From 89ddae29ef490cbd31818ee9b29dfbaa8859c5b0 Mon Sep 17 00:00:00 2001
From: Sam Kim <skim13@cs.stanford.edu>
Date: Wed, 20 Oct 2021 09:34:41 -0400
Subject: [PATCH] derive ElGamal keypair from Ed25519 keypair instead of just
 the signing key

---
 zk-token-sdk/src/encryption/elgamal.rs | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/zk-token-sdk/src/encryption/elgamal.rs b/zk-token-sdk/src/encryption/elgamal.rs
index 87c4b4a49..6b69b572a 100644
--- a/zk-token-sdk/src/encryption/elgamal.rs
+++ b/zk-token-sdk/src/encryption/elgamal.rs
@@ -11,7 +11,7 @@ use {
         ristretto::{CompressedRistretto, RistrettoPoint},
         scalar::Scalar,
     },
-    ed25519_dalek::SecretKey as SigningKey,
+    ed25519_dalek::Keypair as SigningKeyPair,
     serde::{Deserialize, Serialize},
     solana_sdk::pubkey::Pubkey,
     std::collections::HashMap,
@@ -136,8 +136,8 @@ impl ElGamalKeypair {
     /// address.
     #[cfg(not(target_arch = "bpf"))]
     #[allow(non_snake_case)]
-    pub fn new(signing_key: &SigningKey, address: &Pubkey) -> Self {
-        let secret = ElGamalSecretKey::new(signing_key, address);
+    pub fn new(signing_key_pair: &SigningKeyPair, address: &Pubkey) -> Self {
+        let secret = ElGamalSecretKey::new(signing_key_pair, address);
         let public = ElGamalPubkey::new(&secret);
 
         Self { public, secret }
@@ -292,10 +292,11 @@ impl fmt::Display for ElGamalPubkey {
 #[zeroize(drop)]
 pub struct ElGamalSecretKey(Scalar);
 impl ElGamalSecretKey {
-    pub fn new(signing_key: &SigningKey, address: &Pubkey) -> Self {
-        let mut hashable = [0_u8; 64];
-        hashable[..32].copy_from_slice(&signing_key.to_bytes());
-        hashable[32..].copy_from_slice(&address.to_bytes());
+    pub fn new(signing_key_pair: &SigningKeyPair, address: &Pubkey) -> Self {
+        let mut hashable = [0_u8; 96];
+        hashable[..32].copy_from_slice(&signing_key_pair.secret.to_bytes());
+        hashable[32..64].copy_from_slice(&signing_key_pair.public.to_bytes());
+        hashable[64..].copy_from_slice(&address.to_bytes());
         ElGamalSecretKey(Scalar::hash_from_bytes::<Sha3_512>(&hashable))
     }