diff --git a/Cargo.lock b/Cargo.lock index c2a5575a8275d0..d5fdd5fe1ff30c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -887,7 +887,7 @@ version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" dependencies = [ - "block-padding 0.1.5", + "block-padding", "byte-tools", "byteorder", "generic-array 0.12.4", @@ -899,7 +899,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding 0.2.1", "generic-array 0.14.7", ] @@ -921,12 +920,6 @@ dependencies = [ "byte-tools", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "borsh" version = "0.9.3" @@ -1727,11 +1720,40 @@ dependencies = [ "byteorder", "digest 0.9.0", "rand_core 0.5.1", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek" +version = "4.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a677b8922c94e01bdbb12126b0bc852f00447528dee1782229af9c720c3f348" +dependencies = [ + "cfg-if 1.0.0", + "cpufeatures", + "curve25519-dalek-derive", + "digest 0.10.7", + "fiat-crypto", + "platforms", + "rand_core 0.6.4", + "rustc_version 0.4.0", "serde", "subtle", "zeroize", ] +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.52", +] + [[package]] name = "darling" version = "0.20.1" @@ -1986,7 +2008,7 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ - "curve25519-dalek", + "curve25519-dalek 3.2.1", "ed25519", "rand 0.7.3", "serde", @@ -2161,6 +2183,12 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "835a3dc7d1ec9e75e2b5fb4ba75396837112d2060b03f7d43bc1897c7f7211da" +[[package]] +name = "fiat-crypto" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38793c55593b33412e3ae40c2c9781ffaa6f438f6f8c10f24e71846fbd7ae01e" + [[package]] name = "filedescriptor" version = "0.8.1" @@ -4033,6 +4061,12 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6" +[[package]] +name = "platforms" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db23d408679286588f4d4644f965003d056e3dd5abcaaa938116871d7ce2fee7" + [[package]] name = "plotters" version = "0.3.4" @@ -5166,18 +5200,6 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug 0.3.0", -] - [[package]] name = "sha3" version = "0.10.8" @@ -6581,7 +6603,7 @@ dependencies = [ "bincode", "bv", "caps", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "dlopen2", "fnv", "lazy_static", @@ -6666,7 +6688,7 @@ dependencies = [ "cc", "console_error_panic_hook", "console_log", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "getrandom 0.2.10", "itertools", "js-sys", @@ -6688,7 +6710,7 @@ dependencies = [ "serde_derive", "serde_json", "sha2 0.10.8", - "sha3 0.10.8", + "sha3", "solana-frozen-abi", "solana-frozen-abi-macro", "solana-logger", @@ -7107,7 +7129,7 @@ dependencies = [ "bytemuck", "byteorder", "chrono", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "derivation-path", "digest 0.10.7", "ed25519-dalek", @@ -7137,7 +7159,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.8", - "sha3 0.10.8", + "sha3", "siphasher", "solana-frozen-abi", "solana-frozen-abi-macro", @@ -7709,14 +7731,14 @@ dependencies = [ "aes-gcm-siv", "base64 0.22.0", "bincode", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "itertools", "lazy_static", "merlin", - "rand 0.7.3", + "rand 0.8.5", "serde", "serde_json", - "sha3 0.9.1", + "sha3", "solana-program", "solana-sdk", "subtle", @@ -7731,7 +7753,7 @@ version = "2.0.0" dependencies = [ "bytemuck", "criterion", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "num-derive", "num-traits", "solana-program-runtime", @@ -7744,7 +7766,7 @@ name = "solana-zk-token-proof-program-tests" version = "2.0.0" dependencies = [ "bytemuck", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "solana-program-runtime", "solana-program-test", "solana-sdk", @@ -7760,17 +7782,17 @@ dependencies = [ "bincode", "bytemuck", "byteorder", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "getrandom 0.1.16", "itertools", "lazy_static", "merlin", "num-derive", "num-traits", - "rand 0.7.3", + "rand 0.8.5", "serde", "serde_json", - "sha3 0.9.1", + "sha3", "solana-program", "solana-sdk", "subtle", diff --git a/Cargo.toml b/Cargo.toml index a70915850676a6..2dc5ae1da08300 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -186,7 +186,7 @@ criterion-stats = "0.3.0" crossbeam-channel = "0.5.12" csv = "1.3.0" ctrlc = "3.4.4" -curve25519-dalek = "3.2.1" +curve25519-dalek = { version = "4.1.2", features = ["digest", "rand_core"] } dashmap = "5.5.3" derivation-path = { version = "0.2.0", default-features = false } derivative = "2.2.0" diff --git a/perf/src/sigverify.rs b/perf/src/sigverify.rs index 6078961d42db71..3c434b898a65f4 100644 --- a/perf/src/sigverify.rs +++ b/perf/src/sigverify.rs @@ -1280,7 +1280,7 @@ mod tests { for _ in 0..1_000_000 { thread_rng().fill(&mut input); let ans = get_checked_scalar(&input); - let ref_ans = Scalar::from_canonical_bytes(input); + let ref_ans = Option::::from(Scalar::from_canonical_bytes(input)); if let Some(ref_ans) = ref_ans { passed += 1; assert_eq!(ans.unwrap(), ref_ans.to_bytes()); @@ -1315,7 +1315,8 @@ mod tests { for _ in 0..1_000_000 { thread_rng().fill(&mut input); let ans = check_packed_ge_small_order(&input); - let ref_ge = CompressedEdwardsY::from_slice(&input); + let ref_ge = CompressedEdwardsY::from_slice(&input) + .expect("Input slice should have a length of 32"); if let Some(ref_element) = ref_ge.decompress() { if ref_element.is_small_order() { assert!