Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

helper for unsafe code #722

Merged
merged 11 commits into from
Feb 15, 2023
Merged

helper for unsafe code #722

merged 11 commits into from
Feb 15, 2023

Conversation

curiecrypt
Copy link
Collaborator

@curiecrypt curiecrypt commented Feb 1, 2023
edited
Loading

Content

This PR includes the helper functions that store all usage of unsafe code in multi_sig.rs.

Pre-submit checklist

  • Branch
    • Commit sequence broadly makes sense
    • Key commits have useful messages
  • PR
    • No clippy warnings in the CI
    • Self-reviewed the diff
    • Useful pull request description
    • Reviewer requested

Issue(s)

Closes #690

@curiecrypt curiecrypt requested a review from iquerejeta February 1, 2023 13:20
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 1, 2023
View reviewed changes
Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clippy found more than 10 potential problems in the proposed changes. Check the Files changed tab for more details.

@github-actions
Copy link

github-actions bot commented Feb 1, 2023
edited
Loading

Test Results

    3 files  ±  0    28 suites  ±0   5m 9s ⏱️ +15s
437 tests +10  437 ✔️ +10  0 💤 ±0  0 ±0 
505 runs  +10  505 ✔️ +10  0 💤 ±0  0 ±0 

Results for commit c83d6bd. ± Comparison against base commit f013bb7.

♻️ This comment has been updated with latest results.

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 1, 2023
View reviewed changes
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
@curiecrypt curiecrypt temporarily deployed to testing-preview February 1, 2023 13:44 — with GitHub Actions Inactive
@curiecrypt curiecrypt marked this pull request as draft February 1, 2023 15:14
@curiecrypt curiecrypt temporarily deployed to testing-preview February 2, 2023 12:06 — with GitHub Actions Inactive
@curiecrypt curiecrypt temporarily deployed to testing-preview February 7, 2023 11:15 — with GitHub Actions Inactive
@curiecrypt curiecrypt force-pushed the bls-transmute-helper branch from 7ec5fd0 to 1c914fd Compare February 7, 2023 12:20
@curiecrypt curiecrypt temporarily deployed to testing-preview February 7, 2023 12:36 — with GitHub Actions Inactive
@curiecrypt curiecrypt changed the title helper for transmute added helper for unsafe code Feb 7, 2023
@curiecrypt curiecrypt temporarily deployed to testing-preview February 7, 2023 15:04 — with GitHub Actions Inactive
@curiecrypt curiecrypt marked this pull request as ready for review February 7, 2023 15:04
iquerejeta
iquerejeta requested changes Feb 8, 2023
View reviewed changes
Copy link
Contributor

@iquerejeta iquerejeta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A first round of comments. Tomorrow I'll look into the unsafe_helpers module.

mithril-stm/src/multi_sig.rs Outdated
Comment on lines 203 to 206
// use blst::{
// blst_fp12, blst_fp12_finalverify, blst_p1_affine_generator, blst_p2_affine_generator,
// BLST_ERROR,
// };
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

leftover?

mithril-stm/src/multi_sig.rs Outdated Show resolved Hide resolved
mithril-stm/src/multi_sig.rs Outdated Show resolved Hide resolved
mithril-stm/src/multi_sig.rs Outdated
Comment on lines 16 to 20
use blst::{
blst_p1, blst_p1_affine, blst_p1_compress, blst_p1_from_affine, blst_p1_to_affine,
blst_p1_uncompress, blst_p2, blst_p2_affine, blst_p2_from_affine, blst_p2_to_affine,
blst_scalar, p1_affines, p2_affines,
blst_scalar, p1_affines, p2_affines, BLST_ERROR,
};
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't any of these imports be moved to the unsafe_helpers module?

