iron-fish · jowparks · Jul 22, 2024 · Aug 14, 2024 · Sep 10, 2024 · Sep 10, 2024
diff --git a/Cargo.toml b/Cargo.toml
@@ -12,20 +12,20 @@ repository = "https://github.com/iron-fish/ironfish-frost"
 blake3 = { version = "1.5.0", optional = true }
 chacha20 = "0.9.1"
 chacha20poly1305 = "0.10.1"
-ed25519-dalek = { version = "2.1.0", features = ["rand_core"] }
+ed25519-dalek = { version = "2.1.0", default-features = false, features = ["rand_core", "alloc"] }
 rand_chacha = { version = "0.3.1", optional = true }
-rand_core = "0.6.4"
-reddsa = { git = "https://github.com/ZcashFoundation/reddsa.git", rev = "b9c3107e6ec5333a89a7fa064f2d10f749a90cce", features = ["frost", "frost-rerandomized"] }
-siphasher = { version = "1.0.0", optional = true }
-x25519-dalek = { version = "2.0.0", features = ["reusable_secrets", "static_secrets"] }
+rand_core = { version = "0.6.4", default-features = false, features = ["alloc"] }
+reddsa = { git = "https://github.com/ZcashFoundation/reddsa.git", rev="9ac52c5c60e454b0032d78a22c05fb79aae1d51e", features = ["frost"], default-features = false }
+siphasher = { version = "1.0.0", default-features = false }
+x25519-dalek = { version = "2.0.0", default-features = false, features = ["reusable_secrets", "static_secrets"] }
 
 [dev-dependencies]
 hex-literal = "0.4.1"
 rand = "0.8.5"
 
 [features]
-default = ["std", "signing"]
+default = ["dkg", "std"]
 
-std = []
-signing = ["dep:blake3", "dep:rand_chacha", "dep:siphasher", "std"]
-dkg = ["std", "signing"]
+std = ["reddsa/std"]
+signing = ["dep:blake3", "dep:rand_chacha", "std"]
+dkg = []
diff --git a/src/checksum.rs b/src/checksum.rs
@@ -2,17 +2,15 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
 
-use std::error;
-use std::fmt;
+use core::fmt;
 
 use siphasher::sip::SipHasher24;
+pub(crate) type ChecksumHasher = SipHasher24;
 
 pub(crate) const CHECKSUM_LEN: usize = 8;
 
 pub(crate) type Checksum = u64;
 
-pub(crate) type ChecksumHasher = SipHasher24;
-
 #[derive(Clone, Debug)]
 pub enum ChecksumError {
     SigningCommitmentError,
@@ -33,4 +31,7 @@ impl fmt::Display for ChecksumError {
     }
 }
 
+#[cfg(feature = "std")]
+use std::error;
+#[cfg(feature = "std")]
 impl error::Error for ChecksumError {}
diff --git a/src/dkg/group_key.rs b/src/dkg/group_key.rs
@@ -2,12 +2,17 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
 
+use crate::io;
 use crate::multienc;
 use crate::participant::Identity;
 use crate::participant::Secret;
 use rand_core::CryptoRng;
 use rand_core::RngCore;
-use std::io;
+
+#[cfg(not(feature = "std"))]
+extern crate alloc;
+#[cfg(not(feature = "std"))]
+use alloc::vec::Vec;
 
 pub const GROUP_SECRET_KEY_LEN: usize = 32;
 

diff --git a/src/dkg/round1.rs b/src/dkg/round1.rs
@@ -14,6 +14,7 @@ use crate::frost::keys::VerifiableSecretSharingCommitment;
 use crate::frost::Field;
 use crate::frost::Identifier;
 use crate::frost::JubjubScalarField;
+use crate::io;
 use crate::multienc;
 use crate::participant;
 use crate::participant::Identity;
@@ -23,12 +24,21 @@ use crate::serde::read_variable_length_bytes;
 use crate::serde::write_u16;
 use crate::serde::write_variable_length;
 use crate::serde::write_variable_length_bytes;
+use core::borrow::Borrow;
 use rand_core::CryptoRng;
 use rand_core::RngCore;
-use std::borrow::Borrow;
-use std::hash::Hasher;
-use std::io;
-use std::mem;
+
+use core::hash::Hasher;
+use core::mem;
+
+#[cfg(not(feature = "std"))]
+extern crate alloc;
+
+#[cfg(not(feature = "std"))]
+use alloc::vec::Vec;
+
+#[cfg(not(feature = "std"))]
+use alloc::string::ToString;
 
 type Scalar = <JubjubScalarField as Field>::Scalar;
 
@@ -153,7 +163,8 @@ pub fn import_secret_package(
     exported: &[u8],
     secret: &participant::Secret,
 ) -> Result<SecretPackage, IronfishFrostError> {
-    let serialized = multienc::decrypt(secret, exported).map_err(io::Error::other)?;
+    let serialized =
+        multienc::decrypt(secret, exported).map_err(IronfishFrostError::DecryptionError)?;
     SerializableSecretPackage::deserialize_from(&serialized[..]).map(|pkg| pkg.into())
 }
 