(!ans); diff --git a/programs/sbf/Cargo.lock b/programs/sbf/Cargo.lock index 14a6a4709fae1a..9d47c8793dbc82 100644 --- a/programs/sbf/Cargo.lock +++ b/programs/sbf/Cargo.lock @@ -700,7 +700,7 @@ version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" dependencies = [ - "block-padding 0.1.5", + "block-padding", "byte-tools", "byteorder 1.5.0", "generic-array 0.12.4", @@ -712,7 +712,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding 0.2.1", "generic-array 0.14.7", ] @@ -734,12 +733,6 @@ dependencies = [ "byte-tools", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "borsh" version = "0.9.3" @@ -1292,11 +1285,40 @@ dependencies = [ "byteorder 1.5.0", "digest 0.9.0", "rand_core 0.5.1", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek" +version = "4.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a677b8922c94e01bdbb12126b0bc852f00447528dee1782229af9c720c3f348" +dependencies = [ + "cfg-if 1.0.0", + "cpufeatures", + "curve25519-dalek-derive", + "digest 0.10.7", + "fiat-crypto", + "platforms", + "rand_core 0.6.4", + "rustc_version", "serde", "subtle", "zeroize", ] +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.52", +] + [[package]] name = "darling" version = "0.20.1" @@ -1534,7 +1556,7 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ - "curve25519-dalek", + "curve25519-dalek 3.2.1", "ed25519", "rand 0.7.3", "serde", @@ -1718,6 +1740,12 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "835a3dc7d1ec9e75e2b5fb4ba75396837112d2060b03f7d43bc1897c7f7211da" +[[package]] +name = "fiat-crypto" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38793c55593b33412e3ae40c2c9781ffaa6f438f6f8c10f24e71846fbd7ae01e" + [[package]] name = "filetime" version = "0.2.10" @@ -3535,6 +3563,12 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6" +[[package]] +name = "platforms" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db23d408679286588f4d4644f965003d056e3dd5abcaaa938116871d7ce2fee7" + [[package]] name = "polyval" version = "0.5.3" @@ -4468,18 +4502,6 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug 0.3.0", -] - [[package]] name = "sha3" version = "0.10.8" @@ -5359,7 +5381,7 @@ dependencies = [ "bincode", "bv", "caps", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "dlopen2", "fnv", "lazy_static", @@ -5415,7 +5437,7 @@ dependencies = [ "cc", "console_error_panic_hook", "console_log", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "getrandom 0.2.10", "itertools", "js-sys", @@ -5436,7 +5458,7 @@ dependencies = [ "serde_bytes", "serde_derive", "sha2 0.10.8", - "sha3 0.10.8", + "sha3", "solana-frozen-abi", "solana-frozen-abi-macro", "solana-sdk-macro", @@ -6226,7 +6248,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.8", - "sha3 0.10.8", + "sha3", "siphasher", "solana-frozen-abi", "solana-frozen-abi-macro", @@ -6662,17 +6684,17 @@ dependencies = [ "bincode", "bytemuck", "byteorder 1.5.0", - "curve25519-dalek", + "curve25519-dalek 4.1.2", "getrandom 0.1.14", "itertools", "lazy_static", "merlin", "num-derive 0.4.2", "num-traits", - "rand 0.7.3", + "rand 0.8.5", "serde", "serde_json", - "sha3 0.9.1", + "sha3", "solana-program", "solana-sdk", "subtle", diff --git a/sdk/program/src/pubkey.rs b/sdk/program/src/pubkey.rs index 2f1ccbdcfbfd7e..aeb20fbbdf3719 100644 --- a/sdk/program/src/pubkey.rs +++ b/sdk/program/src/pubkey.rs @@ -168,6 +168,7 @@ pub fn bytes_are_curve_point>(_bytes: T) -> bool { #[cfg(not(target_os = "solana"))] { curve25519_dalek::edwards::CompressedEdwardsY::from_slice(_bytes.as_ref()) + .expect("Input slice should have a length of 32") .decompress() .is_some() } @@ -948,6 +949,7 @@ mod tests { let is_on_curve = curve25519_dalek::edwards::CompressedEdwardsY::from_slice( &program_address.to_bytes(), ) + .expect("Input slice should have a length of 32") .decompress() .is_some(); assert!(!is_on_curve); diff --git a/zk-sdk/Cargo.toml b/zk-sdk/Cargo.toml index 34d817425b2536..584982db67265e 100644 --- a/zk-sdk/Cargo.toml +++ b/zk-sdk/Cargo.toml @@ -24,10 +24,10 @@ curve25519-dalek = { workspace = true, features = ["serde"] } itertools = { workspace = true } lazy_static = { workspace = true } merlin = { workspace = true } -rand = { version = "0.7" } +rand = { workspace = true } serde = { workspace = true, features = ["derive"] } serde_json = { workspace = true } -sha3 = "0.9" +sha3 = { workspace = true } solana-sdk = { workspace = true } subtle = { workspace = true } zeroize = { workspace = true, features = ["zeroize_derive"] } diff --git a/zk-sdk/src/encryption/elgamal.rs b/zk-sdk/src/encryption/elgamal.rs index 1b1f76c87e55bd..f925a9f18005ad 100644 --- a/zk-sdk/src/encryption/elgamal.rs +++ b/zk-sdk/src/encryption/elgamal.rs @@ -336,7 +336,7 @@ impl ElGamalPubkey { #[allow(non_snake_case)] pub fn new(secret: &ElGamalSecretKey) -> Self { let s = &secret.0; - assert!(s != &Scalar::zero()); + assert!