add allocate/destroy functions for secp256k1_surjectionproof #55
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Author
|
Ping @apoelstra |
apoelstra
approved these changes
May 26, 2019
Contributor
apoelstra
left a comment
apoelstra
left a comment
There was a problem hiding this comment.
Sorry for the late response.
Contributor
|
Regarding your concerns
|
Contributor
Author
|
Eh, I did not expected this to be merged this quick. I thought that I would have the chance to remove XXX comments.. They are supposed to be temporary (as indicated "by working.. but is not yet finished") Shall I add another PR to remove them ? |
Contributor
Author
|
OK maybe that is not that important. Just that 'XXX' is historically is a sign that something is potentially wrong, and if there's nothing wrong, I think it should be removed or replaced with TODO or NOTE... |
Contributor
Author
|
Added #65 to remove the XXX comments |
tomtau
pushed a commit
to crypto-com/secp256k1-zkp
that referenced
this pull request
Jul 9, 2020
Update version to 0.11
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Relevant issue: #36
This is working, but not yet finished. I am asking for review and comments.
In particular, I am not sure about naming for the functions.
naming allocation function
secp256k1_surjectionproof_create, to be in line with thesecp256k1_scratch_space_create, have a problem that this might get confused withsecp256k1_surjectionproof_generate- completely different function, but the meanings for the words 'create' and 'generate' are close.I decided to use the name
secp256k1_surjectionproof_allocate_initialized- literally what the function would do.At the same time, for the deallocation function, I used 'destroy' (
secp256k1_surjectionproof_destroy), because it is used for this meaning in other places.Other concern what I want to request comments on, is that
secp256k1_surjectionproof_destroycan potentially be called on stack-allocated struct, with bad consequences. It may be good idea to use some sort of marker bytes to distinguish stack/heap allocated structs, and if there is a mixup, then die cleanly, to prevent possible abuse. The marker bytes could be set within_initialize(), and then_allocate_initialized()can adjust these markers slightly, so other checking code would treat them as valid, but_destroy()would be able to easily distinguish between stack and heap allocated struct. But this change would mean the scope of this PR would extend to_initialize()function. Maybe the concern is not that big to warrant changes in_initialize().