diff --git a/circuit/account/src/compute_key/equal.rs b/circuit/account/src/compute_key/equal.rs index 18be73b2b5..2941b2332d 100644 --- a/circuit/account/src/compute_key/equal.rs +++ b/circuit/account/src/compute_key/equal.rs @@ -25,11 +25,7 @@ impl Equal for ComputeKey { // Determine if this operation is constant or variable. match self.is_constant() && other.is_constant() { true => Boolean::constant(self.eject_value() == other.eject_value()), - false => { - self.pk_sig.is_equal(other.pk_sig()) - & self.pr_sig.is_equal(other.pr_sig()) - & self.sk_prf.is_equal(other.sk_prf()) - } + false => self.pk_sig.is_equal(other.pk_sig()) & self.pr_sig.is_equal(other.pr_sig()), } } @@ -50,7 +46,7 @@ impl Metrics, Output = Boolean>> for Compute fn count(case: &Self::Case) -> Count { match case.0.is_constant() && case.1.is_constant() { true => Count::is(0, 0, 0, 0), - false => Count::is(0, 0, 14, 19), + false => Count::is(0, 0, 11, 19), } } } @@ -148,14 +144,14 @@ mod tests { let mut rng = TestRng::default(); check_is_equal(Mode::Constant, Mode::Constant, 0, 0, 0, 0, &mut rng); - check_is_equal(Mode::Constant, Mode::Public, 0, 0, 14, 14, &mut rng); - check_is_equal(Mode::Constant, Mode::Private, 0, 0, 14, 14, &mut rng); - check_is_equal(Mode::Public, Mode::Constant, 0, 0, 14, 14, &mut rng); - check_is_equal(Mode::Private, Mode::Constant, 0, 0, 14, 14, &mut rng); - check_is_equal(Mode::Public, Mode::Public, 0, 0, 14, 14, &mut rng); - check_is_equal(Mode::Public, Mode::Private, 0, 0, 14, 14, &mut rng); - check_is_equal(Mode::Private, Mode::Public, 0, 0, 14, 14, &mut rng); - check_is_equal(Mode::Private, Mode::Private, 0, 0, 14, 14, &mut rng); + check_is_equal(Mode::Constant, Mode::Public, 0, 0, 11, 11, &mut rng); + check_is_equal(Mode::Constant, Mode::Private, 0, 0, 11, 11, &mut rng); + check_is_equal(Mode::Public, Mode::Constant, 0, 0, 11, 11, &mut rng); + check_is_equal(Mode::Private, Mode::Constant, 0, 0, 11, 11, &mut rng); + check_is_equal(Mode::Public, Mode::Public, 0, 0, 11, 11, &mut rng); + check_is_equal(Mode::Public, Mode::Private, 0, 0, 11, 11, &mut rng); + check_is_equal(Mode::Private, Mode::Public, 0, 0, 11, 11, &mut rng); + check_is_equal(Mode::Private, Mode::Private, 0, 0, 11, 11, &mut rng); } #[test] @@ -163,13 +159,13 @@ mod tests { let mut rng = TestRng::default(); check_is_not_equal(Mode::Constant, Mode::Constant, 0, 0, 0, 0, &mut rng); - check_is_not_equal(Mode::Constant, Mode::Public, 0, 0, 14, 14, &mut rng); - check_is_not_equal(Mode::Constant, Mode::Private, 0, 0, 14, 14, &mut rng); - check_is_not_equal(Mode::Public, Mode::Constant, 0, 0, 14, 14, &mut rng); - check_is_not_equal(Mode::Private, Mode::Constant, 0, 0, 14, 14, &mut rng); - check_is_not_equal(Mode::Public, Mode::Public, 0, 0, 14, 14, &mut rng); - check_is_not_equal(Mode::Public, Mode::Private, 0, 0, 14, 14, &mut rng); - check_is_not_equal(Mode::Private, Mode::Public, 0, 0, 14, 14, &mut rng); - check_is_not_equal(Mode::Private, Mode::Private, 0, 0, 14, 14, &mut rng); + check_is_not_equal(Mode::Constant, Mode::Public, 0, 0, 11, 11, &mut rng); + check_is_not_equal(Mode::Constant, Mode::Private, 0, 0, 11, 11, &mut rng); + check_is_not_equal(Mode::Public, Mode::Constant, 0, 0, 11, 11, &mut rng); + check_is_not_equal(Mode::Private, Mode::Constant, 0, 0, 11, 11, &mut rng); + check_is_not_equal(Mode::Public, Mode::Public, 0, 0, 11, 11, &mut rng); + check_is_not_equal(Mode::Public, Mode::Private, 