Missing tests for some type-7 sad path code paths

axelarnetwork / tofn

A threshold cryptography library in Rust

Apache License 2.0

112 stars 23 forks source link

Missing tests for some type-7 sad path code paths #150

Closed ggutoski closed 4 months ago

ggutoski commented 3 years ago

Looks like we're missing tests for the following code paths:

https://github.com/axelarnetwork/tofn/blob/6eb96342b364ce422b5e6166dcc655797b998e3a/src/gg20/sign/r8/type7.rs#L157
https://github.com/axelarnetwork/tofn/blob/6eb96342b364ce422b5e6166dcc655797b998e3a/src/gg20/sign/r8/type7.rs#L178

I vaguely remember from long ago that it was difficult to make a malicious party hit these code paths without also triggering any earlier sad paths.

ggutoski commented 3 years ago

In all malicious tests (not just type-7) now that we've collapsed all protocol faults into a single catch-all ProtocolFault enum variant we have no programmatic way to ensure that the intended code path was actually visited---you need to check the test logs to see it.