`entropy-protocol`'s `execute_dkg` and `execute_proactive_refresh` functions will panic if we give an out of bounds my_idx - Githubissues

entropyxyz / entropy-core

Protocol and cryptography development.

https://docs.entropy.xyz/

GNU Affero General Public License v3.0

11 stars 2 forks source link

`entropy-protocol`'s `execute_dkg` and `execute_proactive_refresh` functions will panic if we give an out of bounds my_idx #499

Closed ameba23 closed 12 months ago

ameba23 commented 12 months ago

This is a quick and easy one to fix, but i am not going to do it in my current PR as its not directly relevant and there is enough moving parts there already

Why is this issue relevant?

We want to avoid panicking

What steps are required to resolve this?

here: https://github.com/entropyxyz/entropy-core/blob/46a3602d9402cba776b446ded9c26814f7d7403e/crypto/protocol/src/execute_protocol.rs#L176 We want something like let my_id = party_ids.get(*my_idx as usize).ok_or(ProtocolExecutionErr::BadKeyShare("Keyshare index is greater than the number of parties".to_string()))?;

Does this change the spec? HTTP, extrinsic, or storage? Is it breaking? Clearly describe the new interface.

Not breaking

ameba23 commented 12 months ago

I'm closing this for now following this conversation: https://github.com/entropyxyz/entropy-core/pull/414#discussion_r1394758976

but if this ends up biting us later we can re-open it