0, 0, 11, 11, &mut rng); + check_is_not_equal(Mode::Private, Mode::Public, 0, 0, 11, 11, &mut rng); + check_is_not_equal(Mode::Private, Mode::Private, 0, 0, 11, 11, &mut rng); } } diff --git a/circuit/account/src/compute_key/from.rs b/circuit/account/src/compute_key/from.rs index 2cc69ea16e..afaa04dc33 100644 --- a/circuit/account/src/compute_key/from.rs +++ b/circuit/account/src/compute_key/from.rs @@ -17,10 +17,8 @@ use super::*; impl From<(Group, Group)> for ComputeKey { /// Derives the account compute key from a tuple `(pk_sig, pr_sig)`. fn from((pk_sig, pr_sig): (Group, Group)) -> Self { - // Compute sk_prf := HashToScalar(pk_sig || pr_sig). - let sk_prf = A::hash_to_scalar_psd4(&[pk_sig.to_x_coordinate(), pr_sig.to_x_coordinate()]); // Output the compute key. - Self { pk_sig, pr_sig, sk_prf } + Self { pk_sig, pr_sig } } } @@ -63,16 +61,16 @@ mod tests { #[test] fn test_from_constant() -> Result<()> { - check_from(Mode::Constant, 254, 0, 0, 0) + check_from(Mode::Constant, 0, 0, 0, 0) } #[test] fn test_from_public() -> Result<()> { - check_from(Mode::Public, 1, 0, 845, 847) + check_from(Mode::Public, 0, 0, 0, 0) } #[test] fn test_from_private() -> Result<()> { - check_from(Mode::Private, 1, 0, 845, 847) + check_from(Mode::Private, 0, 0, 0, 0) } } diff --git a/circuit/account/src/compute_key/from_private_key.rs b/circuit/account/src/compute_key/from_private_key.rs index 26f88c4f0b..d990797d1f 100644 --- a/circuit/account/src/compute_key/from_private_key.rs +++ b/circuit/account/src/compute_key/from_private_key.rs @@ -24,11 +24,9 @@ impl ComputeKey { let pk_sig = A::g_scalar_multiply(sk_sig); // Compute `pr_sig` := G^r_sig. let pr_sig = A::g_scalar_multiply(r_sig); - // Compute `sk_prf` := RO(G^sk_sig || G^r_sig). - let sk_prf = A::hash_to_scalar_psd4(&[pk_sig.to_x_coordinate(), pr_sig.to_x_coordinate()]); // Return the compute key. - Self { pk_sig, pr_sig, sk_prf } + Self { pk_sig, pr_sig } } } @@ -75,11 +73,11 @@ mod tests { #[test] fn test_from_private_key_public() -> Result<()> { - check_from_private_key(Mode::Public, 1001, 0, 4347, 4353) + check_from_private_key(Mode::Public, 1001, 0, 3502, 3506) } #[test] fn test_from_private_key_private() -> Result<()> { - check_from_private_key(Mode::Private, 1001, 0, 4347, 4353) + check_from_private_key(Mode::Private, 1001, 0, 3502, 3506) } } diff --git a/circuit/account/src/compute_key/helpers/from_bits.rs b/circuit/account/src/compute_key/helpers/from_bits.rs index ada16ba6e7..673c4ee7cf 100644 --- a/circuit/account/src/compute_key/helpers/from_bits.rs +++ b/circuit/account/src/compute_key/helpers/from_bits.rs @@ -100,31 +100,31 @@ mod tests { #[test] fn test_from_bits_le_constant() { - check_from_bits_le(Mode::Constant, 272, 0, 0, 0); + check_from_bits_le(Mode::Constant, 18, 0, 0, 0); } #[test] fn test_from_bits_le_public() { - check_from_bits_le(Mode::Public, 9, 0, 1375, 1379); + check_from_bits_le(Mode::Public, 8, 0, 530, 532); } #[test] fn test_from_bits_le_private() { - check_from_bits_le(Mode::Private, 9, 0, 1375, 1379); + check_from_bits_le(Mode::Private, 8, 0, 530, 532); } #[test] fn test_from_bits_be_constant() { - check_from_bits_be(Mode::Constant, 272, 0, 0, 0); + check_from_bits_be(Mode::Constant, 18, 0, 0, 0); } #[test] fn test_from_bits_be_public() { - check_from_bits_be(Mode::Public, 9, 0, 1375, 1379); + check_from_bits_be(Mode::Public, 8, 0, 530, 