iquerejeta
iquerejeta requested changes Feb 9, 2023
View reviewed changes
mithril-stm/src/multi_sig.rs Outdated
bytes
}

pub(crate) fn uncompress_p1(bytes: &[u8]) -> blst_p1 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could do a length check for the input. if it's not 48 bytes, return error. I also thought of using an array, [u8; 48], but that might complicate the function call, and it's not necessary.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Meaning the output of the function should be aResult<blst_p1, ()> rather than a point (where () should be some error type that we have in the lib).

mithril-stm/src/multi_sig.rs Outdated
unsafe {
let mut point = blst_p1_affine::default();
let mut out = blst_p1::default();
blst_p1_uncompress(&mut point, bytes.as_ptr());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function returns a BLST_ERROR. It should not be ignored.

mithril-stm/src/multi_sig.rs Outdated Show resolved Hide resolved
mithril-stm/src/multi_sig.rs Outdated Show resolved Hide resolved
mithril-stm/src/multi_sig.rs Show resolved Hide resolved
mithril-stm/src/multi_sig.rs Outdated
}
}

pub(crate) fn p2_affine_to_vk(grouped_vks: &p2_affines, scalars: &[u8]) -> BlstVk {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function signature is very confusing. It's name p2_affine_to_vk but you give as input &p2_affines and &[u8], and you output a BlstVk. This function should already take as input the result of &grouped_vks.mult(scalars, 128), or have a different name (if possible, I'd suggest the former).

mithril-stm/src/multi_sig.rs Outdated
}
}

pub(crate) fn p1_affine_to_sig(grouped_sigs: &p1_affines, scalars: &[u8]) -> BlstSig {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same comment as for p2_affine_to_vk function

@curiecrypt @iquerejeta
Apply suggestions from code review
77801f0 
Co-authored-by: Iñigo Querejeta Azurmendi <31273774+iquerejeta@users.noreply.github.com>
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 14, 2023
View reviewed changes
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
mithril-stm/src/multi_sig.rs Fixed Show fixed Hide fixed
@curiecrypt curiecrypt temporarily deployed to testing-preview February 14, 2023 16:06 — with GitHub Actions Inactive
iquerejeta
iquerejeta approved these changes Feb 14, 2023
View reviewed changes
Copy link
Contributor

@iquerejeta iquerejeta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 👍 just minor comment to revert one comment I said in the previous round, didn't realise it would require us to copy secret data.

mithril-stm/src/multi_sig.rs Outdated
Comment on lines 17 to 19
// blst_p1_affine, blst_p1_compress, blst_p1_from_affine, blst_p1_to_affine,
// blst_p1_uncompress, blst_p2, blst_p2_affine, blst_p2_from_affine, blst_p2_to_affine,
// blst_scalar, p1_affines, p2_affines, BLST_ERROR,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

leftover

mithril-stm/src/multi_sig.rs
blst_scalar, blst_sk_to_pk_in_g1,
};

pub(crate) fn verify_pairing(vk: &VerificationKey, pop: &ProofOfPossession) -> bool {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would include a little description of what this function does, as one could get confused. I would describe the relation that it is checking, i.e. e(g1, mvk) = e(k2, g2).

mithril-stm/src/multi_sig.rs Outdated

pub(crate) fn scalar_to_pk_in_g1(sk: &SigningKey) -> blst_p1 {
unsafe {
let sk_scalar = std::mem::transmute::<BlstSk, blst_scalar>(sk.0.clone());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't like the fact that we have to clone the secret key here. I know I said about consistency in my previous comment, but it is true that this means that the value of the secret key needs to be cloned. I did not think about that. I'd rather revert to the previous state, where we transmute the pointers so that we don't have to clone secret data.

@curiecrypt curiecrypt temporarily deployed to testing-preview February 15, 2023 15:44 — with GitHub Actions Inactive
@curiecrypt curiecrypt merged commit 4035e64 into main Feb 15, 2023
@curiecrypt curiecrypt deleted the bls-transmute-helper branch February 15, 2023 15:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iquerejeta iquerejeta iquerejeta approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make helper functions for unsafe interaction with BLS library
2 participants
@curiecrypt @iquerejeta