From ceede14f5cf7d77e7d332760ed7bcf54c093eaed Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Mon, 18 Aug 2025 07:19:40 -0400 Subject: [PATCH] Fix misc compilation errors --- Cargo.lock | 3 + coordinator/Cargo.toml | 1 + coordinator/src/tests/tributary/dkg.rs | 4 +- coordinator/src/tributary/signing_protocol.rs | 10 +--- networks/ethereum/src/tests/mod.rs | 2 +- processor/Cargo.toml | 1 + processor/src/key_gen.rs | 59 +++++++------------ processor/src/networks/bitcoin.rs | 2 +- processor/src/networks/ethereum.rs | 2 +- processor/src/networks/monero.rs | 2 +- processor/src/tests/batch_signer.rs | 2 +- processor/src/tests/cosigner.rs | 2 +- processor/src/tests/signer.rs | 2 +- processor/src/tests/wallet.rs | 2 +- substrate/client/Cargo.toml | 1 + .../client/tests/common/genesis_liquidity.rs | 4 +- .../client/tests/common/validator_sets.rs | 5 +- .../validator-sets/primitives/src/lib.rs | 2 +- tests/processor/src/tests/mod.rs | 2 + 19 files changed, 47 insertions(+), 61 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index c10e41fd..3576aa75 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -8050,6 +8050,7 @@ dependencies = [ "bitcoin", "blake2", "ciphersuite", + "dkg-musig", "dockertest", "frame-system", "frost-schnorrkel", @@ -8109,6 +8110,7 @@ dependencies = [ "blake2", "borsh", "ciphersuite", + "dkg-musig", "env_logger", "flexible-transcript", "frost-schnorrkel", @@ -8480,6 +8482,7 @@ version = "0.1.0" dependencies = [ "async-trait", "bitcoin-serai", + "blake2", "borsh", "ciphersuite", "const-hex", diff --git a/coordinator/Cargo.toml b/coordinator/Cargo.toml index ae4e2be7..1067fbb0 100644 --- a/coordinator/Cargo.toml +++ b/coordinator/Cargo.toml @@ -27,6 +27,7 @@ blake2 = { version = "0.10", default-features = false, features = ["std"] } transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std", "recommended"] } ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std"] } schnorr = { package = "schnorr-signatures", path = "../crypto/schnorr", default-features = false, features = ["std"] } +dkg-musig = { path = "../crypto/dkg/musig", default-features = false, features = ["std"] } frost = { package = "modular-frost", path = "../crypto/frost" } frost-schnorrkel = { path = "../crypto/schnorrkel" } diff --git a/coordinator/src/tests/tributary/dkg.rs b/coordinator/src/tests/tributary/dkg.rs index adaa6643..7999d58a 100644 --- a/coordinator/src/tests/tributary/dkg.rs +++ b/coordinator/src/tests/tributary/dkg.rs @@ -361,8 +361,8 @@ async fn dkg_test() { assert!(signature.verify( &*serai_client::validator_sets::primitives::set_keys_message(&set, &[], &key_pair), &serai_client::Public( - frost::dkg::musig::musig_key::( - &serai_client::validator_sets::primitives::musig_context(set.into()), + dkg_musig::musig_key_vartime::( + serai_client::validator_sets::primitives::musig_context(set.into()), &self.spec.validators().into_iter().map(|(validator, _)| validator).collect::>() ) .unwrap() diff --git a/coordinator/src/tributary/signing_protocol.rs b/coordinator/src/tributary/signing_protocol.rs index 20dda48e..dbb61585 100644 --- a/coordinator/src/tributary/signing_protocol.rs +++ b/coordinator/src/tributary/signing_protocol.rs @@ -67,12 +67,8 @@ use ciphersuite::{ group::{ff::PrimeField, GroupEncoding}, Ciphersuite, Ristretto, }; -use frost::{ - FrostError, - dkg::{Participant, musig::musig}, - ThresholdKeys, - sign::*, -}; +use dkg_musig::musig; +use frost::{FrostError, dkg::Participant, ThresholdKeys, sign::*}; use frost_schnorrkel::Schnorrkel; use scale::Encode; @@ -119,7 +115,7 @@ impl SigningProtocol<'_, T, C> { let algorithm = Schnorrkel::new(b"substrate"); let keys: ThresholdKeys = - musig(&musig_context(self.spec.set().into()), self.key, participants) + musig(musig_context(self.spec.set().into()), self.key.clone(), participants) .expect("signing for a set we aren't in/validator present multiple times") .into(); diff --git