532); } #[test] fn test_from_bits_be_private() { - check_from_bits_be(Mode::Private, 9, 0, 1375, 1379); + check_from_bits_be(Mode::Private, 8, 0, 530, 532); } } diff --git a/circuit/account/src/compute_key/mod.rs b/circuit/account/src/compute_key/mod.rs index 478e7b1ce6..c605a2ccf2 100644 --- a/circuit/account/src/compute_key/mod.rs +++ b/circuit/account/src/compute_key/mod.rs @@ -32,8 +32,6 @@ pub struct ComputeKey { pk_sig: Group, /// The signature public randomizer `pr_sig` := G^r_sig. pr_sig: Group, - /// The PRF secret key `sk_prf` := RO(G^sk_sig || G^r_sig). - sk_prf: Scalar, } #[cfg(console)] @@ -63,8 +61,9 @@ impl ComputeKey { } /// Returns the PRF secret key. - pub const fn sk_prf(&self) -> &Scalar { - &self.sk_prf + pub fn sk_prf(&self) -> Scalar { + // Compute sk_prf := HashToScalar(pk_sig || pr_sig). + A::hash_to_scalar_psd4(&[self.pk_sig.to_x_coordinate(), self.pr_sig.to_x_coordinate()]) } } @@ -74,7 +73,7 @@ impl Eject for ComputeKey { /// Ejects the mode of the compute key. fn eject_mode(&self) -> Mode { - (&self.pk_sig, &self.pr_sig, &self.sk_prf).eject_mode() + (&self.pk_sig, &self.pr_sig).eject_mode() } /// Ejects the compute key. @@ -108,10 +107,7 @@ pub(crate) mod tests { Circuit::scope(format!("New {mode}"), || { let candidate = ComputeKey::::new(mode, compute_key); - match mode.is_constant() { - true => assert_eq!(Mode::Constant, candidate.eject_mode()), - false => assert_eq!(Mode::Private, candidate.eject_mode()), - }; + assert_eq!(mode, candidate.eject_mode()); assert_eq!(compute_key, candidate.eject_value()); // TODO (howardwu): Resolve skipping the cost count checks for the burn-in round. if i > 0 { @@ -125,16 +121,16 @@ pub(crate) mod tests { #[test] fn test_compute_key_new_constant() -> Result<()> { - check_new(Mode::Constant, 274, 0, 0, 0) + check_new(Mode::Constant, 20, 0, 0, 0) } #[test] fn test_compute_key_new_public() -> Result<()> { - check_new(Mode::Public, 9, 4, 869, 873) + check_new(Mode::Public, 8, 4, 24, 26) } #[test] fn test_compute_key_new_private() -> Result<()> { - check_new(Mode::Private, 9, 0, 873, 873) + check_new(Mode::Private, 8, 0, 28, 26) } } diff --git a/circuit/account/src/compute_key/ternary.rs b/circuit/account/src/compute_key/ternary.rs index 93867ee829..74f98f4caa 100644 --- a/circuit/account/src/compute_key/ternary.rs +++ b/circuit/account/src/compute_key/ternary.rs @@ -23,7 +23,6 @@ impl Ternary for ComputeKey { Self { pk_sig: Group::ternary(condition, &first.pk_sig, &second.pk_sig), pr_sig: Group::ternary(condition, &first.pr_sig, &second.pr_sig), - sk_prf: Scalar::ternary(condition, &first.sk_prf, &second.sk_prf), } } } @@ -36,7 +35,7 @@ impl Metrics, Output = ComputeKey>> (Mode::Constant, _, _) | (Mode::Public, Mode::Constant, Mode::Constant) | (Mode::Private, Mode::Constant, Mode::Constant) => Count::is(0, 0, 0, 0), - _ => Count::is(0, 0, 5, 5), + _ => Count::is(0, 0, 4, 4), } } } diff --git a/circuit/account/src/compute_key/to_address.rs b/circuit/account/src/compute_key/to_address.rs index c7a0dfd7d1..02a45cc8a5 100644 --- a/circuit/account/src/compute_key/to_address.rs +++ b/circuit/account/src/compute_key/to_address.rs @@ -18,7 +18,7 @@ impl ComputeKey { /// Returns the account address for this account compute key. pub fn to_address(&self) -> Address { // Compute pk_prf := G^sk_prf. - let pk_prf = A::g_scalar_multiply(&self.sk_prf); + let pk_prf = A::g_scalar_multiply(&self.sk_prf()); // Compute