(s != &Scalar::ZERO); ElGamalPubkey(s.invert() * &(*H)) } @@ -404,6 +404,7 @@ impl TryFrom<&[u8]> for ElGamalPubkey { Ok(ElGamalPubkey( CompressedRistretto::from_slice(bytes) + .expect("Input slice should have a length of 32") .decompress() .ok_or(ElGamalError::PubkeyDeserialization)?, )) @@ -559,7 +560,7 @@ impl TryFrom<&[u8]> for ElGamalSecretKey { fn try_from(bytes: &[u8]) -> Result { match bytes.try_into() { Ok(bytes) => Ok(ElGamalSecretKey::from( - Scalar::from_canonical_bytes(bytes) + Option::::from(Scalar::from_canonical_bytes(bytes)) .ok_or(ElGamalError::SecretKeyDeserialization)?, )), _ => Err(ElGamalError::SecretKeyDeserialization), @@ -749,7 +750,9 @@ impl DecryptHandle { } Some(DecryptHandle( - CompressedRistretto::from_slice(bytes).decompress()?, + CompressedRistretto::from_slice(bytes) + .expect("Input slice should have a length of 32") + .decompress()?, )) } } diff --git a/zk-sdk/src/encryption/pedersen.rs b/zk-sdk/src/encryption/pedersen.rs index 2de593771590e6..5236a59c9ade80 100644 --- a/zk-sdk/src/encryption/pedersen.rs +++ b/zk-sdk/src/encryption/pedersen.rs @@ -99,7 +99,7 @@ impl PedersenOpening { pub fn from_bytes(bytes: &[u8]) -> Option { match bytes.try_into() { - Ok(bytes) => Scalar::from_canonical_bytes(bytes).map(PedersenOpening), + Ok(bytes) => Option::from(Scalar::from_canonical_bytes(bytes)).map(PedersenOpening), _ => None, } } @@ -194,7 +194,9 @@ impl PedersenCommitment { } Some(PedersenCommitment( - CompressedRistretto::from_slice(bytes).decompress()?, + CompressedRistretto::from_slice(bytes) + .expect("Input slice should have a length of 32") + .decompress()?, )) } } diff --git a/zk-sdk/src/range_proof/generators.rs b/zk-sdk/src/range_proof/generators.rs index 8a3ccf5a29e842..dfe50bd4863bd4 100644 --- a/zk-sdk/src/range_proof/generators.rs +++ b/zk-sdk/src/range_proof/generators.rs @@ -4,14 +4,14 @@ use { digest::{ExtendableOutput, Update, XofReader}, ristretto::RistrettoPoint, }, - sha3::{Sha3XofReader, Shake256}, + sha3::{Shake256, Shake256Reader}, }; const MAX_GENERATOR_LENGTH: usize = u32::MAX as usize; /// Generators for Pedersen vector commitments that are used for inner-product proofs. struct GeneratorsChain { - reader: Sha3XofReader, + reader: Shake256Reader, } impl GeneratorsChain { diff --git a/zk-sdk/src/range_proof/inner_product.rs b/zk-sdk/src/range_proof/inner_product.rs index 4dcef2eafed772..3a37cb90c4c9a8 100644 --- a/zk-sdk/src/range_proof/inner_product.rs +++ b/zk-sdk/src/range_proof/inner_product.rs @@ -411,10 +411,12 @@ impl InnerProductProof { } let pos = 2 * lg_n * 32; - let a = Scalar::from_canonical_bytes(util::read32(&slice[pos..])) - .ok_or(RangeProofVerificationError::Deserialization)?; - let b = Scalar::from_canonical_bytes(util::read32(&slice[pos + 32..])) + let a = Option::from(Scalar::from_canonical_bytes(util::read32(&slice[pos..]))) .ok_or(RangeProofVerificationError::Deserialization)?; + let b = Option::from(Scalar::from_canonical_bytes(util::read32( + &slice[pos + 32..], + ))) + .ok_or(RangeProofVerificationError::Deserialization)?; Ok(InnerProductProof { L_vec, R_vec, a, b }) } @@ -441,7 +443,7 @@ mod tests { let b: Vec<_> = (0..n).map(|_| Scalar::random(&mut OsRng)).collect(); let c = util::inner_product(&a, &b).unwrap(); - let G_factors: Vec = iter::repeat(Scalar::one()).take(n).collect(); + let G_factors: Vec = iter::repeat(Scalar::ONE).take(n).collect(); let y_inv = Scalar::random(&mut OsRng); let H_factors: Vec = util::exp_iter(y_inv).take(n).collect(); @@ -478,7 +480,7 @@ mod tests { assert!(proof .verify( n, - iter::repeat(Scalar::one()).take(n), + iter::repeat(Scalar::ONE).take(n), util::exp_iter(y_inv).take(n), &P, &Q, @@ -493,7 +495,7 @@ mod tests { assert!(proof .verify( n, - iter::repeat(Scalar::one()).take(n), + iter::repeat(Scalar::ONE).take(n), util::exp_iter(y_inv).take(n), &P, &Q, diff --git a/zk-sdk/src/range_proof/mod.rs b/zk-sdk/src/range_proof/mod.rs index 1808096cadd870..35648cc4b3ef25 100644 --- a/zk-sdk/src/range_proof/mod.rs +++ b/zk-sdk/src/range_proof/mod.rs @@ -151,16 +151,16 @@ impl RangeProof { let mut i = 0; let mut exp_z = z * z; - let mut exp_y = Scalar::one(); + let mut exp_y = Scalar::ONE; for (amount_i, n_i) in amounts.iter().zip(bit_lengths.iter()) { - let mut exp_2 = Scalar::one(); + let mut exp_2 = Scalar::ONE; for j in 0..(*n_i) { // `j` is guaranteed to be at most `u64::BITS` (a 6-bit number) and therefore, // casting is lossless and right shift can be safely unwrapped let a_L_j = Scalar::from(amount_i.checked_shr(j as u32).unwrap() & 1); - let a_R_j = a_L_j - Scalar::one(); + let a_R_j = a_L_j - Scalar::ONE; l_poly.0[i] = a_L_j - z; l_poly.1[i] = s_L[i]; @@ -195,7 +195,7 @@ impl RangeProof { // z^2 * V_1 + z^3 * V_2 + ... + z^{m+1} * V_m + delta(y, z)*G + x*T_1 + x^2*T_2 let x = transcript.challenge_scalar(b"x"); - let mut agg_opening = Scalar::zero(); + let mut agg_opening = Scalar::ZERO; let mut exp_z = z; for opening in openings { exp_z *= z; @@ -226,7 +226,7 @@ impl RangeProof { let w = transcript.challenge_scalar(b"w"); let Q = w * &(*G); - let G_factors: Vec = iter::repeat(Scalar::one()).take(nm).collect(); + let G_factors: Vec = iter::repeat(Scalar::ONE).take(nm).collect(); let H_factors: Vec = util::exp_iter(y.invert()).take(nm).collect(); // generate challenge `c` for consistency with the verifier's transcript @@ -327,7 +327,7 @@ impl RangeProof { let value_commitment_scalars = util::exp_iter(z).take(m).map(|z_exp| c * zz * z_exp); let mega_check = RistrettoPoint::optional_multiscalar_mul( - iter::once(Scalar::one()) + iter::once(Scalar::ONE) .chain(iter::once(x)) .chain(iter::once(c * x)) .chain(iter::once(c * x * x)) @@ -389,11 +389,12 @@ impl RangeProof { let T_1 = CompressedRistretto(util::read32(&slice[2 * 32..])); let T_2 = CompressedRistretto(util::read32(&slice[3 * 32..])); - let t_x = Scalar::from_canonical_bytes(util::read32(&slice[4 * 32..])) + let t_x = Option::from(Scalar::from_canonical_bytes(util::read32(&slice[4 * 32..]))) .ok_or(RangeProofVerificationError::Deserialization)?; - let t_x_blinding = Scalar::from_canonical_bytes(util::read32(&slice[5 * 32..])) - .ok_or(RangeProofVerificationError::Deserialization)?; - let e_blinding = Scalar::from_canonical_bytes(util::read32(&slice[6 * 32..])) + let t_x_blinding = + Option::from(Scalar::from_canonical_bytes(util::read32(&slice[5 * 32..]))) + .ok_or(RangeProofVerificationError::Deserialization)?; + let e_blinding = Option::from(Scalar::from_canonical_bytes(util::read32(&slice[6 * 32..]))) .ok_or(RangeProofVerificationError::Deserialization)?; let ipp_proof = InnerProductProof::from_bytes(&slice[7 * 32..])?; diff --git a/zk-sdk/src/range_proof/util.rs b/zk-sdk/src/range_proof/util.rs index 3d2b50ccb6e993..3b35923eb2d433 100644 --- a/zk-sdk/src/range_proof/util.rs +++ b/zk-sdk/src/range_proof/util.rs @@ -9,7 +9,7 @@ pub struct VecPoly1(pub Vec, pub Vec); impl VecPoly1 { pub fn zero(n: usize) -> Self { - VecPoly1(vec![Scalar::zero(); n], vec![Scalar::zero(); n]) + VecPoly1(vec![Scalar::ZERO; n], vec![Scalar::ZERO; n]) } pub fn inner_product(&self, rhs: &VecPoly1) -> Option { @@ -30,7 +30,7 @@ impl VecPoly1 { pub fn eval(&self, x: Scalar) -> Vec { let n = self.0.len(); - let mut out = vec![Scalar::zero(); n]; + let mut out = vec![Scalar::ZERO; n]; #[allow(clippy::needless_range_loop)] for i in 0..n { out[i] = self.0[i] + self.1[i] * x; @@ -72,7 +72,7 @@ impl Iterator for ScalarExp { /// Return an iterator of the powers of `x`. pub fn exp_iter(x: Scalar) -> ScalarExp { - let next_exp_x = Scalar::one(); + let next_exp_x = Scalar::ONE; ScalarExp { x, next_exp_x } } @@ -81,7 +81,7 @@ pub fn add_vec(a: &[Scalar], b: &[Scalar]) -> Vec { // throw some error //println!("lengths of vectors don't match for vector addition"); } - let mut out = vec![Scalar::zero(); b.len()]; + let mut out = vec![Scalar::ZERO; b.len()]; for i in 0..a.len() { out[i] = a[i] + b[i]; } @@ -101,7 +101,7 @@ pub fn read32(data: &[u8]) -> [u8; 32] { /// \\] /// Errors if the lengths of \\(\mathbf{a}\\) and \\(\mathbf{b}\\) are not equal. pub fn inner_product(a: &[Scalar], b: &[Scalar]) -> Option { - let mut out = Scalar::zero(); + let mut out = Scalar::ZERO; if a.len() != b.len() { return None; } @@ -123,7 +123,7 @@ pub fn sum_of_powers(x: &Scalar, n: usize) -> Scalar { return Scalar::from(n as u64); } let mut m = n; - let mut result = Scalar::one() + x; + let mut result = Scalar::ONE + x; let mut factor = *x; while m > 2 { factor = factor * factor; diff --git a/zk-sdk/src/sigma_proofs/ciphertext_ciphertext_equality.rs b/zk-sdk/src/sigma_proofs/ciphertext_ciphertext_equality.rs index 70a5de9c4c5efb..24fca4fa649791 100644 --- a/zk-sdk/src/sigma_proofs/ciphertext_ciphertext_equality.rs +++ b/zk-sdk/src/sigma_proofs/ciphertext_ciphertext_equality.rs @@ -189,7 +189,7 @@ impl CiphertextCiphertextEqualityProof { vec![ &self.z_s, // z_s &(-&c), // -c - &(-&Scalar::one()), // -identity + &(-&Scalar::ONE), // -identity &(&w * &self.z_x), // w * z_x &(&w * &self.z_s), // w * z_s &(&w_negated * &c), // -w * c diff --git a/zk-sdk/src/sigma_proofs/ciphertext_commitment_equality.rs b/zk-sdk/src/sigma_proofs/ciphertext_commitment_equality.rs index 768b07b216cdbe..0b361ffbcf52c4 100644 --- a/zk-sdk/src/sigma_proofs/ciphertext_commitment_equality.rs +++ b/zk-sdk/src/sigma_proofs/ciphertext_commitment_equality.rs @@ -177,7 +177,7 @@ impl CiphertextCommitmentEqualityProof { vec![ &self.z_s, // z_s &(-&c), // -c - &(-&Scalar::one()), // -identity + &(-&Scalar::ONE), // -identity &(&w * &self.z_x), // w * z_x &(&w * &self.z_s), // w * z_s &(&w_negated * &c), // -w * c diff --git a/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_2.rs b/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_2.rs index 7a0952b1f23a6d..dbc1448afc89a9 100644 --- a/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_2.rs +++ b/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_2.rs @@ -176,7 +176,7 @@ impl GroupedCiphertext2HandlesValidityProof { &self.z_r, // z_r &self.z_x, // z_x &(-&c), // -c - &-(&Scalar::one()), // -identity + &-(&Scalar::ONE), // -identity &(&w * &self.z_r), // w * z_r &(&w_negated * &c), // -w * c &w_negated, // -w diff --git a/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_3.rs b/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_3.rs index 1324292315a04c..9b9c533a35b9f3 100644 --- a/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_3.rs +++ b/zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_3.rs @@ -201,7 +201,7 @@ impl GroupedCiphertext3HandlesValidityProof { &self.z_r, // z_r &self.z_x, // z_x &(-&c), // -c - &-(&Scalar::one()), // -identity + &-(&Scalar::ONE), // -identity &(&w * &self.z_r), // w * z_r &(&w_negated * &c), // -w * c &w_negated, // -w diff --git a/zk-sdk/src/sigma_proofs/mod.rs b/zk-sdk/src/sigma_proofs/mod.rs index 2fbc85961c38ff..6b714d5c8a7c43 