a/networks/ethereum/src/tests/mod.rs b/networks/ethereum/src/tests/mod.rs index dcdbedce..cbe1bb44 100644 --- a/networks/ethereum/src/tests/mod.rs +++ b/networks/ethereum/src/tests/mod.rs @@ -37,7 +37,7 @@ pub fn key_gen() -> (HashMap>, PublicKey) group_key += ProjectivePoint::GENERATOR; } for keys in keys.values_mut() { - *keys = keys.offset(offset); + *keys = keys.clone().offset(offset); } let public_key = PublicKey::new(group_key).unwrap(); diff --git a/processor/Cargo.toml b/processor/Cargo.toml index c67f24f4..d0a650d0 100644 --- a/processor/Cargo.toml +++ b/processor/Cargo.toml @@ -34,6 +34,7 @@ borsh = { version = "1", default-features = false, features = ["std", "derive", serde_json = { version = "1", default-features = false, features = ["std"] } # Cryptography +blake2 = { version = "0.10", default-features = false, features = ["std"] } ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] } transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std"] } diff --git a/processor/src/key_gen.rs b/processor/src/key_gen.rs index 894fec78..8d3310a1 100644 --- a/processor/src/key_gen.rs +++ b/processor/src/key_gen.rs @@ -10,7 +10,7 @@ use ciphersuite::group::GroupEncoding; use dkg_pedpop::*; use frost::{ curve::{Ciphersuite, Ristretto}, - dkg::{DkgError, Participant, ThresholdParams, ThresholdCore, ThresholdKeys}, + dkg::{Participant, ThresholdParams, ThresholdKeys}, }; use log::info; @@ -54,8 +54,8 @@ impl GeneratedKeysDb { let mut substrate_keys = vec![]; let mut network_keys = vec![]; while !keys_ref.is_empty() { - substrate_keys.push(ThresholdKeys::new(ThresholdCore::read(&mut keys_ref).unwrap())); - let mut these_network_keys = ThresholdKeys::new(ThresholdCore::read(&mut keys_ref).unwrap()); + substrate_keys.push(ThresholdKeys::read(&mut keys_ref).unwrap()); + let mut these_network_keys = ThresholdKeys::read(&mut keys_ref).unwrap(); N::tweak_keys(&mut these_network_keys); network_keys.push(these_network_keys); } @@ -65,7 +65,7 @@ impl GeneratedKeysDb { fn save_keys( txn: &mut impl DbTxn, id: &KeyGenId, - substrate_keys: &[ThresholdCore], + substrate_keys: &[ThresholdKeys], network_keys: &[ThresholdKeys], ) { let mut keys = Zeroizing::new(vec![]); @@ -181,15 +181,19 @@ impl KeyGen { ) -> ProcessorMessage { const SUBSTRATE_KEY_CONTEXT: &str = "substrate"; const NETWORK_KEY_CONTEXT: &str = "network"; - let context = |id: &KeyGenId, key| { + let context = |id: &KeyGenId, key| -> [u8; 32] { // TODO2: Also embed the chain ID/genesis block - format!( - "Serai Key Gen. Session: {:?}, Network: {:?}, Attempt: {}, Key: {}", - id.session, - N::NETWORK, - id.attempt, - key, + ::digest( + format!( + "Serai Key Gen. Session: {:?}, Network: {:?}, Attempt: {}, Key: {}", + id.session, + N::NETWORK, + id.attempt, + key, + ) + .as_bytes(), ) + .into() }; let rng = |label, id: KeyGenId| { @@ -246,19 +250,10 @@ impl KeyGen { match machine.generate_secret_shares(rng, commitments) { Ok(res) => Ok(res), Err(e) => match e { - DkgError::ZeroParameter(_, _) | - DkgError::InvalidThreshold(_, _) | - DkgError::InvalidParticipant(_, _) | - DkgError::InvalidSigningSet | - DkgError::InvalidShare { .. } => unreachable!("{e:?}"), - DkgError::InvalidParticipantQuantity(_, _) | - DkgError::DuplicatedParticipant(_) | - DkgError::MissingParticipant(_) => { - panic!("coordinator sent invalid DKG commitments: {e:?}") - } - DkgError::InvalidCommitments(i) => { + PedPoPError::InvalidCommitments(i) => { Err(ProcessorMessage::InvalidCommitments { id, faulty: i })? } + _ => panic!("unknown error: {e:?}"), }, } } @@ -396,7 +391,7 @@ impl KeyGen { m: usize, machine: KeyMachine, shares_ref: &mut HashMap, - ) -> Result, ProcessorMessage> { + ) -> Result, ProcessorMessage> { let params = ThresholdParams::new( params.t(), params.n(), @@ -421,17 +416,7 @@ impl KeyGen { (match machine.calculate_share(rng, shares) { Ok(res) => res, Err(e) => match e { - DkgError::ZeroParameter(_, _) | - DkgError::InvalidThreshold(_, _) | - DkgError::InvalidParticipant(_, _) | - DkgError::InvalidSigningSet | - DkgError::InvalidCommitments(_) => unreachable!