the address := pk_sig + pr_sig + pk_prf. Address::from_group(&self.pk_sig + &self.pr_sig + pk_prf) } @@ -62,16 +62,16 @@ mod tests { #[test] fn test_to_address_constant() -> Result<()> { - check_to_address(Mode::Constant, 1008, 0, 0, 0) + check_to_address(Mode::Constant, 1262, 0, 0, 0) } #[test] fn test_to_address_public() -> Result<()> { - check_to_address(Mode::Public, 504, 0, 1260, 1260) + check_to_address(Mode::Public, 505, 0, 2105, 2107) } #[test] fn test_to_address_private() -> Result<()> { - check_to_address(Mode::Private, 504, 0, 1260, 1260) + check_to_address(Mode::Private, 505, 0, 2105, 2107) } } diff --git a/circuit/account/src/private_key/to_compute_key.rs b/circuit/account/src/private_key/to_compute_key.rs index 2d1f2efd81..8408f2d037 100644 --- a/circuit/account/src/private_key/to_compute_key.rs +++ b/circuit/account/src/private_key/to_compute_key.rs @@ -64,11 +64,11 @@ mod tests { #[test] fn test_to_compute_key_public() -> Result<()> { - check_to_compute_key(Mode::Public, 1001, 0, 4347, 4353) + check_to_compute_key(Mode::Public, 1000, 0, 3502, 3506) } #[test] fn test_to_compute_key_private() -> Result<()> { - check_to_compute_key(Mode::Private, 1001, 0, 4347, 4353) + check_to_compute_key(Mode::Private, 1000, 0, 3502, 3506) } } diff --git a/circuit/account/src/signature/equal.rs b/circuit/account/src/signature/equal.rs index f85dab3dda..62390fb662 100644 --- a/circuit/account/src/signature/equal.rs +++ b/circuit/account/src/signature/equal.rs @@ -50,7 +50,7 @@ impl Metrics, Output = Boolean>> for Signatur fn count(case: &Self::Case) -> Count { match case.0.is_constant() && case.1.is_constant() { true => Count::is(0, 0, 0, 0), - false => Count::is(0, 0, 20, 20), + false => Count::is(0, 0, 17, 17), } } } @@ -136,14 +136,14 @@ mod tests { let mut rng = TestRng::default(); check_is_equal(Mode::Constant, Mode::Constant, 0, 0, 0, 0, &mut rng); - check_is_equal(Mode::Constant, Mode::Public, 0, 0, 20, 20, &mut rng); - check_is_equal(Mode::Constant, Mode::Private, 0, 0, 20, 20, &mut rng); - check_is_equal(Mode::Public, Mode::Constant, 0, 0, 20, 20, &mut rng); - check_is_equal(Mode::Private, Mode::Constant, 0, 0, 20, 20, &mut rng); - check_is_equal(Mode::Public, Mode::Public, 0, 0, 20, 20, &mut rng); - check_is_equal(Mode::Public, Mode::Private, 0, 0, 20, 20, &mut rng); - check_is_equal(Mode::Private, Mode::Public, 0, 0, 20, 20, &mut rng); - check_is_equal(Mode::Private, Mode::Private, 0, 0, 20, 20, &mut rng); + check_is_equal(Mode::Constant, Mode::Public, 0, 0, 17, 17, &mut rng); + check_is_equal(Mode::Constant, Mode::Private, 0, 0, 17, 17, &mut rng); + check_is_equal(Mode::Public, Mode::Constant, 0, 0, 17, 17, &mut rng); + check_is_equal(Mode::Private, Mode::Constant, 0, 0, 17, 17, &mut rng); + check_is_equal(Mode::Public, Mode::Public, 0, 0, 17, 17, &mut rng); + check_is_equal(Mode::Public, Mode::Private, 0, 0, 17, 17, &mut rng); + check_is_equal(Mode::Private, Mode::Public, 0, 0, 17, 17, &mut rng); + check_is_equal(Mode::Private, Mode::Private, 0, 0, 17, 17, &mut rng); } #[test] @@ -151,13 +151,13 @@ mod tests { let mut rng = TestRng::default(); check_is_not_equal(Mode::Constant, Mode::Constant, 0, 0, 0, 0, &mut rng); - check_is_not_equal(Mode::Constant, Mode::Public, 0, 0, 20, 20, &mut rng); - check_is_not_equal(Mode::Constant, Mode::Private, 0, 0, 20, 20, &mut rng); - check_is_not_equal(Mode::Public, Mode::Constant, 