search

axelarnetwork / tofn

A threshold cryptography library in Rust
Apache License 2.0
113 stars 23 forks source link

nondeterministic test failure #14

Closed ggutoski closed 3 years ago

ggutoski commented 3 years ago

If you run enough tests then eventually you'll see something like this:

thread 'protocol::gg20::sign::tests::basic_correctness_many_times' panicked at 'assertion failed: `(left == right)`
  left: `31`,
 right: `32`', /Users/gus/.cargo/registry/src/github.com-1ecc6299db9ec823/generic-array-0.14.4/src/lib.rs:559:9
stack backtrace:
   0: rust_begin_unwind
             at /rustc/2fd73fabe469357a12c2c974c140f67e7cdd76d0/library/std/src/panicking.rs:493:5
   1: core::panicking::panic_fmt
             at /rustc/2fd73fabe469357a12c2c974c140f67e7cdd76d0/library/core/src/panicking.rs:92:14
   2: <&generic_array::GenericArray<T,N> as core::convert::From<&[T]>>::from
             at /Users/gus/.cargo/registry/src/github.com-1ecc6299db9ec823/generic-array-0.14.4/src/lib.rs:559:9
   3: <T as core::convert::Into<U>>::into
             at /Users/gus/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/src/rust/library/core/src/convert/mod.rs:539:9
   4: generic_array::GenericArray<T,N>::from_slice
             at /Users/gus/.cargo/registry/src/github.com-1ecc6299db9ec823/generic-array-0.14.4/src/lib.rs:541:9
   5: tofn::protocol::gg20::sign::r8::<impl tofn::protocol::gg20::sign::Sign>::r8
             at ./src/protocol/gg20/sign/r8.rs:38:43
   6: tofn::protocol::gg20::sign::tests::basic_correctness_inner
             at ./src/protocol/gg20/sign/tests.rs:218:19
   7: tofn::protocol::gg20::sign::tests::basic_correctness_many_times
             at ./src/protocol/gg20/sign/tests.rs:30:13
   8: tofn::protocol::gg20::sign::tests::basic_correctness_many_times::{{closure}}
             at ./src/protocol/gg20/sign/tests.rs:24:1
   9: core::ops::function::FnOnce::call_once
             at /Users/gus/.rustup/toolchains/stable-x86_64-apple-darwin/lib/rustlib/src/rust/library/core/src/ops/function.rs:227:5
  10: core::ops::function::FnOnce::call_once
             at /rustc/2fd73fabe469357a12c2c974c140f67e7cdd76d0/library/core/src/ops/function.rs:227:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
test protocol::gg20::sign::tests::basic_correctness_many_times ... FAILED

Seems like a bug in the k256 library.

ggutoski commented 3 years ago

The issue is caused by the fact that we currently import signatures generated by curv into k256. curv does not pad scalars to 64 bytes as k256 expects. Every once in a while curve produces a signature with a scalar that fits into 63 bytes, which causes k256 to barf. More info: https://github.com/RustCrypto/elliptic-curves/issues/323

This problem will disappear after we stop using curv.