Skip to content

Preventing Asset Base from being the identity point on the Pallas curve#71

Merged
vivek-arte merged 18 commits intozsa1from
asset_base_non_identity
Jun 21, 2023
Merged

Preventing Asset Base from being the identity point on the Pallas curve#71
vivek-arte merged 18 commits intozsa1from
asset_base_non_identity

Conversation

@vivek-arte
Copy link

@vivek-arte vivek-arte commented Jun 12, 2023

As in the title, this is done in two portions:

  • A protection is added to AssetBase::derive(), which panics if the output is going to be the identity point. This panic will occur with negligible probability due to the properties of the hash.
  • The verify_supply() function now returns an error if the Asset Base of the notes involved is the identity point.

@what-the-diff
Copy link

what-the-diff bot commented Jun 12, 2023

PR Summary

  • Ensure Asset Base is non-identity
    The Asset Base is now verified to not be an identity value.
  • New error type for identity Asset Base
    A new error type has been introduced for situations when the Asset Base is identity, which occurs in the IssueAction::derive_asset method.

@vivek-arte vivek-arte force-pushed the asset_base_non_identity branch from a715196 to 271b2bf Compare June 13, 2023 01:32
@vivek-arte vivek-arte force-pushed the asset_base_non_identity branch from 6ccf5ff to 112aa1f Compare June 18, 2023 02:37
PaulLaux
PaulLaux reviewed Jun 20, 2023
View reviewed changes
Copy link
Collaborator

@PaulLaux PaulLaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added some comments

src/issuance.rs Outdated

fn generate_identity_point_asset_base() -> AssetBase {
let identity_point =
(pallas::Point::generator() * -pallas::Scalar::one()) + pallas::Point::generator();
Copy link
Collaborator

@PaulLaux PaulLaux Jun 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the source of this expression?

Copy link
Collaborator

@PaulLaux PaulLaux Jun 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Avoid pallas:: by importing the concrete expressions.

Copy link
Author

@vivek-arte vivek-arte Jun 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The expression is from pasta-curves-0.5.1/src/pallas.rs, line 95 (GitHub permalink here).

I used generator() to get a point on the curve instead of using the hard-coded r value over there, as any point on the should generate the identity this way.

Copy link
Author

@vivek-arte vivek-arte Jun 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

imported pallas::Point and pallas::Scalar

PaulLaux
PaulLaux reviewed Jun 20, 2023
View reviewed changes
@vivek-arte vivek-arte merged commit daf6269 into zsa1 Jun 21, 2023
@PaulLaux PaulLaux mentioned this pull request May 14, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PaulLaux PaulLaux PaulLaux approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vivek-arte @PaulLaux