0, 0, 20, 20, &mut rng); - check_is_not_equal(Mode::Private, Mode::Constant, 0, 0, 20, 20, &mut rng); - check_is_not_equal(Mode::Public, Mode::Public, 0, 0, 20, 20, &mut rng); - check_is_not_equal(Mode::Public, Mode::Private, 0, 0, 20, 20, &mut rng); - check_is_not_equal(Mode::Private, Mode::Public, 0, 0, 20, 20, &mut rng); - check_is_not_equal(Mode::Private, Mode::Private, 0, 0, 20, 20, &mut rng); + check_is_not_equal(Mode::Constant, Mode::Public, 0, 0, 17, 17, &mut rng); + check_is_not_equal(Mode::Constant, Mode::Private, 0, 0, 17, 17, &mut rng); + check_is_not_equal(Mode::Public, Mode::Constant, 0, 0, 17, 17, &mut rng); + check_is_not_equal(Mode::Private, Mode::Constant, 0, 0, 17, 17, &mut rng); + check_is_not_equal(Mode::Public, Mode::Public, 0, 0, 17, 17, &mut rng); + check_is_not_equal(Mode::Public, Mode::Private, 0, 0, 17, 17, &mut rng); + check_is_not_equal(Mode::Private, Mode::Public, 0, 0, 17, 17, &mut rng); + check_is_not_equal(Mode::Private, Mode::Private, 0, 0, 17, 17, &mut rng); } } diff --git a/circuit/account/src/signature/helpers/from_bits.rs b/circuit/account/src/signature/helpers/from_bits.rs index 04e028231f..92319339ad 100644 --- a/circuit/account/src/signature/helpers/from_bits.rs +++ b/circuit/account/src/signature/helpers/from_bits.rs @@ -118,31 +118,31 @@ mod tests { #[test] fn test_from_bits_le_constant() { - check_from_bits_le(Mode::Constant, 272, 0, 0, 0); + check_from_bits_le(Mode::Constant, 18, 0, 0, 0); } #[test] fn test_from_bits_le_public() { - check_from_bits_le(Mode::Public, 9, 0, 1875, 1881); + check_from_bits_le(Mode::Public, 8, 0, 1030, 1034); } #[test] fn test_from_bits_le_private() { - check_from_bits_le(Mode::Private, 9, 0, 1875, 1881); + check_from_bits_le(Mode::Private, 8, 0, 1030, 1034); } #[test] fn test_from_bits_be_constant() { - check_from_bits_be(Mode::Constant, 272, 0, 0, 0); + check_from_bits_be(Mode::Constant, 18, 0, 0, 0); } #[test] fn test_from_bits_be_public() { - check_from_bits_be(Mode::Public, 9, 0, 1875, 1881); + check_from_bits_be(Mode::Public, 8, 0, 1030, 1034); } #[test] fn test_from_bits_be_private() { - check_from_bits_be(Mode::Private, 9, 0, 1875, 1881); + check_from_bits_be(Mode::Private, 8, 0, 1030, 1034); } } diff --git a/circuit/account/src/signature/mod.rs b/circuit/account/src/signature/mod.rs index 19b02b4c26..20df24e4cc 100644 --- a/circuit/account/src/signature/mod.rs +++ b/circuit/account/src/signature/mod.rs @@ -181,16 +181,16 @@ mod tests { #[test] fn test_signature_new_constant() -> Result<()> { - check_new(Mode::Constant, 276, 0, 0, 0) + check_new(Mode::Constant, 22, 0, 0, 0) } #[test] fn test_signature_new_public() -> Result<()> { - check_new(Mode::Public, 9, 6, 869, 873) + check_new(Mode::Public, 8, 6, 24, 26) } #[test] fn test_signature_new_private() -> Result<()> { - check_new(Mode::Private, 9, 0, 875, 873) + check_new(Mode::Private, 8, 0, 30, 26) } } diff --git a/circuit/account/src/signature/ternary.rs b/circuit/account/src/signature/ternary.rs index ec05c19753..99699d1ebc 100644 --- a/circuit/account/src/signature/ternary.rs +++ b/circuit/account/src/signature/ternary.rs @@ -46,7 +46,7 @@ impl Metrics, Output = Signature>> (Mode::Constant, _, _) | (Mode::Public, Mode::Constant, Mode::Constant) | (Mode::Private, Mode::Constant, Mode::Constant) => Count::is(0, 0, 0, 0), - _ => Count::is(0, 0, 7, 7), + _ => Count::is(0, 0, 6, 6), } } } diff --git a/circuit/account/src/signature/verify.rs b/circuit/account/src/signature/verify.rs index cdaebe9cdd..f50af8fd11 100644 --- a/circuit/account/src/signature/verify.rs +++ b/circuit/account/src/signature/verify.rs @@ -128,31 +128,31 @@ pub(crate) mod tests { #[test] fn test_verify_constant() -> Result<()> { - check_verify(Mode::Constant, 4514, 0, 0, 0) + check_verify(Mode::Constant, 4768, 0, 0, 0) } #[test] fn test_verify_public() -> Result<()> { - check_verify(Mode::Public, 1757, 0, 7783, 7789) + check_verify(Mode::Public, 1758, 0, 8628, 8636) } #[test] fn test_verify_private() -> Result<()> { - check_verify(Mode::Private, 1757, 0, 7783, 7789) + check_verify(Mode::Private, 1758, 0, 8628, 8636) } #[test] fn test_verify_large_constant() -> Result<()> { - check_verify_large(Mode::Constant, 4514, 0, 0, 0) + check_verify_large(Mode::Constant, 4768, 0, 0, 0) } #[test] fn test_verify_large_public() -> Result<()> { - check_verify_large(Mode::Public, 1757, 0, 8308, 8314) + check_verify_large(Mode::Public, 1758, 0, 9153, 9161) } #[test] fn test_verify_large_private() -> Result<()> { - check_verify_large(Mode::Private, 1757, 0, 8308, 8314) + check_verify_large(Mode::Private, 1758, 0, 9153, 9161) } } diff --git a/circuit/program/src/request/verify.rs b/circuit/program/src/request/verify.rs index 86dd773a28..08fcaa38b3 100644 --- a/circuit/program/src/request/verify.rs +++ b/circuit/program/src/request/verify.rs @@ -394,16 +394,16 @@ mod tests { // Note: This is correct. At this (high) level of a program, we override the default mode in the `Record` case, // based on the user-defined visibility in the record type. Thus, we have nonzero private and constraint values. // These bounds are determined experimentally. - check_verify(Mode::Constant, 42520, 0, 17494, 17518) + check_verify(Mode::Constant, 43243, 0, 17494, 17518) } #[test] fn test_sign_and_verify_public() -> Result<()> { - check_verify(Mode::Public, 40018, 0, 26401, 26429) + check_verify(Mode::Public, 40494, 0, 27246, 27276) } #[test] fn test_sign_and_verify_private() -> Result<()> { - check_verify(Mode::Private, 40018, 0, 26401, 26429) + check_verify(Mode::Private, 40494, 0, 27246, 27276) } } diff --git a/console/account/src/address/try_from.rs b/console/account/src/address/try_from.rs index 299e09b72e..154e0d4363 100644 --- a/console/account/src/address/try_from.rs +++ b/console/account/src/address/try_from.rs @@ -50,7 +50,7 @@ impl TryFrom<&ComputeKey> for Address { /// Derives the account address from an account compute key. fn try_from(compute_key: &ComputeKey) -> Result { - Ok(compute_key.to_address()) + compute_key.to_address() } } diff --git a/console/account/src/compute_key/mod.rs b/console/account/src/compute_key/mod.rs index 1fadf472be..d310e73669 100644 --- a/console/account/src/compute_key/mod.rs +++ b/console/account/src/compute_key/mod.rs @@ -36,8 +36,6 @@ pub struct ComputeKey { pk_sig: Group, /// The signature public randomizer `pr_sig` := G^r_sig. pr_sig: Group, - /// The PRF secret key `sk_prf` := HashToScalar(pk_sig || pr_sig). - sk_prf: Scalar, } impl ComputeKey { @@ -51,8 +49,9 @@ impl ComputeKey { self.pr_sig } - /// Returns a reference to the PRF secret key. - pub const fn sk_prf(&self) -> Scalar { - self.sk_prf + /// Returns the PRF secret key. + pub fn sk_prf(&self) -> Result> { + // Compute sk_prf := hash(pk_sig || pr_sig). + N::hash_to_scalar_psd4(&[self.pk_sig.to_x_coordinate(), self.pr_sig.to_x_coordinate()]) } } diff --git a/console/account/src/compute_key/to_address.rs b/console/account/src/compute_key/to_address.rs index 3dc6eae1af..9e7df2f1b7 100644 --- a/console/account/src/compute_key/to_address.rs +++ b/console/account/src/compute_key/to_address.rs @@ -16,11 +16,11 @@ use super::*; impl ComputeKey { /// Returns the address corresponding to the compute key. - pub fn to_address(&self) -> Address { + pub fn to_address(&self) -> Result> { // Compute pk_prf := G^sk_prf. - let pk_prf = N::g_scalar_multiply(&self.sk_prf); + let pk_prf = N::g_scalar_multiply(&self.sk_prf()?); // Compute the address := pk_sig + pr_sig + pk_prf. - Address::new(self.pk_sig + self.pr_sig + pk_prf) + Ok(Address::new(self.pk_sig + self.pr_sig + pk_prf)) } } @@ -43,7 +43,7 @@ mod tests { let compute_key = ComputeKey::try_from(private_key)?; let address = Address::try_from(private_key)?; - assert_eq!(address, compute_key.to_address()); + assert_eq!(address, compute_key.to_address()?); } Ok(()) } diff --git a/console/account/src/compute_key/try_from.rs b/console/account/src/compute_key/try_from.rs index e652ca8323..3699c36c35 100644 --- a/console/account/src/compute_key/try_from.rs +++ b/console/account/src/compute_key/try_from.rs @@ -44,10 +44,8 @@ impl TryFrom<(Group, Group)> for ComputeKey { /// Derives the account compute key from a tuple `(pk_sig, pr_sig)`. fn try_from((pk_sig, pr_sig): (Group, Group)) -> Result { - // Compute sk_prf := HashToScalar(pk_sig || pr_sig). - let sk_prf = N::hash_to_scalar_psd4(&[pk_sig.to_x_coordinate(), pr_sig.to_x_coordinate()])?; // Output the compute key. - Ok(Self { pk_sig, pr_sig, sk_prf }) + Ok(Self { pk_sig, pr_sig }) } } @@ -78,14 +76,6 @@ mod tests { let private_key = PrivateKey::::new(&mut rng)?; let candidate = ComputeKey::try_from(private_key)?; - // Check that sk_prf matches. - // Compute sk_prf := HashToScalar(pk_sig || pr_sig). - let candidate_sk_prf = CurrentNetwork::hash_to_scalar_psd4(&[ - candidate.pk_sig().to_x_coordinate(), - candidate.pr_sig().to_x_coordinate(), - ])?; - assert_eq!(candidate.sk_prf(), candidate_sk_prf); - // Check that compute key is derived correctly from the tuple `(pk_sig, pr_sig)`. assert_eq!(candidate, ComputeKey::try_from((candidate.pk_sig(), candidate.pr_sig()))?); } diff --git a/console/account/src/signature/mod.rs b/console/account/src/signature/mod.rs index 6b2c0b7db1..e637a81476 100644 --- a/console/account/src/signature/mod.rs +++ b/console/account/src/signature/mod.rs @@ -75,7 +75,7 @@ impl Signature { } /// Returns the signer address. - pub fn to_address(&self) -> Address { + pub fn to_address(&self) -> Result> { self.compute_key.to_address() } } diff --git a/console/account/src/view_key/try_from.rs b/console/account/src/view_key/try_from.rs index 6f11378a93..35a607c057 100644 --- a/console/account/src/view_key/try_from.rs +++ b/console/account/src/view_key/try_from.rs @@ -33,7 +33,7 @@ impl TryFrom<&PrivateKey> for ViewKey { // Derive the compute key. let compute_key = ComputeKey::try_from(private_key)?; // Compute view_key := sk_sig + r_sig + sk_prf. - Ok(Self::from_scalar(private_key.sk_sig() + private_key.r_sig() + compute_key.sk_prf())) + Ok(Self::from_scalar(private_key.sk_sig() + private_key.r_sig() + compute_key.sk_prf()?)) } } @@ -44,7 +44,7 @@ impl TryFrom<(&PrivateKey, &ComputeKey)> for ViewKey { /// Initializes