100644 --- a/zk-sdk/src/sigma_proofs/mod.rs +++ b/zk-sdk/src/sigma_proofs/mod.rs @@ -32,7 +32,9 @@ fn ristretto_point_from_optional_slice( ) -> Result { optional_slice .and_then(|slice| (slice.len() == RISTRETTO_POINT_LEN).then_some(slice)) - .map(CompressedRistretto::from_slice) + .map(|slice| { + CompressedRistretto::from_slice(slice).expect("Input slice should have a length of 32") + }) .ok_or(SigmaProofVerificationError::Deserialization) } @@ -47,6 +49,6 @@ fn canonical_scalar_from_optional_slice( optional_slice .and_then(|slice| (slice.len() == SCALAR_LEN).then_some(slice)) // if chunk is the wrong length, convert to None .and_then(|slice| slice.try_into().ok()) // convert to array - .and_then(Scalar::from_canonical_bytes) + .and_then(|slice| Option::from(Scalar::from_canonical_bytes(slice))) .ok_or(SigmaProofVerificationError::Deserialization) } diff --git a/zk-sdk/src/sigma_proofs/percentage_with_cap.rs b/zk-sdk/src/sigma_proofs/percentage_with_cap.rs index e40303803240f0..d19f300dd236ed 100644 --- a/zk-sdk/src/sigma_proofs/percentage_with_cap.rs +++ b/zk-sdk/src/sigma_proofs/percentage_with_cap.rs @@ -390,7 +390,7 @@ impl PercentageWithCapProof { c_max_proof, -c_max_proof * m, -z_max, - Scalar::one(), + Scalar::ONE, w * z_x, w * z_delta_real, -w * c_equality, diff --git a/zk-sdk/src/sigma_proofs/pubkey.rs b/zk-sdk/src/sigma_proofs/pubkey.rs index e0d80f2a528ef8..22540a9ad5c0d4 100644 --- a/zk-sdk/src/sigma_proofs/pubkey.rs +++ b/zk-sdk/src/sigma_proofs/pubkey.rs @@ -65,7 +65,7 @@ impl PubkeyValidityProof { // extract the relevant scalar and Ristretto points from the input let s = elgamal_keypair.secret().get_scalar(); - assert!(s != &Scalar::zero()); + assert!(s != &Scalar::ZERO); let s_inv = s.invert(); // generate a random masking factor that also serves as a nonce @@ -109,7 +109,7 @@ impl PubkeyValidityProof { .ok_or(SigmaProofVerificationError::Deserialization)?; let check = RistrettoPoint::vartime_multiscalar_mul( - vec![&self.z, &(-&c), &(-&Scalar::one())], + vec![&self.z, &(-&c), &(-&Scalar::ONE)], vec![&(*H), P, &Y], ); diff --git a/zk-sdk/src/sigma_proofs/zero_ciphertext.rs b/zk-sdk/src/sigma_proofs/zero_ciphertext.rs index 28c64bded3c3d3..7588f2182631b8 100644 --- a/zk-sdk/src/sigma_proofs/zero_ciphertext.rs +++ b/zk-sdk/src/sigma_proofs/zero_ciphertext.rs @@ -136,7 +136,7 @@ impl ZeroCiphertextProof { vec![ &self.z, // z &(-&c), // -c - &(-&Scalar::one()), // -identity + &(-&Scalar::ONE), // -identity &(&w * &self.z), // w * z &(&w_negated * &c), // -w * c &w_negated, // -w diff --git a/zk-token-sdk/Cargo.toml b/zk-token-sdk/Cargo.toml index 4d4ff1a21b03af..ab7b693aba8509 100644 --- a/zk-token-sdk/Cargo.toml +++ b/zk-token-sdk/Cargo.toml @@ -29,10 +29,10 @@ getrandom = { version = "0.1", features = ["dummy"] } itertools = { workspace = true } lazy_static = { workspace = true } merlin = { workspace = true } -rand = { version = "0.7" } +rand = { workspace = true } serde = { workspace = true, features = ["derive"] } serde_json = { workspace = true } -sha3 = "0.9" +sha3 = { workspace = true } solana-sdk = { workspace = true } subtle = { workspace = true } zeroize = { workspace = true, features = ["zeroize_derive"] } diff --git a/zk-token-sdk/src/curve25519/edwards.rs b/zk-token-sdk/src/curve25519/edwards.rs index 0dd019b1910d0a..dff37d5529d7af 100644 --- a/zk-token-sdk/src/curve25519/edwards.rs +++ b/zk-token-sdk/src/curve25519/edwards.rs @@ -64,6 +64,7 @@ mod target_arch { fn try_from(pod: &PodEdwardsPoint) -> Result { CompressedEdwardsY::from_slice(&pod.0) + .expect("Input slice should have a length of 32") .decompress() .ok_or(Curve25519Error::PodConversion) } @@ -74,6 +75,7 @@ mod target_arch { fn validate_point(&self) -> bool { CompressedEdwardsY::from_slice(&self.0) + .expect("Input slice should have a length of 32") .decompress() .is_some() } diff --git a/zk-token-sdk/src/curve25519/ristretto.rs b/zk-token-sdk/src/curve25519/ristretto.rs index 772441a32aa65f..837c118438cab3 100644 --- a/zk-token-sdk/src/curve25519/ristretto.rs +++ b/zk-token-sdk/src/curve25519/ristretto.rs @@ -64,6 +64,7 @@ mod target_arch { fn try_from(pod: &PodRistrettoPoint) -> Result { CompressedRistretto::from_slice(&pod.0) + .expect("Input slice should have a length of 32") .decompress() .ok_or(Curve25519Error::PodConversion) } @@ -74,6 +75,7 @@ mod target_arch { fn validate_point(&self) -> bool { CompressedRistretto::from_slice(&self.0) + .expect("Input slice should have a length of 32") .decompress() .is_some() } diff --git a/zk-token-sdk/src/curve25519/scalar.rs b/zk-token-sdk/src/curve25519/scalar.rs index e154851902a043..8f8e07087597ba 100644 --- a/zk-token-sdk/src/curve25519/scalar.rs +++ b/zk-token-sdk/src/curve25519/scalar.rs @@ -18,7 +18,7 @@ mod target_arch { type Error = Curve25519Error; fn try_from(pod: &PodScalar) -> Result { - Scalar::from_canonical_bytes(pod.0).ok_or(Curve25519Error::PodConversion) + Option::from(Scalar::from_canonical_bytes(pod.0)).ok_or(Curve25519Error::PodConversion) } } } diff --git a/zk-token-sdk/src/encryption/elgamal.rs b/zk-token-sdk/src/encryption/elgamal.rs index 7f0a48820a6f35..ac7f765bedafa6 100644 --- a/zk-token-sdk/src/encryption/elgamal.rs +++ b/zk-token-sdk/src/encryption/elgamal.rs @@ -358,7 +358,7 @@ impl ElGamalPubkey { #[allow(non_snake_case)] pub fn new(secret: &ElGamalSecretKey) -> Self { let s = &secret.0; - assert!