84d0fb60e2
Link to FROST security audit from module doc ( #73 )
2021-03-31 17:45:34 -04:00
2f3f5068aa
Prepare 0.3.0 release ( #72 )
2021-03-31 17:03:08 -04:00
8a1cdba91f
Add FROST audit pdf to root of repo
2021-03-29 13:19:22 -04:00
76ba4ef1cb
add additional documentation for aggregator threat model
2021-03-23 11:47:22 -04:00
6481d0af91
Add comments to the checks
2021-03-23 11:46:41 -04:00
3e28bf6c07
Avoid null nonces
2021-03-23 11:46:41 -04:00
5feb6b29c7
Fix some FROST nits ( #63 )
...
* Impl DefaultIsZeros for every type that uses jubjub::Fr/Scalar
This requires Copy and Clone along with Default. If we do not want to include those, we can impl Zeroize and Drop directly.
* Hash signature message with HStar before deriving the binding factor
To avoid a collision, we should hash our input message, our 'standard' hash is HStar, which uses a domain separator already, and is the same one that generates the binding factor.
* Add a comment about why we hash the signature message before generating the binding factor
* Add comments on how we Zeroize
* Consume nonces with sign()
We want to make sure that the nonces we use when signing are Drop'd
(and thus Zeroize'd) when they go out of scope, so we must move participant_nonces into sign()
2021-03-23 11:46:17 -04:00
e40313263c
Update proptest requirement from 0.10 to 1.0
...
Updates the requirements on [proptest](https://github.com/altsysrq/proptest ) to permit the latest version.
- [Release notes](https://github.com/altsysrq/proptest/releases )
- [Changelog](https://github.com/AltSysrq/proptest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/altsysrq/proptest/compare/0.10.0...1.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-03 17:54:04 -05:00
baa3f4bb30
Fix binding_batch_verify test to actually test Binding signatures
2021-03-03 17:51:59 -05:00
2ebc08f910
Frost keygen with dealer ( #47 )
...
Implements FROST (Flexible Round Optimized Schnorr Threshold Signatures, https://eprint.iacr.org/2020/852 ) where key generation is performed by a trusted dealer.
Future work will include implementing distributed key generation and re-randomizability.
Co-authored-by: Chelsea Komlo <me@chelseakomlo.com>
Co-authored-by: Isis Lovecruft <isis@patternsinthevoid.net>
2021-02-25 09:06:54 -07:00
1e8fd460fe
Add CodeCov config file ( #51 )
...
* Add CodeCov config file
* Consistent indentation
2021-01-19 20:16:54 -05:00
46939967d4
Add source-based coverage workflow
2021-01-19 19:58:10 -05:00
fa6fe658bb
Merge branch 'release/0.2.2' into main
2020-07-15 12:44:24 -07:00
233294d701
Bump version to 0.2.2
2020-07-15 12:42:14 -07:00
7424cababb
Add batch::Item::verify_single and Item: Clone + Debug. ( #39 )
...
This closes a gap in the API where it was impossible to retry items in a failed
batch, because the opaque Item type could not be verified individually.
2020-07-15 12:38:43 -07:00
3c4e72d241
crypto is not a category
2020-07-09 11:54:58 -07:00
cc50b23713
Bump version to 0.2.1
2020-07-09 11:52:30 -07:00
00007d0332
Update Cargo.toml metadata
2020-07-09 11:50:53 -07:00
eb5714779c
release: update CHANGELOG and version.
2020-07-09 10:30:01 -07:00
b521ffb17f
Fix benches
2020-07-05 00:22:08 -04:00
ba256655dd
Optimized batch verification ( #36 )
...
* Pulls in some traits and methods from curve25519-dalek around the
vartime multiscalar multiplication.
* Move scalar mul things we want to upstream to jubjub to their own crate
* Make Verify agnostic to the SigType
Co-authored-by: Henry de Valence <hdevalence@hdevalence.ca>
Co-authored-by: Jane Lusby <jlusby42@gmail.com>
2020-07-03 18:23:28 -04:00
f27b9c3c77
Change terminology to signing, verification keys ( #35 )
...
Matches ed25519-zebra.
Resolves #33
2020-06-25 11:56:29 -07:00
c933a8eb85
Create Dependabot config file
2020-06-09 16:27:11 -04:00
1179d50fa8
Update proptest requirement from 0.9 to 0.10
...