("{e:?}"), - DkgError::InvalidParticipantQuantity(_, _) | - DkgError::DuplicatedParticipant(_) | - DkgError::MissingParticipant(_) => { - panic!("coordinator sent invalid DKG shares: {e:?}") - } - DkgError::InvalidShare { participant, blame } => { + PedPoPError::InvalidShare { participant, blame } => { Err(ProcessorMessage::InvalidShare { id, accuser: params.i(), @@ -439,6 +424,7 @@ impl KeyGen { blame: Some(blame.map(|blame| blame.serialize())).flatten(), })? } + _ => panic!("unknown error: {e:?}"), }, }) .complete(), @@ -468,7 +454,7 @@ impl KeyGen { Ok(keys) => keys, Err(msg) => return msg, }; - let these_network_keys = + let mut these_network_keys = match handle_machine(&mut rng, id, params, m, machines.1, &mut shares_ref) { Ok(keys) => keys, Err(msg) => return msg, @@ -487,7 +473,6 @@ impl KeyGen { } } - let mut these_network_keys = ThresholdKeys::new(these_network_keys); N::tweak_keys(&mut these_network_keys); substrate_keys.push(these_substrate_keys); @@ -556,7 +541,6 @@ impl KeyGen { blame.clone().and_then(|blame| EncryptionKeyProof::read(&mut blame.as_slice()).ok()); let substrate_blame = AdditionalBlameMachine::new( - &mut rand_core::OsRng, context(&id, SUBSTRATE_KEY_CONTEXT), params.n(), substrate_commitment_msgs, @@ -564,7 +548,6 @@ impl KeyGen { .unwrap() .blame(accuser, accused, substrate_share, substrate_blame); let network_blame = AdditionalBlameMachine::new( - &mut rand_core::OsRng, context(&id, NETWORK_KEY_CONTEXT), params.n(), network_commitment_msgs, diff --git a/processor/src/networks/bitcoin.rs b/processor/src/networks/bitcoin.rs index 5702f5ed..a423f9d2 100644 --- a/processor/src/networks/bitcoin.rs +++ b/processor/src/networks/bitcoin.rs @@ -648,7 +648,7 @@ impl Network for Bitcoin { const MAX_OUTPUTS: usize = MAX_OUTPUTS; fn tweak_keys(keys: &mut ThresholdKeys) { - *keys = tweak_keys(keys); + *keys = tweak_keys(keys.clone()); // Also create a scanner to assert these keys, and all expected paths, are usable scanner(keys.group_key()); } diff --git a/processor/src/networks/ethereum.rs b/processor/src/networks/ethereum.rs index f4788849..7aba2071 100644 --- a/processor/src/networks/ethereum.rs +++ b/processor/src/networks/ethereum.rs @@ -408,7 +408,7 @@ impl Network for Ethereum { fn tweak_keys(keys: &mut ThresholdKeys) { while PublicKey::new(keys.group_key()).is_none() { - *keys = keys.offset(::F::ONE); + *keys = keys.clone().offset(::F::ONE); } } diff --git a/processor/src/networks/monero.rs b/processor/src/networks/monero.rs index 6813a76f..09962721 100644 --- a/processor/src/networks/monero.rs +++ b/processor/src/networks/monero.rs @@ -666,7 +666,7 @@ impl Network for Monero { keys: ThresholdKeys, transaction: SignableTransaction, ) -> Result { - match transaction.0.clone().multisig(&keys) { + match transaction.0.clone().multisig(keys) { Ok(machine) => Ok(machine), Err(e) => panic!("failed to create a multisig machine for TX: {e}"), } diff --git a/processor/src/tests/batch_signer.rs b/processor/src/tests/batch_signer.rs index 8da67ef1..ab3863e9 100644 --- a/processor/src/tests/batch_signer.rs +++ b/processor/src/tests/batch_signer.rs @@ -6,7 +6,7 @@ use ciphersuite::group::GroupEncoding; use frost::{ curve::Ristretto, Participant, - dkg::tests::{key_gen, clone_without}, + tests::{key_gen, clone_without}, }; use sp_application_crypto::{RuntimePublic, sr25519::Public}; diff --git a/processor/src/tests/cosigner.rs b/processor/src/tests/cosigner.rs index a66161bf..57845cff 100644 --- a/processor/src/tests/cosigner.rs +++ b/processor/src/tests/cosigner.rs @@ -6,7 +6,7 @@ use ciphersuite::group::GroupEncoding; use frost::{ curve::Ristretto, Participant, - dkg::tests::{key_gen, clone_without}, + tests::{key_gen, clone_without}, }; use