Better validation of proof shares in Range Proof MPC

dalek-cryptography / bulletproofs

A pure-Rust implementation of Bulletproofs using Ristretto.

MIT License

1.04k stars 217 forks source link

Closed oleganza closed 5 years ago

oleganza commented 5 years ago

Addressing issues raised by the quarkslab audit (to be released soon):

additional size validation for individual proof shares,
correct size_hint for AggregatedGensIter,
reused computation of powers-of-z in the proof aggregation to save a bit of CPU.

cathieyun commented 5 years ago

👀

cathieyun commented 5 years ago

I added the requirement to use minimum 1.2.3 for curve25519-dalek, while we're doing safety tweaks, per @hdevalence 's suggestion.

The share validation updates look good!

oleganza commented 5 years ago

Thanks @cathieyun!