(s != &Scalar::zero()); + assert_ne!(s, &Scalar::ZERO); ElGamalPubkey(s.invert() * &(*H)) } @@ -379,7 +379,9 @@ impl ElGamalPubkey { } Some(ElGamalPubkey( - CompressedRistretto::from_slice(bytes).decompress()?, + CompressedRistretto::from_slice(bytes) + .expect("Input slice should have a length of 32") + .decompress()?, )) } @@ -442,6 +444,7 @@ impl TryFrom<&[u8]> for ElGamalPubkey { Ok(ElGamalPubkey( CompressedRistretto::from_slice(bytes) + .expect("Input slice should have a length of 32") .decompress() .ok_or(ElGamalError::PubkeyDeserialization)?, )) @@ -552,7 +555,9 @@ impl ElGamalSecretKey { #[deprecated(note = "please use `try_from()` instead")] pub fn from_bytes(bytes: &[u8]) -> Option { match bytes.try_into() { - Ok(bytes) => Scalar::from_canonical_bytes(bytes).map(ElGamalSecretKey), + Ok(bytes) => Scalar::from_canonical_bytes(bytes) + .map(ElGamalSecretKey) + .into(), _ => None, } } @@ -610,7 +615,7 @@ impl TryFrom<&[u8]> for ElGamalSecretKey { fn try_from(bytes: &[u8]) -> Result { match bytes.try_into() { Ok(bytes) => Ok(ElGamalSecretKey::from( - Scalar::from_canonical_bytes(bytes) + Option::::from(Scalar::from_canonical_bytes(bytes)) .ok_or(ElGamalError::SecretKeyDeserialization)?, )), _ => Err(ElGamalError::SecretKeyDeserialization), @@ -800,7 +805,9 @@ impl DecryptHandle { } Some(DecryptHandle( - CompressedRistretto::from_slice(bytes).decompress()?, + CompressedRistretto::from_slice(bytes) + .expect("Input slice should have a length of 32") + .decompress()?, )) } } diff --git a/zk-token-sdk/src/encryption/pedersen.rs b/zk-token-sdk/src/encryption/pedersen.rs index 2de593771590e6..41f3898a5833ca 100644 --- a/zk-token-sdk/src/encryption/pedersen.rs +++ b/zk-token-sdk/src/encryption/pedersen.rs @@ -99,7 +99,9 @@ impl PedersenOpening { pub fn from_bytes(bytes: &[u8]) -> Option { match bytes.try_into() { - Ok(bytes) => Scalar::from_canonical_bytes(bytes).map(PedersenOpening), + Ok(bytes) => Scalar::from_canonical_bytes(bytes) + .map(PedersenOpening) + .into(), _ => None, } } @@ -194,7 +196,9 @@ impl PedersenCommitment { } Some(PedersenCommitment( - CompressedRistretto::from_slice(bytes).decompress()?, + CompressedRistretto::from_slice(bytes) + .expect("Input slice should have a length of 32") + .decompress()?, )) } } diff --git a/zk-token-sdk/src/instruction/zero_balance.rs b/zk-token-sdk/src/instruction/zero_balance.rs index 7d52b80063176e..6dd12a39b20b20 100644 --- a/zk-token-sdk/src/instruction/zero_balance.rs +++ b/zk-token-sdk/src/instruction/zero_balance.rs @@ -1,7 +1,7 @@ //! The zero-balance proof instruction. //! //! A zero-balance proof is defined with respect to a twisted ElGamal ciphertext. The proof -//! certifies that a given ciphertext encrypts the message 0 in the field (`Scalar::zero()`). To +//! certifies that a given ciphertext encrypts the message 0 in the field (`Scalar::ZERO`). To //! generate the proof, a prover must provide the decryption key for the ciphertext. #[cfg(not(target_os = "solana"))] diff --git a/zk-token-sdk/src/range_proof/generators.rs b/zk-token-sdk/src/range_proof/generators.rs index a993d753dcad0c..3550eb2b779b29 100644 --- a/zk-token-sdk/src/range_proof/generators.rs +++ b/zk-token-sdk/src/range_proof/generators.rs @@ -4,7 +4,7 @@ use { digest::{ExtendableOutput, Update, XofReader}, ristretto::RistrettoPoint, }, - sha3::{Sha3XofReader, Shake256}, + sha3::{Shake256, Shake256Reader}, }; #[cfg(not(target_os = "solana"))] @@ -12,7 +12,7 @@ const MAX_GENERATOR_LENGTH: usize = u32::MAX as usize; /// Generators for Pedersen vector commitments that are used for inner-product proofs. struct GeneratorsChain { - reader: Sha3XofReader, + reader: Shake256Reader, } impl GeneratorsChain { diff --git a/zk-token-sdk/src/range_proof/inner_product.rs b/zk-token-sdk/src/range_proof/inner_product.rs index 44e8e0674a3d6a..7f7ae980de6e77 100644 --- a/zk-token-sdk/src/range_proof/inner_product.rs +++ b/zk-token-sdk/src/range_proof/inner_product.rs @@ -411,10 +411,12 @@ impl InnerProductProof { } let pos = 2 * lg_n * 32; - let a = Scalar::from_canonical_bytes(util::read32(&slice[pos..])) - .ok_or(RangeProofVerificationError::Deserialization)?; - let b = Scalar::from_canonical_bytes(util::read32(&slice[pos + 32..])) + let a = Option::from(Scalar::from_canonical_bytes(util::read32(&slice[pos..]))) .ok_or(RangeProofVerificationError::Deserialization)?; + let b = Option::from(Scalar::from_canonical_bytes(util::read32( + &slice[pos + 32..], + ))) + .ok_or(RangeProofVerificationError::Deserialization)?; Ok(InnerProductProof { L_vec, R_vec, a, b }) } @@ -442,7 +444,7 @@ mod tests { let b: Vec<_> = (0..n).map(|_| Scalar::random(&mut OsRng)).collect(); let c = util::inner_product(&a, &b).unwrap(); - let G_factors: Vec = iter::repeat(Scalar::one()).take(n).collect(); + let G_factors: Vec = iter::repeat(Scalar::ONE).take(n).collect(); let y_inv = Scalar::random(&mut OsRng); let H_factors: Vec = util::exp_iter(y_inv).take(n).collect(); @@ -479,7 +481,7 @@ mod tests { assert!(proof .verify( n, - iter::repeat(Scalar::one()).take(n), + iter::repeat(Scalar::ONE).take(n), util::exp_iter(y_inv).take(n), &P, &Q, @@ -494,7 +496,7 @@ mod tests { assert!