sp_application_crypto::{RuntimePublic, sr25519::Public}; diff --git a/processor/src/tests/signer.rs b/processor/src/tests/signer.rs index 26b26b35..41053c02 100644 --- a/processor/src/tests/signer.rs +++ b/processor/src/tests/signer.rs @@ -6,7 +6,7 @@ use rand_core::{RngCore, OsRng}; use ciphersuite::group::GroupEncoding; use frost::{ Participant, ThresholdKeys, - dkg::tests::{key_gen, clone_without}, + tests::{key_gen, clone_without}, }; use serai_db::{DbTxn, Db, MemDb}; diff --git a/processor/src/tests/wallet.rs b/processor/src/tests/wallet.rs index 74d7ccc0..b46e0548 100644 --- a/processor/src/tests/wallet.rs +++ b/processor/src/tests/wallet.rs @@ -4,7 +4,7 @@ use std::collections::HashMap; use rand_core::OsRng; use ciphersuite::group::GroupEncoding; -use frost::{Participant, dkg::tests::key_gen}; +use frost::{Participant, tests::key_gen}; use tokio::time::timeout; diff --git a/substrate/client/Cargo.toml b/substrate/client/Cargo.toml index 5685cc30..9fe5c1ce 100644 --- a/substrate/client/Cargo.toml +++ b/substrate/client/Cargo.toml @@ -48,6 +48,7 @@ hex = "0.4" blake2 = "0.10" ciphersuite = { path = "../../crypto/ciphersuite", features = ["ristretto"] } +dkg-musig = { path = "../../crypto/dkg/musig" } frost = { package = "modular-frost", path = "../../crypto/frost", features = ["tests"] } schnorrkel = { path = "../../crypto/schnorrkel", package = "frost-schnorrkel" } diff --git a/substrate/client/tests/common/genesis_liquidity.rs b/substrate/client/tests/common/genesis_liquidity.rs index 55824d36..a4b96b19 100644 --- a/substrate/client/tests/common/genesis_liquidity.rs +++ b/substrate/client/tests/common/genesis_liquidity.rs @@ -4,7 +4,7 @@ use rand_core::{RngCore, OsRng}; use zeroize::Zeroizing; use ciphersuite::{Ciphersuite, Ristretto}; -use frost::dkg::musig::musig; +use dkg_musig::musig; use schnorrkel::Schnorrkel; use sp_core::{sr25519::Signature, Pair as PairTrait}; @@ -99,7 +99,7 @@ async fn set_values(serai: &Serai, values: &Values) { assert_eq!(Ristretto::generator() * secret_key, public_key); let threshold_keys = - musig::(&musig_context(set), &Zeroizing::new(secret_key), &[public_key]).unwrap(); + musig::(musig_context(set), Zeroizing::new(secret_key), &[public_key]).unwrap(); let sig = frost::tests::sign_without_caching( &mut OsRng, diff --git a/substrate/client/tests/common/validator_sets.rs b/substrate/client/tests/common/validator_sets.rs index 20f7e951..1ce1e105 100644 --- a/substrate/client/tests/common/validator_sets.rs +++ b/substrate/client/tests/common/validator_sets.rs @@ -10,7 +10,7 @@ use sp_core::{ }; use ciphersuite::{Ciphersuite, Ristretto}; -use frost::dkg::musig::musig; +use dkg_musig::musig; use schnorrkel::Schnorrkel; use serai_client::{ @@ -46,8 +46,7 @@ pub async fn set_keys( assert_eq!(Ristretto::generator() * secret_key, pub_keys[i]); threshold_keys.push( - musig::(&musig_context(set.into()), &Zeroizing::new(secret_key), &pub_keys) - .unwrap(), + musig::(musig_context(set.into()), Zeroizing::new(secret_key), &pub_keys).unwrap(), ); } diff --git a/substrate/validator-sets/primitives/src/lib.rs b/substrate/validator-sets/primitives/src/lib.rs index 581491f0..9ff9f18b 100644 --- a/substrate/validator-sets/primitives/src/lib.rs +++ b/substrate/validator-sets/primitives/src/lib.rs @@ -112,7 +112,7 @@ pub fn musig_context(set: ValidatorSet) -> [u8; 32] { const DST: &[u8] = b"ValidatorSets-musig_key"; context[.. DST.len()].copy_from_slice(DST); let set = set.encode(); - context[DST.len() .. (DST.len() + set.len())].copy_from_slice(set.len()); + context[DST.len() .. (DST.len() + set.len())].copy_from_slice(&set); context } diff --git a/tests/processor/src/tests/mod.rs b/tests/processor/src/tests/mod.rs index 42cfef69..e2b6fcdc 100644 --- a/tests/processor/src/tests/mod.rs +++ b/tests/processor/src/tests/mod.rs @@ -1,3 +1,5 @@ +use std::collections::HashMap; + use ciphersuite::{Ciphersuite, Ristretto}; use dockertest::DockerTest;