anza-xyz · yihau · Jul 9, 2024 · Mar 26, 2024 · Jun 19, 2024 · Jun 21, 2024
diff --git a/.github/scripts/downstream-project-spl-common.sh b/.github/scripts/downstream-project-spl-common.sh
@@ -27,3 +27,11 @@ fi
 
 # anza migration stopgap. can be removed when agave is fully recommended for public usage.
 sed -i 's/solana-geyser-plugin-interface/agave-geyser-plugin-interface/g' ./Cargo.toml
+
+# should be removed when spl bump their curve25519-dalek
+sed -i "s/^curve25519-dalek =.*/curve25519-dalek = \"4.1.3\"/" token/client/Cargo.toml
+sed -i "s/^curve25519-dalek =.*/curve25519-dalek = \"4.1.3\"/" token/confidential-transfer/proof-generation/Cargo.toml
+
+# ignore these tests temporarily. see: https://github.com/anza-xyz/agave/pull/1693#issuecomment-2182615788
+sed -i 's/\([ \t]*\)async_trial!(confidential_transfer,/\1\/\/ async_trial!(confidential_transfer,/' token/cli/tests/command.rs
+sed -i '/async fn confidential_transfer_transfer_with_fee_and_split_proof_context_in_parallel(/i #[ignore]' token/program-2022-test/tests/confidential_transfer.rs
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -199,7 +199,7 @@ criterion-stats = "0.3.0"
 crossbeam-channel = "0.5.13"
 csv = "1.3.0"
 ctrlc = "3.4.4"
-curve25519-dalek = "3.2.1"
+curve25519-dalek = { version = "4.1.3", features = ["digest", "rand_core"] }
 dashmap = "5.5.3"
 derivation-path = { version = "0.2.0", default-features = false }
 derivative = "2.2.0"
@@ -507,39 +507,6 @@ solana-program = { path = "sdk/program" }
 solana-zk-sdk = { path = "zk-sdk" }
 solana-zk-token-sdk = { path = "zk-token-sdk" }
 
-# Our dependency tree has `curve25519-dalek` v3.2.1.  They have removed the
-# constraint in the next major release. The commit that removes the `zeroize`
-# constraint was added to multiple release branches, but not to the 3.2 branch.
-#
-# `curve25519-dalek` maintainers are saying they do not want to invest any more
-# time in the 3.2 release:
-#
-# https://github.com/dalek-cryptography/curve25519-dalek/issues/452#issuecomment-1749809428
-#
-# So we have to fork and create our own release, based on v3.2.1, with the
-# commit that removed `zeroize` constraint on the `main` branch cherry-picked on
-# top.
-#
-# `curve25519-dalek` v3.2.1 release:
-#
-# https://github.com/dalek-cryptography/curve25519-dalek/releases/tag/3.2.1
-#
-# Corresponds to commit
-#
-# https://github.com/dalek-cryptography/curve25519-dalek/commit/29e5c29b0e5c6821e4586af58b0d0891dd2ec639
-#
-# Comparison with `b500cdc2a920cd5bff9e2dd974d7b97349d61464`:
-#
-# https://github.com/dalek-cryptography/curve25519-dalek/compare/3.2.1...solana-labs:curve25519-dalek:b500cdc2a920cd5bff9e2dd974d7b97349d61464
-#
-# Or, using the branch name instead of the hash:
-#
-# https://github.com/dalek-cryptography/curve25519-dalek/compare/3.2.1...solana-labs:curve25519-dalek:3.2.1-unpin-zeroize
-#
-[patch.crates-io.curve25519-dalek]
-git = "https://github.com/anza-xyz/curve25519-dalek.git"
-rev = "b500cdc2a920cd5bff9e2dd974d7b97349d61464"
-
 # Solana RPC nodes experience stalls when running with `tokio` containing this
 # commit:
 # https://github.com/tokio-rs/tokio/commit/4eed411519783ef6f58cbf74f886f91142b5cfa6

diff --git a/curves/curve25519/src/edwards.rs b/curves/curve25519/src/edwards.rs
@@ -63,7 +63,10 @@ mod target_arch {
         type Error = Curve25519Error;
 