Updates the requirements on [proptest](https://github.com/altsysrq/proptest ) to permit the latest version.
- [Release notes](https://github.com/altsysrq/proptest/releases )
- [Changelog](https://github.com/AltSysrq/proptest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/altsysrq/proptest/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-09 16:25:28 -04:00
18dfb01c7e
Merge pull request #22 from ZcashFoundation/fix-ci
...
Use plain actions-rs for CI
2020-01-17 14:00:51 -08:00
3d7dddc03f
use plain actions-rs for CI
2020-01-17 13:58:17 -08:00
91b5e8a258
Merge branch 'release/0.1.1' into main
2020-01-17 10:29:23 -08:00
aa023b428e
Bump version and update changelog.
2020-01-17 10:28:12 -08:00
416ec245cf
Merge branch 'release/0.1' into main
...
This should have happened at release time.
2020-01-17 10:26:39 -08:00
a786d272f0
Merge pull request #19 from ZcashFoundation/smallorder-pubkey
...
Document Zcash consensus rules in PublicKeyBytes to PublicKey conversion.
2020-01-17 10:16:35 -08:00
5d3dfc0ff2
Add test that public keys of small order are rejected.
2020-01-17 10:13:51 -08:00
b7dfb77cf1
Document Zcash consensus rules and fix mismatch.
...
The documentation for the `PublicKey` struct now explains which consensus rules
are checked by the conversion from `PublicKeyBytes`.
2020-01-17 10:13:51 -08:00
cf715f5221
Add Dockerfile for gcloud build
2019-12-09 18:32:56 -05:00
b3b6894fde
Add GitHub Actions workflow which runs Google Cloudbuild jobs
2019-12-09 18:32:56 -05:00
68deca90bf
crates.io only allows 5 keywords
2019-12-09 13:58:42 -08:00
16659efaad
Add CHANGELOG.md for 0.1.0
2019-12-09 13:56:22 -08:00
5be929559b
Merge pull request #17 from ZcashFoundation/rename
...
Rename to just `redjubjub`.
2019-12-09 13:54:55 -08:00
c20139bbf7
Rename to just `redjubjub`.
2019-12-09 13:54:10 -08:00
570cca07b5
Update Cargo.toml metadata
2019-12-09 13:20:56 -08:00
d8ad15059d
Try to prevent ChangePubkey tweaks from becoming a no-op.
...
Since we expect the signature to fail if ChangePubkey is applied, we need to
make sure it actually changes the signature test case.
2019-12-09 12:15:11 -08:00
a15b4721be
Merge pull request #16 from ZcashFoundation/canonical-secrets
...
Ensure SecretKey encoding is canonical.
2019-12-09 12:09:58 -08:00
92cb99f966
Ensure SecretKey encoding is canonical.
2019-12-09 12:08:13 -08:00
80239164f2
Merge pull request #15 from ZcashFoundation/serde
2019-12-09 11:59:16 -08:00
87f09b87b5
Add Serialize, Deserialize for SecretKey.
2019-12-09 11:55:56 -08:00
2ca445ad23
Add Serialize, Deserialize to PublicKey.
2019-12-09 11:55:53 -08:00
e58376fc47
Add Serialize, Deserialize for byte wrapper types.
2019-12-09 11:55:53 -08:00
798a3e4631
Fix trait bounds on SigType.
...
When Rust derives Copy, Clone, Eq, PartialEq, etc. on a type with
`PhantomData<T>`, it adds a `T: Clone` etc. bound, regardless of whether `T` is
only ever used inside of the `PhantomData`. A better fix would be to fix the
derived bounds themselves, but in the meantime this works, even if it's
slightly ugly.
2019-12-09 11:55:53 -08:00
76eb4c5928
Update README, fill missing impls.
2019-12-04 17:36:01 -08:00
27a1d73891
Merge pull request #13 from ZcashFoundation/randomize
...
Implement randomization.
2019-12-04 17:02:06 -08:00
ead4727ded
Implement randomization.
2019-12-04 17:00:55 -08:00
Deirdre Connolly
Chelsea H. Komlo
Marek
dependabot[bot]
Jack Grigg
Henry de Valence
dependabot-preview[bot]