNetworkId, EXTERNAL_NETWORKS};
--- a/tests/no-std/Cargo.toml
+++ b/tests/no-std/Cargo.toml
@@ -19,10 +19,11 @@ workspace = true
 [dependencies]
 flexible-transcript = { path = "../../crypto/transcript", default-features = false, features = ["recommended", "merlin"] }

-dalek-ff-group = { path = "../../crypto/dalek-ff-group", default-features = false }
-minimal-ed448 = { path = "../../crypto/ed448", default-features = false }
+dalek-ff-group = { path = "../../crypto/dalek-ff-group", default-features = false, features = ["alloc"] }
+minimal-ed448 = { path = "../../crypto/ed448", default-features = false, features = ["alloc"] }

-ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["alloc", "secp256k1", "p256", "ed25519", "ristretto", "ed448"] }
+ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["alloc"] }
+ciphersuite-kp256 = { path = "../../crypto/ciphersuite/kp256", default-features = false, features = ["alloc"] }

 multiexp = { path = "../../crypto/multiexp", default-features = false, features = ["batch"] }

--- a/tests/no-std/src/lib.rs
+++ b/tests/no-std/src/lib.rs
@@ -6,6 +6,7 @@ pub use dalek_ff_group;
 pub use minimal_ed448;

 pub use ciphersuite;
+pub use ciphersuite_kp256;

 pub use multiexp;

--- a/tests/processor/Cargo.toml
+++ b/tests/processor/Cargo.toml
@@ -23,7 +23,9 @@ zeroize = { version = "1", default-features = false }
 rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }

 curve25519-dalek = "4"
-ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["secp256k1", "ristretto"] }
+dalek-ff-group = { path = "../../crypto/dalek-ff-group", default-features = false }
+ciphersuite = { path = "../../crypto/ciphersuite", default-features = false }
+ciphersuite-kp256 = { path = "../../crypto/ciphersuite/kp256", default-features = false }
 dkg = { path = "../../crypto/dkg", default-features = false }

 bitcoin-serai = { path = "../../networks/bitcoin" }
--- a/tests/processor/src/lib.rs
+++ b/tests/processor/src/lib.rs
@@ -5,7 +5,8 @@ use std::sync::{OnceLock, Mutex};
 use zeroize::Zeroizing;
 use rand_core::{RngCore, OsRng};

-use ciphersuite::{group::ff::PrimeField, Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::{group::ff::PrimeField, Ciphersuite};

 use serai_client::primitives::ExternalNetworkId;
 use messages::{ProcessorMessage, CoordinatorMessage};
--- a/tests/processor/src/networks.rs
+++ b/tests/processor/src/networks.rs
@@ -90,7 +90,7 @@ pub enum Wallet {
  },
  Ethereum {
    rpc_url: String,
-    key: <ciphersuite::Secp256k1 as Ciphersuite>::F,
+    key: <ciphersuite_kp256::Secp256k1 as Ciphersuite>::F,
    nonce: u64,
  },
  Monero {
@@ -149,7 +149,8 @@ impl Wallet {
      }

      ExternalNetworkId::Ethereum => {
-        use ciphersuite::{group::ff::Field, Secp256k1};
+        use ciphersuite::group::ff::Field;
+        use ciphersuite_kp256::Secp256k1;
        use ethereum_serai::alloy::{
          primitives::{U256, Address},
          simple_request_transport::SimpleRequest,
@@ -321,7 +322,7 @@ impl Wallet {
        ));

        let to_as_key = PublicKey::new(
-          <ciphersuite::Secp256k1 as Ciphersuite>::read_G(&mut to.as_slice()).unwrap(),
+          <ciphersuite_kp256::Secp256k1 as Ciphersuite>::read_G(&mut to.as_slice()).unwrap(),
        )
        .unwrap();
        let router_addr = {
@@ -502,7 +503,7 @@ impl Wallet {
        .unwrap()
      }
      Wallet::Ethereum { key, .. } => ExternalAddress::new(
-        ethereum_serai::crypto::address(&(ciphersuite::Secp256k1::generator() * key)).into(),
+        ethereum_serai::crypto::address(&(ciphersuite_kp256::Secp256k1::generator() * key)).into(),
      )
      .unwrap(),
      Wallet::Monero { view_pair, .. } => {
--- a/tests/processor/src/tests/mod.rs
+++ b/tests/processor/src/tests/mod.rs
@@ -1,6 +1,7 @@
 use std::collections::HashMap;

-use ciphersuite::{Ciphersuite, Ristretto};
+use dalek_ff_group::Ristretto;
+use ciphersuite::Ciphersuite;

 use dockertest::DockerTest;