         fn try_from(pod: &PodEdwardsPoint) -> Result<Self, Self::Error> {
-            CompressedEdwardsY::from_slice(&pod.0)
+            let Ok(compressed_edwards_y) = CompressedEdwardsY::from_slice(&pod.0) else {
+                return Err(Curve25519Error::PodConversion);
+            };
+            compressed_edwards_y
                 .decompress()
                 .ok_or(Curve25519Error::PodConversion)
         }
@@ -73,9 +76,10 @@ mod target_arch {
         type Point = Self;
 
         fn validate_point(&self) -> bool {
-            CompressedEdwardsY::from_slice(&self.0)
-                .decompress()
-                .is_some()
+            let Ok(compressed_edwards_y) = CompressedEdwardsY::from_slice(&self.0) else {
+                return false;
+            };
+            compressed_edwards_y.decompress().is_some()
         }
     }
 

diff --git a/curves/curve25519/src/ristretto.rs b/curves/curve25519/src/ristretto.rs
@@ -63,7 +63,10 @@ mod target_arch {
         type Error = Curve25519Error;
 
         fn try_from(pod: &PodRistrettoPoint) -> Result<Self, Self::Error> {
-            CompressedRistretto::from_slice(&pod.0)
+            let Ok(compressed_ristretto) = CompressedRistretto::from_slice(&pod.0) else {
+                return Err(Curve25519Error::PodConversion);
+            };
+            compressed_ristretto
                 .decompress()
                 .ok_or(Curve25519Error::PodConversion)
         }
@@ -73,9 +76,10 @@ mod target_arch {
         type Point = Self;
 
         fn validate_point(&self) -> bool {
-            CompressedRistretto::from_slice(&self.0)
-                .decompress()
-                .is_some()
+            let Ok(compressed_ristretto) = CompressedRistretto::from_slice(&self.0) else {
+                return false;
+            };
+            compressed_ristretto.decompress().is_some()
         }
     }
 

diff --git a/curves/curve25519/src/scalar.rs b/curves/curve25519/src/scalar.rs
@@ -18,7 +18,9 @@ mod target_arch {
         type Error = Curve25519Error;
 
         fn try_from(pod: &PodScalar) -> Result<Self, Self::Error> {
-            Scalar::from_canonical_bytes(pod.0).ok_or(Curve25519Error::PodConversion)
+            Scalar::from_canonical_bytes(pod.0)
+                .into_option()
+                .ok_or(Curve25519Error::PodConversion)
         }
     }
 
@@ -32,7 +34,9 @@ mod target_arch {
         type Error = Curve25519Error;
 
         fn try_from(pod: PodScalar) -> Result<Self, Self::Error> {
-            Scalar::from_canonical_bytes(pod.0).ok_or(Curve25519Error::PodConversion)
+            Scalar::from_canonical_bytes(pod.0)
+                .into_option()
+                .ok_or(Curve25519Error::PodConversion)
         }
     }
 }
diff --git a/perf/src/sigverify.rs b/perf/src/sigverify.rs
@@ -1280,7 +1280,7 @@ mod tests {
             for _ in 0..1_000_000 {
                 thread_rng().fill(&mut input);
                 let ans = get_checked_scalar(&input);
-                let ref_ans = Scalar::from_canonical_bytes(input);
+                let ref_ans = Scalar::from_canonical_bytes(input).into_option();
                 if let Some(ref_ans) = ref_ans {
                     passed += 1;
                     assert_eq!(ans.unwrap(), ref_ans.to_bytes());
@@ -1315,7 +1315,7 @@ mod tests {
             for _ in 0..1_000_000 {
                 thread_rng().fill(&mut input);
                 let ans = check_packed_ge_small_order(&input);
-                let ref_ge = CompressedEdwardsY::from_slice(&input);
+                let ref_ge = CompressedEdwardsY::from_slice(&input).unwrap();
                 if let Some(ref_element) = ref_ge.decompress() {
                     if ref_element.is_small_order() {
                         assert!(!ans);