@@ -293,11 +304,13 @@ where
     let participants = participants;
 
     if !participants.contains(&self_identity) {
-        return Err(IronfishFrostError::InvalidInput);
+        return Err(IronfishFrostError::InvalidInput(
+            "participants must include self_identity".to_string(),
+        ));
     }
 
-    let max_signers =
-        u16::try_from(participants.len()).map_err(|_| IronfishFrostError::InvalidInput)?;
+    let max_signers = u16::try_from(participants.len())
+        .map_err(|_| IronfishFrostError::InvalidInput("too many participants".to_string()))?;
 
     let (secret_package, public_package) = frost::keys::dkg::part1(
         self_identity.to_frost_identifier(),
@@ -307,7 +320,8 @@ where
     )?;
 
     let encrypted_secret_package =
-        export_secret_package(&secret_package, self_identity, &mut csrng)?;
+        export_secret_package(&secret_package, self_identity, &mut csrng)
+            .map_err(IronfishFrostError::EncryptionError)?;
 
     let group_secret_key_shard = GroupSecretKeyShard::random(&mut csrng);
 

diff --git a/src/dkg/round2.rs b/src/dkg/round2.rs
@@ -16,6 +16,7 @@ use crate::frost::keys::VerifiableSecretSharingCommitment;
 use crate::frost::Field;
 use crate::frost::Identifier;
 use crate::frost::JubjubScalarField;
+use crate::io;
 use crate::multienc;
 use crate::participant;
 use crate::participant::Identity;
@@ -25,13 +26,24 @@ use crate::serde::read_variable_length_bytes;
 use crate::serde::write_u16;
 use crate::serde::write_variable_length;
 use crate::serde::write_variable_length_bytes;
+use core::borrow::Borrow;
+use core::hash::Hasher;
+use core::mem;
 use rand_core::CryptoRng;
 use rand_core::RngCore;
-use std::borrow::Borrow;
+// use log::info;
+
+#[cfg(feature = "std")]
 use std::collections::BTreeMap;
-use std::hash::Hasher;
-use std::io;
-use std::mem;
+
+#[cfg(not(feature = "std"))]
+extern crate alloc;
+#[cfg(not(feature = "std"))]
+use alloc::collections::BTreeMap;
+#[cfg(not(feature = "std"))]
+use alloc::string::ToString;
+#[cfg(not(feature = "std"))]
+use alloc::vec::Vec;
 
 type Scalar = <JubjubScalarField as Field>::Scalar;
 
@@ -153,7 +165,8 @@ pub fn import_secret_package(
     exported: &[u8],
     secret: &participant::Secret,
 ) -> Result<SecretPackage, IronfishFrostError> {
-    let serialized = multienc::decrypt(secret, exported).map_err(io::Error::other)?;
+    let serialized =
+        multienc::decrypt(secret, exported).map_err(IronfishFrostError::DecryptionError)?;
     SerializableSecretPackage::deserialize_from(&serialized[..]).map(|pkg| pkg.into())
 }
 
@@ -367,7 +380,17 @@ where
 
     // Ensure that the number of public packages provided matches max_signers
     if round1_public_packages.len() != max_signers as usize {
-        return Err(IronfishFrostError::InvalidInput);
+        #[cfg(feature = "std")]
+        return Err(IronfishFrostError::InvalidInput(format!(
+            "expected {} public packages, got {}",
+            max_signers,
+            round1_public_packages.len()
+        )));
+
+        #[cfg(not(feature = "std"))]
+        return Err(IronfishFrostError::InvalidInput(
+            "incorrect number of round 1 public packages".to_string(),
+        ));
     }
 
     let expected_round1_checksum = round1::input_checksum(
@@ -392,7 +415,16 @@ where
             .insert(frost_identifier, frost_package)
             .is_some()
         {
-            return Err(IronfishFrostError::InvalidInput);
+            #[cfg(feature = "std")]
+            return Err(IronfishFrostError::InvalidInput(format!(
+                "multiple public packages provided for identity {}",
+                public_package.identity()
+            )));
+
+            #[cfg(not(feature = "std"))]
+            return Err(IronfishFrostError::InvalidInput(
+                "multiple public packages provided for an identity".to_string(),
+            ));
         }
 
         identities.insert(frost_identifier, identity);
@@ -418,7 +450,8 @@ where
 
     // Encrypt the secret package
     let encrypted_secret_package =
-        export_secret_package(&round2_secret_package, &self_identity, &mut csrng)?;
+        export_secret_package(&round2_secret_package, &self_identity, &mut csrng)
+            .map_err(IronfishFrostError::EncryptionError)?;
 
     // Convert the Identifier->Package map to an Identity->PublicPackage map
     let mut round2_public_packages = Vec::new();
@@ -680,7 +713,7 @@ mod tests {
         );
 
         match result {
-            Err(IronfishFrostError::InvalidInput) => (),
+            Err(IronfishFrostError::InvalidInput(_)) => (),
             _ => panic!("dkg round2 should have failed with InvalidInput"),
         }
     }
@@ -708,7 +741,7 @@ mod tests {
 
         // We can use `assert_matches` once it's stabilized
         match result {
-            Err(IronfishFrostError::InvalidInput) => (),
+            Err(IronfishFrostError::InvalidInput(_)) => (),
             _ => panic!("dkg round2 should have failed with InvalidInput"),
         }
     }