Skip to content

Specify rand_core >= 0.5.1 for OsRng import.#137

Merged
str4d merged 1 commit into
zcash:masterfrom
jimpo:rand_core-version
Oct 5, 2019
Merged

Specify rand_core >= 0.5.1 for OsRng import.#137
str4d merged 1 commit into
zcash:masterfrom
jimpo:rand_core-version

Conversation

@jimpo
Copy link
Copy Markdown
Contributor

@jimpo jimpo commented Oct 4, 2019

Fixes issue introduced by #134. rand_core 0.5.0 does not export OsRng in the crate root but 0.5.1 does.

@NikVolf

@str4d str4d added this to the v0.1.0 milestone Oct 4, 2019
str4d
str4d approved these changes Oct 4, 2019
View reviewed changes
Copy link
Copy Markdown
Contributor

@str4d str4d left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK; good catch. This wasn't caught by CI because we were already pinning to rand_core 0.5.1 in Cargo.lock, but this is clearly correct and necessary for correct behaviour in downstream consumers of our crates.

Comment thread librustzcash/Cargo.toml Outdated
@jimpo jimpo force-pushed the rand_core-version branch from 0dc6c32 to 13c0764 Compare October 5, 2019 10:15
@jimpo jimpo force-pushed the rand_core-version branch from 13c0764 to 93563c3 Compare October 5, 2019 10:16
@str4d str4d merged commit 6de1cb1 into zcash:master Oct 5, 2019
greg0x pushed a commit to valargroup/librustzcash that referenced this pull request Mar 12, 2026
@czarcas7ic
Fix PR zcash#137 review findings: sentinels, padding, validation, panics
c7cef68 
- Add sentinel injection (k*2^250 for k=0..16) to pir-export to satisfy
  circuit gap-width constraint (#3)
- Change Tier 2 empty-leaf padding from Fp::zero() to -Fp::one() so
  trailing entries sort after real leaves, fixing binary search (#2)
- Make TierServer::answer_query() return Result with input validation
  (length checks, alignment) instead of panicking on malformed
  requests; handlers return HTTP 400 on error (#1)
- Replace unwrap/assert with fallible returns in pir-client and
  Tier0Data::from_bytes (#4)
greg0x pushed a commit to valargroup/librustzcash that referenced this pull request Mar 12, 2026
@czarcas7ic
Fix PR zcash#137 re-review findings: padding hash, overflow, panic
e1874e4 
- Tier 2 extract_siblings: detect padding leaves (key=p-1, value=0) and
  use hash(0,0) to match empty_hashes[0] from tree construction
- PIR server answer_query: compute payload_len once to avoid overflow on
  attacker-controlled pqr_byte_len
- PIR client connect: validate root29 hex decodes to exactly 32 bytes
  before copy_from_slice
greg0x pushed a commit to valargroup/librustzcash that referenced this pull request Mar 12, 2026
@czarcas7ic
Merge pull request zcash#137 from z-cale/adam/pir-ypir-artifact
996d8eb 
Add PIR-based private nullifier queries using YPIR
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@str4d str4d str4d approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v0.1.0

Development

Successfully merging this pull request may close these issues.

2 participants

@jimpo @str4d