(proof .verify( n, - iter::repeat(Scalar::one()).take(n), + iter::repeat(Scalar::ONE).take(n), util::exp_iter(y_inv).take(n), &P, &Q, diff --git a/zk-token-sdk/src/range_proof/mod.rs b/zk-token-sdk/src/range_proof/mod.rs index d7c7774d469baf..f047c8b1cb0ae3 100644 --- a/zk-token-sdk/src/range_proof/mod.rs +++ b/zk-token-sdk/src/range_proof/mod.rs @@ -149,16 +149,16 @@ impl RangeProof { let mut i = 0; let mut exp_z = z * z; - let mut exp_y = Scalar::one(); + let mut exp_y = Scalar::ONE; for (amount_i, n_i) in amounts.iter().zip(bit_lengths.iter()) { - let mut exp_2 = Scalar::one(); + let mut exp_2 = Scalar::ONE; for j in 0..(*n_i) { // `j` is guaranteed to be at most `u64::BITS` (a 6-bit number) and therefore, // casting is lossless and right shift can be safely unwrapped let a_L_j = Scalar::from(amount_i.checked_shr(j as u32).unwrap() & 1); - let a_R_j = a_L_j - Scalar::one(); + let a_R_j = a_L_j - Scalar::ONE; l_poly.0[i] = a_L_j - z; l_poly.1[i] = s_L[i]; @@ -193,7 +193,7 @@ impl RangeProof { // z^2 * V_1 + z^3 * V_2 + ... + z^{m+1} * V_m + delta(y, z)*G + x*T_1 + x^2*T_2 let x = transcript.challenge_scalar(b"x"); - let mut agg_opening = Scalar::zero(); + let mut agg_opening = Scalar::ZERO; let mut exp_z = z; for opening in openings { exp_z *= z; @@ -224,7 +224,7 @@ impl RangeProof { let w = transcript.challenge_scalar(b"w"); let Q = w * &(*G); - let G_factors: Vec = iter::repeat(Scalar::one()).take(nm).collect(); + let G_factors: Vec = iter::repeat(Scalar::ONE).take(nm).collect(); let H_factors: Vec = util::exp_iter(y.invert()).take(nm).collect(); // generate challenge `c` for consistency with the verifier's transcript @@ -325,7 +325,7 @@ impl RangeProof { let value_commitment_scalars = util::exp_iter(z).take(m).map(|z_exp| c * zz * z_exp); let mega_check = RistrettoPoint::optional_multiscalar_mul( - iter::once(Scalar::one()) + iter::once(Scalar::ONE) .chain(iter::once(x)) .chain(iter::once(c * x)) .chain(iter::once(c * x * x)) @@ -387,11 +387,12 @@ impl RangeProof { let T_1 = CompressedRistretto(util::read32(&slice[2 * 32..])); let T_2 = CompressedRistretto(util::read32(&slice[3 * 32..])); - let t_x = Scalar::from_canonical_bytes(util::read32(&slice[4 * 32..])) + let t_x = Option::from(Scalar::from_canonical_bytes(util::read32(&slice[4 * 32..]))) .ok_or(RangeProofVerificationError::Deserialization)?; - let t_x_blinding = Scalar::from_canonical_bytes(util::read32(&slice[5 * 32..])) - .ok_or(RangeProofVerificationError::Deserialization)?; - let e_blinding = Scalar::from_canonical_bytes(util::read32(&slice[6 * 32..])) + let t_x_blinding = + Option::from(Scalar::from_canonical_bytes(util::read32(&slice[5 * 32..]))) + .ok_or(RangeProofVerificationError::Deserialization)?; + let e_blinding = Option::from(Scalar::from_canonical_bytes(util::read32(&slice[6 * 32..]))) .ok_or(RangeProofVerificationError::Deserialization)?; let ipp_proof = InnerProductProof::from_bytes(&slice[7 * 32..])?; diff --git a/zk-token-sdk/src/range_proof/util.rs b/zk-token-sdk/src/range_proof/util.rs index 4a76543d475bc0..0fea176af61ccf 100644 --- a/zk-token-sdk/src/range_proof/util.rs +++ b/zk-token-sdk/src/range_proof/util.rs @@ -8,7 +8,7 @@ pub struct VecPoly1(pub Vec, pub Vec); impl VecPoly1 { pub fn zero(n: usize) -> Self { - VecPoly1(vec![Scalar::zero(); n], vec![Scalar::zero(); n]) + VecPoly1(vec![Scalar::ZERO; n], vec![Scalar::ZERO; n]) } pub fn inner_product(&self, rhs: &VecPoly1) -> Option { @@ -29,7 +29,7 @@ impl VecPoly1 { pub fn eval(&self, x: Scalar) -> Vec { let n = self.0.len(); - let mut out = vec![Scalar::zero(); n]; + let mut out = vec![Scalar::ZERO; n]; #[allow(clippy::needless_range_loop)] for i in 0..n { out[i] = self.0[i] + self.1[i] * x; @@ -71,7 +71,7 @@ impl Iterator for ScalarExp { /// Return an iterator of the powers of `x`. pub fn exp_iter(x: Scalar) -> ScalarExp { - let next_exp_x = Scalar::one(); + let next_exp_x = Scalar::ONE; ScalarExp { x, next_exp_x } } @@ -80,7 +80,7 @@ pub fn add_vec(a: &[Scalar], b: &[Scalar]) -> Vec { // throw some error //println!("lengths of vectors don't match for vector addition"); } - let mut out = vec![Scalar::zero(); b.len()]; + let mut out = vec![Scalar::ZERO; b.len()]; for i in 0..a.len() { out[i] = a[i] + b[i]; } @@ -100,7 +100,7 @@ pub fn read32(data: &[u8]) -> [u8; 32] { /// \\] /// Errors if the lengths of \\(\mathbf{a}\\) and \\(\mathbf{b}\\) are not equal. pub fn inner_product(a: &[Scalar], b: &[Scalar]) -> Option { - let mut out = Scalar::zero(); + let mut out = Scalar::ZERO; if a.len() != b.len() { return None; } @@ -122,7 +122,7 @@ pub fn sum_of_powers(x: &Scalar, n: usize) -> Scalar { return Scalar::from(n as u64); } let mut m = n; - let mut result = Scalar::one() + x; + let mut result = Scalar::ONE + x; let mut factor = *x; while m > 2 { factor = factor * factor; diff --git a/zk-token-sdk/src/sigma_proofs/ciphertext_ciphertext_equality_proof.rs b/zk-token-sdk/src/sigma_proofs/ciphertext_ciphertext_equality_proof.rs index 70a5de9c4c5efb..24fca4fa649791 100644 --- a/zk-token-sdk/src/sigma_proofs/ciphertext_ciphertext_equality_proof.rs +++ b/zk-token-sdk/src/sigma_proofs/ciphertext_ciphertext_equality_proof.rs @@ -189,7 +189,7 @@ impl CiphertextCiphertextEqualityProof { vec![ &self.z_s, // z_s &(-&c), // -c - &(-&Scalar::one()), // -identity + &(-&Scalar::ONE), // -identity &(&w * &self.z_x), // w * z_x &(&w * &self.z_s), // w * z_s &(&w_negated * &c), // -w * c diff --git a/zk-token-sdk/src/sigma_proofs/ciphertext_commitment_equality_proof.rs b/zk-token-sdk/src/sigma_proofs/ciphertext_commitment_equality_proof.rs index 768b07b216cdbe..0b361ffbcf52c4 100644 --- a/zk-token-sdk/src/sigma_proofs/ciphertext_commitment_equality_proof.rs +++ b/zk-token-sdk/src/sigma_proofs/ciphertext_commitment_equality_proof.rs @@ -177,7 +177,7 @@ impl CiphertextCommitmentEqualityProof { vec![ &self.z_s, // z_s &(-&c), // -c - &(-&Scalar::one()), // -identity + &(-&Scalar::ONE), // -identity &(&w * &self.z_x), // w * z_x &(&w * &self.z_s), // w * z_s &(&w_negated * &c), // -w * c diff --git a/zk-token-sdk/src/sigma_proofs/fee_proof.rs b/zk-token-sdk/src/sigma_proofs/fee_proof.rs index c3a431768f1226..7dbbce77589cce 100644 --- a/zk-token-sdk/src/sigma_proofs/fee_proof.rs +++ b/zk-token-sdk/src/sigma_proofs/fee_proof.rs @@ -358,7 +358,7 @@ impl FeeSigmaProof { c_max_proof, -c_max_proof * m, -z_max, - Scalar::one(), + Scalar::ONE, w * z_x, w * z_delta_real, -w * c_equality, diff --git a/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_2.rs b/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_2.rs index 1c1a57997e4740..bef2a4b6c73747 100644 --- a/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_2.rs +++ b/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_2.rs @@ -172,7 +172,7 @@ impl GroupedCiphertext2HandlesValidityProof { &self.z_r, // z_r &self.z_x, // z_x &(-&c), // -c - &-(&Scalar::one()), // -identity + &-(&Scalar::ONE), // -identity &(&w * &self.z_r), // w * z_r &(&w_negated * &c), // -w * c &w_negated, // -w diff --git a/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_3.rs b/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_3.rs index 1324292315a04c..9b9c533a35b9f3 100644 --- a/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_3.rs +++ b/zk-token-sdk/src/sigma_proofs/grouped_ciphertext_validity_proof/handles_3.rs @@ -201,7 +201,7 @@ impl GroupedCiphertext3HandlesValidityProof { &self.z_r, // z_r &self.z_x, // z_x &(-&c), // -c - &-(&Scalar::one()), // -identity + &-(&Scalar::ONE), // -identity &(&w * &self.z_r), // w * z_r &(&w_negated * &c), // -w * c &w_negated, // -w diff --git a/zk-token-sdk/src/sigma_proofs/mod.rs b/zk-token-sdk/src/sigma_proofs/mod.rs index bad707157a8c33..ee23352557f4ed 100644 --- a/zk-token-sdk/src/sigma_proofs/mod.rs +++ b/zk-token-sdk/src/sigma_proofs/mod.rs @@ -38,7 +38,9 @@ fn ristretto_point_from_optional_slice( ) -> Result { optional_slice .and_then(|slice| (slice.len() == RISTRETTO_POINT_LEN).then_some(slice)) - .map(CompressedRistretto::from_slice) + .map(|slice| { + CompressedRistretto::from_slice(slice).expect("Input slice should have a length of 32") + }) .ok_or(SigmaProofVerificationError::Deserialization) } @@ -53,6 +55,6 @@ fn canonical_scalar_from_optional_slice( optional_slice .and_then(|slice| (slice.len() == SCALAR_LEN).then_some(slice)) // if chunk is the wrong length, convert to None .and_then(|slice| slice.try_into().ok()) // convert to array - .and_then(Scalar::from_canonical_bytes) + .and_then(|bytes| Scalar::from_canonical_bytes(bytes).into()) .ok_or(SigmaProofVerificationError::Deserialization) } diff --git a/zk-token-sdk/src/sigma_proofs/pubkey_proof.rs b/zk-token-sdk/src/sigma_proofs/pubkey_proof.rs index e0d80f2a528ef8..22540a9ad5c0d4 100644 --- a/zk-token-sdk/src/sigma_proofs/pubkey_proof.rs +++ b/zk-token-sdk/src/sigma_proofs/pubkey_proof.rs @@ -65,7 +65,7 @@ impl PubkeyValidityProof { // extract the relevant scalar and Ristretto points from the input let s = elgamal_keypair.secret().get_scalar(); - assert!(s != &Scalar::zero()); + assert!(s != &Scalar::ZERO); let s_inv = s.invert(); // generate a random masking factor that also serves as a nonce @@ -109,7 +109,7 @@ impl PubkeyValidityProof { .ok_or(SigmaProofVerificationError::Deserialization)?; let check = RistrettoPoint::vartime_multiscalar_mul( - vec![&self.z, &(-&c), &(-&Scalar::one())], + vec![&self.z, &(-&c), &(-&Scalar::ONE)], vec![&(*H), P, &Y], ); diff --git a/zk-token-sdk/src/sigma_proofs/zero_balance_proof.rs b/zk-token-sdk/src/sigma_proofs/zero_balance_proof.rs index 3585978c76c1df..9a20cb4fefba34 100644 --- a/zk-token-sdk/src/sigma_proofs/zero_balance_proof.rs +++ b/zk-token-sdk/src/sigma_proofs/zero_balance_proof.rs @@ -136,7 +136,7 @@ impl ZeroBalanceProof { vec![ &self.z, // z &(-&c), // -c - &(-&Scalar::one()), // -identity + &(-&Scalar::ONE), // -identity &(&w * &self.z), // w * z &(&w_negated * &c), // -w * c &w_negated, // -w diff --git a/zk-token-sdk/src/zk_token_elgamal/convert.rs b/zk-token-sdk/src/zk_token_elgamal/convert.rs index a437c817b41e72..93fba56b3b9260 100644 --- a/zk-token-sdk/src/zk_token_elgamal/convert.rs +++ b/zk-token-sdk/src/zk_token_elgamal/convert.rs @@ -64,7 +64,8 @@ mod target_arch { type Error = ElGamalError; fn try_from(pod: PodScalar) -> Result { - Scalar::from_canonical_bytes(pod.0).ok_or(ElGamalError::CiphertextDeserialization) + Option::from(Scalar::from_canonical_bytes(pod.0)) + .ok_or(ElGamalError::CiphertextDeserialization) } }