Implement no_std support #280
Conversation
|
This looks cool. Will check in more detail tomorrow. |
|
It looks like one of the CI failures is just because of rustfmt changes that haven't been applied to the codebase yet; I can make a separate change that fixes them so that this branch can be merged cleanly on top of the fixed style. |
|
Hi - I pulled the branch but I cannot bet a clean build. Can you provide me with you build command? Is is cargo build --no-default-features --features alloc? Thanks. |
I pushed a change to the branch that forces the rand dependency to 0.6, which appears to fix this. Your cargo build command will now work. I was testing the no_std support in an application that used bulletproofs in no_std mode, so it is likely that some other dependency was already requesting 0.6 and cargo's dependency resolution was never actually using a 0.5 rand. |
The badly formatted code was all in places that I changed, so I went ahead and fixed my branch @hdevalence |
|
All checks are now passing. |
|
We are using cargo-nono to see if the libraries reference std and are noticing that the dependencies do. I that expected? Thanks. curve25519-dalek: FAILURE
|
|
Re: I updated the |
|
Hi all, recent changes to Rust nightlies broke the build (by changing the path root for doc(include) path specifiers), so we had to update the |
…ropriate for std and nostd
…m where they are used
…ting default features anymore
…ve Ristretto and Scalar serialization; convert to and from byte arrays when dealing with serialized data structures
… serializing any curve points or scalars directly
…since RangeProof supports it natively with to/from_bytes()
…mode use alloc::vec::Vec
…s as _with_rng, then creating a thread_rng in the compatibility functions in std mode
…erence to the wrapped functions in the convenience wrappers' block comments
|
BTW the CI failures appear to be spurious, it was just failure to connect to github: |
…out default features just works
|
Okay @hdevalence I got rid of the alloc feature and just used alloc everywhere. Building without default features just works now. Let me know if you want me to do anything else. |
|
All tests passing now @hdevalence |
src/range_proof/dealer.rs
Outdated
| @@ -295,15 +302,19 @@ impl<'a, 'b> DealerAwaitingProofShares<'a, 'b> { | |||
| /// performing local aggregation, | |||
| /// [`receive_trusted_shares`](DealerAwaitingProofShares::receive_trusted_shares) | |||
| /// saves time by skipping verification of the aggregated proof. | |||
| pub fn receive_shares(mut self, proof_shares: &[ProofShare]) -> Result<RangeProof, MPCError> { | |||
| pub fn receive_shares<T: RngCore + CryptoRng>( | |||
There was a problem hiding this comment.
I guess this needs to be a new receive_shares_with_rng function, because receive_shares is part of the public API and can't change without a major version bump.
There was a problem hiding this comment.
Ok, I'll rework these so the API doesn't change in std mode.
There was a problem hiding this comment.
Thanks! Sorry again for missing this on the first pass of review 😞
src/range_proof/party.rs
Outdated
| @@ -68,20 +70,18 @@ pub struct PartyAwaitingPosition<'a> { | |||
| impl<'a> PartyAwaitingPosition<'a> { | |||
| /// Assigns a position in the aggregated proof to this party, | |||
| /// allowing the party to commit to the bits of their value. | |||
| pub fn assign_position( | |||
| pub fn assign_position<T: RngCore + CryptoRng>( | |||
There was a problem hiding this comment.
similarly here, assign_position is a stable API
src/range_proof/party.rs
Outdated
| @@ -155,12 +155,11 @@ pub struct PartyAwaitingBitChallenge<'a> { | |||
| impl<'a> PartyAwaitingBitChallenge<'a> { | |||
| /// Receive a [`BitChallenge`] from the dealer and use it to | |||
| /// compute commitments to the party's polynomial coefficients. | |||
| pub fn apply_challenge( | |||
| pub fn apply_challenge<T: RngCore + CryptoRng>( | |||
There was a problem hiding this comment.
apply_challenge is also stable
There was a problem hiding this comment.
Ok, I'll make these changes today.
|
Hey @xoloki, this looks great, I would like to merge it, thanks for all this work! I was doing a final pass over the combined changes and I spotted something I should have noticed before, but didn't: the functions in the |
|
No worries, thanks for all your help getting this in shape. |
|
Ok @hdevalence I fixed the public API to be backwards compatible in std mode, and renamed the nostd public API elements _with_rng. Let me know if you need any more changes. |
| @@ -64,7 +68,7 @@ pub fn exp_iter(x: Scalar) -> ScalarExp { | |||
| pub fn add_vec(a: &[Scalar], b: &[Scalar]) -> Vec<Scalar> { | |||
| if a.len() != b.len() { | |||
| // throw some error | |||
| println!("lengths of vectors don't match for vector addition"); | |||
| //println!("lengths of vectors don't match for vector addition"); | |||
There was a problem hiding this comment.
I think we can probably clean this up in a different PR
Co-Authored-By: Henry de Valence <[email protected]>
src/range_proof/mod.rs
Outdated
| singleparty_create_and_verify_helper(64, 8); | ||
| // XXX disable this test since it's failing with | ||
| // 'attempt to negate with overflow' | ||
| //singleparty_create_and_verify_helper(64, 8); |
There was a problem hiding this comment.
This seems kind of worrying (in the sense that it may point at a problem in the rest of the source code) -- is it reproducible? I tried to reproduce on my machine but I wasn't able to.
There was a problem hiding this comment.
Weird, I thought I reverted this. It was failing locally, but not remotely in CI.
Reverted now.
|
I have a cherry-pick'able commit on a copy of this branch (hdevalence@4191781 ) that undoes the changes to the test code, so that the test code continues to use the previous aggregation API. This way we test that the previous API still works correctly. |
this ensures that the previous API still works
The cherry has been picked, thanks! |
|
Hi @hdevalence, is there anything else you need from me? It would be super helpful if we can get this merged by the end of the month, our auditors would be much happier reviewing an upstream release rather than a fork and a PR. |
|
Hey @xoloki -- I was on vacation so I missed this; I'll try to get this merged before the end of the week! |
|
Excellent, thanks @hdevalence! |
|
Planning to get this merged this afternoon! |
|
Hey @xoloki, I think I'm out of time to do a release for this today but I will do it at the beginning of next week. Sorry that this took so long and thanks so much for your work on this :) |
|
Thanks for the merge! Next week is totally fine for a release. |
This change implements no_std support for the bulletproofs crate. The changes are mostly mechanical. This is the culmination several PRs worth of work, with changes to curve25519 and merlin crates already merged and released.
It was necessary to make minor modifications to some APIs, particularly in regards to RNGs. As discussed by @isislovecruft in #275, the APIs in this change are backwards compatible for those building the crate in std mode. So current users of the bulletproofs crate will see no change. Users wishing to build bulletproofs in no_std mode will need to call the new *_with_rng prove and verfiy functions, and pass in a RNG.
This change is based on the main branch rather than the develop branch. This is because the main branch in the dalek repo has several changes that are not in the develop branch. This made rebasing my change on the upstream develop branch to be problematic.