a new account view key from an account private key. fn try_from((private_key, compute_key): (&PrivateKey, &ComputeKey)) -> Result { // Compute view_key := sk_sig + r_sig + sk_prf. - Ok(Self::from_scalar(private_key.sk_sig() + private_key.r_sig() + compute_key.sk_prf())) + Ok(Self::from_scalar(private_key.sk_sig() + private_key.r_sig() + compute_key.sk_prf()?)) } } @@ -69,7 +69,7 @@ mod tests { // Check that the view key matches. // Compute view_key := sk_sig + r_sig + sk_prf. - let candidate = ViewKey(private_key.sk_sig() + private_key.r_sig() + compute_key.sk_prf()); + let candidate = ViewKey(private_key.sk_sig() + private_key.r_sig() + compute_key.sk_prf()?); assert_eq!(view_key, candidate); let view_key2 = ViewKey::try_from((&private_key, &compute_key))?; diff --git a/ledger/authority/src/lib.rs b/ledger/authority/src/lib.rs index a3fcf38adf..d4622540a7 100644 --- a/ledger/authority/src/lib.rs +++ b/ledger/authority/src/lib.rs @@ -106,10 +106,10 @@ impl Authority { /// Returns address of the authority. /// If the authority is a beacon, the address of the signer is returned. /// If the authority is a quorum, the address of the leader is returned. - pub fn to_address(&self) -> Address { + pub fn to_address(&self) -> Result> { match self { Self::Beacon(signature) => signature.to_address(), - Self::Quorum(subdag) => subdag.leader_address(), + Self::Quorum(subdag) => Ok(subdag.leader_address()), } } } diff --git a/ledger/block/src/lib.rs b/ledger/block/src/lib.rs index ff495b2ade..230065aa07 100644 --- a/ledger/block/src/lib.rs +++ b/ledger/block/src/lib.rs @@ -151,7 +151,7 @@ impl Block { match &authority { Authority::Beacon(signature) => { // Derive the signer address. - let address = signature.to_address(); + let address = signature.to_address()?; // Ensure the signature is valid. ensure!(signature.verify(&address, &[block_hash]), "Invalid signature for block {}", header.height()); } diff --git a/ledger/block/src/verify.rs b/ledger/block/src/verify.rs index eee243e537..d3bd1020ff 100644 --- a/ledger/block/src/verify.rs +++ b/ledger/block/src/verify.rs @@ -174,7 +174,7 @@ impl Block { match &self.authority { Authority::Beacon(signature) => { // Retrieve the signer. - let signer = signature.to_address(); + let signer = signature.to_address()?; // Ensure the block is signed by a committee member. ensure!( current_committee.members().contains_key(&signer), diff --git a/ledger/narwhal/batch-certificate/src/lib.rs b/ledger/narwhal/batch-certificate/src/lib.rs index bfdc385016..12c2237d92 100644 --- a/ledger/narwhal/batch-certificate/src/lib.rs +++ b/ledger/narwhal/batch-certificate/src/lib.rs @@ -82,7 +82,7 @@ impl BatchCertificate { // Verify the signatures are valid. for (signature, timestamp) in &signatures { let preimage = [batch_header.batch_id(), Field::from_u64(*timestamp as u64)]; - if !signature.verify(&signature.to_address(), &preimage) { + if !signature.verify(&signature.to_address()?, &preimage) { bail!("Invalid batch certificate signature") } } @@ -94,7 +94,7 @@ impl BatchCertificate { pub fn from(batch_header: BatchHeader, signatures: IndexSet>) -> Result { // Verify the signatures are valid. for signature in &signatures { - if !signature.verify(&signature.to_address(), &[batch_header.batch_id()]) { + if !signature.verify(&signature.to_address()?, &[batch_header.batch_id()]) { bail!("Invalid batch certificate signature") } }